5946c98b06c3ae8404f69259e671f466

Sharing

Copy URL Twitter E-mail

General

Target

5946c98b06c3ae8404f69259e671f466
Size

3.7MB
MD5

5946c98b06c3ae8404f69259e671f466
SHA1

83041e4adf0f7cbdf9dace3db9bd625c13c816d8
SHA256

d09f822116ad840504cea97a8a0ed354586b17f8f29e9c328bf271ffde465e6c
SHA512

6ca72c1976a1925b2e4ac77d3166913e79678b3310a62c46f459f899e743096edc5eb9b3c3a9301cb2daf79200d77afa731104ca4a81f6e0133d7bf929c01c51
SSDEEP

98304:EcHTI2LQPnmtSthksTt8FNTcKkWdUHrBwClWA4:EcHTI2LrAthdTaFVcKk++rGCI

Score

3^/10

Malware Config

Signatures

Unsigned PE 34 IoCs

Checks for missing Authenticode signature.

resource
unpack001/whwnmp4change/MFC42D.DLL
unpack001/whwnmp4change/MSVCRTD.DLL
unpack001/whwnmp4change/RealMediaSplitter.ax
unpack001/whwnmp4change/WMASF.DLL
unpack001/whwnmp4change/ac3decbuf.dll
unpack001/whwnmp4change/commdll.dll
unpack001/whwnmp4change/h263decode.dll
unpack001/whwnmp4change/h263encode.dll
unpack001/whwnmp4change/libxvidcore.dll
unpack001/whwnmp4change/mp3more_decode.dll
unpack001/whwnmp4change/mpgmux.dll
unpack001/whwnmp4change/ncdivxplay.dll
unpack001/whwnmp4change/piczip.dll
unpack001/whwnmp4change/sh263dec.dll
unpack001/whwnmp4change/sh263en.dll
unpack001/whwnmp4change/wave_enmp3.dll
unpack001/whwnmp4change/whwnaac_decode.dll
unpack001/whwnmp4change/whwnaac_encode.dll
unpack001/whwnmp4change/whwnadpcmdecode.dll
unpack001/whwnmp4change/whwnamr_decode.dll
unpack001/whwnmp4change/whwnamr_encode.dll
unpack001/whwnmp4change/whwnchangemp4.exe
unpack001/whwnmp4change/whwnmp4decode.dll
unpack001/whwnmp4change/whwnmp4encode.dll
unpack001/whwnmp4change/whwnmpeg4decode.dll
unpack001/whwnmp4change/whwnmpegplay.exe
unpack001/whwnmp4change/whwnmtvdecode.dll
unpack001/whwnmp4change/whwnpcmchange.dll
unpack001/whwnmp4change/whwnpicdo.dll
unpack001/whwnmp4change/whwnsoundmix.dll
unpack001/whwnmp4change/whwnvideochange.dll
unpack001/whwnmp4change/whwnx264decode.dll
unpack001/whwnmp4change/whwnx264encode.dll
unpack001/whwnmp4change/xvidcore.dll

Files

5946c98b06c3ae8404f69259e671f466
.rar
whwnmp4change/MFC42D.DLL
.dll windows:4 windows x86 arch:x86

758f4745f1597b57f518e37f66808aa1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrtd

_initterm
?terminate@@YAXXZ
_onexit
_adjust_fdiv
__dllonexit
??1type_info@@UAE@XZ
_splitpath
_fullpath
atol
_CxxThrowException
__p___argc
__p___argv
_beginthreadex
_endthreadex
_mbsdec
_strdup
_expand
sprintf
strtod
strtol
strtoul
abs
calloc
_msize
_purecall
strftime
_mbctype
ctime
localtime
gmtime
time
mktime
_ismbcspace
_mbclen
_mbsnbcmp
atoi
_ismbcdigit
vsprintf
_mbsrchr
_mbscspn
_mbsspn
_mbsstr
_mbsrev
_mbslwr
_mbsupr
_mbspbrk
_mbschr
free
realloc
malloc
fclose
fflush
fseek
ftell
fgets
fputs
fwrite
fread
clearerr
_open_osfhandle
_fdopen
__doserrno
_get_osfhandle
_mbsinc
_mbsicoll
_mbscoll
_mbsicmp
_mbscmp
abort
_CrtDoForAllClientObjects
_CrtMemDumpAllObjectsSince
_CrtMemCheckpoint
_CrtMemDumpStatistics
_CrtMemDifference
memset
_CrtIsMemoryBlock
_CrtCheckMemory
_CrtSetBreakAlloc
_CrtSetAllocHook
_malloc_dbg
_free_dbg
_vsnprintf
_CrtDumpMemoryLeaks
_CrtSetDbgFlag
_CrtSetDumpClient
_CrtSetReportHook
_CrtSetReportMode
_except_handler3
memcmp
memmove
memcpy
_gcvt
_CrtDbgReport
wcslen
__CxxFrameHandler

kernel32

GetProcessVersion
GlobalFlags
GetTempFileNameA
GetDiskFreeSpaceA
LocalUnlock
FileTimeToSystemTime
SizeofResource
GetProfileIntA
VirtualProtect
InterlockedExchange
SetErrorMode
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentDirectoryA
FindNextFileA
GetSystemDirectoryA
MulDiv
FreeLibrary
FindResourceA
LoadResource
LockResource
FreeResource
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
WaitForMultipleObjects
CreateEventA
ReleaseMutex
CreateMutexA
ReleaseSemaphore
CreateSemaphoreA
ResetEvent
PulseEvent
SetEvent
WaitForSingleObject
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetOEMCP
SearchPathA
WideCharToMultiByte
FormatMessageA
LocalFree
SetFileAttributesA
InterlockedDecrement
InterlockedIncrement
LocalFileTimeToFileTime
SetFileTime
SystemTimeToFileTime
GetFileAttributesA
GetFileTime
GetFileSize
GlobalReAlloc
GlobalFree
GlobalUnlock
GlobalSize
GlobalAlloc
GlobalLock
lstrcmpiA
GetModuleFileNameA
GetShortPathNameA
GetFullPathNameA
GetThreadLocale
GetStringTypeExA
FindClose
GetVolumeInformationA
FindFirstFileA
LoadLibraryA
lstrcpyA
MultiByteToWideChar
MoveFileA
GetProcAddress
DeleteFileA
LockFile
SetEndOfFile
UnlockFile
SetFilePointer
CloseHandle
FlushFileBuffers
CreateFileA
WriteFile
ReadFile
SuspendThread
GetCurrentProcess
DuplicateHandle
SetThreadPriority
ResumeThread
GetThreadPriority
lstrlenA
GetPrivateProfileIntA
lstrcmpA
IsBadStringPtrA
IsBadReadPtr
IsBadWritePtr
GetLastError
IsBadStringPtrW
lstrcpynA
LocalLock
SetLastError
GetTempPathA
FileTimeToLocalFileTime
GetCPInfo
GetCurrentThread
RaiseException

