0b560b556ae202686f589fa0e91eeb9b4cd35222f47ed6e256bde714c152e7c6

Sharing

Copy URL

Twitter E-mail

General

Target

0b560b556ae202686f589fa0e91eeb9b4cd35222f47ed6e256bde714c152e7c6
Size

2.1MB
MD5

830fafe27d97c0e122bda52b682772d6
SHA1

0efafb93cf9f113d64a608d787ac8205c166b472
SHA256

0b560b556ae202686f589fa0e91eeb9b4cd35222f47ed6e256bde714c152e7c6
SHA512

e736c0e2f1c0b79ef7af91d160be1baffac2e661d284b9f99f04c134fb2cbeba2e39331b84e51575a8317d3a072b011f2f8b7744e6dcc271dd4e82aebf58af60
SSDEEP

49152:TXfURfWS+BWF89MAoeiDIrjt2BggZst16EQ75Yl6A4n:TXfofWS+BWWOrU/t2qgOhQdvn

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/vcl.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/vcl.dll	upx

Unsigned PE 11 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Eraser.dll
unpack001/Erasext.dll
unpack001/PluginMaker.exe
unpack001/Wywz.exe
unpack001/filed.dll
unpack001/filed.sys
unpack001/lua5.1.dll
unpack001/native.bin
unpack001/subinacl.exe
unpack001/vcl.dll
unpack001/wyzl.dll

Files

0b560b556ae202686f589fa0e91eeb9b4cd35222f47ed6e256bde714c152e7c6
.zip
DefPlugins/AntiFireTools.lua
DefPlugins/ChatTools.cfg
DefPlugins/ChatTools.lua
DefPlugins/CloneCD.lua
DefPlugins/CloneCD.lua.bak
DefPlugins/MediaPlayTools.lua
DefPlugins/Mofirefox.lua
DefPlugins/MsIE.lua
DefPlugins/NetDownload.lua
DefPlugins/NetDownload.lua.bak
DefPlugins/Office.lua
DefPlugins/OtherTools.cfg
DefPlugins/OtherTools.lua
DefPlugins/PaintTools.lua
DefPlugins/Secretset.sfg
DefPlugins/System.lua
DefPlugins/WinRun.lua
DefPlugins/WordEditTools.lua
DefPlugins/ZipTools.lua
DefPlugins/img/Page.ico
Eraser.dll
.dll windows:5 windows x86

b5a732d3c1a351c82ee5651fc954314c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ResumeThread
SuspendThread
VirtualProtect
LockFile
UnlockFile
DuplicateHandle
GetFullPathNameA
GetFileAttributesExA
GetFileSizeEx
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GlobalFlags
InterlockedIncrement
GetCPInfo
GetModuleHandleW
FindResourceExA
RtlUnwind
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
HeapReAlloc
GetCommandLineA
SetThreadPriority
ExitThread
CreateThread
SetStdHandle
GetFileType
HeapSize
IsValidCodePage
HeapCreate
HeapDestroy
GetStdHandle
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
SetHandleCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
GetDriveTypeA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
CompareStringW
SetEnvironmentVariableA
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
ReleaseMutex
CreateMutexA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetCurrentProcessId
GetCurrentThread
GetProcessHeap
GlobalMemoryStatus
GetThreadTimes
GetProcessTimes
GetUserDefaultLangID
GetUserDefaultLCID
GetTimeZoneInformation
GetSystemDefaultLCID
GetOEMCP
GetLogicalDrives
GetSystemInfo
GetStartupInfoA
CreateEventA
QueryPerformanceCounter
VirtualUnlock
VirtualLock
GetSystemTime
DeleteFileW
GetSystemDefaultLangID
CreateDirectoryA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetFileTime
GetModuleFileNameW
LoadLibraryW
GetModuleHandleA
GetModuleFileNameA
GetCurrentDirectoryA
GetFileAttributesW
MoveFileW
GetFileAttributesA
SetEndOfFile
SetLastError
LocalFree
SetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToFileTime
LocalFileTimeToFileTime
DeviceIoControl
ReadFile
VirtualAlloc
GetShortPathNameA
GetPrivateProfileStringA
VirtualFree
GetCurrentProcess
SetSystemPowerState
RemoveDirectoryA
GetACP
FindFirstFileW
FindNextFileW
CopyFileA
CreateFileA
GetFileSize
CloseHandle
GetWindowsDirectoryA
FindFirstFileA
FindNextFileA
FindClose
LoadLibraryA
GetProcAddress
FreeLibrary
GetDiskFreeSpaceA
SetFileAttributesA
GetExitCodeThread
TerminateThread
DeleteFileA
GetCurrentThreadId
GetVersionExA
SetEvent
MoveFileA
Sleep
MultiByteToWideChar
CreateFileW
GetLastError
InterlockedDecrement
FormatMessageA
lstrlenA
LocalAlloc
GetVolumeInformationA
lstrcpynA
SetFilePointer
WaitForSingleObject
WriteFile
FlushFileBuffers
ResetEvent
GetTickCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
ExitProcess
SizeofResource

user32

LoadIconA
SendDlgItemMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetLastActivePopup
SetActiveWindow
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
PeekMessageA
MapWindowPoints
TrackPopupMenu
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
CopyRect
GetDlgCtrlID
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
wsprintfA
GetCaretPos
GetActiveWindow
GetClipboardOwner
GetClipboardViewer
GetDesktopWindow
GetForegroundWindow
GetInputState
GetMessagePos
GetMessageTime
GetOpenClipboardWindow
GetProcessWindowStation
GetDialogBaseUnits
GetKeyboardLayout
GetKeyboardType
GetDoubleClickTime
GetCaretBlinkTime
GetWindow
GetKeyState
TranslateMessage
DispatchMessageA
MessageBoxW
GetWindowLongA
LoadMenuA
GetSubMenu
GetDlgItem
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetClipCursor
GetCursorPos
ClipCursor
ReleaseCapture
EnableWindow
SetCursor
GetClassInfoA
DefWindowProcA
LoadCursorA
GetParent
SetCapture
GetCapture
InvalidateRect
ScreenToClient
ClientToScreen
GetWindowRect
InvertRect
InflateRect
PtInRect
GetSysColor
GetFocus
IsWindowEnabled
SetFocus
ExitWindowsEx
IsWindow
MessageBoxA
GetSystemMetrics
GetClientRect
PostMessageA
MessageBeep
IsCharAlphaNumericA
SendMessageA
CheckMenuItem
GetSysColorBrush
UnregisterClassA
DestroyMenu
EndPaint
BeginPaint
GetWindowDC
CharUpperA
MapDialogRect
GetAsyncKeyState
GetMessageA
ValidateRect
PostQuitMessage
ReleaseDC
GetDC
GetWindowThreadProcessId
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
EnableMenuItem
RegisterWindowMessageA

gdi32

LineTo
MoveToEx
DeleteObject
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SetMapMode
DeleteDC
GetStockObject
CreatePen
CreateSolidBrush
EnumFontFamiliesExA
RestoreDC
SaveDC
GetDeviceCaps
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetTextExtentPoint32A
GetCurrentObject
BitBlt
Polygon
CreateCompatibleDC
GetObjectA
CreateCompatibleBitmap

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueA
RegOpenKeyA
RegEnumKeyA
IsValidSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
LookupAccountSidA
OpenThreadToken
RegEnumValueA
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA
RegQueryValueExA
RegCreateKeyExA
GetTokenInformation
RegSetValueExA
RegOpenKeyExA
RegCloseKey
FileEncryptionStatusA
DecryptFileA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

shlwapi

PathRemoveFileSpecA
PathStripPathA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathAppendA
PathFindExtensionA
PathRemoveFileSpecW

ole32

CoTaskMemFree
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
CoUninitialize
CoInitializeEx

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysAllocString
GetErrorInfo

Exports

Exports

??0CCustomMethodEdit@@QAE@PAVCWnd@@@Z
??0CFileLockResolver@@AAE@KH@Z
??0CFileLockResolver@@QAE@ABV0@@Z
??0CFileLockResolver@@QAE@H@Z
??0COptionsForFiles@@QAE@XZ
??1CCustomMethodEdit@@UAE@XZ
??1CFileLockResolver@@QAE@XZ
??1COptionsForFiles@@UAE@XZ
??4CFileLockResolver@@QAEAAV0@ABV0@@Z
??_7CCustomMethodEdit@@6B@
??_7COptionsForFiles@@6B@
??_FCCustomMethodEdit@@QAEXXZ
??_FCFileLockResolver@@QAEXXZ
?AskUser@CFileLockResolver@@AAEXH@Z
?Close@CFileLockResolver@@QAEXXZ
?CreateObject@COptionsForFiles@@SGPAVCObject@@XZ
?DoDataExchange@CCustomMethodEdit@@MAEXPAVCDataExchange@@@Z
?DoDataExchange@COptionsForFiles@@MAEXPAVCDataExchange@@@Z
?EnableButtons@COptionsForFiles@@QAEXE@Z
?EnablePattern@CCustomMethodEdit@@QAEXH@Z
?ErrorHandler@CFileLockResolver@@CAKPBDKPAX1@Z
?FillCustomMethod@CCustomMethodEdit@@QAEHPAV_Method@@@Z
?GetBMethods@@YAPBV_MethodBase@@XZ
?GetFileAltDataStreams@COptionsForFiles@@QAEAAHXZ
?GetFileClusterTips@COptionsForFiles@@QAEAAHXZ
?GetFileNames@COptionsForFiles@@QAEAAHXZ
?GetFreeSpaceOpt@COptionsForFiles@@QAEPAVCOptionsForFreeSpace@@XZ
?GetLibSettings@COptionsForFiles@@QAEPAULibrarySettings@@XZ
?GetLockFilePath@CFileLockResolver@@CA?AV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@_N@Z
?GetMessageMap@CCustomMethodEdit@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@COptionsForFiles@@MBEPBUAFX_MSGMAP@@XZ
?GetMethodList@COptionsForFiles@@QAEAAVCFlatListCtrl@@XZ
?GetRuntimeClass@COptionsForFiles@@UBEPAUCRuntimeClass@@XZ
?GetSelectedMethod@COptionsForFiles@@QAEHXZ
?GetSelectedMethodId@COptionsForFiles@@QAEEXZ
?GetSelectedStr@COptionsForFiles@@QAEAAV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@XZ
?GetThisMessageMap@CCustomMethodEdit@@KGPBUAFX_MSGMAP@@XZ
?GetThisMessageMap@COptionsForFiles@@KGPBUAFX_MSGMAP@@XZ
?HandleError@CFileLockResolver@@AAEXPBDKHI@Z
?IsProcessElevated@@YA_NPAX@Z
?IsWindowsNT@@YA_NXZ
?LoadCustomMethod@CCustomMethodEdit@@QAEHPAV_Method@@@Z
?OnButtonAdd@CCustomMethodEdit@@IAEXXZ
?OnButtonCopy@CCustomMethodEdit@@IAEXXZ
?OnButtonDelete@CCustomMethodEdit@@IAEXXZ
?OnButtonDelete@COptionsForFiles@@IAEXXZ
?OnButtonDown@CCustomMethodEdit@@IAEXXZ
?OnButtonEdit@COptionsForFiles@@IAEXXZ
?OnButtonNew@COptionsForFiles@@IAEXXZ
?OnButtonUp@CCustomMethodEdit@@IAEXXZ
?OnChangeEditByte1@CCustomMethodEdit@@IAEXXZ
?OnChangeEditByte2@CCustomMethodEdit@@IAEXXZ
?OnChangeEditByte3@CCustomMethodEdit@@IAEXXZ
?OnChangeEditDescription@CCustomMethodEdit@@IAEXXZ
?OnCheckByte2@CCustomMethodEdit@@IAEXXZ
?OnCheckByte3@CCustomMethodEdit@@IAEXXZ
?OnDblclkListMethod@COptionsForFiles@@IAEXPAUtagNMHDR@@PAJ@Z
?OnInitDialog@CCustomMethodEdit@@MAEHXZ
?OnInitDialog@COptionsForFiles@@MAEHXZ
?OnItemchangedListMethod@COptionsForFiles@@IAEXPAUtagNMHDR@@PAJ@Z
?OnItemchangedListPasses@CCustomMethodEdit@@IAEXPAUtagNMHDR@@PAJ@Z
?OnOK@CCustomMethodEdit@@MAEXXZ
?OnOK@COptionsForFiles@@UAEXXZ
?OnRadioPattern@CCustomMethodEdit@@IAEXXZ
?OnRadioPseudorandom@CCustomMethodEdit@@IAEXXZ
?OnSetActive@COptionsForFiles@@MAEHXZ
?Resolve@CFileLockResolver@@SAXPBDAAVCStringArray@@@Z
?SaveSelectedPass@CCustomMethodEdit@@QAEXXZ
?SetFileAltDataStreams@COptionsForFiles@@QAEXH@Z
?SetFileClusterTips@COptionsForFiles@@QAEXH@Z
?SetFileNames@COptionsForFiles@@QAEXH@Z
?SetFreeSpaceOpt@COptionsForFiles@@QAEXPAVCOptionsForFreeSpace@@@Z
?SetHandle@CFileLockResolver@@QAEXK@Z
?SetLibSettings@COptionsForFiles@@QAEXPAULibrarySettings@@@Z
?SetSelectedMethod@COptionsForFiles@@QAEXH@Z
?SetSelectedMethodId@COptionsForFiles@@QAEXE@Z
?SetSelectedStr@COptionsForFiles@@QAEXV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?UpdateList@CCustomMethodEdit@@QAEXXZ
?UpdateList@COptionsForFiles@@QAEXXZ
?classCOptionsForFiles@COptionsForFiles@@2UCRuntimeClass@@B
?create@COptionsForFiles@@SAPAV1@XZ
?loadLibrarySettings@@YA_NPAULibrarySettings@@@Z
?saveLibrarySettings@@YA_NPAULibrarySettings@@@Z
?setLibraryDefaults@@YAXPAULibrarySettings@@@Z
DeleteX
MyDeleteFile
ReplaceX
SetForceDelete
WipeIndexFile
_eraserSetErrorHandler@12
_eraserSetFinishAction@8
convEraseMethod
eraserAddItem
eraserClearItems
eraserCompleted
eraserCreateContext
eraserCreateContextEx
eraserDestroyContext
eraserDispFlags
eraserEnd
eraserErrorString
eraserErrorStringCount
eraserFailed
eraserFailedCount
eraserFailedString
eraserGetClusterSize
eraserGetDataType
eraserGetFreeDiskSpace
eraserGetWindow
eraserGetWindowMessage
eraserInit
eraserIsRunning
eraserIsValidContext
eraserProgGetCurrentDataString
eraserProgGetCurrentPass
eraserProgGetMessage
eraserProgGetPasses
eraserProgGetPercent
eraserProgGetTimeLeft
eraserProgGetTotalPercent
eraserRemoveFile
eraserRemoveFolder
eraserSetDataType
eraserSetWindow
eraserSetWindowMessage
eraserShowOptions
eraserShowReport
eraserStart
eraserStartSync
eraserStatGetArea
eraserStatGetTime
eraserStatGetTips
eraserStatGetWiped
eraserStop
eraserTerminated
eraserTestContinueProcess
eraserTestEnable

