3757ae1850fc2fde4f900b6cac212f0d

Sharing

Copy URL Twitter E-mail

General

Target

3757ae1850fc2fde4f900b6cac212f0d
Size

1.1MB
MD5

3757ae1850fc2fde4f900b6cac212f0d
SHA1

730c7653eb2a763c2e700951de8b6c54105a1293
SHA256

0058d88241b64fe58eb10f667b69a426369c42bd519b7ad4ad3cc0d3efc51bee
SHA512

da2bd907bdb376a4153c2f6ebbb4ddb3747c44389ce1e35c94ee4b1cc6aede80f1961288cdde406ac4e3df18c736adf84029ff40fbfaef942905c489e4f8f05a
SSDEEP

24576:/iyogH8XDvWNLSxk5ZIg2lL+s8thnUbw8s:BoHXKNLceZIg2lanb8s

Score

10^/10

Malware Config

Signatures

Nirsoft 16 IoCs

resource	yara_rule
static1/unpack001/DriverView.exe	Nirsoft
static1/unpack001/FileTypesMan.exe	Nirsoft
static1/unpack001/GDIView.exe	Nirsoft
static1/unpack001/HeapMemView.exe	Nirsoft
static1/unpack001/ProcessActivityView.exe	Nirsoft
static1/unpack001/ProduKey.exe	Nirsoft
static1/unpack001/RegDllView.exe	Nirsoft
static1/unpack001/RegScanner.exe	Nirsoft
static1/unpack001/SpecialFoldersView.exe	Nirsoft
static1/unpack001/WirelessKeyView.exe	Nirsoft
static1/unpack001/cports.exe	Nirsoft
static1/unpack001/dllexp.exe	Nirsoft
static1/unpack001/netpass.exe	Nirsoft
static1/unpack001/shexview.exe	Nirsoft
static1/unpack001/shmnview.exe	Nirsoft
static1/unpack001/sysexp.exe	Nirsoft

Unsigned PE 20 IoCs

Checks for missing Authenticode signature.

resource
unpack001/DriverView.exe
unpack001/FileTypesMan.exe
unpack001/GDIView.exe
unpack001/HeapMemView.exe
unpack001/ProcessActivityView.exe
unpack001/ProduKey.exe
unpack001/RegDllView.exe
unpack001/RegFromApp.exe
unpack001/RegScanner.exe
unpack001/RunAsDate.exe
unpack001/SpecialFoldersView.exe
unpack001/Volumouse.exe
unpack001/WirelessKeyView.exe
unpack001/cports.exe
unpack001/dllexp.exe
unpack001/netpass.exe
unpack001/shexview.exe
unpack001/shmnview.exe
unpack001/sysexp.exe
unpack001/vlmshlp.dll

Files

3757ae1850fc2fde4f900b6cac212f0d
.zip
DriverView.exe
.exe windows:4 windows x64 arch:x64

59a3b4f2772b60f0e73288613e82ce26

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

_initterm
__getmainargs
_acmdln
exit
_cexit
_exit
_c_exit
_XcptFilter
__C_specific_handler
_onexit
__setusermatherr
_mbsicmp
_purecall
qsort
_strlwr
strcmp
malloc
strtoul
memset
_snprintf
_commode
_fmode
__set_app_type
__dllonexit
free
atoi
modf
_strcmpi
memcmp
_memicmp
strrchr
strchr
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
strlen
memcpy
_itoa
_stricmp
strcpy
strcat
strncat
sprintf

comctl32

ImageList_AddMasked
ImageList_Create
CreateToolbarEx
ord6
ImageList_SetImageCount
ord17
ImageList_ReplaceIcon

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

GetCurrentProcessId
ReadProcessMemory
GetCurrentProcess
DeleteFileA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
EnumResourceNamesA
ExitProcess
OpenProcess
GetStartupInfoA
FileTimeToLocalFileTime
lstrlenA
GlobalUnlock
GetFileTime
CompareFileTime
GetFileAttributesA
FileTimeToSystemTime
GetProcAddress
LoadLibraryA
FreeLibrary
GetVersionExA
GetLastError
CloseHandle
FormatMessageA
GetWindowsDirectoryA
GetTempPathA
GetModuleFileNameA
LocalFree
GetDateFormatA
WriteFile
ReadFile
GetSystemDirectoryA
lstrcpyA
GetTempFileNameA
GetModuleHandleA
LoadLibraryExA
CreateFileA
GetFileSize
GlobalLock
GlobalAlloc
GetTimeFormatA

user32

TranslateMessage
DeferWindowPos
IsDialogMessageA
SetTimer
BeginDeferWindowPos
PostQuitMessage
TrackPopupMenu
KillTimer
EndDeferWindowPos
GetFocus
RegisterWindowMessageA
GetSysColorBrush
ShowWindow
ChildWindowFromPoint
SetCursor
LoadCursorA
SetDlgItemTextA
SetWindowTextA
SendDlgItemMessageA
GetDlgItemInt
EndDialog
GetDlgItem
CreateWindowExA
SetDlgItemInt
RegisterClassA
UpdateWindow
GetSystemMetrics
GetWindowRect
PostMessageA
SetMenu
LoadAcceleratorsA
SetWindowPos
DefWindowProcA
TranslateAcceleratorA
MessageBoxA
GetWindowPlacement
SendMessageA
LoadIconA
LoadImageA
GetWindowLongA
SetWindowLongA
SetFocus
InvalidateRect
GetSubMenu
GetMenuStringA
GetClassNameA
SetClipboardData
CloseClipboard
EnableWindow
GetCursorPos
MapWindowPoints
GetClientRect
GetSysColor
MoveWindow
OpenClipboard
GetMenu
CheckMenuItem
EmptyClipboard
EnableMenuItem
GetDC
ReleaseDC
GetMenuItemCount
GetDlgCtrlID
DestroyMenu
CreateDialogParamA
EnumChildWindows
DestroyWindow
GetMenuItemInfoA
GetWindowTextA
LoadMenuA
GetParent
ModifyMenuA
LoadStringA
DialogBoxParamA
DispatchMessageA
GetMessageA

gdi32

GetTextExtentPoint32A
SetBkColor
GetStockObject
GetDeviceCaps
SetTextColor
CreateFontIndirectA
SetBkMode
DeleteObject

comdlg32

FindTextA
GetSaveFileNameA

advapi32

RegDeleteKeyA

shell32

ShellExecuteExA
ShellExecuteA

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
FileTypesMan.chm
.chm
FileTypesMan.exe
.exe windows:4 windows x64 arch:x64

4869ad86f4ae6cb2f6ebac5568628516

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

__set_app_type
exit
_cexit
_exit
_c_exit
_XcptFilter
__C_specific_handler
_onexit
_fmode
_wcslwr
strlen
qsort
_purecall
_itow
memmove
_commode
__setusermatherr
_wcmdln
_initterm
__wgetmainargs
__dllonexit
free
_memicmp
modf
memcmp
wcstoul
malloc
_wtoi
??3@YAXPEAX@Z
??2@YAPEAX_K@Z
wcslen
memcpy
_wcsicmp
wcschr
wcsrchr
wcscmp
wcscpy
memset
wcsncat
wcscat
_snwprintf

comctl32

ImageList_SetImageCount
ord17
ImageList_ReplaceIcon
ImageList_Create
ImageList_AddMasked
CreateStatusWindowW
CreateToolbarEx

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

ws2_32

WSAStartup
WSACleanup
WSAAsyncSelect
send
connect
closesocket
WSASetLastError
socket
bind
htons
WSAGetLastError
htonl
inet_addr
WSAAsyncGetHostByName

kernel32

GetModuleFileNameW
CloseHandle
EnumResourceTypesW
WinExec
GetCurrentThreadId
Sleep
GetWindowsDirectoryW
CreateFileW
LocalFree
FindResourceW
GlobalAlloc
GetStartupInfoW
OpenProcess
GetCurrentProcessId
ExitProcess
ReadProcessMemory
GetCurrentProcess
SetErrorMode
DeleteFileW
WideCharToMultiByte
GetPrivateProfileStringW
EnumResourceNamesW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetTempPathW
GlobalUnlock
LockResource
GetSystemDirectoryW
LoadResource
lstrlenW
FileTimeToLocalFileTime
CompareFileTime
ExpandEnvironmentStringsW
FileTimeToSystemTime
GetProcAddress
FreeLibrary
LoadLibraryW
GetModuleHandleW
LoadLibraryExW
SizeofResource
GetLastError
GlobalLock
GetDateFormatW
FormatMessageW
GetTempFileNameW
GetFileSize
GetVersionExW
GetTimeFormatW
GetFileAttributesW
ReadFile
WriteFile
lstrcpyW

user32

EmptyClipboard
SetForegroundWindow
AttachThreadInput
EnumWindows
DrawTextExW
DispatchMessageW
TranslateMessage
IsDialogMessageW
GetMessageW
PostQuitMessage
TrackPopupMenu
RegisterWindowMessageW
GetFocus
DestroyIcon
LoadIconW
EnumChildWindows
CreateDialogParamW
DialogBoxParamW
GetParent
DestroyMenu
GetDlgCtrlID
GetMenuItemInfoW
ReleaseCapture
FillRect
SetCapture
LoadCursorW
GetSysColorBrush
ShowWindow
ChildWindowFromPoint
SetCursor
GetWindow
SetDlgItemInt
DrawFrameControl
SetWindowTextW
BeginPaint
SetDlgItemTextW
GetDlgItemTextW
GetClientRect
GetSystemMetrics
DeferWindowPos
CreateWindowExW
SendDlgItemMessageW
EndDialog
GetWindowRect
GetDlgItem
GetDlgItemInt
InvalidateRect
EndPaint
TranslateAcceleratorW
SetMenu
SetWindowPos
GetWindowPlacement
LoadAcceleratorsW
DefWindowProcW
UpdateWindow
SendMessageW
PostMessageW
RegisterClassW
MessageBoxW
LoadImageW
SetWindowLongW
GetWindowLongW
SetFocus
EndDeferWindowPos
BeginDeferWindowPos
GetSysColor
LoadStringW
MoveWindow
GetMenuItemCount
CheckMenuItem
GetMenuStringW
GetCursorPos
ScreenToClient
CloseClipboard
SetClipboardData
EnableWindow
MapWindowPoints
GetMenu
ModifyMenuW
GetDC
EnableMenuItem
GetSubMenu
ReleaseDC
GetClassNameW
OpenClipboard
DestroyWindow
GetWindowTextW
LoadMenuW
GetWindowThreadProcessId

gdi32

CreateFontIndirectW
GetTextExtentPoint32W
GetStockObject
CreateSolidBrush
SelectObject
GetDeviceCaps
PatBlt
SetBkColor
SetBkMode
DeleteObject
SetTextColor

comdlg32

GetSaveFileNameW
ChooseFontW
FindTextW
GetOpenFileNameW

advapi32

RegQueryValueExW
RegOpenKeyW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegCreateKeyExW
RegSetValueExW

shell32

ShellExecuteW
SHGetFileInfoW
ExtractIconExW
SHChangeNotify

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
GDIView.chm
.chm
GDIView.exe
.exe windows:4 windows x64 arch:x64

