4a02021bc0453b938db06f40e29d37a3

Sharing

Copy URL Twitter E-mail

General

Target

4a02021bc0453b938db06f40e29d37a3
Size

1.6MB
MD5

4a02021bc0453b938db06f40e29d37a3
SHA1

1a99aef88cf0cd5cd478894913e1b410cec729ce
SHA256

8a50bdcdc2f0d23b3840b8a1f633882642b90ff72e55e7254088ceb962c07624
SHA512

d046ccba34572104c09346086020cf59ca29c2797229be83ef2d8989fea32c719ee1586992a80bd09e81c369b009f1c5a75d11b1741b69593ee3b3e3fab6225d
SSDEEP

24576:b4chYEqe7l3yCoroucn0vI3uL51q3v0cX6IAig6PFz+CrFn3gyG025xyLdcY:b4GL5ZyCkodiR5U3vdNh+m37GTkb

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/PlugIns/ExtOverlay.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/PlugIns/ExtOverlay.dll	upx

Unsigned PE 44 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Cadt.dll
unpack001/HEdit32.dll
unpack001/NDump.dll
unpack001/PESniffer.dll
unpack001/PETools.exe
unpack001/PSAPI.DLL
unpack001/PTAgent.exe
unpack001/PlugIns/ExtOverlay.dll
unpack002/out.upx
unpack001/PlugIns/PE ToolTips_v 1.5.700.2005 RC6.dll
unpack001/PlugIns/PE2HTML.dll
unpack001/PlugIns/PackUPX.dll
unpack001/PlugIns/PlgLdr.dll
unpack001/PlugIns/RESVIEW.DLL
unpack001/PlugIns/RelocRebuilder.dll
unpack001/PlugIns/UnPeX.dll
unpack001/PlugIns/XNResourceEditor_Plugin.DLL
unpack001/PlugIns/uupx.dll
unpack001/PlugIns/xDump.dli
unpack001/PlugIns/xDump.sys
unpack001/PlugIns/xdump.dll
unpack001/Procs32.dll
unpack001/RebPE32.dll
unpack001/SDK/PTDS/Examples/LOGTester.exe
unpack001/SDK/PTDS/Examples/PTDS_Ex1.exe
unpack001/SDK/PTDS/Examples/PTDS_Ex2.exe
unpack001/SDK/PTDS/Examples/PTDS_Ex3.exe
unpack001/SDK/Procs32/Examples/Procs32.dll
unpack001/SDK/Procs32/Examples/Procs_Ex1.exe
unpack001/SDK/Procs32/Examples/Procs_Ex2.exe
unpack001/SDK/Procs32/Examples/Procs_Ex3.exe
unpack001/SDK/Procs32/Procs32.dll
unpack001/SDK/Procs32_DLL/Examples/PSAPI.DLL
unpack001/SDK/Procs32_DLL/Examples/Procs32.dll
unpack001/SDK/Procs32_DLL/Examples/Procs_Ex1.exe
unpack001/SDK/Procs32_DLL/Examples/Procs_Ex2.exe
unpack001/SDK/Procs32_DLL/Examples/Procs_Ex3.exe
unpack001/SDK/Procs32_DLL/Include/Procs32.dll
unpack001/SDK/Procs32_DLL/PSAPI.DLL
unpack001/SDK/Procs32_DLL/Procs32.dll
unpack001/SignMan.exe
unpack001/UUpdateSystem.dll
unpack001/rtl70.bpl
unpack001/vcl70.bpl

Files

4a02021bc0453b938db06f40e29d37a3
.rar
Cadt.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GetCadtVersion
InstrDasm
InstrDecode
MakeMnemonic

Sections

CODE
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 834B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 139B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
File_id.diz
HEdit32.dll
.dll windows:4 windows x86 arch:x86

3c8fc820c0cbaa6732c2b1fbb4542189

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

UnmapViewOfFile
FlushViewOfFile
FlushFileBuffers
SetEndOfFile
SetFilePointer
MultiByteToWideChar
WideCharToMultiByte
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
CreateFileA
VirtualAlloc
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
HeapSize
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
RtlUnwind
GetFileSize
CreateFileMappingA
MapViewOfFile
lstrlenA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
lstrcatA
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
GetModuleHandleA
MulDiv
lstrcpyA
DisableThreadLibraryCalls
CloseHandle
IsBadWritePtr
lstrcpynA

user32

GetScrollInfo
InvalidateRect
SystemParametersInfoA
DialogBoxParamA
CheckRadioButton
SendDlgItemMessageA
IsDlgButtonChecked
GetDlgItemTextA
EnableMenuItem
SetWindowTextA
wvsprintfA
SetDlgItemTextA
GetWindowTextLengthA
SetClipboardData
EmptyClipboard
IsClipboardFormatAvailable
GetAsyncKeyState
IsZoomed
IsIconic
SetCursor
SetScrollInfo
SetScrollPos
GetKeyState
PostMessageA
ShowCaret
HideCaret
DestroyCaret
CreateCaret
BeginPaint
FillRect
wsprintfA
EndPaint
CreatePopupMenu
AppendMenuA
LoadIconA
GetSystemMetrics
IsWindow
MessageBoxA
IsWindowEnabled
EnableWindow
LoadBitmapA
LoadAcceleratorsA
ShowWindow
UpdateWindow
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
PostQuitMessage
GetWindowRect
MoveWindow
GetClientRect
DestroyWindow
CreateWindowExA
LoadCursorA
RegisterClassExA
CheckDlgButton
GetDlgItem
SetFocus
EndDialog
DefWindowProcA
IsMenu
GetCursorPos
SetForegroundWindow
TrackPopupMenu
GetDC
RegisterClipboardFormatA
ReleaseDC
OpenClipboard
EnumClipboardFormats
GetClipboardData
CloseClipboard
CharUpperA
GetClassInfoA
CallWindowProcA
GetDlgCtrlID
GetParent
SendMessageA
SetWindowLongA
SetCaretPos

gdi32

SetTextColor
SetBkColor
TextOutA
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
DeleteDC
DeleteObject
GetDeviceCaps
CreateFontIndirectA
CreateSolidBrush
GetTextMetricsA
SelectObject

comctl32

CreateToolbarEx
ImageList_Create
ImageList_AddMasked
ord6
ImageList_Destroy
InitCommonControlsEx

Exports

Exports

HESetInternalOptions
HEShowWindow

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
License.txt
NDump.dll
.dll windows:4 windows x86 arch:x86

30a2a6798b8ea7234831e99b4edff45b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
IsBadWritePtr
VirtualQueryEx
CloseHandle
ReadProcessMemory
GetLastError
OpenProcess
RtlUnwind

Exports

Exports

DumpProcess

Sections

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PESniffer.dll
.dll windows:4 windows x86 arch:x86

2b2b794f13fd8c667d8ca834996748b2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
lstrcpyA
HeapFree
HeapAlloc
GetProcessHeap
lstrcatA
GetModuleFileNameA
lstrlenA
CloseHandle
lstrcpynA
ReadFile
CreateFileA
MapViewOfFile
CreateFileMappingA
GetFileSize
UnmapViewOfFile
FlushViewOfFile
IsBadReadPtr
HeapReAlloc
LCMapStringA
GetStringTypeW
RtlUnwind
GetCommandLineA
GetVersion
GetProcAddress
GetModuleHandleA
ExitProcess
TerminateProcess
GetCurrentProcess
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
LCMapStringW

user32

CharUpperA

Exports

Exports

AnalyzeFile
GetTotalSignatures
IsDataBaseLoaded

Sections

.data
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PETools.exe
.exe windows:4 windows x86 arch:x86

8948c0ad87dbb24f3f021f02c9bc6335

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateToolbarEx
ImageList_Remove
ord6
ImageList_ReplaceIcon
InitCommonControlsEx
ord17
ImageList_Destroy
ImageList_Create
ImageList_SetBkColor

kernel32

lstrcatA
HeapAlloc
GetProcessHeap
HeapFree
ExitThread
Sleep
CreateThread
VirtualAlloc
VirtualFree
GetProcAddress
OpenProcess
IsBadStringPtrA
IsBadReadPtr
lstrcmpA
VirtualQuery
SetFilePointer
GetModuleFileNameA
GetSystemInfo
GetFileTime
GetFileSize
FileTimeToDosDateTime
FileTimeToLocalFileTime
GlobalMemoryStatus
GetSystemTimeAsFileTime
GlobalReAlloc
FlushFileBuffers
DeviceIoControl
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
FlushViewOfFile
SetEndOfFile
LocalFree
SetProcessShutdownParameters
ExitProcess
DeleteFileA
GetLocalTime
SetCurrentDirectoryA
WriteProcessMemory
GetLastError
GetCurrentProcess
SetPriorityClass
TerminateThread
LocalAlloc
SetFileAttributesA
CopyFileA
FileTimeToSystemTime
FindNextFileA
LoadLibraryA
FreeLibrary
HeapReAlloc
VirtualQueryEx
WritePrivateProfileStructA
GetPrivateProfileStructA
WideCharToMultiByte
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadWritePtr
SetUnhandledExceptionFilter
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
HeapSize
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetCommandLineA
GetStartupInfoA
RtlUnwind
lstrcmpiA
GetModuleHandleA
CreateFileA
WriteFile
CloseHandle
CreateProcessA
VirtualProtectEx
GetCurrentDirectoryA
ReadProcessMemory
OutputDebugStringA
ResumeThread
TerminateProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetTempPathA
GetTickCount
GetTempFileNameA
ReadFile
FindFirstFileA
FindClose
GetFileAttributesA
lstrcpynA
lstrcpyA
lstrlenA
GetVersion
GetPriorityClass

user32

GetWindowLongA
wvsprintfA
SetWindowPos
FindWindowA
RedrawWindow
GetWindowTextA
EnableWindow
GetSystemMetrics
IsWindow
CheckRadioButton
UnregisterClassA
SetCursor
GetSysColorBrush
DialogBoxParamA
DestroyAcceleratorTable
DispatchMessageA
TranslateMessage
LoadIconA
EmptyClipboard
SetClipboardData
SetFocus
CharUpperA
OpenClipboard
IsDialogMessageA
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
RemoveMenu
InvalidateRect
ChildWindowFromPoint
PostMessageA
DestroyCursor
CreateDialogParamA
GetWindowRect
IsMenu
GetSubMenu
SetDlgItemInt
GetWindowPlacement
CharLowerBuffA
EnableMenuItem
CheckMenuRadioItem
GetSysColor
KillTimer
DestroyIcon
DestroyWindow
PostQuitMessage
GetClientRect
MoveWindow
GetSystemMenu
SetTimer
SetWindowPlacement
InsertMenuItemA
GetMenu
CheckMenuItem
SetMenuItemInfoA
SetActiveWindow
DefDlgProcA
RegisterClassA
EndDialog
SetDlgItemTextA
EnumClipboardFormats
GetClipboardData
CloseClipboard
GetClassInfoA
CallWindowProcA
SetWindowLongA
IsDlgButtonChecked
SetWindowTextA
CheckDlgButton
GetActiveWindow
MessageBoxA
wsprintfA
GetDlgItemTextA
SendMessageA
GetCursorPos
TrackPopupMenu
ClientToScreen
DestroyMenu
CreatePopupMenu
AppendMenuA
SendDlgItemMessageA
GetDlgItem
LoadCursorA

gdi32

GetObjectA
GetStockObject
DeleteObject
SetBkMode
SetTextColor
CreateFontIndirectA
SelectObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegCreateKeyA
RegSetValueA
GetUserNameA
RegCloseKey
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegQueryValueExA
RegDeleteKeyA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetFileInfoA
DragAcceptFiles
DragQueryFileA
DragFinish
ShellExecuteA

imagehlp

BindImageEx
CheckSumMappedFile
ImageRvaToSection
ImageNtHeader
ImageRvaToVa

pesniffer

IsDataBaseLoaded
GetTotalSignatures
AnalyzeFile

cadt

InstrDecode
InstrDasm
MakeMnemonic
GetCadtVersion

ndump

DumpProcess

rebpe32

ResizeFile
DumpFixer32
ValidateDump32
RebuildPE
ValidatePE
ReBasePEImage
WipeReloc
DumpFix
RebuildResourceDirectoryMemory32
GetRealNumberOfSections
GetRealNumberOfSections64
DumpFixer64

procs32

GetModuleHandleEx
GetModuleFirst
GetProcessFirst
GetModuleNext
GetProcessBaseSize
GetProcessPath
GetModuleImageSize
IsProcessRunned
GetNumberOfProcesses
GetNumberOfModules
GetProcessNext

uupdatesystem

ShowUpdateDialog

hedit32

HESetInternalOptions
HEShowWindow

Sections

.data
Size: 237KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PSAPI.DLL
.dll windows:5 windows x86 arch:x86