Sections

.text
Size: 455KB - Virtual size: 454KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Erasext.dll
.dll regsvr32 windows:5 windows x86

e0ea2e2a2809d8a1c7339c9f3b7b2ff1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

eraser

??0CFileLockResolver@@QAE@H@Z
eraserDispFlags
eraserProgGetMessage
eraserProgGetCurrentDataString
eraserProgGetTimeLeft
eraserFailedCount
eraserProgGetCurrentPass
eraserProgGetTotalPercent
eraserProgGetPercent
eraserStop
eraserErrorStringCount
eraserShowReport
eraserCompleted
eraserIsValidContext
eraserCreateContext
?SetHandle@CFileLockResolver@@QAEXK@Z
eraserSetDataType
MyDeleteFile
eraserAddItem
eraserSetWindow
eraserSetWindowMessage
eraserStart
eraserDestroyContext
eraserRemoveFolder
??1CFileLockResolver@@QAE@XZ
eraserEnd
eraserInit
eraserProgGetPasses
eraserShowOptions

kernel32

RtlUnwind
HeapFree
HeapAlloc
RaiseException
GetCommandLineA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
Sleep
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsValidCodePage
LCMapStringA
LCMapStringW
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetDriveTypeA
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
SizeofResource
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
FileTimeToSystemTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
LocalFree
FormatMessageA
GetVersionExA
MoveFileW
MultiByteToWideChar
GetFileAttributesA
GetFileAttributesW
GetShortPathNameA
GetACP
GetDriveTypeW
lstrcpynA
GetLastError
CopyFileA
CreateDirectoryA
WritePrivateProfileStringA
DeleteFileA
GetModuleFileNameA
CloseHandle
GetCurrentProcess
FindNextFileA
GetCurrentDirectoryA
FindNextFileW
FindFirstFileW
SetLastError
lstrlenA
GetSystemDefaultLangID
GetPrivateProfileIntA
GetPrivateProfileStringA
FreeResource
GlobalFree
GlobalUnlock
GlobalLock
CreateFileA
GetFullPathNameA
FlushFileBuffers
SetFilePointer
WriteFile
GetOEMCP
GetCPInfo
GetModuleHandleW
GlobalFlags
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GetCurrentProcessId
MulDiv
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
LoadLibraryA
lstrcmpW
FreeLibrary
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GlobalAlloc
GetEnvironmentStringsW

user32

DestroyIcon
DestroyMenu
LoadCursorA
GetSysColorBrush
UnregisterClassA
GetWindowThreadProcessId
SetCursor
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
ShowWindow
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
GetFocus
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
PostMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
PtInRect
SendMessageA
GetClientRect
TranslateAcceleratorA
EnableWindow
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetWindowTextLengthA
GetWindowTextA
RemovePropA
LoadAcceleratorsA
InsertMenuA
IsWindow
GetWindow
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongA
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
GetActiveWindow
GetDesktopWindow
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
SetFocus
GetSysColor
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnhookWindowsHookEx
GetKeyState

gdi32

DeleteObject
GetObjectA
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreateBitmap
GetStockObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
PtVisible
GetTextExtentPoint32A

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueA
GetTokenInformation
OpenProcessToken
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA
RegEnumValueA
RegSetValueA
RegEnumKeyA
RegOpenKeyA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
DragQueryFileW
SHChangeNotify
ShellExecuteExA
SHGetFileInfoA
ExtractIconA

shlwapi

PathFindFileNameA
PathFindExtensionA

ole32

CoDisconnectObject
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
StringFromCLSID

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString
VarBstrFromDate
SysStringLen
SysAllocStringByteLen
SysStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
VariantCopy
SysAllocString
LoadTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 185KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Language/en.lng
Language/zh_cn.lng
Language/zh_tw.lng
NTFS转换.bat
PluginMaker.exe
.exe windows:5 windows x86

81127eb082960a7ab72cfdce62ea1931

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFlags
GetCPInfo
GetOEMCP
SetErrorMode
GetFileSizeEx
GetFileTime
GetCurrentDirectoryA
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
GetStartupInfoA
RaiseException
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
Sleep
ExitProcess
HeapSize
IsValidCodePage
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InterlockedIncrement
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapCreate
VirtualFree
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
CompareStringW
SetEnvironmentVariableA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetModuleHandleW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
GetCurrentProcessId
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetVersionExA
InterlockedDecrement
GetModuleFileNameW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
FreeLibrary
GetWindowsDirectoryA
OpenSemaphoreA
CreateSemaphoreA
WaitForSingleObject
ReleaseSemaphore
CloseHandle
GetPrivateProfileIntA
GetSystemDefaultLangID
GetPrivateProfileStringA
DeleteFileA
GetModuleFileNameA
WritePrivateProfileStringA
GetTickCount
lstrlenA
GetFileAttributesA
GetACP
MultiByteToWideChar
DeleteFileW
MoveFileW
GetShortPathNameA
GetDriveTypeA
GetLogicalDriveStringsA
GetLastError
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
LCMapStringA
SizeofResource

user32

RegisterClipboardFormatA
PostThreadMessageA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharNextA
ReleaseCapture
SetCapture
UnregisterClassA
LoadCursorA
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
SetCursor
GetMessageA
ValidateRect
CharUpperA
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetMenu
IsWindowVisible
EnableWindow
SendMessageA
GetSysColor
GetSystemMetrics
UpdateWindow
PostMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
LoadBitmapA
DispatchMessageA
TranslateMessage
GetKeyState
GetClientRect
GetParent
PeekMessageA
PostQuitMessage
CopyRect
FillRect
DrawFocusRect
PtInRect
InvalidateRect
GetFocus
GetWindowLongA
GetWindow
IsWindow
SetForegroundWindow
FindWindowA
DrawIcon
AppendMenuA
GetSubMenu
ModifyMenuA
LoadMenuA
GetSystemMenu
IsIconic
LoadIconA
GetCursorPos
GetWindowRect
GetDesktopWindow
GetMenuItemCount
GetMenuItemID
GetMenuState
UnhookWindowsHookEx
TabbedTextOutA
GetDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
IsChild

gdi32

GetMapMode
GetBkColor
GetRgnBox
CreateRectRgnIndirect
CreateSolidBrush
GetStockObject
GetTextColor
CreateBitmap
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetObjectA
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
CreateCompatibleDC

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteExA
DragQueryFileW
DragFinish
DragAcceptFiles
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ExtractIconA
SHGetFileInfoA

oledlg

ord8

ole32

CoRevokeClassObject
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitializeEx
CLSIDFromString
CLSIDFromProgID
OleIsCurrentClipboard
CoTaskMemFree
CoUninitialize
CoCreateInstance
OleInitialize
OleUninitialize
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocStringByteLen
VariantCopy
SafeArrayDestroy

shlwapi

PathIsUNCA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathStripToRootA

Sections

.text
Size: 328KB - Virtual size: 327KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Plugins/Self-Denifition.wyz
Plugins/WywzSelfDefDel.cms
Wywz.exe
.exe windows:5 windows x86

b90998a81b1fc71023857778f2f35a1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

eraser

SetForceDelete
eraserDestroyContext
?Close@CFileLockResolver@@QAEXXZ
eraserShowReport
eraserErrorStringCount
eraserFailedCount
eraserTerminated
eraserRemoveFolder
??1CFileLockResolver@@QAE@XZ
??0CFileLockResolver@@QAE@H@Z
eraserStart
eraserSetWindowMessage
eraserSetWindow
eraserAddItem
MyDeleteFile
eraserInit
?SetHandle@CFileLockResolver@@QAEXK@Z
eraserCreateContext
eraserCreateContextEx
convEraseMethod
eraserIsValidContext
eraserDispFlags
eraserProgGetMessage
eraserProgGetCurrentDataString
eraserProgGetTimeLeft
eraserProgGetPasses
eraserProgGetCurrentPass
eraserProgGetTotalPercent
eraserProgGetPercent
ReplaceX
?Resolve@CFileLockResolver@@SAXPBDAAVCStringArray@@@Z
eraserSetDataType
eraserShowOptions
eraserEnd