3218b71c9a8802a462b8bc99049a9086

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

_initterm
__wgetmainargs
_wcmdln
exit
_cexit
_exit
_c_exit
_XcptFilter
__C_specific_handler
_onexit
__setusermatherr
_wcslwr
strlen
qsort
_purecall
wcsrchr
wcscmp
malloc
_commode
_fmode
__set_app_type
__dllonexit
_memicmp
free
wcschr
modf
_wtoi
memcmp
wcstoul
strcpy
??3@YAXPEAX@Z
??2@YAPEAX_K@Z
wcslen
_itow
_wcsicmp
memset
memcpy
wcscpy
_snwprintf
wcsncat
wcscat

comctl32

ImageList_SetImageCount
ImageList_AddMasked
CreateStatusWindowW
CreateToolbarEx
ImageList_Create
ord17
ImageList_ReplaceIcon

kernel32

GetCurrentProcessId
ExitProcess
ReadProcessMemory
GetCurrentProcess
SetErrorMode
DeleteFileW
WideCharToMultiByte
GetPrivateProfileStringW
EnumResourceNamesW
GetPrivateProfileIntW
CreateRemoteThread
EnumResourceTypesW
GetStartupInfoW
MapViewOfFile
GetSystemTimeAsFileTime
OpenProcess
CloseHandle
CompareFileTime
FileTimeToLocalFileTime
GetProcAddress
FreeLibrary
LoadLibraryW
FileTimeToSystemTime
UnmapViewOfFile
WriteProcessMemory
WaitForSingleObject
ResumeThread
GetModuleHandleW
VirtualFreeEx
VirtualAllocEx
CreateFileMappingW
CreateFileW
FindResourceW
LocalFree
LoadResource
GlobalAlloc
LockResource
LoadLibraryExW
GlobalUnlock
GetTempPathW
SizeofResource
GetDateFormatW
GetLastError
GlobalLock
GetTempFileNameW
FormatMessageW
GetFileSize
GetVersionExW
GetTimeFormatW
GetFileAttributesW
WriteFile
ReadFile
GetModuleFileNameW
GetWindowsDirectoryW
WritePrivateProfileStringW

user32

EndPaint
FillRect
SetCapture
BeginPaint
ReleaseCapture
BeginDeferWindowPos
ChildWindowFromPoint
SetCursor
LoadCursorW
GetSysColorBrush
ShowWindow
SetDlgItemInt
SetWindowTextW
SetDlgItemTextW
CreateWindowExW
SendDlgItemMessageW
GetDlgItemInt
EndDialog
GetDlgItem
GetWindowRect
SetMenu
TranslateAcceleratorW
SetWindowPos
GetWindowPlacement
LoadAcceleratorsW
DefWindowProcW
UpdateWindow
SendMessageW
GetSystemMetrics
PostMessageW
RegisterClassW
MessageBoxW
LoadImageW
LoadIconW
GetGuiResources
SetWindowLongW
GetWindowLongW
InvalidateRect
SetFocus
GetMenu
GetDC
EmptyClipboard
EnableMenuItem
GetSubMenu
ReleaseDC
GetClassNameW
OpenClipboard
MoveWindow
GetMenuItemCount
GetClientRect
CheckMenuItem
CheckMenuRadioItem
GetMenuStringW
GetCursorPos
ScreenToClient
GetSysColor
SetClipboardData
EnableWindow
CloseClipboard
MapWindowPoints
GetWindowTextW
LoadMenuW
ModifyMenuW
GetMenuItemInfoW
GetDlgCtrlID
DestroyMenu
GetParent
DialogBoxParamW
CreateDialogParamW
EnumChildWindows
LoadStringW
DestroyWindow
DestroyIcon
GetFocus
DeferWindowPos
KillTimer
RegisterWindowMessageW
TrackPopupMenu
PostQuitMessage
GetMessageW
SetTimer
IsDialogMessageW
TranslateMessage
DispatchMessageW
DrawTextExW
EndDeferWindowPos

gdi32

GetTextExtentPoint32W
SetBkColor
GetStockObject
GetDeviceCaps
PatBlt
CreateSolidBrush
SelectObject
SetTextColor
CreateFontIndirectW
SetBkMode
DeleteObject

comdlg32

GetSaveFileNameW
FindTextW

advapi32

RegDeleteKeyW

shell32

ExtractIconExW
ShellExecuteW

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HeapMemView.exe
.exe windows:4 windows x64 arch:x64

c358672c86ed03e6efa6323a64260d5a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

_initterm
__getmainargs
_acmdln
exit
_cexit
_exit
_c_exit
_XcptFilter
__C_specific_handler
__setusermatherr
__dllonexit
sprintf
_purecall
_mbslwr
malloc
strtoul
_mbsicmp
_commode
_fmode
__set_app_type
_onexit
memset
free
modf
memcmp
_mbscmp
_mbsrchr
_mbschr
_memicmp
??3@YAXPEAX@Z
??2@YAPEAX_K@Z
memcpy
strlen
_ultoa
_itoa
strcpy
_mbsnbcat
_snprintf
strcat

comctl32

ImageList_AddMasked
ImageList_Create
CreateToolbarEx
ord6
ImageList_SetImageCount
ord17
ImageList_ReplaceIcon

kernel32

GetCurrentProcessId
ExitProcess
SetErrorMode
DeleteFileA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
EnumResourceNamesA
GetCurrentProcess
GetStartupInfoA
FreeLibrary
GetProcAddress
LoadLibraryA
GlobalUnlock
GetFileAttributesA
GetVersionExA
GetLastError
CloseHandle
FormatMessageA
GetWindowsDirectoryA
GetModuleFileNameA
GetTempPathA
LocalFree
WriteFile
ReadFile
GetTempFileNameA
GetModuleHandleA
LoadLibraryExA
CreateFileA
GetFileSize
GlobalAlloc
GlobalLock
OpenProcess
CreateToolhelp32Snapshot
ReadProcessMemory
Heap32ListNext
Heap32ListFirst

user32

EndPaint
FillRect
SetCapture
ReleaseCapture
LoadCursorA
ShowWindow
SetCursor
ChildWindowFromPoint
GetSysColorBrush
SetWindowTextA
SendDlgItemMessageA
SetDlgItemInt
GetDlgItemInt
EndDialog
GetDlgItem
CreateWindowExA
SetDlgItemTextA
SetWindowPos
DefWindowProcA
RegisterClassA
TranslateAcceleratorA
UpdateWindow
MessageBoxA
GetWindowRect
GetSystemMetrics
GetWindowPlacement
PostMessageA
SetMenu
SendMessageA
LoadAcceleratorsA
LoadIconA
LoadImageA
GetWindowLongA
SetWindowLongA
InvalidateRect
SetFocus
EnableMenuItem
ReleaseDC
GetDC
GetMenuItemCount
ScreenToClient
GetSubMenu
GetMenuStringA
GetClassNameA
CloseClipboard
SetClipboardData
EnableWindow
GetCursorPos
MapWindowPoints
CheckMenuRadioItem
GetClientRect
GetSysColor
MoveWindow
OpenClipboard
GetMenu
CheckMenuItem
EmptyClipboard
DialogBoxParamA
GetDlgCtrlID
DestroyMenu
GetWindowTextA
CreateDialogParamA
DestroyWindow
EnumChildWindows
GetMenuItemInfoA
LoadMenuA
GetParent
ModifyMenuA
LoadStringA
DestroyIcon
GetMessageA
EndDeferWindowPos
GetFocus
BeginDeferWindowPos
DeferWindowPos
TranslateMessage
DispatchMessageA
IsDialogMessageA
TrackPopupMenu
PostQuitMessage
DrawTextExA
RegisterWindowMessageA
BeginPaint

gdi32

GetTextExtentPoint32A
GetStockObject
SetBkColor
PatBlt
GetDeviceCaps
CreateSolidBrush
SelectObject
SetBkMode
DeleteObject
SetTextColor
CreateFontIndirectA

comdlg32

GetSaveFileNameA
FindTextA

advapi32

RegDeleteKeyA

shell32

SHGetMalloc
SHBrowseForFolderA
ExtractIconExA
ShellExecuteA
SHGetPathFromIDListA

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ProcessActivityView.chm
.chm
ProcessActivityView.exe
.exe windows:4 windows x64 arch:x64

c00e386809a3cfd00ae9707bb95940f4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

