Static task
static1
Behavioral task
behavioral1
Sample
1191940d6bfccaeecc554be490a3e8bedc202e97a48f015721e3f333f165f02b.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral2
Sample
1191940d6bfccaeecc554be490a3e8bedc202e97a48f015721e3f333f165f02b.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
General
-
Target
1191940d6bfccaeecc554be490a3e8bedc202e97a48f015721e3f333f165f02b
-
Size
235KB
-
MD5
13bc0d7f0d4a9b33c726a4bef1642017
-
SHA1
c078eefcb2efbe7f6038972744da873bb8286282
-
SHA256
1191940d6bfccaeecc554be490a3e8bedc202e97a48f015721e3f333f165f02b
-
SHA512
086d828903f68663c59a4256aa6049e02ea1af8374eda4bb4633a4fc466bc9ac0cafdb939ae9dea5b18350d3afc5b1d0d8666ecfc7043cccddc0ab867b90fdda
-
SSDEEP
3072:+K2FRsfrS8Ywp3GKJ7hDDgRvDTX8QSCBSsqYau7j7/X4hT245wmk9vH2v76d7SWc:l1TSG/XOgCdau7ohT24Omxc7SjWG
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1191940d6bfccaeecc554be490a3e8bedc202e97a48f015721e3f333f165f02b
Files
-
1191940d6bfccaeecc554be490a3e8bedc202e97a48f015721e3f333f165f02b.exe windows:5 windows x86 arch:x86
668fc9893277bcf73c5f63175b9eacff
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
rtl120.bpl
@System@initialization$qqrv
@System@Finalization$qqrv
@System@LoadResString$qqrp20System@TResStringRec
@System@FreeMemory$qpv
@System@GetMemory$qi
@System@@IntfClear$qqrr45System@%DelphiInterface$t17System@IInterface%
@System@RegisterModule$qqrp17System@TLibModule
@System@@DynArrayAddRef$qqrv
@System@@DynArrayAsg$qqrv
@System@@DynArrayClear$qqrrpvpv
@System@@DynArraySetLength$qqrv
@System@@DynArrayLength$qqrv
@System@@FinalizeArray$qqrpvt1ui
@System@@FinalizeRecord$qqrpvt1
@System@@InitializeRecord$qqrpvt1
@System@Pos$qqrx20System@UnicodeStringt1
@System@@UniqueStringU$qqrr20System@UnicodeString
@System@@UStrDelete$qqrr20System@UnicodeStringii
@System@@UStrCopy$qqrx20System@UnicodeStringii
@System@@UStrEqual$qqrv
@System@@UStrCatN$qqrv
@System@@UStrCat3$qqrr20System@UnicodeStringx20System@UnicodeStringt2
@System@@UStrCat$qqrr20System@UnicodeStringx20System@UnicodeString
@System@@UStrSetLength$qqrr20System@UnicodeStringi
@System@@UStrLen$qqrx20System@UnicodeString
@System@@WStrFromUStr$qqrr17System@WideStringx20System@UnicodeString
@System@@UStrFromWStr$qqrr20System@UnicodeStringx17System@WideString
@System@@LStrFromUStr$qqrr27System@%AnsiStringT$us$i0$%x20System@UnicodeStringus
@System@@UStrFromLStr$qqrr20System@UnicodeStringx27System@%AnsiStringT$us$i0$%
@System@@UStrFromWArray$qqrr20System@UnicodeStringpbi
@System@@UStrFromPWChar$qqrr20System@UnicodeStringpb
@System@@UStrFromWChar$qqrr20System@UnicodeStringb
@System@@UStrFromPWCharLen$qqrr20System@UnicodeStringpbi
@System@@UStrToPWChar$qqrx20System@UnicodeString
@System@@UStrLAsg$qqrr20System@UnicodeStringx20System@UnicodeString
@System@@UStrAsg$qqrr20System@UnicodeStringx20System@UnicodeString