lua5.1

??0LuaException@LuaPlus@@QAE@PBD@Z
?IsFunction@LuaObject@LuaPlus@@QBE_NXZ
??0LuaObject@LuaPlus@@QAE@ABV01@@Z
??1LuaException@LuaPlus@@QAE@XZ
??0LuaException@LuaPlus@@QAE@ABV01@@Z
??1LuaObject@LuaPlus@@QAE@XZ
lua_pcall
?Push@LuaObject@LuaPlus@@QBE?AVLuaStackObject@2@XZ
?Create@LuaState@LuaPlus@@SAPAV12@_N@Z
?GetGlobal@LuaState@LuaPlus@@QAE?AVLuaObject@2@PBD@Z
?DoFile@LuaState@LuaPlus@@QAEHPBD@Z
?GetInteger@LuaObject@LuaPlus@@QBEHXZ
?GetString@LuaObject@LuaPlus@@QBEPBDXZ
??ALuaObject@LuaPlus@@QAE?AV01@PBD@Z
lua_settop
lua_gettop
?Destroy@LuaState@LuaPlus@@SAXPAV12@@Z
lua_tonumber
lua_tolstring
lua_pushnumber
?IsTable@LuaObject@LuaPlus@@QBE_NXZ
?GetCount@LuaObject@LuaPlus@@QAEHXZ
??ALuaObject@LuaPlus@@QAE?AV01@H@Z
?IsNil@LuaObject@LuaPlus@@QBE_NXZ
?GetTableCount@LuaObject@LuaPlus@@QAEHXZ

kernel32

EnumResourceLanguagesA
ConvertDefaultLocale
GetFileAttributesExA
LocalFileTimeToFileTime
GetLocaleInfoA
SetFileTime
GetFileSizeEx
GetFileTime
GlobalFlags
GetModuleHandleW
InterlockedIncrement
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetCPInfo
GetOEMCP
SetErrorMode
RtlUnwind
GetSystemTimeAsFileTime
ExitProcess
RaiseException
GetCommandLineA
GetStartupInfoA
VirtualAlloc
HeapReAlloc
HeapSize
IsValidCodePage
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetFileType
VirtualFree
GetConsoleCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
CompareStringW
SetEnvironmentVariableA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
InterlockedExchange
GetFullPathNameA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcessId
lstrcmpA
InterlockedDecrement
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
FreeResource
GetModuleFileNameW
LoadLibraryW
HeapCreate
HeapAlloc
HeapFree
GetCurrentThread
SetSystemPowerState
GetTimeZoneInformation
SetFileAttributesA
MoveFileA
CopyFileA
GetWindowsDirectoryA
RemoveDirectoryA
GetTempPathA
WinExec
GetSystemDefaultLangID
GetCurrentProcess
SetCurrentDirectoryA
GetPrivateProfileIntA
CreateMutexA
OpenMutexA
GetVolumeInformationA
ReleaseMutex
GetVersionExA
Beep
WaitForSingleObject
Sleep
DeleteFileA
GetStdHandle
GetConsoleMode
WriteFile
ReadFile
CreateFileA
CloseHandle
FormatMessageA
LocalFree
CreateDirectoryA
GetPrivateProfileStringA
GetLocalTime
WritePrivateProfileStringA
GetTickCount
lstrcpyA
FindFirstFileW
FindNextFileW
GetCurrentDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetFileAttributesW
lstrlenA
GetFileAttributesA
GetACP
MultiByteToWideChar
DeleteFileW
MoveFileW
GetShortPathNameA
GetLogicalDrives
GetDriveTypeA
lstrcpynA
GetLogicalDriveStringsA
GetLastError
SetLastError
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetModuleFileNameA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
SystemTimeToFileTime

user32

ValidateRect
CharUpperA
GetWindowThreadProcessId
EndPaint
BeginPaint
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
SendDlgItemMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetMenu
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthA
SetFocus
GetMenuState
GetMenuItemID
GetMenuItemCount
GetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
DrawEdge
FrameRect
SetScrollPos
GetDesktopWindow
SetActiveWindow
wsprintfA
SetForegroundWindow
BringWindowToTop
SetCursor
LoadCursorA
RegisterWindowMessageA
RegisterHotKey
UnregisterHotKey
KillTimer
SetTimer
IsWindowVisible
ExitWindowsEx
LockWindowUpdate
PtInRect
GetKeyState
CheckMenuItem
GetCursorPos
LoadMenuA
ModifyMenuA
GetSubMenu
ReleaseCapture
SetCapture
GetCapture
ReleaseDC
ScreenToClient
ClientToScreen
GetWindowRect
SetRect
GetFocus
GetWindow
LoadIconA
IsIconic
DrawIcon
MessageBoxA
RedrawWindow
PostQuitMessage
PeekMessageA
TranslateMessage
DispatchMessageA
IsWindow
LoadBitmapA
DrawFocusRect
GetSystemMetrics
GrayStringA
DrawTextExA
TabbedTextOutA
GetParent
UpdateWindow
GetClientRect
FillRect
OffsetRect
UnregisterClassA
GetSysColorBrush
GetSysColor
DrawIconEx
LoadImageA
WindowFromPoint
DestroyMenu
GetWindowTextA
GetMessageA
InvalidateRect
DrawTextA
InflateRect
CopyRect
SendMessageA
GetDC
EnableWindow

gdi32

GetTextColor
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
CreatePatternBrush
SelectClipRgn
CreatePen
CreateSolidBrush
SetBkMode
MoveToEx
LineTo
SetMapMode
CreateRectRgn
PatBlt
CreateRectRgnIndirect
CreateBitmap
GetTextExtentPoint32A
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetStockObject
SelectObject
GetTextMetricsA
StretchBlt
BitBlt
LPtoDP
DPtoLP
GetMapMode
CreateCompatibleDC
CreateCompatibleBitmap
GetDeviceCaps
DeleteDC
DeleteObject
GetCurrentObject
GetBkColor
GetObjectA
CreateFontIndirectA
SetViewportOrgEx
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueA
RegEnumKeyA
RegOpenKeyA
IsValidSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
OpenThreadToken
RegDeleteKeyA
RegFlushKey
RegQueryValueExA
RegCloseKey
RegDeleteValueA
LookupPrivilegeValueA
AdjustTokenPrivileges
GetUserNameA
OpenProcessToken
GetTokenInformation
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA

shell32

SHChangeNotify
ExtractIconA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
DragAcceptFiles
DragFinish
DragQueryFileW
ShellExecuteA
Shell_NotifyIconA
DragQueryFileA
SHGetFileInfoA
ShellExecuteExA
SHBrowseForFolderA
SHGetMalloc

shlwapi

PathRemoveFileSpecW
PathFindExtensionA
PathStripToRootA
PathIsUNCA
SHDeleteKeyA
PathFindFileNameA

ole32

OleUninitialize
OleInitialize
CoCreateInstance
CoUninitialize
CoTaskMemFree
CoInitializeEx

oleaut32

VariantInit
VariantChangeType
VariantClear

msvfw32

MCIWndCreateA

Sections

.text
Size: 395KB - Virtual size: 395KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 257KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
config.ini
filed.dll
.dll regsvr32 windows:4 windows x86

539e751b99aab94dd23f581ba33f6ddb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedIncrement
GetThreadLocale
ReadFile
FlushFileBuffers
GetFullPathNameW
GetDriveTypeW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
GetCommandLineA
GetProcessHeap
RtlUnwind
ExitProcess
ExitThread
RaiseException
HeapReAlloc
HeapSize
GetCurrentDirectoryA
GetCPInfo
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
GetStdHandle
GetModuleFileNameA
GetConsoleCP
ReadConsoleInputA
ReadConsoleInputW
SetConsoleMode
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateFileA
GetDriveTypeA
SetStdHandle
SetEnvironmentVariableA
WritePrivateProfileStringW
GlobalFlags
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetModuleHandleA
FileTimeToLocalFileTime
FileTimeToSystemTime
InterlockedDecrement
MulDiv
GlobalUnlock
GlobalFree
FreeResource
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
SetLastError
GlobalAddAtomW
CreateEventW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
WideCharToMultiByte
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
GetTickCount
GetUserDefaultLangID
lstrlenW
lstrcpynW
QueryDosDeviceW
TerminateThread
GetCurrentProcessId
GetVolumeInformationW
GetLogicalDrives
SetFilePointer
LocalFree
FormatMessageW
FindClose
FindNextFileW
SetFileAttributesW
FindFirstFileW
GetVersion
VirtualFree
VirtualAlloc
GetLastError
GetDiskFreeSpaceW
VirtualFreeEx
TerminateProcess
WriteProcessMemory
VirtualAllocEx
WaitForSingleObject
CreateRemoteThread
GetModuleHandleW
Module32NextW
Module32FirstW
WriteFile
DuplicateHandle
OpenProcess
DeviceIoControl
GetCurrentProcess
Sleep
GetModuleFileNameW
SizeofResource
CloseHandle
CreateFileW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetProcAddress
CreateDirectoryW
LoadLibraryW
FreeLibrary
CopyFileW
CreateThread
GetVersionExW
MultiByteToWideChar
FindResourceW
LoadResource
GetOEMCP
LockResource

user32

UnregisterClassW
EndPaint
BeginPaint
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ShowWindow
SetWindowTextW
IsDialogMessageW
ReleaseDC
GetDC
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
SetFocus
GetWindowTextW
GetForegroundWindow
SetActiveWindow
GetSysColorBrush
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetClientRect
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetWindow
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
LoadCursorW
DestroyMenu
MessageBoxW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
PostQuitMessage
GetMenuCheckMarkDimensions
GetFocus
GetParent
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
InsertMenuW
PeekMessageW
LoadBitmapW
PostMessageW
SetParent
EnableWindow
wsprintfW
SendMessageW
LoadIconW
AdjustWindowRectEx
UnregisterClassA

gdi32

DeleteDC
GetStockObject
DeleteObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateBitmap
SetMapMode
RestoreDC
SaveDC
GetDeviceCaps
GetObjectW
SetBkColor
SetTextColor
GetClipBox

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteValueW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
StartServiceW
CloseServiceHandle
DeleteService
ControlService
OpenServiceW
CreateServiceW
OpenSCManagerW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW

shell32

DragQueryFileW

shlwapi

StrStrIW
PathFindFileNameW
PathFindExtensionW

ole32

CoGetMalloc
StringFromIID
ReleaseStgMedium

oleaut32

VariantClear
VariantChangeType
VariantInit

wintrust

CryptCATAdminEnumCatalogFromHash
CryptCATAdminAcquireContext
CryptCATCatalogInfoFromContext
WinVerifyTrust
CryptCATAdminReleaseCatalogContext
CryptCATAdminReleaseContext
CryptCATAdminCalcHashFromFileHandle

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IsRegisterServer
LoadComponent
create_garbage_file_to_ban
destory_file_force_killer
force_kill_file
force_unlock_file
force_unlock_file_other_way
get_pending_file_rename_information
init_file_force_killer
try_to_delete_pending_file_rename_information
write_back_pending_file_rename_information

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.share
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
filed.sys
.sys windows:5 windows x86

bb6c7138f250c4628d217397491c1120

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExFreePoolWithTag
_stricmp
ExAllocatePoolWithTag
ZwQuerySystemInformation
ZwClose
ZwUnmapViewOfSection
ZwMapViewOfSection
ZwCreateSection
ZwCreateFile
MmIsAddressValid
MmUnmapLockedPages
MmMapLockedPages
MmBuildMdlForNonPagedPool
MmCreateMdl
IoDeleteDevice
IoDeleteSymbolicLink
RtlInitUnicodeString
IofCompleteRequest
IoFreeIrp
KeSetEvent
ObfDereferenceObject
KeWaitForSingleObject
IofCallDriver
KeGetCurrentThread
KeInitializeEvent
IoAllocateIrp
IoGetRelatedDeviceObject
ObReferenceObjectByHandle
IoFileObjectType
IoCreateFile
RtlAppendUnicodeToString
ObQueryNameString
IoCreateSymbolicLink
IoCreateDevice
KeTickCount