_initterm
__wgetmainargs
_wcmdln
exit
_cexit
_exit
_c_exit
_XcptFilter
__C_specific_handler
_onexit
__dllonexit
_wtol
_purecall
_wcslwr
strlen
_itow
free
__setusermatherr
_commode
_fmode
__set_app_type
_memicmp
modf
_wtoi
memcmp
wcstoul
malloc
wcscmp
strcpy
wcsrchr
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
wcslen
memcpy
_ultow
_wcsicmp
wcschr
wcscpy
memset
_snwprintf
wcsncat
wcscat

comctl32

ImageList_ReplaceIcon
ImageList_Create
ImageList_AddMasked
ImageList_SetImageCount
CreateToolbarEx
CreateStatusWindowW
ord17

psapi

GetModuleInformation
EnumProcessModules
GetModuleFileNameExW

kernel32

WideCharToMultiByte
SetErrorMode
GetCurrentProcessId
ExitProcess
GetPrivateProfileStringW
EnumResourceNamesW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetLocaleInfoW
GlobalUnlock
CreateRemoteThread
EnumResourceTypesW
GetStartupInfoW
LoadLibraryExW
GlobalAlloc
LoadResource
GetFileAttributesW
GetCurrentProcess
GetModuleHandleW
ReadProcessMemory
FreeLibrary
LoadLibraryW
GetProcAddress
Sleep
FlushFileBuffers
GetTempPathW
GetLastError
VirtualAllocEx
CreateProcessW
WaitForSingleObject
CloseHandle
DeleteFileW
WriteProcessMemory
OpenProcess
ResumeThread
VirtualFreeEx
SizeofResource
GetTempFileNameW
GlobalLock
FormatMessageW
GetFileSize
GetVersionExW
GetWindowsDirectoryW
ReadFile
GetModuleFileNameW
WriteFile
CreateFileW
LocalFree
GetNumberFormatW
FindResourceW
LockResource

user32

IsDialogMessageW
SetTimer
ChildWindowFromPoint
SetCursor
LoadCursorW
GetSysColorBrush
ShowWindow
GetMessageW
GetWindow
DrawFrameControl
SetDlgItemInt
SetWindowTextW
UpdateWindow
SetDlgItemTextW
BeginPaint
GetDlgItemTextW
GetClientRect
GetSystemMetrics
DeferWindowPos
CreateWindowExW
SendDlgItemMessageW
EndDialog
GetWindowRect
GetDlgItem
GetDlgItemInt
InvalidateRect
TranslateAcceleratorW
SetMenu
SetWindowPos
GetWindowPlacement
LoadAcceleratorsW
DefWindowProcW
SendMessageW
PostMessageW
RegisterClassW
MessageBoxW
LoadImageW
SetWindowLongW
GetWindowLongW
SetFocus
EndDeferWindowPos
BeginDeferWindowPos
PeekMessageW
GetMenuItemCount
CheckMenuItem
GetMenuStringW
GetCursorPos
CloseClipboard
SetClipboardData
GetSysColor
EnableWindow
MapWindowPoints
GetMenu
GetDC
GetSubMenu
EmptyClipboard
EnableMenuItem
ReleaseDC
GetClassNameW
OpenClipboard
MoveWindow
ModifyMenuW
GetMenuItemInfoW
GetDlgCtrlID
DestroyMenu
GetParent
DialogBoxParamW
CreateDialogParamW
EnumChildWindows
LoadStringW
DestroyWindow
GetWindowTextW
LoadMenuW
DestroyIcon
LoadIconW
TranslateMessage
DispatchMessageW
DrawTextExW
KillTimer
RegisterWindowMessageW
TrackPopupMenu
PostQuitMessage
EndPaint

gdi32

SetBkMode
DeleteObject
SetTextColor
CreateFontIndirectW
GetStockObject
GetTextExtentPoint32W
SetBkColor
SelectObject
GetDeviceCaps

comdlg32

FindTextW
GetSaveFileNameW
GetOpenFileNameW

shell32

DragQueryFileW
DragAcceptFiles
DragFinish
SHGetFileInfoW
ShellExecuteW
ExtractIconExW

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ProduKey.chm
.chm
ProduKey.exe
.exe windows:4 windows x64 arch:x64

848eaaf3fcf4c9a578591ec48d844cca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mpr

WNetCloseEnum
WNetOpenEnumA
WNetEnumResourceA

msvcrt

_exit
_cexit
exit
_acmdln
_mbsicmp
_purecall
qsort
_strlwr
_itoa
_c_exit
strtoul
strcmp
strchr
_memicmp
malloc
free
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
_XcptFilter
__C_specific_handler
__dllonexit
_onexit
strlen
atoi
_strnicmp
_stricmp
strrchr
_strcmpi
memcpy
atof
memcmp
memset
strcpy
strcat
strncat
sprintf
__getmainargs
_initterm
__setusermatherr
_commode
_fmode
__set_app_type

comctl32

ImageList_AddMasked
CreateToolbarEx
ord6
ImageList_SetImageCount
ImageList_Create
ord17
ImageList_ReplaceIcon

ws2_32

gethostbyname
WSACleanup
WSAStartup
htons
WSAGetLastError
connect
WSAAsyncSelect
gethostbyaddr
closesocket
WSASetLastError

kernel32

OpenProcess
CreateThread
ResumeThread
ReadProcessMemory
ExitProcess
GetCurrentProcessId
DeleteFileA
SetErrorMode
GetStdHandle
WritePrivateProfileStringA
GetStartupInfoA
FormatMessageA
GetSystemDirectoryA
GetPrivateProfileIntA
EnumResourceNamesA
MultiByteToWideChar
GetLastError
FindFirstFileA
LoadLibraryExA
WriteFile
GetModuleHandleA
GetDateFormatA
GlobalUnlock
GetFileSize
GetWindowsDirectoryA
FindNextFileA
CreateFileA
WideCharToMultiByte
GetPrivateProfileStringA
Sleep
GetCurrentProcess
CompareFileTime
GetLogicalDrives
GetComputerNameA
FileTimeToLocalFileTime
GetDriveTypeA
FileTimeToSystemTime
GetProcAddress
LoadLibraryA
FreeLibrary
GlobalAlloc
GetTempFileNameA
FindClose
GetFileAttributesA
GetVersionExA
GlobalLock
CloseHandle
GetTimeFormatA
GetTempPathA
ReadFile
LocalFree
GetModuleFileNameA

user32

KillTimer
GetFocus
EndDeferWindowPos
GetDlgCtrlID
DialogBoxParamA
TrackPopupMenu
ModifyMenuA
GetParent
LoadMenuA
GetWindowTextA
GetMenuItemInfoA
DestroyWindow
BeginDeferWindowPos
PostQuitMessage
TranslateMessage
DeferWindowPos
IsDialogMessageA
LoadStringA
GetCursorPos
RegisterWindowMessageA
GetMessageA
DispatchMessageA
GetSysColorBrush
ShowWindow
ChildWindowFromPoint
SetCursor
LoadCursorA
GetDlgItemTextA
SetWindowTextA
SendDlgItemMessageA
GetDlgItemInt
EndDialog
GetDlgItem
CreateWindowExA
SetDlgItemInt
SetDlgItemTextA
UpdateWindow
GetSystemMetrics
GetWindowRect
PostMessageA
SetMenu
LoadAcceleratorsA
SetWindowPos
DefWindowProcA
TranslateAcceleratorA
MessageBoxA
GetWindowPlacement
SendMessageA
RegisterClassA
LoadImageA
LoadIconA
GetWindowLongA
SetWindowLongA
SetFocus
InvalidateRect
SetClipboardData
GetClientRect
EmptyClipboard
EnableWindow
EnableMenuItem
MapWindowPoints
ReleaseDC
OpenClipboard
GetClassNameA
CloseClipboard
GetMenuItemCount
GetSubMenu
GetMenuStringA
GetMenu
EnumChildWindows
MoveWindow
GetDC
GetSysColor
CheckMenuItem
DestroyMenu
CreateDialogParamA
SetTimer

gdi32

GetStockObject
GetTextExtentPoint32A
SetBkColor
SetTextColor
CreateFontIndirectA
SetBkMode
DeleteObject
GetDeviceCaps

comdlg32

GetSaveFileNameA
FindTextA
GetOpenFileNameA

advapi32

RegEnumKeyExA
RegConnectRegistryA
RegLoadKeyA
RegCloseKey
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumValueA
RegQueryValueExA
RegDeleteKeyA
RegUnLoadKeyA

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetMalloc
SHGetPathFromIDListA

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RegDllView.chm
.chm
RegDllView.exe
.exe windows:4 windows x64 arch:x64

da12f1a4da521b30a3a743d81f08f84f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

_initterm
__getmainargs
_acmdln
exit
_cexit
_exit
_c_exit
__setusermatherr
__C_specific_handler
_onexit
__dllonexit
_mbsnbicmp
_purecall
_mbslwr
qsort
_itoa
memcmp
_mbscmp
_commode
_fmode
__set_app_type
_XcptFilter
_mbsrchr
_mbschr
_memicmp
_mbsnbcpy
malloc
strtoul
memset
free
atoi
modf
??3@YAXPEAX@Z
??2@YAPEAX_K@Z
strlen
sprintf
_mbsicmp
_ultoa
memcpy
strcpy
_mbsnbcat
_snprintf
strcat

comctl32

ImageList_Create
ord6
ImageList_ReplaceIcon
ord17
ImageList_AddMasked
ImageList_SetImageCount
CreateToolbarEx

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

OpenProcess
GetCurrentProcessId
ExitProcess
ReadProcessMemory
GetCurrentProcess
GlobalFree
DeleteFileA
SetErrorMode
ExpandEnvironmentStringsA
GetLongPathNameA
WinExec
Sleep
GetCurrentThreadId
EnumResourceTypesA
GetStartupInfoA
GetProcAddress
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
EnumResourceNamesA
FileTimeToLocalFileTime
CompareFileTime
FileTimeToSystemTime
FreeLibrary
LoadLibraryA
LoadLibraryExA
CloseHandle
GetLastError
GetDateFormatA
WriteFile
ReadFile
lstrcpyA
GetSystemDirectoryA
GetTempFileNameA
GetModuleHandleA
FindClose
CreateFileA
GetFileSize
GlobalAlloc
GlobalLock
MultiByteToWideChar
FindResourceA
GetTimeFormatA
SizeofResource
lstrlenA
GlobalUnlock
LockResource
GetFileAttributesA
GetVersionExA
FindFirstFileA
FormatMessageA
GetTempPathA
GetWindowsDirectoryA
LoadResource
GetModuleFileNameA
LocalFree
FindNextFileA