264476cbdcf6020ccd69c92bbd24050f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ntdll

_stricmp
RtlUnwind
sprintf
atoi
NtStopProfile
RtlUnicodeToOemN
_chkstk
DbgPrint
NtCreateProfile
RtlMultiByteToUnicodeN
NtAllocateVirtualMemory
RtlAdjustPrivilege
NtSetIntervalProfile
NtStartProfile
NtQueryInformationProcess
NtWriteFile
NtSetInformationProcess
RtlNtStatusToDosError
NtQueryVirtualMemory
NtQuerySystemInformation

kernel32

LocalAlloc
MultiByteToWideChar
GetLastError
RaiseException
LoadLibraryA
FreeLibrary
GetProcAddress
InterlockedExchange
OpenFileMappingA
MapViewOfFile
DisableThreadLibraryCalls
CreateFileA
UnmapViewOfFile
GetProcessHeap
HeapAlloc
CloseHandle
lstrcpyA
GetProcessWorkingSetSize
lstrlenA
SetLastError
LocalFree
GetSystemInfo
ReadProcessMemory
WideCharToMultiByte
SetProcessWorkingSetSize

Exports

Exports

EmptyWorkingSet
EnumDeviceDrivers
EnumProcessModules
EnumProcesses
GetDeviceDriverBaseNameA
GetDeviceDriverBaseNameW
GetDeviceDriverFileNameA
GetDeviceDriverFileNameW
GetMappedFileNameA
GetMappedFileNameW
GetModuleBaseNameA
GetModuleBaseNameW
GetModuleFileNameExA
GetModuleFileNameExW
GetModuleInformation
GetProcessMemoryInfo
GetWsChanges
InitializeProcessForWsWatch
QueryWorkingSet

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PTAgent.exe
.exe windows:4 windows x86 arch:x86

728b0f725bdfd4d3181dfb41031ae46a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
GetModuleFileNameA
GetVersion
lstrlenA
lstrcatA
GetModuleHandleA

user32

SetMenuDefaultItem
DefWindowProcA
CheckMenuItem
PostQuitMessage
DestroyMenu
LoadIconA
CreatePopupMenu
TrackPopupMenuEx
GetCursorPos
LoadCursorA
RegisterClassA
CreateWindowExA
IsWindow
GetMessageA
DispatchMessageA
FindWindowA
SetForegroundWindow
AppendMenuA

advapi32

RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

Shell_NotifyIconA
ShellExecuteA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PackUPX.OPT
PlugIns/ExtOverlay.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
GetPTPluginName
LoadDll
StartPTPlugin

Sections

UPX0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 141B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PlugIns/PE ToolTips.ini
PlugIns/PE ToolTips_v 1.5.700.2005 RC6.dll
.dll windows:4 windows x86 arch:x86

6407b3739a14ce8507bf28d89e092309

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
MessageBoxIndirectA
PtInRect
GetParent
SendMessageA
SetWindowLongA
SetWindowsHookExA
UnhookWindowsHookEx
WindowFromPoint
GetMenuItemCount
GetClassNameA
GetActiveWindow
EnumChildWindows
DestroyWindow
CreateWindowExA
CheckMenuItem
CallWindowProcA
CallNextHookEx
RemoveMenu
wsprintfA

kernel32

lstrcatA
WritePrivateProfileStructA
VirtualFree
VirtualAlloc
GetPrivateProfileStructA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleFileNameA
GetFileAttributesA
lstrcmpiA

Exports

Exports

GetPTPluginName
StartPTPlugin

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PlugIns/PE2HTML.dll
.dll windows:4 windows x86 arch:x86

0fe9fc740a71cc0e21fb2aeb0606bfde

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ShowWindow
SetDlgItemTextA
MessageBoxA
wsprintfA
SendMessageA

kernel32

SetFilePointer
SetFileAttributesA
CloseHandle
CreateFileA
GetCurrentDirectoryA
RtlZeroMemory
UnmapViewOfFile
lstrcatA
lstrcpyA
lstrcpynA
lstrlenA
FindFirstFileA
FindClose
WriteFile
SetEndOfFile
CopyFileA
CreateFileMappingA
GlobalAddAtomA
GlobalAlloc
GlobalFree
MapViewOfFile

comdlg32

GetOpenFileNameA
GetSaveFileNameA

Exports

Exports

DoMyJob
GetPTPluginName
LoadDll
StartPTPlugin

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PlugIns/PackUPX.dll
.dll windows:4 windows x86 arch:x86

6e6d9f5d16fd7b203829bb9be3d442ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

rtl70.bpl

@System@initialization$qqrv

user32

keybd_event

vcl70.bpl

@Graphics@initialization$qqrv

shell32

DragQueryPoint

Exports

Exports

DoMyJob
GetPTPluginName
LoadDll
StartPTPlugin

Sections

CODE
Size: 162KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PlugIns/PlgLdr.dll
.dll windows:4 windows x86 arch:x86

b32ef6de36824c94b07dbadd3b22887d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SetWindowLongA
SetWindowTextA
ShowWindow
TrackPopupMenu
TranslateMessage
UpdateWindow
SendMessageA
SendDlgItemMessageA
RegisterClassExA
PostQuitMessage
SetMenu
MessageBoxA
LoadIconA
LoadCursorA
GetWindowTextA
GetWindowLongA
GetSystemMetrics
GetSystemMenu
GetMessageA
GetCursorPos
EndPaint
EndDialog
DispatchMessageA
SetForegroundWindow
SetFocus
MessageBoxIndirectA
SetDlgItemTextA
DestroyIcon
DefWindowProcA
GetDC
GetParent
GetSysColor
GetWindowRect
ReleaseDC
ScreenToClient
GetClientRect
CreateWindowExA
CreateMenu
BeginPaint
AppendMenuA
wsprintfA

kernel32

GetModuleFileNameA
lstrcpyA
lstrcatA
SetCurrentDirectoryA
LoadLibraryA
GetVersionExA
GetProcAddress
GetModuleHandleA
GetCurrentDirectoryA
FreeLibrary
FindNextFileA
FindFirstFileA
FindClose
ExitProcess

gdi32

CreatePen
DeleteObject
SelectObject
LineTo
MoveToEx
CreateFontA

shell32

DragQueryFileA
DragFinish
ShellExecuteA

comdlg32

GetOpenFileNameA

Exports

Exports

DoMyJob
GetPTPluginName
LoadDll
StartPTPlugin

Sections

.text
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 744B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PlugIns/RESVIEW.DLL
.dll windows:4 windows x86 arch:x86

bd51a645a9c68bd03b2e51586e5cbdcb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA

Sections

.text
Size: 26KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PlugIns/Readme.txt
PlugIns/RelocRebuilder.dll
.dll windows:4 windows x86 arch:x86

e52f56643e6da6cbdb1c93f0b70c77c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
DisableThreadLibraryCalls

user32

GetSystemMenu
DialogBoxParamA
SendDlgItemMessageA
wsprintfA
SendMessageA
SetDlgItemTextA
EndDialog
DeleteMenu

comdlg32

GetOpenFileNameA

msvcrt

fwrite
fread
??2@YAPAXI@Z
fclose
_adjust_fdiv
malloc
_fileno
_filelength
_initterm
_except_handler3
fopen
free

Exports

Exports

GetPTPluginName
StartPTPlugin

Sections

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 532B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 242B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PlugIns/RelocRebuilder_rus.txt
PlugIns/UnPeX.dll
.dll windows:4 windows x86 arch:x86

f80d9e3954ec21fcc58702ba282c39bb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
GetFileSize
GetModuleHandleA
GlobalAlloc
GlobalFree
ReadFile
WriteFile
CloseHandle

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

user32

MessageBoxA
wsprintfA

Exports

Exports

GetPTPluginName
StartPTPlugin

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PlugIns/XNResourceEditor_Plugin.DLL
.dll windows:4 windows x86 arch:x86

d8db0b791801ed624296ca19d27a7875

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CoTaskMemFree

comctl32

ImageList_SetIconSize

winspool.drv

OpenPrinterA

shell32

ShellExecuteA

urlmon

HlinkNavigateString

comdlg32

PrintDlgA

winmm

timeGetTime

hhctrl.ocx

ord14

imagehlp

CheckSumMappedFile

Exports

Exports

DoMyJob
GetPTPluginName
LoadDll
StartPTPlugin

Sections

CODE
Size: 486KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PlugIns/eXtreme dumper Readme.txt
PlugIns/uupx.dll
.dll windows:4 windows x86 arch:x86

084efa91d7cd1e56b376370bf02ad0e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsBadReadPtr
ReadFile
CreateFileA
WriteFile
lstrcmpA
SetFilePointer
GetFileSize
CloseHandle

user32

EnableWindow
GetDlgItem
GetDlgItemTextA
MessageBoxA
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetTimer
DialogBoxParamA
EndDialog

comdlg32

GetOpenFileNameA

Exports

Exports

GetPTPluginName
StartPTPlugin

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 707B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 394B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PlugIns/uupx_eng.txt
PlugIns/xDump.dli
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PlugIns/xDump.sys
.sys windows:5 windows x86 arch:x86

356b8faee15ab1aabe4265825fe5e2b3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExFreePoolWithTag
ExAllocatePoolWithTag
IoDeleteDevice
IoDeleteSymbolicLink
KeServiceDescriptorTable
PsSetCreateProcessNotifyRoutine
ObfDereferenceObject
ObReferenceObjectByHandle
KeUnstackDetachProcess
KeStackAttachProcess
IoFreeMdl
MmUnlockPages
MmIsAddressValid
MmProbeAndLockPages
MmMapLockedPagesSpecifyCache
MmBuildMdlForNonPagedPool
IoAllocateMdl
NtBuildNumber
MmUserProbeAddress
PsGetCurrentProcessId
IofCompleteRequest
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
_except_handler3

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384B - Virtual size: 286B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 768B - Virtual size: 724B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 256B - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PlugIns/xdump.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GetPTPluginName
StartPTPlugin

