13b8e92ed6a4b65010183cceb6ea0fd9

Sharing

Copy URL Twitter E-mail

Reason

office: error reading record

General

Target

13b8e92ed6a4b65010183cceb6ea0fd9
Size

15.9MB
MD5

13b8e92ed6a4b65010183cceb6ea0fd9
SHA1

46e579325bdc6229100634341347fec675817146
SHA256

e3bbf814e63e5b3104f1d15e9e3a805fec83d5814ffcb627f2af1b7dfda0ccce
SHA512

72b8c5d9dbad3ea3e1a3930a4fb08ee20dc5423cb6f8c1965d81c2140023961d35d780885846b6d4b04fab1b09df1fcdd4cf2ed0333aed80252ffd14ae241aeb
SSDEEP

196608:C1ihqZxcfgq6nJsB+sAGshkeUxtfSJ98UwEO/mj2hwwfILpD6DPSK6YLx3UinqeC:C1ihqxKQWvtHkJcwdDDKx3v4FDWh0EX6

Score

3^/10

Malware Config

Signatures

Unsigned PE 26 IoCs

Checks for missing Authenticode signature.

resource
unpack002/ACMSETUP.EXE
unpack002/MSSETUP.DLL
unpack002/MSVCRT.DLL
unpack002/MSVCRT40.DLL
unpack002/WIZSET32.DLL
unpack002/f0000007
unpack002/f0000008
unpack002/f0000067
unpack002/f0000069
unpack002/f0000071
unpack002/f0000072
unpack002/f0000073
unpack002/f0000077
unpack002/f0000079
unpack002/f0000085
unpack002/f0000086
unpack002/f0000087
unpack002/f0000088
unpack002/f0000098
unpack002/f0000100
unpack002/f0000101
unpack002/f0000102
unpack002/f0000103
unpack002/f0000104
unpack002/f0000137
unpack001/odbcstf.dll

Files

13b8e92ed6a4b65010183cceb6ea0fd9
.rar
SETUP1.CAB
.cab
ACMSETUP.EXE
.exe windows:1 windows x86 arch:x86

d057661fa0c57da4e10eca58cdf1dc72

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
lstrcpynA
SetFileTime
GetFileTime
GetCurrentDirectoryA
FindFirstFileA
GetDiskFreeSpaceA
GetShortPathNameA
SetCurrentDirectoryA
HeapDestroy
HeapAlloc
GetSystemDirectoryA
GetVersionExA
GlobalUnlock
HeapCreate
GlobalLock
GetComputerNameA
GetLocalTime
LoadLibraryA
lstrcmpA
GetTickCount
GetProcAddress
FreeLibrary
SetErrorMode
GetDriveTypeA
GetLocaleInfoA
GlobalHandle
GetVolumeInformationA
lstrcatA
IsDBCSLeadByte
LoadResource
FindResourceA
CompareStringA
VirtualAlloc
RtlUnwind
VirtualFree
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapFree
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
WideCharToMultiByte
GetCommandLineA
GetStartupInfoA
SetEnvironmentVariableA
GetFullPathNameA
FindNextFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetSystemTime
GetTimeZoneInformation
GetCurrentProcess
TerminateProcess
ExitProcess
lstrcpyA
LockResource
FreeResource
GetLogicalDrives
GetLogicalDriveStringsA
SetFileAttributesA
DeleteFileA
GlobalMemoryStatus
CreateFileA
ReadFile
SetFilePointer
OpenFile
WriteFile
CloseHandle
MultiByteToWideChar
GetModuleFileNameA
GlobalAlloc
GlobalFree
GetPrivateProfileStringA
lstrcmpiA
GetLastError
GetWindowsDirectoryA
GetTempPathA
GetModuleHandleA
LoadLibraryExA
GetVersion
GetSystemDefaultLCID
CompareStringW
MulDiv
lstrlenA
HeapReAlloc

advapi32

RegCreateKeyExA
RegEnumKeyExA
RegSetValueExA
GetUserNameA
RegEnumValueA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegCloseKey

user32

GetWindowLongA
GetWindowTextA
BeginPaint
SetWindowLongA
FillRect
DrawFocusRect
SetRect
GetActiveWindow
EndDialog
RegisterClassA
LoadCursorA
LoadStringA
LoadBitmapA
CharUpperBuffA
SetFocus
GetDlgItemInt
GetSystemMetrics
GetFocus
CallWindowProcA
GetClassLongA
CopyRect
CharLowerA
SetCursor
ShowCursor
InvalidateRect
ScreenToClient
BroadcastSystemMessage
SendNotifyMessageA
GetDlgCtrlID
MessageBeep
InvertRect
CharUpperA
InflateRect
CheckRadioButton
CharNextA
SendDlgItemMessageA
GetSysColor
DestroyWindow
GetParent
MessageBoxA
GetKeyState
EnableWindow
LoadIconA
DrawIcon
EndPaint
DefWindowProcA
ReleaseDC
SetWindowTextA
CharPrevA
GetDlgItemTextA
wsprintfA
GetDialogBaseUnits
GetClientRect
ClientToScreen
ShowWindow
IsWindowEnabled
GetDlgItem
PostMessageA
GetWindow
SendMessageA
GetDC
DrawTextA
GetWindowRect
SetWindowPos
SetDlgItemTextA
GetSystemMenu
RemoveMenu
FindWindowA
SetForegroundWindow

gdi32

SetTextColor
GetObjectA
CreateCompatibleDC
BitBlt
CreateDiscardableBitmap
CreateDIBitmap
GetTextMetricsA
GetStockObject
AddFontResourceA
RemoveFontResourceA
CreateScalableFontResourceA
PatBlt
StretchBlt
CreateSolidBrush
CreatePatternBrush
CreateBitmap
RestoreDC
IntersectClipRect
SaveDC
GetPixel
GetNearestColor
SetBkColor
SelectObject
GetTextExtentPointA
DeleteObject
ExtTextOutA
CreateFontIndirectA
DeleteDC
CreateCompatibleBitmap
GetDeviceCaps

ole32

OleInitialize
OleUninitialize
CoCreateInstance

mpr

WNetAddConnection2A
WNetCancelConnection2A
WNetGetLastErrorA
WNetConnectionDialog
WNetCancelConnectionA
WNetAddConnectionA
WNetGetConnectionA

mssetup

FLongFileNamesSuppressed
CreateIniKeyValue
InitLongFileNames
SetAcmeInst
WriteLogDivider
FWriteToLogFile
SetErrorParamConst
PrependToPath
AddShareToAutoexec
RenameFile
GetEnvVariableValue
StampResource
FReadResource
CompareFileVersions
SetErrorParamInt
EercOpenFile
LfaSeekFile
CbReadFile
FCloseFile
CbStrCopyToBuffer
FLanguageMismatchInf
FChmodFile
AddLineToRestartFile
GetSectionKeyFilename
FGetKeyInfo
GetVersionNthField
TermIME
FRemoveOurDir
HmodUIHookDll
DoesInfSectionKeyExist
EnsurePathExists
SetErrorParamCopy
CreateProgmanItem
ShowProgmanGroup
DeleteProgmanItem
MakeListFromProgmanGroups
IsFileInUseBySystem
ReactivateSetupScript
FSetSymbolValue
HdlgShowHelp
ProcessMessageId
DoesIniKeyExist
UIPop
ForceNewDialog
GetScreenHeight
UIStartExeDlg
GetWindowsMode
SzLastChar
IsCtl3dEnabled
RemoveSymbol
GetListItem
GetListLength
UIStartExeDlgWinHelp
GetSymbolValue
SetPassInfo
HwndFrame
CopyFilesInCopyList
LogMessageId
Validate
GetCopyListCost
ClearCopyList
SetRestartDir
HandleOOM
PbAlloc
DoesFileExist
ReadInfFile
AddListItem
ClearBillboardList
SetCopyGaugePosition
ReplaceListItem
GetFreeSpaceForDrive
DriveNumToRootPath
SetErrorParam
FValidFilePath
IsDriveNetwork
CrcStringCompareI
CbGetListItem
GetNetworkDrivesList
SetSymbolValue
DoesDirExist
GetWindowsSysDir
IsWindowsShared
ShowWaitCursor
RestoreCursor
FRegCloseKey
SetRegKeyValue32Ex
GetRegKeyValue32Ex
FRegCreateKey32
DeleteRegKeyValue32
ForceRestartOn
EnableIME
InitIME
InitSetupToolkit
SetFEFontProc
GetSectionKeyVersion
DoesInfSectionExist
GetRegKeyValue32
GetScreenWidth
DoMsgBox
SuppressLongFileNames
SetAdminMode
SetSilentMode
SetTitle
SetBitmap
SetSizeCheckMode
SetAbout
EndSetupToolkit
FCloseLogFile
FFree
ExitExecRestart
RestartListEmpty
GetDOSMajorVersion
IsDirWritable
GetWindowsDirPath
SetRegKeyValue32
RemoveIniKey
RemoveDir
CrcStringCompare
GetIniKeyString
FOpenLogFile
SzGetLastSetupErrMsg
FindFileInTree
CbGetSymbolValue
IsWindows
OpenIME
RemoveFile
FCloseSrcFile
EercReadSrcFile
EercOpenSrcFileEx
EercWriteSrcFile
EercOpenSrcFile
IsDriveRemovable
EercFindHddiFloppy
SetErrorParamChar
GetVersionOfFile
IsDriveLocalHard
IsFileWritable
AddSectionKeyFileToCopyList
FindTargetOnEnvVar
GetNthFieldFromIniString
FindFileUsingFileOpen
AddToBillboardList
GetSectionKeySize
RemoveSectionKeyFileToCopyList
RemoveSpecialFileToCopyList
AddSpecialFileToCopyList
LogValidate
BindImage
MakeListFromSectionSize
RemoveSectionFilesToCopyList
AddSectionFilesToCopyList
CreateDir

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

shell32

ShellExecuteA

Sections

.text
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 87KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ACMSETUP.HLP
MSSETUP.DLL
.dll windows:1 windows x86 arch:x86

9f91a6d65da7fff6bdb420d66d40fac0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RemoveDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetFileAttributesA
GetFileAttributesA
FindClose
FindNextFileA
FindFirstFileA
CreateDirectoryA
GetCurrentThreadId
lstrcmpiA
GetProfileStringA
GlobalAddAtomA
GlobalDeleteAtom
IsBadReadPtr
GetVersion
GlobalFree
GlobalAlloc
LoadResource
SizeofResource
FindResourceA
DeviceIoControl
GetDriveTypeA
GetFileTime
FreeLibrary
GetProcAddress
LoadLibraryA
GetVolumeInformationA
ReadFile
FileTimeToLocalFileTime
GetLocaleInfoA
WritePrivateProfileStringA
WriteProfileStringA
GetPrivateProfileStringA
GetModuleFileNameA
GlobalLock
GlobalHandle
GlobalReAlloc
GetCurrentProcess
ReleaseMutex
CreateMutexA
GetShortPathNameA
OpenMutexA
GetSystemInfo
GetWindowsDirectoryA
GetSystemDirectoryA
GetEnvironmentVariableA
CreateFileA
SearchPathA
CreateFileMappingA
MapViewOfFile
RtlMoveMemory
FlushViewOfFile
GetSystemTime
SystemTimeToFileTime
SetFileTime
LocalAlloc
GetFileSize
UnmapViewOfFile
CloseHandle
LocalFree
GetTempPathA
FileTimeToDosDateTime
DeleteFileA
MoveFileExA
GetTempFileNameA
MoveFileA
LocalFileTimeToFileTime
GetLastError
DosDateTimeToFileTime
IsDBCSLeadByte
lstrcatA
SetErrorMode
lstrcpyA
GetTickCount
lstrcmpA
WriteFile
lstrlenA
SetFilePointer
GetDiskFreeSpaceA
CompareStringW
GetTimeZoneInformation
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcessId
VirtualAlloc
VirtualFree
HeapCreate
CompareStringA
HeapReAlloc
HeapDestroy
LCMapStringW
LCMapStringA
TerminateProcess
RtlZeroMemory
MultiByteToWideChar
GetStringTypeW
ExitProcess
WideCharToMultiByte
GetModuleHandleA
GetStringTypeA
HeapFree
HeapAlloc
GetCommandLineA
SetEnvironmentVariableA
FileTimeToSystemTime
GetFullPathNameA
RtlUnwind
OpenFile
GetLocalTime
SetUnhandledExceptionFilter
IsBadWritePtr
IsBadCodePtr
lstrcpynA

advapi32

RegQueryInfoKeyA
RegQueryValueA
RegFlushKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA

user32

SetWindowWord
GetWindowWord
EnableWindow
SetWindowTextA
MapDialogRect
SetWindowPos
SendDlgItemMessageA
ShowWindow
AppendMenuA
DeleteMenu
GetSystemMenu
LoadIconA
CreateWindowExA
SendNotifyMessageA
GetDialogBaseUnits
MessageBoxA
DialogBoxParamA
CopyRect
EndDialog
RemoveMenu
DrawIcon
SetRect
DdeUninitialize
DdeDisconnect
DdeInitializeA
DdeFreeStringHandle
DdeConnect
DdeCreateStringHandleA
DdeFreeDataHandle
SetFocus
GetDlgItem
PostMessageA
DdeGetLastError
ExitWindowsEx
IsWindow
LoadBitmapA
GetLastActivePopup
UnregisterClassA
CreateDialogParamA
GetMessageA
GetKeyState
SendMessageA
SetWindowLongA
SetPropA
GetPropA
PeekMessageA
TranslateMessage
DispatchMessageA
IsDialogMessageA
CharUpperBuffA
CharUpperA
MessageBeep
UpdateWindow
WinHelpA
CharPrevA
GetActiveWindow
SetActiveWindow
LoadCursorA
SetCursor
LoadStringA
DestroyWindow
SetDlgItemTextA
ShowCursor
GetSystemMetrics
RegisterClassA
CharNextA
wsprintfA
GetCursor
ShowCaret
HideCaret
MapWindowPoints
ExcludeUpdateRgn
BeginPaint
EndPaint
IsWindowEnabled
GetWindowTextA
ClientToScreen
IntersectRect
DrawTextA
GetFocus
ScreenToClient
DrawFocusRect
GetClassNameA
CallNextHookEx
InvalidateRect
GetClassInfoA
DdeAccessData
DefWindowProcA
GetWindowDC
GetWindowRect
InflateRect
OffsetRect
ReleaseDC
GetWindowLongA
GetWindow
IsChild
SetWindowsHookExA
UnhookWindowsHookEx
GetClientRect
RemovePropA
CallWindowProcA
DdeClientTransaction
DdeUnaccessData
GetDC
GetSysColor
GetParent
OemToCharA

gdi32

DeleteObject
ExtTextOutA
IntersectClipRect
SetBkColor
GetTextMetricsA
SetTextColor
GetTextExtentPointA
GetDeviceCaps
CreateSolidBrush
SelectObject
BitBlt
CreateCompatibleDC
DeleteDC
CreateDIBitmap
GetNearestColor
SetBkMode
GetStockObject
GetObjectA
PatBlt