gdi32

GetOutlineTextMetricsA
TextOutA
PlayMetaFile
EnumMetaFile
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
GetClipRgn
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
OffsetClipRgn
ExcludeClipRect
SelectClipRgn
OffsetWindowOrgEx
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
DeleteMetaFile
IntersectClipRect
SetWindowOrgEx
MoveToEx
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
RestoreDC
SaveDC
DeleteObject
StretchDIBits
DeleteDC
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
PlayEnhMetaFile
GdiComment
WidenPath
StrokePath
StrokeAndFillPath
SetMiterLimit
GetPath
GetMiterLimit
FlattenPath
FillPath
EndPath
CloseFigure
BeginPath
AbortPath
GetCharWidthFloatA
GetCharABCWidthsFloatA
ExtEscape
DrawEscape
PolyBezier
GetCurrentObject
GetColorAdjustment
PolyPolyline
GetArcDirection
AngleArc
SetPixelV
PlgBlt
MaskBlt
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocA
GetGlyphOutlineA
GetKerningPairsA
GetFontData
GetCharABCWidthsA
ResetDCA
GetBoundsRect
SetBoundsRect
Escape
GetAspectRatioFilterEx
GetCharWidthA
GetTextCharacterExtra
GetTextMetricsA
GetTextFaceA
GetTextAlign
SetPixel
GetPixel
FloodFill
BitBlt
PatBlt
StretchBlt
Rectangle
PolyPolygon
RoundRect
Pie
Ellipse
Polygon
Polyline
Arc
Chord
RectVisible
PtVisible
GetCurrentPositionEx
InvertRgn
FrameRgn
PaintRgn
LPtoDP
DPtoLP
FillRgn
GetWindowOrgEx
GetViewportExtEx
GetWindowExtEx
GetMapMode
GetTextColor
GetViewportOrgEx
GetROP2
GetPolyFillMode
GetStretchBltMode
GetBkColor
UpdateColors
GetBkMode
GetNearestColor
SelectObject
RealizePalette
SetBrushOrgEx
GetBrushOrgEx
EnumObjects
CreateCompatibleDC
CreateICA
GetDeviceCaps
RectInRegion
PtInRegion
CreateDCA
OffsetRgn
EqualRgn
GetRgnBox
SetRectRgn
GetRegionData
CombineRgn
PathToRegion
CreateRoundRectRgn
ExtCreateRegion
CreatePolygonRgn
CreateEllipticRgnIndirect
ExtFloodFill
GetTextExtentPoint32A
CreatePolyPolygonRgn
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn
ResizePalette
GetNearestPaletteIndex
AnimatePalette
SetPaletteEntries
GetPaletteEntries
CreateHalftonePalette
CreatePalette
CreateDiscardableBitmap
CreateCompatibleBitmap
GetBitmapDimensionEx
SetBitmapDimensionEx
GetBitmapBits
SetBitmapBits
CreateBitmapIndirect
CreateBitmap
CreateFontA
CreateFontIndirectA
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBrushIndirect
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePenIndirect
CreatePen
GetObjectType
UnrealizeObject
GetStockObject
GetObjectA
ExtTextOutA
CloseEnhMetaFile
CreateEnhMetaFileA
CloseMetaFile
CreateMetaFileA

user32

SetClipboardViewer
SendMessageA
IsWindow
PostMessageA
TabbedTextOutA
CopyRect
IsRectEmpty
PtInRect
SetRect
SetRectEmpty
EqualRect
InflateRect
OffsetRect
IntersectRect
UnionRect
SubtractRect
GetSysColorBrush
LoadBitmapA
WindowFromDC
ExcludeUpdateRgn
FillRect
FrameRect
InvertRect
DrawIcon
DrawStateA
DrawEdge
DrawFrameControl
DrawFocusRect
DrawTextA
GetTabbedTextExtentA
GrayStringA
ScrollDC
CreateMenu
CreatePopupMenu
IsMenu
DeleteMenu
AppendMenuA
CheckMenuItem
EnableMenuItem
SetMenuDefaultItem
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringA
GetMenuItemInfoA
GetSubMenu
InsertMenuA
ModifyMenuA
RemoveMenu
SetMenuItemBitmaps
LoadMenuA
LoadMenuIndirectA
SetMenuContextHelpId
GetMenuContextHelpId
CheckMenuRadioItem
GetMenu
SetMenu
DrawMenuBar
GetSystemMenu
HiliteMenuItem
IsIconic
IsZoomed
ArrangeIconicWindows
SetWindowRgn
GetWindowRgn
BringWindowToTop
GetWindowRect
GetClientRect
MapWindowPoints
ClientToScreen
ScreenToClient
BeginPaint
EndPaint
GetDC
GetWindowDC
ReleaseDC
UpdateWindow
GetUpdateRect
GetUpdateRgn
InvalidateRect
InvalidateRgn
ValidateRect
ValidateRgn
IsWindowVisible
ShowOwnedPopups
GetDCEx
LockWindowUpdate
RedrawWindow
EnableScrollBar
SetTimer
KillTimer
GetActiveWindow
SetActiveWindow
GetCapture
SetCapture
GetFocus
GetDesktopWindow
DlgDirListA
DlgDirListComboBoxA
DlgDirSelectExA
DlgDirSelectComboBoxExA
GetNextDlgGroupItem
GetNextDlgTabItem
ShowScrollBar
ChildWindowFromPoint
ChildWindowFromPointEx
FindWindowA
GetWindow
GetTopWindow
GetLastActivePopup
IsChild
GetParent
SetParent
WindowFromPoint
FlashWindow
ChangeClipboardChain
PeekMessageA
OpenClipboard
GetOpenClipboardWindow
GetClipboardOwner
GetClipboardViewer
CreateCaret
GetCaretPos
SetCaretPos
HideCaret
ShowCaret
SetForegroundWindow
GetForegroundWindow
SendNotifyMessageA
SetWindowContextHelpId
GetWindowContextHelpId
EnableWindow
MapDialogRect
GetWindowLongA
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
PostThreadMessageA
LoadCursorA
LoadIconA
CloseWindow
OpenIcon
CharUpperA
GetSystemMetrics
CharToOemA
OemToCharA
UnhookWindowsHookEx
MsgWaitForMultipleObjects
GetWindowPlacement
SystemParametersInfoA
RegisterWindowMessageA
SetWindowPos
SetWindowLongA
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetDlgCtrlID
GetClassNameA
DefWindowProcA
DestroyWindow
GetKeyState
GetWindowTextA
GetWindowTextLengthA
GetDlgItem
SetWindowPlacement
TrackPopupMenu
RegisterClassA
GetClassInfoA
WinHelpA
MessageBoxA
SetScrollInfo
GetScrollInfo
ScrollWindow
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
AdjustWindowRectEx
SetFocus
DispatchMessageA
GetSysColor
SendDlgItemMessageA
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
SetCursor
IsWindowEnabled
ShowWindow
DestroyMenu
ReuseDDElParam
UnpackDDElParam
WaitMessage
GetCursorPos
TranslateMessage
GetMessageA
GetWindowThreadProcessId
DefFrameProcA
TranslateMDISysAccel
DefMDIChildProcA
CreateDialogIndirectParamA
EndDialog
wvsprintfA
GetAsyncKeyState
GetDialogBaseUnits
GetClipboardFormatNameA
SetWindowTextA
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageA
MoveWindow
GetMenuCheckMarkDimensions
DestroyIcon
SetCursorPos
DestroyCursor
IsClipboardFormatAvailable
MessageBeep
UnregisterClassA
LoadStringA
PostQuitMessage
wsprintfA