Sections

CODE
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Procs32.dll
.dll windows:4 windows x86 arch:x86

a0e5698bfc8710392dd376596124f73b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
GetVersion
GetProcAddress
LoadLibraryA
FreeLibrary
CloseHandle
lstrcpyA
OpenProcess
lstrcmpiA
ReadProcessMemory
SetFilePointer
ReadFile
CreateFileA
lstrcatA
lstrlenA
GetEnvironmentVariableA
HeapFree
HeapAlloc
GetProcessHeap
RtlUnwind

user32

CharLowerBuffA

Exports

Exports

GetModuleFirst
GetModuleHandleEx
GetModuleHandleList
GetModuleImageSize
GetModuleNext
GetNumberOfModules
GetNumberOfProcesses
GetProcessBaseSize
GetProcessFirst
GetProcessIDList
GetProcessNext
GetProcessPath
GetProcessPathID
IsProcessRunned

Sections

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 546B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Readme.txt
RebPE32.dll
.dll windows:4 windows x86 arch:x86

1ae8ba91037d53f982c0cdcd8c79b03b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileSize
CreateFileA
lstrcpyA
UnmapViewOfFile
FlushViewOfFile
FlushFileBuffers
SetEndOfFile
SetFilePointer
CreateFileMappingA
GlobalFree
GlobalAlloc
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcmpA
lstrcpynA
MapViewOfFile
CloseHandle
DisableThreadLibraryCalls
DeviceIoControl
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
LCMapStringA
LCMapStringW

imagehlp

ImageRvaToVa
ImageNtHeader
ImageRvaToSection

Exports

Exports

CalcRealHeaderSize
DumpFix
DumpFix64
DumpFixer32
DumpFixer64
GetRealNumberOfSections
GetRealNumberOfSections64
ReBasePEImage
RebuildPE
RebuildResourceDirectoryFile32
RebuildResourceDirectoryMemory32
ResizeFile
ValidateDump32
ValidatePE
WipeReloc

Sections

.data
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SDK/PTDS/Examples/Asm/LOGTester/Build.BAT
SDK/PTDS/Examples/Asm/LOGTester/LOGTester.asm
SDK/PTDS/Examples/C/PTDS_Ex1/PTDS_Ex1.cpp
SDK/PTDS/Examples/C/PTDS_Ex1/PTDS_Ex1.dsp
SDK/PTDS/Examples/C/PTDS_Ex1/PTDS_Ex1.dsw
SDK/PTDS/Examples/C/PTDS_Ex2/PTDS_Ex2.cpp
SDK/PTDS/Examples/C/PTDS_Ex2/PTDS_Ex2.dsp
SDK/PTDS/Examples/C/PTDS_Ex2/PTDS_Ex2.dsw
SDK/PTDS/Examples/C/PTDS_Ex3/PTDS_Ex3.cpp
SDK/PTDS/Examples/C/PTDS_Ex3/PTDS_Ex3.dsp
SDK/PTDS/Examples/C/PTDS_Ex3/PTDS_Ex3.dsw
SDK/PTDS/Examples/LOGTester.exe
.exe windows:4 windows x86 arch:x86

9e2d22be07551e26a2847d939d91ed68

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCurrentProcessId

user32

FindWindowA
MessageBoxA
SendMessageA

Sections

.text
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SDK/PTDS/Examples/PTDS_Ex1.exe
.exe windows:4 windows x86 arch:x86

b80afc016030d83e9f7518b4a4cff028

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GetModuleFileNameA

user32

SendMessageA
MessageBoxA
FindWindowA
wsprintfA

Sections

.data
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SDK/PTDS/Examples/PTDS_Ex2.exe
.exe windows:4 windows x86 arch:x86

65adcbe7dfd4aa79ea5d6aa0b3f96207

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
GetCurrentProcessId

user32

MessageBoxA
GetActiveWindow
wsprintfA
SendMessageA
FindWindowA

Sections

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SDK/PTDS/Examples/PTDS_Ex3.exe
.exe windows:4 windows x86 arch:x86

e167705ca194e678aff62346366d3785

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GetModuleHandleA

user32

SendMessageA
MessageBoxA
FindWindowA
GetActiveWindow

Sections

.data
Size: 1024B - Virtual size: 750B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SDK/PTDS/Include/PTDS.h
SDK/PTDS/Include/PTDS.inc
SDK/PTDS/Include/PTDS.pas
SDK/PTDS/Readme.txt
SDK/PlugIns/Examples/C++/PluginEx/PluginEx.cpp
SDK/PlugIns/Examples/C++/PluginEx/PluginEx.def
SDK/PlugIns/Examples/C++/PluginEx/PluginEx.dsp
SDK/PlugIns/Examples/C++/PluginEx/PluginEx.dsw
SDK/PlugIns/Examples/C++/PluginEx/PluginEx.h
SDK/PlugIns/Examples/Delphi/Hello Word/HelloWord.dpr
SDK/PlugIns/Examples/MASM32/Hello Word/Build.BAT
SDK/PlugIns/Examples/MASM32/Hello Word/HelloWord.asm
SDK/PlugIns/Examples/MASM32/Hello Word/HelloWord.def
SDK/PlugIns/Examples/MASM32/Hello Word/MakeFile
SDK/PlugIns/Readme.txt
SDK/Procs32/Examples/GetTaskList.BAT
SDK/Procs32/Examples/Procs32.dll
.dll windows:4 windows x86 arch:x86

1e8665c92ab206ad146e7dc71835be7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetProcAddress
LoadLibraryA
FreeLibrary
lstrcpyA
OpenProcess
CloseHandle
lstrcmpiA
ReadProcessMemory
DisableThreadLibraryCalls

msvcrt

malloc
??3@YAXPAX@Z
__CxxFrameHandler
free
_initterm
??2@YAPAXI@Z
_adjust_fdiv

Exports

Exports

GetModuleFirst
GetModuleHandleEx
GetModuleNext
GetNumberOfModules
GetNumberOfProcesses
GetProcessBaseSize
GetProcessFirst
GetProcessNext
GetProcessPath
GetProcessPathID

Sections

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SDK/Procs32/Examples/Procs_Ex1.exe
.exe windows:4 windows x86 arch:x86

50fed6d6e1684be34b853eee5d4079db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId

user32

wsprintfA
MessageBoxA

procs32

GetProcessBaseSize
GetProcessPath
GetNumberOfProcesses
GetNumberOfModules

Sections

.data
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SDK/Procs32/Examples/Procs_Ex1/Procs_Ex1.cpp
SDK/Procs32/Examples/Procs_Ex1/Procs_Ex1.dsp
SDK/Procs32/Examples/Procs_Ex1/Procs_Ex1.dsw
SDK/Procs32/Examples/Procs_Ex2.exe
.exe windows:4 windows x86 arch:x86

47907a48de50ca43692b56b74e589275

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges

user32

wsprintfA

procs32

GetProcessFirst
GetProcessNext
GetModuleFirst
GetModuleNext

msvcrt

??2@YAPAXI@Z
__CxxFrameHandler
_exit
_XcptFilter
exit
__p___initenv
??3@YAXPAX@Z
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

kernel32

GetCurrentProcess
GetLastError
CloseHandle
lstrlenA
_lwrite
GetVersion

Sections

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SDK/Procs32/Examples/Procs_Ex2/Procs_Ex2.cpp
SDK/Procs32/Examples/Procs_Ex2/Procs_Ex2.dsp
SDK/Procs32/Examples/Procs_Ex2/Procs_Ex2.dsw
SDK/Procs32/Examples/Procs_Ex3.exe
.exe windows:4 windows x86 arch:x86

15f38ab60be26f8b16476eb5e8f753ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetCurrentProcessId
GetModuleFileNameA
GetLastError
GetStartupInfoA
GetModuleHandleA
GetCurrentProcess
ExitProcess
GetVersion

user32

KillTimer
wsprintfA
SetDlgItemTextA
SetTimer
DestroyWindow
SendMessageA
DefDlgProcA
LoadCursorA
RegisterClassA
DialogBoxParamA

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

procs32

GetNumberOfModules
GetNumberOfProcesses
GetProcessPathID

msvcrt

__set_app_type
__p__fmode
__setusermatherr
_adjust_fdiv
_controlfp
_except_handler3
__p__commode
_XcptFilter
__getmainargs
_exit
_acmdln
exit
_initterm

Sections

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SDK/Procs32/Examples/Procs_Ex3/Procs_Ex3.cpp
SDK/Procs32/Examples/Procs_Ex3/Procs_Ex3.dsp
SDK/Procs32/Examples/Procs_Ex3/Procs_Ex3.dsw
SDK/Procs32/Examples/Procs_Ex3/Procs_Ex3.rc
SDK/Procs32/Examples/Procs_Ex3/resource.h
SDK/Procs32/Include/Procs32.h
SDK/Procs32/Library/Procs32.lib
SDK/Procs32/Procs32.dll
.dll windows:4 windows x86 arch:x86

1e8665c92ab206ad146e7dc71835be7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetProcAddress
LoadLibraryA
FreeLibrary
lstrcpyA
OpenProcess
CloseHandle
lstrcmpiA
ReadProcessMemory
DisableThreadLibraryCalls

msvcrt

malloc
??3@YAXPAX@Z
__CxxFrameHandler
free
_initterm
??2@YAPAXI@Z
_adjust_fdiv

Exports

Exports

GetModuleFirst
GetModuleHandleEx
GetModuleNext
GetNumberOfModules
GetNumberOfProcesses
GetProcessBaseSize
GetProcessFirst
GetProcessNext
GetProcessPath
GetProcessPathID

Sections

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SDK/Procs32/Readme.txt
SDK/Procs32_DLL/Examples/PSAPI.DLL
.dll windows:5 windows x86 arch:x86

264476cbdcf6020ccd69c92bbd24050f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ntdll

_stricmp
RtlUnwind
sprintf
atoi
NtStopProfile
RtlUnicodeToOemN
_chkstk
DbgPrint
NtCreateProfile
RtlMultiByteToUnicodeN
NtAllocateVirtualMemory
RtlAdjustPrivilege
NtSetIntervalProfile
NtStartProfile
NtQueryInformationProcess
NtWriteFile
NtSetInformationProcess
RtlNtStatusToDosError
NtQueryVirtualMemory
NtQuerySystemInformation

kernel32

LocalAlloc
MultiByteToWideChar
GetLastError
RaiseException
LoadLibraryA
FreeLibrary
GetProcAddress
InterlockedExchange
OpenFileMappingA
MapViewOfFile
DisableThreadLibraryCalls
CreateFileA
UnmapViewOfFile
GetProcessHeap
HeapAlloc
CloseHandle
lstrcpyA
GetProcessWorkingSetSize
lstrlenA
SetLastError
LocalFree
GetSystemInfo
ReadProcessMemory
WideCharToMultiByte
SetProcessWorkingSetSize

Exports

Exports

EmptyWorkingSet
EnumDeviceDrivers
EnumProcessModules
EnumProcesses
GetDeviceDriverBaseNameA
GetDeviceDriverBaseNameW
GetDeviceDriverFileNameA
GetDeviceDriverFileNameW
GetMappedFileNameA
GetMappedFileNameW
GetModuleBaseNameA
GetModuleBaseNameW
GetModuleFileNameExA
GetModuleFileNameExW
GetModuleInformation
GetProcessMemoryInfo
GetWsChanges
InitializeProcessForWsWatch
QueryWorkingSet

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SDK/Procs32_DLL/Examples/Procs32.dll
.dll windows:4 windows x86 arch:x86