@System@@UStrArrayClr$qqrpvi
@System@@UStrClr$qqrpv
@System@@UStrAddRef$qqrpv
@System@@WStrCat3$qqrr17System@WideStringx17System@WideStringt2
@System@@WStrToPWChar$qqrx17System@WideString
@System@@WStrClr$qqrpv
@System@@LStrToPChar$qqrx27System@%AnsiStringT$us$i0$%
@System@@LStrFromPWChar$qqrr27System@%AnsiStringT$us$i0$%pbus
@System@@EnsureUnicodeString$qqrr20System@UnicodeString
@System@@LStrClr$qqrpv
@System@@Halt0$qqrv
@System@@InitResStringImports$qqrv
@System@@StartExe$qqrp23System@PackageInfoTablep17System@TLibModule
@System@@TryFinallyExit$qqrv
@System@@DoneExcept$qqrv
@System@@RaiseAgain$qqrv
@System@@RaiseExcept$qqrv
@System@@HandleFinally$qqrv
@System@@HandleOnException$qqrv
@System@@HandleAnyException$qqrv
@System@@BeforeDestruction$qqrp14System@TObjectzc
@System@@AfterConstruction$qqrp14System@TObject
@System@@ClassDestroy$qqrp14System@TObject
@System@@ClassCreate$qqrp17System@TMetaClasso
@System@TObject@Dispatch$qqrpv
@System@TObject@BeforeDestruction$qqrv
@System@TObject@AfterConstruction$qqrv
@System@TObject@DefaultHandler$qqrpv
@System@TObject@ToString$qqrv
@System@TObject@SafeCallException$qqrp14System@TObjectpv
@System@TObject@InheritsFrom$qqrp17System@TMetaClass
@System@@CallDynaInst$qqrv
@System@@IsClass$qqrp14System@TObjectp17System@TMetaClass
@System@TObject@GetHashCode$qqrv
@System@TObject@Equals$qqrp14System@TObject
@System@TObject@Free$qqrv
@System@TObject@$bdtr$qqrv
@System@TObject@$bctr$qqrv
@System@TObject@FreeInstance$qqrv
@System@TObject@NewInstance$qqrv
@System@@FillChar$qqrpvib
@System@@AbstractError$qqrv
@System@ParamStr$qqri
@System@Move$qqrpxvpvi
@System@@ReallocMem$qqrrpvi
@System@@FreeMem$qqrpv
@System@@GetMem$qqri
@System@AllocMem$qqrui
@System@TObject@
@$xp$17System@WideString
@$xp$13System@string
@$xp$8Cardinal
@$xp$7Integer
@$xp$7Boolean
@Sysutils@initialization$qqrv
@Sysutils@Finalization$qqrv
@Sysutils@TEncoding@GetUTF8$qqrv
@Sysutils@TEncoding@GetUnicode$qqrv
@Sysutils@GetEnvironmentVariable$qqrx20System@UnicodeString
@Sysutils@FreeAndNil$qqrpv
@Sysutils@RaiseLastOSError$qqrv
@Sysutils@GetModuleName$qqrui
@Sysutils@FindCmdLineSwitch$qqrx20System@UnicodeStringrx29System@%Set$tc$iuc$0$iuc$255%o
@Sysutils@StringReplace$qqrx20System@UnicodeStringt1t149System@%Set$t21Sysutils@Sysutils__15$iuc$0$iuc$1%
@Sysutils@GetLocaleFormatSettings$qqrir24Sysutils@TFormatSettings
@Sysutils@AnsiPos$qqrx20System@UnicodeStringt1
@Sysutils@IncludeTrailingPathDelimiter$qqrx20System@UnicodeString
@Sysutils@IncludeTrailingBackslash$qqrx20System@UnicodeString
@Sysutils@Exception@$bctr$qqrx20System@UnicodeString
@Sysutils@SysErrorMessage$qqrui
@Sysutils@StrToDateTime$qqrx20System@UnicodeStringrx24Sysutils@TFormatSettings
@Sysutils@FormatDateTime$qqrx20System@UnicodeString16System@TDateTime
@Sysutils@Now$qqrv