Sections

.text
Size: 680KB - Virtual size: 677KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/MSVCRTD.DLL
.dll windows:4 windows x86 arch:x86

265cd32afd4d72991a91eb9bf6c51bae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEnvironmentVariableW
RtlUnwind
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetUnhandledExceptionFilter
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
ResumeThread
GetLastError
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapFree
HeapAlloc
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
HeapValidate
GetProcAddress
LoadLibraryA
DebugBreak
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
RaiseException
FlushFileBuffers
SetFilePointer
SetStdHandle
Sleep
CompareStringA
CompareStringW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
GetTimeZoneInformation
SetEnvironmentVariableA
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapCompact
HeapWalk
ReadConsoleA
SetConsoleMode
GetConsoleMode
SetEndOfFile
WriteConsoleA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
GetSystemTimeAsFileTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime
GetSystemTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CrtCheckMemory
_CrtDbgBreak
_CrtDbgReport
_CrtDoForAllClientObjects
_CrtDumpMemoryLeaks
_CrtIsMemoryBlock
_CrtIsValidHeapPointer
_CrtIsValidPointer
_CrtMemCheckpoint
_CrtMemDifference
_CrtMemDumpAllObjectsSince
_CrtMemDumpStatistics
_CrtSetAllocHook
_CrtSetBreakAlloc
_CrtSetDbgBlockType
_CrtSetDbgFlag
_CrtSetDumpClient
_CrtSetReportFile
_CrtSetReportHook
_CrtSetReportMode
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__argc
__argv
__badioinfo
__crtCompareStringA
__crtGetLocaleInfoW
__crtLCMapStringA
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__isascii
__iscsym
__iscsymf
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__crtAssertBusy
__p__crtBreakAlloc
__p__crtDbgFlag
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pioinfo
__pxcptinfoptrs
__set_app_type
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__unguarded_readlc_active
__wargv
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_calloc_dbg
_cexit
_cgets
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_creat
_crtAssertBusy
_crtBreakAlloc
_crtDbgFlag
_cscanf
_ctype
_cwait
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_expand_dbg
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirsti64
_findnext
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_free_dbg
_fsopen
_fstat
_fstati64
_ftime
_ftol
_fullpath
_futime
_gcvt
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getws
_global_unwind2
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_malloc_dbg
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_msize
_msize_dbg
_nextafter
_onexit
_open
_open_osfhandle
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putws
_pwctype
_read
_realloc_dbg
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_searchenv
_seh_longjmp_unwind
_set_error_mode
_set_sbh_threshold
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snwprintf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_splitpath
_stat
_stati64
_statusfp
_strcmpi
_strdate
_strdup
_strerror
_stricmp
_stricoll
_strlwr
_strncoll
_strnicmp
_strnicoll
_strnset
_strrev
_strset
_strtime
_strupr
_swab
_sys_errlist
_sys_nerr
_tell
_telli64
_tempnam
_timezone

Sections

.text
Size: 340KB - Virtual size: 338KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/RealMediaSplitter.ax
.dll regsvr32 windows:4 windows x86 arch:x86

ff5f2261d98de1cfa422c92db550f5d2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsSetValue
LocalReAlloc
TlsFree
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesW
GetFileTime
lstrcatW
GlobalFlags
GetModuleHandleA
GetVersionExA
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
ExitProcess
TlsAlloc
HeapAlloc
HeapFree
GetCommandLineA
HeapReAlloc
VirtualProtect
VirtualQuery
SetStdHandle
GetFileType
HeapSize
TerminateProcess
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
IsBadWritePtr
GetOEMCP
GetCPInfo
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GetFullPathNameW
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
Sleep
GetModuleFileNameW
GetVersion
CreateFileW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcessId
CreateThread
GetTickCount
lstrcpyW
GetModuleHandleW
GetLastError
lstrlenA
VirtualAlloc
GetCurrentThreadId
GetCurrentProcess
DuplicateHandle
VirtualFree
GetSystemInfo
WaitForSingleObject
ResetEvent
SetEvent
CreateEventW
CloseHandle
InterlockedDecrement
InterlockedIncrement
lstrlenW
lstrcpynW
lstrcmpW
DisableThreadLibraryCalls
GetModuleFileNameA
LoadLibraryW
GetProcAddress
FreeLibrary
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
RtlUnwind

user32

CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
WinHelpW
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconW
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageW
AdjustWindowRectEx
GetClassInfoW
RegisterClassW
DefWindowProcW
CallWindowProcW
SystemParametersInfoA
IsIconic
GetWindowPlacement
DrawTextExW
DrawTextW
TabbedTextOutW
SetWindowPos
SetWindowLongW
GetDlgItem
SetWindowsHookExW
CallNextHookEx
GetKeyState
ValidateRect
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetFocus
SetWindowTextW
GetClassNameW
GetWindowTextW
SendMessageW
MessageBoxW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
LoadCursorW
PostQuitMessage
DestroyMenu
SetMenuItemBitmaps
ModifyMenuW
CopyRect
EnableMenuItem
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
CharUpperW
GetSystemMetrics
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
DispatchMessageW
RegisterWindowMessageW
PeekMessageW
wsprintfW
UnregisterClassW
GrayStringW

gdi32

DeleteDC
CreateBitmap
GetStockObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetBkColor
RestoreDC
SaveDC
DeleteObject
GetDeviceCaps
GetClipBox
SetMapMode
SetTextColor
SelectObject

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueW
RegCreateKeyW

comctl32

ord17

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathRemoveFileSpecA
PathAddBackslashA

ole32

CLSIDFromString
StringFromGUID2
CoFreeUnusedLibraries
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoInitialize

oleaut32

SysFreeString
VariantChangeType
SysAllocStringLen
VariantClear
VariantInit
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/WMASF.DLL
.dll windows:5 windows x86 arch:x86