user32

BeginPaint
EndPaint
FillRect
SetCapture
ReleaseCapture
SetForegroundWindow
AttachThreadInput
EnumWindows
LoadCursorA
ShowWindow
SetCursor
ChildWindowFromPoint
GetSysColorBrush
SetWindowTextA
SendDlgItemMessageA
SetDlgItemInt
GetWindowThreadProcessId
EndDialog
GetDlgItem
CreateWindowExA
SetDlgItemTextA
SetWindowPos
DefWindowProcA
RegisterClassA
TranslateAcceleratorA
UpdateWindow
MessageBoxA
GetWindowRect
GetSystemMetrics
GetWindowPlacement
PostMessageA
SetMenu
SendMessageA
LoadAcceleratorsA
LoadIconA
LoadImageA
GetWindowLongA
SetWindowLongA
SetFocus
InvalidateRect
MoveWindow
OpenClipboard
GetMenu
CheckMenuItem
EmptyClipboard
EnableMenuItem
ReleaseDC
GetDC
GetMenuItemCount
ScreenToClient
GetSubMenu
GetMenuStringA
GetClassNameA
CloseClipboard
SetClipboardData
EnableWindow
GetCursorPos
MapWindowPoints
GetClientRect
GetSysColor
CreateDialogParamA
DestroyWindow
EnumChildWindows
GetMenuItemInfoA
LoadMenuA
GetParent
ModifyMenuA
LoadStringA
DialogBoxParamA
GetDlgCtrlID
DestroyMenu
GetWindowTextA
BeginDeferWindowPos
GetFocus
DeferWindowPos
DispatchMessageA
TranslateMessage
IsDialogMessageA
TrackPopupMenu
PostQuitMessage
DrawTextExA
RegisterWindowMessageA
EndDeferWindowPos
GetMessageA
GetDlgItemInt

gdi32

SetTextColor
CreateFontIndirectA
GetStockObject
GetTextExtentPoint32A
SetBkColor
SelectObject
GetDeviceCaps
PatBlt
CreateSolidBrush
SetBkMode
DeleteObject

comdlg32

FindTextA
GetSaveFileNameA
GetOpenFileNameA

advapi32

RegOpenKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
RegQueryValueExA
RegEnumKeyExA
RegEnumKeyA
RegCloseKey

shell32

ShellExecuteExA
DragFinish
DragQueryFileA
DragAcceptFiles
ShellExecuteA

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RegFromApp.chm
.chm
RegFromApp.exe
.exe windows:4 windows x64 arch:x64

2270087b59bebd02a2e44a8468eebd18

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

_initterm
__wgetmainargs
_wcmdln
exit
_cexit
_exit
_c_exit
_XcptFilter
__C_specific_handler
_onexit
__dllonexit
_wtol
strlen
_wcslwr
_itow
_wcsnicmp
_wcsicmp
__setusermatherr
_commode
_fmode
__set_app_type
free
_memicmp
wcschr
modf
memcmp
??2@YAPEAX_K@Z
wcstoul
wcscmp
??3@YAXPEAX@Z
malloc
wcsrchr
strcpy
wcslen
memcpy
_wtoi
_purecall
wcscpy
memset
_snwprintf
wcsncat
wcscat

comctl32

ord17
ImageList_AddMasked
ImageList_Create
ImageList_SetImageCount
CreateToolbarEx
CreateStatusWindowW
ImageList_ReplaceIcon

kernel32

SetErrorMode
GetCurrentProcessId
ExitProcess
GetCurrentProcess
WideCharToMultiByte
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
EnumResourceNamesW
SizeofResource
CreateRemoteThread
EnumResourceTypesW
GetStartupInfoW
OpenProcess
FreeLibrary
LoadLibraryW
GetProcAddress
GetModuleHandleW
CloseHandle
DeleteFileW
WriteProcessMemory
ResumeThread
VirtualFreeEx
Sleep
ReadProcessMemory
FlushFileBuffers
GetTempPathW
GetLastError
VirtualAllocEx
CreateProcessW
WaitForSingleObject
FormatMessageW
GetVersionExW
GetFileAttributesW
WriteFile
GetWindowsDirectoryW
GetModuleFileNameW
CreateFileW
FindResourceW
LocalFree
LoadResource
LockResource
LoadLibraryExW

user32

SetTimer
GetMessageW
PostQuitMessage
ChildWindowFromPoint
SetCursor
LoadCursorW
GetSysColorBrush
ShowWindow
EndPaint
KillTimer
DrawFrameControl
SetWindowTextW
UpdateWindow
SetDlgItemTextW
BeginPaint
GetDlgItemTextW
GetClientRect
GetSystemMetrics
DeferWindowPos
CreateWindowExW
SendDlgItemMessageW
EndDialog
GetWindowRect
GetDlgItem
InvalidateRect
TranslateAcceleratorW
SetMenu
SetWindowPos
GetWindowPlacement
LoadAcceleratorsW
DefWindowProcW
SendMessageW
PostMessageW
RegisterClassW
MessageBoxW
LoadIconW
LoadImageW
SetWindowLongW
GetWindowLongW
EndDeferWindowPos
BeginDeferWindowPos
PeekMessageW
SetFocus
GetMenuItemCount
CheckMenuItem
GetMenuStringW
CheckMenuRadioItem
GetSysColor
MapWindowPoints
GetMenu
GetDC
GetSubMenu
EnableMenuItem
ReleaseDC
GetClassNameW
MoveWindow
GetMenuItemInfoW
GetDlgCtrlID
DestroyMenu
GetParent
DialogBoxParamW
CreateDialogParamW
EnumChildWindows
LoadStringW
DestroyWindow
GetWindowTextW
LoadMenuW
ModifyMenuW
DestroyIcon
IsDialogMessageW
DispatchMessageW
TranslateMessage
DrawTextExW
GetWindow

gdi32

SetBkMode
DeleteObject
SetTextColor
CreateFontIndirectW
SetBkColor
SelectObject
GetDeviceCaps

comdlg32

GetSaveFileNameW
GetOpenFileNameW

shell32

DragQueryFileW
DragAcceptFiles
DragFinish
ExtractIconExW
SHGetFileInfoW
ShellExecuteW

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RegScanner.exe
.exe windows:4 windows x64 arch:x64

3795ad44c66c0bd8cae3b71724c9e83c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

_initterm
__getmainargs
_acmdln
exit
_cexit
_exit
_c_exit
_XcptFilter
__C_specific_handler
_onexit
__dllonexit
__setusermatherr
isdigit
strncmp
??_U@YAPEAX_K@Z
??_V@YAXPEAX@Z
_snprintf
_strlwr
_purecall
_itoa
_strnicmp
_strcmpi
strtoul
_commode
_fmode
__set_app_type
calloc
strchr
_mbschr
_ultoa
_memicmp
strcmp
strrchr
malloc
strtol
free
atoi
??3@YAXPEAX@Z
??2@YAPEAX_K@Z
memset
memmove
strlen
memcmp
_stricmp
memcpy
strcpy
strcat
strncat
sprintf

comctl32

ImageList_Create
ImageList_SetImageCount
ord6
CreateToolbarEx
ImageList_AddMasked
ord17
ImageList_ReplaceIcon

kernel32

GetModuleHandleA
RaiseException
ReadProcessMemory
GetCurrentProcess
ExitProcess
GetCurrentProcessId
DeleteFileA
GetSystemTime
GetPrivateProfileStringA
OpenProcess
GetCurrentThreadId
WinExec
Sleep
GetStartupInfoA
GetProcAddress
FileTimeToLocalFileTime
MultiByteToWideChar
SystemTimeToFileTime
CompareFileTime
GetLocalTime
LoadLibraryA
FreeLibrary
FileTimeToSystemTime
GetDateFormatA
WriteFile
GlobalAlloc
GetVersionExA
GlobalLock
GlobalUnlock
CloseHandle
CreateFileA
GetFileSize
GetTimeFormatA
GetTempPathA
LocalFree
GetFileAttributesA
lstrcpyA
GetLastError
GetModuleFileNameA
SetFilePointer
lstrlenA
GetNumberFormatA
LoadLibraryExA
GetLocaleInfoA
FormatMessageA
GetTempFileNameA
GetWindowsDirectoryA
ReadFile
WideCharToMultiByte
WritePrivateProfileStringA
EnumResourceNamesA
GetPrivateProfileIntA

user32

GetClipboardData
GetWindowThreadProcessId
SetForegroundWindow
AttachThreadInput
EnumWindows
GetSysColorBrush
ShowWindow
ChildWindowFromPoint
SetCursor
LoadCursorA
GetDlgItemTextA
SetWindowTextA
SendDlgItemMessageA
GetDlgItemInt
EndDialog
GetDlgItem
CreateWindowExA
SetDlgItemInt
SetDlgItemTextA
RegisterClassA
UpdateWindow
GetSystemMetrics
GetWindowRect
PostMessageA
SetMenu
LoadAcceleratorsA
SetWindowPos
DefWindowProcA
TranslateAcceleratorA
MessageBoxA
GetWindowPlacement
SendMessageA
PeekMessageA
TranslateMessage
LoadImageA
DispatchMessageA
LoadIconA
GetWindowLongA
SetWindowLongA
InvalidateRect
SetFocus
GetMenu
OpenClipboard
GetDC
MoveWindow
EmptyClipboard
GetClassNameA
EnableMenuItem
CloseClipboard
ReleaseDC
GetSubMenu
CheckMenuItem
GetMenuItemCount
GetClientRect
GetMenuStringA
GetCursorPos
SetClipboardData
EnableWindow
GetSysColor
MapWindowPoints
ModifyMenuA
LoadStringA
DialogBoxParamA
GetDlgCtrlID
DestroyMenu
CreateDialogParamA
EnumChildWindows
DestroyWindow
GetMenuItemInfoA
GetWindowTextA
LoadMenuA
GetParent
GetMessageA
TrackPopupMenu
PostQuitMessage
RegisterWindowMessageA
GetFocus
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
IsDialogMessageA

gdi32

GetStockObject
GetTextExtentPoint32A
SetBkColor
GetDeviceCaps
SetTextColor
CreateFontIndirectA
SetBkMode
DeleteObject

comdlg32

GetSaveFileNameA
GetOpenFileNameA
FindTextA

advapi32

RegCloseKey
RegEnumValueA
RegDeleteKeyA
RegQueryInfoKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegCreateKeyA
RegQueryValueExW
RegOpenKeyExA
RegCreateKeyExA
RegEnumKeyExA
RegConnectRegistryA

shell32

ShellExecuteA

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RunAsDate.chm
.chm
RunAsDate.exe
.exe windows:4 windows x64 arch:x64