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SuCop0
Size: 512B - Virtual size: 314B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.SuCop1
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lua5.1.dll
.dll windows:5 windows x86

a705208ddd2c1f577b5f9cc472efd1aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegEnumValueA
RegEnumKeyExA
RegDeleteKeyA
GetUserNameA

shlwapi

SHDeleteKeyA

kernel32

WriteConsoleW
GetConsoleOutputCP
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
CloseHandle
GetExitCodeProcess
WaitForSingleObject
GetLastError
CreateProcessA
CreateFileA
CreatePipe
LoadLibraryA
FormatMessageA
GetProcAddress
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
lstrcmpiA
GetVersionExA
GetWindowsDirectoryA
RaiseException
RtlUnwind
HeapReAlloc
HeapAlloc
HeapFree
EnterCriticalSection
LeaveCriticalSection
SetStdHandle
GetFileType
GetModuleHandleW
Sleep
ExitProcess
DeleteFileA
MoveFileA
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
GetCommandLineA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
SetHandleCount
GetStdHandle
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetStringTypeW
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
WriteFile
InitializeCriticalSectionAndSpinCount
ReadFile
GetCurrentProcessId
GetFileAttributesA
GetConsoleCP
GetConsoleMode
SetFilePointer
FlushFileBuffers
GetTimeZoneInformation
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
CompareStringA
CompareStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
HeapSize
SetEnvironmentVariableA
GetLocaleInfoW
SetEndOfFile
GetProcessHeap
WriteConsoleA