7f54fbd6c699bd468624d69053eae4cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
GetProcAddress
GetCurrentProcess
TerminateProcess
Sleep
CloseHandle
GetLastError
WriteFile
FlushFileBuffers
WideCharToMultiByte
CreateFileA
SetFilePointer
ReadFile
DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
HeapAlloc
GetProcessHeap
HeapFree
MultiByteToWideChar
MulDiv
InitializeCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime

msvcrt

_purecall
malloc
_adjust_fdiv
_initterm
free
_wcsicmp
wcscmp
wcscpy
wcslen
memmove
??2@YAPAXI@Z
??3@YAXPAX@Z

ole32

CoCreateGuid

Exports

Exports

ASFAddPresDelta
ASFAddSendDelta
ASFCalculatePresDelta
ASFCreateBitrateTracker
ASFCreateIOMonitor
ASFCreateIndexMaker
ASFCreateIndexMakerFileSink
ASFCreateLibrary
ASFCreateMediaObjectIndexMaker
ASFCreateStreamSelector
ASFFindHeaderObject
ASFFindRootObject
ASFFindStreamPropertiesObject
ASFGUIDFromCodecID
ASFGUIDToCodecID
ASFGetDataUnitInfo
ASFGetHeaderObject
ASFGetRootObject
ASFGetStreamPropertiesObject
ASFGetTimeBase
ASFPresDeltaTimeToTime
ASFPresDeltaToFull
ASFPresFullToDelta
ASFPresTimeToSendTime
ASFPresTimeToTime
ASFReadHeaderFromFile
ASFReadHeaderFromFileHandle
ASFSendTimeToPresTime
ASFSendTimeToTime
ASFSetDataUnitInfo
ASFTimeToPresDeltaTime
ASFTimeToPresTime
ASFTimeToSendTime
ASFWriteHeaderToFile
CreateAsfCellPoolAllocator

Sections

.text
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/WMVCORE.DLL
.dll regsvr32 windows:5 windows x86 arch:x86

6f3c714b8cb3ad114b9e28d99535c21e

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:07:11:43:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/05/2002, 00:55

Not After

25/11/2003, 01:05

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
FreeResource
CloseHandle
WriteFile
SleepEx
OpenProcess
GetExitCodeProcess
GetVersion
HeapSize
RaiseException
FlushInstructionCache
DuplicateHandle
SizeofResource
LockResource
LoadResource
TerminateProcess
GetCurrentProcess
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
InterlockedCompareExchange
InterlockedIncrement
HeapAlloc
GetProcessHeap
HeapFree
GetLastError
InterlockedDecrement
ReadFile
GetFileType
InitializeCriticalSection
SetEvent
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SystemTimeToFileTime
GetSystemTime
WaitForSingleObject
GetFileSize
ReleaseSemaphore
MultiByteToWideChar
IsBadReadPtr
SetFilePointer
WideCharToMultiByte
lstrlenA
CompareFileTime
Sleep
FreeLibrary
InterlockedExchange
WaitForMultipleObjects
ResetEvent
MulDiv
VirtualFree
VirtualAlloc
GlobalMemoryStatus
ReleaseMutex
WaitForSingleObjectEx
GlobalLock
GlobalAlloc
GetSystemDefaultLangID
GetUserDefaultLCID
IsBadWritePtr
FileTimeToSystemTime
GetFileTime
SetEndOfFile
CreateSemaphoreA
SetThreadPriority
GetThreadPriority
GetCurrentThread
GetExitCodeThread
CreateThread
GetComputerNameA
GetDiskFreeSpaceA
GetLocalTime
DeviceIoControl
LoadLibraryA
GetModuleHandleW
GetVersionExA
GetSystemInfo
LocalAlloc
LocalFree
SetLastError
GetVersionExW
LoadLibraryW
HeapReAlloc
lstrlenW
CreateEventA
CreateEventW
CreateFileA
CreateFileW
CreateSemaphoreW
DeleteFileA
DeleteFileW
FindResourceA
FindResourceW
GetModuleFileNameA
GetModuleFileNameW
GetTempPathA
GetTempPathW
GetVolumeInformationA
GetVolumeInformationW
IsBadStringPtrA
IsBadStringPtrW
OutputDebugStringA
SetFileAttributesA
SetFileAttributesW
GetLocaleInfoA
GetLocaleInfoW
CreateMutexA
CreateMutexW
GetComputerNameW
GetSystemDirectoryA
GetSystemDirectoryW

wmasf

ASFSendTimeToTime
ASFPresTimeToTime
ord18
ASFTimeToSendTime
ASFSetDataUnitInfo
ord24
ord11
ASFTimeToPresTime
ord10
ord6
ord8
ord17
ord7
ord5
ASFGetTimeBase
ASFCreateStreamSelector
ord9

msvcrt

isalnum
_except_handler3
free
strcpy
realloc
abs
_waccess
_wcsupr
_ui64toa
strlen
srand
_beginthread
memmove
_wcslwr
longjmp
_setjmp3
sprintf
strncpy
strpbrk
memchr
wcstombs
_stricmp
_ultow
_wtol
wcsncmp
_wcsicmp
_set_error_mode
_purecall
wcscmp
wcscpy
wcslen
??2@YAPAXI@Z
??3@YAXPAX@Z
_wcsnicmp
wcscat
_itoa
towupper
iswprint
_errno
strtoul
isdigit
strchr
strstr
isspace
sscanf
rand
memcpy
memcmp
memset
iswdigit
wcsncat
iswspace
_vsnwprintf
_vsnprintf
swscanf
wcstoul
wcspbrk
setlocale
_wtoi
_snwprintf
swprintf
wcstol
wcsstr
wcsncpy
_snprintf
_strnicmp
wcsrchr
wcschr
_itow
__CxxFrameHandler
_ultoa
calloc
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_onexit
__dllonexit
_adjust_fdiv
_initterm
vswprintf
_CIpow
printf
strcspn
strspn
abort
exit
fprintf
_iob
getenv
ceil
toupper
isxdigit
iswcntrl
iswascii
wcsspn
wcscspn
_ltoa
isalpha
wcsftime
gmtime
wcstok
strcmp
malloc
_strcmpi
time
strncmp

advapi32

RegQueryValueExW
CryptGenRandom
CryptAcquireContextA
CryptReleaseContext
GetUserNameA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExW
GetUserNameW
RegCreateKeyExW
RegEnumKeyA
RegEnumKeyW
RegEnumValueA
RegEnumValueW
RegOpenKeyA
RegDeleteKeyA
RegDeleteKeyW
RegDeleteValueA
RegDeleteValueW
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryInfoKeyW
RegSetValueExW
RegCloseKey

user32

wsprintfA
MsgWaitForMultipleObjects
ReleaseDC
GetDC
GetDesktopWindow
DispatchMessageA
DispatchMessageW
PeekMessageA
PeekMessageW
PostThreadMessageA
PostThreadMessageW
RegisterWindowMessageA
wvsprintfW

ole32

CoTaskMemFree
CoUninitialize
CoInitializeEx
CoCreateGuid
CoTaskMemAlloc
StringFromCLSID
CoCreateInstance
CLSIDFromString
CoGetTreatAsClass

oleaut32

VariantCopy
VariantInit
SysFreeString
VariantChangeType
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SysAllocStringLen
VariantTimeToSystemTime
SysStringByteLen
SysStringLen
SysAllocString
VariantClear

gdi32

GetSystemPaletteEntries

Exports

Exports

DllRegisterServer
WMCheckURLExtension
WMCheckURLScheme
WMCreateBackupRestorer
WMCreateBackupRestorerPrivate
WMCreateEditor
WMCreateIndexer
WMCreateProfileManager
WMCreateReader
WMCreateReaderPriv
WMCreateSyncReader
WMCreateSyncReaderPriv
WMCreateWriter
WMCreateWriterFileSink
WMCreateWriterNetworkSink
WMCreateWriterPriv
WMCreateWriterPushSink
WMIsAvailableOffline
WMIsContentProtected
WMValidateData