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerFindFileA

lz32

LZOpenFileA
LZCopy
LZClose

Exports

Exports

AddLineToRestartFile
AddListItem
AddSectionFilesToCopyList
AddSectionKeyFileToCopyList
AddShareToAutoexec
AddSpecialFileToCopyList
AddToBillboardList
BindImage
BtnWndProc3d
CbGetListItem
CbGetSymbolValue
CbReadFile
CbStrCopyToBuffer
CbWriteFile
CleanupTrap
ClearBillboardList
ClearCopyList
ComboWndProc3d
CompareFileVersions
CopyFile
CopyFilesInCopyList
CrcStringCompare
CrcStringCompareI
CreateDir
CreateIniKeyValue
CreateProgmanGroup
CreateProgmanItem
CreateSysIniKeyValue
Ctl3dAutoSubclass
Ctl3dColorChange
Ctl3dCtlColor
Ctl3dCtlColorEx
Ctl3dDlgFramePaint
Ctl3dDlgProc
Ctl3dEnabled
Ctl3dGetVer
Ctl3dRegister
Ctl3dSetStyle
Ctl3dSubclassCtl
Ctl3dSubclassDlg
Ctl3dSubclassDlgEx
Ctl3dUnregister
Ctl3dWinIniChange
DBCS_fullpath
DBCS_splitpath
DebugMessagesOn
DeleteProgmanGroup
DeleteProgmanItem
DeleteRegKeyValue32
DoMsgBox
DoesDirExist
DoesFileExist
DoesInfSectionExist
DoesInfSectionKeyExist
DoesIniKeyExist
DoesIniSectionExist
DoesSysIniKeyValueExist
DriveNumToRootPath
EditWndProc3d
EercErrorHandler
EercFindHddiFloppy
EercOpenFile
EercOpenSrcFile
EercOpenSrcFileEx
EercReadSrcFile
EercWriteSrcFile
EnableIME
EndSetupToolkit
EnsurePathExists
ExitExecRestart
FAddLineToRestartFile
FAddListItem
FAddSymbolValueToSymTab
FChmodFile
FCloseFile
FCloseHelp
FCloseLogFile
FCloseSrcFile
FDisplaySystemMsg
FFileExist
FFree
FGetKeyInfo
FGstGenericDlgProc
FGstGenericHelpDlgProc
FHasInfBeenOpened
FInstRemoveableDrive
FLanguageMismatchInf
FLogOpen
FLongFileNamesSuppressed
FMakeFATPathFromDirAndSubPath
FMsgBoxDlgProc
FOpenLogFile
FReadResource
FRegCloseKey
FRegCreateKey32
FRemoveOurDir
FRemoveSymbol
FSetSymbolValue
FStampResource
FValidFilePath
FWriteToLogFile
FailAssert
FailRTChkArg
FindFileInTree
FindFileUsingFileOpen
FindTargetOnEnvVar
ForceNewDialog
ForceRestartOff
ForceRestartOn
FrameWndProc
GetCopyListCost
GetDOSMajorVersion
GetDOSMinorVersion
GetEnvVariableValue
GetExistingFOTFileForTTF
GetFreeSpaceForDrive
GetIniKeyString
GetListItem
GetListLength
GetNetworkDrivesList
GetNthFieldFromIniString
GetProcessorType
GetRegKeyValue32
GetRegKeyValue32Ex
GetScreenHeight
GetScreenWidth
GetSectionKeyDate
GetSectionKeyFilename
GetSectionKeySize
GetSectionKeyVersion
GetSilentMode
GetSizeOfFile
GetSymbolValue
GetTotalSpaceForDrive
GetTypeFaceNameFromTTF
GetVersionNthField
GetVersionOfFile
GetWindowsDirPath
GetWindowsMajorVersion
GetWindowsMinorVersion
GetWindowsMode
GetWindowsSysDir
HandleOOM
HdlgShowHelp
HinstFrame
HmodUIHookDll
HwndFrame
InitIME
InitLongFileNames
InitSetupToolkit
IsAdminMode
IsCtl3dEnabled
IsDirWritable
IsDriveLocalHard
IsDriveNetwork
IsDriveRemovable
IsDriverInConfig
IsFileInUseBySystem
IsFileWritable
IsWindows
IsWindowsDBCS
IsWindowsJapanese
IsWindowsShared
LfaSeekFile
ListWndProc3d
LogMessageId
LogValidate
MBIconProc
MakeListFromProgmanGroups
MakeListFromSectionDate
MakeListFromSectionFilename
MakeListFromSectionKeys
MakeListFromSectionSize
MakeListFromSectionVersion
OpenIME
PbAlloc
PbRealloc
PrependToPath
ProBarProc
ProDlgProc
ProcessDebugMessage
ProcessMessage
ProcessMessageId
PsdleFromDid
ReactivateSetupScript
ReadInfFile
RemoveDir
RemoveFile
RemoveIniKey
RemoveIniSection
RemoveSectionFilesToCopyList
RemoveSectionKeyFileToCopyList
RemoveSpecialFileToCopyList
RemoveSymbol
RenameFile
ReplaceListItem
ResponseFile
RestartListEmpty
RestoreCursor
STF_AddLineToRestartFile
STF_AddListItem
STF_AddSectionFilesToCopyList
STF_AddSectionKeyFileToCopyList
STF_AddShareToAutoexec
STF_AddSpecialFileToCopyList
STF_AddToBillboardList
STF_ClearBillboardList
STF_CopyFile
STF_CopyFilesInCopyList
STF_CreateDir
STF_CreateIniKeyValue
STF_CreateProgmanGroup
STF_CreateProgmanItem
STF_DoesDirExist
STF_DoesInfSectionExist
STF_DoesInfSectionKeyExist
STF_DoesIniKeyExist
STF_DoesIniSectionExist
STF_FindFileInTree
STF_FindFileUsingFileOpen
STF_FindTargetOnEnvVar
STF_ForceNewDialog
STF_GetCopyListCost
STF_GetExistingFOTFileForTTF
STF_GetFreeSpaceForDrive
STF_GetIniKeyString
STF_GetListItem
STF_GetListLength
STF_GetNetworkDrivesList
STF_GetNthFieldFromIniString
STF_GetSectionKeyDate
STF_GetSectionKeyFilename
STF_GetSectionKeySize
STF_GetSectionKeyVersion
STF_GetSizeOfFile
STF_GetSymbolValue
STF_GetTotalSpaceForDrive
STF_GetTypeFaceNameFromTTF
STF_GetVersionNthField
STF_GetVersionOfFile
STF_GetWindowsDirPath
STF_GetWindowsSysDir
STF_InitSetupToolkit
STF_IsDirWritable
STF_IsDriveLocalHard
STF_IsDriveNetwork
STF_IsDriveRemovable
STF_IsFileInUseBySystem
STF_IsFileWritable
STF_IsWindowsShared
STF_MakeListFromProgmanGroups
STF_MakeListFromSectionDate
STF_MakeListFromSectionFilename
STF_MakeListFromSectionKeys
STF_MakeListFromSectionSize
STF_MakeListFromSectionVersion
STF_PrependToPath
STF_ReadInfFile
STF_RemoveDir
STF_RemoveFile
STF_RemoveIniKey
STF_RemoveIniSection
STF_RemoveSectionFilesToCopyList
STF_RemoveSectionKeyFileToCopyList
STF_RemoveSpecialFileToCopyList
STF_RemoveSymbol
STF_RenameFile
STF_RestoreCursor
STF_SetAbout
STF_SetBitmap
STF_SetRestartDir
STF_SetSymbolValue
STF_ShowProgmanGroup
STF_StampResource
STF_UIPop
STF_UIPopAll
STF_UIStartDlg
STF_UIStartExeDlg
STF_UIStartExeDlgWinHelp
SetAbout
SetAcmeInst
SetAdminMode
SetBitmap
SetCopyGaugePosition
SetErrorParam
SetErrorParamChar
SetErrorParamConst
SetErrorParamCopy
SetErrorParamInt
SetFEFontProc
SetLastSetupErrMsg
SetPassInfo
SetRegKeyValue32
SetRegKeyValue32Ex
SetRestartDir
SetSilentMode
SetSizeCheckMode
SetSymbolValue
SetTitle
SetupApiErr
ShowProgmanGroup
ShowWaitCursor
StampResource
StaticWndProc3d
SuppressLongFileNames
SzFindSymbolValueInSymTab
SzGetLastSetupErrMsg
SzLastChar
TermIME
UIPop
UIPopAll
UIStartDlg
UIStartExeDlg
UIStartExeDlgWinHelp
UiFindSrcFileName
UiPromptForDisk
UsGetListLength
Validate
WriteLogDivider
fnText

Sections

.text
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.expo
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSVCRT.DLL
.dll windows:4 windows x86 arch:x86

8d26773106ed39fbb89a157d19d8aa89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
RtlUnwind
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetUnhandledExceptionFilter
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
ResumeThread
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapFree
HeapAlloc
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
SetEnvironmentVariableW
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
RaiseException
SetStdHandle
Sleep
CompareStringA
CompareStringW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
GetTimeZoneInformation
SetEnvironmentVariableA
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
HeapSize
ReadConsoleA
SetConsoleMode
GetConsoleMode
SetEndOfFile
WriteConsoleA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
GetSystemTimeAsFileTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime
GetSystemTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__argc
__argv
__badioinfo
__crtCompareStringA
__crtGetLocaleInfoW
__crtLCMapStringA
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__isascii
__iscsym
__iscsymf
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pioinfo
__pxcptinfoptrs
__set_app_type
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__unguarded_readlc_active
__wargv
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_creat
_cscanf
_ctype
_cwait
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirsti64
_findnext
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstati64
_ftime
_ftol
_fullpath
_futime
_gcvt
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getws
_global_unwind2
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putws
_pwctype
_read
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_searchenv
_seh_longjmp_unwind
_set_error_mode
_set_sbh_threshold
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snwprintf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_splitpath
_stat
_stati64
_statusfp
_strcmpi
_strdate
_strdup
_strerror
_stricmp
_stricoll
_strlwr
_strncoll
_strnicmp
_strnicoll
_strnset
_strrev
_strset
_strtime
_strupr
_swab
_sys_errlist
_sys_nerr
_tell
_telli64
_tempnam
_timezone
_tolower
_toupper
_tzname
_tzset
_ui64toa
_ui64tow
_ultoa
_ultow
_umask
_ungetch
_unlink
_unloaddll
_unlock
_utime
_vsnprintf
_vsnwprintf
_waccess
_wasctime
_wchdir
_wchmod
_wcmdln
_wcreat
_wcsdup
_wcsicmp
_wcsicoll
_wcslwr
_wcsncoll
_wcsnicmp
_wcsnicoll
_wcsnset
_wcsrev
_wcsset
_wcsupr

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSVCRT40.DLL
.dll windows:4 windows x86 arch:x86

57259dcda30c27e977785c33a8441434

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsValidLocale
RtlUnwind
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ResumeThread
GetLastError
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
HeapFree
HeapAlloc
HeapCreate
HeapDestroy
ReadFile
SetFilePointer
SetHandleCount
GetFileType
GetStartupInfoA
CreateFileA
SetStdHandle
SetEndOfFile
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
Sleep
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
SetEnvironmentVariableW
RaiseException
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
GetLocaleInfoW
GetTimeZoneInformation
HeapReAlloc
HeapSize
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapUnlock
HeapWalk
HeapLock
HeapCompact
ReadConsoleA
SetConsoleMode
GetConsoleMode
WriteConsoleA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
LockFile
UnlockFile
CreatePipe
CreateFileW
GetLocalTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
GetSystemTime