ddb5606d840a1760fe415fde778faf20

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

wcsrchr
wcscpy
wcscat
_wtoi
??2@YAPEAX_K@Z
_itow
strcpy
__dllonexit
_onexit
??3@YAXPEAX@Z
_XcptFilter
_c_exit
_exit
_cexit
exit
_wcmdln
__wgetmainargs
_wcsicmp
free
wcschr
wcslen
memcpy
memset
_snwprintf
wcsncat
malloc
__C_specific_handler
_initterm
__setusermatherr
_commode
_fmode
__set_app_type

comctl32

ord17

kernel32

GetStartupInfoW
ReadProcessMemory
VirtualFreeEx
CreateRemoteThread
ResumeThread
WaitForSingleObject
WriteProcessMemory
VirtualAllocEx
EnumResourceTypesW
GetLocalTime
SetErrorMode
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
EnumResourceNamesW
LockResource
LoadResource
CreateProcessW
GetProcAddress
FreeLibrary
SystemTimeToFileTime
LoadLibraryW
GetSystemTime
GetTempPathW
SizeofResource
GetVersionExW
GetModuleHandleW
GetFileAttributesW
WriteFile
GetModuleFileNameW
CloseHandle
CreateFileW
FindResourceW

user32

LoadMenuW
GetWindowTextW
DestroyWindow
SetWindowPos
LoadStringW
EnumChildWindows
DialogBoxParamW
CreateDialogParamW
GetParent
DestroyMenu
GetDlgCtrlID
GetMenuItemInfoW
GetDC
MapWindowPoints
ShowWindow
ChildWindowFromPoint
SetCursor
LoadCursorW
GetSysColorBrush
SendDlgItemMessageW
EndDialog
GetWindowRect
GetDlgItem
InvalidateRect
EndPaint
GetWindow
DrawFrameControl
SetWindowTextW
BeginPaint
SetDlgItemTextW
GetClientRect
GetDlgItemTextW
GetSystemMetrics
DeferWindowPos
SendMessageW
MessageBoxW
SetWindowLongW
GetWindowLongW
EndDeferWindowPos
BeginDeferWindowPos
LoadImageW
ReleaseDC
GetClassNameW
MoveWindow
SetFocus
GetMenuItemCount

gdi32

GetDeviceCaps
SetTextColor
CreateFontIndirectW
SetBkMode
DeleteObject

comdlg32

GetOpenFileNameW

shell32

ShellExecuteW

ole32

CoInitialize
CoCreateInstance
CoUninitialize

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SpecialFoldersView.chm
.chm
SpecialFoldersView.exe
.exe windows:4 windows x64 arch:x64

361c39acdf88ae87cbc2db37fa1d12ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

__wgetmainargs
_wcmdln
exit
_cexit
_exit
_c_exit
_XcptFilter
__C_specific_handler
_onexit
_initterm
_wcslwr
strlen
qsort
_purecall
_itow
wcscmp
__setusermatherr
_commode
_fmode
__set_app_type
__dllonexit
malloc
_wcsicmp
free
_memicmp
wcschr
modf
_wtoi
memcmp
wcstoul
wcsrchr
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
memcpy
wcslen
wcscpy
memset
_snwprintf
wcsncat
wcscat

comctl32

ImageList_AddMasked
ord17
ImageList_Create
ImageList_SetImageCount
CreateStatusWindowW
CreateToolbarEx

kernel32

ReadProcessMemory
GetCurrentProcess
GetCurrentProcessId
ExitProcess
DeleteFileW
SetErrorMode
WideCharToMultiByte
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
EnumResourceNamesW
OpenProcess
EnumResourceTypesW
GetStartupInfoW
GetTempPathW
GetFileAttributesW
FreeLibrary
LoadLibraryW
GetProcAddress
ReadFile
CloseHandle
WriteFile
GetModuleFileNameW
GetWindowsDirectoryW
CreateFileW
FindResourceW
LoadResource
LocalFree
GlobalAlloc
LockResource
LoadLibraryExW
GetSystemDirectoryW
GlobalUnlock
GetLastError
SizeofResource
GetTempFileNameW
GlobalLock
FormatMessageW
GetFileSize
GetVersionExW
GetModuleHandleW

user32

EndDeferWindowPos
DrawTextExW
DispatchMessageW
TranslateMessage
ChildWindowFromPoint
SetCursor
LoadCursorW
GetSysColorBrush
ShowWindow
CreateWindowExW
SendDlgItemMessageW
GetDlgItemInt
EndDialog
IsDialogMessageW
SetDlgItemInt
SetWindowTextW
UpdateWindow
SetDlgItemTextW
GetWindowPlacement
LoadAcceleratorsW
DefWindowProcW
SendMessageW
PostMessageW
GetSystemMetrics
RegisterClassW
MessageBoxW
GetWindowRect
TranslateAcceleratorW
SetMenu
SetWindowPlacement
LoadImageW
SetWindowLongW
GetWindowLongW
SetFocus
InvalidateRect
GetCursorPos
SetClipboardData
GetSysColor
EnableWindow
CloseClipboard
MapWindowPoints
GetMenu
GetDC
EmptyClipboard
GetSubMenu
EnableMenuItem
ReleaseDC
GetClassNameW
OpenClipboard
MoveWindow
GetClientRect
GetMenuItemCount
CheckMenuItem
GetMenuStringW
GetDlgCtrlID
DestroyMenu
GetParent
DialogBoxParamW
CreateDialogParamW
EnumChildWindows
LoadStringW
SetWindowPos
DestroyWindow
GetWindowTextW
LoadMenuW
ModifyMenuW
GetMenuItemInfoW
DestroyIcon
LoadIconW
BeginDeferWindowPos
DeferWindowPos
RegisterWindowMessageW
TrackPopupMenu
PostQuitMessage
GetMessageW
GetDlgItem

gdi32

DeleteObject
SetBkColor
GetStockObject
GetTextExtentPoint32W
SelectObject
GetDeviceCaps
SetTextColor
CreateFontIndirectW
SetBkMode

comdlg32

ChooseFontW
FindTextW
GetSaveFileNameW

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

shell32

ShellExecuteExW
SHGetFileInfoW
SHGetSpecialFolderLocation
ShellExecuteW

ole32

CoUninitialize
CoInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Volumouse.chm
.chm
Volumouse.exe
.exe windows:4 windows x64 arch:x64

fe86210dcc5940c91d30a75e47dc52d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

winmm

mixerGetID
waveOutGetNumDevs
mixerOpen
mixerGetDevCapsA
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetNumDevs
mixerClose
mixerGetLineInfoA
mixerGetLineControlsA
waveOutGetDevCapsA

msvcrt

__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_exit
_c_exit
_XcptFilter
__C_specific_handler
_onexit
__dllonexit
_commode
wcslen
_mbsicmp
abs
modf
??2@YAPEAX_K@Z
_memicmp
_fmode
__set_app_type
wcscmp
memset
_strcmpi
strchr
strtoul
malloc
??3@YAXPEAX@Z
free
atof
_itoa
strlen
memcpy
strrchr
strcpy
strncat
sprintf
strcat

kernel32

FindNextFileA
WideCharToMultiByte
MultiByteToWideChar
GetPrivateProfileIntA
WritePrivateProfileStringA
EnumResourceNamesA
CreateProcessA
GetCurrentProcess
GetTickCount
SetPriorityClass
Sleep
ExitProcess
ReadProcessMemory
OpenProcess
GetStartupInfoA
GetPrivateProfileStringA
GetModuleFileNameA
FindFirstFileA
GetWindowsDirectoryA
WinExec
CreateDirectoryA
CreateFileA
CloseHandle
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetCurrentProcessId
GetFileAttributesA
FindClose
GetVersionExA

user32

ReplyMessage
RegisterWindowMessageA
CopyRect
GetMessageA
UnregisterHotKey
SetMenuItemInfoA
GetDlgItem
RegisterHotKey
SendMessageTimeoutA
SendInput
ModifyMenuA
DialogBoxParamA
LoadStringA
GetDlgCtrlID
DestroyMenu
CreateDialogParamA
EnumChildWindows
DestroyWindow
GetMenuItemInfoA
DispatchMessageA
TranslateMessage
PostQuitMessage
SetCursor
SendMessageA
GetSysColorBrush
ShowWindow
ChildWindowFromPoint
LoadCursorA
SetDlgItemTextA
GetDlgItemTextA
SetWindowTextA
SendDlgItemMessageA
GetDlgItemInt
EndDialog
LoadMenuA
CreateWindowExA
SetDlgItemInt
MessageBoxA
GetWindowPlacement
RegisterClassA
GetSystemMetrics
PostMessageA
GetWindowRect
SetWindowPos
DefWindowProcA
GetCursorPos
WindowFromPoint
GetParent
GetClassNameA
FindWindowA
IsWindowVisible
GetWindowLongA
SetWindowLongA
MapDialogRect
SetForegroundWindow
SetRect
GetWindowThreadProcessId
ClientToScreen
SetCapture
ReleaseDC
GetDC
SetFocus
GetClientRect
InvalidateRect
GetMenuItemCount
MoveWindow
GetSubMenu
SetWindowPlacement
EnableWindow
MapWindowPoints
LoadImageA
DrawTextA
KillTimer
FillRect
SetTimer
EndPaint
GetForegroundWindow
BeginPaint
GetWindowTextA
TrackPopupMenu

gdi32

SelectObject
GetDeviceCaps
CreateSolidBrush
SetTextColor
CreateFontIndirectA
DeleteObject
SetBkMode

comdlg32

GetOpenFileNameA
ChooseColorA
GetSaveFileNameA

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteKeyA
RegDeleteValueA

shell32

Shell_NotifyIconA
ShellExecuteA

ole32

CoUninitialize
CoInitialize
PropVariantClear
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
WirelessKeyView.chm
.chm
WirelessKeyView.exe
.exe windows:4 windows x64 arch:x64