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 312KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
whwnmp4change/ac3decbuf.dll
.dll windows:4 windows x86 arch:x86

7da51e3d42e8f9bbce469218fcd9dade

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

waveOutReset
waveOutClose
waveOutPrepareHeader
waveOutWrite
waveOutUnprepareHeader
waveOutGetNumDevs
waveOutOpen
waveOutGetDevCapsA

kernel32

TlsAlloc
TlsSetValue
SetFilePointer
LoadLibraryA
GetStringTypeW
GetStringTypeA
SetEvent
ResetEvent
CreateEventA
WaitForSingleObject
CloseHandle
HeapAlloc
HeapFree
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
GetProcAddress
GetModuleHandleA
GetCurrentThreadId
RtlUnwind
FreeEnvironmentStringsW
TlsFree
SetLastError
TlsGetValue
GetLastError
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
FlushFileBuffers

Exports

Exports

WEP
ac3buf_close
ac3buf_get_handle
ac3buf_init
ac3buf_readdata

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/commdll.dll
.dll windows:4 windows x86 arch:x86

2d005080a4662d4f07b4edf5f7bd7088

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileType
GetStartupInfoA
GetModuleFileNameA
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
HeapFree
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetVolumeInformationA
MultiByteToWideChar
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetFilePointer
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetStdHandle
CloseHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
RtlUnwind

iphlpapi

GetAdaptersInfo

Exports

Exports

Check_LienceValue
Get_InstallDate
Get_KeyValue
Get_LienceValue
Get_RequestNo
Get_RequestNo1
Get_RequestNoStr
Get_SoftType
Get_UseLong
Get_User
WEP

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/h263decode.dll
.dll windows:4 windows x86 arch:x86

c91d91a313d30cbc724de5ccca1a04b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsFree
LeaveCriticalSection
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
GetProcAddress
GetModuleHandleA
GetLastError
FlushFileBuffers
WriteFile
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TerminateProcess
GetCurrentProcess
RaiseException
CloseHandle
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
RtlUnwind
GetCurrentThreadId
TlsSetValue
TlsAlloc
EnterCriticalSection
SetLastError
TlsGetValue
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
InterlockedDecrement
InterlockedIncrement
SetStdHandle
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

h263de_exit
h263de_frame
h263de_framebgr
h263de_init

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/h263encode.dll
.dll windows:4 windows x86 arch:x86

cc8c9e81ef89d95247169497acb90efd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
VirtualAlloc
HeapReAlloc
GetProcAddress
GetModuleHandleA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetLastError
FlushFileBuffers
WriteFile
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
HeapFree
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
InterlockedDecrement
InterlockedIncrement
SetStdHandle
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CloseHandle
RtlUnwind

Exports

Exports

h263en_exit
h263en_frame
h263en_init
h263en_ipframe
h263en_skipframe

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/libxvidcore.dll
.dll windows:4 windows x86 arch:x86

7660318574e59284a0dd0ac1f0abf57c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeEnvironmentStringsA
HeapAlloc
HeapReAlloc
RtlUnwind
GetCommandLineA
GetVersion
GetProcAddress
GetModuleHandleA
EnterCriticalSection
LeaveCriticalSection
GetLastError
CloseHandle
WriteFile
InitializeCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
ExitProcess
VirtualAlloc
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
HeapFree
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
SetFilePointer
SetStdHandle
FlushFileBuffers
CreateFileA
ReadFile
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetEndOfFile

Exports

Exports

xvid_decore
xvid_encore
xvid_global
xvid_plugin_2pass1
xvid_plugin_2pass2
xvid_plugin_dump
xvid_plugin_lumimasking
xvid_plugin_psnr
xvid_plugin_single

Sections

.text
Size: 432KB - Virtual size: 431KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 474KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/mp3more_decode.dll
.dll windows:4 windows x86 arch:x86

13b136d6eb78e15c4bfed9cdb0fb566d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
GlobalFree
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
GetProcAddress
GetModuleHandleA
GlobalAlloc
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RaiseException
RtlUnwind

Exports

Exports

mp3_close
mp3_init
mp3_open
mp3_play

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 382KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/mpgmux.dll
.dll windows:4 windows x86 arch:x86

aea5f7bafb8187aff501a8923a306638

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
HeapAlloc
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
GetVersion
GetLastError
CloseHandle
WriteFile
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
InitializeCriticalSection
DeleteCriticalSection
RtlUnwind
GetProcAddress
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
InterlockedDecrement
InterlockedIncrement
ReadFile
SetStdHandle
HeapFree
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
FlushFileBuffers
CreateFileA
GetCPInfo
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetACP
GetOEMCP
LoadLibraryA
SetEndOfFile
GetStringTypeA
GetStringTypeW

Exports

Exports

WEP
get_mpeg4_adddata
get_mpeg4_aindex
get_mpeg4_aindex_num
get_mpeg4_audio
get_mpeg4_index
get_mpeg4_video
get_mpeg4_vindex
get_mpeg4_vindex_num
mux_get_10num
mux_get_20num
mux_get_30num
mux_get_5num
mux_get_ac3_bit
mux_get_ac3_disp
mux_get_allbit
mux_get_audio_bit
mux_get_audio_disp
mux_get_audio_mode
mux_get_audio_pid
mux_get_autonum
mux_get_begin
mux_get_filelen
mux_get_main_stream
mux_get_max_pts
mux_get_min_pts
mux_get_video_bit
mux_get_video_disp
mux_get_video_mode
mux_get_video_pid
mux_init
mux_play_num
mux_play_time
open_stream

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/ncdivxplay.dll
.dll windows:4 windows x86 arch:x86

9c1b35f520f62bd6aa0214c132982788

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

waveOutPrepareHeader
waveOutWrite
waveOutUnprepareHeader
waveOutClose
waveOutSetVolume
waveOutOpen
waveOutGetVolume

ddraw

DirectDrawCreateEx

msvfw32

ICDecompress
ICClose
ICLocate
ICOpen
ICSendMessage

kernel32

GetProcAddress
LoadLibraryA
FreeLibrary
GetLastError
GetModuleHandleA
GlobalFree
CreateThread
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitProcess
HeapAlloc
GetProcessHeap
HeapFree
lstrlenA
Sleep
GlobalAlloc
SetLastError

user32

SendMessageA
GetSysColor
MessageBoxA
SetWindowPos
SetWindowLongA
GetWindowRect
DefWindowProcA
PostQuitMessage
DestroyWindow
PeekMessageA
DispatchMessageA
TranslateMessage
GetClientRect
UnregisterClassA
LoadCursorA
GetSysColorBrush
AdjustWindowRect
CreateWindowExA
SetForegroundWindow
ShowWindow
SetWindowPlacement
InvalidateRect
GetSystemMetrics
RegisterClassExA
ClientToScreen

gdi32

GetPixel
SetPixel
SetBkColor
SetTextColor
SetBkMode
TextOutA
SetROP2

msvcrt

strcpy
_initterm
_adjust_fdiv
strlen
_iob
ceil
pow
fabs
abs
memcmp
abort
getenv
sscanf
fprintf
fflush
memcpy
memset
memmove
strtod
_CIpow
printf
__CxxLongjmpUnwind
strncmp
??3@YAXPAX@Z
exit
malloc
longjmp
_setjmp3
sprintf
free
_ftol
fwrite
__CxxFrameHandler
fread
??2@YAPAXI@Z

Exports

Exports

mpeg4_get_leftvol
mpeg4_get_rightvol
mpeg4_set_leftvol
mpeg4_set_rightvol
ncdivx_close
ncdivx_gethdr
ncdivx_getpic
ncdivx_getwin
ncdivx_init
ncdivx_init0
ncdivx_initrgb
ncdivx_play
ncdivx_playbuf
ncdivx_setadddata
ncdivx_sethdr
ncdivx_setwin
ncsound_close
ncsound_init
ncsound_play

Sections

.text
Size: 300KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/piczip.dll
.dll windows:4 windows x86 arch:x86

6f7acffa1368abd7ad51a3590884822b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
IsBadReadPtr
HeapValidate
GetCommandLineA
GetVersion
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetLastError
SetFilePointer
InitializeCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
ExitProcess
FatalAppExitA
HeapAlloc
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetCurrentProcess
VirtualAlloc
ReadFile
CloseHandle
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetConsoleCtrlHandler
SetStdHandle
CreateFileA
UnhandledExceptionFilter
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
Sleep
SetEndOfFile
RtlUnwind
LCMapStringA
LCMapStringW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

compress
uncompress

Sections

.text
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/sh263dec.dll
.dll windows:4 windows x86 arch:x86

c91d91a313d30cbc724de5ccca1a04b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsFree
LeaveCriticalSection
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
GetProcAddress
GetModuleHandleA
GetLastError
FlushFileBuffers
WriteFile
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TerminateProcess
GetCurrentProcess
RaiseException
CloseHandle
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
RtlUnwind
GetCurrentThreadId
TlsSetValue
TlsAlloc
EnterCriticalSection
SetLastError
TlsGetValue
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
InterlockedDecrement
InterlockedIncrement
SetStdHandle
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

sh263de_exit
sh263de_frame
sh263de_getfnum
sh263de_getheight
sh263de_getwidth
sh263de_init
sh263de_setdispmode

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/sh263en.dll
.dll windows:4 windows x86 arch:x86

3d8fafc0a6f04ed6a908ac593076c6d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
GetVersion
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
DeleteCriticalSection
RtlUnwind
GetProcAddress
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetLastError
FlushFileBuffers
WriteFile
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
HeapFree
TlsGetValue
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
InterlockedDecrement
InterlockedIncrement
SetStdHandle
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CloseHandle

Exports

Exports

sh263en_exit
sh263en_frame
sh263en_init
sh263en_skipframe

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/skin/BOTTOM1.BMP
whwnmp4change/skin/BOTTOM2.BMP
whwnmp4change/skin/DLG1.BMP
whwnmp4change/skin/DLG2.BMP
whwnmp4change/skin/LEFT1.BMP
whwnmp4change/skin/LEFT2.BMP
whwnmp4change/skin/RIGHT1.BMP
whwnmp4change/skin/RIGHT2.BMP
whwnmp4change/skin/TOP1.BMP
whwnmp4change/skin/TOP2.BMP
whwnmp4change/skin/Thumbs.db
whwnmp4change/skin/close1.bmp
whwnmp4change/skin/close2.bmp
whwnmp4change/skin/min1.bmp
whwnmp4change/skin/min2.bmp
whwnmp4change/wave_enmp3.dll
.dll windows:4 windows x86 arch:x86

5233420551ea28bfecc6fdae0ac31c91

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapCreate
GetModuleFileNameA
GetPrivateProfileIntA
GetCommandLineA
GetVersion
HeapAlloc
HeapFree
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
GetProcAddress
GetModuleHandleA
GetLastError
CloseHandle
InitializeCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
OutputDebugStringA
VirtualFree
WriteFile
VirtualAlloc
HeapReAlloc
SetFilePointer
RaiseException
FlushFileBuffers
ReadFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetStdHandle
CreateFileA
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
RtlUnwind
SetEndOfFile

Exports

Exports

wave_enmp3_vbrheader
wave_enmp3code
wave_enmp3end
wave_enmp3init
wave_enmp3init_abr
wave_enmp3init_new
wave_enmp3init_vbr

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/whwnaac_decode.dll
.dll windows:4 windows x86 arch:x86

2c0117e60d8bf4bba44112f85998cebb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

fopen
sprintf
realloc
strncat
strlen
ftell
memcpy
free
_adjust_fdiv
__dllonexit
_onexit
fclose
_iob
fprintf
malloc
memset
fseek
_ftol
memmove
fread
memcmp
_chkesp
qsort
_CIpow
_initterm
_stricmp
_strdup

kernel32

DisableThreadLibraryCalls
LoadLibraryA
GetProcAddress
CreateFileA
GetFileSize
SetFilePointer
ReadFile
CloseHandle
GetVolumeInformationA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Exports

Exports

aac_decode
aacbuf_decode
aacdecode_close
aacdecode_init
aacdecodebuf_close
aacdecodebuf_init
get_mp4info

Sections

.text
Size: 228KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/whwnaac_encode.dll
.dll windows:4 windows x86 arch:x86

c75f6e67970da6cf2685ee57a533d426

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

ws2_32

htonl

msvcrt

_snprintf
fprintf
_iob
fwrite
free
fclose
fopen
malloc
_CIpow
_ftol
sprintf
_CIasin
exit
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
_stricmp
_errno
_CxxThrowException
_fstati64
_vsnprintf
realloc
memmove
printf
fread
strerror
strchr
tolower
sscanf
strncpy
ceil
isalnum
fflush
_purecall
fgetpos
fsetpos
fputs
vprintf
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
_fileno

kernel32

DisableThreadLibraryCalls
GetTickCount

Exports

Exports

aac_close
aac_encode
aac_init
aacbuf_close
aacbuf_encode
aacbuf_init

Sections

.text
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/whwnadpcmdecode.dll
.dll windows:4 windows x86 arch:x86

46039de89f8560750f5a6dacd1c7a453

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
GetCommandLineA
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
RtlUnwind
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

Exports

Exports

whwn_adpcm_close
whwn_adpcm_decode
whwn_adpcm_init

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/whwnamr_decode.dll
.dll windows:4 windows x86 arch:x86

7f7ddc7a1dedfb4645f7aaee2418a878

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetEnvironmentStrings
LeaveCriticalSection
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
InitializeCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
EnterCriticalSection
GetEnvironmentStringsW
WriteFile
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetFilePointer
CloseHandle
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind

Exports

Exports

amr_decode
amrdecode_close
amrdecode_init

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/whwnamr_encode.dll
.dll windows:4 windows x86 arch:x86

c428b798e024d9970562be849c2a86ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeEnvironmentStringsW
LeaveCriticalSection
HeapAlloc
HeapFree
GetCommandLineA
GetVersion
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
InitializeCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetLastError
WriteFile
CloseHandle
GetProcAddress
GetModuleHandleA
RaiseException
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetModuleFileNameA
FreeEnvironmentStringsA
EnterCriticalSection
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
SetFilePointer
SetStdHandle
CreateFileA
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
SetEndOfFile
ReadFile
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
RtlUnwind

Exports

Exports

amr_close
amr_encode
amr_init
amrbuf_close
amrbuf_encode
amrbuf_init

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/whwnchangemp4.chm
.chm
whwnmp4change/whwnchangemp4.exe
.exe windows:4 windows x86 arch:x86

ef30ee4a22f5514d8b2ff25f3c2b95c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutClose
waveOutOpen
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
timeGetTime

ddraw

DirectDrawCreateEx

wmvcore

WMCreateSyncReader

whwnpcmchange

?pcm_setch@Cwhwnpcmchange@@QAEXH@Z
?pcm_setbit@Cwhwnpcmchange@@QAEXH@Z
?pcm_change@Cwhwnpcmchange@@QAEHPAEH0H_N@Z
?pcm_init@Cwhwnpcmchange@@QAEHNHHH@Z
??0Cwhwnpcmchange@@QAE@XZ
??1Cwhwnpcmchange@@UAE@XZ
?pcm_getch@Cwhwnpcmchange@@QAEHPAE0HHHH@Z

msvcrtd

_controlfp
fread
_read
__CxxFrameHandler
_filelength
??3@YAXPAX@Z
_close
_write
free
_open
malloc
_lseek
realloc
_chsize
exit
fprintf
_iob
_ftol
_strnicmp
sprintf
??2@YAPAXI@Z
wcscpy
wcslen
memmove
_mbscmp
_mbsnbcpy
fclose
fseek
fopen
fwrite
_CxxThrowException
_mbsstr
_setjmp3
longjmp
frexp
_except_handler3
printf
_mbsnbicmp
strtod
strtoul
atoi
strrchr
_itoa
_exit
_stricmp
_XcptFilter
calloc
__dllonexit
_onexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__setusermatherr
_acmdln
__getmainargs
_initterm
__p__fmode
_adjust_fdiv
__p__commode
__set_app_type

mfc42

ord2860
ord5785
ord1641
ord2414
ord323
ord1168
ord1640
ord2713
ord2859
ord2864
ord5781
ord1146
ord6055
ord1776
ord4406
ord2243
ord4424
ord3729
ord804
ord567
ord4267
ord6215
ord2086
ord2587
ord2385
ord5290
ord3797
ord4284
ord2862
ord6334
ord1200
ord3573
ord3693
ord4133
ord4297
ord6785
ord5787
ord3571
ord2405
ord5678
ord5789
ord2754
ord2380
ord5736
ord755
ord3089
ord470
ord384
ord686
ord1099
ord535
ord6197
ord1574
ord6379
ord5788
ord500
ord1862
ord2566
ord283
ord4220
ord2584
ord3654
ord2438
ord6142
ord4083
ord2863
ord5606
ord4129
ord2763
ord4277
ord5683
ord2567
ord2614
ord858
ord2971
ord860
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord6172
ord5873
ord5794
ord5579
ord5571
ord6061
ord5864
ord3596
ord6194
ord1175
ord2096
ord2408
ord5860
ord772
ord3701
ord5759
ord807
ord2920
ord2012
ord2120
ord554
ord4163
ord1644
ord5572
ord2919
ord939
ord940
ord941
ord1621
ord2764
ord4202
ord5856
ord536
ord2452
ord2753
ord1195
ord472
ord5440
ord6383
ord5450
ord6394
ord2575
ord3402
ord4396
ord3574
ord609
ord4275
ord2379
ord5053
ord5875
ord6270
ord613
ord6880
ord289
ord4160
ord641
ord324
ord4710
ord4234
ord2578
ord2411
ord2023
ord4218
ord4398
ord3582
ord616
ord541
ord801
ord6143
ord2450
ord5861
ord2370
ord3499
ord355
ord6111
ord6199
ord2818
ord4694
ord2363
ord2642
ord4224
ord2297
ord3721
ord809
ord795
ord556
ord1088
ord2122
ord6358
ord6605
ord2915
ord926
ord6170
ord4287
ord3698
ord765
ord6734
ord3716
ord790
ord4123
ord540
ord3920
ord5216
ord936
ord932
ord2116
ord3370
ord3692
ord2582
ord4402
ord3640
ord3610
ord693
ord4243
ord3286
ord6453
ord6907
ord3996
ord6007
ord3301
ord2100
ord6242
ord4299
ord6675
ord2089
ord6888
ord6905
ord3092
ord656
ord1924
ord3496
ord4400
ord3630
ord682
ord3754
ord3753
ord3811
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord561
ord2621
ord1134
ord6663
ord4204
ord5710
ord668
ord922
ord3178
ord2781
ord2770
ord356
ord924
ord3302
ord1205
ord1105
ord3337
ord3742
ord818
ord1233
ord2841
ord2152
ord2107
ord3874
ord3619
ord640
ord3663
ord537
ord3626
ord3706
ord3597
ord800
ord2302
ord4080
ord4425
ord4627
ord3831
ord3079
ord3825
ord3081
ord3830
ord2976
ord3136
ord2985
ord3262
ord3147
ord4465
ord3259
ord2124
ord2982
ord5277
ord1727
ord2446
ord5261
ord6376
ord5065
ord3749
ord4441
ord2055
ord2648
ord5280
ord4837
ord3798
ord5163
ord4353
ord6374
ord1775
ord5241
ord4407
ord2514
ord4078
ord6052
ord4376
ord4998
ord4853
ord4774
ord5265
ord5981
ord3766
ord1576

msvcrt

getenv
sscanf
fflush
_setmbcp

kernel32

CreateThread
GetStartupInfoA
GetProcessHeap
HeapAlloc
HeapFree
EnterCriticalSection
LeaveCriticalSection
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
Sleep
GetPrivateProfileIntA
GetModuleFileNameA
GetPrivateProfileStringA
InterlockedDecrement
InterlockedIncrement
WritePrivateProfileStringA
SetFilePointer
ReadFile
GetFileSize
GetFileType
GetLastError
lstrcatA
WinExec
GetWindowsDirectoryA
LoadLibraryA
lstrcpyA
MulDiv
SizeofResource
FreeLibrary
GlobalAlloc
GlobalLock
GlobalUnlock
CloseHandle
CreateFileA
GetProcAddress
lstrcmpiA
GetModuleHandleA
LoadResource
LockResource
FindResourceA
lstrlenW
lstrlenA
GetCPInfo
GetVersionExA
GetTickCount
GetVersion
MultiByteToWideChar
GetLocalTime
SetLastError
GetDriveTypeA