@Sysutils@Format$qqrx20System@UnicodeStringpx14System@TVarRecxi
@Sysutils@StrPas$qqrpxb
@Sysutils@StrPLCopy$qqrpbx20System@UnicodeStringui
@Sysutils@StrECopy$qqrpbpxb
@Sysutils@StrCopy$qqrpbpxb
@Sysutils@ExpandFileName$qqrx20System@UnicodeString
@Sysutils@ExtractFileExt$qqrx20System@UnicodeString
@Sysutils@ExtractFileName$qqrx20System@UnicodeString
@Sysutils@ExtractFileDir$qqrx20System@UnicodeString
@Sysutils@ExtractFilePath$qqrx20System@UnicodeString
@Sysutils@ChangeFileExt$qqrx20System@UnicodeStringt1
@Sysutils@RenameFile$qqrx20System@UnicodeStringt1
@Sysutils@DeleteFile$qqrx20System@UnicodeString
@Sysutils@FileSetAttr$qqrx20System@UnicodeStringi
@Sysutils@FileGetAttr$qqrx20System@UnicodeString
@Sysutils@ForceDirectories$qqr20System@UnicodeString
@Sysutils@DirectoryExists$qqrx20System@UnicodeString
@Sysutils@FileExists$qqrx20System@UnicodeString
@Sysutils@StrToIntDef$qqrx20System@UnicodeStringi
@Sysutils@IntToHex$qqrji
@Sysutils@IntToHex$qqrii
@Sysutils@IntToStr$qqrj
@Sysutils@UIntToStr$qqrui
@Sysutils@IntToStr$qqri
@Sysutils@Trim$qqrx20System@UnicodeString
@Sysutils@AnsiCompareText$qqrx20System@UnicodeStringt1
@Sysutils@AnsiUpperCase$qqrx20System@UnicodeString
@Sysutils@SameText$qqrx20System@UnicodeStringt1
@Sysutils@CompareMem$qqrpvt1i
@Sysutils@UpperCase$qqrx20System@UnicodeString
@Sysutils@AddExitProc$qqrpqqrv$v
@Sysutils@GUIDToString$qqrrx5_GUID
@Sysutils@CreateGUID$qqsr5_GUID
@$xp$24Sysutils@TFormatSettings
@Sysutils@TwoDigitYearCenturyWindow
@Sysutils@Win32MinorVersion
@Sysutils@Win32MajorVersion
@Sysutils@EConvertError@
@Sysutils@Exception@
@$xp$15Sysutils@TBytes
@Registry@initialization$qqrv
@Registry@Finalization$qqrv
@Registry@TRegistry@ValueExists$qqrx20System@UnicodeString
@Registry@TRegistry@GetDataAsString$qqrx20System@UnicodeStringo
@Registry@TRegistry@WriteString$qqrx20System@UnicodeStringt1
@Registry@TRegistry@OpenKeyReadOnly$qqrx20System@UnicodeString
@Registry@TRegistry@OpenKey$qqrx20System@UnicodeStringo
@Registry@TRegistry@SetRootKey$qqrp6HKEY__
@Registry@TRegistry@CloseKey$qqrv
@Registry@TRegistry@$bctr$qqrv
@Registry@TRegistry@
@Inifiles@initialization$qqrv
@Inifiles@Finalization$qqrv
@Inifiles@TMemIniFile@ReadString$qqrx20System@UnicodeStringt1t1
@Inifiles@TMemIniFile@ReadSectionValues$qqrx20System@UnicodeStringp16Classes@TStrings
@Inifiles@TMemIniFile@ReadSections$qqrp16Classes@TStrings
@Inifiles@TMemIniFile@ReadSection$qqrx20System@UnicodeStringp16Classes@TStrings
@Inifiles@TMemIniFile@GetStrings$qqrp16Classes@TStrings
@Inifiles@TMemIniFile@GetCaseSensitive$qqrv
@Inifiles@TMemIniFile@EraseSection$qqrx20System@UnicodeString
@Inifiles@TMemIniFile@Clear$qqrv
@Inifiles@TMemIniFile@$bdtr$qqrv
@Inifiles@TMemIniFile@$bctr$qqrx20System@UnicodeString
@Inifiles@THashedStringList@IndexOfName$qqrx20System@UnicodeString