179d0cd9f0bf4f2b3d2fc4e01a28c913

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

comctl32

ord6
CreateToolbarEx
ImageList_SetImageCount
ImageList_Create
ImageList_AddMasked
ImageList_ReplaceIcon
ord17

msvcrt

_initterm
__getmainargs
_acmdln
exit
_cexit
_exit
_c_exit
_XcptFilter
__setusermatherr
_onexit
__dllonexit
strncmp
_purecall
qsort
_strlwr
_mbschr
_mbsicmp
_itoa
_commode
_fmode
__set_app_type
__C_specific_handler
free
modf
_memicmp
atoi
strrchr
_strcmpi
strchr
strtoul
malloc
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
strlen
wcslen
memcpy
_snprintf
memcmp
strcmp
memset
strcpy
strcat
strncat
sprintf

kernel32

VirtualFreeEx
VirtualAllocEx
WaitForSingleObject
ResumeThread
WriteProcessMemory
EnumResourceTypesA
GetStartupInfoA
CreateRemoteThread
OpenProcess
ExitProcess
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
LocalFree
GetLastError
LocalAlloc
GetFileSize
GetModuleHandleA
LoadLibraryExA
GlobalLock
SizeofResource
GetFileAttributesA
GetTempFileNameA
FindClose
CreateFileA
FindResourceA
ReadFile
FormatMessageA
GetSystemDirectoryA
GetWindowsDirectoryA
GetVersionExA
LockResource
MultiByteToWideChar
WriteFile
GetTempPathA
GlobalUnlock
LoadResource
GlobalAlloc
FindFirstFileA
GetModuleFileNameA
FindNextFileA
WideCharToMultiByte
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
EnumResourceNamesA
GetStdHandle
DeleteFileA
SetErrorMode
GetCurrentProcess
ReadProcessMemory
GetCurrentProcessId

user32

BeginDeferWindowPos
GetSysColorBrush
ShowWindow
ChildWindowFromPoint
SetCursor
LoadCursorA
GetDlgItemTextA
SetWindowTextA
SendDlgItemMessageA
GetDlgItemInt
EndDialog
GetDlgItem
CreateWindowExA
SetDlgItemInt
SetDlgItemTextA
UpdateWindow
GetSystemMetrics
GetWindowRect
PostMessageA
SetMenu
LoadAcceleratorsA
SetWindowPos
DefWindowProcA
TranslateAcceleratorA
MessageBoxA
GetWindowPlacement
SendMessageA
RegisterClassA
LoadIconA
LoadImageA
GetWindowLongA
SetWindowLongA
InvalidateRect
SetFocus
GetClientRect
MoveWindow
GetMenuItemCount
GetMenuStringA
CheckMenuItem
GetCursorPos
GetMenu
GetSysColor
GetClassNameA
CloseClipboard
GetSubMenu
SetClipboardData
GetDC
EnableWindow
MapWindowPoints
EmptyClipboard
EnableMenuItem
ReleaseDC
OpenClipboard
GetMenuItemInfoA
GetWindowTextA
LoadMenuA
GetParent
ModifyMenuA
LoadStringA
DialogBoxParamA
GetDlgCtrlID
DestroyMenu
CreateDialogParamA
EnumChildWindows
DestroyWindow
TrackPopupMenu
DeferWindowPos
PostQuitMessage
TranslateMessage
DispatchMessageA
IsDialogMessageA
DrawTextExA
GetMessageA
RegisterWindowMessageA
EndDeferWindowPos
GetFocus

gdi32

SetBkMode
CreateFontIndirectA
SetTextColor
GetDeviceCaps
DeleteObject
GetTextExtentPoint32A
SetBkColor
GetStockObject
SelectObject

comdlg32

GetSaveFileNameA
FindTextA

advapi32

RegCloseKey
RegDeleteKeyA
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
CryptDecrypt
CryptDestroyHash
CryptAcquireContextA
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptReleaseContext
RegEnumValueA
RegDeleteValueA
CryptGetHashParam

shell32

SHGetPathFromIDListA
SHGetMalloc
SHBrowseForFolderA
ShellExecuteA

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cports.chm
.chm
cports.exe
.exe windows:4 windows x64 arch:x64

589fbb8b834dd3acc6ffc01abfe802ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

__set_app_type
_fmode
_commode
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_onexit
__dllonexit
qsort
_strlwr
_itoa
_atoi64
_mbsicmp
_mbschr
strcmp
strrchr
malloc
free
modf
_exit
_c_exit
_XcptFilter
__C_specific_handler
memcmp
strtoul
_memicmp
strncmp
atoi
strchr
_strcmpi
strlen
memcpy
_purecall
_ultoa
strcpy
??3@YAXPEAX@Z
memset
??2@YAPEAX_K@Z
strncat
sprintf
strcat

ws2_32

inet_addr
WSAGetLastError
WSASetLastError
closesocket
gethostbyaddr
WSAAsyncSelect
htons
connect
getservbyport
WSACleanup
WSAStartup

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

comctl32

ImageList_ReplaceIcon
ord17
ImageList_AddMasked
ImageList_Create
ImageList_SetImageCount
ord6
ImageList_Add
CreateToolbarEx

kernel32

TerminateProcess
CreateEventA
GetStartupInfoA
GetProcessHeap
GetCurrentThread
GetVersionExA
UnmapViewOfFile
MapViewOfFile
DuplicateHandle
DeviceIoControl
CreateThread
ResumeThread
ReadProcessMemory
GetCurrentProcess
ExitProcess
DeleteFileA
GetCurrentProcessId
WinExec
GetStdHandle
EnumResourceNamesA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetTempFileNameA
lstrcpyA
GetModuleFileNameA
LocalFree
lstrlenA
FindResourceA
GlobalUnlock
GetTimeFormatA
SetFilePointer
GetLastError
GetThreadSelectorEntry
HeapFree
OpenProcess
GetProcAddress
GetModuleHandleA
Sleep
CompareFileTime
GetFileAttributesA
GetSystemTimeAsFileTime
CloseHandle
FileTimeToLocalFileTime
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FreeLibrary
FileTimeToSystemTime
LoadLibraryA
FormatMessageA
LoadLibraryExA
GetWindowsDirectoryA
ReadFile
LoadResource
GetDateFormatA
WriteFile
GlobalAlloc
CreateFileA
GetFileSize
GlobalLock
LockResource
GetTempPathA

user32

GetCursorPos
EnableWindow
SetForegroundWindow
PostMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
SetCapture
KillTimer
ReleaseCapture
UpdateWindow
GetMessageA
MessageBeep
WindowFromPoint
SetTimer
RegisterWindowMessageA
PostQuitMessage
TrackPopupMenu
DrawTextExA
GetSysColor
CreateDialogParamA
DestroyMenu
GetDlgCtrlID
LoadStringA
DialogBoxParamA
ModifyMenuA
GetParent
LoadMenuA
DestroyWindow
GetMenuItemInfoA
GetSysColorBrush
ShowWindow
ChildWindowFromPoint
SetCursor
LoadCursorA
SendMessageA
GetSystemMetrics
SetWindowPos
GetWindowPlacement
GetDlgItem
EndPaint
CreateWindowExA
InvalidateRect
SetDlgItemInt
BeginPaint
GetWindowTextLengthA
GetWindow
GetClientRect
SetDlgItemTextA
DrawFrameControl
GetDlgItemTextA
SetWindowTextA
SendDlgItemMessageA
DeferWindowPos
GetWindowRect
GetDlgItemInt
EndDialog
RegisterClassA
SetMenu
LoadAcceleratorsA
DefWindowProcA
TranslateAcceleratorA
MessageBoxA
EnumWindows
IsWindowVisible
GetWindowThreadProcessId
LoadIconA
GetWindowTextA
FindWindowA
DestroyIcon
GetWindowLongA
SetWindowLongA
BeginDeferWindowPos
EndDeferWindowPos
SetFocus
MapWindowPoints
LoadImageA
GetMenu
MoveWindow
OpenClipboard
SetClipboardData
ScreenToClient
EmptyClipboard
GetDC
EnableMenuItem
CheckMenuItem
ReleaseDC
GetClassNameA
GetSubMenu
CloseClipboard
GetMenuItemCount
GetMenuStringA
CheckMenuRadioItem
EnumChildWindows

gdi32

GetTextExtentPoint32A
SetBkColor
SelectObject
GetDeviceCaps
SetTextColor
CreateFontIndirectA
SetBkMode
DeleteObject

comdlg32

GetSaveFileNameA
FindTextA

advapi32

RegDeleteKeyA

shell32

ExtractIconExA
ShellExecuteA
ShellExecuteExA
Shell_NotifyIconA

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dllexp.chm
.chm
dllexp.exe
.exe windows:4 windows x64 arch:x64

bd1b74b5cbe2725799e25bf8b04ad396

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

comctl32

CreateToolbarEx
ImageList_AddMasked
ImageList_SetImageCount
ImageList_Create
ord17
ord6
ImageList_ReplaceIcon

msvcrt

_XcptFilter
_c_exit
_strlwr
_mbsicmp
strrchr
__C_specific_handler
malloc
free
memcmp
strtoul
strcmp
_stricmp
_memicmp
_onexit
__dllonexit
atol
_strcmpi
qsort
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
memcpy
strlen
_purecall
_snprintf
atoi
_itoa
strchr
strcpy
memset
strcat
_exit
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_commode
_fmode
__set_app_type
sprintf
strncat

kernel32

GetSystemDirectoryA
LocalFree
GetTempPathA
GetStartupInfoA
OpenProcess
ReadProcessMemory
GetCurrentProcess
ExitProcess
GetCurrentProcessId
DeleteFileA
GetStdHandle
GetPrivateProfileStringA
GetPrivateProfileIntA
EnumResourceNamesA
WritePrivateProfileStringA
MultiByteToWideChar
GetProcAddress
LoadLibraryA
FreeLibrary
FormatMessageA
GetModuleFileNameA
CreateFileA
GetWindowsDirectoryA
FindNextFileA
GetFileSize
GlobalUnlock
GetModuleHandleA
WriteFile
LoadLibraryExA
SetFilePointer
FindFirstFileA
GetLastError
GlobalAlloc
GetTempFileNameA
FindClose
GetFileAttributesA
GetVersionExA
GlobalLock
CloseHandle
ReadFile