Exports

Exports

??0LuaAutoObject@LuaPlus@@QAE@AAVLuaState@1@H@Z
??0LuaAutoObject@LuaPlus@@QAE@ABV01@@Z
??0LuaAutoObject@LuaPlus@@QAE@ABVLuaStackObject@1@@Z
??0LuaAutoObject@LuaPlus@@QAE@PAVLuaState@1@H@Z
??0LuaCall@LuaPlus@@QAE@AAVLuaObject@1@@Z
??0LuaCall@LuaPlus@@QAE@ABV01@@Z
??0LuaException@LuaPlus@@QAE@ABV01@@Z
??0LuaException@LuaPlus@@QAE@PBD@Z
??0LuaObject@LuaPlus@@QAE@ABV01@@Z
??0LuaObject@LuaPlus@@QAE@ABVLuaStackObject@1@@Z
??0LuaObject@LuaPlus@@QAE@PAVLuaState@1@@Z
??0LuaObject@LuaPlus@@QAE@PAVLuaState@1@H@Z
??0LuaObject@LuaPlus@@QAE@PAVLuaState@1@PBUlua_TValue@@@Z
??0LuaObject@LuaPlus@@QAE@XZ
??0LuaStack@LuaPlus@@QAE@PAUlua_State@@@Z
??0LuaStack@LuaPlus@@QAE@PAVLuaState@1@@Z
??0LuaStackObject@LuaPlus@@QAE@AAVLuaState@1@H@Z
??0LuaStackObject@LuaPlus@@QAE@ABV01@@Z
??0LuaStackObject@LuaPlus@@QAE@PAVLuaState@1@H@Z
??0LuaStackObject@LuaPlus@@QAE@XZ
??0LuaStackTableIterator@LuaPlus@@QAE@VLuaStackObject@1@_N1@Z
??0LuaStateOutFile@LuaPlus@@QAE@ABV01@@Z
??0LuaStateOutFile@LuaPlus@@QAE@PBD@Z
??0LuaStateOutFile@LuaPlus@@QAE@XZ
??0LuaStateOutputDebugStringFile@LuaPlus@@QAE@ABV01@@Z
??0LuaStateOutputDebugStringFile@LuaPlus@@QAE@XZ
??0LuaTableIterator@LuaPlus@@QAE@AAVLuaObject@1@_N@Z
??1LuaAutoObject@LuaPlus@@QAE@XZ
??1LuaCall@LuaPlus@@QAE@XZ
??1LuaException@LuaPlus@@QAE@XZ
??1LuaObject@LuaPlus@@QAE@XZ
??1LuaStack@LuaPlus@@QAE@XZ
??1LuaStackTableIterator@LuaPlus@@QAE@XZ
??1LuaStateOutFile@LuaPlus@@UAE@XZ
??1LuaStateOutputDebugStringFile@LuaPlus@@UAE@XZ
??1LuaTableIterator@LuaPlus@@QAE@XZ
??4LuaAutoObject@LuaPlus@@QAEABV01@ABV01@@Z
??4LuaAutoObject@LuaPlus@@QAEABV01@ABVLuaStackObject@1@@Z
??4LuaCall@LuaPlus@@QAEAAV01@ABV01@@Z
??4LuaException@LuaPlus@@QAEAAV01@ABV01@@Z
??4LuaObject@LuaPlus@@QAEAAV01@ABV01@@Z
??4LuaObject@LuaPlus@@QAEAAV01@ABVLuaStackObject@1@@Z
??4LuaStack@LuaPlus@@QAEAAV01@ABV01@@Z
??4LuaStackObject@LuaPlus@@QAEABV01@ABV01@@Z
??4LuaStateOutFile@LuaPlus@@QAEAAV01@ABV01@@Z
??4LuaStateOutputDebugStringFile@LuaPlus@@QAEAAV01@ABV01@@Z
??6LuaCall@LuaPlus@@QAE?AVLuaStackObject@1@ABULuaRun@1@@Z
??6LuaPlus@@YAAAVLuaCall@0@AAV10@AAVLuaObject@0@@Z
??6LuaPlus@@YAAAVLuaCall@0@AAV10@AAVLuaStackObject@0@@Z
??6LuaPlus@@YAAAVLuaCall@0@AAV10@ABULuaArgNil@0@@Z
??6LuaPlus@@YAAAVLuaCall@0@AAV10@H@Z
??6LuaPlus@@YAAAVLuaCall@0@AAV10@I@Z
??6LuaPlus@@YAAAVLuaCall@0@AAV10@M@Z
??6LuaPlus@@YAAAVLuaCall@0@AAV10@N@Z
??6LuaPlus@@YAAAVLuaCall@0@AAV10@P6AHPAUlua_State@@@Z@Z
??6LuaPlus@@YAAAVLuaCall@0@AAV10@P6AHPAVLuaState@0@@Z@Z
??6LuaPlus@@YAAAVLuaCall@0@AAV10@PAX@Z
??6LuaPlus@@YAAAVLuaCall@0@AAV10@PBD@Z
??6LuaPlus@@YAAAVLuaCall@0@AAV10@PBG@Z
??6LuaPlus@@YAAAVLuaCall@0@AAV10@_N@Z
??8LuaObject@LuaPlus@@QBE_NABV01@@Z
??8LuaStackObject@LuaPlus@@QBE_NABV01@@Z
??ALuaObject@LuaPlus@@QAE?AV01@ABV01@@Z
??ALuaObject@LuaPlus@@QAE?AV01@ABVLuaStackObject@1@@Z
??ALuaObject@LuaPlus@@QAE?AV01@H@Z
??ALuaObject@LuaPlus@@QAE?AV01@PBD@Z
??ALuaStack@LuaPlus@@QAE?AVLuaStackObject@1@H@Z
??ALuaStackObject@LuaPlus@@QBE?AV01@AAV01@@Z
??ALuaStackObject@LuaPlus@@QBE?AV01@H@Z
??ALuaStackObject@LuaPlus@@QBE?AV01@PBD@Z
??BLuaStackObject@LuaPlus@@QBEHXZ
??BLuaStackTableIterator@LuaPlus@@QBE_NXZ
??BLuaState@LuaPlus@@QAEPAUlua_State@@XZ
??BLuaTableIterator@LuaPlus@@QBE_NXZ
??ELuaStackTableIterator@LuaPlus@@QAEAAV01@XZ
??ELuaTableIterator@LuaPlus@@QAEAAV01@XZ
??MLuaObject@LuaPlus@@QBE_NABV01@@Z
??_7LuaStateOutFile@LuaPlus@@6B@
??_7LuaStateOutputDebugStringFile@LuaPlus@@6B@
?AddToUsedList@LuaObject@LuaPlus@@AAEXPAVLuaState@2@@Z
?AddToUsedList@LuaObject@LuaPlus@@AAEXPAVLuaState@2@ABUlua_TValue@@@Z
?ArgCheck@LuaState@LuaPlus@@QAEX_NHPBD@Z
?ArgError@LuaState@LuaPlus@@QAEHHPBD@Z
?Assign@LuaStateOutFile@LuaPlus@@QAE_NPAU_iobuf@@@Z
?AssignBoolean@LuaObject@LuaPlus@@QAEXPAVLuaState@2@_N@Z
?AssignInteger@LuaObject@LuaPlus@@QAEXPAVLuaState@2@H@Z
?AssignLightUserData@LuaObject@LuaPlus@@QAEXPAVLuaState@2@PAX@Z
?AssignNewTObject@detail@LuaPlus@@YAXPAUlua_State@@PAUlua_TValue@@ABULuaArgNil@2@@Z
?AssignNewTObject@detail@LuaPlus@@YAXPAUlua_State@@PAUlua_TValue@@ABVLuaObject@2@@Z
?AssignNewTObject@detail@LuaPlus@@YAXPAUlua_State@@PAUlua_TValue@@D@Z
?AssignNewTObject@detail@LuaPlus@@YAXPAUlua_State@@PAUlua_TValue@@E@Z
?AssignNewTObject@detail@LuaPlus@@YAXPAUlua_State@@PAUlua_TValue@@F@Z
?AssignNewTObject@detail@LuaPlus@@YAXPAUlua_State@@PAUlua_TValue@@G@Z
?AssignNewTObject@detail@LuaPlus@@YAXPAUlua_State@@PAUlua_TValue@@H@Z
?AssignNewTObject@detail@LuaPlus@@YAXPAUlua_State@@PAUlua_TValue@@I@Z
?AssignNewTObject@detail@LuaPlus@@YAXPAUlua_State@@PAUlua_TValue@@M@Z
?AssignNewTObject@detail@LuaPlus@@YAXPAUlua_State@@PAUlua_TValue@@N@Z
?AssignNewTObject@detail@LuaPlus@@YAXPAUlua_State@@PAUlua_TValue@@PAX@Z
?AssignNewTObject@detail@LuaPlus@@YAXPAUlua_State@@PAUlua_TValue@@PBD@Z
?AssignNewTObject@detail@LuaPlus@@YAXPAUlua_State@@PAUlua_TValue@@_N@Z
?AssignNewTable@LuaObject@LuaPlus@@QAEAAV12@PAVLuaState@2@HH@Z
?AssignNil@LuaObject@LuaPlus@@QAEXPAVLuaState@2@@Z
?AssignNumber@LuaObject@LuaPlus@@QAEXPAVLuaState@2@N@Z
?AssignObject@LuaObject@LuaPlus@@QAEXAAV12@@Z
?AssignString@LuaObject@LuaPlus@@QAEXPAVLuaState@2@PBDH@Z
?AssignTObject@LuaObject@LuaPlus@@QAEXPAVLuaState@2@PBUlua_TValue@@@Z
?AssignUserData@LuaObject@LuaPlus@@QAEXPAVLuaState@2@PAX@Z
?AssignWString@LuaObject@LuaPlus@@QAEXPAVLuaState@2@PBGH@Z
?AtPanic@LuaState@LuaPlus@@QAEP6AHPAUlua_State@@@ZP6AH0@Z@Z
?BoxPointer@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@PAX@Z
?CPCall@LuaState@LuaPlus@@QAEHP6AHPAUlua_State@@@ZPAX@Z
?Call@LuaState@LuaPlus@@QAEXHH@Z
?CallFormatting@LuaState@LuaPlus@@IAE_NAAVLuaObject@2@AAVLuaStateOutFile@2@H_N22I@Z
?CastState@LuaState@LuaPlus@@SAPAV12@PAUlua_State@@@Z
?CheckAny@LuaState@LuaPlus@@QAEXH@Z
?CheckInt@LuaState@LuaPlus@@QAEHH@Z
?CheckInteger@LuaState@LuaPlus@@QAEHH@Z
?CheckLString@LuaState@LuaPlus@@QAEPBDHPAI@Z
?CheckLong@LuaState@LuaPlus@@QAEJH@Z
?CheckNumber@LuaState@LuaPlus@@QAENH@Z
?CheckStack@LuaState@LuaPlus@@QAEHH@Z
?CheckStack@LuaState@LuaPlus@@QAEXHPBD@Z
?CheckString@LuaState@LuaPlus@@QAEPBDH@Z
?CheckType@LuaState@LuaPlus@@QAEXHH@Z
?CheckUData@LuaState@LuaPlus@@QAEPAXHPBD@Z
?Clone@LuaObject@LuaPlus@@QAE?AV12@XZ
?Close@LuaStateOutFile@LuaPlus@@UAEXXZ
?Close@LuaStateOutputDebugStringFile@LuaPlus@@UAEXXZ
?CoResume@LuaState@LuaPlus@@QAEHH@Z
?CoStatus@LuaState@LuaPlus@@QAEHXZ
?CoYield@LuaState@LuaPlus@@QAEHH@Z
?Concat@LuaState@LuaPlus@@QAEXH@Z
?Count@LuaStack@LuaPlus@@QBEHXZ
?Create@LuaState@LuaPlus@@SAPAV12@XZ
?Create@LuaState@LuaPlus@@SAPAV12@_N@Z
?CreateTable@LuaObject@LuaPlus@@QAE?AV12@AAV12@HH@Z
?CreateTable@LuaObject@LuaPlus@@QAE?AV12@HHH@Z
?CreateTable@LuaObject@LuaPlus@@QAE?AV12@PBDHH@Z
?CreateTable@LuaStackObject@LuaPlus@@QAE?AV12@HHH@Z
?CreateTable@LuaStackObject@LuaPlus@@QAE?AV12@PBDHH@Z
?CreateTable@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@HH@Z
?CreateThread@LuaState@LuaPlus@@SA?AVLuaObject@2@PAV12@@Z
?DeepClone@LuaObject@LuaPlus@@QAEXAAV12@@Z
?Destroy@LuaState@LuaPlus@@SAXPAV12@@Z
?DoBuffer@LuaState@LuaPlus@@QAEHPBDI0@Z
?DoBuffer@LuaState@LuaPlus@@QAEHPBDI0AAVLuaObject@2@@Z
?DoFile@LuaState@LuaPlus@@QAEHPBD@Z
?DoFile@LuaState@LuaPlus@@QAEHPBDAAVLuaObject@2@@Z
?DoString@LuaState@LuaPlus@@QAEHPBD@Z
?DoString@LuaState@LuaPlus@@QAEHPBDAAVLuaObject@2@@Z
?DoWBuffer@LuaState@LuaPlus@@QAEHPBGIPBD@Z
?DoWString@LuaState@LuaPlus@@QAEHPBGPBD@Z
?Dump@LuaState@LuaPlus@@QAEHP6AHPAUlua_State@@PBXIPAX@Z2HD@Z
?DumpGlobals@LuaState@LuaPlus@@QAE_NAAVLuaStateOutFile@2@II@Z
?DumpGlobals@LuaState@LuaPlus@@QAE_NPBDII@Z
?DumpObject@LuaState@LuaPlus@@QAE_NAAVLuaStateOutFile@2@AAVLuaObject@2@1IHI@Z
?DumpObject@LuaState@LuaPlus@@QAE_NAAVLuaStateOutFile@2@PBDAAVLuaObject@2@IHI@Z
?DumpObject@LuaState@LuaPlus@@QAE_NPBD0AAVLuaObject@2@IHI@Z
?DumpObject@LuaState@LuaPlus@@QAE_NPBDAAVLuaObject@2@1IHI@Z
?Equal@LuaState@LuaPlus@@QAEHABVLuaObject@2@0@Z
?Equal@LuaState@LuaPlus@@QAEHHH@Z
?Error@LuaState@LuaPlus@@QAEHXZ
?FindTable@LuaState@LuaPlus@@QAEPBDHPBDH@Z
?GC@LuaState@LuaPlus@@QAEHHH@Z
?GSub@LuaState@LuaPlus@@QAEPBDPBD00@Z
?Get@LPCD@@YA?AVLuaObject@LuaPlus@@U?$TypeWrapper@VLuaObject@LuaPlus@@@1@PAUlua_State@@H@Z
?GetAllocF@LuaState@LuaPlus@@QAEP6APAXPAX0IIPBDI@ZPAPAX@Z
?GetBoolean@LuaHelper@LuaPlus@@YA_NAAVLuaObject@2@H_N1@Z
?GetBoolean@LuaHelper@LuaPlus@@YA_NAAVLuaObject@2@PBD_N2@Z
?GetBoolean@LuaObject@LuaPlus@@QBE_NXZ
?GetBoolean@LuaStackObject@LuaPlus@@QBE_NXZ
?GetByIndex@LuaObject@LuaPlus@@QAE?AV12@H@Z
?GetByIndex@LuaStackObject@LuaPlus@@QAE?AV12@H@Z
?GetByName@LuaObject@LuaPlus@@QAE?AV12@PBD@Z
?GetByName@LuaStackObject@LuaPlus@@QAE?AV12@PBD@Z
?GetByObject@LuaObject@LuaPlus@@QAE?AV12@ABV12@@Z
?GetByObject@LuaObject@LuaPlus@@QAE?AV12@ABVLuaStackObject@2@@Z
?GetByObject@LuaStackObject@LuaPlus@@QAE?AV12@AAV12@@Z
?GetCFunction@LuaObject@LuaPlus@@QBEP6AHPAUlua_State@@@ZXZ
?GetCFunction@LuaStackObject@LuaPlus@@QBEP6AHPAUlua_State@@@ZXZ
?GetCState@LuaObject@LuaPlus@@QBEPAUlua_State@@XZ
?GetCState@LuaStackObject@LuaPlus@@QBEPAUlua_State@@XZ
?GetCState@LuaState@LuaPlus@@QAEPAUlua_State@@XZ
?GetCount@LuaObject@LuaPlus@@QAEHXZ
?GetCount@LuaStackObject@LuaPlus@@QAEHXZ
?GetDouble@LuaObject@LuaPlus@@QBENXZ
?GetDouble@LuaStackObject@LuaPlus@@QBENXZ
?GetErrorMessage@LuaException@LuaPlus@@QBEPBDXZ
?GetFloat@LuaHelper@LuaPlus@@YAMAAVLuaObject@2@H_NM@Z
?GetFloat@LuaHelper@LuaPlus@@YAMAAVLuaObject@2@PBD_NM@Z
?GetFloat@LuaObject@LuaPlus@@QBEMXZ
?GetFloat@LuaStackObject@LuaPlus@@QBEMXZ
?GetGlobal@LuaState@LuaPlus@@QAE?AVLuaObject@2@PBD@Z
?GetGlobal_Stack@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@PBD@Z
?GetGlobals@LuaState@LuaPlus@@QAE?AVLuaObject@2@XZ
?GetGlobals_Stack@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@XZ
?GetHook@LuaState@LuaPlus@@QAEP6AXPAUlua_State@@PAUlua_Debug@@@ZXZ
?GetHookMask@LuaState@LuaPlus@@QAEHXZ
?GetInfo@LuaState@LuaPlus@@QAEHPBDPAUlua_Debug@@@Z
?GetInteger@LuaHelper@LuaPlus@@YAHAAVLuaObject@2@H_NH@Z
?GetInteger@LuaHelper@LuaPlus@@YAHAAVLuaObject@2@PBD_NH@Z
?GetInteger@LuaObject@LuaPlus@@QBEHXZ
?GetInteger@LuaStackObject@LuaPlus@@QBEHXZ
?GetKey@LuaStackTableIterator@LuaPlus@@QAE?AVLuaStackObject@2@XZ
?GetKey@LuaTableIterator@LuaPlus@@QAEAAVLuaObject@2@XZ
?GetLightUserData@LuaHelper@LuaPlus@@YAPAXAAVLuaObject@2@H_NPAX@Z
?GetLightUserData@LuaHelper@LuaPlus@@YAPAXAAVLuaObject@2@PBD_NPAX@Z
?GetLightUserData@LuaObject@LuaPlus@@QBEPAXXZ
?GetLightUserData@LuaStackObject@LuaPlus@@QBEPAXXZ
?GetLocal@LuaState@LuaPlus@@QAEPBDPBUlua_Debug@@H@Z
?GetLocalByName@LuaState@LuaPlus@@QAE?AVLuaObject@2@HPBD@Z
?GetLuaPointer@LuaObject@LuaPlus@@QAEPBXXZ
?GetLuaPointer@LuaStackObject@LuaPlus@@QBEPBXXZ
?GetMetaTable@LuaObject@LuaPlus@@QAE?AV12@XZ
?GetMetaTable@LuaStackObject@LuaPlus@@QAE?AV12@XZ
?GetMetaTable@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@H@Z
?GetNumber@LuaObject@LuaPlus@@QBENXZ
?GetNumber@LuaStackObject@LuaPlus@@QBENXZ
?GetRegistry@LuaState@LuaPlus@@QAE?AVLuaObject@2@XZ
?GetRegistry_Stack@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@XZ
?GetStack@LuaState@LuaPlus@@QAEHHPAUlua_Debug@@@Z
?GetState@LuaObject@LuaPlus@@QBEPAVLuaState@2@XZ
?GetState@LuaStackObject@LuaPlus@@QBEPAVLuaState@2@XZ
?GetString@LuaHelper@LuaPlus@@YAPBDAAVLuaObject@2@H_NPBD@Z
?GetString@LuaHelper@LuaPlus@@YAPBDAAVLuaObject@2@PBD_N1@Z
?GetString@LuaObject@LuaPlus@@QBEPBDXZ
?GetString@LuaStackObject@LuaPlus@@QBEPBDXZ
?GetTObject@LuaObject@LuaPlus@@QBEPAUlua_TValue@@XZ
?GetTable@LuaHelper@LuaPlus@@YA?AVLuaObject@2@AAV32@H_N@Z
?GetTable@LuaHelper@LuaPlus@@YA?AVLuaObject@2@AAV32@PBD_N@Z
?GetTable@LuaState@LuaPlus@@QAEXH@Z
?GetTableCount@LuaObject@LuaPlus@@QAEHXZ
?GetThread@LuaStackObject@LuaPlus@@QBEPAUlua_State@@XZ
?GetTop@LuaState@LuaPlus@@QAEHXZ
?GetType@LuaStackObject@LuaPlus@@QBEHXZ
?GetTypeName@LuaStackObject@LuaPlus@@QBEPBDXZ
?GetUserData@LuaObject@LuaPlus@@QAEPAXXZ
?GetUserData@LuaStackObject@LuaPlus@@QBEPAXXZ
?GetUserData@LuaState@LuaPlus@@QAEJXZ
?GetValue@LuaStackTableIterator@LuaPlus@@QAE?AVLuaStackObject@2@XZ
?GetValue@LuaTableIterator@LuaPlus@@QAEAAVLuaObject@2@XZ
?GetWString@LuaObject@LuaPlus@@QBEPBGXZ
?GetWString@LuaStackObject@LuaPlus@@QBEPBGXZ
?Indent@LuaStateOutFile@LuaPlus@@QAEXI@Z
?Insert@LuaObject@LuaPlus@@QAEXAAV12@@Z
?Insert@LuaObject@LuaPlus@@QAEXHAAV12@@Z
?Insert@LuaState@LuaPlus@@QAEXH@Z
?Invalidate@LuaStackTableIterator@LuaPlus@@QAEXXZ
?Invalidate@LuaTableIterator@LuaPlus@@QAEXXZ
?IsBoolean@LuaObject@LuaPlus@@QBE_NXZ
?IsBoolean@LuaStackObject@LuaPlus@@QBE_NXZ
?IsCFunction@LuaObject@LuaPlus@@QBE_NXZ
?IsCFunction@LuaStackObject@LuaPlus@@QBE_NXZ
?IsConvertibleToInteger@LuaObject@LuaPlus@@QBE_NXZ
?IsConvertibleToNumber@LuaObject@LuaPlus@@QBE_NXZ
?IsConvertibleToString@LuaObject@LuaPlus@@QBE_NXZ
?IsConvertibleToWString@LuaObject@LuaPlus@@QBE_NXZ
?IsFunction@LuaObject@LuaPlus@@QBE_NXZ
?IsFunction@LuaStackObject@LuaPlus@@QBE_NXZ
?IsInteger@LuaObject@LuaPlus@@QBE_NXZ
?IsInteger@LuaStackObject@LuaPlus@@QBE_NXZ
?IsLightUserData@LuaObject@LuaPlus@@QBE_NXZ
?IsLightUserData@LuaStackObject@LuaPlus@@QBE_NXZ
?IsNil@LuaObject@LuaPlus@@QBE_NXZ
?IsNil@LuaStackObject@LuaPlus@@QBE_NXZ
?IsNone@LuaObject@LuaPlus@@QBE_NXZ
?IsNone@LuaStackObject@LuaPlus@@QBE_NXZ
?IsNumber@LuaObject@LuaPlus@@QBE_NXZ
?IsNumber@LuaStackObject@LuaPlus@@QBE_NXZ
?IsString@LuaObject@LuaPlus@@QBE_NXZ
?IsString@LuaStackObject@LuaPlus@@QBE_NXZ
?IsTable@LuaObject@LuaPlus@@QBE_NXZ
?IsTable@LuaStackObject@LuaPlus@@QBE_NXZ
?IsThread@LuaStackObject@LuaPlus@@QBE_NXZ
?IsUserData@LuaObject@LuaPlus@@QBE_NXZ
?IsUserData@LuaStackObject@LuaPlus@@QBE_NXZ
?IsValid@LuaStackTableIterator@LuaPlus@@QBE_NXZ
?IsValid@LuaTableIterator@LuaPlus@@QBE_NXZ
?IsWString@LuaObject@LuaPlus@@QBE_NXZ
?IsWString@LuaStackObject@LuaPlus@@QBE_NXZ
?LessThan@LuaState@LuaPlus@@QAEHABVLuaObject@2@0@Z
?LessThan@LuaState@LuaPlus@@QAEHHH@Z
?Load@LuaState@LuaPlus@@QAEHP6APBDPAUlua_State@@PAXPAI@Z1PBD@Z
?LoadBuffer@LuaState@LuaPlus@@QAEHPBDI0@Z
?LoadFile@LuaState@LuaPlus@@QAEHPBD@Z
?LoadString@LuaState@LuaPlus@@QAEHPBD@Z
?LoadWBuffer@LuaState@LuaPlus@@QAEHPBGIPBD@Z
?LoadWString@LuaState@LuaPlus@@QAEHPBG@Z
?Lookup@LuaObject@LuaPlus@@QAE?AV12@PBD@Z
?LuaPlusH_next@LuaPlus@@YA_NPAVLuaState@1@PAVLuaObject@1@11@Z
?MergeObjects@LuaHelper@LuaPlus@@YAXAAVLuaObject@2@0_N@Z
?NewMetaTable@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@PBD@Z
?NewUserData@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@I@Z
?NewUserDataBox@LuaState@LuaPlus@@QAE?AVLuaObject@2@PAX@Z
?Next@LuaStackTableIterator@LuaPlus@@QAE_NXZ
?Next@LuaState@LuaPlus@@QAEHH@Z
?Next@LuaTableIterator@LuaPlus@@QAE_NXZ
?Open@LuaStateOutFile@LuaPlus@@UAE_NPBD@Z
?Open@LuaStateOutputDebugStringFile@LuaPlus@@UAE_NPBD@Z
?OpenLibs@LuaState@LuaPlus@@QAEXXZ
?OptInt@LuaState@LuaPlus@@QAEHHH@Z
?OptInteger@LuaState@LuaPlus@@QAEHHH@Z
?OptLString@LuaState@LuaPlus@@QAEPBDHPBDPAI@Z
?OptLong@LuaState@LuaPlus@@QAEJHH@Z
?OptNumber@LuaState@LuaPlus@@QAENHN@Z
?OptString@LuaState@LuaPlus@@QAEPBDHPBD@Z
?PCall@LuaState@LuaPlus@@QAEHHHH@Z
?Pop@LuaStackObject@LuaPlus@@QAEXXZ
?Pop@LuaState@LuaPlus@@QAEXH@Z
?Pop@LuaState@LuaPlus@@QAEXXZ
?Print@LuaStateOutFile@LuaPlus@@UAAXPBDZZ
?Print@LuaStateOutputDebugStringFile@LuaPlus@@UAAXPBDZZ
?Push@LPCD@@YAXPAUlua_State@@AAVLuaObject@LuaPlus@@@Z
?Push@LPCD@@YAXPAUlua_State@@P6AHPAVLuaState@LuaPlus@@@Z@Z
?Push@LuaObject@LuaPlus@@QBE?AVLuaStackObject@2@XZ
?Push@LuaStackObject@LuaPlus@@QAEXXZ
?PushBoolean@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@_N@Z
?PushCClosure@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@P6AHPAUlua_State@@@ZH@Z
?PushCClosure@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@P6AHPAV12@@ZH@Z
?PushCFunction@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@P6AHPAUlua_State@@@Z@Z
?PushFString@LuaState@LuaPlus@@QAA?AVLuaStackObject@2@PBDZZ
?PushInteger@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@H@Z
?PushLString@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@PBDI@Z
?PushLWString@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@PBGI@Z
?PushLightUserData@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@PAX@Z
?PushNil@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@XZ
?PushNumber@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@N@Z
?PushString@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@PBD@Z
?PushThread@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@XZ
?PushVFString@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@PBDPAD@Z
?PushValue@LuaState@LuaPlus@@QAEXAAVLuaStackObject@2@@Z
?PushValue@LuaState@LuaPlus@@QAEXH@Z
?PushWString@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@PBG@Z
?RawEqual@LuaState@LuaPlus@@QAEHHH@Z
?RawGet@LuaState@LuaPlus@@QAEXH@Z
?RawGetByIndex@LuaObject@LuaPlus@@QAE?AV12@H@Z
?RawGetByName@LuaObject@LuaPlus@@QAE?AV12@PBD@Z
?RawGetByObject@LuaObject@LuaPlus@@QAE?AV12@ABV12@@Z
?RawGetByObject@LuaObject@LuaPlus@@QAE?AV12@ABVLuaStackObject@2@@Z
?RawGetI@LuaState@LuaPlus@@QAEXHH@Z
?RawSet@LuaState@LuaPlus@@QAEXH@Z
?RawSetBoolean@LuaObject@LuaPlus@@QAEAAV12@AAV12@_N@Z
?RawSetBoolean@LuaObject@LuaPlus@@QAEAAV12@H_N@Z
?RawSetBoolean@LuaObject@LuaPlus@@QAEAAV12@PBD_N@Z
?RawSetI@LuaState@LuaPlus@@QAEXHH@Z
?RawSetInteger@LuaObject@LuaPlus@@QAEAAV12@AAV12@H@Z
?RawSetInteger@LuaObject@LuaPlus@@QAEAAV12@HH@Z
?RawSetInteger@LuaObject@LuaPlus@@QAEAAV12@PBDH@Z
?RawSetLightUserData@LuaObject@LuaPlus@@QAEAAV12@AAV12@PAX@Z
?RawSetLightUserData@LuaObject@LuaPlus@@QAEAAV12@HPAX@Z
?RawSetLightUserData@LuaObject@LuaPlus@@QAEAAV12@PBDPAX@Z
?RawSetNil@LuaObject@LuaPlus@@QAEAAV12@AAV12@@Z
?RawSetNil@LuaObject@LuaPlus@@QAEAAV12@H@Z
?RawSetNil@LuaObject@LuaPlus@@QAEAAV12@PBD@Z
?RawSetNumber@LuaObject@LuaPlus@@QAEAAV12@AAV12@N@Z
?RawSetNumber@LuaObject@LuaPlus@@QAEAAV12@HN@Z
?RawSetNumber@LuaObject@LuaPlus@@QAEAAV12@PBDN@Z
?RawSetObject@LuaObject@LuaPlus@@QAEAAV12@AAV12@0@Z
?RawSetObject@LuaObject@LuaPlus@@QAEAAV12@HAAV12@@Z
?RawSetObject@LuaObject@LuaPlus@@QAEAAV12@PBDAAV12@@Z
?RawSetString@LuaObject@LuaPlus@@QAEAAV12@AAV12@PBDH@Z
?RawSetString@LuaObject@LuaPlus@@QAEAAV12@HPBDH@Z
?RawSetString@LuaObject@LuaPlus@@QAEAAV12@PBD0H@Z
?RawSetTableHelper@LuaObject@LuaPlus@@IAEAAV12@ABV12@PAUlua_TValue@@@Z
?RawSetTableHelper@LuaObject@LuaPlus@@IAEAAV12@HPAUlua_TValue@@@Z
?RawSetTableHelper@LuaObject@LuaPlus@@IAEAAV12@PBDPAUlua_TValue@@@Z
?RawSetTableHelper@LuaObject@LuaPlus@@IAEAAV12@PBUlua_TValue@@0@Z
?RawSetUserData@LuaObject@LuaPlus@@QAEAAV12@AAV12@PAX@Z
?RawSetUserData@LuaObject@LuaPlus@@QAEAAV12@HPAX@Z
?RawSetUserData@LuaObject@LuaPlus@@QAEAAV12@PBDPAX@Z
?RawSetWString@LuaObject@LuaPlus@@QAEAAV12@AAV12@PBGH@Z
?RawSetWString@LuaObject@LuaPlus@@QAEAAV12@HPBGH@Z
?RawSetWString@LuaObject@LuaPlus@@QAEAAV12@PBDPBGH@Z
?Ref@LuaStackObject@LuaPlus@@QAEHH@Z
?Ref@LuaState@LuaPlus@@QAEHH@Z
?Register@LuaObject@LuaPlus@@QAEXPBDP6AHPAUlua_State@@@ZH@Z
?Register@LuaObject@LuaPlus@@QAEXPBDP6AHPAVLuaState@2@@ZH@Z
?Register@LuaObject@LuaPlus@@QAEXPBDP6AHPAVLuaState@2@PAVLuaStackObject@2@@ZH@Z
?RegisterHelper@LuaObject@LuaPlus@@IAEXPBDP6AHPAUlua_State@@@ZHPBXIPAXI@Z
?Remove@LuaObject@LuaPlus@@QAEXH@Z
?Remove@LuaState@LuaPlus@@QAEXH@Z
?RemoveFromUsedList@LuaObject@LuaPlus@@AAEXXZ
?Replace@LuaState@LuaPlus@@QAEXH@Z
?Reset@LuaObject@LuaPlus@@QAEXXZ
?Reset@LuaStackTableIterator@LuaPlus@@QAEXXZ
?Reset@LuaTableIterator@LuaPlus@@QAEXXZ
?SetAllocF@LuaState@LuaPlus@@QAEXP6APAXPAX0IIPBDI@Z0@Z
?SetBoolean@LuaObject@LuaPlus@@QAEAAV12@AAV12@_N@Z
?SetBoolean@LuaObject@LuaPlus@@QAEAAV12@H_N@Z
?SetBoolean@LuaObject@LuaPlus@@QAEAAV12@PBD_N@Z
?SetBoolean@LuaStackObject@LuaPlus@@QAEXH_N@Z
?SetBoolean@LuaStackObject@LuaPlus@@QAEXPBD_N@Z
?SetFEnv@LuaState@LuaPlus@@QAEXH@Z
?SetHook@LuaState@LuaPlus@@QAEHP6AXPAUlua_State@@PAUlua_Debug@@@ZHH@Z
?SetInteger@LuaObject@LuaPlus@@QAEAAV12@AAV12@H@Z
?SetInteger@LuaObject@LuaPlus@@QAEAAV12@HH@Z
?SetInteger@LuaObject@LuaPlus@@QAEAAV12@PBDH@Z
?SetInteger@LuaStackObject@LuaPlus@@QAEXHH@Z
?SetInteger@LuaStackObject@LuaPlus@@QAEXPBDH@Z
?SetLightUserData@LuaObject@LuaPlus@@QAEAAV12@AAV12@PAX@Z
?SetLightUserData@LuaObject@LuaPlus@@QAEAAV12@HPAX@Z
?SetLightUserData@LuaObject@LuaPlus@@QAEAAV12@PBDPAX@Z
?SetLightUserData@LuaStackObject@LuaPlus@@QAEXHPAX@Z
?SetLightUserData@LuaStackObject@LuaPlus@@QAEXPBDPAX@Z
?SetLocal@LuaState@LuaPlus@@QAEPBDPBUlua_Debug@@H@Z
?SetMetaTable@LuaObject@LuaPlus@@QAEXABV12@@Z
?SetMetaTable@LuaStackObject@LuaPlus@@QAEXV12@@Z
?SetMetaTable@LuaStackObject@LuaPlus@@QAEXXZ
?SetMetaTable@LuaState@LuaPlus@@QAEXH@Z
?SetNil@LuaObject@LuaPlus@@QAEAAV12@AAV12@@Z
?SetNil@LuaObject@LuaPlus@@QAEAAV12@H@Z
?SetNil@LuaObject@LuaPlus@@QAEAAV12@PBD@Z
?SetNil@LuaStackObject@LuaPlus@@QAEXH@Z
?SetNil@LuaStackObject@LuaPlus@@QAEXPBD@Z
?SetNilValue@detail@LuaPlus@@YAXPAUlua_State@@PAUlua_TValue@@@Z
?SetNumber@LuaObject@LuaPlus@@QAEAAV12@AAV12@N@Z
?SetNumber@LuaObject@LuaPlus@@QAEAAV12@HN@Z
?SetNumber@LuaObject@LuaPlus@@QAEAAV12@PBDN@Z
?SetNumber@LuaStackObject@LuaPlus@@QAEXHN@Z
?SetNumber@LuaStackObject@LuaPlus@@QAEXPBDN@Z
?SetObject@LuaObject@LuaPlus@@QAEAAV12@AAV12@0@Z
?SetObject@LuaObject@LuaPlus@@QAEAAV12@HAAV12@@Z
?SetObject@LuaObject@LuaPlus@@QAEAAV12@PBDAAV12@@Z
?SetObject@LuaStackObject@LuaPlus@@QAEXHAAV12@@Z
?SetObject@LuaStackObject@LuaPlus@@QAEXPBDAAV12@@Z
?SetString@LuaObject@LuaPlus@@QAEAAV12@AAV12@PBDH@Z
?SetString@LuaObject@LuaPlus@@QAEAAV12@HPBDH@Z
?SetString@LuaObject@LuaPlus@@QAEAAV12@PBD0H@Z
?SetString@LuaStackObject@LuaPlus@@QAEXHPBD@Z
?SetString@LuaStackObject@LuaPlus@@QAEXPBD0@Z
?SetTable@LuaStackObject@LuaPlus@@QAEXXZ
?SetTable@LuaState@LuaPlus@@QAEXH@Z
?SetTableHelper@LuaObject@LuaPlus@@IAEAAV12@ABV12@PAUlua_TValue@@@Z
?SetTableHelper@LuaObject@LuaPlus@@IAEAAV12@HPAUlua_TValue@@@Z
?SetTableHelper@LuaObject@LuaPlus@@IAEAAV12@PBDPAUlua_TValue@@@Z
?SetTableHelper@LuaObject@LuaPlus@@IAEAAV12@PBUlua_TValue@@0@Z
?SetTop@LuaState@LuaPlus@@QAEXH@Z
?SetUserData@LuaObject@LuaPlus@@QAEAAV12@AAV12@PAX@Z
?SetUserData@LuaObject@LuaPlus@@QAEAAV12@HPAX@Z
?SetUserData@LuaObject@LuaPlus@@QAEAAV12@PBDPAX@Z
?SetUserData@LuaStackObject@LuaPlus@@QAEXHPAX@Z
?SetUserData@LuaStackObject@LuaPlus@@QAEXPBDPAX@Z
?SetUserData@LuaState@LuaPlus@@QAEXJ@Z
?SetWString@LuaObject@LuaPlus@@QAEAAV12@AAV12@PBGH@Z
?SetWString@LuaObject@LuaPlus@@QAEAAV12@HPBGH@Z
?SetWString@LuaObject@LuaPlus@@QAEAAV12@PBDPBGH@Z
?SetWString@LuaStackObject@LuaPlus@@QAEXHPBG@Z
?SetWString@LuaStackObject@LuaPlus@@QAEXPBDPBG@Z
?Sort@LuaObject@LuaPlus@@QAEXXZ
?Stack@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@H@Z
?StackTop@LuaState@LuaPlus@@QAE?AVLuaStackObject@2@XZ
?StrLen@LuaObject@LuaPlus@@QAEHXZ
?StrLen@LuaStackObject@LuaPlus@@QBEHXZ
?ToInteger@LuaObject@LuaPlus@@QAEHXZ
?ToNumber@LuaObject@LuaPlus@@QAENXZ
?ToStrLen@LuaObject@LuaPlus@@QAEIXZ
?ToString@LuaObject@LuaPlus@@QAEPBDXZ
?ToWString@LuaObject@LuaPlus@@QAEPBGXZ
?Type@LuaObject@LuaPlus@@QBEHXZ
?TypeError@LuaState@LuaPlus@@QAEHHPBD@Z
?TypeName@LuaObject@LuaPlus@@QBEPBDXZ
?UnBoxPointer@LuaState@LuaPlus@@QAEPAXH@Z
?Unref@LuaState@LuaPlus@@QAEXHH@Z
?Unregister@LuaObject@LuaPlus@@QAEXPBD@Z
?UpValueIndex@LuaState@LuaPlus@@QAEHH@Z
?WLoad@LuaState@LuaPlus@@QAEHP6APBDPAUlua_State@@PAXPAI@Z1PBD@Z
?Where@LuaState@LuaPlus@@QAEHH@Z
?XMove@LuaState@LuaPlus@@QAEXPAV12@H@Z
lp_wcscmp
lp_wcslen
luaL_addlstring
luaL_addlwstring
luaL_addstring
luaL_addvalue
luaL_addwstring
luaL_argerror
luaL_buffinit
luaL_callmeta
luaL_checkany
luaL_checkboolean
luaL_checkinteger
luaL_checklstring
luaL_checklwstring
luaL_checknumber
luaL_checkoption
luaL_checkstack
luaL_checktype
luaL_checkudata
luaL_error
luaL_findtable
luaL_getmetafield
luaL_gsub
luaL_loadbuffer
luaL_loadfile
luaL_loadstring
luaL_loadwbuffer
luaL_loadwstring
luaL_newmetatable
luaL_newstate
luaL_openlib

Sections

.text
Size: 357KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
native.bin
.sys windows:5 windows x86

c3096b741b78ce506708a9692a46316f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

ZwWriteFile
ZwReadFile
ZwClose
ZwCreateFile
RtlInitUnicodeString
ZwDeleteFile
NtDisplayString
ZwAdjustPrivilegesToken
ZwOpenProcessToken
ZwSetInformationFile
ZwQueryAttributesFile
ZwQueryInformationFile
swprintf
_chkstk
_allrem
_alldiv
NtTerminateProcess
memset

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 512B - Virtual size: 434B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 234B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
subinacl.exe
.exe windows:5 windows x86

2eaf7681cf60327cff49f2244e0aa8b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleOutputW
FormatMessageW
CloseHandle
GetLastError
GetCurrentProcess
GetCurrentThread
GetConsoleScreenBufferInfo
GetStdHandle
SetLastError
MultiByteToWideChar
WriteFile
WriteConsoleW
SetConsoleTextAttribute
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetFileInformationByHandle
CreateFileW
DeviceIoControl
GetCompressedFileSizeW
GetFileSizeEx
GetComputerNameW
WideCharToMultiByte
OpenProcess
GetFullPathNameW
FindClose
FindNextFileW
FindFirstFileW
ExitProcess
ExpandEnvironmentStringsW
GetCommandLineW
SetConsoleCtrlHandler
ReadFile
GetLargestConsoleWindowSize
GetModuleFileNameW
FreeLibrary
FileTimeToSystemTime
FileTimeToLocalFileTime
QueryDosDeviceW
ReadConsoleW
GetSystemTime
GetTickCount
SetConsoleActiveScreenBuffer
LocalFree
SystemTimeToFileTime
SetConsoleScreenBufferSize
CreateConsoleScreenBuffer
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

mfc42u

ord861
ord800
ord540
ord535
ord3658
ord823
ord538
ord2836
ord825
ord2910
ord858
ord5446
ord6390
ord2099
ord5436
ord6379
ord4199
ord5679
ord4273
ord6279
ord6278
ord5706
ord1863
ord5826
ord3722
ord542
ord802
ord5597
ord6563
ord3898
ord2036
ord5830
ord2440
ord537
ord2756
ord2755
ord2810
ord940
ord925
ord922
ord941
ord942
ord924
ord536
ord4197
ord927
ord4124
ord4272

msvcrt

malloc
wprintf
_getch
wcsstr
_wcsicmp
wcsncat
sprintf
wcschr
_wtoi
__RTDynamicCast
iswprint
printf
_c_exit
_exit
wcsncmp
swscanf
wcsrchr
towupper
_purecall
wcsncpy
wcscmp
fclose
_wfopen
_setmode
fread
fwrite
fseek
swprintf
free
__CxxFrameHandler
_CxxThrowException
_XcptFilter
_cexit
exit
__winitenv
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
wcscpy
wcslen
wcscat
_controlfp

msvcirt

??6ostream@@QAEAAV0@PBX@Z
?cout@@3Vostream_withassign@@A

msvcp60

?wcout@std@@3V?$basic_ostream@GU?$char_traits@G@std@@@1@A
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV12@XZ
??6std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@PBG@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@XZ
?open@?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAEXPBDH@Z
??_D?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAEXXZ
?close@?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAEXXZ
??1?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@UAE@XZ
?wcin@std@@3V?$basic_istream@GU?$char_traits@G@std@@@1@A
?getline@?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV12@PAGH@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ
??1_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?wcerr@std@@3V?$basic_ostream@GU?$char_traits@G@std@@@1@A
??5std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@PAG@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PBX@Z

advapi32

SetSecurityDescriptorGroup
RegGetKeySecurity
GetNamedSecurityInfoW
InitializeSecurityDescriptor
SetSecurityDescriptorSacl
SetSecurityDescriptorDacl
GetAclInformation
GetAce
InitializeAcl
AddAce
RegConnectRegistryW
SetNamedSecurityInfoW
SetSecurityInfo
EnumServicesStatusW
OpenServiceW
RegSetKeySecurity
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
MakeSelfRelativeSD
GetSecurityDescriptorLength
SetKernelObjectSecurity
QueryUsersOnEncryptedFile
QueryRecoveryAgentsOnEncryptedFile
FreeEncryptionCertificateHashList
ConvertSecurityDescriptorToStringSecurityDescriptorW
EqualSid
LookupPrivilegeValueW
AdjustTokenPrivileges
PrivilegeCheck
LookupAccountSidW
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
OpenThreadToken
OpenProcessToken
SetSecurityDescriptorOwner
GetSecurityInfo
AddAccessAllowedAce
InitializeSid
GetKernelObjectSecurity
GetSecurityDescriptorControl
CopySid
GetLengthSid
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
AccessCheck
MapGenericMask
DeleteAce
FreeSid
EqualPrefixSid
AllocateAndInitializeSid
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
IsValidSid
LookupAccountNameW
ConvertSidToStringSidW
RegEnumKeyExW
RegQueryInfoKeyW
OpenSCManagerW
LogonUserW
ConvertStringSecurityDescriptorToSecurityDescriptorW
LsaFreeMemory
LsaClose
LsaQueryInformationPolicy
LsaOpenPolicy

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

netapi32

NetShareSetInfo
NetApiBufferFree
NetWkstaGetInfo
NetGetAnyDCName
NetServerGetInfo
NetUserModalsGet

mpr

WNetOpenEnumW
WNetEnumResourceW
WNetCloseEnum

winspool.drv

ClosePrinter
EnumPrintersW
GetPrinterW
OpenPrinterW
SetPrinterW

clusapi

CloseCluster
CloseClusterResource
ClusterCloseEnum
ClusterResourceControl
OpenClusterResource
ClusterEnum
ClusterOpenEnum
OpenCluster

ole32

CoInitialize
CoCreateInstanceEx

user32

wsprintfW

samlib

SamSetSecurityObject
SamLookupNamesInDomain
SamOpenUser
SamOpenAlias
SamOpenGroup
SamOpenDomain
SamCloseHandle
SamEnumerateGroupsInDomain
SamEnumerateUsersInDomain
SamEnumerateAliasesInDomain
SamFreeMemory
SamConnect
SamQuerySecurityObject

ntdll

RtlInitUnicodeString
RtlNtStatusToDosError

shell32

CommandLineToArgvW

Sections

.text
Size: 274KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
vcl.dll
.dll windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

luaopen_vcl

Sections

UPX0
Size: - Virtual size: 828KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 432KB - Virtual size: 436KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
wywz.dat
wywz.dll
wyzl.dll
.dll windows:5 windows x86

ee68c389d44dc0aa49950679a8c08de7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

shlwapi

PathStripToRootA
PathIsUNCA
SHDeleteKeyA
PathFindExtensionA
PathFindFileNameA

eraser

eraserErrorStringCount
eraserFailedCount
eraserTerminated
eraserRemoveFolder
eraserStart
eraserSetWindowMessage
eraserSetWindow
eraserAddItem
MyDeleteFile
eraserSetDataType
eraserCreateContextEx
convEraseMethod
eraserIsValidContext
eraserShowReport
eraserProgGetMessage
eraserProgGetCurrentDataString
eraserProgGetTimeLeft
eraserProgGetPasses
eraserProgGetCurrentPass
eraserProgGetTotalPercent
eraserProgGetPercent
eraserInit
eraserEnd
SetForceDelete
DeleteX
WipeIndexFile
eraserDispFlags
eraserDestroyContext

lua5.1

luaL_optinteger
lua_pushboolean
lua_pushnil
lua_settop
lua_gettable
lua_pushstring
luaL_checknumber
lua_pushnumber
lua_tolstring
luaL_checklstring
luaL_openlib
lua_rawset
lua_createtable
lua_settable
lua_isnumber
luaL_optnumber
lua_pushlstring
luaL_optlstring
lua_next
lua_type

kernel32

SetEndOfFile
GetFileSize
GetModuleFileNameW
InterlockedDecrement
lstrcmpW
CompareStringA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
FreeResource
FileTimeToLocalFileTime
InterlockedExchange
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
UnlockFile
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
SetErrorMode
GetModuleHandleW
InterlockedIncrement
GlobalFlags
GetFileSizeEx
GetFileTime
GetCPInfo
GetOEMCP
RtlUnwind
ExitThread
CreateThread
GetCommandLineA
RaiseException
HeapReAlloc
ExitProcess
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsValidCodePage
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapCreate
HeapDestroy
GetStdHandle
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
LockFile
FlushFileBuffers
SetFilePointer
lstrcmpA
GlobalGetAtomNameA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
lstrlenA
SetLastError
LoadLibraryExA
SetFileAttributesA
RemoveDirectoryA
DeleteFileA
MoveFileExA
CreateToolhelp32Snapshot
Process32Next
DeviceIoControl
GetVolumeInformationA
WritePrivateProfileSectionA
GetPrivateProfileSectionA
GetFullPathNameA
FileTimeToSystemTime
GetWindowsDirectoryA
lstrcmpiA
Sleep
SetCurrentDirectoryA
GetCurrentThreadId
GetExitCodeProcess
TerminateProcess
WaitForMultipleObjects
WriteFile
ReadFile
CreateFileA
GetTempPathA
GetTempFileNameA
CreateProcessA
ReleaseSemaphore
OpenSemaphoreA
CreateSemaphoreA
ReleaseMutex
OpenMutexA
CreateMutexA
SetEvent
ResetEvent
PulseEvent
OpenEventA
CreateEventA
WinExec
Beep
GetCurrentThread
WaitForSingleObject
VirtualAlloc
VirtualFree
ResumeThread
GetCurrentProcessId
CloseHandle
DuplicateHandle
OpenProcess
GetModuleHandleA
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
GetPrivateProfileIntA
GetSystemDefaultLangID
GetLogicalDrives
GetDriveTypeA
CreateDirectoryA
GetPrivateProfileStringA
GetModuleFileNameA
WritePrivateProfileStringA
GetCurrentProcess
GetLastError
GetProcessHeap
HeapAlloc
HeapFree
GetTickCount
FindFirstFileW
FindNextFileW
GetCurrentDirectoryA
FindFirstFileA
FindNextFileA
FindClose
FindResourceA
LoadResource
LockResource
SizeofResource
GetACP
WideCharToMultiByte
GetShortPathNameA
GetFileAttributesW
GetFileAttributesA
MultiByteToWideChar
MoveFileW
LocalAlloc

user32

DestroyMenu
LoadCursorA
GetSysColorBrush
UnregisterClassA
SetCursor
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
IsWindowEnabled
ShowWindow
SetWindowTextA
IsDialogMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
SetMenu
IsWindowVisible
UpdateWindow
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetParent
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
GetWindowLongA
SetWindowLongA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
UnhookWindowsHookEx
CharUpperA
GetSystemMetrics
GetSysColor
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDesktopWindow
RegisterWindowMessageA
SetWindowPos
ReplyMessage
PostThreadMessageA
RegisterHotKey
GetMessageA
CloseClipboard
EmptyClipboard
OpenClipboard
wsprintfA
GetWindowThreadProcessId
GetWindowTextA
BringWindowToTop
SetForegroundWindow
PostMessageA
EnableWindow
FindWindowA
KillTimer
GetWindow
PostQuitMessage
PeekMessageA
DispatchMessageA
TranslateMessage
IsWindow
GetClientRect
SendMessageA

gdi32

GetClipBox
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetStockObject
CreateBitmap
SetMapMode
GetDeviceCaps
GetObjectA
GetTextExtentPoint32A
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
DeleteDC

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueA
RegOpenKeyA
OpenEventLogA
ClearEventLogA
CloseEventLog
StartServiceA
DeleteService
ControlService
QueryServiceConfigA
QueryServiceStatus
CloseServiceHandle
OpenServiceA
OpenSCManagerA
CheckTokenMembership
GetUserNameA
LookupPrivilegeValueA
AdjustTokenPrivileges
IsValidSid
LookupAccountSidA
OpenThreadToken
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA
RegFlushKey
RegQueryValueExA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegSetKeySecurity
RegQueryInfoKeyA
RegEnumKeyA
AllocateAndInitializeSid
InitializeAcl
AddAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
RegOpenKeyExA
RegGetKeySecurity
RegCloseKey
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
OpenProcessToken
GetTokenInformation
GetLengthSid
CopySid

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
SHChangeNotify
ShellExecuteExA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantInit
VariantChangeType
VariantClear

wininet

FindNextUrlCacheEntryA
DeleteUrlCacheEntry
FindFirstUrlCacheGroup
FindNextUrlCacheGroup
DeleteUrlCacheGroup
FindFirstUrlCacheEntryA

Exports

Exports

AddActionItem
DoErase
DoPlugErase
EmptyDirectory
EmptyEraseList
GetItemType
GetWSID
InitErase
InsertEraseList
IsKeyInfo
IsLoaded
ParseFile
PlugReset
SaveFile
UnInitErase
WipeIndexFile2
luaopen_wyzl

Sections

.text
Size: 290KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5a732d3c1a351c82ee5651fc954314c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 455KB - Virtual size: 454KB

.rdata Size: 125KB - Virtual size: 125KB

.data Size: 19KB - Virtual size: 35KB

.rsrc Size: 27KB - Virtual size: 26KB

.reloc Size: 48KB - Virtual size: 47KB

e0ea2e2a2809d8a1c7339c9f3b7b2ff1

Headers

File Characteristics

Imports

eraser

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 185KB - Virtual size: 184KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 9KB - Virtual size: 23KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 31KB - Virtual size: 30KB

81127eb082960a7ab72cfdce62ea1931

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

oledlg

ole32

oleaut32

shlwapi

Sections

.text Size: 328KB - Virtual size: 327KB

.rdata Size: 79KB - Virtual size: 79KB

.data Size: 11KB - Virtual size: 26KB

.rsrc Size: 22KB - Virtual size: 21KB

b90998a81b1fc71023857778f2f35a1f

Headers

DLL Characteristics

File Characteristics

Imports

eraser

lua5.1

kernel32

user32

gdi32

comdlg32

.text
Size: 455KB - Virtual size: 454KB

.rdata
Size: 125KB - Virtual size: 125KB

.data
Size: 19KB - Virtual size: 35KB

.rsrc
Size: 27KB - Virtual size: 26KB

.reloc
Size: 48KB - Virtual size: 47KB

.text
Size: 185KB - Virtual size: 184KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 9KB - Virtual size: 23KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 31KB - Virtual size: 30KB

.text
Size: 328KB - Virtual size: 327KB

.rdata
Size: 79KB - Virtual size: 79KB

.data
Size: 11KB - Virtual size: 26KB

.rsrc
Size: 22KB - Virtual size: 21KB

.text
Size: 395KB - Virtual size: 395KB

.rdata
Size: 144KB - Virtual size: 144KB

.data
Size: 11KB - Virtual size: 87KB

.rsrc
Size: 257KB - Virtual size: 257KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 12KB - Virtual size: 24KB

.share
Size: 4KB - Virtual size: 4B

.rsrc
Size: 60KB - Virtual size: 59KB

.reloc
Size: 28KB - Virtual size: 25KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 512B - Virtual size: 270B

.data
Size: 512B - Virtual size: 32B

INIT
Size: 1024B - Virtual size: 984B

.rsrc
Size: 1024B - Virtual size: 936B

.SuCop0
Size: 512B - Virtual size: 314B

.SuCop1
Size: 15KB - Virtual size: 15KB

.reloc
Size: 512B - Virtual size: 172B

.text
Size: 357KB - Virtual size: 356KB

.rdata
Size: 110KB - Virtual size: 109KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 14KB - Virtual size: 13KB