7f03218c4caeede6b049d2c5670f881a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadProcessMemory
GetVersion
GetProcAddress
LoadLibraryA
FreeLibrary
CloseHandle
lstrcpyA
OpenProcess
lstrcmpiA
DisableThreadLibraryCalls
SetFilePointer
ReadFile
CreateFileA
HeapAlloc
GetProcessHeap
HeapFree
RtlUnwind

Exports

Exports

GetModuleFirst
GetModuleHandleEx
GetModuleHandleList
GetModuleImageSize
GetModuleNext
GetNumberOfModules
GetNumberOfProcesses
GetProcessBaseSize
GetProcessFirst
GetProcessIDList
GetProcessNext
GetProcessPath
GetProcessPathID
IsProcessRunned

Sections

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 518B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SDK/Procs32_DLL/Examples/Procs32.lib
SDK/Procs32_DLL/Examples/Procs_Ex1.exe
.exe windows:4 windows x86 arch:x86

50fed6d6e1684be34b853eee5d4079db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId

user32

wsprintfA
MessageBoxA

procs32

GetProcessBaseSize
GetProcessPath
GetNumberOfProcesses
GetNumberOfModules

Sections

.data
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SDK/Procs32_DLL/Examples/Procs_Ex1/Procs_Ex1.cpp
SDK/Procs32_DLL/Examples/Procs_Ex1/Procs_Ex1.dsp
SDK/Procs32_DLL/Examples/Procs_Ex1/Procs_Ex1.dsw
SDK/Procs32_DLL/Examples/Procs_Ex2.exe
.exe windows:4 windows x86 arch:x86

f3ece5987264318e41adca71f6476f77

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges

user32

wsprintfA

procs32

GetProcessFirst
GetModuleFirst
GetModuleNext
GetProcessNext

msvcrt

_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
_exit
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

kernel32

GetCurrentProcess
GetLastError
CloseHandle
lstrlenA
_lwrite
GetVersion

Sections

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SDK/Procs32_DLL/Examples/Procs_Ex2/Procs_Ex2.cpp
SDK/Procs32_DLL/Examples/Procs_Ex2/Procs_Ex2.dsp
SDK/Procs32_DLL/Examples/Procs_Ex2/Procs_Ex2.dsw
SDK/Procs32_DLL/Examples/Procs_Ex3.exe
.exe windows:4 windows x86 arch:x86

90674e0db9defc67454b116e11452a06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetCurrentProcessId
ExitProcess
GetLastError
GetStartupInfoA
GetModuleHandleA
GetCurrentProcess
GetModuleFileNameA
GetVersion

user32

SetTimer
KillTimer
SendMessageA
wsprintfA
SetDlgItemTextA
DestroyWindow
DefDlgProcA
LoadCursorA
RegisterClassA
DialogBoxParamA

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

procs32

GetNumberOfModules
GetNumberOfProcesses
GetProcessPathID

msvcrt

__set_app_type
__p__fmode
__setusermatherr
_adjust_fdiv
_controlfp
_except_handler3
__p__commode
_XcptFilter
__getmainargs
_exit
_acmdln
exit
_initterm

Sections

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SDK/Procs32_DLL/Examples/Procs_Ex3/Procs_Ex3.cpp
SDK/Procs32_DLL/Examples/Procs_Ex3/Procs_Ex3.dsp
SDK/Procs32_DLL/Examples/Procs_Ex3/Procs_Ex3.dsw
SDK/Procs32_DLL/Examples/Procs_Ex3/Procs_Ex3.rc
SDK/Procs32_DLL/Examples/Procs_Ex3/resource.h
SDK/Procs32_DLL/Examples/Task.BAT
SDK/Procs32_DLL/Include/Procs32.dll
.dll windows:4 windows x86 arch:x86

7f03218c4caeede6b049d2c5670f881a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadProcessMemory
GetVersion
GetProcAddress
LoadLibraryA
FreeLibrary
CloseHandle
lstrcpyA
OpenProcess
lstrcmpiA
DisableThreadLibraryCalls
SetFilePointer
ReadFile
CreateFileA
HeapAlloc
GetProcessHeap
HeapFree
RtlUnwind

Exports

Exports

GetModuleFirst
GetModuleHandleEx
GetModuleHandleList
GetModuleImageSize
GetModuleNext
GetNumberOfModules
GetNumberOfProcesses
GetProcessBaseSize
GetProcessFirst
GetProcessIDList
GetProcessNext
GetProcessPath
GetProcessPathID
IsProcessRunned

Sections

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 518B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SDK/Procs32_DLL/Include/Procs32.h
SDK/Procs32_DLL/PSAPI.DLL
.dll windows:5 windows x86 arch:x86

264476cbdcf6020ccd69c92bbd24050f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ntdll

_stricmp
RtlUnwind
sprintf
atoi
NtStopProfile
RtlUnicodeToOemN
_chkstk
DbgPrint
NtCreateProfile
RtlMultiByteToUnicodeN
NtAllocateVirtualMemory
RtlAdjustPrivilege
NtSetIntervalProfile
NtStartProfile
NtQueryInformationProcess
NtWriteFile
NtSetInformationProcess
RtlNtStatusToDosError
NtQueryVirtualMemory
NtQuerySystemInformation

kernel32

LocalAlloc
MultiByteToWideChar
GetLastError
RaiseException
LoadLibraryA
FreeLibrary
GetProcAddress
InterlockedExchange
OpenFileMappingA
MapViewOfFile
DisableThreadLibraryCalls
CreateFileA
UnmapViewOfFile
GetProcessHeap
HeapAlloc
CloseHandle
lstrcpyA
GetProcessWorkingSetSize
lstrlenA
SetLastError
LocalFree
GetSystemInfo
ReadProcessMemory
WideCharToMultiByte
SetProcessWorkingSetSize

Exports

Exports

EmptyWorkingSet
EnumDeviceDrivers
EnumProcessModules
EnumProcesses
GetDeviceDriverBaseNameA
GetDeviceDriverBaseNameW
GetDeviceDriverFileNameA
GetDeviceDriverFileNameW
GetMappedFileNameA
GetMappedFileNameW
GetModuleBaseNameA
GetModuleBaseNameW
GetModuleFileNameExA
GetModuleFileNameExW
GetModuleInformation
GetProcessMemoryInfo
GetWsChanges
InitializeProcessForWsWatch
QueryWorkingSet

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SDK/Procs32_DLL/Procs32.dll
.dll windows:4 windows x86 arch:x86

7f03218c4caeede6b049d2c5670f881a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadProcessMemory
GetVersion
GetProcAddress
LoadLibraryA
FreeLibrary
CloseHandle
lstrcpyA
OpenProcess
lstrcmpiA
DisableThreadLibraryCalls
SetFilePointer
ReadFile
CreateFileA
HeapAlloc
GetProcessHeap
HeapFree
RtlUnwind

Exports

Exports

GetModuleFirst
GetModuleHandleEx
GetModuleHandleList
GetModuleImageSize
GetModuleNext
GetNumberOfModules
GetNumberOfProcesses
GetProcessBaseSize
GetProcessFirst
GetProcessIDList
GetProcessNext
GetProcessPath
GetProcessPathID
IsProcessRunned

Sections

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 518B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SDK/Procs32_DLL/Procs32.lib
SDK/Procs32_DLL/Procs_Ex1/Console.Asm
SDK/Procs32_DLL/Procs_Ex1/Console.Inc
SDK/Procs32_DLL/Procs_Ex1/Console.wap
SDK/Procs32_DLL/Procs_Ex1/Procs32.inc
SDK/Procs32_DLL/Procs_Ex1/Procs32.lib
SDK/Procs32_DLL/Readme.txt
SDK/Procs32_DLL/StaticLib/Procs32.lib
SDK/Readme.txt
SignMan.exe
.exe windows:4 windows x86 arch:x86

52b98cccfa164238be8cd1c2d2873569

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
UnmapViewOfFile
FlushViewOfFile
SetEndOfFile
SetFilePointer
lstrlenA
lstrcpyA
lstrcatA
CreateFileMappingA
MapViewOfFile
GetModuleHandleA
GetStartupInfoA
CreateFileA
GetFileSize

user32

DefDlgProcA
LoadIconA
EndDialog
DestroyIcon
PostMessageA
SetDlgItemTextA
SendMessageA
GetDlgItem
GetSystemMenu
DeleteMenu
DialogBoxParamA
LoadCursorA
RegisterClassA
MessageBoxA
GetActiveWindow
wsprintfA

comdlg32

GetOpenFileNameA

comctl32

ord17

msvcrt

_controlfp
??3@YAXPAX@Z
_except_handler3
__p__fmode
__p__commode
__set_app_type
__setusermatherr
_adjust_fdiv
_initterm
__getmainargs
_acmdln
_XcptFilter
exit
__CxxFrameHandler
sscanf
_exit

imagehlp

ImageNtHeader

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Signs.txt
URLs/EnumProcessModules.url
URLs/GetModuleFileNameEx.url
URLs/OpenProcess.url
URLs/PE Tools - home page.url
URLs/PE Tools - last version.url
URLs/PE Tools - test version.url
URLs/PE Tools v1.3 - Source.url
URLs/Platform SDK.url
URLs/Process Status Helper (PSAPI).url
URLs/Taking a Snapshot.url
URLs/ToolHelp Library.url
URLs/Traversing the Module List.url
URLs/Unofficial PE Tools home page.url
URLs/uinC Team.url
.url
UUpdateSystem.dll
.dll windows:4 windows x86 arch:x86

aa0683aee8e29a8ff8e0151fba182c67

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
CreateFileA
WriteFile
WaitForSingleObject
CloseHandle
DeleteFileA
CreateThread
GetPrivateProfileIntA
GetPrivateProfileStringA
GetTickCount
TerminateThread
GetTempPathA
lstrlenA
GetTempFileNameA
lstrcpyA
GlobalFree
GlobalAlloc

user32

MessageBoxIndirectA
GetDlgItem
EnableWindow
SetWindowPos
wsprintfA
DestroyWindow
GetSysColor
MessageBoxA
SendMessageA
GetWindowLongA
SetWindowLongA
RedrawWindow
SetActiveWindow
SetParent
SetDlgItemTextA
PostMessageA
GetSysColorBrush
EndDialog
SendDlgItemMessageA
DialogBoxParamA
SetForegroundWindow
CreateWindowExA

gdi32

DeleteObject
GetStockObject
SetBkMode
GetObjectA
CreateFontIndirectA
SetBkColor

comdlg32

GetSaveFileNameA

shell32

ShellExecuteA

comctl32

InitCommonControlsEx

wininet

HttpSendRequestA
InternetGetConnectedState
InternetCrackUrlA
InternetOpenA
InternetSetStatusCallback
InternetConnectA
HttpOpenRequestA
HttpQueryInfoA
InternetReadFile
InternetErrorDlg
InternetCloseHandle

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

msvcrt

atol
_ftol
free
_initterm
malloc
_adjust_fdiv
_vsnprintf

Exports

Exports

ForceTerminate
ShowUpdateDialog

Sections

.data
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
rtl70.bpl
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