@Inifiles@THashedStringList@IndexOf$qqrx20System@UnicodeString
@Inifiles@THashedStringList@$bdtr$qqrv
@Inifiles@THashedStringList@Changed$qqrv
@Inifiles@TStringHash@Remove$qqrx20System@UnicodeString
@Inifiles@TStringHash@Add$qqrx20System@UnicodeStringi
@Inifiles@TCustomIniFile@ReadSections$qqrx20System@UnicodeStringp16Classes@TStrings
@Inifiles@TCustomIniFile@WriteBinaryStream$qqrx20System@UnicodeStringt1p15Classes@TStream
@Inifiles@TCustomIniFile@ReadBinaryStream$qqrx20System@UnicodeStringt1p15Classes@TStream
@Inifiles@TCustomIniFile@ValueExists$qqrx20System@UnicodeStringt1
@Inifiles@TCustomIniFile@WriteTime$qqrx20System@UnicodeStringt116System@TDateTime
@Inifiles@TCustomIniFile@WriteFloat$qqrx20System@UnicodeStringt1d
@Inifiles@TCustomIniFile@WriteDate$qqrx20System@UnicodeStringt116System@TDateTime
@Inifiles@TCustomIniFile@ReadTime$qqrx20System@UnicodeStringt116System@TDateTime
@Inifiles@TCustomIniFile@ReadFloat$qqrx20System@UnicodeStringt1d
@Inifiles@TCustomIniFile@ReadDate$qqrx20System@UnicodeStringt116System@TDateTime
@Inifiles@TCustomIniFile@ReadBool$qqrx20System@UnicodeStringt1o
@Inifiles@TCustomIniFile@WriteInteger$qqrx20System@UnicodeStringt1i
@Inifiles@TCustomIniFile@ReadInteger$qqrx20System@UnicodeStringt1i
@Inifiles@TMemIniFile@
@$xp$26Inifiles@THashedStringList
@Inifiles@THashedStringList@
@Classes@initialization$qqrv
@Classes@Finalization$qqrv
@Classes@TDataModule@ReadState$qqrp15Classes@TReader
@Classes@TDataModule@DefineProperties$qqrp14Classes@TFiler
@Classes@TDataModule@DoDestroy$qqrv
@Classes@TDataModule@DoCreate$qqrv
@Classes@TDataModule@$bdtr$qqrv
@Classes@TDataModule@BeforeDestruction$qqrv
@Classes@TDataModule@$bctr$qqrp18Classes@TComponenti
@Classes@TDataModule@AfterConstruction$qqrv
@Classes@TDataModule@$bctr$qqrp18Classes@TComponent
@Classes@TComponent@QueryInterface$qqsrx5_GUIDpv
@Classes@TComponent@UpdateRegistry$qqrox20System@UnicodeStringt2
@Classes@TComponent@SafeCallException$qqrp14System@TObjectpv
@Classes@TComponent@GetComponentCount$qqrv
@Classes@TComponent@GetComponent$qqri
@Classes@TComponent@SetName$qqrx20System@UnicodeString
@Classes@TComponent@ValidateRename$qqrp18Classes@TComponentx20System@UnicodeStringt2
@Classes@TComponent@WriteState$qqrp15Classes@TWriter
@Classes@TComponent@ReadState$qqrp15Classes@TReader
@Classes@TComponent@Loaded$qqrv
@Classes@TComponent@DefineProperties$qqrp14Classes@TFiler
@Classes@TComponent@Notification$qqrp18Classes@TComponent18Classes@TOperation
@Classes@TComponent@Destroying$qqrv
@Classes@TComponent@DestroyComponents$qqrv
@Classes@TComponent@BeforeDestruction$qqrv
@Classes@TComponent@$bdtr$qqrv
@Classes@TComponent@$bctr$qqrp18Classes@TComponent
@Classes@TThread@WaitFor$qqrv
@Classes@TThread@Terminate$qqrv
@Classes@TThread@Resume$qqrv
@Classes@TThread@Suspend$qqrv
@Classes@TThread@DoTerminate$qqrv
