56282ba6f17156a7d2071c9e1faf9cff

Sharing

Copy URL

Twitter E-mail

General

Target

56282ba6f17156a7d2071c9e1faf9cff
Size

9.6MB
MD5

56282ba6f17156a7d2071c9e1faf9cff
SHA1

6f556031d1f0718c38e62e760bc481237dfde527
SHA256

4ab7ec2cacab3d5f5debf66062959900c0a7c6dbc341e8fd2730f5bd3f345bc1
SHA512

e0543046e74113599f0e2364d18e4aaf837d4581b2113db8d3f27ce95adf90f728b5eee503c60b737fe181a26edfc677dd5d85679a540f00ad8ab40e4faa7869
SSDEEP

196608:t64r3mpd02ygecDOHnxCOMCvbbAVU4lB3GPfw9APMzY2mAbIX:/7mr02R2nxFMCjbAVU4v3Ufw6P6jml

Score

7^/10

pdf link upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/C:/Sisdata/Common/pdftk.exe	upx

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Unsigned PE 31 IoCs

Checks for missing Authenticode signature.

resource
56282ba6f17156a7d2071c9e1faf9cff
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$SYSDIR/CAnteExe.exe
unpack001/$SYSDIR/CEngineDll.dll
unpack001/$SYSDIR/CEnginePDFDll.dll
unpack001/$SYSDIR/CGZipLibrary.dll
unpack001/$SYSDIR/CopyDiskExeB.exe
unpack001/$SYSDIR/MSRDO20.DLL
unpack001/$SYSDIR/SDFileZipper.dll
unpack001/$SYSDIR/SDGfxDocs.dll
unpack001/$SYSDIR/SisdataDesktop.ocx
unpack001/$SYSDIR/Unzip32.dll
unpack001/$SYSDIR/ZlibTool.ocx
unpack001/$SYSDIR/msjet35.dll
unpack001/$SYSDIR/msvbvm50.dll
unpack001/$SYSDIR/pdflib_com.dll
unpack001/$SYSDIR/zip32.dll
unpack001/C:/Sisdata/Common/Calcolatrice.exe
unpack001/C:/Sisdata/Common/ChangePassword.exe
unpack001/C:/Sisdata/Common/CheckSisProcess.exe
unpack001/C:/Sisdata/Common/ChkVerStdAlone.exe
unpack001/C:/Sisdata/Common/ProgressBAR.exe
unpack001/C:/Sisdata/Common/pdftk.exe
unpack002/out.upx
unpack001/C:/Sisdata/ScattiBiennali.exe
unpack001/C:/Sisdata/TeleAssistenza/MSRC4Plugin.dsm
unpack001/C:/Sisdata/TeleAssistenza/SCHook.dll
unpack001/C:/Sisdata/TeleAssistenza/TeleAssistenza.exe
unpack001/C:/Sisdata/TeleAssistenza/vnchooks.dll
unpack001/c:/sisdata/CommonPostGre/sis_restore.exe
unpack001/c:/sisdata/CommonPostGre/sispgl_manager.exe

NSIS installer 1 IoCs

installer

resource	yara_rule
sample	nsis_installer_1

Files

56282ba6f17156a7d2071c9e1faf9cff
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
$SYSDIR/CAnteExe.exe
.exe windows:4 windows x86 arch:x86

315c9191a8de67ecffd311726e188405

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaLenBstr
__vbaStrVarMove
__vbaLateIdCall
__vbaFreeVarList
_adj_fdiv_m64
__vbaRaiseEvent
__vbaFreeObjList
_adj_fprem1
ord519
__vbaStrCat
__vbaLsetFixstr
__vbaRecDestruct
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaVarForInit
__vbaForEachCollObj
ord300
ord301
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
ord306
__vbaStrFixstr
ord307
__vbaFpR8
_CIsin
__vbaNextEachCollObj
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaI2I4
__vbaPrintObj
DllFunctionCall
__vbaCastObjVar
_adj_fpatan
__vbaR4Var
__vbaFixstrConstruct
__vbaLateIdCallLd
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
ord606
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaGetOwner3
__vbaI2Var
__vbaLsetFixstrFree
ord536
ord537
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaInStr
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaI4Var
__vbaVarAdd
__vbaStrToAnsi
__vbaVarDup
ord616
__vbaFpI4
_CIatan
__vbaStrMove
ord618
__vbaStrVarCopy
_allmul
__vbaLateIdSt
_CItan
__vbaVarForNext
_CIexp
__vbaFreeStr
__vbaFreeObj
ord581

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/CEngineDll.dll
.dll regsvr32 windows:4 windows x86 arch:x86

0fe58cb07ffed3c7f9ed8d361ee872d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm50

__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaStrVarMove
__vbaLenBstr
__vbaLateIdCall
__vbaFreeVarList
_adj_fdiv_m64
__vbaGetFxStr3
__vbaFreeObjList
ord516
_adj_fprem1
ord518
ord519
__vbaVarCmpNe
__vbaStrCat
__vbaLsetFixstr
ord660
__vbaRecDestruct
__vbaSetSystemError
__vbaHresultCheckObj
ord558
_adj_fdiv_m32
__vbaAryDestruct
ord591
ord300
ord301
ord595
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord305
ord306
__vbaStrFixstr
ord307
__vbaBoolVarNull
__vbaFpR8
ord523
_CIsin
ord631
__vbaChkstk
__vbaFileClose
ord526
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
ord529
__vbaVarTstEq
__vbaPutOwner3
__vbaI2I4
__vbaPrintObj
DllFunctionCall
__vbaVarOr
__vbaCastObjVar
_adj_fpatan
__vbaLateIdCallLd
__vbaRedim
EVENT_SINK_Release
__vbaNew
_CIsqrt
__vbaVarAnd
ord311
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord313
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord607
__vbaFPException
__vbaGetOwner3
__vbaUbound
__vbaStrVarVal
ord536
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaInStr
ord648
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord101
ord102
ord103
__vbaVarCmpEq
ord104
ord610
ord105
__vbaAryLock
__vbaVarAdd
__vbaVarDup
__vbaStrToAnsi
__vbaFpI2
__vbaVarCopy
ord616
__vbaFpI4
__vbaR8IntI2
_CIatan
__vbaStrMove
__vbaCastObj
ord618
__vbaStrVarCopy
_allmul
__vbaLateIdSt
__vbaLateMemCallSt
_CItan
__vbaAryUnlock
_CIexp
__vbaMidStmtBstr
__vbaFreeObj
__vbaFreeStr
ord581

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/CEnginePDFDll.dll
.dll regsvr32 windows:4 windows x86 arch:x86

b00c526fa92736025620478db638113f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm50

__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaStrVarMove
__vbaLenBstr
__vbaLateIdCall
__vbaFreeVarList
_adj_fdiv_m64
ord698
__vbaGetFxStr3
__vbaFreeObjList
ord516
_adj_fprem1
ord518
ord519
__vbaStrCat
__vbaVarCmpNe
__vbaLsetFixstr
ord660
__vbaSetSystemError
__vbaRecDestruct
__vbaHresultCheckObj
ord558
_adj_fdiv_m32
__vbaAryDestruct
ord591
ord593
ord300
ord594
ord301
ord595
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
ord305
ord306
ord520
__vbaStrFixstr
ord307
__vbaBoolVarNull
__vbaFpR8
ord523
_CIsin
ord631
ord632
__vbaChkstk
__vbaFileClose
ord526
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaVarTstEq
__vbaI2I4
__vbaPrintObj
DllFunctionCall
__vbaVarOr
__vbaCastObjVar
_adj_fpatan
__vbaLateIdCallLd
__vbaRedim
EVENT_SINK_Release
__vbaNew
_CIsqrt
__vbaVarAnd
ord311
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord313
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord607
__vbaFPException
__vbaStrVarVal
__vbaGetOwner3
__vbaUbound
ord536
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaInStr
__vbaNew2
ord648
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord101
ord102
ord103
__vbaVarCmpEq
ord104
ord610
ord105
__vbaVarAdd
__vbaAryLock
__vbaStrToAnsi
__vbaVarDup
__vbaFpI2
__vbaVarCopy
ord616
__vbaFpI4
__vbaR8IntI2
_CIatan
ord618
__vbaStrMove
__vbaCastObj
__vbaStrVarCopy
_allmul
__vbaLateIdSt
__vbaLateMemCallSt
_CItan
__vbaFPInt
__vbaAryUnlock
_CIexp
__vbaMidStmtBstr
__vbaFreeStr
__vbaFreeObj
ord581

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 827KB - Virtual size: 827KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/CGZipLibrary.dll
.dll regsvr32 windows:4 windows x86 arch:x86

0722dff026b295005eb6d0f07321b350

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm50

_CIcos
_adj_fptan
__vbaStrI4
__vbaVarVargNofree
__vbaFreeVar
__vbaStrVarMove
__vbaLenBstr
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
ord516
_adj_fprem1
__vbaRecAnsiToUni
__vbaCopyBytes
__vbaStrCat
__vbaLsetFixstr
__vbaSetSystemError
__vbaRecDestruct
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaExitProc
ord595
__vbaOnError
__vbaObjSet
ord596
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaForEachCollVar
ord520
_CIsin
ord631
ord632
ord525
__vbaChkstk
ord526
EVENT_SINK_AddRef
ord527
__vbaGenerateBoundsError
__vbaStrCmp
__vbaNextEachCollVar
__vbaI2I4
DllFunctionCall
_adj_fpatan
__vbaFixstrConstruct
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
__vbaUI1I2
_CIsqrt
__vbaObjIs
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord608
__vbaFPException
__vbaInStrVar
__vbaStrVarVal
__vbaVarCat
__vbaLsetFixstrFree
__vbaI2Var
ord537
_CIlog
__vbaErrorOverflow
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
ord681
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord101
ord102
ord103
ord104
ord105
__vbaVarAdd
__vbaStrToAnsi
__vbaVarDup
ord613
__vbaRecDestructAnsi
ord617
_CIatan
__vbaCastObj
__vbaStrMove
__vbaUI1Str
ord619
__vbaStrVarCopy
_allmul
_CItan
__vbaUI1Var
_CIexp
__vbaMidStmtBstr
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/CopyDiskExeB.exe
.exe windows:4 windows x86 arch:x86

c58c44ca39444a80637d12dc3eafed72

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

__vbaR8FixI4
__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaLenBstr
__vbaFreeVarList
__vbaPut3
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
ord519
__vbaResume
__vbaStrCat
__vbaLsetFixstr
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
ord592
__vbaExitProc
ord300
__vbaObjSet
ord595
__vbaOnError
_adj_fdiv_m16i
ord303
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
ord305
ord306
__vbaStrFixstr
ord309
__vbaFpR8
__vbaBoolVarNull
_CIsin
ord631
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
ord529
__vbaStrCmp
__vbaGet3
__vbaPutOwner3
__vbaI2I4
DllFunctionCall
_adj_fpatan
__vbaFixstrConstruct
__vbaRedim
EVENT_SINK_Release
_CIsqrt
__vbaVarAnd
ord311
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord313
__vbaStrToUnicode
__vbaPrintFile
__vbaInputFile
ord606
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaGetOwner3
__vbaI2Var
ord536
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaR8Str
ord648
__vbaInStr
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaVarCmpLt
__vbaFreeStrList
ord576
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord578
ord100
ord579
__vbaVarTstNe
__vbaVarAdd
__vbaStrToAnsi
__vbaVarDup
ord616
__vbaFpI4
_CIatan
ord618
__vbaStrMove
__vbaR8IntI4
_allmul
__vbaLateIdSt
_CItan
__vbaFPInt
_CIexp
__vbaFreeStr
__vbaFreeObj
ord581