Exports

Exports

$I10_OUTPUT
??0Iostream_init@@QAE@AAVios@@H@Z
??0Iostream_init@@QAE@XZ
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??0filebuf@@QAE@ABV0@@Z
??0filebuf@@QAE@H@Z
??0filebuf@@QAE@HPADH@Z
??0filebuf@@QAE@XZ
??0fstream@@QAE@ABV0@@Z
??0fstream@@QAE@H@Z
??0fstream@@QAE@HPADH@Z
??0fstream@@QAE@PBDHH@Z
??0fstream@@QAE@XZ
??0ifstream@@QAE@ABV0@@Z
??0ifstream@@QAE@H@Z
??0ifstream@@QAE@HPADH@Z
??0ifstream@@QAE@PBDHH@Z
??0ifstream@@QAE@XZ
??0ios@@IAE@ABV0@@Z
??0ios@@IAE@XZ
??0ios@@QAE@PAVstreambuf@@@Z
??0iostream@@IAE@ABV0@@Z
??0iostream@@IAE@XZ
??0iostream@@QAE@PAVstreambuf@@@Z
??0istream@@IAE@ABV0@@Z
??0istream@@IAE@XZ
??0istream@@QAE@PAVstreambuf@@@Z
??0istream_withassign@@QAE@ABV0@@Z
??0istream_withassign@@QAE@PAVstreambuf@@@Z
??0istream_withassign@@QAE@XZ
??0istrstream@@QAE@ABV0@@Z
??0istrstream@@QAE@PAD@Z
??0istrstream@@QAE@PADH@Z
??0logic_error@@QAE@ABQBD@Z
??0logic_error@@QAE@ABV0@@Z
??0ofstream@@QAE@ABV0@@Z
??0ofstream@@QAE@H@Z
??0ofstream@@QAE@HPADH@Z
??0ofstream@@QAE@PBDHH@Z
??0ofstream@@QAE@XZ
??0ostream@@IAE@ABV0@@Z
??0ostream@@IAE@XZ
??0ostream@@QAE@PAVstreambuf@@@Z
??0ostream_withassign@@QAE@ABV0@@Z
??0ostream_withassign@@QAE@PAVstreambuf@@@Z
??0ostream_withassign@@QAE@XZ
??0ostrstream@@QAE@ABV0@@Z
??0ostrstream@@QAE@PADHH@Z
??0ostrstream@@QAE@XZ
??0stdiobuf@@QAE@ABV0@@Z
??0stdiobuf@@QAE@PAU_iobuf@@@Z
??0stdiostream@@QAE@ABV0@@Z
??0stdiostream@@QAE@PAU_iobuf@@@Z
??0streambuf@@IAE@PADH@Z
??0streambuf@@IAE@XZ
??0streambuf@@QAE@ABV0@@Z
??0strstream@@QAE@ABV0@@Z
??0strstream@@QAE@PADHH@Z
??0strstream@@QAE@XZ
??0strstreambuf@@QAE@ABV0@@Z
??0strstreambuf@@QAE@H@Z
??0strstreambuf@@QAE@P6APAXJ@ZP6AXPAX@Z@Z
??0strstreambuf@@QAE@PADH0@Z
??0strstreambuf@@QAE@XZ
??1Iostream_init@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1filebuf@@UAE@XZ
??1fstream@@UAE@XZ
??1ifstream@@UAE@XZ
??1ios@@UAE@XZ
??1iostream@@UAE@XZ
??1istream@@UAE@XZ
??1istream_withassign@@UAE@XZ
??1istrstream@@UAE@XZ
??1logic_error@@UAE@XZ
??1ofstream@@UAE@XZ
??1ostream@@UAE@XZ
??1ostream_withassign@@UAE@XZ
??1ostrstream@@UAE@XZ
??1stdiobuf@@UAE@XZ
??1stdiostream@@UAE@XZ
??1streambuf@@UAE@XZ
??1strstream@@UAE@XZ
??1strstreambuf@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4Iostream_init@@QAEAAV0@ABV0@@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??4filebuf@@QAEAAV0@ABV0@@Z
??4fstream@@QAEAAV0@AAV0@@Z
??4ifstream@@QAEAAV0@ABV0@@Z
??4ios@@IAEAAV0@ABV0@@Z
??4iostream@@IAEAAV0@AAV0@@Z
??4iostream@@IAEAAV0@PAVstreambuf@@@Z
??4istream@@IAEAAV0@ABV0@@Z
??4istream@@IAEAAV0@PAVstreambuf@@@Z
??4istream_withassign@@QAEAAV0@ABV0@@Z
??4istream_withassign@@QAEAAVistream@@ABV1@@Z
??4istream_withassign@@QAEAAVistream@@PAVstreambuf@@@Z
??4istrstream@@QAEAAV0@ABV0@@Z
??4logic_error@@QAEAAV0@ABV0@@Z
??4ofstream@@QAEAAV0@ABV0@@Z
??4ostream@@IAEAAV0@ABV0@@Z
??4ostream@@IAEAAV0@PAVstreambuf@@@Z
??4ostream_withassign@@QAEAAV0@ABV0@@Z
??4ostream_withassign@@QAEAAVostream@@ABV1@@Z
??4ostream_withassign@@QAEAAVostream@@PAVstreambuf@@@Z
??4ostrstream@@QAEAAV0@ABV0@@Z
??4stdiobuf@@QAEAAV0@ABV0@@Z
??4stdiostream@@QAEAAV0@AAV0@@Z
??4streambuf@@QAEAAV0@ABV0@@Z
??4strstream@@QAEAAV0@AAV0@@Z
??4strstreambuf@@QAEAAV0@ABV0@@Z
??5istream@@QAEAAV0@AAC@Z
??5istream@@QAEAAV0@AAD@Z
??5istream@@QAEAAV0@AAE@Z
??5istream@@QAEAAV0@AAF@Z
??5istream@@QAEAAV0@AAG@Z
??5istream@@QAEAAV0@AAH@Z
??5istream@@QAEAAV0@AAI@Z
??5istream@@QAEAAV0@AAJ@Z
??5istream@@QAEAAV0@AAK@Z
??5istream@@QAEAAV0@AAM@Z
??5istream@@QAEAAV0@AAN@Z
??5istream@@QAEAAV0@AAO@Z
??5istream@@QAEAAV0@P6AAAV0@AAV0@@Z@Z
??5istream@@QAEAAV0@P6AAAVios@@AAV1@@Z@Z
??5istream@@QAEAAV0@PAC@Z
??5istream@@QAEAAV0@PAD@Z
??5istream@@QAEAAV0@PAE@Z
??5istream@@QAEAAV0@PAVstreambuf@@@Z
??6ostream@@QAEAAV0@C@Z
??6ostream@@QAEAAV0@D@Z
??6ostream@@QAEAAV0@E@Z
??6ostream@@QAEAAV0@F@Z
??6ostream@@QAEAAV0@G@Z
??6ostream@@QAEAAV0@H@Z
??6ostream@@QAEAAV0@I@Z
??6ostream@@QAEAAV0@J@Z
??6ostream@@QAEAAV0@K@Z
??6ostream@@QAEAAV0@M@Z
??6ostream@@QAEAAV0@N@Z
??6ostream@@QAEAAV0@O@Z
??6ostream@@QAEAAV0@P6AAAV0@AAV0@@Z@Z
??6ostream@@QAEAAV0@P6AAAVios@@AAV1@@Z@Z
??6ostream@@QAEAAV0@PAVstreambuf@@@Z
??6ostream@@QAEAAV0@PBC@Z
??6ostream@@QAEAAV0@PBD@Z
??6ostream@@QAEAAV0@PBE@Z
??6ostream@@QAEAAV0@PBX@Z
??7ios@@QBEHXZ
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??Bios@@QBEPAXXZ
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_7filebuf@@6B@
??_7fstream@@6B@
??_7ifstream@@6B@
??_7ios@@6B@
??_7iostream@@6B@
??_7istream@@6B@
??_7istream_withassign@@6B@
??_7istrstream@@6B@
??_7logic_error@@6B@
??_7ofstream@@6B@
??_7ostream@@6B@
??_7ostream_withassign@@6B@
??_7ostrstream@@6B@
??_7stdiobuf@@6B@
??_7stdiostream@@6B@
??_7streambuf@@6B@
??_7strstream@@6B@
??_7strstreambuf@@6B@
??_8fstream@@7Bistream@@@
??_8fstream@@7Bostream@@@
??_8ifstream@@7B@
??_8iostream@@7Bistream@@@
??_8iostream@@7Bostream@@@
??_8istream@@7B@
??_8istream_withassign@@7B@
??_8istrstream@@7B@
??_8ofstream@@7B@
??_8ostream@@7B@
??_8ostream_withassign@@7B@
??_8ostrstream@@7B@
??_8stdiostream@@7Bistream@@@
??_8stdiostream@@7Bostream@@@
??_8strstream@@7Bistream@@@
??_8strstream@@7Bostream@@@
??_Dfstream@@QAEXXZ
??_Difstream@@QAEXXZ
??_Diostream@@QAEXXZ
??_Distream@@QAEXXZ
??_Distream_withassign@@QAEXXZ
??_Distrstream@@QAEXXZ
??_Dofstream@@QAEXXZ
??_Dostream@@QAEXXZ
??_Dostream_withassign@@QAEXXZ
??_Dostrstream@@QAEXXZ
??_Dstdiostream@@QAEXXZ
??_Dstrstream@@QAEXXZ
??_EIostream_init@@QAEPAXI@Z
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_Efilebuf@@UAEPAXI@Z
??_Efstream@@UAEPAXI@Z
??_Eifstream@@UAEPAXI@Z
??_Eios@@UAEPAXI@Z
??_Eiostream@@UAEPAXI@Z
??_Eistream@@UAEPAXI@Z
??_Eistream_withassign@@UAEPAXI@Z
??_Eistrstream@@UAEPAXI@Z
??_Elogic_error@@UAEPAXI@Z
??_Eofstream@@UAEPAXI@Z
??_Eostream@@UAEPAXI@Z
??_Eostream_withassign@@UAEPAXI@Z
??_Eostrstream@@UAEPAXI@Z
??_Estdiobuf@@UAEPAXI@Z
??_Estdiostream@@UAEPAXI@Z
??_Estreambuf@@UAEPAXI@Z
??_Estrstream@@UAEPAXI@Z
??_Estrstreambuf@@UAEPAXI@Z
??_GIostream_init@@QAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
??_Gfilebuf@@UAEPAXI@Z
??_Gfstream@@UAEPAXI@Z
??_Gifstream@@UAEPAXI@Z
??_Gios@@UAEPAXI@Z
??_Giostream@@UAEPAXI@Z
??_Gistream@@UAEPAXI@Z
??_Gistream_withassign@@UAEPAXI@Z
??_Gistrstream@@UAEPAXI@Z
??_Glogic_error@@UAEPAXI@Z
??_Gofstream@@UAEPAXI@Z
??_Gostream@@UAEPAXI@Z
??_Gostream_withassign@@UAEPAXI@Z
??_Gostrstream@@UAEPAXI@Z
??_Gstdiobuf@@UAEPAXI@Z
??_Gstdiostream@@UAEPAXI@Z
??_Gstreambuf@@UAEPAXI@Z
??_Gstrstream@@UAEPAXI@Z
??_Gstrstreambuf@@UAEPAXI@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?adjustfield@ios@@2JB
?allocate@streambuf@@IAEHXZ
?attach@filebuf@@QAEPAV1@H@Z
?attach@fstream@@QAEXH@Z
?attach@ifstream@@QAEXH@Z
?attach@ofstream@@QAEXH@Z
?bad@ios@@QBEHXZ
?base@streambuf@@IBEPADXZ
?basefield@ios@@2JB
?before@type_info@@QBEHABV1@@Z
?binary@filebuf@@2HB
?bitalloc@ios@@SAJXZ
?blen@streambuf@@IBEHXZ
?cerr@@3Vostream_withassign@@A
?cin@@3Vistream_withassign@@A
?clear@ios@@QAEXH@Z
?clog@@3Vostream_withassign@@A
?close@filebuf@@QAEPAV1@XZ
?close@fstream@@QAEXXZ
?close@ifstream@@QAEXXZ
?close@ofstream@@QAEXXZ
?clrlock@ios@@QAAXXZ
?clrlock@streambuf@@QAEXXZ
?cout@@3Vostream_withassign@@A
?dbp@streambuf@@QAEXXZ
?dec@@YAAAVios@@AAV1@@Z
?delbuf@ios@@QAEXH@Z
?delbuf@ios@@QBEHXZ
?doallocate@streambuf@@MAEHXZ
?doallocate@strstreambuf@@MAEHXZ
?eatwhite@istream@@QAEXXZ
?eback@streambuf@@IBEPADXZ
?ebuf@streambuf@@IBEPADXZ
?egptr@streambuf@@IBEPADXZ
?endl@@YAAAVostream@@AAV1@@Z
?ends@@YAAAVostream@@AAV1@@Z
?eof@ios@@QBEHXZ
?epptr@streambuf@@IBEPADXZ
?fLockcInit@ios@@0HA
?fail@ios@@QBEHXZ
?fd@filebuf@@QBEHXZ
?fd@fstream@@QBEHXZ
?fd@ifstream@@QBEHXZ
?fd@ofstream@@QBEHXZ
?fill@ios@@QAEDD@Z
?fill@ios@@QBEDXZ
?flags@ios@@QAEJJ@Z
?flags@ios@@QBEJXZ
?floatfield@ios@@2JB
?flush@@YAAAVostream@@AAV1@@Z
?flush@ostream@@QAEAAV1@XZ
?freeze@strstreambuf@@QAEXH@Z
?gbump@streambuf@@IAEXH@Z
?gcount@istream@@QBEHXZ
?get@istream@@IAEAAV1@PADHH@Z
?get@istream@@QAEAAV1@AAC@Z
?get@istream@@QAEAAV1@AAD@Z
?get@istream@@QAEAAV1@AAE@Z
?get@istream@@QAEAAV1@AAVstreambuf@@D@Z
?get@istream@@QAEAAV1@PACHD@Z
?get@istream@@QAEAAV1@PADHD@Z
?get@istream@@QAEAAV1@PAEHD@Z
?get@istream@@QAEHXZ
?getdouble@istream@@AAEHPADH@Z
?getint@istream@@AAEHPAD@Z
?getline@istream@@QAEAAV1@PACHD@Z
?getline@istream@@QAEAAV1@PADHD@Z
?getline@istream@@QAEAAV1@PAEHD@Z
?good@ios@@QBEHXZ
?gptr@streambuf@@IBEPADXZ
?hex@@YAAAVios@@AAV1@@Z
?ignore@istream@@QAEAAV1@HH@Z
?in_avail@streambuf@@QBEHXZ
?init@ios@@IAEXPAVstreambuf@@@Z
?ipfx@istream@@QAEHH@Z
?is_open@filebuf@@QBEHXZ
?is_open@fstream@@QBEHXZ
?is_open@ifstream@@QBEHXZ
?is_open@ofstream@@QBEHXZ
?isfx@istream@@QAEXXZ
?iword@ios@@QBEAAJH@Z
?lock@ios@@QAAXXZ
?lock@streambuf@@QAEXXZ
?lockbuf@ios@@QAAXXZ
?lockc@ios@@KAXXZ
?lockptr@ios@@IAEPAU_CRT_CRITICAL_SECTION@@XZ
?lockptr@streambuf@@IAEPAU_CRT_CRITICAL_SECTION@@XZ
?name@type_info@@QBEPBDXZ
?oct@@YAAAVios@@AAV1@@Z
?open@filebuf@@QAEPAV1@PBDHH@Z
?open@fstream@@QAEXPBDHH@Z
?open@ifstream@@QAEXPBDHH@Z
?open@ofstream@@QAEXPBDHH@Z
?openprot@filebuf@@2HB
?opfx@ostream@@QAEHXZ
?osfx@ostream@@QAEXXZ
?out_waiting@streambuf@@QBEHXZ
?overflow@filebuf@@UAEHH@Z
?overflow@stdiobuf@@UAEHH@Z
?overflow@strstreambuf@@UAEHH@Z
?pbackfail@stdiobuf@@UAEHH@Z
?pbackfail@streambuf@@UAEHH@Z
?pbase@streambuf@@IBEPADXZ
?pbump@streambuf@@IAEXH@Z
?pcount@ostrstream@@QBEHXZ
?pcount@strstream@@QBEHXZ
?peek@istream@@QAEHXZ
?pptr@streambuf@@IBEPADXZ
?precision@ios@@QAEHH@Z
?precision@ios@@QBEHXZ
?put@ostream@@QAEAAV1@C@Z
?put@ostream@@QAEAAV1@D@Z
?put@ostream@@QAEAAV1@E@Z
?putback@istream@@QAEAAV1@D@Z
?pword@ios@@QBEAAPAXH@Z
?raw_name@type_info@@QBEPBDXZ
?rdbuf@fstream@@QBEPAVfilebuf@@XZ
?rdbuf@ifstream@@QBEPAVfilebuf@@XZ
?rdbuf@ios@@QBEPAVstreambuf@@XZ
?rdbuf@istrstream@@QBEPAVstrstreambuf@@XZ
?rdbuf@ofstream@@QBEPAVfilebuf@@XZ
?rdbuf@ostrstream@@QBEPAVstrstreambuf@@XZ
?rdbuf@stdiostream@@QBEPAVstdiobuf@@XZ
?rdbuf@strstream@@QBEPAVstrstreambuf@@XZ
?rdstate@ios@@QBEHXZ
?read@istream@@QAEAAV1@PACH@Z
?read@istream@@QAEAAV1@PADH@Z
?read@istream@@QAEAAV1@PAEH@Z
?sbumpc@streambuf@@QAEHXZ
?seekg@istream@@QAEAAV1@J@Z
?seekg@istream@@QAEAAV1@JW4seek_dir@ios@@@Z
?seekoff@filebuf@@UAEJJW4seek_dir@ios@@H@Z
?seekoff@stdiobuf@@UAEJJW4seek_dir@ios@@H@Z
?seekoff@streambuf@@UAEJJW4seek_dir@ios@@H@Z
?seekoff@strstreambuf@@UAEJJW4seek_dir@ios@@H@Z
?seekp@ostream@@QAEAAV1@J@Z
?seekp@ostream@@QAEAAV1@JW4seek_dir@ios@@@Z
?seekpos@streambuf@@UAEJJH@Z
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?setb@streambuf@@IAEXPAD0H@Z
?setbuf@filebuf@@UAEPAVstreambuf@@PADH@Z
?setbuf@fstream@@QAEPAVstreambuf@@PADH@Z
?setbuf@ifstream@@QAEPAVstreambuf@@PADH@Z
?setbuf@ofstream@@QAEPAVstreambuf@@PADH@Z
?setbuf@streambuf@@UAEPAV1@PADH@Z
?setbuf@strstreambuf@@UAEPAVstreambuf@@PADH@Z
?setf@ios@@QAEJJ@Z
?setf@ios@@QAEJJJ@Z
?setg@streambuf@@IAEXPAD00@Z
?setlock@ios@@QAAXXZ
?setlock@streambuf@@QAEXXZ
?setmode@filebuf@@QAEHH@Z
?setmode@fstream@@QAEHH@Z
?setmode@ifstream@@QAEHH@Z
?setmode@ofstream@@QAEHH@Z
?setp@streambuf@@IAEXPAD0@Z
?setrwbuf@stdiobuf@@QAEHHH@Z
?sgetc@streambuf@@QAEHXZ
?sgetn@streambuf@@QAEHPADH@Z
?sh_none@filebuf@@2HB
?sh_read@filebuf@@2HB
?sh_write@filebuf@@2HB
?snextc@streambuf@@QAEHXZ
?sputbackc@streambuf@@QAEHD@Z
?sputc@streambuf@@QAEHH@Z
?sputn@streambuf@@QAEHPBDH@Z
?stdiofile@stdiobuf@@QAEPAU_iobuf@@XZ
?stossc@streambuf@@QAEXXZ
?str@istrstream@@QAEPADXZ
?str@ostrstream@@QAEPADXZ
?str@strstream@@QAEPADXZ
?str@strstreambuf@@QAEPADXZ
?sunk_with_stdio@ios@@0HA
?sync@filebuf@@UAEHXZ
?sync@istream@@QAEHXZ
?sync@stdiobuf@@UAEHXZ
?sync@streambuf@@UAEHXZ
?sync@strstreambuf@@UAEHXZ
?sync_with_stdio@ios@@SAXXZ
?tellg@istream@@QAEJXZ
?tellp@ostream@@QAEJXZ
?terminate@@YAXXZ
?text@filebuf@@2HB
?tie@ios@@QAEPAVostream@@PAV2@@Z
?tie@ios@@QBEPAVostream@@XZ
?unbuffered@streambuf@@IAEXH@Z
?unbuffered@streambuf@@IBEHXZ
?underflow@filebuf@@UAEHXZ
?underflow@stdiobuf@@UAEHXZ
?underflow@strstreambuf@@UAEHXZ
?unexpected@@YAXXZ
?unlock@ios@@QAAXXZ
?unlock@streambuf@@QAEXXZ
?unlockbuf@ios@@QAAXXZ
?unlockc@ios@@KAXXZ
?unsetf@ios@@QAEJJ@Z
?what@exception@@UBEPBDXZ
?width@ios@@QAEHH@Z
?width@ios@@QBEHXZ
?write@ostream@@QAEAAV1@PBCH@Z
?write@ostream@@QAEAAV1@PBDH@Z
?write@ostream@@QAEAAV1@PBEH@Z
?writepad@ostream@@AAEAAV1@PBD0@Z
?ws@@YAAAVistream@@AAV1@@Z
?x_curindex@ios@@0HA
?x_lockc@ios@@0U_CRT_CRITICAL_SECTION@@A
?x_maxbit@ios@@0JA
?x_statebuf@ios@@0PAJA
?xalloc@ios@@SAHXZ
?xsgetn@streambuf@@UAEHPADH@Z
?xsputn@streambuf@@UAEHPBDH@Z
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CxxThrowException

Sections

.text
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SETUP2.LST
WIZSET32.DLL
.dll windows:4 windows x86 arch:x86

a6ddee4715543289a7e54b780402c0c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mssetup

PbAlloc
DoMsgBox
FFree
DoesInfSectionKeyExist
DoesInfSectionExist
FWriteToLogFile
FValidFilePath
GetRegKeyValue32
SzLastChar
DoesFileExist
DriveNumToRootPath
GetVersionNthField
FLanguageMismatchInf
GetSectionKeyVersion
GetVersionOfFile
AddSectionKeyFileToCopyList
GetSectionKeyFilename
CbStrCopyToBuffer
HandleOOM
GetSectionKeySize
DeleteProgmanItem

kernel32

LCMapStringA
GetCommandLineA
SetStdHandle
FlushFileBuffers
SetFilePointer
VirtualAlloc
GetVersion
lstrcmpiA
lstrcpyA
CloseHandle
WaitForSingleObject
CreateProcessA
GetShortPathNameA
GetCurrentProcess
GetLastError
GetCurrentThread
lstrlenA
lstrcatA
DeleteFileA
GetDiskFreeSpaceA
SetErrorMode
GetLocaleInfoW
GetLocaleInfoA
LCMapStringW
TlsFree
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
HeapAlloc
HeapFree
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
LoadLibraryA
GetProcAddress
GetModuleHandleA
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
MultiByteToWideChar
ExitProcess
TerminateProcess
GetCurrentThreadId
TlsSetValue
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP

user32

CharPrevA
CharUpperBuffA
CharNextA
wsprintfA
LoadCursorA
SetCursor
MessageBoxA

advapi32

RegQueryValueExA
OpenProcessToken
GetTokenInformation
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
OpenThreadToken
RegCloseKey
AllocateAndInitializeSid
EqualSid
FreeSid
RegOpenKeyA
RegQueryValueA

Exports

Exports

DelProgmanItem
Detect95
DetectAdminPrivileges
DetectRegData
DoMessageBox
ExecutePostSetupCommand
GetPathFromReg
InstallSys16PermFile
NeverRemoveGroup
RemoveHelpAuxFile
Silence16BitDSNConversion
SzGetDatadefVer

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000007
.dll windows:4 windows x86 arch:x86

28b659576236be75a4bbcbfa9113e470

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ole32

ReleaseStgMedium

user32

UnionRect

gdi32

CreateSolidBrush
SetDIBits
SetMapMode
DeleteObject
PatBlt
GetCurrentObject
SelectObject
SetStretchBltMode
GetObjectA
GetNearestPaletteIndex
SetDIBColorTable
GetNearestColor
SelectPalette
SetDIBitsToDevice
StretchDIBits

kernel32

SetLastError
GetCPInfo
GetACP
GetStartupInfoA
InterlockedIncrement
InitializeCriticalSection
InterlockedDecrement
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetTickCount
lstrlenA
GlobalDeleteAtom
GlobalAddAtomA
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
HeapFree
GetModuleFileNameA
RtlUnwind
HeapAlloc
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetLocaleInfoA
GetLocaleInfoW
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
LoadLibraryA
FlushFileBuffers
SetFilePointer
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CloseHandle
ReadFile

Exports

Exports

DllCanUnloadNow
FilterCreateInstance

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000008
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 512B - Virtual size: 227B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000009
f0000010
f0000011
.jpg
f0000012
.gif
f0000013
f0000014
f0000015
f0000016
f0000017
f0000018
f0000019
f0000020
f0000021
f0000022
f0000023
f0000024
f0000025
f0000026
f0000027
f0000028
f0000029
f0000030
f0000031
f0000032
f0000033
f0000034
.jpg
f0000035
.jpg
f0000036
.jpg
f0000037
f0000038
f0000039
f0000040
f0000041
f0000042
f0000043
f0000044
f0000045
f0000046
f0000047
f0000048
f0000049
f0000050
f0000051
f0000052
f0000053
.jpg
f0000054
.gif
f0000055
f0000056
f0000057
f0000058
.jpg
f0000059
f0000060
f0000061
f0000062
.jpg
f0000063
f0000064
f0000065
f0000066
f0000067
.exe windows:4 windows x86 arch:x86

dde433ca7c485c9f39c10c12cc42081f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
FreeLibrary
GetACP
DeleteCriticalSection
GetStdHandle
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
lstrcpyA
GetOEMCP
SetHandleCount
GetFileType
SetStdHandle
SetFilePointer
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
HeapAlloc
VirtualAlloc
FlushFileBuffers
CloseHandle

user32

wsprintfA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
f0000068
f0000069
.dll regsvr32 windows:4 windows x86 arch:x86

d7b4856b28ca7023dfd1a515a4e9a904

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

LoadRegTypeLi
VariantClear
SysStringLen
VarDateFromStr
LoadTypeLi
SysAllocString
VariantInit
VariantChangeType
SysAllocStringLen
VariantCopy

kernel32

InterlockedIncrement
GlobalAlloc
GlobalUnlock
GetLastError
GlobalLock
EnterCriticalSection
LeaveCriticalSection
GetWindowsDirectoryA
GetModuleFileNameA
lstrcatA
OpenFile
GetVersion
InitializeCriticalSection
GetProcessHeap
DisableThreadLibraryCalls
DeleteCriticalSection
MulDiv
lstrcpyA
lstrcpynA
lstrlenW
WideCharToMultiByte
LoadLibraryA
GetProcAddress
FreeLibrary
HeapAlloc
lstrlenA
MultiByteToWideChar
GetLocaleInfoA
HeapFree
GetSystemDefaultLangID
GetVersionExA
GetLocalTime
HeapReAlloc
InterlockedDecrement

user32

GetSystemMetrics
CheckDlgButton
IsDlgButtonChecked
GetDlgItemTextA
WinHelpA
DestroyWindow
UnregisterClassA
GetDlgItem
SendDlgItemMessageA
MapWindowPoints
GetWindowRect
SetWindowLongA
EqualRect
SetWindowRgn
GetWindowLongA
IsWindowVisible
GetActiveWindow
UpdateWindow
CharNextA
GetWindow
CallWindowProcA
GetCapture
ScrollWindowEx
IsDialogMessageA
GetNextDlgTabItem
IsWindowEnabled
IsChild
LoadAcceleratorsA
SendMessageA
InvalidateRect
ReleaseCapture
PtInRect
SetCapture
GetClientRect
FrameRect
DrawFocusRect
ShowWindow
IsWindow
BeginPaint
TranslateAcceleratorA
EndPaint
DefWindowProcA
CreateDialogParamA
GetWindowDC
CopyRect
FillRect
GetDC
ReleaseDC
IntersectRect
InflateRect
OffsetRect
GetFocus
SystemParametersInfoA
GetSysColor
GetParent
SetParent
SetWindowPos
LoadCursorA
RegisterClassA
EndDialog
wsprintfA
LoadStringA
MessageBeep
CreateWindowExA
MoveWindow
SetFocus
GetKeyState
DialogBoxParamA

ole32

CreateOleAdviseHolder
CreateDataAdviseHolder
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
OleSetAutoConvert
CoCreateInstance

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

gdi32

CreateEnhMetaFileA
SetWindowOrgEx
SetWindowExtEx
CreateMetaFileA
CreateRectRgnIndirect
CreateDCA
SetViewportExtEx
SaveDC
LPtoDP
SetViewportOrgEx
SetMapMode
RestoreDC
DeleteDC
GetDeviceCaps
CreateCompatibleDC
DeleteObject
ExtTextOutA
SetTextColor
SetTextAlign
LineTo
MoveToEx
SelectObject
GetStockObject
SetBkMode
CreateSolidBrush
CreatePen
Polygon
DPtoLP
GetTextExtentPoint32A
CreateFontIndirectA
CloseMetaFile
CloseEnhMetaFile

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllRegisterServerEx
DllUnregisterServer

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000070
.dll regsvr32 windows:4 windows x86 arch:x86

50ccb1d881ea89a41a10cced45c79649

Code Sign

03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

09/04/1996, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

fc:a4:a5:9f:2c:0f:c0:b9:03:98:33:1b:7b:54:54:1d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

16/11/1999, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service CA SW1,OU=VeriSign Trust Network+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

75:f2:8e:f8:a8:fb:ea:6d:11:52:97:14:95:4b:65:5c
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

04/04/2000, 00:00

Not After

17/04/2001, 23:59

Subject

CN=Microsoft Corporation,OU=VeriSign Commercial Software Publishers CA+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98+OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Microsoft Corporation,O=VeriSign\, Inc.,L=Internet+L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
LocalReAlloc
GetProfileIntA
RtlMoveMemory
LocalSize
FreeResource
GetCurrentProcessId
MulDiv
GetTickCount
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
GlobalReAlloc
IsBadReadPtr
Sleep
WaitForSingleObject
GlobalHandle
GetThreadLocale
LocalFree
LocalAlloc
GlobalAddAtomA
SetFilePointer
SetStdHandle
FlushFileBuffers
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentProcess
TerminateProcess
ExitProcess
RtlUnwind
GetCommandLineA
CompareStringW
GlobalSize
CreateFileA
GetFileSize
GlobalUnlock
GlobalLock
ReadFile
CloseHandle
GlobalFree
IsDBCSLeadByte
GetModuleHandleA
FindResourceA
LoadResource
LockResource
GetLastError
GetFileAttributesA
GetVersion
DisableThreadLibraryCalls
GetProcAddress
GetLocaleInfoA
LoadLibraryA
GetWindowsDirectoryA
lstrcatA
GetModuleFileNameA
IsBadWritePtr
lstrcmpiA
GetLocalTime
GetTimeFormatA
GetDateFormatA
lstrcmpA
GlobalAlloc
GetVersionExA
GetCurrentThreadId
MultiByteToWideChar
CompareStringA
lstrcpyA
InterlockedExchange
lstrlenA
GetSystemDefaultLCID
lstrcpynA
HeapAlloc
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
InterlockedIncrement
InterlockedDecrement
HeapReAlloc

user32

DrawFocusRect
AdjustWindowRect
DrawFrameControl
TrackPopupMenu
GetMessageA
AdjustWindowRectEx
CopyRect
GetKeyNameTextA
ShowCaret
SetCaretPos
GrayStringA
HideCaret
DestroyCaret
CreateCaret
SetWindowTextA
SetScrollInfo
DrawTextExA
InvertRect
SetRectEmpty
GetShellWindow
SetKeyboardState
GetKeyboardState
GetScrollInfo
GetKeyboardLayout
DestroyCursor
GetUpdateRgn
GetUpdateRect
GetWindowRgn
ValidateRect
CallMsgFilterA
LockWindowUpdate
IsZoomed
GetDesktopWindow
GetIconInfo
GetCursor
GetForegroundWindow
InvalidateRgn
EndDeferWindowPos
EnumChildWindows
GetDoubleClickTime
FindWindowA
GetMessageTime
GetWindowThreadProcessId
RemovePropA
SendNotifyMessageA
SetScrollPos
SetScrollRange
GetWindowTextLengthA
EnableScrollBar
ChildWindowFromPoint
GetDlgItemInt
EndDialog
GetActiveWindow
GetWindow
GetPropA
GetCursorPos
WindowFromPoint
GetClassNameA
GetDlgCtrlID
IsWindow
SetPropA
IsWindowEnabled
IsWindowVisible
UnregisterClassA
CharNextA
MessageBoxA
SetActiveWindow
CheckRadioButton
SetFocus
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
CheckDlgButton
GetDlgItem
GetDCEx
DrawIconEx
CreateIconIndirect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetClipboardFormatNameA
SetCursorPos
RegisterClipboardFormatA
MessageBeep
RegisterWindowMessageA
PeekMessageA
PostMessageW
PeekMessageW
VkKeyScanA
SetParent
CharUpperA
GetDlgItemTextA
SetCursor
CreateDialogIndirectParamA
GetNextDlgTabItem
IsDialogMessageA
ScrollWindowEx
SendDlgItemMessageA
SetWindowRgn
IntersectRect
EqualRect
MoveWindow
BeginPaint
EndPaint
DeferWindowPos
BeginDeferWindowPos
CharNextExA
SetTimer
KillTimer
DrawIcon
DestroyIcon
MapWindowPoints
CreatePopupMenu
AppendMenuA
TrackPopupMenuEx
DestroyMenu
WinHelpA
PtInRect
DefWindowProcA
GetWindowDC
SetRect
LoadCursorA
IsRectEmpty
ClientToScreen
GetWindowRect
MapVirtualKeyA
DestroyWindow
CreateWindowExA
GetSysColorBrush
GetAsyncKeyState
EnableWindow
PostMessageA
TranslateMessage
DispatchMessageA
wsprintfA
DialogBoxParamA
UpdateWindow
GetWindowLongA
SetWindowLongA
GetDC
ReleaseDC
GetParent
OffsetRect
UnionRect
GetFocus
IsChild
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetMessagePos
ScreenToClient
SetWindowPos
SetCapture
GetWindowTextA
WindowFromDC
GetClientRect
CallWindowProcA
DrawEdge
GetSysColor
FrameRect
InflateRect
FillRect
DrawTextA
GetKeyState
GetCapture
ReleaseCapture
GetClassInfoA
RegisterClassA
InvalidateRect
LoadIconA
GetSystemMetrics
CopyImage
SendMessageA
LoadStringA
RedrawWindow
ShowWindow
CreateAcceleratorTableA

ole32

ReleaseStgMedium
DoDragDrop
RegisterDragDrop
RevokeDragDrop
CreateStreamOnHGlobal
OleLoadFromStream
OleSaveToStream
CreateOleAdviseHolder
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

advapi32

RegDeleteKeyA
RegOpenKeyA
RegQueryValueA
RegQueryValueExA
RegEnumKeyExA
RegCreateKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegDeleteValueA

oleaut32

SafeArrayRedim
SafeArrayPutElement
SafeArrayGetElement
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
GetErrorInfo
OleCreateFontIndirect
OleCreatePropertyFrame
LoadTypeLibEx
UnRegisterTypeLi
RegisterTypeLi
CreateErrorInfo
SetErrorInfo
LoadRegTypeLi
LoadTypeLi
VariantChangeTypeEx
SysStringByteLen
SysAllocStringByteLen
OleLoadPicture
SysAllocStringLen
VariantCopy
OleTranslateColor
VariantChangeType
OleCreatePictureIndirect
VariantCopyInd
SysStringLen
SysFreeString
VariantInit
VariantClear
SysAllocString
SafeArrayCopy

comdlg32

GetOpenFileNameA

gdi32

Arc
GetTextExtentPointA
GetCharWidthA
OffsetWindowOrgEx
ExtTextOutW
GetTextExtentPointW
Polyline
GetTextAlign
SetTextAlign
OffsetRgn
GetTextColor
CombineRgn
GetTextMetricsA
MoveToEx
LineTo
Ellipse
DeleteObject
SelectObject
CreateSolidBrush
SetViewportOrgEx
SetWindowOrgEx
SetViewportExtEx
SetWindowExtEx
SetMapMode
GetDeviceCaps
CreateFontIndirectA
GetObjectA
SelectClipRgn
ExcludeClipRect
RectVisible
GetClipBox
IntersectClipRect
GetClipRgn
CreateRectRgnIndirect
RealizePalette
SelectPalette
PatBlt
CreateCompatibleBitmap
CreateBitmap
CreateCompatibleDC
GetTextExtentPoint32A
TextOutA
SetBkColor
SetTextColor
SetBkMode
Rectangle
CreatePen
GetStockObject
GetViewportExtEx
GetWindowExtEx
LPtoDP
DeleteDC
CreateDCA
CreateRectRgn
StretchBlt
CreateICA
CopyMetaFileA
CopyEnhMetaFileA
GetPaletteEntries
GetDIBits
CreateDIBitmap
GetBitmapBits
CreatePalette
GetNearestColor
CreatePatternBrush
CreateDIBSection
CreateHalftonePalette
BitBlt
SetDIBColorTable
GetDIBColorTable
GetPixel
StretchDIBits
SetBrushOrgEx
GetBkColor
ExtTextOutA
RestoreDC
SaveDC
CreateFontA

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 687KB - Virtual size: 687KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 279KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000071
.exe windows:4 windows x86 arch:x86

1ae4785b1e1a2a20eaccdbff5aeaccce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
_lclose
WaitForSingleObject
CreateProcessA
lstrcpyA
_lwrite
_lread
_llseek
GetTempFileNameA
GlobalLock
GlobalAlloc
GetModuleFileNameA
OpenFile
LockResource
SizeofResource
LoadResource
FindResourceA
lstrcatA
GetTempPathA
lstrlenA
GetSystemDirectoryA
_lcreat
lstrcmpiA
GlobalFree
GlobalUnlock
GlobalHandle
_lopen
GetACP
GetCPInfo
CloseHandle
SetFilePointer
DeleteFileA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
FlushFileBuffers
SetStdHandle
GetOEMCP
SetHandleCount
GetFileType
GetStdHandle
HeapCreate
WriteFile
HeapFree
HeapAlloc
GetProcAddress
LoadLibraryA
GetLastError

user32

wsprintfA
LoadStringA
MessageBoxA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000072
.dll regsvr32 windows:4 windows x86 arch:x86

d7112004d3c345a2ed68d74bba3d37f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ole32

StgCreateDocfileOnILockBytes
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
MkParseDisplayName
StgCreateDocfile
CreateBindCtx
CoCreateInstance
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
CoSetState
ReleaseStgMedium
CoGetClassObject
StringFromGUID2
CreateItemMoniker
GetRunningObjectTable
CoGetMalloc
CLSIDFromString
CoUnmarshalInterface
CoMarshalInterface
CoUnmarshalHresult
CoMarshalHresult

user32

CreateWindowExA
RegisterClipboardFormatA
RegisterClassA
GetClassInfoA
GetWindowLongA
IsWindow
DestroyWindow
DefWindowProcA
GetSysColor
SetWindowLongA
SetFocus
SetActiveWindow
GetActiveWindow
PostQuitMessage
PostMessageA
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageW
GetMessageA
SendMessageA
EnableWindow
GetParent
GetFocus
CharNextA
GetWindowTextA
CharLowerA
SendMessageW
GetDlgItem
GetKeyState
ReleaseDC
GetDialogBaseUnits
GetDC
GetClientRect
IsWindowUnicode
GetTopWindow
WinHelpA
wsprintfA
DestroyIcon
CreateIcon
CreateCursor
DrawIcon
GetSystemMetrics
GetIconInfo
CopyIcon
CopyImage

gdi32

GetWindowOrgEx
CreateHalftonePalette
CreateDIBitmap
CreateDIBSection
Escape
SetBitmapBits
SetDIBits
PlayMetaFileRecord
CreatePalette
GetEnhMetaFileBits
GetMetaFileBitsEx
CreateCompatibleDC
BitBlt
DeleteDC
CreateCompatibleBitmap
GetBitmapBits
SetEnhMetaFileBits
SaveDC
IntersectClipRect
GetPaletteEntries
OffsetViewportOrgEx
PlayEnhMetaFile
EnumMetaFile
RestoreDC
SetStretchBltMode
SetBkColor
SetTextColor
SetMapMode
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
GetWinMetaFileBits
GetCurrentObject
GetObjectType
GetStockObject
SelectPalette
RealizePalette
StretchBlt
GetDIBits
StretchDIBits
GetObjectA
GetBitmapDimensionEx
GetEnhMetaFileHeader
SetMetaFileBitsEx
CreateBitmap
PatBlt
DeleteEnhMetaFile
DeleteMetaFile
GetTextExtentPointA
GetDeviceCaps
SelectObject
GetTextMetricsW
GetTextMetricsA
GetTextFaceW
GetTextFaceA
EnumFontFamiliesExA
CreateFontIndirectA
DeleteObject

kernel32

LoadLibraryA
GlobalSize
FreeLibrary
LockResource
FlushFileBuffers
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
GetCurrentDirectoryA
VirtualAlloc
HeapSize
HeapReAlloc
RaiseException
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
ExitProcess
DeleteFileA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
HeapFree
HeapAlloc
SetEnvironmentVariableA
SetFilePointer
GetLocalTime
MultiByteToWideChar
GetProcAddress
SetStdHandle
GetLocaleInfoA
GetSystemDefaultLCID
GetUserDefaultLCID
GetVersionExA
TlsGetValue
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
GetModuleHandleA
CompareStringA
CompareStringW
LCMapStringA
LCMapStringW
GetStringTypeExA
GetStringTypeExW
GetLocaleInfoW
GetLastError
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
IsBadWritePtr
IsBadReadPtr
InterlockedExchange
GetVersion
IsDBCSLeadByte
MulDiv
RtlUnwind
GetDriveTypeA
LoadResource
FindResourceA
_lclose
_lread
_lwrite
_llseek
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
MapViewOfFile
GlobalHandle
GlobalReAlloc
GlobalDeleteAtom
GlobalAddAtomA
lstrlenW
GetDriveTypeW
TlsAlloc
_lopen
lstrcmpiA
UnmapViewOfFile
CloseHandle
TlsSetValue
GetSystemInfo
CreateFileMappingA
GetFileSize
SearchPathA
TlsFree
CreateFileA
SetErrorMode
GetFullPathNameA
SetLastError
GetCommandLineA

advapi32

RegOpenKeyW
RegQueryInfoKeyA
RegDeleteKeyA
RegCreateKeyW
RegQueryValueExW
RegSetValueExW
RegQueryValueW
RegEnumKeyW
RegCloseKey
RegFlushKey
RegSetValueA
RegEnumKeyA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyA
RegSetValueExA

Exports

Exports

BSTR_UserFree
BSTR_UserMarshal
BSTR_UserSize
BSTR_UserUnmarshal
BstrFromVector
ClearCustData
CreateDispTypeInfo
CreateErrorInfo
CreateStdDispatch
CreateTypeLib
CreateTypeLib2
DispCallFunc
DispGetIDsOfNames
DispGetParam
DispInvoke
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
DosDateTimeToVariantTime
GetActiveObject
GetAltMonthNames
GetErrorInfo
GetRecordInfoFromGuids
GetRecordInfoFromTypeInfo
LHashValOfNameSys
LHashValOfNameSysA
LPSAFEARRAY_Marshal
LPSAFEARRAY_Size
LPSAFEARRAY_Unmarshal
LPSAFEARRAY_UserFree
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserSize
LPSAFEARRAY_UserUnmarshal
LoadRegTypeLib
LoadTypeLib
LoadTypeLibEx
OACreateTypeLib2
OaBuildVersion
OleCreateFontIndirect
OleCreatePictureIndirect
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPicture
OleLoadPictureEx
OleLoadPictureFile
OleLoadPictureFileEx
OleLoadPicturePath
OleSavePictureFile
OleTranslateColor
QueryPathOfRegTypeLib
RegisterActiveObject
RegisterTypeLib
RevokeActiveObject
SafeArrayAccessData
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayAllocDescriptorEx
SafeArrayCopy
SafeArrayCopyData
SafeArrayCreate
SafeArrayCreateEx
SafeArrayCreateVector
SafeArrayCreateVectorEx
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayGetDim
SafeArrayGetElement
SafeArrayGetElemsize
SafeArrayGetIID
SafeArrayGetLBound
SafeArrayGetRecordInfo
SafeArrayGetUBound
SafeArrayGetVartype
SafeArrayLock
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SafeArraySetIID
SafeArraySetRecordInfo
SafeArrayUnaccessData
SafeArrayUnlock
SetErrorInfo
SysAllocString
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
SysReAllocString
SysReAllocStringLen
SysStringByteLen
SysStringLen
SystemTimeToVariantTime
UnRegisterTypeLib
UserBSTR_free_inst
UserBSTR_free_local
UserBSTR_from_local
UserBSTR_to_local
UserEXCEPINFO_free_inst
UserEXCEPINFO_free_local
UserEXCEPINFO_from_local
UserEXCEPINFO_to_local
UserHWND_free_inst
UserHWND_free_local
UserHWND_from_local
UserHWND_to_local
UserMSG_free_inst
UserMSG_free_local
UserMSG_from_local
UserMSG_to_local
UserVARIANT_free_inst
UserVARIANT_free_local
UserVARIANT_from_local
UserVARIANT_to_local
VARIANT_UserFree
VARIANT_UserMarshal
VARIANT_UserSize
VARIANT_UserUnmarshal
VarAbs
VarAdd
VarAnd
VarBoolFromCy
VarBoolFromDate
VarBoolFromDec
VarBoolFromDisp
VarBoolFromI1
VarBoolFromI2
VarBoolFromI4
VarBoolFromR4
VarBoolFromR8
VarBoolFromStr
VarBoolFromUI1
VarBoolFromUI2
VarBoolFromUI4
VarBstrCat
VarBstrCmp
VarBstrFromBool
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarBstrFromDisp
VarBstrFromI1
VarBstrFromI2
VarBstrFromI4
VarBstrFromR4
VarBstrFromR8
VarBstrFromUI1
VarBstrFromUI2
VarBstrFromUI4
VarCat
VarCmp
VarCyAbs
VarCyAdd
VarCyCmp
VarCyCmpR8
VarCyFix
VarCyFromBool
VarCyFromDate
VarCyFromDec
VarCyFromDisp
VarCyFromI1
VarCyFromI2
VarCyFromI4
VarCyFromR4
VarCyFromR8
VarCyFromStr
VarCyFromUI1
VarCyFromUI2
VarCyFromUI4
VarCyInt
VarCyMul
VarCyMulI4
VarCyNeg
VarCyRound
VarCySub
VarDateFromBool
VarDateFromCy
VarDateFromDec
VarDateFromDisp
VarDateFromI1
VarDateFromI2
VarDateFromI4
VarDateFromR4
VarDateFromR8
VarDateFromStr
VarDateFromUI1
VarDateFromUI2
VarDateFromUI4
VarDateFromUdate
VarDateFromUdateEx
VarDecAbs
VarDecAdd
VarDecCmp
VarDecCmpR8
VarDecDiv
VarDecFix
VarDecFromBool
VarDecFromCy
VarDecFromDate
VarDecFromDisp
VarDecFromI1
VarDecFromI2
VarDecFromI4
VarDecFromR4
VarDecFromR8
VarDecFromStr
VarDecFromUI1
VarDecFromUI2
VarDecFromUI4
VarDecInt
VarDecMul
VarDecNeg
VarDecRound
VarDecSub
VarDiv
VarEqv
VarFix
VarFormat
VarFormatCurrency
VarFormatDateTime
VarFormatFromTokens
VarFormatNumber
VarFormatPercent
VarI1FromBool
VarI1FromCy
VarI1FromDate
VarI1FromDec
VarI1FromDisp
VarI1FromI2
VarI1FromI4
VarI1FromR4
VarI1FromR8
VarI1FromStr
VarI1FromUI1
VarI1FromUI2
VarI1FromUI4
VarI2FromBool
VarI2FromCy
VarI2FromDate
VarI2FromDec
VarI2FromDisp
VarI2FromI1
VarI2FromI4
VarI2FromR4
VarI2FromR8
VarI2FromStr
VarI2FromUI1
VarI2FromUI2
VarI2FromUI4
VarI4FromBool
VarI4FromCy
VarI4FromDate
VarI4FromDec
VarI4FromDisp
VarI4FromI1
VarI4FromI2
VarI4FromR4
VarI4FromR8
VarI4FromStr
VarI4FromUI1
VarI4FromUI2
VarI4FromUI4
VarIdiv
VarImp
VarInt
VarMod
VarMonthName
VarMul
VarNeg
VarNot
VarNumFromParseNum
VarOr
VarParseNumFromStr
VarPow
VarR4CmpR8
VarR4FromBool
VarR4FromCy
VarR4FromDate
VarR4FromDec
VarR4FromDisp
VarR4FromI1
VarR4FromI2
VarR4FromI4
VarR4FromR8
VarR4FromStr
VarR4FromUI1
VarR4FromUI2
VarR4FromUI4
VarR8FromBool
VarR8FromCy
VarR8FromDate
VarR8FromDec
VarR8FromDisp
VarR8FromI1
VarR8FromI2
VarR8FromI4
VarR8FromR4
VarR8FromStr
VarR8FromUI1
VarR8FromUI2
VarR8FromUI4
VarR8Pow
VarR8Round
VarRound
VarSub
VarTokenizeFormatString
VarUI1FromBool
VarUI1FromCy
VarUI1FromDate
VarUI1FromDec
VarUI1FromDisp
VarUI1FromI1
VarUI1FromI2
VarUI1FromI4
VarUI1FromR4
VarUI1FromR8
VarUI1FromStr
VarUI1FromUI2
VarUI1FromUI4
VarUI2FromBool
VarUI2FromCy
VarUI2FromDate
VarUI2FromDec
VarUI2FromDisp
VarUI2FromI1
VarUI2FromI2
VarUI2FromI4
VarUI2FromR4
VarUI2FromR8
VarUI2FromStr
VarUI2FromUI1
VarUI2FromUI4
VarUI4FromBool
VarUI4FromCy
VarUI4FromDate
VarUI4FromDec
VarUI4FromDisp
VarUI4FromI1
VarUI4FromI2
VarUI4FromI4
VarUI4FromR4
VarUI4FromR8
VarUI4FromStr
VarUI4FromUI1
VarUI4FromUI2
VarUdateFromDate
VarWeekdayName
VarXor
VariantChangeType
VariantChangeTypeEx
VariantClear
VariantCopy
VariantCopyInd
VariantInit
VariantTimeToDosDateTime
VariantTimeToSystemTime
VectorFromBstr

Sections

.text
Size: 520KB - Virtual size: 519KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000073
.dll regsvr32 windows:4 windows x86 arch:x86

8f50e2228a97d0224410529663a78a82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
GlobalAddAtomA
GlobalDeleteAtom
GlobalReAlloc
GlobalHandle
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
LockResource
FreeLibrary
MulDiv
IsDBCSLeadByte
LoadLibraryA
InterlockedDecrement
HeapDestroy
SetFilePointer
SetStdHandle
CloseHandle
FlushFileBuffers
RaiseException
GetLocaleInfoW
InterlockedIncrement
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetProcAddress
WideCharToMultiByte
VirtualAlloc
LCMapStringW
LCMapStringA
WriteFile
VirtualFree
HeapCreate
GetCommandLineA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
ExitProcess
HeapFree
HeapAlloc
GetVersion
GetLastError
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
RtlUnwind

user32

GetMessageA
SendMessageA
EnableWindow
CopyIcon
GetIconInfo
CopyImage
DrawIcon
CreateCursor
GetSystemMetrics
DestroyIcon
wsprintfA
GetSysColor
SetWindowLongA
GetWindowLongA
DestroyWindow
SetFocus
IsWindow
SetActiveWindow
GetActiveWindow
PostQuitMessage
PostMessageA
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageW
RegisterClipboardFormatA
GetDlgItem
CreateIcon
GetParent
GetFocus
CharNextA
GetWindowTextA
CharLowerA
SendMessageW
GetDC
GetKeyState
ReleaseDC
GetDialogBaseUnits
GetClientRect
IsWindowUnicode
GetTopWindow
WinHelpA

gdi32

SetViewportExtEx
SetMapMode
SetTextColor
DeleteDC
CreateCompatibleBitmap
PatBlt
DeleteEnhMetaFile
DeleteMetaFile
GetTextExtentPointA
GetPaletteEntries
DeleteObject
CreateFontIndirectA
EnumFontFamiliesExA
GetTextFaceA
GetTextFaceW
GetTextMetricsA
GetTextMetricsW
SelectObject
GetDeviceCaps
CreateBitmap
SetMetaFileBitsEx
GetEnhMetaFileHeader
GetBitmapDimensionEx
GetObjectA
StretchDIBits
GetDIBits
StretchBlt
RealizePalette
SelectPalette
GetStockObject
GetObjectType
GetCurrentObject
CreateHalftonePalette
CreateDIBitmap
CreateDIBSection
Escape
SetBitmapBits
SetDIBits
PlayMetaFileRecord
CreatePalette
GetEnhMetaFileBits
GetMetaFileBitsEx
CreateCompatibleDC
BitBlt
SetViewportOrgEx
GetWinMetaFileBits
GetBitmapBits
SetEnhMetaFileBits
SaveDC
IntersectClipRect
GetWindowOrgEx
OffsetViewportOrgEx
PlayEnhMetaFile
EnumMetaFile
RestoreDC
SetStretchBltMode
SetBkColor
SetWindowOrgEx
SetWindowExtEx

ole32

ReleaseStgMedium
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
StgCreateDocfile
CoCreateInstance
StringFromGUID2
CoGetMalloc

advapi32

RegFlushKey
RegQueryValueA
RegSetValueA
RegCreateKeyA
RegOpenKeyA
RegCloseKey

oleaut32

SysAllocString
VariantClear
VariantChangeType
SysFreeString
VariantInit
LoadTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
OleCreateFontIndirect
OleCreatePictureIndirect
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPicture
OleTranslateColor

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000074
f0000075
f0000076
f0000077
.exe windows:4 windows x86 arch:x86

23dab55e2a25210a84f0bbc9deb32bff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

htonl
gethostbyname
htons
WSACleanup
WSAStartup
ioctlsocket
setsockopt

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CoFreeUnusedLibraries
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SysFreeString

kernel32

MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GlobalLock
GlobalUnlock
SetFilePointer
ExitProcess
GetModuleHandleA
GetCommandLineA
GetProcessTimes
SetEndOfFile
CopyFileA
CreateEventA
CreateThread
ExitThread
InterlockedDecrement
ResetEvent
WaitForMultipleObjects
GetCurrentThreadId
FreeLibrary
GetThreadPriority
GetCurrentThread
Sleep
GetModuleFileNameA
WaitForSingleObject
GetTickCount
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
CreateMutexA
SetErrorMode
LoadLibraryA
GetProcAddress
FindClose
FindNextFileA
FindFirstFileA
GetFileSize
WriteFile
ReadFile
CreateFileA
CreateDirectoryA
RemoveDirectoryA
MoveFileA
DeleteFileA
GetFileAttributesA
SystemTimeToFileTime
GetSystemTime
GetTimeZoneInformation
GetUserDefaultLangID
GetLastError
GetVersionExA
GetStartupInfoA
CreateProcessA
CloseHandle
QueryPerformanceCounter
QueryPerformanceFrequency
IsDBCSLeadByte
GetACP
GetCPInfo
GlobalFree
GlobalAlloc
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
GetCurrentProcess
SetThreadPriority
SetEvent

user32

DestroyWindow
SetClipboardData
EmptyClipboard
SetWindowPos
GetWindowRect
GetWindow
UnregisterClassA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
RegisterClassA
LoadIconA
UpdateWindow
ShowWindow
PostQuitMessage
DialogBoxParamA
EndDialog
MoveWindow
GetDesktopWindow
SetDlgItemTextA
EnableWindow
GetDlgItemTextA
GetWindowTextLengthA
GetDlgItem
SetMenu
PostThreadMessageA
GetQueueStatus
PeekMessageA
MsgWaitForMultipleObjects
RegisterWindowMessageA
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
GetWindowLongA
DefWindowProcA
IsWindow
CreateWindowExA
OpenClipboard
GetMenu
BeginPaint
EndPaint
LoadCursorA
SetCursor
KillTimer
SetTimer
PostMessageA
FillRect
GetSubMenu
ReleaseCapture
GetCapture
LoadMenuA
GetMenuItemID
DeleteMenu
ClientToScreen
TrackPopupMenu
SetCapture
GetCursorPos
ScreenToClient
GetClientRect
LoadStringA
MessageBoxA
EnableMenuItem
CheckMenuItem
InvalidateRect
SetWindowLongA
WaitForInputIdle
MapVirtualKeyA
GetKeyState
GetSystemMetrics
DdeInitializeA
DdeCreateStringHandleA
DdeConnect
DdeClientTransaction
DdeDisconnect
DdeFreeStringHandle
DdeUninitialize
GetDC
ReleaseDC
GetDoubleClickTime
SetFocus
DestroyMenu
WindowFromPoint
GetFocus

gdi32

StartDocA
GetClipBox
CreateSolidBrush
BeginPath
FillPath
ExtCreatePen
StrokePath
EndPath
PolyBezierTo
SelectClipPath
RestoreDC
SaveDC
EndPage
StartPage
GdiFlush
DeleteObject
SelectObject
StretchDIBits
SetDIBitsToDevice
CreateCompatibleBitmap
GetObjectA
DeleteDC
CreateDIBSection
GetDeviceCaps
CreateCompatibleDC
BitBlt
RealizePalette
SelectPalette
MoveToEx
LineTo
EnumFontFamiliesA
SetBkMode
LPtoDP
SetTextAlign
IntersectClipRect
SelectClipRgn
ExtTextOutA
ExtTextOutW
SetTextColor
GetTextMetricsA
CreateFontIndirectA
CreatePen
GetClipRgn
CreateRectRgn
GetTextAlign
GetBkMode
GetTextColor
DPtoLP
GetTextExtentPoint32A
GetTextExtentPoint32W
GetCurrentObject
SetBkColor
GetBkColor
CreatePalette
SetPolyFillMode
EndDoc
GetSystemPaletteEntries

comdlg32

GetOpenFileNameA
GetSaveFileNameA
PrintDlgA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueA
RegCreateKeyA
RegSetValueExA

shell32

DragQueryFileA
DragAcceptFiles

winmm

timeGetDevCaps
waveInGetDevCapsA
waveInReset
waveInUnprepareHeader
waveInClose
waveInOpen
waveInPrepareHeader
waveInStop
waveInAddBuffer
waveInStart
waveInGetNumDevs
timeBeginPeriod
waveOutGetNumDevs
waveOutReset
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutWrite
timeSetEvent
timeGetTime
timeEndPeriod
waveOutOpen
waveOutGetDevCapsA
timeKillEvent
waveOutClose

Sections

.text
Size: 604KB - Virtual size: 603KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 831KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
f0000078
f0000079
.exe windows:5 windows x86 arch:x86

cfb8ad251fa98c8c891304e231aa1ebf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetOEMCP
lstrcpyA
lstrcpyW
MultiByteToWideChar
FreeLibrary
GetProcAddress
GetLastError
LoadLibraryExA
SetErrorMode
LocalAlloc
lstrcatA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
lstrlenA
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
WriteFile
HeapFree
HeapAlloc
VirtualAlloc
LoadLibraryA
SetFilePointer
LCMapStringA
LCMapStringW
FlushFileBuffers
SetStdHandle
GetStringTypeA
GetStringTypeW
CloseHandle

user32

LoadStringA
wsprintfA
MessageBoxA

ole32

OleInitialize
OleUninitialize

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
f0000080
.xls windows office2003
f0000081
.xls windows office2003
f0000082
.xls windows office2003
f0000083
.xls windows office2003
f0000084
.xls windows office2003
f0000085
.exe windows:4 windows x86 arch:x86

1ae4785b1e1a2a20eaccdbff5aeaccce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
_lclose
WaitForSingleObject
CreateProcessA
lstrcpyA
_lwrite
_lread
_llseek
GetTempFileNameA
GlobalLock
GlobalAlloc
GetModuleFileNameA
OpenFile
LockResource
SizeofResource
LoadResource
FindResourceA
lstrcatA
GetTempPathA
lstrlenA
GetSystemDirectoryA
_lcreat
lstrcmpiA
GlobalFree
GlobalUnlock
GlobalHandle
_lopen
GetACP
GetCPInfo
CloseHandle
SetFilePointer
DeleteFileA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
FlushFileBuffers
SetStdHandle
GetOEMCP
SetHandleCount
GetFileType
GetStdHandle
HeapCreate
WriteFile
HeapFree
HeapAlloc
GetProcAddress
LoadLibraryA
GetLastError

user32

wsprintfA
LoadStringA
MessageBoxA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000086
.exe windows:4 windows x86 arch:x86

1ae4785b1e1a2a20eaccdbff5aeaccce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
_lclose
WaitForSingleObject
CreateProcessA
lstrcpyA
_lwrite
_lread
_llseek
GetTempFileNameA
GlobalLock
GlobalAlloc
GetModuleFileNameA
OpenFile
LockResource
SizeofResource
LoadResource
FindResourceA
lstrcatA
GetTempPathA
lstrlenA
GetSystemDirectoryA
_lcreat
lstrcmpiA
GlobalFree
GlobalUnlock
GlobalHandle
_lopen
GetACP
GetCPInfo
CloseHandle
SetFilePointer
DeleteFileA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
FlushFileBuffers
SetStdHandle
GetOEMCP
SetHandleCount
GetFileType
GetStdHandle
HeapCreate
WriteFile
HeapFree
HeapAlloc
GetProcAddress
LoadLibraryA
GetLastError

user32

wsprintfA
LoadStringA
MessageBoxA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000087
.exe windows:4 windows x86 arch:x86

1ae4785b1e1a2a20eaccdbff5aeaccce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
_lclose
WaitForSingleObject
CreateProcessA
lstrcpyA
_lwrite
_lread
_llseek
GetTempFileNameA
GlobalLock
GlobalAlloc
GetModuleFileNameA
OpenFile
LockResource
SizeofResource
LoadResource
FindResourceA
lstrcatA
GetTempPathA
lstrlenA
GetSystemDirectoryA
_lcreat
lstrcmpiA
GlobalFree
GlobalUnlock
GlobalHandle
_lopen
GetACP
GetCPInfo
CloseHandle
SetFilePointer
DeleteFileA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
FlushFileBuffers
SetStdHandle
GetOEMCP
SetHandleCount
GetFileType
GetStdHandle
HeapCreate
WriteFile
HeapFree
HeapAlloc
GetProcAddress
LoadLibraryA
GetLastError

user32

wsprintfA
LoadStringA
MessageBoxA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000088
.exe windows:4 windows x86 arch:x86

1ae4785b1e1a2a20eaccdbff5aeaccce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
_lclose
WaitForSingleObject
CreateProcessA
lstrcpyA
_lwrite
_lread
_llseek
GetTempFileNameA
GlobalLock
GlobalAlloc
GetModuleFileNameA
OpenFile
LockResource
SizeofResource
LoadResource
FindResourceA
lstrcatA
GetTempPathA
lstrlenA
GetSystemDirectoryA
_lcreat
lstrcmpiA
GlobalFree
GlobalUnlock
GlobalHandle
_lopen
GetACP
GetCPInfo
CloseHandle
SetFilePointer
DeleteFileA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
FlushFileBuffers
SetStdHandle
GetOEMCP
SetHandleCount
GetFileType
GetStdHandle
HeapCreate
WriteFile
HeapFree
HeapAlloc
GetProcAddress
LoadLibraryA
GetLastError

user32

wsprintfA
LoadStringA
MessageBoxA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000089
.rar
hzpy表.DBF
picf.FPT
picf.dbf
xy.dbf
xy2.dbf
代码库.CDX
代码库.dbf
代课日志.dbf
固定课库.dbf
场地安排表.FPT
场地安排表.dbf
场地安排表2.DBF
场地安排表2.FPT
场地安排表3.DBF
场地安排表3.FPT
场地安排表4.DBF
场地安排表4.FPT
场地安排表5.DBF
场地安排表5.FPT
场地库.cdx
场地库.dbf
学生连堂课形式表.FPT
学生连堂课形式表.dbf
年级临时表.dbf
年级名称表.DBF
年级开设课程表.dbf
总课表库.dbf
排课大师数据库.dbc
排课大师数据库.dct
排课大师数据库.dcx
排课结果小计表.DBF
排课结果小计表.FPT
教师课程表.dbf
教师课程表2.DBF
教师课程表3.DBF
教师课程表4.DBF
教师课程表5.DBF
教师连堂课形式表.FPT
教师连堂课形式表.dbf
时间限制范围表.FPT
时间限制范围表.dbf
某类名称表.DBF
某组名称表.DBF
班级课程表.dbf
班级课程表2.DBF
班级课程表3.DBF
班级课程表4.DBF
班级课程表5.DBF
课时安排库.FPT
课时安排库.dbf
课时安排库临时表.FPT
课时安排库临时表.dbf
课时安排辅助表.dbf
课程指定教师表.dbf
限制范围名称表.dbf
f0000090
.rar
hzpy表.DBF
picf.FPT
picf.dbf
xy2.dbf
代课日志.dbf
场地安排表.FPT
场地安排表.dbf
场地安排表2.DBF
场地安排表2.FPT
场地安排表3.DBF
场地安排表3.FPT
场地安排表4.DBF
场地安排表4.FPT
场地安排表5.DBF
场地安排表5.FPT
学生连堂课形式表.FPT
学生连堂课形式表.dbf
年级临时表.dbf
年级名称表.DBF
年级开设课程表.dbf
排课结果小计表.DBF
排课结果小计表.FPT
教师课程表.dbf
教师课程表2.DBF
教师课程表3.DBF
教师课程表4.DBF
教师课程表5.DBF
教师连堂课形式表.FPT
教师连堂课形式表.dbf
时间限制范围表.FPT
时间限制范围表.dbf
某类名称表.DBF
某组名称表.DBF
班级课程表.dbf
班级课程表2.DBF
班级课程表3.DBF
班级课程表4.DBF
班级课程表5.DBF
课程指定教师表.dbf
限制范围名称表.dbf
f0000091
.xls windows office2003
f0000092
.xls windows office2003
f0000093
.xls windows office2003
f0000094
.xls windows office2003
f0000095
.xls windows office2003
f0000096
.xls windows office2003
f0000097
f0000098
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000099
f0000100
.dll windows:4 windows x86 arch:x86

6f40a239e0d62e980566af3b3520b995

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SystemTimeToFileTime
GetModuleHandleA
LoadModule
GetProcAddress
GlobalUnlock
GlobalLock
GlobalAlloc
LoadLibraryA
FreeLibrary
CloseHandle
GetLastError
SetFileTime
GetModuleFileNameA
GetFileTime
CreateFileA
GetProfileStringA
WriteProfileStringA
DisableThreadLibraryCalls
GlobalFree
GlobalReAlloc

user32

SetClipboardData
CharUpperA
MessageBoxA
RegisterClipboardFormatA
DdeFreeDataHandle
IsClipboardFormatAvailable
OpenClipboard
GetClipboardFormatNameA
GetWindowRect
DdeDisconnect
CountClipboardFormats
EmptyClipboard
PeekMessageA
DdeUninitialize
SendMessageA
FindWindowA
TranslateMessage
DispatchMessageA
GetActiveWindow
DdeInitializeA
DdeConnect
DdeGetLastError
SetActiveWindow
wsprintfA
DdeClientTransaction
DdeGetData
DdeCreateStringHandleA
ShowCursor
DdeFreeStringHandle
LoadStringA
CloseClipboard
GetClipboardData
EnumClipboardFormats

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wsock32

WSAStartup
gethostbyaddr
WSACleanup

msvcrt

vsprintf
_mkdir
_errno
_rmdir
strncpy
strpbrk
strtok
isspace
strstr
_ftol
strcpy
strchr
memcpy
strcat
memmove
strrchr
fclose
isdigit
_setjmp3
fopen
longjmp
free
_initterm
malloc
_adjust_fdiv
strlen

Exports

Exports

@DispatchAPI@4

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000101
.exe windows:4 windows x86 arch:x86

b91d01f07ed837cead30759d7122da59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
GetFileSecurityA
GetFileSecurityW
GetKernelObjectSecurity
GetSecurityDescriptorControl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorLength
GetSecurityDescriptorOwner
GetSecurityDescriptorSacl
IsValidAcl
IsValidSecurityDescriptor
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
RegSetValueExW
SetFileSecurityA
SetFileSecurityW
SetKernelObjectSecurity
IsValidSid

kernel32

BackupRead
BackupSeek
CloseHandle
CompareFileTime
CompareStringA
CompareStringW
CopyFileA
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileMappingA
CreateFileW
CreateMutexA
CreateProcessA
CreateThread
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeviceIoControl
DosDateTimeToFileTime
EnterCriticalSection
ExitProcess
ExitThread
ExpandEnvironmentStringsA
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FlushFileBuffers
FormatMessageA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetFileAttributesA
GetFileAttributesW
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoA
GetLogicalDriveStringsA
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetNumberFormatA
GetOEMCP
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathA
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GetVolumeInformationA
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalSize
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByte
IsValidLocale
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalFileTimeToFileTime
LocalFree
MapViewOfFile
MoveFileA
MulDiv
MultiByteToWideChar
OpenFileMappingA
RaiseException
ReadFile
ReleaseMutex
RemoveDirectoryA
RtlUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetPriorityClass
SetThreadLocale
SetThreadPriority
SetVolumeLabelA
SizeofResource
Sleep
SystemTimeToFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA

comctl32

ord8
ord6
ImageList_Create
ImageList_Destroy
ImageList_Remove
ImageList_ReplaceIcon
ord17
PropertySheetA

comdlg32

ChooseFontA
CommDlgExtendedError
GetOpenFileNameA
GetOpenFileNameW

gdi32

BitBlt
CreateCompatibleDC
CreateFontA
CreatePatternBrush
CreatePen
CreateSolidBrush
DeleteDC
DeleteObject
ExtTextOutA
GetDeviceCaps
GetObjectA
GetPixel
GetTextExtentPoint32A
GetTextFaceA
GetTextMetricsA
LineTo
MoveToEx
Polygon
Polyline
Rectangle
SelectObject
SetBkColor
SetPixel
SetTextColor
TextOutA

shell32

DragAcceptFiles
DragFinish
DragQueryFileA
DragQueryFileW
ExtractIconExA
FindExecutableA
SHBrowseForFolderA
SHChangeNotify
SHFileOperationA
SHGetDesktopFolder
SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteA
ShellExecuteExA
Shell_NotifyIconA
SHGetPathFromIDListA

user32

AppendMenuA
BeginPaint
BringWindowToTop
CharLowerA
CharLowerW
CharToOemA
CharUpperA
CharUpperW
CheckDlgButton
CheckMenuItem
ClientToScreen
CloseClipboard
CopyIcon
CopyImage
CreateDialogIndirectParamA
CreateDialogParamA
CreateIcon
CreateIconIndirect
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DeleteMenu
DestroyIcon
DestroyMenu
DestroyWindow
DialogBoxParamA
DispatchMessageA
DrawIconEx
DrawMenuBar
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
EnumChildWindows
EnumThreadWindows
EqualRect
ExitWindowsEx
FindWindowA
FindWindowExA
FlashWindow
GetClassNameA
GetClientRect
GetClipboardData
GetCursorPos
GetDC
GetDesktopWindow
GetDialogBaseUnits
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
GetFocus
GetIconInfo
GetKeyState
GetLastActivePopup
GetMenu
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuState
GetMessageA
GetParent
GetPropA
GetSubMenu
GetSysColor
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowTextW
GetWindowThreadProcessId
InsertMenuA
InsertMenuItemA
IntersectRect
InvalidateRect
IsCharAlphaA
IsCharAlphaW
IsCharUpperA
IsCharUpperW
IsChild
IsDialogMessageA
IsDlgButtonChecked
IsIconic
IsWindow
IsWindowEnabled
IsWindowVisible
KillTimer
LoadAcceleratorsA
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
LoadMenuA
LoadStringA
MapWindowPoints
MessageBeep
MessageBoxA
MoveWindow
OemToCharA
OemToCharBuffA
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassA
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseDC
RemovePropA
ScreenToClient
ScrollWindowEx
SendDlgItemMessageA
SendMessageA
SetClipboardData
SetCursor
SetDlgItemInt
SetDlgItemTextA
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetMenu
SetMenuItemInfoA
SetParent
SetPropA
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowTextA
SetWindowTextW
ShowWindow
TrackPopupMenu
TranslateAcceleratorA
TranslateMessage
UpdateWindow
ValidateRect
WinHelpA
WindowFromPoint
wsprintfA
GetSystemMenu

ole32

CoCreateInstance
DoDragDrop
OleInitialize
OleSetClipboard
OleUninitialize

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 573KB - Virtual size: 576KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 170KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
f0000102
.dll regsvr32 windows:4 windows x86 arch:x86

b07da0874b1f490093ddaa145e84d116

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetShortPathNameA
GetStringTypeExA
SizeofResource
InterlockedExchange
GetComputerNameA
CreateProcessA
GetUserDefaultLangID
GlobalFlags
GetSystemInfo
GlobalReAlloc
GetSystemDirectoryA
IsBadCodePtr
HeapCreate
GlobalMemoryStatus
VirtualAlloc
VirtualFree
SetProcessWorkingSetSize
HeapReAlloc
HeapFree
HeapAlloc
HeapSize
GetDateFormatA
GetTimeFormatA
GetProfileIntA
lstrcatA
HeapDestroy
WaitForSingleObject
lstrcmpiA
GlobalCompact
FindResourceA
LoadResource
LockResource
lstrlenA
_lopen
_lread
_lclose
FormatMessageA
WideCharToMultiByte
LCMapStringA
GetSystemDefaultLCID
IsDBCSLeadByte
GlobalAlloc
GetSystemDefaultLangID
GlobalFree
GetFileSize
MoveFileA
DeleteFileA
SetCurrentDirectoryA
GetCurrentDirectoryA
FindNextFileA
GetLogicalDrives
GetVolumeInformationA
GetDiskFreeSpaceA
SystemTimeToFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
FileTimeToDosDateTime
EnterCriticalSection
FindFirstFileA
UnlockFile
GetFileTime
SetErrorMode
LocalFree
Sleep
WinExec
GetModuleFileNameA
MulDiv
LockFile
GetCurrentProcess
DuplicateHandle
SetEndOfFile
SetFilePointer
WriteFile
ReadFile
CloseHandle
GetFileAttributesA
CreateFileA
GetLastError
GetDriveTypeA
RaiseException
IsValidLocale
GetProfileStringA
GetOEMCP
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTickCount
GetFullPathNameA
GlobalSize
GlobalLock
GlobalUnlock
SearchPathA
GetModuleHandleA
InterlockedIncrement
GetLocaleInfoA
GetCurrentProcessId
MultiByteToWideChar
InitializeCriticalSection
lstrlenW
lstrcpyA
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
FindClose
CopyFileA
SetFileAttributesA
LoadLibraryA
GetProcAddress
FreeLibrary
GetCPInfo
GetSystemTime
QueryPerformanceFrequency
GetACP
GetVersionExA
GetLocalTime
IsBadReadPtr
InterlockedDecrement

user32

GetSystemMetrics
InsertMenuItemA
BringWindowToTop
DefWindowProcA
SendMessageA
EndPaint
SetFocus
EnableWindow
MessageBoxA
DestroyMenu
DestroyWindow
ShowWindow
SetClassLongA
GetClassLongA
UpdateWindow
GetWindowLongA
MoveWindow
PostMessageA
GetMenuItemInfoA
GetMenuItemCount
RemoveMenu
ReleaseDC
GetDC
TranslateMessage
GetQueueStatus
SetTimer
PeekMessageA
KillTimer
OffsetRect
GetDesktopWindow
DrawFocusRect
SetClipboardViewer
ChangeClipboardChain
CreateWindowExA
AdjustWindowRect
LoadImageA
ReleaseCapture
SetCapture
GetClassInfoA
RedrawWindow
UnregisterClassA
SetWindowLongA
LoadStringA
FillRect
FrameRect
InflateRect
DrawTextA
SetRectEmpty
CopyRect
PostQuitMessage
GetMenu
ClipCursor
GetClipboardFormatNameA
GetKeyboardLayout
RegisterClipboardFormatA
GetCapture
GetAsyncKeyState
ValidateRect
OemToCharBuffA
InSendMessage
CharPrevA
CharNextA
GetKeyboardType
CharToOemBuffA
ShowCursor
GetActiveWindow
GetFocus
GetCursorPos
GetKeyState
CharUpperBuffA
CharLowerBuffA
DialogBoxParamA
CheckRadioButton
CreateIcon
DestroyCursor
ClientToScreen
RegisterClassA
LoadCursorA
IsWindowVisible
IsIconic
GetSubMenu
IsWindow
SetParent
IsDlgButtonChecked
CheckDlgButton
InvalidateRect
GetWindow
DestroyIcon
DrawIcon
LoadAcceleratorsA
CopyAcceleratorTableA
CreateAcceleratorTableA
DestroyAcceleratorTable
IsChild
SetClipboardData
GetClipboardData
OpenClipboard
EmptyClipboard
CloseClipboard
FindWindowA
GetWindowThreadProcessId
SetCursorPos
GetCursor
keybd_event
MessageBeep
MapVirtualKeyA
GetKeyboardState
SetKeyboardState
CharToOemA
WinHelpA
SetCursor
SetRect
EndDialog
CallWindowProcA
GetClassInfoExA
RegisterClassExA
GetWindowTextA
GetDlgItem
SendDlgItemMessageA
SetWindowTextA
SetForegroundWindow
SetActiveWindow
GetSysColorBrush
DrawIconEx
AppendMenuA
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetScrollInfo
SetScrollInfo
ShowScrollBar
IsZoomed
AdjustWindowRectEx
GetMenuStringA
GetMenuItemID
CreateMDIWindowA
LoadIconA
ShowCaret
SetCaretPos
HideCaret
DestroyCaret
ScrollDC
InvalidateRgn
RegisterWindowMessageA
DrawFrameControl
EnableMenuItem
InsertMenuA
ModifyMenuA
SetMenu
SetMenuItemInfoA
SystemParametersInfoA
GetSystemMenu
DeleteMenu
LoadMenuIndirectA
CreatePopupMenu
DrawMenuBar
GrayStringA
GetWindowDC
SubtractRect
GetDCEx
WindowFromPoint
GetClassNameA
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
DispatchMessageA
GetMessageA
DdeAbandonTransaction
DdeUninitialize
DdeInitializeA
DdePostAdvise
DdeClientTransaction
DdeDisconnect
DdeConnect
DdeAccessData
DdeUnaccessData
DdeFreeDataHandle
DdeEnableCallback
DdeGetLastError
UnionRect
LoadCursorFromFileA
CreateCursor
SetWindowPos
DdeNameService
DdeFreeStringHandle
DdeCreateDataHandle
DdeCreateStringHandleA
DdeQueryStringA
GetSysColor
IsClipboardFormatAvailable
CreateCaret
GetClientRect
ScreenToClient
GetWindowRect
GetParent
SetWindowRgn
EqualRect
IntersectRect
wsprintfA
CreateMenu
PtInRect
SetDlgItemTextA
LoadBitmapA
GetUpdateRect
BeginPaint
ActivateKeyboardLayout

gdi32

SetBrushOrgEx
DeleteMetaFile
CloseMetaFile
GetDIBits
StretchDIBits
GetClipBox
CreateRectRgnIndirect
EnumFontsA
GetDeviceCaps
SetBkColor
SetTextColor
Rectangle
GetBkColor
GetTextColor
GetStockObject
SelectObject
PatBlt
DeleteObject
GetObjectA
CreateHalftonePalette
DeleteDC
CreatePalette
GetDIBColorTable
CreateCompatibleDC
RealizePalette
SelectPalette
SetBkMode
GetBkMode
CreateFontIndirectA
BitBlt
RoundRect
Ellipse
CreateRoundRectRgn
CreateEllipticRgnIndirect
FillRgn
CombineRgn
LineTo
MoveToEx
CreatePen
CreateSolidBrush
SetROP2
GetROP2
GetDCOrgEx
LPtoDP
UnrealizeObject
PaintRgn
CreateRectRgn
CreatePatternBrush
CreateBitmap
GetRgnBox
RectInRegion
FrameRgn
Polyline
GetPixel
EnumFontFamiliesExA
AddFontResourceA
GetTextMetricsA
RemoveFontResourceA
SetTextAlign
GetTextAlign
CopyMetaFileA
CreateHatchBrush
SelectClipRgn
SetRectRgn
ExtTextOutA
GetTextExtentPointA
GdiFlush
OffsetRgn
SetBitmapBits
AbortDoc
EndDoc
StartDocA
EndPage
StartPage
CreateICA
Escape
EnumFontFamiliesA
GetBitmapBits
CreateCompatibleBitmap
CreateBrushIndirect
SetDIBits
CreateDIBitmap
SetViewportExtEx
CreateDCA
SetMapMode
SetViewportOrgEx
CreateMetaFileA
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
SetStretchBltMode
StretchBlt

winspool.drv

ClosePrinter
WritePrinter
DocumentPropertiesA
GetPrinterA
EnumPrintersA
EndDocPrinter
StartDocPrinterA
OpenPrinterA

comdlg32

ChooseColorA
ChooseFontA
CommDlgExtendedError
PrintDlgA
GetOpenFileNameA
GetSaveFileNameA

comctl32

ImageList_Add
ImageList_DragMove
ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_EndDrag

advapi32

RegQueryInfoKeyA
RegEnumValueA
RegDeleteValueA
RegEnumKeyA
RegSetValueA
RegOpenKeyW
RegQueryValueA
RegCreateKeyA
RegQueryValueExA
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegOpenKeyA

shell32

ShellExecuteA
SHFileOperationA
SHAppBarMessage
DragQueryFileA

msvcrt

_mbschr
_mbsrchr
_mbsstr
_mbscspn
_mbsnbcpy
_mbsnbicmp
_mbsnbcat
_stricmp
_strnicmp
strchr
strrchr
strstr
strncpy
strncat
strcspn
_winmajor
_winminor
strtok
atoi
atof
_HUGE
toupper
ceil
floor
sqrt
_itoa
__mb_cur_max
_isctype
_pctype
memcmp
abs
memmove
strcmp
_ftol
strcat
memset
wcslen
wcsncpy
_wcsicmp
_purecall
strcpy
exit
longjmp
_seh_longjmp_unwind
_except_handler3
strlen
_control87
_setjmp3
memchr
atol
strncmp
_mbsicmp
_makepath
_splitpath
sin
cos
acos
asin
atan
tan
atan2
pow
exp
log10
log
getenv
_rmdir
_mkdir
_setmode
_isatty
fabs
modf
ldexp
sscanf
_ultoa
iswctype
strtoul
div
isspace
wcschr
wcscat
wcscpy
_strupr
strspn
ldiv
_strrev
_access
__CxxFrameHandler
_CxxThrowException
isalnum
sprintf
fprintf
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
_iob
__dllonexit
_onexit
free
malloc

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

mpr

WNetOpenEnumA
WNetCloseEnum
WNetEnumResourceA
WNetAddConnection2A
WNetGetUserA
WNetCancelConnection2A
WNetGetConnectionA

oleaut32

SafeArrayCreate
SafeArrayUnaccessData
VariantCopy
LoadRegTypeLi
CreateErrorInfo
SysAllocString
SetErrorInfo
SysStringLen
SysAllocStringLen
SysFreeString
LoadTypeLi
VariantInit
VariantClear
VariantCopyInd
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayGetUBound
GetActiveObject
SafeArrayGetLBound
SafeArrayDestroy
SafeArrayPutElement
OleCreatePropertyFrame
SafeArrayAccessData
DispCallFunc
GetErrorInfo
OleCreatePictureIndirect
OleLoadPicture
RevokeActiveObject
VariantChangeType

ole32

OleRegGetUserType
OleRegGetMiscStatus
CoCreateInstance
StringFromGUID2
OleRegEnumVerbs
CreateDataAdviseHolder
CLSIDFromProgID
CoLockObjectExternal
CLSIDFromString
CoRegisterClassObject
CoUninitialize
CoInitialize
ReleaseStgMedium
CoRevokeClassObject
CoGetMalloc
OleCreateMenuDescriptor
DoDragDrop
RegisterDragDrop
RevokeDragDrop
OleDuplicateData
OleGetClipboard
CoTaskMemFree
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleBuildVersion
OleUninitialize
WriteClassStm
OleSaveToStream
CoDisconnectObject
StgCreateDocfile
OleInitialize
StgIsStorageFile
ProgIDFromCLSID
CreateOleAdviseHolder
OleDestroyMenuDescriptor
StgOpenStorage
OleFlushClipboard
OleIsCurrentClipboard
OleIsRunning
BindMoniker
MkParseDisplayName
CreateBindCtx
OleSave
WriteClassStg
OleDraw
OleLoad
CreateFileMoniker
ReadClassStg
OleConvertOLESTREAMToIStorage
OleCreate
OleCreateFromFile
OleCreateLinkToFile
CoIsOle1Class
OleCreateLinkFromData
OleCreateFromData
OleCreateStaticFromData
OleSetContainedObject
OleConvertIStorageToOLESTREAM
OleQueryLinkFromData
OleRun
IsAccelerator
OleSetMenuDescriptor
CreateGenericComposite
CreateItemMoniker
OleSetClipboard
CoGetClassObject
OleDoAutoConvert
ReadClassStm
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleGetIconOfClass
StgOpenStorageOnILockBytes
GetHGlobalFromILockBytes
GetClassFile
OleQueryCreateFromData
StringFromCLSID

winmm

PlaySoundA
timeGetTime

Exports

Exports

@OCXAPIInit@4
DllCanUnloadNow
DllGetClassObject
DllOleInit
DllRegisterServer
DllUnregisterServer
DllWinMain
VFPDllCanUnloadNow
VFPDllGetClassObject

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000103
.dll windows:4 windows x86 arch:x86

105a34c3b3ecaf6803be201e74c83cf4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

LoadStringA
MessageBoxA

kernel32

DisableThreadLibraryCalls

Exports

Exports

DllVersion

Sections

.text
Size: 512B - Virtual size: 125B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 266B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 853KB - Virtual size: 852KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000104
.exe windows:4 windows x86 arch:x86

21b0be9e9c79dd1b598e3cb319374dd2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__setusermatherr
__p__commode
__p__fmode
_initterm
_adjust_fdiv
_controlfp
__dllonexit
??3@YAXPAX@Z
exit
__getmainargs
_acmdln
strlen
_XcptFilter
_exit
??2@YAPAXI@Z
_stricmp
strcpy
__set_app_type
_except_handler3
_onexit

kernel32

GetStartupInfoA
GetModuleHandleA
WideCharToMultiByte
GetCommandLineA
GetModuleFileNameA

user32

LoadStringA
MessageBoxA
wsprintfA

advapi32

RegDeleteKeyA
RegOpenKeyA
RegCreateKeyA
RegSetValueExA
RegCloseKey

ole32

OleInitialize
StringFromGUID2
CoCreateInstance

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 865B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 685B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000105
f0000106
f0000107
f0000108
f0000109
f0000110
f0000111
f0000112
f0000113
f0000114
f0000115
f0000116
f0000117
f0000118
f0000119
f0000120
f0000121
f0000122
f0000123
f0000124
f0000125
f0000126
f0000127
f0000128
f0000129
f0000130
f0000131
f0000132
f0000133
f0000134
f0000135
f0000136
f0000137
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 58KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��k
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 956KB - Virtual size: 956KB

IMAGE_SCN_MEM_WRITE
f0000138
.chm
f0000139
f0000140
f0000141
f0000142
f0000143
odbckey.inf
odbcstf.dll
.dll windows:4 windows x86 arch:x86

5514db4b207087e90009b344ff1804b2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

strcpy
_stricmp
malloc
strlen
sprintf
sscanf
_close
_open
_access
memset
fflush
strchr
strstr
fclose
strtoul
memcmp
getenv
fopen
fprintf
free
_spawnlp
strcat

advapi32

OpenThreadToken
RegEnumValueA
RegOpenKeyA
RegQueryValueExA
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegCloseKey
RegQueryValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA

user32

LoadCursorA
SetCursor
ExitWindowsEx
wsprintfA
GetDesktopWindow
MessageBoxA

kernel32

GetFileSize
GetSystemDirectoryA
LocalAlloc
LocalLock
LocalUnlock
LocalFree
GetModuleFileNameA
GetModuleHandleW
lstrcmpiA
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentThread
GetVersionExA
GetWindowsDirectoryA
GetVersion
GetCurrentProcess
CreateProcessA
WaitForSingleObject
MoveFileExA
CloseHandle
GetPrivateProfileStringA
GetLastError
FormatMessageA
CreateFileA

mssetup

RestartListEmpty
ForceRestartOn
CbGetSymbolValue
GetSilentMode

Exports

Exports

AcmeComplianceCheck
AcmeConfigDataSource
AcmeDetectFileInUse
AcmeDetectOS
AcmeDllRegisterServer
AcmeFail
AcmeInstallDriver
AcmeInstallDriverManager
AcmeInstallTranslator
AcmeManageDataSources
AcmePrep
AcmeReboot
AcmeYesNo
AsyncEXECalloutCAH
CompareRegData
DetectAdminPrivileges
DetectRegData
LibMain
MdacVerCmp
NTVersion
NoAdminSyncEXECallout
SyncEXECalloutCAH
SyncEXECalloutCAH1
SzGetDatadefVer

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup.exe
setup.inf
setup.ini
setup.lst
setup.stf
setup.tdf
下载说明.htm
.html .js polyglot

Sharing

Errors

General

Malware Config

Signatures

Files

d057661fa0c57da4e10eca58cdf1dc72

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

ole32

mpr

mssetup

version

shell32

Sections

.text Size: 207KB - Virtual size: 207KB

.bss Size: - Virtual size: 2KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 28KB - Virtual size: 28KB

.idata Size: 10KB - Virtual size: 9KB

.edata Size: 512B - Virtual size: 53B

.rsrc Size: 87KB - Virtual size: 88KB

.reloc Size: 17KB - Virtual size: 16KB

9f91a6d65da7fff6bdb420d66d40fac0

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

version

lz32

Exports

Exports

Sections

.text Size: 195KB - Virtual size: 194KB

.expo Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 21KB - Virtual size: 21KB

.idata Size: 7KB - Virtual size: 6KB

.edata Size: 9KB - Virtual size: 8KB

.rsrc Size: 28KB - Virtual size: 27KB

.reloc Size: 11KB - Virtual size: 11KB

8d26773106ed39fbb89a157d19d8aa89

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 190KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 28KB - Virtual size: 28KB

.rsrc Size: 4KB - Virtual size: 936B

.reloc Size: 12KB - Virtual size: 9KB

57259dcda30c27e977785c33a8441434

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 243KB - Virtual size: 243KB

.rdata Size: 44KB - Virtual size: 44KB

.data Size: 12KB - Virtual size: 19KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 916B

.reloc Size: 12KB - Virtual size: 12KB

a6ddee4715543289a7e54b780402c0c5

Headers

File Characteristics

.text
Size: 207KB - Virtual size: 207KB

.bss
Size: - Virtual size: 2KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 28KB - Virtual size: 28KB

.idata
Size: 10KB - Virtual size: 9KB

.edata
Size: 512B - Virtual size: 53B

.rsrc
Size: 87KB - Virtual size: 88KB

.reloc
Size: 17KB - Virtual size: 16KB

.text
Size: 195KB - Virtual size: 194KB

.expo
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 21KB - Virtual size: 21KB

.idata
Size: 7KB - Virtual size: 6KB

.edata
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 28KB - Virtual size: 27KB

.reloc
Size: 11KB - Virtual size: 11KB

.text
Size: 192KB - Virtual size: 190KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 28KB - Virtual size: 28KB

.rsrc
Size: 4KB - Virtual size: 936B

.reloc
Size: 12KB - Virtual size: 9KB

.text
Size: 243KB - Virtual size: 243KB

.rdata
Size: 44KB - Virtual size: 44KB

.data
Size: 12KB - Virtual size: 19KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 916B

.reloc
Size: 12KB - Virtual size: 12KB

.text
Size: 30KB - Virtual size: 30KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 15KB - Virtual size: 20KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 3KB

.text
Size: 104KB - Virtual size: 100KB

.data
Size: 20KB - Virtual size: 25KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 512B - Virtual size: 227B

.rsrc
Size: 4KB - Virtual size: 1004B

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 5KB - Virtual size: 9KB

.rsrc
Size: 6KB - Virtual size: 5KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 8KB - Virtual size: 5KB

03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10
Certificate