@Classes@TThread@AfterConstruction$qqrv
@Classes@TThread@$bdtr$qqrv
@Classes@TThread@$bctr$qqro
@Classes@TStringList@SetCaseSensitive$qqrxo
@Classes@TStringList@$bctr$qqrv
@Classes@TStringList@CompareStrings$qqrx20System@UnicodeStringt1
@Classes@TStringList@CustomSort$qqrpqqrp19Classes@TStringListii$i
@Classes@TStringList@Sort$qqrv
@Classes@TStringList@SetUpdateState$qqro
@Classes@TStringList@SetCapacity$qqri
@Classes@TStringList@PutObject$qqrip14System@TObject
@Classes@TStringList@Put$qqrix20System@UnicodeString
@Classes@TStringList@InsertItem$qqrix20System@UnicodeStringp14System@TObject
@Classes@TStringList@InsertObject$qqrix20System@UnicodeStringp14System@TObject
@Classes@TStringList@Insert$qqrix20System@UnicodeString
@Classes@TStringList@GetObject$qqri
@Classes@TStringList@GetCount$qqrv
@Classes@TStringList@GetCapacity$qqrv
@Classes@TStringList@Get$qqri
@Classes@TStringList@Find$qqrx20System@UnicodeStringri
@Classes@TStringList@Exchange$qqrii
@Classes@TStringList@Delete$qqri
@Classes@TStringList@Clear$qqrv
@Classes@TStringList@Changing$qqrv
@Classes@TStringList@AddObject$qqrx20System@UnicodeStringp14System@TObject
@Classes@TStringList@Add$qqrx20System@UnicodeString
@Classes@TStrings@GetNameValueSeparator$qqrv
@Classes@TStrings@SetTextStr$qqrx20System@UnicodeString
@Classes@TStrings@SetText$qqrpb
@Classes@TStrings@SaveToStream$qqrp15Classes@TStreamp18Sysutils@TEncoding
@Classes@TStrings@SaveToStream$qqrp15Classes@TStream
@Classes@TStrings@SaveToFile$qqrx20System@UnicodeStringp18Sysutils@TEncoding
@Classes@TStrings@SaveToFile$qqrx20System@UnicodeString
@Classes@TStrings@Move$qqrii
@Classes@TStrings@LoadFromStream$qqrp15Classes@TStreamp18Sysutils@TEncoding
@Classes@TStrings@LoadFromStream$qqrp15Classes@TStream
@Classes@TStrings@LoadFromFile$qqrx20System@UnicodeStringp18Sysutils@TEncoding
@Classes@TStrings@LoadFromFile$qqrx20System@UnicodeString
@Classes@TStrings@IndexOfObject$qqrp14System@TObject
@Classes@TStrings@GetTextStr$qqrv
@Classes@TStrings@GetText$qqrv
@Classes@TStrings@GetEnumerator$qqrv
@Classes@TStrings@DefineProperties$qqrp14Classes@TFiler
@Classes@TStrings@Assign$qqrp19Classes@TPersistent
@Classes@TStrings@AddStrings$qqrp16Classes@TStrings
@Classes@TStringsEnumerator@MoveNext$qqrv
@Classes@TStringsEnumerator@GetCurrent$qqrv
@Classes@TCollection@Notify$qqrp23Classes@TCollectionItem31Classes@TCollectionNotification
@Classes@TCollection@Deleting$qqrp23Classes@TCollectionItem
@Classes@TCollection@Added$qqrrp23Classes@TCollectionItem
@Classes@TCollection@Update$qqrp23Classes@TCollectionItem
@Classes@TCollection@SetItemName$qqrp23Classes@TCollectionItem
@Classes@TCollection@GetItem$qqri
@Classes@TCollection@GetCount$qqrv
@Classes@TCollection@EndUpdate$qqrv
@Classes@TCollection@BeginUpdate$qqrv
@Classes@TCollection@Assign$qqrp19Classes@TPersistent