user32

GetSysColorBrush
ShowWindow
ChildWindowFromPoint
SetCursor
LoadCursorA
SetDlgItemInt
BeginPaint
GetWindow
SetDlgItemTextA
GetClientRect
DrawFrameControl
GetDlgItemTextA
GetFocus
GetSystemMetrics
DeferWindowPos
SendDlgItemMessageA
GetWindowRect
EndDialog
GetDlgItemInt
GetDlgItem
CreateWindowExA
EndPaint
InvalidateRect
RegisterClassA
UpdateWindow
SetWindowPlacement
PostMessageA
SetMenu
LoadAcceleratorsA
DefWindowProcA
TranslateAcceleratorA
MessageBoxA
GetWindowPlacement
SendMessageA
TranslateMessage
PeekMessageA
LoadImageA
LoadIconA
DispatchMessageA
GetWindowLongA
SetWindowLongA
SetFocus
EndDeferWindowPos
BeginDeferWindowPos
GetMenu
GetCursorPos
MoveWindow
GetDC
CheckMenuItem
SetClipboardData
EmptyClipboard
EnableWindow
EnableMenuItem
MapWindowPoints
ReleaseDC
OpenClipboard
GetClassNameA
CloseClipboard
SetWindowTextA
GetMenuItemCount
GetSubMenu
GetMenuStringA
LoadMenuA
GetParent
ModifyMenuA
DialogBoxParamA
LoadStringA
GetDlgCtrlID
DestroyMenu
CreateDialogParamA
EnumChildWindows
GetMenuItemInfoA
DestroyWindow
SetWindowPos
GetWindowTextA
TrackPopupMenu
PostQuitMessage
IsDialogMessageA
GetMessageA
RegisterWindowMessageA

gdi32

GetTextExtentPoint32A
SetBkMode
SetBkColor
GetStockObject
DeleteObject
GetDeviceCaps
SetTextColor
CreateFontIndirectA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
FindTextA

advapi32

RegOpenKeyExA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA

shell32

ShellExecuteExA
ShellExecuteA
DragQueryFileA
DragAcceptFiles
DragFinish

ole32

CoInitialize
CoUninitialize

oleaut32

SysFreeString
LoadTypeLi

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
driverview.chm
.chm
heapmemview.chm
.chm
netpass.chm
.chm
netpass.exe
.exe windows:4 windows x64 arch:x64

58ec7664724f0305903ea3dec0b21c2c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

_initterm
__getmainargs
_acmdln
exit
_cexit
_exit
_c_exit
_XcptFilter
__C_specific_handler
_onexit
__dllonexit
_purecall
qsort
_strlwr
strcmp
_memicmp
strchr
strrchr
_strcmpi
__setusermatherr
_commode
_fmode
__set_app_type
malloc
free
strtoul
atoi
_snprintf
wcscpy
wcschr
wcsncmp
memcmp
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
_strnicmp
wcslen
_mbsicmp
_mbscmp
log
strlen
memcpy
abs
strcpy
memset
_itoa
strcat
strncat
sprintf

comctl32

ImageList_AddMasked
ImageList_Create
CreateToolbarEx
ord6
ImageList_SetImageCount
ord17
ImageList_ReplaceIcon

kernel32

GetCurrentProcess
ExitProcess
GetCurrentProcessId
DeleteFileA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
EnumResourceNamesA
WriteFile
CreateRemoteThread
EnumResourceTypesA
SizeofResource
GetStartupInfoA
WideCharToMultiByte
FreeLibrary
GetProcAddress
LoadLibraryA
CompareFileTime
FileTimeToLocalFileTime
CloseHandle
GetFileSize
LocalFree
VirtualAllocEx
WriteProcessMemory
ResumeThread
OpenProcess
VirtualFreeEx
ReadProcessMemory
WaitForSingleObject
GetModuleHandleA
GetLastError
LocalAlloc
FileTimeToSystemTime
LoadLibraryExA
FindFirstFileA
GlobalAlloc
LoadResource
GetTempFileNameA
GetFileAttributesA
FindClose
GetVersionExA
GlobalLock
GetTimeFormatA
GetTempPathA
ReadFile
LockResource
GetSystemDirectoryA
FormatMessageA
MultiByteToWideChar
GetModuleFileNameA
CreateFileA
GetWindowsDirectoryA
FindNextFileA
FindResourceA
GetDateFormatA
GlobalUnlock

user32

EndDeferWindowPos
RegisterWindowMessageA
GetMessageA
DrawTextExA
GetSysColorBrush
ShowWindow
ChildWindowFromPoint
SetCursor
LoadCursorA
MessageBoxA
IsDialogMessageA
EndDialog
GetDlgItem
CreateWindowExA
InvalidateRect
SetDlgItemInt
GetClientRect
SetDlgItemTextA
GetDlgItemTextA
SetWindowTextA
GetSystemMetrics
DeferWindowPos
SendDlgItemMessageA
GetWindowRect
DefWindowProcA
TranslateAcceleratorA
GetWindowPlacement
SendMessageA
RegisterClassA
UpdateWindow
PostMessageA
SetMenu
LoadAcceleratorsA
SetWindowPos
LoadIconA
LoadImageA
GetWindowLongA
SetWindowLongA
SetFocus
SetClipboardData
EnableWindow
EmptyClipboard
MapWindowPoints
EnableMenuItem
ReleaseDC
OpenClipboard
GetClassNameA
CloseClipboard
GetMenuItemCount
GetSubMenu
GetMenuStringA
GetMenu
GetCursorPos
MoveWindow
GetDC
GetSysColor
CheckMenuItem
DestroyMenu
CreateDialogParamA
DestroyWindow
EnumChildWindows
GetMenuItemInfoA
GetWindowTextA
LoadMenuA
GetParent
ModifyMenuA
LoadStringA
DialogBoxParamA
GetDlgCtrlID
GetFocus
BeginDeferWindowPos
TrackPopupMenu
PostQuitMessage
TranslateMessage
DispatchMessageA
GetDlgItemInt

gdi32

GetTextExtentPoint32A
SetBkColor
GetStockObject
SelectObject
GetDeviceCaps
SetTextColor
CreateFontIndirectA
SetBkMode
DeleteObject

comdlg32

FindTextA
GetSaveFileNameA

advapi32

CryptDecrypt
CryptCreateHash
CryptReleaseContext
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptAcquireContextA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
CryptDeriveKey

shell32

SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
SHBrowseForFolderA

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
regscanner.chm
.chm
shexview.chm
.chm
shexview.exe
.exe windows:4 windows x64 arch:x64

37716a1609703b7e7c6f248a46fc59e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

_initterm
__getmainargs
_acmdln
exit
_cexit
__setusermatherr
_c_exit
_XcptFilter
__C_specific_handler
_onexit
__dllonexit
_commode
_fmode
__set_app_type
_exit
_purecall
_strlwr
strrchr
strcmp
malloc
strtoul
free
modf
memcmp
_mbschr
_memicmp
_itoa
_ultoa
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
memcpy
memset
_strcmpi
_strnicmp
_stricmp
atoi
strchr
strlen
strcpy
strcat
strncat
sprintf

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

comctl32

ImageList_Create
ImageList_SetImageCount
ord6
CreateToolbarEx
ImageList_AddMasked
ord17
ImageList_ReplaceIcon

ws2_32

WSAStartup
WSACleanup
WSAAsyncSelect
send
closesocket
WSASetLastError
socket
bind
htons
WSAGetLastError
htonl
inet_addr
connect
WSAAsyncGetHostByName

kernel32

GetStartupInfoA
Sleep
WinExec
GlobalUnlock
GetTimeFormatA
lstrlenA
FindFirstFileA
GetCurrentThreadId
ExpandEnvironmentStringsA
OpenProcess
ReadProcessMemory
ExitProcess
GetCurrentProcessId
DeleteFileA
GetCurrentProcess
GetPrivateProfileStringA
GetPrivateProfileIntA
EnumResourceNamesA
WritePrivateProfileStringA
GetLastError
FileTimeToLocalFileTime
GetFileAttributesA
GetSystemDirectoryA
CompareFileTime
FileTimeToSystemTime
GetProcAddress
LoadLibraryA
FreeLibrary
GetLocaleInfoA
CloseHandle
GetNumberFormatA
GetTempPathA
FormatMessageA
GetModuleFileNameA
FindNextFileA
LocalFree
GetWindowsDirectoryA
ReadFile
GetDateFormatA
GetTempFileNameA
lstrcpyA
GetModuleHandleA
WriteFile
FindClose
LoadLibraryExA
CreateFileA
GetFileSize
GlobalAlloc
GlobalLock
GetFileTime
GetVersionExA

user32

ModifyMenuA
AttachThreadInput
EnumWindows
GetWindowThreadProcessId
SetForegroundWindow
RegisterWindowMessageA
IsDialogMessageA
TranslateMessage
GetMessageA
DispatchMessageA
DeferWindowPos
PostQuitMessage
BeginDeferWindowPos
TrackPopupMenu
EndDeferWindowPos
GetParent
GetSysColorBrush
LoadMenuA
ChildWindowFromPoint
SetCursor
LoadCursorA
SetDlgItemTextA
GetDlgItemTextA
SetWindowTextA
SendDlgItemMessageA
GetDlgItemInt
EndDialog
GetDlgItem
CreateWindowExA
SetDlgItemInt
RegisterClassA
UpdateWindow
GetWindowRect
GetSystemMetrics
SetWindowPlacement
PostMessageA
SetMenu
LoadAcceleratorsA
DefWindowProcA
TranslateAcceleratorA
MessageBoxA
GetWindowPlacement
SendMessageA
LoadIconA
DestroyIcon
LoadImageA
GetWindowLongA
SetWindowLongA
InvalidateRect
SetFocus
LoadStringA
CloseClipboard
GetMenuStringA
SetClipboardData
GetClientRect
EnableWindow
GetCursorPos
MapWindowPoints
GetSysColor
MoveWindow
GetMenu
OpenClipboard
CheckMenuItem
EmptyClipboard
GetDC
EnableMenuItem
ReleaseDC
GetMenuItemCount
GetSubMenu
GetClassNameA
ShowWindow
DialogBoxParamA
GetDlgCtrlID
DestroyMenu
CreateDialogParamA
EnumChildWindows
DestroyWindow
GetMenuItemInfoA
SetWindowPos
GetWindowTextA

gdi32

GetStockObject
GetTextExtentPoint32A
SetBkColor
GetDeviceCaps
SetTextColor
CreateFontIndirectA
SetBkMode
DeleteObject

comdlg32

GetSaveFileNameA
FindTextA

advapi32

RegConnectRegistryA
RegUnLoadKeyA
RegCloseKey
RegLoadKeyA
RegDeleteKeyA
RegCreateKeyA
CryptReleaseContext
RegSetValueExA
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegCreateKeyExA
RegEnumKeyExA
RegQueryValueExA
CryptGetHashParam
CryptHashData
CryptDestroyHash
CryptCreateHash
CryptAcquireContextA
RegDeleteValueA

shell32

ShellExecuteA
ShellExecuteExA
ExtractIconExA

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
shmnview.chm
.chm
shmnview.exe
.exe windows:4 windows x64 arch:x64