Sections

.text
Size: 813KB - Virtual size: 813KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/MSRDO20.DLL
.dll regsvr32 windows:4 windows x86 arch:x86

f605f5bdf2c4b60ed2612b9e5e4cb593

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

odbc32

ord51
ord19
ord1
ord2
ord9
ord14
ord15
ord23
ord40
ord41
ord42
ord44
ord47
ord49
ord50
ord54
ord43
ord6
ord46
ord59
ord10
ord45
ord18
ord72
ord68
ord17
ord12
ord11
ord20
ord61
ord5
ord13
ord16
ord4
ord58
ord63
ord66
ord3
ord48

kernel32

GetCPInfo
HeapSize
GlobalAlloc
GetModuleFileNameA
FlushFileBuffers
SetStdHandle
IsBadCodePtr
LCMapStringW
LCMapStringA
SetFilePointer
SetUnhandledExceptionFilter
WriteFile
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetStdHandle
GetFileType
SetHandleCount
HeapDestroy
HeapCreate
GetStringTypeW
GetStringTypeA
RtlUnwind
RaiseException
TlsGetValue
SetLastError
LocalFree
GetCurrentThreadId
lstrlenA
GetExitCodeThread
ResumeThread
GetTickCount
CreateThread
WaitForSingleObject
SuspendThread
WideCharToMultiByte
lstrcpyA
GetLastError
lstrcmpiA
lstrcmpA
HeapFree
HeapReAlloc
HeapAlloc
GetProcessHeap
lstrcpynA
MultiByteToWideChar
GetProcAddress
LoadLibraryA
FreeLibrary
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetSystemDefaultLCID
GlobalFree
GlobalUnlock
GlobalLock
TlsFree
GetCurrentThread
lstrcatA
GetLocaleInfoA
GetUserDefaultLCID
LocalAlloc
LocalReAlloc
CloseHandle
DisableThreadLibraryCalls
CreateMutexA
ReleaseMutex
InterlockedIncrement
InterlockedDecrement
IsBadWritePtr
IsBadReadPtr
GetCurrentProcessId
GetCommandLineA
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetACP
GetOEMCP
TlsSetValue
GetCurrentProcess
TlsAlloc

user32

GetWindowThreadProcessId
wsprintfA
DispatchMessageA
CharNextA
LoadStringA
MsgWaitForMultipleObjects
TranslateMessage
GetWindowLongA
IsWindowVisible
GetWindow
DestroyWindow
CharUpperA
GetActiveWindow
PostMessageA
CreateDialogParamA
KillTimer
GetDesktopWindow
PeekMessageA
SetTimer

ole32

StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree

advapi32

RegOpenKeyA
RegSetValueExA
RegCreateKeyA
RegDeleteKeyA
RegCloseKey
RegQueryValueA
RegSetValueA

oleaut32

SafeArrayGetLBound
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SetErrorInfo
SysAllocStringByteLen
CreateErrorInfo
VariantChangeTypeEx
SafeArrayCopy
SysReAllocStringLen
SysAllocStringLen
SafeArrayPutElement
SysStringLen
SafeArrayDestroy
SafeArrayCreate
SafeArrayRedim
SafeArrayGetUBound
SysFreeString
SysAllocString
SafeArrayUnaccessData
VariantChangeType
SafeArrayAccessData
VariantCopy
VariantInit
VariantClear
SysReAllocString

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllRegisterServerEx
DllUnregisterServer

Sections

.text
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/SDFileZipper.dll
.dll regsvr32 windows:4 windows x86 arch:x86

350051d34d348fc740f8ca3f54baa84c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

kernel32

CloseHandle
CompareStringA
CreateEventA
CreateFileA
CreateProcessA
CreateThread
DebugBreak
DeleteCriticalSection
DeleteFileA
DisableThreadLibraryCalls
EnterCriticalSection
EnumCalendarInfoA
ExitProcess
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindResourceA
FlushInstructionCache
FormatMessageA
FreeEnvironmentStringsA
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceA
GetEnvironmentStrings
GetExitCodeProcess
GetFileAttributesA
GetFileSize
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetSystemInfo
GetThreadLocale
GetTickCount
GetVersion
GetVersionExA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFree
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapDestroy
HeapFree
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
LocalAlloc
LocalFree
LockResource
MulDiv
MultiByteToWideChar
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetErrorMode
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetPriorityClass
SetThreadLocale
SizeofResource
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA
lstrlenW

comctl32

ImageList_Add
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_Draw
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Read
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetIconSize
ImageList_Write
ImageList_DrawEx

gdi32

BitBlt
CopyEnhMetaFileA
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateDIBitmap
CreateFontIndirectA
CreateHalftonePalette
CreatePalette
CreatePenIndirect
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
ExcludeClipRect
GetBitmapBits
GetBrushOrgEx
GetClipBox
GetCurrentPositionEx
GetDCOrgEx
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetEnhMetaFileBits
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetObjectA
GetPaletteEntries
GetPixel
GetStockObject
GetSystemPaletteEntries
GetTextExtentPoint32A
GetTextMetricsA
GetWinMetaFileBits
GetWindowOrgEx
IntersectClipRect
LPtoDP
LineTo
MaskBlt
MoveToEx
PatBlt
PlayEnhMetaFile
RealizePalette
RectVisible
RestoreDC
SaveDC
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetEnhMetaFileBits
SetMapMode
SetPixel
SetROP2
SetStretchBltMode
SetTextColor
SetViewportOrgEx
SetWinMetaFileBits
SetWindowOrgEx
StretchBlt
UnrealizeObject

user32

ActivateKeyboardLayout
AdjustWindowRectEx
BeginPaint
CallNextHookEx
CallWindowProcA
CharLowerA
CharLowerBuffA
CharNextA
CheckMenuItem
ClientToScreen
CreateAcceleratorTableA
CreateIcon
CreateMenu
CreatePopupMenu
CreateWindowExA
DefFrameProcA
DefMDIChildProcA
DefWindowProcA
DeleteMenu
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageA
DrawEdge
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawTextA
EnableMenuItem
EnableScrollBar
EnableWindow
EndPaint
EnumThreadWindows
EnumWindows
EqualRect
FillRect
FindWindowA
FrameRect
GetActiveWindow
GetCapture
GetClassInfoA
GetClassInfoExA
GetClassNameA
GetClientRect
GetClipboardData
GetCursor
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDlgItem
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyNameTextA
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardState
GetKeyboardType
GetLastActivePopup
GetMenu
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuState
GetMenuStringA
GetParent
GetPropA
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSystemMetrics
GetTopWindow
GetWindow
GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowThreadProcessId
InflateRect
InsertMenuA
InsertMenuItemA
IntersectRect
InvalidateRect
InvalidateRgn
IsChild
IsDialogMessageA
IsIconic
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadKeyboardLayoutA
LoadStringA
MapVirtualKeyA
MapWindowPoints
MessageBoxA
OemToCharA
OffsetRect
PeekMessageA
PostMessageA
PostQuitMessage
PostThreadMessageA
PtInRect
RedrawWindow
RegisterClassA
RegisterClassExA
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindow
SendMessageA
SetActiveWindow
SetCapture
SetClassLongA
SetCursor
SetFocus
SetForegroundWindow
SetMenu
SetMenuItemInfoA
SetPropA
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowTextA
SetWindowsHookExA
ShowCursor
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UpdateWindow
WaitMessage
WinHelpA
WindowFromPoint
wsprintfA
GetSystemMenu

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoInitialize
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateStreamOnHGlobal
IsEqualGUID
OleInitialize
OleLockRunning
OleUninitialize
ProgIDFromCLSID
StringFromCLSID

oleaut32

CreateErrorInfo
GetErrorInfo
LoadRegTypeLib
LoadTypeLib
RegisterTypeLib
SetErrorInfo
SysAllocString
SysAllocStringLen
SysFreeString
SysReAllocStringLen
SysStringLen
VariantChangeTypeEx
VariantClear
VariantCopyInd

olepro32

OleCreateFontIndirect

Exports

Exports

@@Sdfilezipper@Finalize
@@Sdfilezipper@Initialize
@@Sdfilezipper_atl@Finalize
@@Sdfilezipper_atl@Initialize
@@Sdfilezipper_tlb@Finalize
@@Sdfilezipper_tlb@Initialize
@@Zipper@Finalize
@@Zipper@Initialize
@Sdfilezipper_tlb@CLSID_FileZipper
@Sdfilezipper_tlb@DIID_IFileZipperEvents
@Sdfilezipper_tlb@IID_IFileZipper
@Sdfilezipper_tlb@LIBID_SDFileZipper
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
___CPPdebugHook

Sections

.text
Size: 396KB - Virtual size: 400KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$SYSDIR/SDGfxDocs.dll
.dll regsvr32 windows:4 windows x86 arch:x86

fd6acdf1c8d9128810251e4b36869849

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

kernel32

CloseHandle
CompareStringA
CreateEventA
CreateFileA
CreateThread
DebugBreak
DeleteCriticalSection
DeleteFileA
DisableThreadLibraryCalls
EnterCriticalSection
EnumCalendarInfoA
ExitProcess
ExitThread
FindClose
FindFirstFileA
FindResourceA
FlushInstructionCache
FormatMessageA
FreeEnvironmentStringsA
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetDiskFreeSpaceA
GetEnvironmentStrings
GetExitCodeThread
GetFileSize
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetStringTypeExA
GetStringTypeW
GetSystemInfo
GetThreadLocale
GetTickCount
GetTimeZoneInformation
GetVersion
GetVersionExA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFree
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapDestroy
HeapFree
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
LocalAlloc
LocalFree
LockResource
MulDiv
MultiByteToWideChar
OutputDebugStringA
RaiseException
ReadFile
ResetEvent
ResumeThread
RtlUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetEndOfFile
SetErrorMode
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetThreadLocale
SetThreadPriority
SizeofResource
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA
lstrlenW

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winspool.drv

EnumPrintersA
ord201

comctl32

ImageList_Add
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetIconSize
ImageList_Write
ord17

gdi32

AbortDoc
BitBlt
CombineRgn
CopyEnhMetaFileA
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
CreateDIBSection
CreateDIBitmap
CreateFontIndirectA
CreateHalftonePalette
CreateICA
CreatePalette
CreatePenIndirect
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
EndDoc
EndPage
Escape
ExcludeClipRect
ExtCreatePen
ExtTextOutA
GetBitmapBits
GetBrushOrgEx
GetClipBox
GetCurrentObject
GetCurrentPositionEx
GetDCOrgEx
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetEnhMetaFileBits
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetObjectA
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextExtentPoint32A
GetTextMetricsA
GetWinMetaFileBits
GetWindowOrgEx
IntersectClipRect
LPtoDP
LineTo
MaskBlt
MoveToEx
PatBlt
PlayEnhMetaFile
PolyPolyline
Polyline
RealizePalette
RectVisible
Rectangle
RestoreDC
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetEnhMetaFileBits
SetMapMode
SetPixel
SetROP2
SetStretchBltMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWinMetaFileBits
SetWindowExtEx
SetWindowOrgEx
StartDocA
StartPage
StretchBlt
StretchDIBits
UnrealizeObject

user32

ActivateKeyboardLayout
AdjustWindowRectEx
BeginPaint
CallNextHookEx
CallWindowProcA
CharLowerA
CharLowerBuffA
CharNextA
CharUpperBuffA
CheckMenuItem
ChildWindowFromPoint
ClientToScreen
CloseClipboard
CreateAcceleratorTableA
CreateIcon
CreateMenu
CreatePopupMenu
CreateWindowExA
DefFrameProcA
DefMDIChildProcA
DefWindowProcA
DeleteMenu
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageA
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawTextA
DrawTextExA
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndPaint
EnumClipboardFormats
EnumThreadWindows
EnumWindows
EqualRect
FillRect
FindWindowA
FrameRect
GetActiveWindow
GetCapture
GetCaretPos
GetClassInfoA
GetClassInfoExA
GetClassNameA
GetClientRect
GetClipboardData
GetCursor
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDlgItem
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyNameTextA
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardState
GetKeyboardType
GetLastActivePopup
GetMenu
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuState
GetMenuStringA
GetMessagePos
GetMessageTime
GetParent
GetPropA
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetUpdateRect
GetWindow
GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowThreadProcessId
InflateRect
InsertMenuA
InsertMenuItemA
IntersectRect
InvalidateRect
InvalidateRgn
IsCharAlphaA
IsCharAlphaNumericA
IsChild
IsDialogMessageA
IsIconic
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadKeyboardLayoutA
LoadStringA
MapVirtualKeyA
MapWindowPoints
MessageBeep
MessageBoxA
MsgWaitForMultipleObjects
OemToCharA
OffsetRect
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
PostThreadMessageA
PtInRect
RedrawWindow
RegisterClassA
RegisterClassExA
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindow
ScrollWindowEx
SendMessageA
SetActiveWindow
SetCapture
SetClassLongA
SetClipboardData
SetCursor
SetFocus
SetForegroundWindow
SetKeyboardState
SetMenu
SetMenuItemInfoA
SetPropA
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowTextA
SetWindowsHookExA
ShowCursor
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassA
UpdateWindow
ValidateRect
WaitMessage
WinHelpA
WindowFromPoint
wsprintfA
GetSysColor

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoInitialize
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateStreamOnHGlobal
OleInitialize
OleLockRunning
OleUninitialize
ProgIDFromCLSID
StringFromCLSID

oleaut32

CreateErrorInfo
GetErrorInfo
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
SafeArrayCreate
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SetErrorInfo
SysAllocString
SysAllocStringLen
SysFreeString
SysReAllocStringLen
SysStringLen
VariantChangeType
VariantClear
VariantCopy
VariantCopyInd
VariantInit

olepro32

ord253

Exports

Exports

@@Bmpdoc@Finalize
@@Bmpdoc@Initialize
@@Bmpmanager@Finalize
@@Bmpmanager@Initialize
@@Dibsection@Finalize
@@Dibsection@Initialize
@@Frm_preview@Finalize
@@Frm_preview@Initialize
@@Frm_printersdebug@Finalize
@@Frm_printersdebug@Initialize
@@Frm_sdgfxdoc@Finalize
@@Frm_sdgfxdoc@Initialize
@@Gfxelements@Finalize
@@Gfxelements@Initialize
@@Sdgfxdocobj@Finalize
@@Sdgfxdocobj@Initialize
@@Sdgfxdocs@Finalize
@@Sdgfxdocs@Initialize
@@Sdgfxdocs_atl@Finalize
@@Sdgfxdocs_atl@Initialize
@@Sdgfxdocs_tlb@Finalize
@@Sdgfxdocs_tlb@Initialize
@@Sdprinters@Finalize
@@Sdprinters@Initialize
@@Sharedstream@Finalize
@@Sharedstream@Initialize
@@Tmpfiles@Finalize
@@Tmpfiles@Initialize
@@Vkutils2@Finalize
@@Vkutils2@Initialize
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
___CPPdebugHook
_frmPreview
_frmPrintersDebug
_frmSDGfxDoc

Sections

.text
Size: 789KB - Virtual size: 792KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$SYSDIR/SisdataDesktop.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

e4d9181cdad33dc57a27b28ac529fa9a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm50

EVENT_SINK_GetIDsOfNames
_CIcos
_adj_fptan
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaStrVarMove
__vbaLenBstr
__vbaFreeVarList
_adj_fdiv_m64
EVENT_SINK_Invoke
__vbaRaiseEvent
__vbaFreeObjList
ord517
_adj_fprem1
ord519
__vbaCopyBytes
__vbaStrCat
__vbaError
__vbaLsetFixstr
__vbaSetSystemError
__vbaRecDestruct
__vbaHresultCheckObj
_adj_fdiv_m32
Zombie_GetTypeInfo
__vbaLateMemSt
ord591
__vbaExitProc
ord300
__vbaObjSet
__vbaOnError
ord595
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord306
__vbaStrFixstr
__vbaBoolVar
__vbaVargVar
_CIsin
ord525
__vbaChkstk
__vbaCyVar
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaI2I4
__vbaObjVar
DllFunctionCall
__vbaCastObjVar
__vbaRedimPreserve
_adj_fpatan
__vbaFixstrConstruct
__vbaLateIdCallLd
__vbaR4Cy
Zombie_GetTypeInfoCount
EVENT_SINK_Release
__vbaNew
_CIsqrt
__vbaLateIdCallSt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
ord319
__vbaUbound
ord534
ord536
__vbaI2Var
__vbaLsetFixstrFree
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord101
ord102
__vbaI4Var
ord103
ord104
ord105
__vbaAryLock
__vbaLateMemCall
ord320
__vbaVarDup
__vbaStrToAnsi
ord321
__vbaFpI2
ord616
__vbaLateMemCallLd
__vbaR8IntI2
_CIatan
__vbaStrMove
__vbaCastObj
ord618
_allmul
__vbaLateIdSt
_CItan
__vbaAryUnlock
_CIexp
__vbaFreeStr
__vbaFreeObj
__vbaRecAssign

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/Unzip32.dll
.dll windows:4 windows x86 arch:x86

d7fb4de41cd6c7ef515f3cb090e706e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedExchange
HeapAlloc
GetLastError
CreateFileA
GetCurrentProcess
GetVersion
SetFileTime
SetFileAttributesA
FileTimeToLocalFileTime
GetFullPathNameA
CloseHandle
CreateMutexA
FindClose
SetVolumeLabelA
GetFileAttributesA
GetFileTime
FileTimeToDosDateTime
lstrcpyA
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
InitializeCriticalSection
WaitForSingleObject
ReleaseMutex
GetVolumeInformationA
lstrlenA
lstrcmpiA
EnterCriticalSection
GetDriveTypeA
lstrcpynA
LeaveCriticalSection
GetProcessHeap
HeapFree
FindFirstFileA
FindNextFileA
HeapDestroy
TlsFree
SetLastError
GetCurrentDirectoryA
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetTimeZoneInformation
HeapCreate
VirtualFree
DeleteCriticalSection
ExitProcess
VirtualAlloc
RtlUnwind
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TerminateProcess
FlushFileBuffers
WriteFile
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCurrentThreadId
TlsSetValue
TlsAlloc
FileTimeToSystemTime
TlsGetValue
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetFilePointer
ReadFile
SetStdHandle
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
DeleteFileA
CreateDirectoryA

user32

CharToOemA
OemToCharA

advapi32

GetSecurityDescriptorControl
GetKernelObjectSecurity
AdjustTokenPrivileges
IsValidSecurityDescriptor
GetSecurityDescriptorDacl
SetKernelObjectSecurity
GetSecurityDescriptorSacl
GetSecurityDescriptorOwner
IsValidAcl
GetSecurityDescriptorGroup
GetSecurityDescriptorLength
IsValidSid
OpenProcessToken
LookupPrivilegeValueA

Exports

Exports

UzpFreeMemBuffer
UzpVersion
UzpVersion2
Wiz_Grep
Wiz_Init
Wiz_NoPrinting
Wiz_SetOpts
Wiz_SingleEntryUnzip
Wiz_Unzip
Wiz_UnzipToMemory
Wiz_Validate

Sections

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/ZlibTool.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

3926b7f647fade928a6e1f62518f0a7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc40

ord3952
ord2617
ord2754
ord2843
ord5638
ord3945
ord2744
ord2860
ord2620
ord2696
ord2916
ord3345
ord3346
ord3340
ord2694
ord3580
ord4096
ord3906
ord3202
ord651
ord403
ord1073
ord1035
ord1084
ord4046
ord4141
ord4302
ord4462
ord4681
ord3859
ord4312
ord4450
ord4176
ord2199
ord5360
ord3578
ord1539
ord3890
ord4657
ord2086
ord4608
ord5644
ord3837
ord4700
ord3314
ord4296
ord3919
ord2323
ord1785
ord5649
ord3268
ord4510
ord1494
ord4677
ord2140
ord1850
ord4691
ord2861
ord4099
ord3907
ord654
ord706
ord762
ord486
ord406
ord1986
ord2072
ord1995
ord2004
ord1989
ord1633
ord3738
ord2176
ord2358
ord1043
ord1071
ord2135
ord1464
ord4973
ord881
ord3827
ord4154
ord4113
ord5023
ord1873
ord4314
ord4375
ord5001
ord4133
ord4132
ord4230
ord4124
ord4360
ord4024
ord3997
ord4070
ord5748
ord2894
ord4385
ord4390
ord4122
ord4156
ord4473
ord4127
ord4117
ord3838
ord4241
ord4123
ord4111
ord4110
ord4505
ord4060
ord3854
ord3844
ord3840
ord4202
ord4204
ord4201
ord3892
ord729
ord4459
ord3898
ord4444
ord4432
ord2177
ord2963
ord4015
ord5363
ord1540
ord5643
ord4704
ord3922
ord2618
ord2755
ord2844
ord3946
ord2851
ord2621
ord2695
ord3581
ord4098
ord5160
ord632
ord3452
ord381
ord2227
ord4742
ord483
ord4740
ord2223
ord2378
ord4403
ord570
ord315
ord1400
ord2081
ord5341
ord1456
ord760
ord819
ord3626
ord5049
ord3697
ord481
ord2451
ord2389
ord3458
ord5648
ord3963
ord2234
ord2197
ord5070
ord3431
ord965
ord4627
ord2097
ord2909
ord4713
ord4715
ord3579
ord4165
ord4719
ord4703
ord5053
ord2845
ord2960
ord3192
ord721
ord504
ord532
ord5630
ord1075
ord1097
ord1085
ord5637
ord731
ord265
ord1647
ord4441
ord4380
ord4079
ord999
ord1000
ord5681
ord1367
ord1046
ord328
ord1042
ord1369
ord1105
ord988
ord1370
ord269
ord711
ord733
ord671

msvcrt40

fclose
fopen
fread
fwrite
calloc
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
_onexit
__dllonexit
_EH_prolog
free
__CxxFrameHandler
_mbscmp
_fileno
_filelength

kernel32

LocalAlloc
Sleep
LocalFree
GlobalFree
GlobalAlloc
GetVersion

user32

EnableWindow
SendMessageA
PeekMessageA
DispatchMessageA
TranslateMessage

oleaut32

LoadRegTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/msjet35.dll
.dll regsvr32 windows:4 windows x86 arch:x86

fafbf34557833c1916cdad807ab2b231

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetTickCount
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLocalTime
GetLastError
CloseHandle
CreateFileA
GetTempPathA
DeleteFileA
GetVersionExA
Sleep
GetComputerNameA
FindClose
FindFirstFileA
GetShortPathNameA
lstrcpyA
GetFullPathNameA
lstrlenA
IsBadStringPtrA
GetDriveTypeA
GetFileAttributesA
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
ReadFile
SetFilePointer
WriteFile
FlushFileBuffers
GetFileSize
SetEndOfFile
GetFileType
LockFile
UnlockFile
GetFileInformationByHandle
CompareStringA
LCMapStringA
GetSystemInfo
GlobalMemoryStatus
SetThreadPriority
GetTempFileNameA
HeapAlloc
GetProcessHeap
HeapFree
FreeLibrary
GetProcAddress
SetEvent
ResetEvent
WaitForSingleObject
GetCurrentThreadId
CreateThread
lstrcmpiA
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetCommandLineA
GetVersion
ExitProcess
GetModuleHandleA
GetStringTypeW
HeapCreate
HeapDestroy
LCMapStringW
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
HeapSize
RtlUnwind
SetHandleCount
GetStdHandle
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetStdHandle
CompareStringW
SetEnvironmentVariableA
GetUserDefaultLCID
GetLocaleInfoA
VirtualFree
VirtualQuery
VirtualAlloc
GetModuleFileNameA
DisableThreadLibraryCalls
IsDBCSLeadByte
GetSystemDefaultLangID
CreateEventA
ResumeThread
GetStringTypeA

user32

IsCharAlphaA
CharUpperA
wvsprintfA
wsprintfA
CharPrevA
IsCharAlphaNumericA

advapi32

RegEnumKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegEnumValueA
RegQueryInfoKeyA

ole32

CoCreateGuid

oleaut32

LHashValOfNameSys
VariantChangeType
SysFreeString
VarI2FromStr
VarI4FromStr
VarR4FromStr
VarR8FromStr
VarBstrFromDate
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
VariantClear
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromR8
VarBstrFromR4
VarBstrFromI4
VarBstrFromI2

Exports

Exports

DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 980KB - Virtual size: 980KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/msvbvm50.dll
.dll regsvr32 windows:4 windows x86 arch:x86

0615e9c25da62e90a31fe72638c8f4fb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MoveFileA
ReadFile
LockFile
RemoveDirectoryA
CreateDirectoryA
UnlockFile
HeapSize
GetStringTypeW
FlushFileBuffers
TerminateProcess
HeapFree
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetStdHandle
GetTimeZoneInformation
LockResource
ExitThread
RaiseException
GetTempFileNameA
lstrcpynA
GetLastError
_lclose
_llseek
FreeLibrary
GetLocaleInfoA
lstrcpyA
GetModuleHandleA
GetSystemDefaultLangID
FormatMessageA
TlsGetValue
HeapCreate
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
IsDBCSLeadByte
IsBadReadPtr
MulDiv
lstrcmpiA
GetTickCount
GetCurrentThreadId
lstrcmpA
lstrlenA
HeapAlloc
CreateThread
SetEnvironmentVariableA
LCMapStringW
GetStringTypeA
CompareStringW
FileTimeToLocalFileTime
SetLocalTime
SetFileAttributesA
SetFileTime
FileTimeToSystemTime
GetFileTime
GetUserDefaultLangID
GetModuleFileNameW
GetLocalTime
CreateProcessW
RtlUnwind
GetDateFormatA
UnhandledExceptionFilter
FormatMessageW
GetStartupInfoA
SetCurrentDirectoryA
ExitProcess
GetShortPathNameA
GetVolumeInformationA
GetStringTypeExA
GetDriveTypeA
FindClose
FindFirstFileA
FindNextFileA
VirtualAlloc
VirtualFree
GetSystemInfo
WinExec
VirtualProtect
FlushInstructionCache
SetFilePointer
WriteFile
SetEndOfFile
ResumeThread
GetCurrentProcess
DuplicateHandle
TlsFree
GetCommandLineA
TlsSetValue
lstrcmpiW
TlsAlloc
GetVersion
LoadLibraryExA
CreateProcessA
GetExitCodeProcess
MultiByteToWideChar
GetSystemTime
SystemTimeToFileTime
SetEvent
WaitForSingleObject
ResetEvent
GetCurrentProcessId
CloseHandle
CreateEventA
IsBadCodePtr
FreeResource
GetSystemDefaultLCID
LoadLibraryA
GetUserDefaultLCID
GetSystemDirectoryA
Sleep
GetProcAddress
GetVersionExA
SetErrorMode
GlobalDeleteAtom
HeapDestroy
LCMapStringA
GlobalAddAtomA
ReleaseSemaphore
GetProfileStringA
CreateSemaphoreA
VirtualQuery
CompareStringA
WideCharToMultiByte
HeapReAlloc
GetCurrentDirectoryA
lstrcatA
GetFileAttributesA
GetFullPathNameA
GetModuleFileNameA
SearchPathA
GetFileType
SetLastError
CreateFileA
GlobalFree
DeleteFileA
GlobalUnlock
SizeofResource
FindResourceA
LoadResource
GlobalHandle
GlobalAlloc
GlobalSize
_lwrite
GlobalReAlloc
GlobalLock
GetTempPathA
_lread
GetWindowsDirectoryA
SetHandleCount
GetStdHandle
GetCPInfo

user32

DdeConnect
DdePostAdvise
DdeClientTransaction
DdeAbandonTransaction
DdeGetData
DdeGetLastError
DdeCreateDataHandle
DdeCmpStringHandles
SetCursorPos
EnumClipboardFormats
DestroyCursor
GetAsyncKeyState
WaitForInputIdle
GetForegroundWindow
keybd_event
VkKeyScanW
SetWindowsHookExW
CharUpperBuffW
CharUpperBuffA
CharLowerBuffW
FindWindowW
FindWindowA
GetLastActivePopup
GetClassInfoExA
LoadIconA
RegisterClassExA
FrameRect
CreateDialogParamA
IsRectEmpty
IsDialogMessageA
ShowCursor
OemToCharA
CharToOemBuffA
LoadAcceleratorsA
BringWindowToTop
GetClipboardFormatNameA
DrawTextA
SetWindowTextA
SendDlgItemMessageA
SetDlgItemTextA
GetWindowTextA
EndDialog
LoadBitmapA
CallNextHookEx
DispatchMessageA
MsgWaitForMultipleObjects
WaitMessage
PostQuitMessage
GetKeyboardLayout
UnhookWindowsHookEx
RegisterClipboardFormatA
CreateCursor
CreateIcon
PostMessageW
PeekMessageW
GetPropA
RemovePropA
SetPropA
CharUpperA
ClipCursor
GetKeyState
DefFrameProcA
GetDlgItem
IsWindow
UnregisterClassA
RegisterClassA
DestroyWindow
AdjustWindowRect
GetTabbedTextExtentA
TabbedTextOutA
GetUpdateRect
FillRect
CharToOemA
LoadStringA
MessageBoxA
wsprintfA
WinHelpA
GetSysColor
GetWindowDC
GetSystemMetrics
SetActiveWindow
DdeSetUserHandle
DdeDisconnect
EqualRect
CopyRect
AdjustWindowRectEx
TranslateMDISysAccel
GetMenuItemCount
GetMenuStringA
GetMenuState
AppendMenuA
IsCharAlphaA
GetCaretPos
CharPrevA
CharNextA
ReleaseDC
GetDC
IntersectRect
GetUpdateRgn
BeginPaint
EndPaint
PtInRect
WindowFromPoint
ReleaseCapture
SetCapture
InflateRect
GetWindowRect
ScreenToClient
MoveWindow
IsWindowEnabled
GetActiveWindow
IsChild
SetParent
ClientToScreen
DrawFocusRect
GetMessageTime
GetMessagePos
CopyAcceleratorTableA
GetWindowRgn
GetMenuItemInfoA
SetMenuItemInfoA
GetKeyboardState
TranslateMessage
SetKeyboardState
GetQueueStatus
RemoveMenu
EnableMenuItem
MapWindowPoints
GetCursorPos
CallWindowProcA
GetDoubleClickTime
CreateMenu
GetClientRect
CreateWindowExA
SetWindowContextHelpId
InvalidateRect
DefWindowProcA
GetDesktopWindow
GetWindowThreadProcessId
SetForegroundWindow
MessageBeep
DefMDIChildProcA
IsZoomed
DestroyMenu
PeekMessageA
PostMessageA
IsIconic
UpdateWindow
SetWindowLongA
DrawMenuBar
GetWindowLongA
IsWindowVisible
EnableWindow
SetFocus
SendMessageA
ShowWindow
GetCapture
GetClassNameA
SetWindowsHookExA
LoadCursorA
SetCursor
GetWindow
GetParent
GetFocus
OffsetRect
SetWindowPos
GetSystemMenu
DdeUninitialize
DdeCreateStringHandleA
DdeNameService
DdeQueryConvInfo
DdeInitializeA
DdeFreeStringHandle
SetScrollRange
DdeQueryStringA
DdeFreeDataHandle
LockWindowUpdate
SetScrollPos
DrawFrameControl
SetClipboardData
CharLowerBuffA
IsClipboardFormatAvailable
EmptyClipboard
GetClipboardData
OpenClipboard
SetCaretPos
CloseClipboard
GetCaretBlinkTime
DestroyCaret
GetWindowTextLengthA
HideCaret
GetScrollPos
CreateCaret
ShowCaret
ToAscii
SetRect
SetWindowRgn
ShowScrollBar
CreateAcceleratorTableA
DestroyAcceleratorTable
SubtractRect
EnumThreadWindows
SetScrollInfo
AttachThreadInput
InvalidateRgn
GetDCEx
DeleteMenu
TrackPopupMenu
SetMenuDefaultItem
GetSubMenu
CreatePopupMenu
InsertMenuA
SetMenu
GetMenuItemID
GetMenu
SetTimer
CheckMenuItem
ModifyMenuA
GetIconInfo
KillTimer
GetCursor
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
CharLowerA
PostThreadMessageA
VkKeyScanA
DrawIcon
MessageBoxIndirectA
SystemParametersInfoA
DestroyIcon
DialogBoxParamA
GetClassInfoA
LoadImageA
GetScrollInfo

gdi32

CreateSolidBrush
CreatePen
SetBkColor
CreateHatchBrush
CreatePatternBrush
CreateBitmap
SetTextColor
OffsetRgn
CreateRectRgn
OffsetWindowOrgEx
PatBlt
SetBrushOrgEx
SelectObject
IntersectClipRect
SaveDC
RestoreDC
CombineRgn
SetRectRgn
Rectangle
SelectPalette
GetClipBox
RealizePalette
SetWindowOrgEx
ExcludeClipRect
SetROP2
GetTextMetricsA
EnumFontsA
CreateHalftonePalette
SetBkMode
GetROP2
TranslateCharsetInfo
BitBlt
CreateCompatibleDC
DeleteDC
GetObjectA
GetDeviceCaps
CreateCompatibleBitmap
CreateBrushIndirect
GetStockObject
CreatePenIndirect
MoveToEx
Arc
LineTo
Ellipse
SetStretchBltMode
Pie
ExtTextOutA
GetTextExtentPoint32A
GetPixel
CreateRectRgnIndirect
GetBitmapBits
SetPixelV
GetCurrentObject
GetTextExtentPointA
StretchDIBits
GetBkColor
StretchBlt
TextOutA
CreatePalette
EndDoc
CreateDIBitmap
StartPage
EndPage
AbortDoc
CreateDCA
ResetDCA
StartDocA
ScaleViewportExtEx
SetViewportExtEx
Escape
SetWindowExtEx
SetMapMode
SetViewportOrgEx
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
SelectClipRgn
SetAbortProc
PlayMetaFile
PtInRegion
DeleteEnhMetaFile
CreateFontIndirectA
GetEnhMetaFileHeader
ScaleWindowExtEx
PlayEnhMetaFile
GetPaletteEntries
CloseEnhMetaFile
GetWindowOrgEx
CreateICA
ExtCreateRegion
CreateEnhMetaFileA
GetWindowExtEx
GetViewportExtEx
GetDIBits
CopyMetaFileA
PathToRegion
CopyEnhMetaFileA
BeginPath
WidenPath
EndPath
GetMapMode
SetDIBColorTable
GetTextColor
RoundRect
CreateRoundRectRgn
CreateDIBSection
GetObjectType
GetSystemPaletteEntries
CreateEllipticRgnIndirect
DeleteObject
UnrealizeObject
GetNearestColor

advapi32

ReportEventA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueA
RegSetValueA
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegisterEventSourceA
DeregisterEventSource
RegQueryInfoKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegSetValueExW
RegOpenKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegEnumValueA
RegQueryValueExW
RegCreateKeyW

ole32

OleLoad
BindMoniker
RegisterDragDrop
RevokeDragDrop
CoLockObjectExternal
DoDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
CreateDataAdviseHolder
CreateOleAdviseHolder
OleLoadFromStream
CoMarshalInterface
CoUnmarshalInterface
CreateStreamOnHGlobal
StringFromCLSID
StringFromGUID2
CLSIDFromProgID
ProgIDFromCLSID
CoGetClassObject
CoCreateInstance
CoRegisterClassObject
CoRevokeClassObject
CLSIDFromString
MkParseDisplayName
OleLockRunning
CreateILockBytesOnHGlobal
OleFlushClipboard
ReleaseStgMedium
OleQueryLinkFromData
OleQueryCreateFromData
OleIsCurrentClipboard
OleSetMenuDescriptor
OleSave
StgOpenStorage
OleDoAutoConvert
OleDuplicateData
OleRegGetUserType
CoIsOle1Class
OleSaveToStream
ReadClassStm
ReadClassStg
OleConvertIStorageToOLESTREAM
OleConvertOLESTREAMToIStorage
StgCreateDocfile
StgIsStorageILockBytes
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
OleCreateFromData
OleCreateLinkFromData
OleGetIconOfClass
OleGetClipboard
OleSetClipboard
OleIsRunning
CreateBindCtx
OleCreateLink
OleCreateLinkToFile
GetClassFile
OleGetAutoConvert
OleRun
OleCreateFromFile
WriteClassStg
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoGetMalloc
IIDFromString
CoDisconnectObject
IsAccelerator

oleaut32

VariantClear
OleTranslateColor
SysFreeString
OleCreateFontIndirect
VariantInit
SysStringLen
SysAllocStringByteLen
OleCreatePictureIndirect
SysAllocStringLen
VariantChangeType
OaBuildVersion
CreateErrorInfo
GetErrorInfo
SetErrorInfo
SysStringByteLen
CreateDispTypeInfo
DispGetParam
DispGetIDsOfNames
DispInvoke
OleCreatePropertyFrame
LoadTypeLibEx
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi
SafeArrayUnaccessData
SysAllocString
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayAccessData
VariantCopy
SafeArrayDestroy
SafeArrayCreate
VariantCopyInd
SafeArrayGetUBound
OleLoadPicture
SafeArrayGetElement
SafeArrayPutElement
SafeArrayGetLBound
SafeArrayCopy
OleIconToCursor
SafeArrayRedim
SafeArrayDestroyDescriptor
SafeArrayAllocData
RevokeActiveObject
SafeArrayDestroyData
SafeArrayLock
SafeArrayAllocDescriptor
VariantChangeTypeEx
GetActiveObject
SafeArrayUnlock
VarR8FromStr
SysReAllocStringLen
VarDateFromStr
VarBstrFromI2
VarCyFromI4
VarBstrFromR4
VarBstrFromR8
VarBstrFromI4
VarBstrFromCy
VarI2FromStr
VarBstrFromDate
VarI4FromR8
VarR4FromStr
VarI4FromStr
SysReAllocString
VarCyFromStr
LoadRegTypeLi
LHashValOfNameSysA

Exports

Exports

BASIC_CLASS_AddRef
BASIC_CLASS_GetIDsOfNames
BASIC_CLASS_Invoke
BASIC_CLASS_QueryInterface
BASIC_CLASS_Release
BASIC_DISPINTERFACE_GetTICount
BASIC_DISPINTERFACE_GetTypeInfo
CopyRecord
CreateIExprSrvObj
DLLGetDocumentation
DllFunctionCall
DllRegisterServer
DllUnregisterServer
EVENT_SINK2_AddRef
EVENT_SINK2_Release
EVENT_SINK_AddRef
EVENT_SINK_GetIDsOfNames
EVENT_SINK_Invoke
EVENT_SINK_QueryInterface
EVENT_SINK_Release
EbCreateContext
EbDestroyContext
EbGetHandleOfExecutingProject
EbGetObjConnectionCounts
EbGetVBAObject
EbIsProjectOnStack
EbLibraryLoad
EbLibraryUnload
EbLoadRunTime
EbResetProject
EbResetProjectNormal
EbSetContextWorkerThread
GetMem1
GetMem2
GetMem4
GetMem8
GetMemEvent
GetMemNewObj
GetMemObj
GetMemStr
GetMemVar
IID_IVbaHost
MethCallEngine
ProcCallEngine
PutMem1
PutMem2
PutMem4
PutMem8
PutMemEvent
PutMemNewObj
PutMemObj
PutMemStr
PutMemVar
SetMemEvent
SetMemNewObj
SetMemObj
SetMemVar
ThunRTMain
TipCreateInstanceEx
TipCreateInstanceProject
TipGetAddressOfPredeclaredInstance
TipInvokeMethod
TipInvokeMethod2
TipSetOption
TipUnloadInstance
TipUnloadProject
UserDllMain
VBDllCanUnloadNow
VBDllGetClassObject
VBDllRegisterServer
VBDllUnRegisterServer
VarPtr
Zombie_AddRef
Zombie_GetIDsOfNames
Zombie_GetTypeInfo
Zombie_GetTypeInfoCount
Zombie_Invoke
Zombie_QueryInterface
Zombie_Release
_CIatan
_CIcos
_CIexp
_CIlog
_CIsin
_CIsqrt
_CItan
__vbaAptOffset
__vbaAryConstruct
__vbaAryCopy
__vbaAryDestruct
__vbaAryLock
__vbaAryMove
__vbaAryRebase1Var
__vbaAryUnlock
__vbaAryVarVarg
__vbaBoolErrVar
__vbaBoolStr
__vbaBoolVar
__vbaBoolVarNull
__vbaCastObj
__vbaCastObjVar
__vbaCheckType
__vbaCheckTypeVar
__vbaChkstk
__vbaCopyBytes
__vbaCyAbs
__vbaCyAdd
__vbaCyErrVar
__vbaCyFix
__vbaCyForInit
__vbaCyForNext
__vbaCyI2
__vbaCyI4
__vbaCyInt
__vbaCyMul
__vbaCyMulI2
__vbaCySgn
__vbaCyStr
__vbaCySub
__vbaCyUI1
__vbaCyVar
__vbaDateR4
__vbaDateR8
__vbaDateStr
__vbaDateVar
__vbaDerefAry
__vbaDerefAry1
__vbaEnd
__vbaErase
__vbaEraseKeepData
__vbaEraseNoPop
__vbaError
__vbaErrorOverflow
__vbaExceptHandler
__vbaExitEachAry
__vbaExitEachColl
__vbaExitEachVar
__vbaExitProc
__vbaFPException
__vbaFPFix
__vbaFPInt
__vbaFailedFriend
__vbaFileClose
__vbaFileCloseAll
__vbaFileLock
__vbaFileOpen
__vbaFileSeek
__vbaFixstrConstruct
__vbaForEachAry
__vbaForEachCollAd
__vbaForEachCollObj
__vbaForEachCollVar
__vbaForEachVar
__vbaFpCDblR4
__vbaFpCDblR8
__vbaFpCSngR4
__vbaFpCSngR8
__vbaFpCmpCy
__vbaFpCy
__vbaFpI2
__vbaFpI4
__vbaFpR4
__vbaFpR8
__vbaFpUI1
__vbaFreeObj
__vbaFreeObjList
__vbaFreeStr
__vbaFreeStrList
__vbaFreeVar
__vbaFreeVarList
__vbaFreeVarg
__vbaGenerateBoundsError
__vbaGet3
__vbaGet4
__vbaGetFxStr3
__vbaGetFxStr4
__vbaGetOwner3
__vbaGetOwner4
__vbaGosub
__vbaGosubFree
__vbaGosubReturn
__vbaHresultCheck
__vbaHresultCheckNonvirt
__vbaHresultCheckObj
__vbaI2Abs
__vbaI2Cy
__vbaI2ErrVar
__vbaI2ForNextCheck
__vbaI2I4
__vbaI2Sgn
__vbaI2Str
__vbaI2Var
__vbaI4Abs
__vbaI4Cy
__vbaI4ErrVar
__vbaI4ForNextCheck
__vbaI4Sgn
__vbaI4Str
__vbaI4Var
__vbaInStr
__vbaInStrB
__vbaInStrVar
__vbaInStrVarB
__vbaInputFile
__vbaLateIdCall
__vbaLateIdCallLd
__vbaLateIdCallSt
__vbaLateIdNamedCall
__vbaLateIdNamedCallLd
__vbaLateIdNamedCallSt
__vbaLateIdNamedStAd
__vbaLateIdSt
__vbaLateIdStAd
__vbaLateMemCall
__vbaLateMemCallLd
__vbaLateMemCallSt
__vbaLateMemNamedCall
__vbaLateMemNamedCallLd
__vbaLateMemNamedCallSt
__vbaLateMemNamedStAd
__vbaLateMemSt
__vbaLateMemStAd
__vbaLbound
__vbaLenBstr
__vbaLenBstrB
__vbaLenVar
__vbaLenVarB
__vbaLineInputStr
__vbaLineInputVar
__vbaLsetFixstr
__vbaLsetFixstrFree
__vbaMidStmtBstr
__vbaMidStmtBstrB
__vbaMidStmtVar
__vbaMidStmtVarB
__vbaNameFile
__vbaNew
__vbaNew2
__vbaNextEachAry
__vbaNextEachCollAd
__vbaNextEachCollObj
__vbaNextEachCollVar
__vbaNextEachVar
__vbaObjAddref
__vbaObjIs
__vbaObjSet
__vbaObjSetAddref
__vbaObjVar
__vbaOnError
__vbaOnGoCheck
__vbaPowerR8
__vbaPrintFile
__vbaPrintObj
__vbaPut3
__vbaPut4
__vbaPutFxStr3
__vbaPutFxStr4
__vbaPutOwner3
__vbaPutOwner4
__vbaR4Cy
__vbaR4ErrVar
__vbaR4ForNextCheck
__vbaR4Sgn
__vbaR4Str
__vbaR4Var
__vbaR8Cy
__vbaR8ErrVar
__vbaR8FixI2
__vbaR8FixI4
__vbaR8ForNextCheck
__vbaR8IntI2
__vbaR8IntI4
__vbaR8Sgn
__vbaR8Str
__vbaR8Var
__vbaRaiseEvent
__vbaRecAnsiToUni
__vbaRecAssign
__vbaRecDestruct
__vbaRecDestructAnsi
__vbaRecUniToAnsi
__vbaRedim
__vbaRedimPreserve
__vbaRedimPreserveVar
__vbaRedimVar
__vbaRefVarAry
__vbaResume
__vbaRsetFixstr
__vbaRsetFixstrFree
__vbaSetSystemError
__vbaStopExe
__vbaStr2Vec
__vbaStrAryToAnsi
__vbaStrAryToUnicode
__vbaStrBool
__vbaStrCat
__vbaStrCmp
__vbaStrComp
__vbaStrCompVar
__vbaStrCopy
__vbaStrCy
__vbaStrDate
__vbaStrErrVarCopy
__vbaStrFixstr
__vbaStrI2
__vbaStrI4
__vbaStrLike
__vbaStrMove
__vbaStrR4
__vbaStrR8
__vbaStrTextCmp
__vbaStrTextLike
__vbaStrToAnsi
__vbaStrToUnicode
__vbaStrUI1
__vbaStrVarCopy
__vbaStrVarMove
__vbaStrVarVal
__vbaUI1Cy
__vbaUI1ErrVar
__vbaUI1I2
__vbaUI1I4
__vbaUI1Sgn
__vbaUI1Str
__vbaUI1Var
__vbaUbound
__vbaUnkVar
__vbaVar2Vec
__vbaVarAbs
__vbaVarAdd
__vbaVarAnd
__vbaVarCat
__vbaVarCmpEq
__vbaVarCmpGe
__vbaVarCmpGt
__vbaVarCmpLe
__vbaVarCmpLt
__vbaVarCmpNe
__vbaVarCopy
__vbaVarDateVar
__vbaVarDiv
__vbaVarDup
__vbaVarEqv
__vbaVarErrI4
__vbaVarFix
__vbaVarForInit
__vbaVarForNext
__vbaVarIdiv
__vbaVarImp
__vbaVarIndexLoad
__vbaVarIndexLoadRef
__vbaVarIndexLoadRefLock
__vbaVarIndexStore
__vbaVarIndexStoreObj
__vbaVarInt
__vbaVarLike
__vbaVarLikeVar
__vbaVarMod
__vbaVarMove
__vbaVarMul
__vbaVarNeg
__vbaVarNot
__vbaVarOr
__vbaVarPow
__vbaVarSetObj
__vbaVarSetObjAddref
__vbaVarSetUnk
__vbaVarSetUnkAddref
__vbaVarSetVar
__vbaVarSetVarAddref
__vbaVarSub
__vbaVarTextCmpEq
__vbaVarTextCmpGe
__vbaVarTextCmpGt
__vbaVarTextCmpLe
__vbaVarTextCmpLt
__vbaVarTextCmpNe
__vbaVarTextLike
__vbaVarTextLikeVar
__vbaVarTextTstEq
__vbaVarTextTstGe
__vbaVarTextTstGt
__vbaVarTextTstLe
__vbaVarTextTstLt
__vbaVarTextTstNe
__vbaVarTstEq
__vbaVarTstGe
__vbaVarTstGt
__vbaVarTstLe
__vbaVarTstLt
__vbaVarTstNe
__vbaVarVargNofree
__vbaVarXor
__vbaVargObj
__vbaVargObjAddref
__vbaVargParmRef
__vbaVargUnk
__vbaVargUnkAddref
__vbaVargVar
__vbaVargVarCopy
__vbaVargVarMove
__vbaVargVarRef
__vbaVerifyVarObj
__vbaWriteFile
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_allmul
rtBoolFromErrVar
rtBstrFromErrVar
rtCyFromErrVar
rtDecFromVar
rtI2FromErrVar
rtI4FromErrVar
rtR4FromErrVar
rtR8FromErrVar
rtUI1FromErrVar
rtcAbsVar
rtcAnsiValueBstr
rtcAppActivate
rtcAppleScript
rtcArray
rtcAtn
rtcBeep
rtcBstrFromAnsi
rtcBstrFromByte
rtcBstrFromChar
rtcBstrFromError
rtcBstrFromFormatVar
rtcByteValueBstr
rtcCVErrFromVar
rtcChangeDir
rtcChangeDrive
rtcCharValueBstr
rtcChoose
rtcCommandBstr
rtcCommandVar
rtcCompareBstr
rtcCos
rtcCreateObject
rtcCurrentDir
rtcCurrentDirBstr
rtcDDB
rtcDateAdd
rtcDateDiff
rtcDateFromVar
rtcDatePart
rtcDeleteSetting
rtcDir
rtcDoEvents
rtcEndOfFile
rtcEnvironBstr
rtcEnvironVar
rtcErrObj
rtcExp
rtcFV
rtcFileAttributes
rtcFileCopy
rtcFileDateTime
rtcFileLen
rtcFileLength
rtcFileLocation
rtcFileReset
rtcFileSeek
rtcFileWidth
rtcFixVar
rtcFreeFile
rtcGetAllSettings
rtcGetCurrentCalendar
rtcGetDateBstr
rtcGetDateValue
rtcGetDateVar
rtcGetDayOfMonth
rtcGetDayOfWeek
rtcGetErl
rtcGetFileAttr
rtcGetHostLCID
rtcGetHourOfDay
rtcGetMinuteOfHour
rtcGetMonthOfYear
rtcGetObject
rtcGetPresentDate
rtcGetSecondOfMinute
rtcGetSetting
rtcGetTimeBstr
rtcGetTimeValue
rtcGetTimeVar
rtcGetTimer
rtcGetYear
rtcHexBstrFromVar

Sections

.text
Size: 1008KB - Virtual size: 1007KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ENGINE
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/pdflib_com.dll
.dll regsvr32 windows:4 windows x86 arch:x86

126d983196fb1d50bf5bdee9310bd55c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
lstrcatA
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
HeapDestroy
lstrcmpiA
IsDBCSLeadByte
LoadLibraryExA
GetLastError
FindResourceA
SetEndOfFile
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
CreateFileW
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
GetOEMCP
LoadResource
SizeofResource
lstrcpynA
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenW
lstrlenA
EnterCriticalSection
GetProcAddress
LoadLibraryA
GetCPInfo
GetACP
lstrcmpW
lstrcpyW
GetVersionExA
HeapAlloc
HeapFree
HeapReAlloc
GetCommandLineA
GetVersion
DeleteFileA
ExitProcess
TerminateProcess
GetCurrentProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
SetFilePointer
GetCurrentProcessId
GetEnvironmentVariableA
HeapCreate
VirtualFree
VirtualAlloc
RtlUnwind
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
CloseHandle
FlushFileBuffers
RaiseException
SetStdHandle
ReadFile
MultiByteToWideChar

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoCreateFreeThreadedMarshaler

oleaut32

SysFreeString
SetErrorInfo
CreateErrorInfo
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
VarUI4FromStr
SafeArrayGetElement
VariantClear
SafeArrayGetVartype
VariantInit
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysStringLen

user32

CharNextA
ReleaseDC
GetDC

advapi32

RegQueryValueExA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA

gdi32

DeleteObject
GetCharWidthA
GetKerningPairsA
SetMapMode
GetTextMetricsA
GetFontData
GetTextFaceW
SelectObject
CreateFontIndirectW
EnumFontFamiliesExW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 644KB - Virtual size: 641KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 492KB - Virtual size: 497KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/zip32.dll
.dll windows:4 windows x86 arch:x86

00a4a2fc8c7dbf3b1dd6087ef98f034b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetDriveTypeA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ReleaseMutex
WaitForSingleObject
CloseHandle
InterlockedExchange
CreateMutexA
HeapFree
HeapAlloc
GetProcessHeap
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
GetFileAttributesA
FindClose
FindFirstFileA
GetVersion
GetFileType
FindNextFileA
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
lstrcpynA
lstrcpyA
lstrcatA
CreateFileA
GetLastError
HeapCreate
FlushFileBuffers
SetEndOfFile
GetTimeZoneInformation
GetSystemTime
GetLocalTime
MoveFileA
SetStdHandle
HeapReAlloc
GetCommandLineA
GetProcAddress
GetModuleHandleA
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
ExitProcess
TerminateProcess
HeapDestroy
lstrlenA
VirtualFree
VirtualAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
WriteFile
ReadFile
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
MultiByteToWideChar
RtlUnwind
SetFilePointer
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
InterlockedDecrement
InterlockedIncrement
CompareStringA
CompareStringW
SetEnvironmentVariableA
LoadLibraryA
PeekNamedPipe
RemoveDirectoryA
GetLocaleInfoA
GetLocaleInfoW
LCMapStringA
LCMapStringW
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFullPathNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
DeleteFileA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetFileInformationByHandle

user32

wvsprintfA

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
GetSecurityDescriptorLength
GetKernelObjectSecurity
OpenProcessToken

Exports

Exports

ZpArchive
ZpGetOptions
ZpInit
ZpSetOptions
ZpVersion

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 764B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
C:/Sisdata/Common/BandieraUE.png
.png
C:/Sisdata/Common/Calcolatrice.exe
.exe windows:4 windows x86 arch:x86

0b37a77031172ea172f6fbc8670288d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

__vbaVarTstGt
ord690
__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaStrVarMove
__vbaLenBstr
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFreeObjList
ord516
_adj_fprem1
ord519
__vbaStrCat
__vbaVarCmpNe
__vbaHresultCheckObj
_adj_fdiv_m32
ord592
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord520
__vbaFPFix
__vbaVarTstLt
__vbaBoolVarNull
_CIsin
ord631
ord525
__vbaChkstk
EVENT_SINK_AddRef
__vbaVarAbs
__vbaStrCmp
__vbaVarTstEq
__vbaI2I4
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
_adj_fprem
_adj_fdivr_m64
__vbaI2Str
__vbaFPException
__vbaInStrVar
__vbaStrVarVal
ord536
ord537
_CIlog
__vbaErrorOverflow
__vbaInStr
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
__vbaR8Var
_adj_fdiv_r
ord100
ord689
__vbaVarAdd
__vbaVarDup
__vbaFpI2
ord616
_CIatan
__vbaStrMove
ord618
_allmul
_CItan
__vbaFPInt
_CIexp
__vbaMidStmtBstr
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
C:/Sisdata/Common/ChangePassword.exe
.exe windows:4 windows x86 arch:x86

8f53ccd71c8756afd697a62dd427a22b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

_CIcos
_adj_fptan
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaStrVarMove
__vbaLenBstr
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFreeObjList
ord516
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord593
__vbaExitProc
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord520
_CIsin
ord631
__vbaChkstk
EVENT_SINK_AddRef
__vbaGenerateBoundsError
ord528
__vbaStrCmp
__vbaI2I4
DllFunctionCall
ord670
ord563
_adj_fpatan
EVENT_SINK_Release
__vbaNew
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
ord534
ord536
ord537
_CIlog
__vbaErrorOverflow
__vbaInStr
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarAdd
__vbaStrToAnsi
__vbaFpI4
__vbaVarCopy
ord616
__vbaR8IntI2
_CIatan
__vbaStrMove
ord618
__vbaCastObj
__vbaStrVarCopy
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
C:/Sisdata/Common/CheckSisProcess.exe
.exe windows:4 windows x86 arch:x86

6326b743632fb8cb2db9a45c423a154b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

__vbaVarSub
_CIcos
_adj_fptan
__vbaFreeVar
__vbaFreeVarList
_adj_fdiv_m64
ord517
_adj_fprem1
__vbaRecAnsiToUni
__vbaStrCat
__vbaLsetFixstr
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaExitProc
__vbaOnError
ord595
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
__vbaStrFixstr
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaGenerateBoundsError
ord528
__vbaStrCmp
__vbaVarTstEq
DllFunctionCall
__vbaAryConstruct
_adj_fpatan
__vbaRecUniToAnsi
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
ord608
__vbaFPException
__vbaInStrVar
__vbaI2Var
ord645
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaVarDup
ord616
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 598B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
C:/Sisdata/Common/ChkVerStdAlone.exe
.exe windows:4 windows x86 arch:x86

220da252e3aa23294d920aae77bc16ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

EVENT_SINK_GetIDsOfNames
__vbaVarTstGt
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaVarVargNofree
__vbaAryMove
__vbaFreeVar
__vbaLenBstr
__vbaStrVarMove
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
EVENT_SINK_Invoke
__vbaRaiseEvent
ord622
__vbaFreeObjList
ord516
__vbaStrErrVarCopy
_adj_fprem1
__vbaRecAnsiToUni
__vbaStrCat
__vbaError
__vbaBoolErrVar
__vbaSetSystemError
__vbaHresultCheckObj
__vbaLenVar
ord558
__vbaVargVarCopy
_adj_fdiv_m32
Zombie_GetTypeInfo
__vbaAryDestruct
__vbaCyErrVar
ord592
ord593
__vbaExitProc
ord595
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
ord520
__vbaBoolVarNull
_CIsin
ord631
ord632
__vbaVargVarMove
__vbaVarCmpGt
__vbaChkstk
EVENT_SINK_AddRef
ord528
__vbaGenerateBoundsError
__vbaStrCmp
__vbaVarTstEq
__vbaDateR8
ord561
__vbaI2I4
DllFunctionCall
ord670
ord563
_adj_fpatan
Zombie_GetTypeInfoCount
__vbaRedim
__vbaUI1ErrVar
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
_CIsqrt
__vbaVarAnd
__vbaObjIs
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
__vbaR4ErrVar
ord606
_adj_fprem
_adj_fdivr_m64
__vbaR8ErrVar
__vbaFailedFriend
__vbaFPException
ord319
__vbaStrVarVal
__vbaDateVar
ord536
ord537
ord644
_CIlog
__vbaErrorOverflow
__vbaInStr
__vbaVar2Vec
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
ord681
__vbaVarNot
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaVarCmpEq
__vbaAryLock
__vbaVarAdd
ord320
__vbaStrToAnsi
__vbaVarDup
ord321
ord616
__vbaFpI4
__vbaVarCopy
__vbaR8IntI2
_CIatan
ord618
__vbaI2ErrVar
__vbaStrMove
__vbaCastObj
__vbaStrVarCopy
ord619
_allmul
_CItan
__vbaAryUnlock
_CIexp
__vbaI4ErrVar
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
C:/Sisdata/Common/ICONE/028.gif
.gif
C:/Sisdata/Common/ICONE/1.BMP
C:/Sisdata/Common/ICONE/113c.ico
C:/Sisdata/Common/ICONE/2a.ico
C:/Sisdata/Common/ICONE/Agenda.bmp
C:/Sisdata/Common/ICONE/Archivio.BMP
C:/Sisdata/Common/ICONE/Archivio1.BMP
C:/Sisdata/Common/ICONE/Bidone1.bmp
C:/Sisdata/Common/ICONE/BustaAperta.gif
.gif
C:/Sisdata/Common/ICONE/BustaChiusa.gif
C:/Sisdata/Common/ICONE/Calendar 24x24.ico
C:/Sisdata/Common/ICONE/CheckOFF.bmp
C:/Sisdata/Common/ICONE/CheckON.bmp
C:/Sisdata/Common/ICONE/CircleRed.jpg
.jpg
C:/Sisdata/Common/ICONE/Clipboard.ico
C:/Sisdata/Common/ICONE/Delete.ico
C:/Sisdata/Common/ICONE/Epson.BMP
C:/Sisdata/Common/ICONE/Excel.BMP
C:/Sisdata/Common/ICONE/Floppy24x24.ICO
C:/Sisdata/Common/ICONE/Help 24x24.ico
C:/Sisdata/Common/ICONE/ICS.ico
C:/Sisdata/Common/ICONE/Layout.ico
C:/Sisdata/Common/ICONE/Modifica.bmp
C:/Sisdata/Common/ICONE/New.ico
C:/Sisdata/Common/ICONE/PARANUM.ICO
C:/Sisdata/Common/ICONE/PRINT.ICO
C:/Sisdata/Common/ICONE/PRINTER 40x40.ico
C:/Sisdata/Common/ICONE/PVbase.ico
C:/Sisdata/Common/ICONE/Scissors.ico
C:/Sisdata/Common/ICONE/Search.JPG
.jpg
C:/Sisdata/Common/ICONE/TaskList.bmp
C:/Sisdata/Common/ICONE/Typewriter.BMP
C:/Sisdata/Common/ICONE/USB.ico
C:/Sisdata/Common/ICONE/WRIT2.ico
C:/Sisdata/Common/ICONE/add 21x21.ico
C:/Sisdata/Common/ICONE/book1.ico
C:/Sisdata/Common/ICONE/case 26x26.ico
C:/Sisdata/Common/ICONE/circlered.png
.png
C:/Sisdata/Common/ICONE/printer 32x32.ico
C:/Sisdata/Common/LogoMIUR.png
.png
C:/Sisdata/Common/LogoScuola.png
.png
C:/Sisdata/Common/LogoSisdataPiccolo.jpg
.jpg
C:/Sisdata/Common/PDF.png
.png
C:/Sisdata/Common/ProgressBAR.exe
.exe windows:4 windows x86 arch:x86

8fa7b024b84fdeff9db483fc4bc4290f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

_CIcos
_adj_fptan
__vbaVarMove
__vbaStrI4
__vbaVarVargNofree
__vbaFreeVar
__vbaStrVarMove
__vbaLenBstr
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFreeObjList
ord517
_adj_fprem1
__vbaRecAnsiToUni
__vbaStrCat
__vbaLsetFixstr
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord666
__vbaExitProc
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
_adj_fdivr_m16i
ord598
__vbaStrFixstr
_CIsin
ord525
__vbaChkstk
ord526
__vbaFileClose
__vbaGosubFree
EVENT_SINK_AddRef
__vbaStrCmp
ord529
__vbaObjVar
__vbaI2I4
DllFunctionCall
ord670
_adj_fpatan
__vbaR4Var
__vbaFixstrConstruct
__vbaLateIdCallLd
__vbaRecUniToAnsi
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
__vbaPrintFile
_adj_fprem
_adj_fdivr_m64
__vbaGosub
ord608
__vbaFPException
__vbaInStrVar
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaFileOpen
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaI4Var
__vbaVarAdd
__vbaVarDup
__vbaStrToAnsi
__vbaFpI2
ord616
__vbaLateMemCallLd
_CIatan
__vbaStrMove
ord618
_allmul
__vbaLateIdSt
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
C:/Sisdata/Common/PulsanteBicolore.avi
C:/Sisdata/Common/TimbroScuola.BMP
C:/Sisdata/Common/pdftk.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 4.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 891KB - Virtual size: 891KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 144KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
C:/Sisdata/Common/zcmp.exe
C:/Sisdata/PrgSKA/ArkVuoto.mdb
C:/Sisdata/PrgSKA/Pef/Copia di DecretoV3.pef
C:/Sisdata/PrgSKA/Pef/DecretoRuolo.pef
C:/Sisdata/PrgSKA/Pef/DecretoV3.pef
C:/Sisdata/PrgSKA/Pef/DocRel99.txt
C:/Sisdata/PrgSKA/Pef/FAQ.mdb
C:/Sisdata/PrgSKA/Pef/GenHelp.pef
C:/Sisdata/PrgSKA/Pef/ManualeIDR.pdf
.pdf
- http://www.Sisdata.it
- http://a.sc
C:/Sisdata/PrgSKA/Pef/NEWS.txt
C:/Sisdata/PrgSKA/Pef/NEWS2.txt
C:/Sisdata/PrgSKA/Pef/PrimoPiano.txt
C:/Sisdata/PrgSKA/Pef/ProspettoRiepilogativo3bis.png
.png
C:/Sisdata/PrgSKA/Pef/QuadroInput.pef
C:/Sisdata/PrgSKA/Pef/QuadroServiziRuolo.pef
C:/Sisdata/PrgSKA/Pef/Servizi.pef
C:/Sisdata/PrgSKA/Pef/Sintesi.pef
C:/Sisdata/PrgSKA/Pef/SintesiRuolo.pef
C:/Sisdata/PrgSKA/Pef/TempDPR399a.blk
C:/Sisdata/PrgSKA/Pef/uno.blk
C:/Sisdata/PrgSKA/ScattiBiennali.prj
C:/Sisdata/ScattiBiennali.exe
.exe windows:4 windows x86 arch:x86

6c5364ab4e4dd7906cf85f843d614b57

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

EVENT_SINK_GetIDsOfNames
__vbaVarTstGt
__vbaVarSub
__vbaStrI2
_CIcos
_adj_fptan
__vbaStrI4
__vbaStrAryToUnicode
__vbaVarMove
__vbaVarVargNofree
__vbaAryMove
__vbaStrAryToAnsi
__vbaFreeVar
ord588
__vbaGosubReturn
__vbaStrVarMove
__vbaLineInputStr
__vbaLenBstr
__vbaLateIdCall
__vbaPut3
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
EVENT_SINK_Invoke
__vbaVarIndexStore
__vbaRaiseEvent
ord622
__vbaFreeObjList
__vbaGetFxStr4
ord516
__vbaStrErrVarCopy
_adj_fprem1
__vbaRecAnsiToUni
ord518
ord519
__vbaResume
__vbaCopyBytes
__vbaVarCmpNe
__vbaStrCat
__vbaError
__vbaBoolErrVar
ord660
__vbaLsetFixstr
ord553
__vbaStrDate
ord661
__vbaSetSystemError
__vbaRecDestruct
ord662
__vbaNameFile
__vbaHresultCheckObj
ord557
ord558
__vbaVargVarCopy
__vbaLenVar
_adj_fdiv_m32
__vbaVarTstLe
Zombie_GetTypeInfo
__vbaVarCmpGe
__vbaAryDestruct
__vbaVarIndexLoadRefLock
__vbaCyErrVar
ord591
__vbaLateMemSt
ord592
__vbaBoolStr
__vbaVarPow
ord593
__vbaVarForInit
__vbaExitProc
__vbaForEachCollObj
ord300
ord594
ord301
ord595
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
ord303
__vbaObjSetAddref
_adj_fdivr_m16i
ord304
__vbaVarIndexLoad
ord598
ord305
__vbaFpR4
ord306
__vbaStrFixstr
ord520
__vbaForEachCollVar
__vbaBoolVar
ord307
ord521
__vbaFPFix
ord309
__vbaRefVarAry
__vbaVargVar
ord523
__vbaVarTstLt
__vbaFpR8
__vbaBoolVarNull
_CIsin
__vbaErase
ord631
ord632
__vbaVarCmpGt
ord525
__vbaVargVarMove
__vbaNextEachCollObj
__vbaChkstk
__vbaGosubFree
__vbaFileClose
EVENT_SINK_AddRef
ord527
__vbaVarAbs
ord528
__vbaGenerateBoundsError
__vbaExitEachColl
ord529
__vbaStrCmp
__vbaPutOwner3
__vbaVarTstEq
__vbaDateR8
ord560
__vbaPrintObj
ord561
__vbaNextEachCollVar
__vbaObjVar
__vbaI2I4
DllFunctionCall
ord563
__vbaVarOr
__vbaCastObjVar
__vbaLbound
__vbaAryConstruct
__vbaRedimPreserve
_adj_fpatan
__vbaR4Var
__vbaFixstrConstruct
__vbaLateIdCallLd
Zombie_GetTypeInfoCount
__vbaStrR8
__vbaRedim
__vbaUI1ErrVar
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
ord600
__vbaUI1I2
_CIsqrt
ord310
__vbaObjIs
__vbaLateIdCallSt
__vbaVarAnd
ord311
EVENT_SINK_QueryInterface
__vbaUI1I4
__vbaVarMul
__vbaExceptHandler
ord312
ord313
__vbaInputFile
__vbaPrintFile
__vbaStrToUnicode
__vbaR4ErrVar
ord606
_adj_fprem
_adj_fdivr_m64
__vbaI2Str
__vbaR8ErrVar
__vbaFailedFriend
__vbaGosub
ord607
__vbaVarDiv
ord608
ord530
__vbaVarCmpLe
ord531
__vbaFPException
ord532
__vbaInStrVar
ord319
__vbaStrVarVal
__vbaUbound
ord534
__vbaDateVar
ord535
__vbaCheckType
__vbaLsetFixstrFree
__vbaI2Var
ord536
ord644
ord537
__vbaStopExe
ord645
_CIlog
__vbaErrorOverflow
ord647
__vbaFileOpen
__vbaR8Str
ord648
__vbaVar2Vec
__vbaInStr
__vbaNew2
__vbaVarInt
ord571
_adj_fdiv_m32i
ord572
_adj_fdivr_m32i
__vbaVarSetObj
__vbaStrCopy
ord681
__vbaI4Str
__vbaVarCmpLt
__vbaVarNot
__vbaFreeStrList
ord576
_adj_fdivr_m32
__vbaPowerR8
ord577
__vbaR8Var
_adj_fdiv_r
ord578
ord685
ord100
ord579
__vbaVarTstNe
__vbaI4Var
__vbaVarCmpEq
ord610
__vbaLateMemCall
__vbaVarAdd
__vbaAryLock
ord320
ord612
__vbaStrToAnsi
__vbaVarDup
ord321
__vbaFpI2
__vbaCheckTypeVar
__vbaVarTstGe
__vbaFpI4
__vbaVarCopy
ord616
__vbaR8IntI2
__vbaVarSetObjAddref
ord617
__vbaLateMemCallLd
_CIatan
__vbaI2ErrVar
ord618
__vbaStrMove
__vbaCastObj
ord619
__vbaR8IntI4
__vbaStrVarCopy
ord542
_allmul
__vbaLateIdSt
ord652
ord545
__vbaLateMemCallSt
_CItan
ord546
__vbaFPInt
__vbaAryUnlock
__vbaVarForNext
_CIexp
__vbaMidStmtBstr
__vbaI4ErrVar
ord580
__vbaFreeStr
__vbaRecAssign
__vbaFreeObj
ord581

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
C:/Sisdata/TeleAssistenza/MSRC4Plugin.dsm
.dll windows:4 windows x86 arch:x86

64cbcbe4dbbe35e6527ec06de42e2c1d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetDlgItemTextA
IsDlgButtonChecked
SetDlgItemTextA
GetDlgItem
EnableWindow
CheckDlgButton
EndDialog
SystemParametersInfoA
GetWindowRect
SetWindowPos
SetForegroundWindow
DialogBoxParamA

advapi32

RegQueryValueExA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
CryptSetKeyParam
CryptGenRandom
CryptEncrypt
CryptGetUserKey
CryptGetKeyParam
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptReleaseContext
CryptDestroyKey
CryptExportKey
CryptGenKey
CryptImportKey
CryptAcquireContextA
CryptGetProvParam
CryptDecrypt
CryptDestroyHash
RegOpenKeyExA

msvcrt

_splitpath
_snprintf
??3@YAXPAX@Z
??2@YAPAXI@Z
_mbsicmp
__CxxFrameHandler
strtol
sprintf
time
strstr
free
malloc
_except_handler3
_local_unwind2
strncpy
getenv
_makepath
__dllonexit
_initterm
_adjust_fdiv
_onexit

kernel32

CloseHandle
WriteFile
CreateFileA
ReadFile
GetLastError
SetLastError
SetFilePointer
GetVersionExA
lstrcmpiA
GetModuleFileNameA
GetModuleHandleA

Exports

Exports

Description
FreeBuffer
GetParams
Reset
RestoreBuffer
SetParams
Shutdown
Startup
TransformBuffer

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
C:/Sisdata/TeleAssistenza/SCHook.dll
.dll windows:4 windows x86 arch:x86

dd0e42918dee983af42f46b4a2656c46

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

UnmapViewOfFile
ReleaseMutex
CloseHandle
GetProcAddress
LoadLibraryA
lstrcmpiA
CreateFileMappingA
OpenFileMappingA
MapViewOfFile
GetModuleHandleA

user32

GetUpdateRgn
GetCursorPos
ClientToScreen
IsWindowVisible
GetClientRect
CallNextHookEx
GetClassNameA
SetRectEmpty
SetWindowsHookExA
UnhookWindowsHookEx
GetWindowRect

gdi32

DeleteObject
CreateRectRgn
GetRegionData

oleaut32

VariantInit

msvcrt

_onexit
__dllonexit
??2@YAPAXI@Z
??3@YAXPAX@Z
free
_initterm
malloc
_adjust_fdiv

Exports

Exports

SetHook
UnSetHook

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SharedD
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
C:/Sisdata/TeleAssistenza/TeleAssistenza.exe
.exe windows:4 windows x86 arch:x86

9c9a575c671407b3a87e97ea11abd18b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostname
gethostbyname
ioctlsocket
WSAGetLastError
recv
send
getsockname
getpeername
accept
listen
inet_addr
connect
htons
htonl
bind
shutdown
closesocket
socket
setsockopt
WSACleanup
WSAStartup

winmm

timeGetTime

kernel32

MapViewOfFile
OpenFileMappingA
CloseHandle
UnmapViewOfFile
WaitForSingleObject
CreateMutexA
ReleaseMutex
GetComputerNameA
ResumeThread
CreateThread
IsBadWritePtr
IsBadReadPtr
GetLastError
GetSystemTime
FlushFileBuffers
CreateDirectoryA
MoveFileA
SetErrorMode
GetDriveTypeA
GetLogicalDriveStringsA
FileTimeToSystemTime
GetFileTime
CreateFileA
MulDiv
GetCurrentThreadId
SetFilePointer
ReadFile
WriteFile
SetFileTime
SystemTimeToFileTime
SetEndOfFile
Sleep
GetVersionExA
SetThreadPriority
GetCurrentThread
OpenEventA
GlobalUnlock
GlobalLock
GlobalAlloc
SetProcessShutdownParameters
TerminateProcess
CreateProcessA
GetStdHandle
AllocConsole
MoveFileExA
FormatMessageA
SetLastError
WriteConsoleA
OutputDebugStringA
GetCurrentProcessId
OpenProcess
SearchPathA
GlobalFree
TlsGetValue
TlsFree
TlsAlloc
CreateFileMappingA
DuplicateHandle
TlsSetValue
CreateSemaphoreA
ReleaseSemaphore
DeleteCriticalSection
InitializeCriticalSection
GetProcAddress
LoadLibraryA
FindClose
FindNextFileA
FindFirstFileA
GetModuleFileNameA
DeleteFileA
FreeLibrary
CopyFileA
LeaveCriticalSection
EnterCriticalSection
GetSystemInfo
GetVersion
GetStartupInfoA
GetModuleHandleA
lstrlenA
GetCurrentProcess
GetProfileStringA

user32

SetThreadDesktop
GetProcessWindowStation
GetUserObjectInformationA
ExitWindowsEx
EnableWindow
GetSubMenu
OpenInputDesktop
TrackPopupMenu
GetMenuItemID
EnableMenuItem
DestroyMenu
LoadMenuA
ToAscii
SetMenuDefaultItem
VkKeyScanA
GetAsyncKeyState
MapVirtualKeyA
PeekMessageA
WaitMessage
IsIconic
WaitForInputIdle
GetParent
GetClipboardOwner
GetClipboardData
GetForegroundWindow
IsWindowVisible
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetIconInfo
DrawIconEx
SetClipboardViewer
IsWindow
EnumWindows
OpenDesktopA
EnumDesktopWindows
CloseDesktop
FindWindowA
GetClassNameA
ChangeClipboardChain
DestroyWindow
GetDesktopWindow
WindowFromPoint
GetWindowRect
RegisterWindowMessageA
GetThreadDesktop
mouse_event
GetCursorPos
InvalidateRect
wsprintfA
GetKeyboardState
keybd_event
GetDC
ReleaseDC
EnumDisplaySettingsA
GetDlgItemTextA
SetFocus
EndDialog
SetWindowTextA
LoadStringA
DialogBoxParamA
GetScrollInfo
PostMessageA
SetDlgItemTextA
GetDlgItem
SendDlgItemMessageA
SetForegroundWindow
MessageBoxA
SystemParametersInfoA
SendMessageA
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
KillTimer
PostQuitMessage
SetTimer
LoadIconA
LoadCursorA
RegisterClassExA
AdjustWindowRect
CreateWindowExA
GetWindowLongA
SetWindowLongA
ShowWindow
GetSystemMetrics
SetWindowPos
IsRectEmpty
LoadImageA
GetWindowTextA

gdi32

RealizePalette
SelectPalette
CreatePalette
CreateDIBSection
SetDIBColorTable
GdiFlush
GetBitmapBits
GetObjectA
GetDeviceCaps
CreateCompatibleBitmap
GetPixel
GetSystemPaletteEntries
SetBkMode
GetStockObject
GetClipBox
CreateCompatibleDC
CreateSolidBrush
SelectObject
DeleteDC
GetDIBits
CreateDCA
DeleteObject
BitBlt
PatBlt
StretchBlt

shell32

Shell_NotifyIconA
ShellExecuteExA
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA

advapi32

RegCreateKeyExA
OpenProcessToken
RegSetValueExA
RegCloseKey
RevertToSelf
DuplicateToken
ImpersonateLoggedOnUser
GetUserNameA
RegQueryValueExA
RegOpenKeyExA

ole32

CoInitialize
CoCreateInstance

comctl32

InitCommonControlsEx

msvcrt

sscanf
memmove
memcmp
free
malloc
strcmp
strstr
_snprintf
_purecall
??2@YAPAXI@Z
_ismbcdigit
atoi
_mbsicmp
memcpy
strcpy
strrchr
strlen
strcat
??3@YAXPAX@Z
__CxxFrameHandler
_initterm
sprintf
memset
abs
_strdup
__setusermatherr
_adjust_fdiv
__p__commode
fflush
printf
_dup2
_open_osfhandle
fclose
_iob
_vsnprintf
ctime
time
_stricmp
fgets
fopen
exit
setbuf
_CxxThrowException
__p__fmode
__set_app_type
_except_handler3
??1type_info@@UAE@XZ
_controlfp
strncat
strncpy
_strnicmp
strchr
tolower
calloc
strncmp
_beginthreadex
_endthreadex
fprintf
realloc
__dllonexit
_onexit
_XcptFilter
_acmdln
__getmainargs
_fdopen
_exit
_itoa

msvcp60

??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
C:/Sisdata/TeleAssistenza/background.bmp
C:/Sisdata/TeleAssistenza/enter.bmp
C:/Sisdata/TeleAssistenza/helpdesk.txt
C:/Sisdata/TeleAssistenza/icon1.ico
C:/Sisdata/TeleAssistenza/icon2.ico
C:/Sisdata/TeleAssistenza/logo.bmp
C:/Sisdata/TeleAssistenza/rc4.key
C:/Sisdata/TeleAssistenza/vnchooks.dll
.dll windows:4 windows x86 arch:x86

d292fb49052583a662f72508f13cbc5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetClientRect
PostMessageA
FindWindowA
GetWindowRect
PostThreadMessageA
GetUpdateRgn
ClientToScreen
IsWindowVisible
GetCursor
GetPropA
SetPropA
CallNextHookEx
EnumWindows
RemovePropA
SetWindowsHookExA
UnhookWindowsHookEx
RegisterWindowMessageA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA

gdi32

GetRegionData
DeleteObject
CreateRectRgn

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringA
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
LCMapStringW
LeaveCriticalSection
Sleep
GetModuleFileNameA
GetModuleHandleA
GlobalAddAtomA
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
ExitProcess
RtlUnwind
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA

Exports

Exports

HooksType
SetHooks
SetKeyboardFilterHook
SetMouseFilterHook
UnSetHooks

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SharedD
Size: 4KB - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
c:/sisdata/CommonPostGre/sis_restore.exe
.exe windows:4 windows x86 arch:x86

d356b097289219604ef9a4e4f19881be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

__vbaVarSub
_CIcos
_adj_fptan
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaLineInputStr
__vbaStrVarMove
__vbaLenBstr
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFreeObjList
__vbaStrErrVarCopy
_adj_fprem1
ord519
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaExitProc
__vbaVarForInit
__vbaOnError
__vbaObjSet
ord595
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaVarIndexLoad
__vbaRefVarAry
__vbaBoolVarNull
_CIsin
ord631
ord632
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
ord528
__vbaGenerateBoundsError
__vbaStrCmp
__vbaVarTstEq
__vbaI2I4
DllFunctionCall
ord670
__vbaVarOr
__vbaRedimPreserve
_adj_fpatan
EVENT_SINK_Release
ord600
_CIsqrt
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
ord530
__vbaFPException
__vbaInStrVar
__vbaUbound
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaFileOpen
ord647
ord648
__vbaNew2
ord571
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaI4Var
__vbaVarCmpEq
__vbaVarAdd
__vbaVarDup
__vbaFpI4
__vbaVarCopy
_CIatan
__vbaStrMove
_allmul
_CItan
__vbaVarForNext
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
c:/sisdata/CommonPostGre/sispgl_manager.exe
.exe windows:4 windows x86 arch:x86

dc19c91e62c9f19fc951742d7fb98aa6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DuplicateHandle
GetCurrentProcess
ExitProcess
TerminateProcess
GetCommandLineA
GetVersion
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
GetLastError
GetFileAttributesA
IsBadWritePtr
IsBadReadPtr
HeapValidate
SetStdHandle
GetFileType
SetHandleCount
GetStartupInfoA
CreatePipe
GetExitCodeProcess
WaitForSingleObject
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
RtlUnwind
SetConsoleCtrlHandler
CreateProcessA
HeapAlloc
HeapReAlloc
VirtualAlloc
FlushFileBuffers
ReadFile
CreateFileA
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetStringTypeA
GetStringTypeW
SetEndOfFile
LCMapStringA
LCMapStringW

Sections

.text
Size: 148KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 151KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 16KB - Virtual size: 15KB

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 1012B

315c9191a8de67ecffd311726e188405

Headers

File Characteristics

Imports

msvbvm50

Sections

.text Size: 50KB - Virtual size: 49KB

.data Size: 512B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 5KB - Virtual size: 5KB

0fe58cb07ffed3c7f9ed8d361ee872d6

Headers

File Characteristics

Imports

msvbvm50

Exports

Exports

Sections

.text Size: 49KB - Virtual size: 48KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 5KB - Virtual size: 4KB

b00c526fa92736025620478db638113f

Headers

File Characteristics

Imports

msvbvm50

Exports

Exports

Sections

.text Size: 827KB - Virtual size: 827KB

.data Size: 512B - Virtual size: 3KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 8KB - Virtual size: 7KB

0722dff026b295005eb6d0f07321b350

Headers

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 16KB - Virtual size: 15KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 1012B

.text
Size: 50KB - Virtual size: 49KB

.data
Size: 512B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 5KB - Virtual size: 5KB

.text
Size: 49KB - Virtual size: 48KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 5KB - Virtual size: 4KB

.text
Size: 827KB - Virtual size: 827KB

.data
Size: 512B - Virtual size: 3KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 33KB - Virtual size: 32KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 813KB - Virtual size: 813KB

.data
Size: 512B - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 7KB - Virtual size: 6KB

.text
Size: 195KB - Virtual size: 195KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 9KB - Virtual size: 14KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 125KB - Virtual size: 124KB

.reloc
Size: 11KB - Virtual size: 11KB

.text
Size: 396KB - Virtual size: 400KB

.data
Size: 48KB - Virtual size: 68KB

.tls
Size: 512B - Virtual size: 4KB

.idata
Size: 10KB - Virtual size: 12KB

.edata
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 22KB - Virtual size: 24KB

.reloc
Size: 26KB - Virtual size: 28KB