@Classes@TCollection@$bdtr$qqrv
@Classes@TCollection@$bctr$qqrp17System@TMetaClass
@Classes@TCollectionItem@SetIndex$qqri
@Classes@TCollectionItem@SetDisplayName$qqrx20System@UnicodeString
@Classes@TCollectionItem@SetCollection$qqrp19Classes@TCollection
@Classes@TCollectionItem@GetDisplayName$qqrv
@Classes@TCollectionItem@$bdtr$qqrv
@Classes@TCollectionItem@$bctr$qqrp19Classes@TCollection
@Classes@TPersistent@DefineProperties$qqrp14Classes@TFiler
@Classes@TPersistent@AssignTo$qqrp19Classes@TPersistent
@Classes@TPersistent@Assign$qqrp19Classes@TPersistent
@$xp$19Classes@TDataModule
@Classes@TDataModule@
@$xp$18Classes@TComponent
@Classes@TComponent@
@Classes@TThread@
@Classes@TStringList@
@$xp$19Classes@TCollection
@Classes@TCollection@
@$xp$23Classes@TCollectionItem
@Classes@TCollectionItem@
@Typinfo@initialization$qqrv
@Typinfo@Finalization$qqrv
@Typinfo@GetEnumName$qqrp17Typinfo@TTypeInfoi
@Variants@initialization$qqrv
@Variants@Finalization$qqrv
@Varutils@initialization$qqrv
@Varutils@Finalization$qqrv
@Syncobjs@initialization$qqrv
@Syncobjs@Finalization$qqrv
@Uxtheme@initialization$qqrv
@Uxtheme@Finalization$qqrv
@Multimon@initialization$qqrv
@Multimon@Finalization$qqrv
@Dwmapi@initialization$qqrv
@Dwmapi@Finalization$qqrv
@Helpintfs@initialization$qqrv
@Helpintfs@Finalization$qqrv
@Mapi@initialization$qqrv
@Mapi@Finalization$qqrv
@Flatsb@initialization$qqrv
@Flatsb@Finalization$qqrv
kernel32
GetModuleHandleW
lstrcmpiW
WriteFile
WinExec
WaitForSingleObject
TerminateProcess
Sleep
SetLastError
OutputDebugStringW
OpenProcess
MoveFileExW
LoadLibraryW
GetWindowsDirectoryW
GetVersionExW
GetTickCount
GetTempPathW
GetSystemDirectoryW
GetShortPathNameW
GetProcAddress
GetModuleHandleW
GetLastError
GetCurrentProcessId
GetCurrentProcess
FreeLibrary
CreateProcessW
CreateFileW
CloseHandle
Sleep
GetProcAddress
LoadLibraryA
GetModuleHandleA
ProcessIdToSessionId
madexcept_.bpl
@Madexcept@initialization$qqrv
@Madexcept@Finalization$qqrv
@Madexcept@HookThreads$qqrv
@Madexcept@RegisterExceptionHandler$qqrpqqrx50System@%DelphiInterface$t22Madexcept@IMEException%ro$v19Madexcept@TSyncType22Madexcept@TExceptPhase
@Madmapfile@initialization$qqrv
@Madmapfile@Finalization$qqrv
@Madstacktrace@initialization$qqrv
@Madstacktrace@Finalization$qqrv
@Madlinkdisasm@initialization$qqrv
@Madlinkdisasm@Finalization$qqrv
@Madlisthardware@initialization$qqrv
@Madlisthardware@Finalization$qqrv
@Madlistprocesses@initialization$qqrv
@Madlistprocesses@Finalization$qqrv
@Madlistmodules@initialization$qqrv
@Madlistmodules@Finalization$qqrv
user32
ShowOwnedPopups
PostThreadMessageW
PostMessageW
PeekMessageW
GetMessageW
DispatchMessageW
version
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
advapi32
ReportEventW
RegisterEventSourceW
OpenProcessToken