91b013eb3fc48a57866f2067307aa722

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

_initterm
__getmainargs
_acmdln
exit
_cexit
_exit
_c_exit
_XcptFilter
__C_specific_handler
__setusermatherr
__dllonexit
_mbschr
_snprintf
_strlwr
_mbsicmp
_purecall
qsort
_itoa
malloc
free
memcmp
_commode
_fmode
__set_app_type
_onexit
strtoul
atoi
strcmp
_memicmp
strrchr
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
strchr
strlen
_stricmp
memcpy
_strcmpi
memset
strcpy
strcat
strncat
sprintf

comctl32

ImageList_Create
ImageList_SetImageCount
CreateToolbarEx
ord6
ImageList_AddMasked
ord17
ImageList_ReplaceIcon

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

OpenProcess
GetCurrentProcess
ExitProcess
GetCurrentProcessId
ReadProcessMemory
DeleteFileA
EnumResourceNamesA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
ExpandEnvironmentStringsA
WinExec
Sleep
GetCurrentThreadId
GetStartupInfoA
GetProcAddress
CloseHandle
GetTimeFormatA
FileTimeToLocalFileTime
CompareFileTime
FileTimeToSystemTime
LoadLibraryA
FreeLibrary
ReadFile
GetTempPathA
GetSystemDirectoryA
LocalFree
lstrcpyA
FormatMessageA
CreateFileA
GetWindowsDirectoryA
GetModuleFileNameA
GetFileSize
GlobalUnlock
GetDateFormatA
WriteFile
GetModuleHandleA
LoadLibraryExA
lstrlenA
GetLastError
GlobalAlloc
GetTempFileNameA
GetFileAttributesA
GetVersionExA
GlobalLock

user32

EnumWindows
AttachThreadInput
SetForegroundWindow
GetWindowThreadProcessId
DispatchMessageA
IsDialogMessageA
DeferWindowPos
TranslateMessage
BeginDeferWindowPos
GetSysColorBrush
ShowWindow
ChildWindowFromPoint
SetCursor
LoadCursorA
SetDlgItemTextA
PostQuitMessage
SetWindowTextA
SendDlgItemMessageA
GetDlgItemInt
EndDialog
GetDlgItem
CreateWindowExA
SetDlgItemInt
RegisterClassA
UpdateWindow
GetSystemMetrics
GetWindowRect
PostMessageA
SetMenu
LoadAcceleratorsA
SetWindowPos
DefWindowProcA
TranslateAcceleratorA
MessageBoxA
GetWindowPlacement
SendMessageA
LoadIconA
LoadImageA
GetWindowLongA
SetWindowLongA
SetFocus
InvalidateRect
GetSubMenu
GetMenuStringA
GetMenu
GetCursorPos
MoveWindow
GetDC
GetSysColor
CheckMenuItem
SetClipboardData
GetClientRect
EnableWindow
EmptyClipboard
MapWindowPoints
EnableMenuItem
ReleaseDC
OpenClipboard
GetClassNameA
CloseClipboard
GetMenuItemCount
DestroyWindow
GetMenuItemInfoA
GetWindowTextA
LoadMenuA
GetParent
ModifyMenuA
LoadStringA
DialogBoxParamA
GetDlgCtrlID
DestroyMenu
CreateDialogParamA
EnumChildWindows
DestroyIcon
GetMessageA
RegisterWindowMessageA
GetFocus
EndDeferWindowPos
TrackPopupMenu

gdi32

GetTextExtentPoint32A
SetBkColor
GetStockObject
GetDeviceCaps
SetTextColor
CreateFontIndirectA
SetBkMode
DeleteObject

comdlg32

FindTextA
GetSaveFileNameA

advapi32

RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA
RegQueryInfoKeyA
RegDeleteValueA
RegSetValueExA
RegCloseKey
RegQueryValueExA

shell32

ExtractIconExA
ShellExecuteA

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
sysexp.chm
.chm
sysexp.exe
.exe windows:4 windows x64 arch:x64

dbc815cacc53a8fde48e8b30ba93342c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

comctl32

ImageList_Create
ImageList_SetImageCount
ImageList_ReplaceIcon
CreateToolbarEx
ord6
ord17

msvcrt

_acmdln
exit
_cexit
_exit
_c_exit
_XcptFilter
__C_specific_handler
_onexit
__dllonexit
_strlwr
_itoa
atoi
strcmp
_memicmp
strchr
strrchr
malloc
free
__getmainargs
_initterm
__setusermatherr
modf
memcmp
strtoul
_ultoa
strlen
wcslen
strcpy
??3@YAXPEAX@Z
_purecall
??2@YAPEAX_K@Z
memset
_strcmpi
memcpy
strcat
strncat
sprintf
_commode
_fmode
__set_app_type

kernel32

OpenProcess
GetModuleHandleA
WriteProcessMemory
GetStartupInfoA
FreeLibrary
ReadProcessMemory
GetCurrentProcess
ExitProcess
DeleteFileA
GetPrivateProfileIntA
EnumResourceNamesA
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrlenA
GetModuleFileNameA
WriteFile
GetCurrentProcessId
GlobalUnlock
GetProcAddress
GlobalLock
LoadLibraryA
WideCharToMultiByte
GetLocaleInfoA
GetLastError
LoadLibraryExA
GlobalAlloc
GetTempFileNameA
GetFileAttributesA
GetVersionExA
CloseHandle
ReadFile
GetTempPathA
CreateFileA
GetNumberFormatA
LocalFree
GetFileSize
FormatMessageA
GetWindowsDirectoryA
lstrcpyA

user32

UpdateWindow
LoadImageA
GetWindowTextLengthA
GetMessageA
SetTimer
ReleaseCapture
GetSystemMetrics
GetWindowPlacement
IsDialogMessageA
TranslateMessage
EndDeferWindowPos
PostQuitMessage
TrackPopupMenu
SetCapture
RegisterClassA
BeginDeferWindowPos
CreateWindowExA
EndDialog
SendMessageA
LoadCursorA
GetDlgItem
SetWindowTextA
ChildWindowFromPoint
GetSysColorBrush
SetCursor
SetDlgItemTextA
MessageBoxA
GetWindowTextA
GetClassNameA
GetWindowThreadProcessId
EnumWindows
IsWindowVisible
RegisterWindowMessageA
LoadIconA
EnumChildWindows
SendMessageTimeoutA
GetWindowLongA
SetWindowLongA
SendDlgItemMessageA
GetDlgItemInt
InvalidateRect
SetDlgItemInt
SetFocus
SetClipboardData
EnableWindow
EmptyClipboard
MapWindowPoints
EnableMenuItem
GetClientRect
ReleaseDC
OpenClipboard
GetWindowRect
ScreenToClient
CloseClipboard
GetMenuItemCount
MoveWindow
GetMenuStringA
GetSubMenu
GetMenu
GetCursorPos
CheckMenuItem
GetDC
LoadMenuA
GetParent
ModifyMenuA
LoadStringA
DialogBoxParamA
GetDlgCtrlID
DestroyMenu
CreateDialogParamA
DestroyWindow
GetMenuItemInfoA
SetWindowPos
DestroyIcon
DeferWindowPos
WindowFromPoint
DispatchMessageA
PostMessageA
SetMenu
ShowWindow
LoadAcceleratorsA
GetSysColor
GetFocus
DefWindowProcA
TranslateAcceleratorA
KillTimer

gdi32

PatBlt
SelectObject
GetDeviceCaps
CreateFontIndirectA
SetBkColor
SetBkMode
DeleteObject
SetTextColor
CreateSolidBrush

comdlg32

FindTextA
GetSaveFileNameA

advapi32

RegDeleteKeyA

shell32

ExtractIconExA
ShellExecuteA

ole32

CoUninitialize
CreateStreamOnHGlobal
CoInitialize
GetHGlobalFromStream

oleaut32

SysFreeString

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
vlmshlp.dll
.dll windows:4 windows x64 arch:x64

e1e56d08e188ac53a853cb8636972ce1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

msvcrt

free
_memicmp
memcpy
malloc
strlen
memset
_strcmpi
strcmp
_initterm

kernel32

Sleep

user32

GetForegroundWindow
GetWindowTextA
SetWindowsHookExA
PostMessageA
UnhookWindowsHookEx
GetKeyState
CallNextHookEx
GetClientRect
GetParent
GetClassNameA
GetCursorPos
WindowFromPoint
GetWindowRect
MapWindowPoints

Exports

Exports

ActionProc

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SharedD
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59a3b4f2772b60f0e73288613e82ce26

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

comctl32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 1024B - Virtual size: 4KB

.pdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 10KB - Virtual size: 10KB

4869ad86f4ae6cb2f6ebac5568628516

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

comctl32

version

ws2_32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 93KB - Virtual size: 92KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 3KB - Virtual size: 8KB

.pdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 24KB - Virtual size: 23KB

3218b71c9a8802a462b8bc99049a9086

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 59KB - Virtual size: 59KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 1KB - Virtual size: 6KB

.pdata Size: 3KB - Virtual size: 2KB

.rsrc Size: 12KB - Virtual size: 12KB

c358672c86ed03e6efa6323a64260d5a

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 56KB - Virtual size: 56KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 1024B - Virtual size: 4KB

.pdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 10KB

.text
Size: 93KB - Virtual size: 92KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 3KB - Virtual size: 8KB

.pdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 24KB - Virtual size: 23KB

.text
Size: 59KB - Virtual size: 59KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 1KB - Virtual size: 6KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 12KB - Virtual size: 12KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 1024B - Virtual size: 4KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 13KB - Virtual size: 13KB

.text
Size: 61KB - Virtual size: 60KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 1KB - Virtual size: 6KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 25KB - Virtual size: 24KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 1024B - Virtual size: 4KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 13KB - Virtual size: 12KB

.text
Size: 69KB - Virtual size: 68KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 1KB - Virtual size: 5KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 13KB - Virtual size: 13KB