@$xp$10DBPROPINFO
@$xp$10IEnumNames
@$xp$10IErrorInfo
@$xp$10ILockBytes
@$xp$10IMallocSpy
@$xp$10IMtsEvents
@$xp$10IOleCache2
@$xp$10IOleObject
@$xp$10IOleWindow
@$xp$10ITypeInfo2
@$xp$10TComObject
@$xp$10TParamFlag
@$xp$10_xml_error
@$xp$10tagREGKIND
@$xp$11Adoint@_ADO
@$xp$11ContextInfo
@$xp$11DBPARAMINFO
@$xp$11IAdviseSink
@$xp$11ICrmMonitor
@$xp$11IDataObject
@$xp$11IDispatchEx
@$xp$11IDropSource
@$xp$11IDropTarget
@$xp$11IEnumString
@$xp$11IGetAppData
@$xp$11IMTSLocator
@$xp$11IOleControl
@$xp$11IReadCookie
@$xp$11IStringList
@$xp$11IViewObject
@$xp$11Masks@TMask
@$xp$11System@Byte
@$xp$11System@Char
@$xp$11System@Comp
@$xp$11System@Real
@$xp$11System@Word
@$xp$11TAutoObject
@$xp$11tagMULTI_QI
@$xp$11tagSTATDATA
@$xp$12ADDRESS_MODE
@$xp$12Adoint@Error
@$xp$12Adoint@Field
@$xp$12DBCOLUMNDESC
@$xp$12DBCOLUMNINFO
@$xp$12IAdviseSink2
@$xp$12IChannelHook
@$xp$12IComQCEvents
@$xp$12IEnumMoniker
@$xp$12IEnumOLEVERB
@$xp$12IEnumStatStg
@$xp$12IEnumUnknown
@$xp$12IEnumVariant
@$xp$12IEventServer
@$xp$12IOleDocument
@$xp$12IPersistFile
@$xp$12IPictureDisp
@$xp$12IPropertyBag
@$xp$12IRootStorage
@$xp$12ITransaction
@$xp$12IViewObject2
@$xp$12IWriteCookie
@$xp$12IXMLDocument
@$xp$12System@Int64
@$xp$12TFactoryProc
@$xp$12tagEXCEPINFO
@$xp$13Adoint@Errors
@$xp$13Adoint@Fields
@$xp$13Classes@TBits
@$xp$13Classes@TList
@$xp$13IClassFactory
@$xp$13IComAppEvents
@$xp$13IComCRMEvents
@$xp$13IComUserEvent
@$xp$13IContextState
@$xp$13IEnumSTATDATA
@$xp$13IMessageMover
@$xp$13IMtsEventInfo
@$xp$13IObjectSafety
@$xp$13IOleContainer
@$xp$13IPropertyPage
@$xp$13ObjectContext
@$xp$13ObjectControl
@$xp$13Oledb@IDBInfo
@$xp$13Oledb@IMDFind
@$xp$13Oledb@IRowset
@$xp$13System@Double
@$xp$13System@Single
@$xp$13System@String
@$xp$13System@UInt64
@$xp$13TByteDynArray
@$xp$13TConnectEvent
@$xp$13TWordDynArray
@$xp$14Adoint@Field15
@$xp$14Classes@TFiler
@$xp$14Contnrs@TQueue
@$xp$14Contnrs@TStack
@$xp$14IClassFactory2
@$xp$14ICreateTypeLib
@$xp$14ICrmLogControl
@$xp$14IEnumFORMATETC
@$xp$14IFillLockBytes
@$xp$14IMessageFilter
@$xp$14IObjectContext
@$xp$14IObjectControl
@$xp$14IOleClientSite
@$xp$14IPersistStream
@$xp$14IPropertyPage2
@$xp$14IQuickActivate
@$xp$14IRpcStubBuffer
@$xp$14ISessionObject
@$xp$14Oledb@ICommand
@$xp$14PROPERTYORIGIN
@$xp$14System@Boolean
@$xp$14System@Integer
@$xp$14System@TObject
@$xp$14System@Variant
@$xp$14TInt64DynArray
@$xp$14TIntfFlagsBase
@$xp$14tagCONNECTDATA
@$xp$14tagQACONTAINER
@$xp$15Adoint@Fields15
@$xp$15Adoint@_ADODisp
@$xp$15Adoint@_Command
@$xp$15Classes@EThread
@$xp$15Classes@TParser
@$xp$15Classes@TReader
@$xp$15Classes@TRecall
@$xp$15Classes@TStream
@$xp$15Classes@TThread
@$xp$15Classes@TWriter
@$xp$15Contnrs@TBucket
@$xp$15IActiveDesigner
@$xp$15ICreateTypeInfo
@$xp$15ICreateTypeLib2
@$xp$15ICrmCompensator
@$xp$15IObjectWithSite
@$xp$15IOleControlSite
@$xp$15IOleInPlaceSite
@$xp$15IOleUndoManager
@$xp$15IPersistStorage
@$xp$15IReceiveAppData
@$xp$15IRpcProxyBuffer
@$xp$15IRunnableObject
@$xp$15ISharedProperty
@$xp$15IStdMarshalInfo
@$xp$15Math@TValueSign
@$xp$15Msxml@IXMLError
@$xp$15Oledb@IAccessor
@$xp$15Oledb@IDBInfoSC
@$xp$15Oledb@IMDFindSC
@$xp$15Oledb@IRowsetSC
@$xp$15Oledb@IViewSort
@$xp$15ShortStringBase
@$xp$15Stdvcl@IStrings
@$xp$15Syncobjs@TEvent
@$xp$15System@ByteBool
@$xp$15System@Cardinal
@$xp$15System@Currency
@$xp$15System@Extended
@$xp$15System@LongBool
@$xp$15System@Shortint
@$xp$15System@Smallint
@$xp$15System@UCS4Char
@$xp$15System@WideChar
@$xp$15System@WordBool
@$xp$15Sysutils@EAbort
@$xp$15TDoubleDynArray
@$xp$15TParamFlagsBase
@$xp$15TSingleDynArray
@$xp$15TStringDynArray
@$xp$15TTypedComObject
@$xp$15Zlib@EZlibError
@$xp$16Activex@TOleEnum
@$xp$16Adoint@CoCommand
@$xp$16Adoint@Command15
@$xp$16Adoint@ErrorDisp
@$xp$16Adoint@FieldDisp
@$xp$16Adoint@Property_
@$xp$16Classes@TStrings
@$xp$16Comobj@EOleError
@$xp$16IComMethodEvents
@$xp$16IComObjectEvents
@$xp$16IComThreadEvents
@$xp$16IConnectionPoint
@$xp$16ICreateErrorInfo
@$xp$16ICreateTypeInfo2
@$xp$16IDispenserDriver
@$xp$16IEnumConnections
@$xp$16IEnumSTATPROPSTG
@$xp$16IObjectConstruct
@$xp$16IOleAdviseHolder
@$xp$16IOleCacheControl
@$xp$16IOleDocumentSite
@$xp$16IOleDocumentView
@$xp$16IOleInPlaceFrame
@$xp$16IPSFactoryBuffer
@$xp$16IPlaybackControl
@$xp$16IPropertyStorage
@$xp$16IServiceProvider
@$xp$16ISimpleFrameSite
@$xp$16Oledb@ICommandSC
@$xp$16SecurityProperty
@$xp$16Stdvcl@IProvider
@$xp$16System@NativeInt
@$xp$16System@TDateTime
@$xp$16TBooleanDynArray
@$xp$16TComClassManager
@$xp$16TIntegerDynArray
@$xp$16Typinfo@TOrdType
@$xp$16tagINTERFACEINFO
@$xp$17Activex@IEnumGUID
@$xp$17Adoint@ErrorsDisp
@$xp$17Adoint@FieldsDisp
@$xp$17Adoint@IDataspace
@$xp$17Adoint@Parameters
@$xp$17Adoint@Properties
@$xp$17Adoint@_Parameter
@$xp$17Adoint@_Recordset
@$xp$17Asptlb@IASPObject
@$xp$17Asptlb@TASPObject
@$xp$17Classes@TBiDiMode
@$xp$17Classes@TGetClass
@$xp$17Classes@THelpType
@$xp$17Classes@TShortCut
@$xp$17IContinueCallback
@$xp$17ICrmMonitorClerks
@$xp$17IDataAdviseHolder
@$xp$17IDispenserManager
@$xp$17IObjectContextTip
@$xp$17IOleCommandTarget
@$xp$17IOleInPlaceObject
@$xp$17IOleInPlaceSiteEx
@$xp$17IOleItemContainer
@$xp$17IParseDisplayName
@$xp$17IPropertyPageSite
@$xp$17IProvideClassInfo
@$xp$17IRpcChannelBuffer
@$xp$17IScriptingContext
@$xp$17ISecurityProperty
@$xp$17ISequentialStream
@$xp$17ISupportErrorInfo
@$xp$17Inifiles@TIniFile
@$xp$17Math@TPaymentTime
@$xp$17Msxml@IXMLDOMNode
@$xp$17Msxml@IXMLDOMText
@$xp$17Msxml@IXMLElement
@$xp$17Msxml@IXTLRuntime
@$xp$17Oledb@IAccessorSC
@$xp$17Oledb@IAlterIndex
@$xp$17Oledb@IAlterTable
@$xp$17Oledb@IOpenRowset
@$xp$17Oledb@IRowsetFind
@$xp$17Oledb@IRowsetInfo
@$xp$17Oledb@IRowsetView
@$xp$17Oledb@IViewFilter
@$xp$17Oledb@IViewRowset
@$xp$17Oledb@IViewSortSC
@$xp$17System@IInterface
@$xp$17System@IInvokable
@$xp$17System@NativeUInt
@$xp$17System@OleVariant
@$xp$17System@Openstring
@$xp$17System@UCS4String
@$xp$17System@UTF8String
@$xp$17System@WideString
@$xp$17Sysutils@EOSError
@$xp$17Sysutils@TLangRec
@$xp$17TCardinalDynArray
@$xp$17TComObjectFactory
@$xp$17TLongWordDynArray
@$xp$17TShortIntDynArray
@$xp$17TSmallIntDynArray
@$xp$17Typinfo@TTypeKind
@$xp$18Adoint@CoParameter
@$xp$18Adoint@CoRecordset
@$xp$18Adoint@Field15Disp
@$xp$18Adoint@Recordset15
@$xp$18Adoint@Recordset20
@$xp$18Adoint@_Collection
@$xp$18Adoint@_Connection
@$xp$18Classes@Classes__1
@$xp$18Classes@EBitsError
@$xp$18Classes@EListError
@$xp$18Classes@EReadError
@$xp$18Classes@TAlignment
@$xp$18Classes@TComponent
@$xp$18Classes@TFilerFlag
@$xp$18Classes@TLeftRight
@$xp$18Classes@TOperation
@$xp$18Classes@TValueType
@$xp$18Classes@TWndMethod
@$xp$18Contnrs@TClassList
@$xp$18IApplicationObject
@$xp$18IComActivityEvents
@$xp$18IComIdentityEvents
@$xp$18IComInstanceEvents
@$xp$18IComResourceEvents
@$xp$18IComSecurityEvents
@$xp$18IPersistStreamInit
@$xp$18IPersistTextStream
@$xp$18IRequestDictionary
@$xp$18IVariantDictionary
@$xp$18Inifiles@THashItem
@$xp$18Math@TFPUException
@$xp$18Math@TRoundToRange
@$xp$18Msxml@IXMLElement2
@$xp$18Objauto@ObjAuto__1
@$xp$18Oledb@IColumnsInfo
@$xp$18Oledb@ICommandText
@$xp$18Oledb@IConvertType
@$xp$18Oledb@IErrorLookup
@$xp$18Oledb@IRowPosition
@$xp$18Oledb@IRowsetIndex
@$xp$18Oledb@ITransaction
@$xp$18Oledb@IViewChapter
@$xp$18Oledb@TDBPropArray
@$xp$18Registry@TRegistry
@$xp$18Stdvcl@IDataBroker
@$xp$18System@ShortString
@$xp$18System@TBoundArray
@$xp$18Sysutils@EControlC
@$xp$18Sysutils@EExternal
@$xp$18Sysutils@EIntError
@$xp$18Sysutils@EOverflow
@$xp$18Sysutils@Exception
@$xp$18Sysutils@TFileName
@$xp$18Sysutils@TNameType
@$xp$18TAutoObjectFactory
@$xp$18Typinfo@TFloatType
@$xp$18Typinfo@TIntfFlags
@$xp$18Typinfo@TTypeKinds
@$xp$18Typinfo@TypInfo__5
@$xp$19Activex@TOldOleEnum
@$xp$19Adoint@CoConnection
@$xp$19Adoint@Connection15
@$xp$19Adoint@Fields15Disp
@$xp$19Adoint@_CommandDisp
@$xp$19Classes@Classes__03
@$xp$19Classes@Classes__84
@$xp$19Classes@Classes__94
@$xp$19Classes@EFOpenError
@$xp$19Classes@EFilerError
@$xp$19Classes@EWriteError
@$xp$19Classes@TCollection
@$xp$19Classes@TDataModule
@$xp$19Classes@TDuplicates
@$xp$19Classes@TFileStream
@$xp$19Classes@TFilerFlags
@$xp$19Classes@TGetStrProc
@$xp$19Classes@TPersistent
@$xp$19Classes@TReaderProc
@$xp$19Classes@TSeekOrigin
@$xp$19Classes@TShiftState
@$xp$19Classes@TStreamProc
@$xp$19Classes@TStringItem
@$xp$19Classes@TStringList
@$xp$19Classes@TThreadList
@$xp$19Classes@TWriterProc
@$xp$19Comobj@EOleSysError
@$xp$19Contnrs@TBucketList
@$xp$19Contnrs@TObjectList
@$xp$19Convutils@TConvType
@$xp$19IComExceptionEvents
@$xp$19IEnumSTATPROPSETSTG
@$xp$19IExternalConnection
@$xp$19IOleInPlaceUIWindow
@$xp$19IPersistPropertyBag
@$xp$19IPropertyNotifySink
@$xp$19IPropertySetStorage
@$xp$19IProvideRuntimeText
@$xp$19IRunningObjectTable
@$xp$19ITransactionContext
@$xp$19Maskutils@TEditMask
@$xp$19Msxml@CoDOMDocument
@$xp$19Msxml@CoXMLDocument
@$xp$19Msxml@IXMLAttribute
@$xp$19Msxml@IXMLDOMEntity
@$xp$19Msxml@IXMLDocument2
@$xp$19Objauto@TParamFlags
@$xp$19Oledb@IAlterIndexSC
@$xp$19Oledb@IAlterTableSC
@$xp$19Oledb@IDBInitialize
@$xp$19Oledb@IDBProperties
@$xp$19Oledb@IOpenRowsetSC
@$xp$19Oledb@IParentRowset
@$xp$19Oledb@IRowsetChange
@$xp$19Oledb@IRowsetFindSC
@$xp$19Oledb@IRowsetInfoSC
@$xp$19Oledb@IRowsetLocate
@$xp$19Oledb@IRowsetScroll
@$xp$19Oledb@IRowsetUpdate
@$xp$19Oledb@IRowsetViewSC
@$xp$19Oledb@ISQLErrorInfo
@$xp$19Oledb@ISecurityInfo
@$xp$19Oledb@IViewFilterSC
@$xp$19Oledb@IViewRowsetSC
@$xp$19Stdvcl@IStringsDisp
@$xp$19Sysutils@EDivByZero
@$xp$19Sysutils@EInvalidOp
@$xp$19Sysutils@EMathError
@$xp$19Sysutils@EPrivilege
@$xp$19Sysutils@EUnderflow
@$xp$19Sysutils@TLanguages
@$xp$19Sysutils@TSearchRec
@$xp$19TWideStringDynArray
@$xp$19Typinfo@TMethodKind
@$xp$19Typinfo@TParamFlags
@$xp$20Activex@ICatRegister
@$xp$20Activex@TUnknownList
@$xp$20Adoint@Command15Disp
@$xp$20Adoint@Property_Disp
@$xp$20Asptlb@TASPMTSObject
@$xp$20Classes@EParserError
@$xp$20Classes@EResNotFound
@$xp$20Classes@EStreamError
@$xp$20Classes@TBasicAction
@$xp$20Classes@TClassFinder
@$xp$20Classes@THelpContext
@$xp$20Classes@TNotifyEvent
@$xp$20Classes@TReaderError
@$xp$20Comobj@EOleException
@$xp$20Contnrs@TBucketArray
@$xp$20Contnrs@TObjectQueue
@$xp$20Contnrs@TObjectStack
@$xp$20Contnrs@TOrderedList
@$xp$20IComObjectPoolEvents
@$xp$20ICrmFormatLogRecords
@$xp$20IPerPropertyBrowsing
@$xp$20ISecurityCallContext
@$xp$20ISecurityCallersColl
@$xp$20ISharedPropertyGroup
@$xp$20Inifiles@IniFiles__4
@$xp$20Inifiles@TMemIniFile
@$xp$20Inifiles@TStringHash
@$xp$20Masks@EMaskException
@$xp$20Msxml@IXMLDOMComment
@$xp$20Msxml@IXMLDOMElement
@$xp$20Msxml@IXMLDSOControl
@$xp$20Oledb@IColumnsInfoSC
@$xp$20Oledb@IColumnsRowset
@$xp$20Oledb@ICommandTextSC
@$xp$20Oledb@IConvertTypeSC
@$xp$20Oledb@IErrorLookupSC
@$xp$20Oledb@IGetDataSource
@$xp$20Oledb@IMDRangeRowset
@$xp$20Oledb@IRowPositionSC
@$xp$20Oledb@IRowsetIndexSC
@$xp$20Oledb@IRowsetRefresh
@$xp$20Oledb@IRowsetResynch
@$xp$20Oledb@ISourcesRowset
@$xp$20Oledb@ITransactionSC
@$xp$20Oledb@IViewChapterSC
@$xp$20Registry@TRegIniFile
@$xp$20Scktcomp@TAsyncStyle
@$xp$20Scktcomp@TClientType
@$xp$20Scktcomp@TErrorEvent
@$xp$20Scktcomp@TServerType
@$xp$20Stdvcl@IProviderDisp
@$xp$20Syncobjs@TWaitResult
@$xp$20System@TRuntimeError
@$xp$20Sysutils@EInOutError
@$xp$20Sysutils@ERangeError
@$xp$20Sysutils@EWin32Error
@$xp$20Sysutils@EZeroDivide
@$xp$20Sysutils@SysUtils__2
@$xp$20Sysutils@TFloatValue
@$xp$20Sysutils@TSysCharSet
@$xp$21Activex@TMultiQIArray
@$xp$21Activex@TTypeInfoList
@$xp$21Adoint@IDataspaceDisp
@$xp$21Adoint@ParametersDisp
@$xp$21Adoint@PropertiesDisp
@$xp$21Adoint@_ParameterDisp
@$xp$21Adoint@_RecordsetDisp
@$xp$21Classes@EFCreateError
@$xp$21Classes@EInvalidImage
@$xp$21Classes@IVCLComObject
@$xp$21Classes@TGetChildProc
@$xp$21Classes@THandleStream
@$xp$21Classes@TListAssignOp
@$xp$21Classes@TMemoryStream
@$xp$21Classes@TSetNameEvent
@$xp$21Classes@TStringStream
@$xp$21Classes@TThreadMethod
@$xp$21Convutils@TConvFamily
@$xp$21Helpintfs@IHelpSystem
@$xp$21IComObjectPoolEvents2
@$xp$21IComTransactionEvents
@$xp$21ICrmMonitorLogRecords
@$xp$21IEnumConnectionPoints
@$xp$21IEnumOleDocumentViews
@$xp$21IGetContextProperties
@$xp$21IGlobalInterfaceTable
@$xp$21ISecurityIdentityColl
@$xp$21ISpecifyPropertyPages
@$xp$21ITransactionContextEx
@$xp$21Maskutils@TMaskedText
@$xp$21Math@EInvalidArgument
@$xp$21Math@TFPURoundingMode
@$xp$21Msxml@CoXMLDSOControl

Sections

CODE
Size: 450KB - Virtual size: 449KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 9KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 25B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
vcl70.bpl
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

@$xp$11Forms@TForm
@$xp$11Menus@TMenu
@$xp$11TActiveForm
@$xp$12Forms@TFrame
@$xp$12Mask@Mask__2
@$xp$13Forms@TScreen
@$xp$13Graphics@TPen
@$xp$14Extctrls@TPage
@$xp$14Forms@Forms__6
@$xp$14Forms@IOleForm
@$xp$14Forms@TMonitor
@$xp$14Graphics@TFont
@$xp$14Graphics@TIcon
@$xp$14Grids@Grids__3
@$xp$14Grids@Grids__4
@$xp$14Mask@TMaskEdit
@$xp$14Stdctrls@TEdit
@$xp$14Stdctrls@TMemo
@$xp$15Buttons@TBitBtn
@$xp$15Comctrls@TWidth
@$xp$15Controls@TAlign
@$xp$15Controls@TMouse
@$xp$15Extctrls@TBevel
@$xp$15Extctrls@TImage
@$xp$15Extctrls@TPanel
@$xp$15Extctrls@TShape
@$xp$15Extctrls@TTimer
@$xp$15Forms@THintInfo
@$xp$15Forms@TPosition
@$xp$15Forms@TTileMode
@$xp$15Graphics@TBrush
@$xp$15Graphics@TColor
@$xp$15Grids@TDrawGrid
@$xp$15Menus@TMainMenu
@$xp$15Menus@TMenuItem
@$xp$15Stdctrls@TLabel
@$xp$15Svcmgr@TService
@$xp$15TActiveXControl
@$xp$15TConnectionKind
@$xp$16Actnlist@TAction
@$xp$16Comctrls@THotKey
@$xp$16Comctrls@TUpDown
@$xp$16Controls@TCursor
@$xp$16Extctrls@THeader
@$xp$16Forms@TFormState
@$xp$16Forms@TFormStyle
@$xp$16Forms@THelpEvent
@$xp$16Forms@TIdleEvent
@$xp$16Forms@TScrollBox
@$xp$16Forms@TTimerMode
@$xp$16Graphics@TBitmap
@$xp$16Graphics@TCanvas
@$xp$16Grids@TEditStyle
@$xp$16Grids@TGridState
@$xp$16Imglist@TOverlay
@$xp$16Imglist@TResType
@$xp$16Menus@EMenuError
@$xp$16Menus@TMenuBreak
@$xp$16Menus@TPopupList
@$xp$16Menus@TPopupMenu
@$xp$16Stdctrls@TButton
@$xp$16TConnectionPoint
@$xp$17Comctrls@TAddMode
@$xp$17Comctrls@TAnimate
@$xp$17Comctrls@TCoolBar
@$xp$17Comctrls@THitTest
@$xp$17Comctrls@TToolBar
@$xp$17Controls@TAnchors
@$xp$17Controls@TCaption
@$xp$17Controls@TControl
@$xp$17Controls@TImeMode
@$xp$17Controls@TImeName
@$xp$17Dialogs@TPageType
@$xp$17Extactns@TFileRun
@$xp$17Extactns@TNextTab
@$xp$17Extactns@TShowCmd
@$xp$17Extctrls@TRowSize
@$xp$17Forms@TBorderIcon
@$xp$17Forms@TCloseEvent
@$xp$17Forms@TCustomForm
@$xp$17Forms@TPrintScale
@$xp$17Forms@TShowAction
@$xp$17Forms@TWindowHook
@$xp$17Graphics@TGraphic
@$xp$17Graphics@TPenMode
@$xp$17Graphics@TPicture
@$xp$17Grids@TCustomGrid
@$xp$17Grids@TGridOption
@$xp$17Grids@TMovedEvent
@$xp$17Grids@TStringGrid
@$xp$17Mask@EDBEditError
@$xp$17Mask@TMaskedState
@$xp$17Olectnrs@TOleForm
@$xp$17Printers@EPrinter
@$xp$17Printers@TPrinter
@$xp$17Stdactns@TEditCut
@$xp$17Stdctrls@TListBox
@$xp$17Svcmgr@TStartType
@$xp$17Svcmgr@TStopEvent
@$xp$17TConnectionPoints
@$xp$17Themes@TThemedTab
@$xp$17Valedit@TItemProp
@$xp$18Axctrls@TOleStream
@$xp$18Buttons@TNumGlyphs
@$xp$18Clipbrd@TClipboard
@$xp$18Comctrls@TCoolBand
@$xp$18Comctrls@THitTests
@$xp$18Comctrls@TItemFind
@$xp$18Comctrls@TListItem
@$xp$18Comctrls@TListView
@$xp$18Comctrls@TRichEdit
@$xp$18Comctrls@TSortType
@$xp$18Comctrls@TTabSheet
@$xp$18Comctrls@TTabStyle
@$xp$18Comctrls@TTickMark
@$xp$18Comctrls@TTrackBar
@$xp$18Comctrls@TTreeNode
@$xp$18Comctrls@TTreeView
@$xp$18Comctrls@TWorkArea
@$xp$18Controls@TAlignSet
@$xp$18Controls@TBevelCut
@$xp$18Controls@TDockTree
@$xp$18Controls@TDockZone
@$xp$18Controls@TDragKind
@$xp$18Controls@TDragMode
@$xp$18Controls@TKeyEvent
@$xp$18Controls@TTabOrder
@$xp$18Dialogs@TMsgDlgBtn
@$xp$18Extactns@TSendMail
@$xp$18Extctrls@TColorBox
@$xp$18Extctrls@TNotebook
@$xp$18Extctrls@TPaintBox
@$xp$18Extctrls@TSplitter
@$xp$18Forms@TApplication
@$xp$18Forms@TBorderIcons
@$xp$18Forms@TBorderStyle
@$xp$18Forms@TCloseAction
@$xp$18Forms@TCustomFrame
@$xp$18Forms@TWindowState
@$xp$18Graphics@TFillMode
@$xp$18Graphics@TFontName
@$xp$18Graphics@TMetafile
@$xp$18Graphics@TPenStyle
@$xp$18Grids@TGridOptions
@$xp$18Grids@TInplaceEdit
@$xp$18Imglist@TImageType
@$xp$18Menus@TTrackButton
@$xp$18Olectnrs@TSizeMode
@$xp$18Stdactns@TEditCopy
@$xp$18Stdactns@TEditUndo
@$xp$18Stdactns@TFileExit
@$xp$18Stdactns@TFileOpen
@$xp$18Stdactns@TFontEdit
@$xp$18Stdactns@TPrintDlg
@$xp$18Stdctrls@TCheckBox
@$xp$18Stdctrls@TComboBox
@$xp$18Stdctrls@TGroupBox
@$xp$18Svcmgr@TDependency
@$xp$18Svcmgr@TPauseEvent
@$xp$18Svcmgr@TStartEvent
@$xp$18TActiveFormControl
@$xp$18TActiveFormFactory
@$xp$18Themes@TThemedEdit
@$xp$18Themes@TThemedMenu
@$xp$18Themes@TThemedPage
@$xp$18Themes@TThemedSpin
@$xp$18Toolwin@TEdgeStyle
@$xp$18Valedit@TItemProps
@$xp$18Valedit@TKeyOption
@$xp$19Actnlist@THintEvent
@$xp$19Axctrls@IFontAccess
@$xp$19Axctrls@TOleGraphic
@$xp$19Buttons@TBitBtnKind
@$xp$19Comctrls@TCommonAVI
@$xp$19Comctrls@TCoolBands
@$xp$19Comctrls@TItemState
@$xp$19Comctrls@TListItems
@$xp$19Comctrls@TNodeState
@$xp$19Comctrls@TStatusBar
@$xp$19Comctrls@TTickStyle
@$xp$19Comctrls@TTreeNodes
@$xp$19Comctrls@TUDBtnType
@$xp$19Comctrls@TViewStyle
@$xp$19Comctrls@TWorkAreas
@$xp$19Commdlg@TOFNotifyEx
@$xp$19Controls@TBevelEdge
@$xp$19Controls@TBevelKind
@$xp$19Controls@TDragState
@$xp$19Controls@TImageList
@$xp$19Dialogs@TFindDialog
@$xp$19Dialogs@TFindOption
@$xp$19Dialogs@TFontDialog
@$xp$19Dialogs@TMsgDlgType
@$xp$19Dialogs@TOpenDialog
@$xp$19Dialogs@TOpenOption
@$xp$19Dialogs@TPrintRange
@$xp$19Dialogs@TSaveDialog
@$xp$19Extactns@TBrowseURL
@$xp$19Extactns@TTabAction
@$xp$19Extactns@TURLAction
@$xp$19Extctrls@TShapeType
@$xp$19Forms@IDesignerHook
@$xp$19Forms@TMessageEvent
@$xp$19Forms@TScrollBarInc
@$xp$19Graphics@TFillStyle
@$xp$19Graphics@TFontPitch
@$xp$19Graphics@TFontStyle
@$xp$19Graphics@TIconImage
@$xp$19Graphics@TPenRecall
@$xp$19Grids@TGetEditEvent
@$xp$19Grids@TGridMovement
@$xp$19Grids@TSetEditEvent
@$xp$19Imglist@TChangeLink
@$xp$19Imglist@TImageIndex
@$xp$19Menus@TFindItemKind
@$xp$19Menus@TMenuAutoFlag
@$xp$19Olectrls@TEnumValue
@$xp$19Stdactns@TEditPaste
@$xp$19Stdctrls@TScrollBar
@$xp$19Svcmgr@TEventLogger
@$xp$19Svcmgr@TServiceType
@$xp$19Themes@TThemedClock
@$xp$19Themes@TThemedRebar
@$xp$19Toolwin@TEdgeBorder
@$xp$19Toolwin@TToolWindow
@$xp$19Valedit@TKeyOptions
@$xp$20Actnlist@TActionLink
@$xp$20Actnlist@TActionList
@$xp$20Axctrls@TFontAdapter
@$xp$20Buttons@TButtonState
@$xp$20Buttons@TButtonStyle
@$xp$20Buttons@TSpeedButton
@$xp$20Comctrls@ComCtrls__9
@$xp$20Comctrls@TComboBoxEx
@$xp$20Comctrls@TConversion
@$xp$20Comctrls@TDTDateMode
@$xp$20Comctrls@THKModifier
@$xp$20Comctrls@TItemChange
@$xp$20Comctrls@TItemStates
@$xp$20Comctrls@TListColumn
@$xp$20Comctrls@TSearchType
@$xp$20Comctrls@TTabControl
@$xp$20Comctrls@TToolButton
@$xp$20Controls@TAnchorKind
@$xp$20Controls@TBevelEdges
@$xp$20Controls@TBevelWidth
@$xp$20Controls@TDragObject
@$xp$20Controls@THintWindow
@$xp$20Controls@TMouseEvent
@$xp$20Controls@TWinControl
@$xp$20Dialogs@TColorDialog
@$xp$20Dialogs@TFindOptions
@$xp$20Dialogs@TOpenOptions
@$xp$20Dialogs@TPrintDialog
@$xp$20Dialogs@TPrinterKind
@$xp$20Extctrls@TBevelShape
@$xp$20Extctrls@TBevelStyle
@$xp$20Extctrls@TBoundLabel
@$xp$20Extctrls@TControlBar
@$xp$20Extctrls@TRadioGroup
@$xp$20Forms@TScrollBarKind
@$xp$20Forms@TShortCutEvent
@$xp$20Forms@TShowHintEvent
@$xp$20Graphics@TBrushStyle
@$xp$20Graphics@TFontRecall
@$xp$20Graphics@TFontStyles
@$xp$20Graphutil@TArrowType
@$xp$20Grids@TDrawCellEvent
@$xp$20Grids@TGridDrawState
@$xp$20Mask@TCustomMaskEdit
@$xp$20Menus@TMenuAnimation
@$xp$20Menus@TMenuItemStack
@$xp$20Olectnrs@TCreateInfo
@$xp$20Olectnrs@TCreateType
@$xp$20Olectrls@TOleControl
@$xp$20Oleserver@TOleServer
@$xp$20Stdactns@TEditAction
@$xp$20Stdactns@TEditDelete
@$xp$20Stdactns@TFileAction
@$xp$20Stdactns@TFileSaveAs
@$xp$20Stdactns@THelpAction
@$xp$20Stdactns@THelpOnHelp
@$xp$20Stdactns@THintAction
@$xp$20Stdactns@TSearchFind
@$xp$20Stdctrls@TCustomEdit
@$xp$20Stdctrls@TCustomMemo
@$xp$20Stdctrls@TScrollCode
@$xp$20Stdctrls@TStaticText
@$xp$20Stdctrls@TTextLayout
@$xp$20Svcmgr@TDependencies
@$xp$20Svcmgr@TServiceEvent
@$xp$20TActiveXPropertyPage
@$xp$20Themes@TThemedButton
@$xp$20Themes@TThemedHeader
@$xp$20Themes@TThemedStatus
@$xp$20Themes@TThemedWindow
@$xp$20Toolwin@TEdgeBorders
@$xp$21Actnlist@TActionEvent
@$xp$21Axctrls@TPropertyPage
@$xp$21Buttons@TButtonLayout
@$xp$21Comctrls@ComCtrls__34
@$xp$21Comctrls@TComboExItem
@$xp$21Comctrls@TDisplayCode
@$xp$21Comctrls@THKModifiers
@$xp$21Comctrls@THeaderStyle
@$xp$21Comctrls@TIconOptions
@$xp$21Comctrls@TItemRequest
@$xp$21Comctrls@TListColumns
@$xp$21Comctrls@TPageControl
@$xp$21Comctrls@TProgressBar
@$xp$21Comctrls@TSearchTypes
@$xp$21Comctrls@TStatusPanel
@$xp$21Comctrls@TTabPosition
@$xp$21Controls@Controls__01
@$xp$21Controls@Controls__11
@$xp$21Controls@Controls__21
@$xp$21Controls@IDockManager
@$xp$21Controls@TBorderWidth
@$xp$21Controls@TDragMessage
@$xp$21Controls@TModalResult
@$xp$21Controls@TMouseButton
@$xp$21Controls@TUnDockEvent
@$xp$21Dialogs@TCommonDialog
@$xp$21Dialogs@TFDApplyEvent
@$xp$21Dialogs@TOpenOptionEx
@$xp$21Extactns@TDownLoadURL
@$xp$21Extactns@TOpenPicture
@$xp$21Extactns@TPreviousTab
@$xp$21Extactns@TSavePicture
@$xp$21Extctrls@TCustomPanel
@$xp$21Extctrls@TLabeledEdit
@$xp$21Extctrls@TResizeStyle
@$xp$21Forms@TCustomDockForm
@$xp$21Forms@TDefaultMonitor
@$xp$21Forms@TExceptionEvent
@$xp$21Forms@TScrollBarStyle
@$xp$21Graphics@TBitmapImage
@$xp$21Graphics@TBrushRecall
@$xp$21Graphics@TCanvasState
@$xp$21Graphics@TFontCharset
@$xp$21Graphics@TPixelFormat
@$xp$21Graphics@TSharedImage
@$xp$21Grids@TCustomDrawGrid
@$xp$21Grids@TGetExtentsFunc
@$xp$21Imglist@TDrawingStyle
@$xp$21Imglist@TLoadResource
@$xp$21Menus@TMenuActionLink
@$xp$21Menus@TMenuAnimations
@$xp$21Menus@TPopupAlignment
@$xp$21Olectnrs@TObjectState
@$xp$21Stdactns@TColorSelect
@$xp$21Stdactns@TWindowClose
@$xp$21Stdctrls@TCustomCombo
@$xp$21Stdctrls@TCustomLabel
@$xp$21Stdctrls@TRadioButton
@$xp$21Stdctrls@TScrollEvent
@$xp$21Stdctrls@TScrollStyle
@$xp$21Svcmgr@TContinueEvent
@$xp$21Svcmgr@TCurrentStatus
@$xp$21Svcmgr@TErrorSeverity
@$xp$21Svcmgr@TServiceThread
@$xp$21Themes@TThemeServices
@$xp$21Themes@TThemedElement
@$xp$21Themes@TThemedTaskBar
@$xp$21Themes@TThemedToolBar
@$xp$21Themes@TThemedToolTip
@$xp$21Toolwin@TToolDockForm
@$xp$22Actnlist@TCustomAction
@$xp$22Actnlist@TShortCutList
@$xp$22Axctrls@IPictureAccess
@$xp$22Axctrls@TCustomAdapter
@$xp$22Comctrls@TCalDayOfWeek
@$xp$22Comctrls@TComboExItems
@$xp$22Comctrls@TCustomHotKey
@$xp$22Comctrls@TCustomUpDown
@$xp$22Comctrls@TDTDateFormat
@$xp$22Comctrls@TDateTimeKind
@$xp$22Comctrls@TDrawTabEvent
@$xp$22Comctrls@THKInvalidKey
@$xp$22Comctrls@TItemRequests
@$xp$22Comctrls@TPageScroller
@$xp$22Comctrls@TStatusPanels
@$xp$22Comctrls@TUDClickEvent
@$xp$22Controls@TControlState
@$xp$22Controls@TControlStyle
@$xp$22Controls@TDragObjectEx
@$xp$22Controls@TEndDragEvent
@$xp$22Controls@TScalingFlags
@$xp$22Dialogs@TFileEditStyle
@$xp$22Dialogs@TMsgDlgButtons
@$xp$22Dialogs@TOpenOptionsEx
@$xp$22Dialogs@TReplaceDialog
@$xp$22Extactns@TRichEditBold
@$xp$22Extctrls@NaturalNumber
@$xp$22Extctrls@TSectionEvent
@$xp$22Forms@TCloseQueryEvent
@$xp$22Forms@TFormBorderStyle
@$xp$22Graphics@TCanvasStates
@$xp$22Graphics@TFontDataName
@$xp$22Grids@TInplaceEditList
@$xp$22Grids@TSelectCellEvent
@$xp$22Imglist@TLoadResources
@$xp$22Menus@TMenuChangeEvent
@$xp$22Olectnrs@IVCLFrameForm
@$xp$22Olectnrs@TAutoActivate
@$xp$22Olectnrs@TOleContainer
@$xp$22Olectrls@EOleCtrlError
@$xp$22Olectrls@TEnumPropDesc
@$xp$22Oleserver@TConnectKind
@$xp$22Printers@TPrinterState
@$xp$22Stdactns@TFileOpenWith
@$xp$22Stdactns@THelpContents
@$xp$22Stdactns@TSearchAction
@$xp$22Stdactns@TWindowAction
@$xp$22Stdctrls@TEditCharCase
@$xp$22Stdctrls@TListBoxStyle
@$xp$22TActiveXControlFactory
@$xp$22Themes@TThemedComboBox
@$xp$22Themes@TThemedListview
@$xp$22Themes@TThemedProgress
@$xp$22Themes@TThemedTaskBand
@$xp$22Themes@TThemedTrackBar
@$xp$22Themes@TThemedTreeview
@$xp$22Valedit@TDisplayOption
@$xp$23Axctrls@TPictureAdapter
@$xp$23Axctrls@TStringsAdapter
@$xp$23Comctrls@EDateTimeError
@$xp$23Comctrls@EMonthCalError
@$xp$23Comctrls@ETreeViewError
@$xp$23Comctrls@TAttributeType
@$xp$23Comctrls@THKInvalidKeys
@$xp$23Comctrls@THeaderControl
@$xp$23Comctrls@THeaderSection
@$xp$23Comctrls@TLVChangeEvent
@$xp$23Comctrls@TLVEditedEvent
@$xp$23Comctrls@TLVNotifyEvent
@$xp$23Comctrls@TMonthCalendar
@$xp$23Comctrls@TTBButtonEvent
@$xp$23Comctrls@TTVEditedEvent
@$xp$23Comctrls@TUDAlignButton
@$xp$23Comctrls@TUDOrientation
@$xp$23Controls@TControlCanvas
@$xp$23Controls@TCustomControl
@$xp$23Controls@TDockDropEvent
@$xp$23Controls@TDockOverEvent
@$xp$23Controls@TDragDropEvent
@$xp$23Controls@TDragImageList
@$xp$23Controls@TDragOverEvent
@$xp$23Controls@TKeyPressEvent
@$xp$23Dialogs@TPaintPageEvent
@$xp$23Extactns@TCustomFileRun
@$xp$23Extctrls@TBandDragEvent
@$xp$23Extctrls@TBandInfoEvent
@$xp$23Extctrls@TBandMoveEvent
@$xp$23Extctrls@TColorBoxStyle
@$xp$23Extctrls@TLabelPosition
@$xp$23Forms@TControlScrollBar
@$xp$23Forms@TCustomActiveForm
@$xp$23Forms@TMonitorDefaultTo
@$xp$23Graphics@TMetafileImage
@$xp$23Graphics@TProgressEvent
@$xp$23Graphics@TProgressStage
@$xp$23Listactns@TGetItemEvent
@$xp$23Menus@TMenuItemAutoFlag
@$xp$23Olectrls@TEnumValueList
@$xp$23Olectrls@TEventDispatch
@$xp$23Oleserver@TVariantArray
@$xp$23Stdactns@TEditSelectAll
@$xp$23Stdactns@TFilePageSetup
@$xp$23Stdactns@TSearchReplace
@$xp$23Stdactns@TWindowArrange
@$xp$23Stdactns@TWindowCascade
@$xp$23Stdctrls@TButtonControl
@$xp$23Stdctrls@TCheckBoxState
@$xp$23Stdctrls@TComboBoxStyle
@$xp$23Stdctrls@TCustomListBox
@$xp$23Stdctrls@TDrawItemEvent
@$xp$23Themes@TThemedScrollBar
@$xp$23Toolwin@TToolDockObject
@$xp$23Valedit@TDisplayOptions
@$xp$24Actnlist@TEnumActionProc
@$xp$24Axctrls@IAmbientDispatch
@$xp$24Axctrls@TAdapterNotifier
@$xp$24Axctrls@TReflectorWindow
@$xp$24Comctrls@TCommonCalendar
@$xp$24Comctrls@TCustomListView
@$xp$24Comctrls@TCustomRichEdit
@$xp$24Comctrls@TCustomTreeView
@$xp$24Comctrls@TDTCalAlignment
@$xp$24Comctrls@TDateTimePicker
@$xp$24Comctrls@TDrawPanelEvent
@$xp$24Comctrls@THeaderSections
@$xp$24Comctrls@TLVCompareEvent
@$xp$24Comctrls@TLVDeletedEvent
@$xp$24Comctrls@TLVEditingEvent
@$xp$24Comctrls@TLVInfoTipEvent
@$xp$24Comctrls@TMonthCalColors
@$xp$24Comctrls@TNodeAttachMode
@$xp$24Comctrls@TNumberingStyle
@$xp$24Comctrls@TParaAttributes

Sections

CODE
Size: 842KB - Virtual size: 841KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 789B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 357KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 33B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
汉化说明.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 19KB - Virtual size: 18KB

DATA Size: 9KB - Virtual size: 8KB

BSS Size: - Virtual size: 1KB

.idata Size: 1024B - Virtual size: 834B

.edata Size: 512B - Virtual size: 139B

.reloc Size: 1024B - Virtual size: 1020B

.rsrc Size: 512B - Virtual size: 512B

3c8fc820c0cbaa6732c2b1fbb4542189

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 60KB

.rsrc Size: 26KB - Virtual size: 25KB

.reloc Size: 4KB - Virtual size: 3KB

30a2a6798b8ea7234831e99b4edff45b

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 80B

2b2b794f13fd8c667d8ca834996748b2

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.data Size: 38KB - Virtual size: 37KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

8948c0ad87dbb24f3f021f02c9bc6335

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

imagehlp

pesniffer

cadt

ndump

rebpe32

procs32

uupdatesystem

hedit32

Sections

.data Size: 237KB - Virtual size: 237KB

.rsrc Size: 178KB - Virtual size: 178KB

264476cbdcf6020ccd69c92bbd24050f

Headers

File Characteristics

Imports

CODE
Size: 19KB - Virtual size: 18KB

DATA
Size: 9KB - Virtual size: 8KB

BSS
Size: - Virtual size: 1KB

.idata
Size: 1024B - Virtual size: 834B

.edata
Size: 512B - Virtual size: 139B

.reloc
Size: 1024B - Virtual size: 1020B

.rsrc
Size: 512B - Virtual size: 512B

.text
Size: 60KB - Virtual size: 60KB

.rsrc
Size: 26KB - Virtual size: 25KB

.reloc
Size: 4KB - Virtual size: 3KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 80B

.data
Size: 38KB - Virtual size: 37KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.data
Size: 237KB - Virtual size: 237KB

.rsrc
Size: 178KB - Virtual size: 178KB

.text
Size: 12KB - Virtual size: 12KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 936B

.reloc
Size: 1024B - Virtual size: 828B

.text
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 13KB - Virtual size: 12KB

UPX0
Size: - Virtual size: 32KB

UPX1
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 4KB

CODE
Size: 12KB - Virtual size: 11KB

DATA
Size: 512B - Virtual size: 180B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 141B

.reloc
Size: 1024B - Virtual size: 944B

.rsrc
Size: 512B - Virtual size: 512B

.text
Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 4B

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 712B

.reloc
Size: 512B - Virtual size: 292B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 1024B - Virtual size: 954B

.data
Size: 7KB - Virtual size: 10KB

.reloc
Size: 1KB - Virtual size: 1KB