LookupAccountSidW
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
DuplicateTokenEx
DeregisterEventSource
CreateProcessAsUserW
StartServiceW
StartServiceCtrlDispatcherW
SetServiceStatus
QueryServiceStatus
OpenServiceW
OpenSCManagerW
DeleteService
CreateServiceW
ControlService
CloseServiceHandle
madbasic_.bpl
@Madstrings@initialization$qqrv
@Madstrings@Finalization$qqrv
@Madtools@initialization$qqrv
@Madtools@Finalization$qqrv
maddisasm_.bpl
@Maddisasm@initialization$qqrv
@Maddisasm@Finalization$qqrv
shell32
ShellExecuteW
SHGetSpecialFolderPathW
vcl120.bpl
@Graphics@initialization$qqrv
@Graphics@Finalization$qqrv
@Consts@_SServiceUninstallFailed
@Consts@_SServiceUninstallOK
@Consts@_SServiceInstallFailed
@Consts@_SServiceInstallOK
@Consts@_SCustomError
@Consts@_SShutdown
@Consts@_SInterrogate
@Consts@_SContinue
@Consts@_SPause
@Consts@_SStop
@Consts@_SStart
@Consts@_SExecute
@Consts@_SServiceFailed
@Extctrls@initialization$qqrv
@Extctrls@Finalization$qqrv
@Extctrls@TTimer@SetEnabled$qqro
@Extctrls@TTimer@
@Themes@initialization$qqrv
@Themes@Finalization$qqrv
@Controls@initialization$qqrv
@Controls@Finalization$qqrv
@Actnlist@initialization$qqrv
@Actnlist@Finalization$qqrv
@Menus@initialization$qqrv
@Menus@Finalization$qqrv
@Forms@initialization$qqrv
@Forms@Finalization$qqrv
@Forms@TApplication@SetShowHint$qqro
@Forms@TApplication@GetExeName$qqrv
@Forms@TApplication@Terminate$qqrv
@Forms@TApplication@CreateForm$qqrp17System@TMetaClasspv
@Forms@TApplication@Initialize$qqrv
@Forms@TApplication@UnhookMainWindow$qqrynpqqrr17Messages@TMessage$o
@Forms@TApplication@HookMainWindow$qqrynpqqrr17Messages@TMessage$o
@Forms@TApplication@HandleMessage$qqrv
@Forms@Application
@Dialogs@initialization$qqrv
@Dialogs@Finalization$qqrv
@Dialogs@MessageDlg$qqrx20System@UnicodeString19Dialogs@TMsgDlgType47System@%Set$t18Dialogs@TMsgDlgBtn$iuc$0$iuc$11%i
@Comctrls@initialization$qqrv
@Comctrls@Finalization$qqrv
@Graphutil@initialization$qqrv
@Graphutil@Finalization$qqrv
@Printers@initialization$qqrv
@Printers@Finalization$qqrv
@Clipbrd@initialization$qqrv
@Clipbrd@Finalization$qqrv
@Extactns@initialization$qqrv
@Extactns@Finalization$qqrv
@Extdlgs@initialization$qqrv
@Extdlgs@Finalization$qqrv
@Buttons@initialization$qqrv
@Buttons@Finalization$qqrv
userenv
DestroyEnvironmentBlock
CreateEnvironmentBlock
wtsapi32
WTSFreeMemory
WTSQuerySessionInformationW
WTSEnumerateSessionsW
Sections
.text Size: 51KB - Virtual size: 51KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.itext Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 512B - Virtual size: 424B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: - Virtual size: 704B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rsrc Size: 131KB - Virtual size: 132KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE