3e8edc4305b2d90de100e15f054ab34f

Sharing

Copy URL Twitter E-mail

General

Target

3e8edc4305b2d90de100e15f054ab34f
Size

4.8MB
MD5

3e8edc4305b2d90de100e15f054ab34f
SHA1

9919b91a65a8e2bd73d6d4cea188dfd5b20fec5a
SHA256

05b185afb6140e33084094c86e136ae9d8e354290178bbd914274538fba3aad5
SHA512

5467fc671e038b3210f1056c573083a7cdf2cde8117268a5efa42ae10a9c55324b485b90d91c9ad7ed6c8455619a2e48c358418a68e7b480b3c239a5b758f012
SSDEEP

98304:GQPSXHriXwoyUKIQcg9+yzPWXB6sFLwbZSccdKtpxwM33lANnDGb6a9pg3q8g9z:vPSGXwoyUKv9+oPowbcFdKHLCNCb6a9f

Score

3^/10

pdf link

Malware Config

Signatures

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Unsigned PE 11 IoCs

Checks for missing Authenticode signature.

resource
unpack001/keygen/keygen.exe
unpack002/DiskShop.exe
unpack002/Dszip.dll
unpack002/MSCHART.OCX
unpack002/MSVCRT.DLL
unpack002/SETUP1.EXE
unpack002/ST6UNST.EXE
unpack002/VB6STKIT.DLL
unpack002/dssupp.dll
unpack002/scrrun.dll
unpack001/setup/setup.exe

Files

3e8edc4305b2d90de100e15f054ab34f
.rar
keygen/keygen.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
setup/DiskShop.CAB
.cab
DS.ico
DigitSoft.html
.html
DiskShop.exe
.exe windows:4 windows x86 arch:x86

b56898a52ce8d45728686634959b35aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

EVENT_SINK_GetIDsOfNames
__vbaVarTstGt
__vbaVarSub
__vbaStrI2
ord690
ord691
_CIcos
_adj_fptan
__vbaVarMove
__vbaStrI4
__vbaVarVargNofree
__vbaFreeVar
__vbaAryMove
__vbaStrVarMove
__vbaLateIdCall
__vbaLenBstr
__vbaLineInputStr
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
EVENT_SINK_Invoke
__vbaRaiseEvent
__vbaNextEachVar
__vbaLineInputVar
__vbaFreeObjList
ord622
__vbaVarFix
_adj_fprem1
__vbaRecAnsiToUni
ord518
ord519
__vbaI2Abs
__vbaStrCat
__vbaVarCmpNe
ord660
__vbaRecDestruct
__vbaStrDate
__vbaSetSystemError
ord554
ord662
__vbaHresultCheckObj
__vbaNameFile
ord556
ord557
__vbaLenVar
_adj_fdiv_m32
ord666
__vbaVarTstLe
Zombie_GetTypeInfo
__vbaVarCmpGe
__vbaAryDestruct
__vbaLateMemSt
__vbaVarForInit
__vbaExitProc
__vbaForEachCollObj
ord300
ord301
__vbaStrLike
__vbaOnError
__vbaObjSet
ord595
ord302
_adj_fdiv_m16i
ord303
__vbaObjSetAddref
_adj_fdivr_m16i
ord304
ord598
ord305
ord599
__vbaFpR4
ord306
__vbaBoolVar
__vbaForEachCollVar
ord520
ord307
ord308
__vbaFPFix
ord309
__vbaFpR8
__vbaBoolVarNull
__vbaVarTstLt
_CIsin
__vbaErase
ord632
__vbaNextEachCollObj
ord525
__vbaVarCmpGt
__vbaChkstk
__vbaFileClose
ord526
EVENT_SINK_AddRef
ord528
__vbaGenerateBoundsError
__vbaStrCmp
__vbaVarTstEq
__vbaDateR8
__vbaR4Str
ord561
__vbaI2I4
__vbaObjVar
__vbaVarLikeVar
__vbaNextEachCollVar
DllFunctionCall
ord563
__vbaVarOr
__vbaCastObjVar
__vbaRedimPreserve
__vbaAryConstruct
__vbaStrR4
__vbaLbound
_adj_fpatan
__vbaR4Var
__vbaLateIdCallLd
Zombie_GetTypeInfoCount
__vbaRedim
__vbaStrR8
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
ord600
__vbaUI1I2
_CIsqrt
ord310
__vbaVarAnd
__vbaObjIs
ord311
EVENT_SINK_QueryInterface
__vbaVarMul
__vbaExceptHandler
ord312
ord313
__vbaPrintFile
__vbaStrToUnicode
ord314
__vbaDateStr
_adj_fprem
_adj_fdivr_m64
ord315
__vbaFailedFriend
__vbaI2Str
__vbaLateIdStAd
__vbaVarDiv
ord316
ord530
ord608
__vbaFPException
__vbaInStrVar
ord319
__vbaStrVarVal
__vbaUbound
__vbaVarCat
__vbaDateVar
__vbaI2Var
ord537
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaInStr
__vbaNew2
__vbaR8Str
__vbaVar2Vec
ord571
__vbaVarInt
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaVarSetObj
__vbaI4Str
__vbaVarCmpLt
__vbaFreeStrList
_adj_fdivr_m32
__vbaR8Var
_adj_fdiv_r
ord685
ord100
ord579
__vbaVarTstNe
__vbaI4Var
__vbaVarCmpEq
ord689
ord610
__vbaVarAdd
__vbaAryLock
__vbaLateMemCall
ord320
__vbaVarDup
ord612
__vbaStrToAnsi
ord321
__vbaVerifyVarObj
__vbaFpI2
__vbaVarCopy
__vbaFpI4
__vbaVarTstGe
ord616
__vbaRecDestructAnsi
ord617
__vbaLateMemCallLd
_CIatan
__vbaUI1Str
__vbaStrMove
__vbaCastObj
ord619
__vbaStrVarCopy
__vbaForEachVar
_allmul
__vbaLateIdSt
__vbaLateMemCallSt
_CItan
__vbaAryUnlock
__vbaFPInt
__vbaVarForNext
_CIexp
__vbaMidStmtBstr
__vbaFreeObj
__vbaFreeStr
ord580

Sections

.text
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 299KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dszip.dll
.dll windows:4 windows x86 arch:x86

505d900d1db77b496cef085f828baf74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ReleaseMutex
WaitForSingleObject
CloseHandle
InterlockedExchange
CreateMutexA
HeapFree
HeapAlloc
GetProcessHeap
GetLastError
CreateFileA
GetCurrentProcess
GetVolumeInformationA
FindClose
FindFirstFileA
GetVersion
GetFileType
GetFileTime
GetFullPathNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileA
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
PeekNamedPipe
GetFileInformationByHandle
GetDriveTypeA
lstrcpynA
lstrcpyA
lstrcatA
GetFileAttributesA
lstrlenA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
MultiByteToWideChar
MoveFileA
SetStdHandle
HeapReAlloc
Sleep
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
ExitProcess
TerminateProcess
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
RtlUnwind
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
WriteFile
WideCharToMultiByte
ReadFile
GetStringTypeA
GetStringTypeW
SetFilePointer
FlushFileBuffers
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetEndOfFile
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
InterlockedDecrement
InterlockedIncrement
GetProcAddress
LoadLibraryA
LCMapStringA
LCMapStringW
GetLocaleInfoW
GetCurrentDirectoryA
SetCurrentDirectoryA
DeleteFileA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
RemoveDirectoryA

user32

wvsprintfA

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
GetSecurityDescriptorLength
GetKernelObjectSecurity
OpenProcessToken

Exports

Exports

ZpArchive
ZpGetOptions
ZpInit
ZpSetOptions
ZpVersion

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Line34.jpg
.jpg
Line34DG.jpg
.jpg
Line34Db.jpg
.jpg
MSCHART.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

f86ff6c8f7902d8036b89a6690ff96eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpA
GetCommandLineA
GetStringTypeW
LCMapStringW
LCMapStringA
WriteFile
GetStringTypeA
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetACP
FreeEnvironmentStringsA
GetOEMCP
GetStdHandle
GetCPInfo
GetStartupInfoA
HeapDestroy
GetFileType
SetHandleCount
TerminateProcess
HeapCreate
GetCurrentProcess
GetProcAddress
ExitProcess
GetModuleHandleA
OpenFile
GetModuleFileNameA
GetProcessHeap
lstrcpynA
lstrlenA
MultiByteToWideChar
IsDBCSLeadByte
lstrlenW
HeapAlloc
WideCharToMultiByte
HeapFree
DeleteCriticalSection
GetVersion
InitializeCriticalSection
DisableThreadLibraryCalls
FindResourceA
LoadResource
LockResource
GetLastError
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
GetLocaleInfoA
LoadLibraryA
EnterCriticalSection
LeaveCriticalSection
GetWindowsDirectoryA
lstrcpyA
SetStdHandle
GetSystemTime
GlobalFree
MulDiv
ReadFile
GetFileSize
CreateFileA
SetEnvironmentVariableA
FreeLibrary
CompareStringW
CompareStringA
CloseHandle
GetTimeZoneInformation
GetLocaleInfoW
lstrcatA
SetFilePointer
FlushFileBuffers
GetUserDefaultLCID
IsValidCodePage
RaiseException
OutputDebugStringA
GlobalSize
IsValidLocale
GlobalReAlloc
GlobalLock
GetLocalTime
HeapSize
HeapCompact
GlobalAlloc
GlobalUnlock

user32

DrawFocusRect
MessageBoxA
SetClipboardData
GetSysColor
GetWindowTextA
GetWindowTextLengthA
SetWindowTextA
IsWindow
DrawTextA
GetDesktopWindow
KillTimer
SetTimer
FrameRect
MapWindowPoints
HideCaret
ChildWindowFromPoint
GetClassInfoA
GetClassNameA
GetCursor
RegisterClipboardFormatA
GetUpdateRect
GetCursorPos
SetCursor
UpdateWindow
GetDoubleClickTime
LoadBitmapA
CharLowerBuffA
WindowFromPoint
ScreenToClient
DestroyWindow
SetWindowRgn
ClientToScreen
EqualRect
LoadStringA
RegisterClassA
LoadCursorA
FillRect
UnregisterClassA
InvalidateRect
GetCapture
GetFocus
CreateDialogIndirectParamA
IsWindowEnabled
GetNextDlgTabItem
IsChild
IsDialogMessageA
WinHelpA
GetKeyState
CallWindowProcA
MoveWindow
SendMessageA
SetFocus
BeginPaint
EndPaint
SetParent
IsWindowVisible
CreateWindowExA
ShowWindow
IntersectRect
DefWindowProcA
GetParent
GetDlgCtrlID
GetWindowRect
OffsetRect
GetDialogBaseUnits
GetSystemMetrics
GetActiveWindow
CharNextA
GetDC
ReleaseDC
wsprintfA
GetDlgItem
GetDlgItemTextA
GetWindow
SetWindowPos
RegisterWindowMessageA
DialogBoxIndirectParamA
EndDialog
EnableWindow
GetWindowLongA
SetWindowLongA
ReleaseCapture
PostMessageA
PeekMessageA
GetClientRect
PtInRect
SetCapture

ole32

CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
ReleaseStgMedium
OleGetClipboard
OleInitialize
OleFlushClipboard
OleUninitialize
CreateOleAdviseHolder
OleSetClipboard

advapi32

RegDeleteKeyA
RegQueryValueA
RegOpenKeyA
RegEnumKeyExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA

oleaut32

VariantInit
SysAllocString
SafeArrayDestroy
OleTranslateColor
SysStringLen
SafeArrayCreate
VariantClear
SafeArrayPutElement
SysFreeString
VariantChangeType
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
OleCreatePropertyFrame
SetErrorInfo
SafeArrayGetDim
SysAllocStringLen
LoadRegTypeLi
LoadTypeLibEx
UnRegisterTypeLi
RegisterTypeLi
CreateErrorInfo
VarR4FromCy
LoadTypeLi
SafeArrayCopy

comdlg32

ChooseColorA

gdi32

DeleteObject
GetDeviceCaps
DeleteMetaFile
StretchDIBits
RestoreDC
DeleteDC
SelectObject
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
SaveDC
CreateRectRgnIndirect
SetMapMode
SetViewportExtEx
SetWindowExtEx
SetViewportOrgEx
SetWindowOrgEx
GetViewportExtEx
GetWindowExtEx
OffsetViewportOrgEx
CreateDCA
PlayMetaFile
CreatePalette
GetStockObject
CreateHatchBrush
CreatePatternBrush
CreateBitmap
CreatePenIndirect
CreateFontIndirectA
CreateBrushIndirect
GetKerningPairsA
GetOutlineTextMetricsA
EnumFontFamiliesA
GetGlyphOutlineA
RealizePalette
GetCharABCWidthsA
SetPolyFillMode
SetROP2
SelectPalette
SetBkColor
SetTextColor
SetBkMode
IntersectClipRect
SetPixel
GetTextExtentPoint32A
UpdateColors
CreateMetaFileA
Escape
CloseMetaFile
GetPixel
DPtoLP
ExtTextOutA
GetTextMetricsA
GetBkMode
CreatePen
UnrealizeObject
SetBrushOrgEx
TextOutA
PolyPolygon
GetMetaFileBitsEx
CopyMetaFileA
LPtoDP
Polyline
SetMetaFileBitsEx
GetObjectA
GetDIBits
SetTextAlign
Arc
Pie
Polygon
Chord
MoveToEx
Rectangle
Ellipse
LineTo

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 589KB - Virtual size: 588KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 223KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSCOMCT2.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

71e4dc10f7cc0c7bb2b43714bb9f46c1

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:0e:7d:a7:00:00:00:00:00:48
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/10/2003, 05:59

Not After

25/01/2005, 06:09

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

f3:8a:eb:ca:d3:84:50:9f:6f:92:6a:b6:cb:f7:e6:bb:9c:34:2a:93
Signer

Actual PE Digest

f3:8a:eb:ca:d3:84:50:9f:6f:92:6a:b6:cb:f7:e6:bb:9c:34:2a:93

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
VirtualFree
GetCPInfo
GetOEMCP
VirtualAlloc
FlushFileBuffers
SetStdHandle
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentProcess
TerminateProcess
ExitProcess
RtlUnwind
GetCommandLineA
IsBadReadPtr
GlobalReAlloc
UnmapViewOfFile
GetFileSize
CreateFileMappingA
MapViewOfFile
GetSystemDefaultLCID
GetCurrentThreadId
GetCurrentProcessId
HeapCreate
HeapDestroy
FreeResource
LocalSize
RtlMoveMemory
CreateThread
Sleep
WaitForSingleObject
GetTimeFormatA
GlobalHandle
lstrcmpA
GetThreadLocale
MulDiv
LocalAlloc
GetProfileIntA
LocalReAlloc
LocalFree
GetTickCount
GetModuleHandleA
GlobalAddAtomA
GetACP
CompareStringW
CompareStringA
GlobalSize
GetVersionExA
IsDBCSLeadByte
lstrcpynA
GetFileAttributesA
GetVersion
DisableThreadLibraryCalls
FindResourceA
LoadResource
LockResource
GetLastError
lstrcmpiA
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
lstrcatA
GetModuleFileNameA
MultiByteToWideChar
IsBadWritePtr
GetDateFormatA
lstrcpyA
GetLocaleInfoA
GetLocalTime
CreateFileA
CloseHandle
GlobalAlloc
WriteFile
GlobalLock
HeapAlloc
DeleteCriticalSection
WideCharToMultiByte
lstrlenW
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
HeapFree
FreeLibrary
lstrlenA
GetProcessHeap
GlobalFree
GlobalUnlock

user32

GrayStringA
HideCaret
DestroyCaret
CreateCaret
GetAsyncKeyState
SetCaretPos
DrawTextExA
SetRectEmpty
GetShellWindow
SetKeyboardState
GetKeyboardState
MapVirtualKeyA
ShowCaret
GetUpdateRgn
DestroyCursor
GetWindowRgn
ValidateRect
GetDCEx
LockWindowUpdate
CharNextExA
GetIconInfo
GetCursor
GetForegroundWindow
InvalidateRgn
GetKeyboardLayout
GetUpdateRect
DeferWindowPos
BeginDeferWindowPos
FindWindowA
TrackPopupMenu
GetKeyNameTextA
RemovePropA
SendNotifyMessageA
FrameRect
ChildWindowFromPoint
DrawIcon
TranslateMessage
DispatchMessageA
MessageBeep
UnregisterClassA
CreateDialogIndirectParamA
IsChild
GetNextDlgTabItem
IsDialogMessageA
WinHelpA
ScrollWindowEx
InvalidateRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetClipboardFormatNameA
RegisterClipboardFormatA
RegisterWindowMessageA
PeekMessageA
ScreenToClient
PostMessageW
PeekMessageW
RedrawWindow
InflateRect
AdjustWindowRectEx
CreatePopupMenu
DestroyMenu
DrawTextA
DrawFocusRect
AppendMenuA
AdjustWindowRect
IsZoomed
EnumChildWindows
GetDesktopWindow
ShowScrollBar
SetScrollRange
SetScrollPos
GetMessageA
GetScrollPos
IsRectEmpty
CallMsgFilterA
GetMessagePos
GetDoubleClickTime
InvertRect
GetSysColorBrush
SetCursor
GetWindowDC
UnionRect
SetTimer
SetScrollInfo
EnableScrollBar
UpdateWindow
KillTimer
LoadCursorA
GetMessageTime
GetDlgCtrlID
GetWindowThreadProcessId
WindowFromPoint
EndDeferWindowPos
EndDialog
ReleaseCapture
PtInRect
SetWindowRgn
IntersectRect
EqualRect
OffsetRect
GetParent
ClientToScreen
GetWindowRect
GetActiveWindow
GetWindow
MoveWindow
BeginPaint
EndPaint
SetParent
IsWindowVisible
CreateWindowExA
DestroyWindow
CharNextA
GetPropA
GetCursorPos
SetCursorPos
MapWindowPoints
DefWindowProcA
SetPropA
IsWindow
SetDlgItemTextA
CheckDlgButton
IsWindowEnabled
GetDlgItemTextA
GetDC
ReleaseDC
SetWindowPos
SetWindowLongA
GetWindowLongA
SendDlgItemMessageA
IsDlgButtonChecked
GetClientRect
GetFocus
LoadIconA
FillRect
DrawIconEx
ShowWindow
DestroyIcon
SetDlgItemInt
GetDlgItemInt
MessageBoxA
SetFocus
GetWindowTextLengthA
SetWindowTextA
GetWindowTextA
EnableWindow
SendMessageA
DialogBoxParamA
GetKeyState
SetCapture
GetCapture
CallWindowProcA
PostMessageA
GetSysColor
SetRect
DrawEdge
GetSystemMetrics
GetClassInfoA
RegisterClassA
GetDlgItem
LoadStringA
wsprintfA
GetScrollInfo
GetClassNameA
DrawFrameControl
CopyRect

ole32

OleLoadFromStream
ReleaseStgMedium
DoDragDrop
RegisterDragDrop
RevokeDragDrop
OleSaveToStream
CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

advapi32

RegEnumKeyExA
RegCreateKeyA
RegOpenKeyA
RegQueryValueA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

SafeArrayCopy
SafeArrayGetElement
SafeArrayCreate
SafeArrayPutElement
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayGetLBound
VariantCopy
SafeArrayUnaccessData
OleCreateFontIndirect
GetErrorInfo
OleCreatePictureIndirect
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLibEx
SetErrorInfo
LoadTypeLi
CreateErrorInfo
VariantCopyInd
SafeArrayCreateVector
OleCreatePropertyFrame
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
OleTranslateColor
VariantChangeTypeEx
VariantChangeType
SysAllocStringLen
VariantInit
SysStringLen
SysAllocString
LoadRegTypeLi
VariantClear
SafeArrayRedim
SysFreeString

gdi32

ExcludeClipRect
SetBrushOrgEx
GetClipRgn
OffsetRgn
GetDIBColorTable
SetDIBColorTable
CreateDIBSection
OffsetWindowOrgEx
ExtTextOutW
GetTextExtentPointW
CreateHalftonePalette
GetTextAlign
SetTextAlign
DeleteObject
GetDeviceCaps
SelectObject
CreateSolidBrush
PatBlt
Polyline
CreatePen
StretchDIBits
GetDIBits
GetSystemPaletteEntries
GetObjectA
CreateBitmap
DeleteDC
CreateCompatibleDC
CreateDCA
SetBkColor
GetStockObject
GetTextExtentPoint32A
CreateFontIndirectA
GetCurrentObject
GetTextMetricsA
SetViewportOrgEx
SetWindowOrgEx
CreateRectRgnIndirect
GetViewportExtEx
GetWindowExtEx
LPtoDP
SetMapMode
SetViewportExtEx
SetWindowExtEx
SetTextColor
SelectClipRgn
CreateRectRgn
Rectangle
StretchBlt
CreateICA
CopyMetaFileA
CopyEnhMetaFileA
GetPaletteEntries
RealizePalette
SelectPalette
CreateDIBitmap
GetBitmapBits
CreatePalette
GetNearestColor
GetClipBox
TextOutA
SetBkMode
CreateFontA
CreatePatternBrush
ExtTextOutA
RestoreDC
IntersectClipRect
SaveDC
GetBkColor
GetCharWidthA
GetTextExtentPointA
Arc
RectVisible
Ellipse
LineTo
MoveToEx
GetPixel
CreateCompatibleBitmap
BitBlt
CombineRgn
GetTextColor

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 468KB - Virtual size: 466KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSCOMCTL.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

ce21923007044b1701a0b2dc4ac9396b

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:0c:ab:11:d8:22:ef:7d:6c:79:7e
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

23/05/2002, 08:00

Not After

25/09/2011, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:05:87:58:00:03:00:00:00:5a
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

05/01/2005, 23:20

Not After

05/04/2006, 23:30

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

d3:33:87:9d:a3:7d:db:aa:b4:12:4a:ae:67:2b:01:a6:0b:07:8a:fd
Signer

Actual PE Digest

d3:33:87:9d:a3:7d:db:aa:b4:12:4a:ae:67:2b:01:a6:0b:07:8a:fd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
LocalReAlloc
GetProfileIntA
RtlMoveMemory
LocalSize
FreeResource
GetCurrentProcessId
MulDiv
GetTickCount
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
GlobalReAlloc
IsBadReadPtr
Sleep
WaitForSingleObject
GlobalHandle
GetThreadLocale
LocalFree
LocalAlloc
GlobalAddAtomA
SetFilePointer
SetStdHandle
FlushFileBuffers
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentProcess
TerminateProcess
ExitProcess
RtlUnwind
GetCommandLineA
CompareStringW
GlobalSize
CreateFileA
GetFileSize
GlobalUnlock
GlobalLock
ReadFile
CloseHandle
IsDBCSLeadByte
GetModuleHandleA
FindResourceA
LoadResource
LockResource
GetLastError
GetFileAttributesA
GetVersion
DisableThreadLibraryCalls
GetProcAddress
GetLocaleInfoA
LoadLibraryA
GetWindowsDirectoryA
lstrcatA
GetModuleFileNameA
IsBadWritePtr
lstrcmpiA
GetLocalTime
GetTimeFormatA
GetDateFormatA
lstrcmpA
GlobalAlloc
GlobalFree
GetVersionExA
GetCurrentThreadId
MultiByteToWideChar
CompareStringA
lstrcpyA
InterlockedExchange
lstrlenA
GetSystemDefaultLCID
lstrcpynA
HeapAlloc
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
InterlockedIncrement
InterlockedDecrement
HeapReAlloc

user32

DrawFocusRect
AdjustWindowRect
DrawFrameControl
TrackPopupMenu
GetMessageA
AdjustWindowRectEx
CopyRect
GetKeyNameTextA
ShowCaret
SetCaretPos
GrayStringA
HideCaret
DestroyCaret
CreateCaret
SetWindowTextA
SetScrollInfo
DrawTextExA
InvertRect
SetRectEmpty
GetShellWindow
SetKeyboardState
GetKeyboardState
GetScrollInfo
GetKeyboardLayout
DestroyCursor
GetUpdateRgn
GetUpdateRect
GetWindowRgn
ValidateRect
CallMsgFilterA
LockWindowUpdate
IsZoomed
GetDesktopWindow
GetIconInfo
GetCursor
GetForegroundWindow
InvalidateRgn
EndDeferWindowPos
EnumChildWindows
GetDoubleClickTime
FindWindowA
GetMessageTime
GetWindowThreadProcessId
RemovePropA
SendNotifyMessageA
SetScrollPos
SetScrollRange
GetWindowTextLengthA
EnableScrollBar
ChildWindowFromPoint
EndDialog
GetWindow
GetPropA
GetCursorPos
WindowFromPoint
GetClassNameA
GetDlgCtrlID
IsWindow
SetPropA
SetTimer
KillTimer
SendDlgItemMessageA
IsWindowVisible
UnregisterClassA
CharNextA
SetActiveWindow
CheckRadioButton
SetFocus
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
CheckDlgButton
GetDlgItem
IsWindowEnabled
GetDCEx
DrawIconEx
CreateIconIndirect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetClipboardFormatNameA
SetCursorPos
RegisterClipboardFormatA
MessageBeep
RegisterWindowMessageA
PeekMessageA
PostMessageW
PeekMessageW
VkKeyScanA
SetParent
CharUpperA
GetDlgItemInt
SetCursor
CreateDialogIndirectParamA
GetNextDlgTabItem
IsDialogMessageA
ScrollWindowEx
GetDlgItemTextA
SetWindowRgn
IntersectRect
EqualRect
MoveWindow
BeginPaint
EndPaint
DeferWindowPos
BeginDeferWindowPos
CharNextExA
DrawIcon
DestroyIcon
MapWindowPoints
CreatePopupMenu
AppendMenuA
TrackPopupMenuEx
DestroyMenu
GetActiveWindow
MessageBoxA
WinHelpA
PtInRect
DefWindowProcA
GetWindowDC
SetRect
LoadCursorA
IsRectEmpty
ClientToScreen
GetWindowRect
MapVirtualKeyA
DestroyWindow
CreateWindowExA
GetSysColorBrush
GetAsyncKeyState
EnableWindow
PostMessageA
TranslateMessage
DispatchMessageA
wsprintfA
DialogBoxParamA
UpdateWindow
GetWindowLongA
SetWindowLongA
GetDC
ReleaseDC
GetParent
OffsetRect
UnionRect
GetFocus
IsChild
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetMessagePos
ScreenToClient
SetWindowPos
SetCapture
GetWindowTextA
WindowFromDC
GetClientRect
CallWindowProcA
DrawEdge
GetSysColor
FrameRect
InflateRect
FillRect
DrawTextA
GetKeyState
GetCapture
ReleaseCapture
GetClassInfoA
RegisterClassA
InvalidateRect
LoadIconA
GetSystemMetrics
CopyImage
SendMessageA
LoadStringA
RedrawWindow
ShowWindow
CreateAcceleratorTableA

ole32

ReleaseStgMedium
DoDragDrop
RegisterDragDrop
RevokeDragDrop
CreateStreamOnHGlobal
OleLoadFromStream
OleSaveToStream
CreateOleAdviseHolder
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

advapi32

RegDeleteKeyA
RegOpenKeyA
RegQueryValueA
RegQueryValueExA
RegEnumKeyExA
RegCreateKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegDeleteValueA

oleaut32

SafeArrayRedim
SafeArrayPutElement
SafeArrayGetElement
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
GetErrorInfo
OleCreateFontIndirect
OleCreatePropertyFrame
LoadTypeLibEx
UnRegisterTypeLi
RegisterTypeLi
CreateErrorInfo
SetErrorInfo
LoadRegTypeLi
LoadTypeLi
VariantChangeTypeEx
SysStringByteLen
SysAllocStringByteLen
OleLoadPicture
SysAllocStringLen
VariantCopy
OleTranslateColor
VariantChangeType
OleCreatePictureIndirect
VariantCopyInd
SysStringLen
SysFreeString
VariantInit
VariantClear
SysAllocString
SafeArrayCopy

comdlg32

GetOpenFileNameA

gdi32

Arc
GetTextExtentPointA
GetCharWidthA
OffsetWindowOrgEx
ExtTextOutW
GetTextExtentPointW
Polyline
GetTextAlign
SetTextAlign
OffsetRgn
GetTextColor
CombineRgn
GetTextMetricsA
MoveToEx
LineTo
Ellipse
DeleteObject
SelectObject
CreateSolidBrush
SetViewportOrgEx
SetWindowOrgEx
SetViewportExtEx
SetWindowExtEx
SetMapMode
GetDeviceCaps
CreateFontIndirectA
GetObjectA
SelectClipRgn
ExcludeClipRect
RectVisible
GetClipBox
IntersectClipRect
GetClipRgn
CreateRectRgnIndirect
RealizePalette
SelectPalette
PatBlt
CreateCompatibleBitmap
CreateBitmap
CreateCompatibleDC
GetTextExtentPoint32A
TextOutA
SetBkColor
SetTextColor
SetBkMode
Rectangle
CreatePen
GetStockObject
GetViewportExtEx
GetWindowExtEx
LPtoDP
DeleteDC
CreateDCA
CreateRectRgn
StretchBlt
CreateICA
CopyMetaFileA
CopyEnhMetaFileA
GetPaletteEntries
GetDIBits
CreateDIBitmap
GetBitmapBits
CreatePalette
GetNearestColor
CreatePatternBrush
CreateDIBSection
CreateHalftonePalette
BitBlt
SetDIBColorTable
GetDIBColorTable
GetPixel
StretchDIBits
SetBrushOrgEx
GetBkColor
ExtTextOutA
RestoreDC
SaveDC
CreateFontA

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 690KB - Virtual size: 690KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 279KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSCOMM32.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

981c4b05d92d1681a5f459ad4e52b1b8

Code Sign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetCommModemStatus
WriteFile
GetCommProperties
ResetEvent
GetOverlappedResult
IsBadWritePtr
MultiByteToWideChar
Sleep
ReadFile
SetCommState
GetCommState
ClearCommError
lstrcpynA
lstrlenA
CreateThread
WaitCommEvent
GlobalUnlock
GlobalLock
GlobalAlloc
ClearCommBreak
SetCommBreak
GetVersion
GetFileAttributesA
lstrcatA
GetModuleFileNameA
GetWindowsDirectoryA
LoadLibraryA
GetLocaleInfoA
GetProcAddress
InterlockedIncrement
InterlockedDecrement
HeapReAlloc
lstrcmpiA
LockResource
LoadResource
FindResourceA
CompareStringA
CompareStringW
lstrcmpA
CreateEventA
CreateFileA
GetLastError
SetupComm
SetCommTimeouts
SetCommMask
WaitForSingleObject
DisableThreadLibraryCalls
GlobalFree
IsDBCSLeadByte
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
GetProcessHeap
CloseHandle
lstrcpyA
EscapeCommFunction
PurgeComm

user32

ShowWindow
SetWindowRgn
PtInRect
IsDialogMessageA
GetWindowLongA
IsWindowEnabled
IsChild
GetKeyState
OffsetRect
IntersectRect
DrawIcon
LoadCursorA
RegisterClassA
DestroyIcon
DestroyWindow
GetSystemMetrics
GetDlgItemInt
GetDlgItemTextA
GetDlgItem
SendMessageA
SetDlgItemInt
SetDlgItemTextA
DialogBoxParamA
wsprintfA
CreateWindowExA
SetWindowLongA
DefWindowProcA
EqualRect
GetWindowRect
GetParent
ClientToScreen
MoveWindow
GetActiveWindow
GetWindow
GetClientRect
SetFocus
BeginPaint
IsWindowVisible
EndPaint
SetParent
CheckDlgButton
SetWindowPos
CharNextA
EndDialog
LoadIconA
DrawEdge
CreateDialogIndirectParamA
PostMessageA
WinHelpA
GetNextDlgTabItem
LoadStringA
UnregisterClassA
ReleaseDC
GetDC
IsDlgButtonChecked
MessageBoxA
RegisterClipboardFormatA

ole32

CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
ReleaseStgMedium

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

OleCreatePropertyFrame
VariantChangeType
SetErrorInfo
UnRegisterTypeLi
LoadTypeLi
LoadTypeLibEx
OleLoadPicture
GetErrorInfo
RegisterTypeLi
SafeArrayCreate
SafeArrayPutElement
LoadRegTypeLi
SafeArrayGetDim
SysStringLen
SysAllocStringLen
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayGetLBound
VariantClear
SysFreeString
VariantInit
SysAllocString
CreateErrorInfo

gdi32

DeleteDC
GetWindowExtEx
GetViewportExtEx
LPtoDP
SetMapMode
CreateDCA
SetWindowOrgEx
SetViewportOrgEx
SetWindowExtEx
SetViewportExtEx
GetDeviceCaps
CreateRectRgnIndirect

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSVCRT.DLL
.dll windows:4 windows x86 arch:x86

f583a53985668060aed820e29de94793

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
RtlUnwind
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetUnhandledExceptionFilter
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
ResumeThread
CreateThread
TlsSetValue
TlsGetValue
ExitThread
CloseHandle
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapFree
HeapAlloc
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
SetEnvironmentVariableW
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
RaiseException
SetStdHandle
Sleep
CompareStringA
CompareStringW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
GetTimeZoneInformation
SetEnvironmentVariableA
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
HeapSize
ReadConsoleA
SetConsoleMode
GetConsoleMode
SetEndOfFile
WriteConsoleA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
GetSystemTimeAsFileTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime
GetSystemTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__argc
__argv
__badioinfo
__crtCompareStringA
__crtGetLocaleInfoW
__crtLCMapStringA
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__isascii
__iscsym
__iscsymf
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pioinfo
__pxcptinfoptrs
__set_app_type
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__unguarded_readlc_active
__wargv
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_creat
_cscanf
_ctype
_cwait
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirsti64
_findnext
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstati64
_ftime
_ftol
_fullpath
_futime
_gcvt
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getws
_global_unwind2
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putws
_pwctype
_read
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_searchenv
_seh_longjmp_unwind
_set_error_mode
_set_sbh_threshold
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snwprintf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_splitpath
_stat
_stati64
_statusfp
_strcmpi
_strdate
_strdup
_strerror
_stricmp
_stricoll
_strlwr
_strncoll
_strnicmp
_strnicoll
_strnset
_strrev
_strset
_strtime
_strupr
_swab
_sys_errlist
_sys_nerr
_tell
_telli64
_tempnam
_timezone
_tolower
_toupper
_tzname
_tzset
_ui64toa
_ui64tow
_ultoa
_ultow
_umask
_ungetch
_unlink
_unloaddll
_unlock
_utime
_vsnprintf
_vsnwprintf
_waccess
_wasctime
_wchdir
_wchmod
_wcmdln
_wcreat
_wcsdup
_wcsicmp
_wcsicoll
_wcslwr
_wcsncoll
_wcsnicmp
_wcsnicoll
_wcsnset
_wcsrev
_wcsset
_wcsupr

Sections

.text
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MainBlack2500.jpg
.jpg
MainBlack800.jpg
.jpg
MainBlue2500.jpg
.jpg
MainBlue800.jpg
.jpg
MainBrown2500.jpg
.jpg
MainBrown800.jpg
.jpg
MainGreen2500.jpg
.jpg
MainGreen800.jpg
.jpg
MainMetal2500.jpg
.jpg
MainMetal800.jpg
.jpg
MainPlastic2500.jpg
.jpg
MainPlastic800.jpg
.jpg
MainUser2500.jpg
.jpg
MainUser800.jpg
.jpg
MainViolet2500.jpg
.jpg
MainViolet800.jpg
.jpg
Orderconfirm.txt
Readme.txt
SETUP1.EXE
.exe windows:4 windows x86 arch:x86

5946fd983925428aae7317d5d4322237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarTstGt
__vbaVarSub
__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaStrI4
__vbaVarVargNofree
__vbaFreeVar
__vbaLineInputStr
__vbaLenBstr
ord588
__vbaStrVarMove
ord589
ord697
__vbaFreeVarList
_adj_fdiv_m64
ord513
__vbaFreeObjList
ord516
ord517
_adj_fprem1
__vbaRecAnsiToUni
ord519
__vbaCopyBytes
__vbaResume
__vbaStrCat
__vbaRecDestruct
__vbaSetSystemError
__vbaNameFile
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaLateMemSt
ord669
__vbaForEachCollObj
__vbaBoolStr
__vbaExitProc
__vbaFileCloseAll
ord595
__vbaCyAdd
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaBoolVar
__vbaForEachCollVar
ord523
__vbaBoolVarNull
_CIsin
ord709
ord631
__vbaErase
__vbaLateMemStAd
__vbaNextEachCollObj
ord525
__vbaVarZero
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
ord527
__vbaGenerateBoundsError
ord529
__vbaCyI2
__vbaStrCmp
__vbaVarTstEq
__vbaCyI4
__vbaNextEachCollVar
__vbaPrintObj
__vbaI2I4
DllFunctionCall
__vbaVarOr
__vbaVarLateMemSt
__vbaLbound
__vbaRedimPreserve
_adj_fpatan
__vbaR4Var
__vbaLateIdCallLd
__vbaRedim
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
ord600
_CIsqrt
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaUI1I4
__vbaFpCmpCy
__vbaVarMul
__vbaExceptHandler
ord712
__vbaPrintFile
__vbaStrToUnicode
ord606
_adj_fprem
_adj_fdivr_m64
__vbaI2Str
__vbaVarDiv
ord531
__vbaFPException
__vbaInStrVar
ord532
ord717
__vbaUbound
__vbaStrVarVal
__vbaVarCat
ord534
__vbaDateVar
ord536
__vbaI2Var
ord644
ord537
ord645
_CIlog
ord646
__vbaErrorOverflow
__vbaFileOpen
ord648
__vbaInStr
__vbaNew2
ord571
__vbaCyMulI2
_adj_fdiv_m32i
ord572
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
ord576
__vbaDerefAry1
_adj_fdivr_m32
__vbaPowerR8
ord577
_adj_fdiv_r
ord578
ord685
ord100
ord579
__vbaI4Var
__vbaAryLock
__vbaVarAdd
__vbaVarDup
__vbaStrToAnsi
__vbaFpI2
ord616
__vbaFpI4
__vbaVarCopy
__vbaVarLateMemCallLd
__vbaR8IntI2
__vbaLateMemCallLd
_CIatan
ord618
__vbaStrMove
__vbaCastObj
__vbaStrVarCopy
ord650
_allmul
__vbaLenVarB
__vbaLateIdSt
_CItan
ord546
__vbaAryUnlock
_CIexp
__vbaMidStmtBstr
ord580
__vbaFreeStr
__vbaFreeObj
ord581

Sections

.text
Size: 216KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ST6UNST.EXE
.exe windows:4 windows x86 arch:x86

2c2a74fe0776f6aac245ba9e8eeec7c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
ReadFile
LocalFree
SetFilePointer
LocalAlloc
GlobalDeleteAtom
Sleep
GlobalAddAtomA
GlobalFree
GlobalAlloc
IsDBCSLeadByte
GlobalLock
GlobalFindAtomA
CompareStringA
WideCharToMultiByte
WriteFile
CloseHandle
GetWindowsDirectoryA
OpenProcess
GetVersion
FreeLibrary
RemoveDirectoryA
GetLastError
DeleteFileA
FindFirstFileA
FindClose
lstrlenA
lstrcpyA
lstrcatA
lstrcmpA
lstrcpynA
MultiByteToWideChar
CreateProcessA
WaitForSingleObject
SetErrorMode
GetCurrentDirectoryA
OutputDebugStringA
LoadLibraryA
GetProcAddress
GetFileAttributesA
GlobalUnlock
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
IsBadCodePtr
FreeEnvironmentStringsW
FreeEnvironmentStringsA
lstrcmpiA
GetModuleFileNameA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
HeapAlloc
HeapFree
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetCurrentProcess
TerminateProcess
ExitProcess
SetCurrentDirectoryA
SetEnvironmentVariableA
RtlUnwind
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

PackDDElParam
SendMessageA
DispatchMessageA
DefWindowProcA
CharNextA
DestroyWindow
UnregisterClassA
CreateWindowExA
RegisterClassA
wsprintfA
UnpackDDElParam
LoadStringA
LoadIconA
LoadCursorA
MessageBoxA
wvsprintfA
TranslateMessage
GetMessageA
SetCursor
ShowCursor
SetDlgItemTextA
SetWindowLongA
EndDialog
GetDlgItem
SetFocus
DialogBoxParamA
UpdateWindow
SetWindowTextA
InvalidateRect
CharUpperA
CharPrevA
BeginPaint
GetClientRect
DrawTextA
SetRect
EndPaint
PostQuitMessage
GetSystemMenu
EnableMenuItem
CreateDialogParamA
GetWindowRect
GetSystemMetrics
SetWindowPos
ShowWindow
PostMessageA
PeekMessageA
FillRect
SetClassLongA

gdi32

CreateSolidBrush
SetROP2
Rectangle
SelectObject
SetTextColor
SetBkMode
GetStockObject
GetTextMetricsA
ExtTextOutA
CreateFontIndirectA
DeleteObject

advapi32

RegOpenKeyA
RegEnumValueA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyA

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

OleInitialize
OleUninitialize

oleaut32

LoadTypeLi

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Sysinfo.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

1982f39884ba6471cf2187fb256dc6d6

Code Sign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
lstrcpyA
LoadLibraryA
HeapReAlloc
lstrcmpA
GetLocaleInfoA
GetWindowsDirectoryA
lstrcatA
MultiByteToWideChar
GetModuleFileNameA
GetFileAttributesA
lstrlenA
lstrcpynA
InterlockedIncrement
InterlockedDecrement
GetVersionExA
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
GetProcessHeap
GetSystemPowerStatus
MulDiv
GetVersion
DisableThreadLibraryCalls

user32

ShowWindow
PtInRect
SetWindowRgn
EqualRect
EndDialog
GetKeyState
OffsetRect
IntersectRect
DestroyWindow
DestroyIcon
RegisterClassA
SetWindowPos
CharNextA
wsprintfA
UnregisterClassA
SetWindowLongA
GetWindowLongA
DefWindowProcA
GetDC
ReleaseDC
SystemParametersInfoA
DialogBoxParamA
SetParent
GetParent
IsWindowVisible
MoveWindow
EndPaint
BeginPaint
DrawEdge
LoadIconA
DrawIcon
GetClientRect
LoadCursorA
CreateWindowExA
GetSystemMetrics
LoadStringA
GetWindowRect
ClientToScreen
SetFocus
SendMessageA
GetActiveWindow

ole32

CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

LoadRegTypeLi
OleCreatePropertyFrame
SetErrorInfo
VariantClear
SysAllocStringLen
VariantChangeType
UnRegisterTypeLi
LoadTypeLi
LoadTypeLibEx
SysFreeString
SysAllocString
RegisterTypeLi
CreateErrorInfo

gdi32

SetMapMode
LPtoDP
GetWindowExtEx
SetViewportExtEx
DeleteDC
SetWindowOrgEx
SetViewportOrgEx
CreateDCA
GetDeviceCaps
CreateRectRgnIndirect
SetWindowExtEx
GetViewportExtEx

Exports

Exports

DLLGetDocumentation
DeviceNameFromID
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TABCTL32.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

e0cb36c66e5c120ef20ebc4f30366345

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:0e:7d:a7:00:00:00:00:00:48
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/10/2003, 05:59

Not After

25/01/2005, 06:09

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

07:16:79:f2:31:8b:3f:8a:bf:35:d8:e9:f0:71:c6:c1:69:48:39:b7
Signer

Actual PE Digest

07:16:79:f2:31:8b:3f:8a:bf:35:d8:e9:f0:71:c6:c1:69:48:39:b7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetStringTypeW
GetStringTypeA
VirtualAlloc
LCMapStringW
LCMapStringA
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
TerminateProcess
ExitProcess
RaiseException
GetOEMCP
GetACP
GetCPInfo
GetModuleHandleA
GetCommandLineA
lstrcpynA
GetFileAttributesA
GetVersion
DisableThreadLibraryCalls
FindResourceA
LoadResource
LockResource
GetLastError
InterlockedDecrement
InterlockedIncrement
GetProcAddress
GetLocaleInfoA
LoadLibraryA
GetWindowsDirectoryA
GetModuleFileNameA
MultiByteToWideChar
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
lstrcmpiA
lstrlenA
GlobalSize
IsDBCSLeadByte
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
HeapAlloc
lstrcpyA
EnterCriticalSection
GetProcessHeap
HeapReAlloc
lstrcmpA
InitializeCriticalSection
lstrcatA

user32

BeginPaint
GetClientRect
MoveWindow
IntersectRect
PtInRect
CreateWindowExA
SetWindowPos
SetFocus
SetWindowRgn
FillRect
CopyRect
DrawFocusRect
GetSysColor
IsWindowEnabled
GetWindowRect
GetWindowDC
DestroyWindow
GetWindowLongA
SetWindowLongA
CallWindowProcA
CharNextA
OffsetRect
SetRectEmpty
ShowWindow
IsDialogMessageA
ScreenToClient
GetClipboardFormatNameA
RegisterClipboardFormatA
MapWindowPoints
SetCursorPos
InvalidateRect
UnregisterClassA
ReleaseCapture
GetNextDlgTabItem
CreateDialogIndirectParamA
IsChild
SetParent
IsWindowVisible
WinHelpA
InflateRect
EndDialog
GetActiveWindow
DialogBoxParamA
GetCursorPos
IsIconic
GetParent
LockWindowUpdate
EqualRect
IsWindow
MessageBeep
MessageBoxA
GetDlgItemInt
GetDlgItemTextA
IsDlgButtonChecked
SendDlgItemMessageA
SetDlgItemTextA
SetDlgItemInt
CheckDlgButton
GetDlgItem
wsprintfA
GetKeyState
DefWindowProcA
SetCursor
PeekMessageA
SendMessageA
GetFocus
GetDC
ReleaseDC
SetRect
IsCharAlphaNumericA
VkKeyScanA
CreateAcceleratorTableA
EnableWindow
LoadCursorA
RegisterClassA
DestroyAcceleratorTable
LoadStringA
GetWindow
GetSystemMetrics
EndPaint
ClientToScreen

ole32

ReleaseStgMedium
DoDragDrop
RegisterDragDrop
RevokeDragDrop
CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
OleSaveToStream
OleLoadFromStream

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

SysAllocStringLen
OleCreatePropertyFrame
LoadTypeLi
SafeArrayCopy
SafeArrayRedim
SafeArrayGetElement
SafeArrayCreate
SafeArrayPutElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayDestroy
SafeArrayUnaccessData
VariantCopyInd
SafeArrayAccessData
LoadTypeLibEx
UnRegisterTypeLi
VariantCopy
CreateErrorInfo
SetErrorInfo
RegisterTypeLi
VariantInit
SysStringLen
VariantChangeType
GetErrorInfo
OleLoadPicture
OleTranslateColor
LoadRegTypeLi
SysAllocStringByteLen
SysStringByteLen
OleCreatePictureIndirect
OleCreateFontIndirect
VariantClear
SysFreeString
SysAllocString

gdi32

SetMapMode
GetWindowExtEx
GetViewportExtEx
LPtoDP
GetNearestColor
CreatePalette
GetBitmapBits
CreateDIBitmap
GetDIBits
CopyEnhMetaFileA
CopyMetaFileA
CreateDCA
SetWindowOrgEx
SetViewportOrgEx
SetWindowExtEx
SetViewportExtEx
GetDeviceCaps
DeleteDC
DeleteObject
StretchBlt
SelectObject
CreateBitmap
CreateCompatibleDC
RealizePalette
SelectPalette
GetOutlineTextMetricsA
BitBlt
CreateCompatibleBitmap
SetTextColor
SetBkColor
CreateRectRgn
CreateFontIndirectA
GetObjectA
SelectClipRgn
CombineRgn
CreatePolygonRgn
SetBkMode
CreatePen
TextOutA
GetTextColor
LineTo
MoveToEx
GetTextExtentPoint32A
GetCharWidthA
GetCurrentPositionEx
SetTextAlign
GetStockObject
CreateSolidBrush
OffsetRgn
SetBrushOrgEx
UnrealizeObject
GetPaletteEntries
CreateRectRgnIndirect
CreateICA

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tool.gif
.gif
VB6STKIT.DLL
.dll windows:4 windows x86 arch:x86

9f4b76d42cbc350286ec870347345155

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

TranslateMessage
CharNextA
wsprintfA
CharPrevA
LoadStringA
PeekMessageA
MessageBoxA
DispatchMessageA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

ole32

CoCreateInstance
StringFromGUID2
OleInitialize
OleUninitialize

oleaut32

RegisterTypeLi
LoadTypeLi

kernel32

GetFileAttributesA
CompareStringW
GetStringTypeW
DeleteFileA
GetStringTypeA
GetLocaleInfoA
GetTimeZoneInformation
LCMapStringW
GetEnvironmentStringsW
LCMapStringA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetEnvironmentStrings
GetACP
GetCPInfo
HeapReAlloc
GetLocaleInfoW
FlushFileBuffers
SetEnvironmentVariableA
GetOEMCP
GetVersion
GetLastError
lstrcatA
lstrcpyA
lstrcmpiA
lstrlenA
CopyFileA
OpenFile
Sleep
lstrcpynA
WriteFile
CloseHandle
SetFilePointer
CreateFileA
FreeLibrary
GetProcAddress
LoadLibraryA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetErrorMode
LocalFree
LocalUnlock
LocalLock
LocalAlloc
SetFileTime
GetFileTime
GetWindowsDirectoryA
MultiByteToWideChar
CompareStringA
WideCharToMultiByte
GetModuleFileNameA
VirtualAlloc
HeapCreate
VirtualFree
TlsSetValue
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
FindClose
FindFirstFileA
GetFileType
SetFileAttributesA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
HeapFree
ReadFile
GetCommandLineA
GetCurrentThreadId
DeleteCriticalSection
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetEndOfFile
SetHandleCount
GetStdHandle
GetStartupInfoA
GetFullPathNameA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
SetStdHandle
InterlockedDecrement
InterlockedIncrement
HeapDestroy

Exports

Exports

AbortAction
AddActionNote
ChangeActionKey
CommitAction
DLLSelfRegister
DisableLogging
EnableLogging
ExtractFileFromCab
GetClsidFromActXFile
LogConfig
LogError
LogNote
LogWarning
NewAction
RegisterTLB
SyncShell
_SetTime@8
fCreateShellLink
fRemoveShellLink
fWithinAction

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
comdlg32.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

988f29c1eb8054253091352741683c76

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:0e:7d:a7:00:00:00:00:00:48
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/10/2003, 05:59

Not After

25/01/2005, 06:09

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:04:be:c7:7e:04:0a:8e:9c:44:86:a8:95:a7:50:5e:ca:0f:22:ec
Signer

Actual PE Digest

30:04:be:c7:7e:04:0a:8e:9c:44:86:a8:95:a7:50:5e:ca:0f:22:ec

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

HeapReAlloc
GetLastError
LockResource
GetWindowsDirectoryA
InterlockedDecrement
InterlockedIncrement
IsDBCSLeadByte
CompareStringA
CompareStringW
lstrcmpA
GetLocaleInfoA
GetVersion
GetModuleFileNameA
GetFileAttributesA
IsBadWritePtr
DisableThreadLibraryCalls
GlobalAlloc
lstrcmpiA
LoadLibraryA
GetProcAddress
lstrcatA
lstrlenA
lstrcpyA
WriteProfileStringA
GlobalLock
GlobalUnlock
LoadResource
FindResourceA
lstrcpynA
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
HeapAlloc
GetProfileStringA
EnterCriticalSection
GetProcessHeap
GetCurrentThreadId
MultiByteToWideChar
InitializeCriticalSection
GlobalFree

user32

SetWindowRgn
IntersectRect
EqualRect
PtInRect
IsDialogMessageA
IsChild
GetKeyState
CreateDialogIndirectParamA
MessageBeep
PostMessageA
ClientToScreen
wsprintfA
SendMessageTimeoutA
CharNextA
GetActiveWindow
GetWindowThreadProcessId
LoadCursorA
MessageBoxA
GetWindowLongA
GetWindowRect
CreateWindowExA
SetWindowLongA
ShowWindow
DialogBoxParamA
EnableWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
OffsetRect
GetParent
GetDlgItem
SendMessageA
SetFocus
SetParent
SetDlgItemInt
EndPaint
SetActiveWindow
IsWindowVisible
WinHelpA
GetDlgItemInt
EndDialog
GetDlgItemTextA
DestroyWindow
SetDlgItemTextA
GetWindowTextA
GetNextDlgTabItem
SendDlgItemMessageA
RegisterClassA
GetDC
ReleaseDC
LoadIconA
DrawIcon
DestroyIcon
GetSystemMetrics
RegisterWindowMessageA
LoadStringA
DefWindowProcA
UnregisterClassA
GetClientRect
BeginPaint
RegisterClipboardFormatA
SetWindowPos
MoveWindow

ole32

CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
ReleaseStgMedium

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

LoadRegTypeLi
OleCreatePropertyFrame
SetErrorInfo
UnRegisterTypeLi
LoadTypeLi
LoadTypeLibEx
OleLoadPicture
VariantChangeType
RegisterTypeLi
VariantInit
GetErrorInfo
VariantClear
SysStringLen
SysAllocStringLen
OleTranslateColor
SysFreeString
SysAllocString
CreateErrorInfo

comdlg32

CommDlgExtendedError
PrintDlgA
ChooseFontA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameA

gdi32

GetDIBits
CreateCompatibleDC
CreateBitmap
GetSystemPaletteEntries
StretchDIBits
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetMapMode
LPtoDP
SetViewportExtEx
GetViewportExtEx
CreateRectRgnIndirect
GetWindowExtEx
CreateDCA
GetObjectA
EnumFontFamiliesA
DeleteDC
DeleteObject
GetDeviceCaps
SelectObject

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dssupp.dll
.dll regsvr32 windows:4 windows x86 arch:x86

f11747e154a7aa3d697e6a30900f5b5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm50

ord690
ord691
_CIcos
_adj_fptan
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaStrVarMove
__vbaLenBstr
__vbaAptOffset
__vbaFreeVarList
_adj_fdiv_m64
__vbaNextEachVar
__vbaFreeObjList
_adj_fprem1
ord518
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaExitProc
__vbaOnError
__vbaObjSet
ord595
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
ord632
__vbaChkstk
ord526
EVENT_SINK_AddRef
__vbaStrCmp
__vbaVarTstEq
__vbaVarLikeVar
__vbaObjVar
__vbaI2I4
DllFunctionCall
ord563
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaStrVarVal
__vbaVarCat
_CIlog
__vbaErrorOverflow
__vbaNew2
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaVarSetObj
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord101
ord102
ord103
ord689
ord104
ord105
__vbaVarDup
__vbaStrToAnsi
__vbaLateMemCallLd
ord617
_CIatan
__vbaStrMove
__vbaForEachVar
_allmul
_CItan
__vbaAryUnlock
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
license.txt
scrrun.dll
.dll regsvr32 windows:5 windows x86 arch:x86

bca884b4afc80c860d8f651c1327bfa9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord823
ord825

msvcrt

__dllonexit
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_wcsnicmp
towlower
_itow
_wcsicmp
towupper
iswalpha
_mbctolower
_itoa
_mbctoupper
_ismbblead
_mbsdec
_mbsnbicmp
_mbsicmp
_mbsnbcpy
isalpha
strncpy
srand
rand
wcscpy
wcsncpy
__CxxFrameHandler
_purecall
wcscmp
sprintf
_vsnprintf
memmove
wcslen
malloc
free
?terminate@@YAXXZ
_except_handler3
_onexit

oleaut32

VarDecFromI4
VariantCopy
SysFreeString
SysAllocStringLen
UnRegisterTypeLi
SysStringLen
LoadRegTypeLi
VariantClear
LHashValOfNameSys
LHashValOfNameSysA
VarCyFromR8
VariantChangeTypeEx
SysAllocString
LoadTypeLi
SysReAllocStringLen
VarCyFromI4
SafeArrayUnlock
VarR4FromDec
VarCyFromR4
VarR4FromCy
SafeArrayDestroy
SafeArrayCreate
SafeArrayLock
LoadTypeLibEx

ole32

StringFromCLSID
StringFromGUID2
CoGetMalloc
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoTaskMemFree

advapi32

RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyA
RegQueryValueA
RegSetValueA
RegSetValueExA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyA
RegCloseKey
IsTextUnicode

kernel32

CreateDirectoryW
MoveFileW
RemoveDirectoryW
GetShortPathNameW
lstrcpyW
GetFullPathNameW
lstrcatW
FindNextFileW
GetSystemDirectoryW
GetWindowsDirectoryW
GetTempPathW
CopyFileW
DeleteFileW
GetFileAttributesW
CreateDirectoryA
MoveFileA
RemoveDirectoryA
GetShortPathNameA
GetFullPathNameA
lstrcatA
FindNextFileA
GetSystemDirectoryA
GetWindowsDirectoryA
GetTempPathA
CopyFileA
DeleteFileA
GetFileAttributesA
GetStdHandle
InterlockedDecrement
InterlockedIncrement
QueryPerformanceCounter
SetFileAttributesA
GetUserDefaultLCID
GetVersion
GetLocaleInfoA
lstrcpyA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetVersionExA
LoadLibraryA
GetProcAddress
GetTickCount
GetFileType
GetFileInformationByHandle
SetFilePointer
WriteConsoleW
WriteFile
PeekNamedPipe
ReadFile
CloseHandle
CreateFileW
CreateFileA
FindFirstFileW
FindFirstFileA
FindClose
GetLogicalDrives
SetVolumeLabelW
SetVolumeLabelA
SetErrorMode
GetVolumeInformationW
GetVolumeInformationA
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
GetDiskFreeSpaceA
SetFileAttributesW
InitializeCriticalSection
LCMapStringW
MultiByteToWideChar
LCMapStringA
WideCharToMultiByte
SetLastError
CompareStringW
CompareStringA
GetDriveTypeW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetDriveTypeA
GetDiskFreeSpaceW

user32

CharNextA
wsprintfA
LoadStringA

version

GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
DoOpenPipeStream

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
usersmanual.pdf
.pdf
- http://www.DigitSoft.dk
- http://......you
- http://www.digitsoft.dk
- http://Synchronize.you
- http://toleft.you
- http://view.you
- http://RegardsDigitSoft.dk
- http://digitsoft.dk
setup/SETUP.LST
setup/StartupTips.txt
setup/setup.exe
.exe windows:4 windows x86 arch:x86

4159a9ccafdc9e418bec02d791aa5942

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetTextColor
GetStockObject
CreateFontIndirectA
DeleteObject
GetDeviceCaps
SetBkColor
SelectObject
GetTextMetricsA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc

user32

CreateWindowExA
GetWindowLongA
UpdateWindow
DefWindowProcA
DispatchMessageA
MessageBoxA
CharNextA
PackDDElParam
PeekMessageA
PostMessageA
UnregisterClassA
DestroyWindow
SendMessageA
BeginPaint
CharPrevA
DrawTextA
GetClientRect
SetWindowTextA
PostQuitMessage
OffsetRect
EndPaint
ShowCursor
FindWindowA
IsWindow
MoveWindow
GetDC
GetSystemMetrics
GetMessageA
ReleaseDC
ShowWindow
SetFocus
TranslateMessage
BringWindowToTop
LoadIconA
wvsprintfA
LoadCursorA
ExitWindowsEx
LoadStringA
InvalidateRect
UnpackDDElParam
CharUpperA
wsprintfA
RegisterClassA

comdlg32

GetOpenFileNameA

advapi32

RegEnumKeyExA
SetFileSecurityA
RegCreateKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
GetFileSecurityA
RegCloseKey
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
OpenProcessToken
RegOpenKeyExA

ole32

CoUninitialize
OleInitialize
OleUninitialize
CoCreateInstance
CoInitialize

oleaut32

LoadTypeLi
SysAllocStringLen
VariantChangeTypeEx
VariantClear
VariantTimeToDosDateTime
RegisterTypeLi

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerInstallFileA

kernel32

OpenFile
GlobalFree
GlobalAlloc
SetFilePointer
GetACP
CreateFileA
LCMapStringW
LCMapStringA
GetCPInfo
VirtualAlloc
VirtualFree
GetCurrentProcessId
HeapDestroy
SetStdHandle
HeapCreate
SetHandleCount
SetEndOfFile
GetStdHandle
GetStartupInfoA
GetCommandLineA
GetLocalTime
GetSystemTime
GetCurrentDirectoryA
HeapFree
HeapAlloc
GetTimeZoneInformation
ExitProcess
FileTimeToLocalFileTime
TerminateProcess
GetFileType
FileTimeToSystemTime
GetFileAttributesA
GetVersionExA
GetVersion
HeapReAlloc
LocalFree
LocalAlloc
GetSystemDirectoryA
DosDateTimeToFileTime
GetWindowsDirectoryA
SetFileTime
GetModuleHandleA
LocalFileTimeToFileTime
SetErrorMode
LoadLibraryA
GetDriveTypeA
GetProcAddress
FreeLibrary
FlushFileBuffers
SetEnvironmentVariableA
CompareStringW
GetStringTypeW
GetStringTypeA
RtlUnwind
GetEnvironmentStringsW
GlobalAddAtomA
_lwrite
GlobalDeleteAtom
_lclose
GetFileSize
GetPrivateProfileStringA
LocalLock
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
lstrcatA
lstrcpyA
lstrlenA
lstrcmpiA
SetFileAttributesA
CopyFileA
GetModuleFileNameA
FindClose
Sleep
IsDBCSLeadByte
WriteFile
CloseHandle
FindFirstFileA
_lread
CreateProcessA
LocalUnlock
DeleteFileA
MoveFileA
GetExitCodeProcess
GetFullPathNameA
lstrcpynA
GlobalUnlock
GlobalLock
GlobalFindAtomA
GetShortPathNameA
MoveFileExA
MultiByteToWideChar
WideCharToMultiByte
CompareStringA
ReadFile
GetTempFileNameA
RemoveDirectoryA
GetLastError
CreateDirectoryA
GetTempPathA
GetCurrentProcess

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
安装说明.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

Size: - Virtual size: 108KB

Size: 28KB - Virtual size: 28KB

b56898a52ce8d45728686634959b35aa

Headers

File Characteristics

Imports

msvbvm50

Sections

.text Size: 4.2MB - Virtual size: 4.2MB

.data Size: 512B - Virtual size: 97KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 299KB - Virtual size: 298KB

505d900d1db77b496cef085f828baf74

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 20KB - Virtual size: 328KB

.rsrc Size: 4KB - Virtual size: 768B

.reloc Size: 12KB - Virtual size: 8KB

f86ff6c8f7902d8036b89a6690ff96eb

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

oleaut32

comdlg32

gdi32

Exports

Exports

Sections

.text Size: 589KB - Virtual size: 588KB

.rdata Size: 51KB - Virtual size: 51KB

.data Size: 22KB - Virtual size: 34KB

.idata Size: 7KB - Virtual size: 6KB

.rsrc Size: 223KB - Virtual size: 222KB

.reloc Size: 41KB - Virtual size: 40KB

71e4dc10f7cc0c7bb2b43714bb9f46c1

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88Certificate

Extended Key Usages

Key Usages

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6Certificate

Extended Key Usages

Key Usages

61:0e:7d:a7:00:00:00:00:00:48Certificate

Extended Key Usages

Key Usages

f3:8a:eb:ca:d3:84:50:9f:6f:92:6a:b6:cb:f7:e6:bb:9c:34:2a:93Signer

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

oleaut32

.text
Size: 4.2MB - Virtual size: 4.2MB

.data
Size: 512B - Virtual size: 97KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 299KB - Virtual size: 298KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 20KB - Virtual size: 328KB

.rsrc
Size: 4KB - Virtual size: 768B

.reloc
Size: 12KB - Virtual size: 8KB

.text
Size: 589KB - Virtual size: 588KB

.rdata
Size: 51KB - Virtual size: 51KB

.data
Size: 22KB - Virtual size: 34KB

.idata
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 223KB - Virtual size: 222KB

.reloc
Size: 41KB - Virtual size: 40KB

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

61:0e:7d:a7:00:00:00:00:00:48
Certificate

f3:8a:eb:ca:d3:84:50:9f:6f:92:6a:b6:cb:f7:e6:bb:9c:34:2a:93
Signer

.text
Size: 468KB - Virtual size: 466KB

.data
Size: 28KB - Virtual size: 25KB

.rsrc
Size: 112KB - Virtual size: 111KB

.reloc
Size: 24KB - Virtual size: 23KB

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

6a:0b:99:4f:c0:00:0c:ab:11:d8:22:ef:7d:6c:79:7e
Certificate

61:05:87:58:00:03:00:00:00:5a
Certificate

d3:33:87:9d:a3:7d:db:aa:b4:12:4a:ae:67:2b:01:a6:0b:07:8a:fd
Signer

.text
Size: 690KB - Virtual size: 690KB

.data
Size: 29KB - Virtual size: 29KB

.rsrc
Size: 279KB - Virtual size: 279KB

.reloc
Size: 38KB - Virtual size: 38KB

.text
Size: 59KB - Virtual size: 58KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 27KB - Virtual size: 26KB

.reloc
Size: 5KB - Virtual size: 4KB

.text
Size: 192KB - Virtual size: 188KB