user32

LockWindowUpdate
SetWindowRgn
GetFocus
WindowFromPoint
EqualRect
GetWindowTextA
SetWindowPos
SetForegroundWindow
GetSystemMenu
DrawIcon
IsIconic
DefWindowProcA
SetWindowPlacement
TranslateMessage
DispatchMessageA
PeekMessageA
MessageBoxA
CloseWindow
GetCursorPos
LoadCursorA
CopyIcon
GetMessagePos
ScreenToClient
SetTimer
MessageBeep
KillTimer
IsRectEmpty
SetRectEmpty
GetDlgItem
SetWindowLongA
RedrawWindow
GetIconInfo
CreateIconIndirect
DrawStateA
FrameRect
InflateRect
DrawFocusRect
PostMessageA
ClientToScreen
UpdateWindow
GetActiveWindow
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
GetWindowLongA
DestroyCursor
GetSubMenu
GetSysColorBrush
GrayStringA
GetMenuStringA
TabbedTextOutA
CreateMenu
CreatePopupMenu
GetMenuItemID
GetMenuState
ModifyMenuA
GetMenuItemCount
AppendMenuA
GetDesktopWindow
GetDC
DrawTextA
DestroyIcon
SystemParametersInfoA
DrawEdge
SetRect
GetMenuItemInfoA
ReleaseDC
CopyRect
LoadBitmapA
GetClientRect
LoadImageA
InvalidateRect
GetSysColor
FillRect
EnableWindow
IsWindow
GetWindowRect
PtInRect
GetWindowDC
GetSystemMetrics
SendMessageA
LoadIconA
CopyImage
DrawIconEx
OffsetRect
SetCapture
ReleaseCapture
DestroyWindow

gdi32

CreateEllipticRgnIndirect
SetPixelV
CreateICA
SelectPalette
RealizePalette
FloodFill
GetViewportOrgEx
SetViewportOrgEx
OffsetRgn
FrameRgn
CreatePolygonRgn
CreateRoundRectRgn
FillRgn
BitBlt
SetStretchBltMode
ExtCreateRegion
GetDIBits
CreateDIBitmap
CreateBitmap
SetBkColor
RoundRect
GetStockObject
PatBlt
GetPixel
CreateDIBSection
DeleteDC
Ellipse
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetTextExtentPoint32W
GetBkMode
GetDeviceCaps
CreateFontIndirectA
GetTextExtentPoint32A
StretchBlt
Rectangle
CreateFontA
SetROP2
CreatePen
MoveToEx
LineTo
SetPixel
CreateSolidBrush
SelectObject
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
CreateRectRgn
CombineRgn

comdlg32

GetOpenFileNameA

advapi32

RegOpenKeyExA
RegQueryValueA
RegCloseKey
RegQueryValueExA

shell32

ShellExecuteExA
ShellExecuteA

comctl32

_TrackMouseEvent
FlatSB_EnableScrollBar
InitializeFlatSB
ImageList_AddMasked
ImageList_GetIcon
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_Draw
InitCommonControlsEx
ImageList_ReplaceIcon

ole32

CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance

olepro32

ord251

Sections

.text
Size: 536KB - Virtual size: 532KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
whwnmp4change/whwnmp4decode.dll
.dll windows:4 windows x86 arch:x86

e24bedf83c606e96bf34a82609e1e741

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

??2@YAPAXI@Z
__CxxFrameHandler
fprintf
_iob
sprintf
_errno
_CxxThrowException
fclose
_fstati64
fopen
_vsnprintf
realloc
memmove
printf
_snprintf
strerror
malloc
??3@YAXPAX@Z
sscanf
free
_ftol
ceil
strncmp
isalnum
fflush
_purecall
fgetpos
fsetpos
fread
fwrite
fputs
vprintf
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
_stricmp
strchr
tolower
strncpy
_fileno

kernel32

DisableThreadLibraryCalls
GetTickCount

ws2_32

htonl

Exports

Exports

mp4_getaudio
mp4_getaudioname
mp4_getaudionum
mp4_getmp4aconfig
mp4_gettrackinfo
mp4_gettracknum
mp4_getvideo
mp4_getvideoname
mp4_getvideonum
mp4_readaudio
mp4_readvideo
mp4de_close
mp4de_init

Sections

.text
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/whwnmp4encode.dll
.dll windows:4 windows x86 arch:x86

446e4b0d111ae4006b04c79e0c3cb499

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

msvcrt

??2@YAPAXI@Z
_iob
??3@YAXPAX@Z
free
fprintf
sprintf
_errno
malloc
__CxxFrameHandler
_stricmp
_CxxThrowException
_fstati64
fopen
_vsnprintf
realloc
memmove
printf
_snprintf
fclose
strchr
tolower
strncpy
_ftol
ceil
isalnum
fflush
_purecall
fgetpos
fsetpos
fread
fwrite
fputs
vprintf
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
strerror
sscanf
_fileno

kernel32

GetTickCount
DisableThreadLibraryCalls

ws2_32

htonl

Exports

Exports

mp4_add264
mp4_add264pps
mp4_add264sps
mp4en_addaudio
mp4en_addvideo
mp4en_audio
mp4en_close
mp4en_init
mp4en_setaudioinfo
mp4en_video

Sections

.text
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/whwnmpeg4decode.dll
.dll windows:4 windows x86 arch:x86

0fcd7e66a6fc709f09a88c0e1b16260d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStartupInfoA
HeapReAlloc
HeapFree
InterlockedDecrement
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetLastError
WriteFile
GetStdHandle
GetProcAddress
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
InitializeCriticalSection
DeleteCriticalSection
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
HeapAlloc
LoadLibraryA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
GetStringTypeA
GetStringTypeW
SetFilePointer
FlushFileBuffers
GetACP
GetOEMCP
ReadFile
SetStdHandle
CloseHandle

Exports

Exports

whwnmpeg4decode_close
whwnmpeg4decode_decode
whwnmpeg4decode_decodeyuv
whwnmpeg4decode_getwh
whwnmpeg4decode_init
whwnmsmpeg4decode_init

Sections

.text
Size: 316KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/whwnmpegplay.exe
.exe windows:4 windows x86 arch:x86

c14752e3fb0b0cc145423ef7d2b6e786

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamStop
waveOutOpen
waveOutUnprepareHeader
waveOutWrite
waveOutPrepareHeader
midiStreamClose
waveOutSetVolume
midiOutUnprepareHeader
midiStreamOpen
midiStreamProperty
midiOutPrepareHeader
midiStreamOut
midiStreamPosition
midiOutShortMsg
midiStreamPause
waveOutClose
midiOutReset
timeGetTime
midiStreamRestart

ddraw

DirectDrawCreateEx

msvcrtd

_open
_filelength
_controlfp
__set_app_type
_mbsnbicmp
realloc
_close
__CxxFrameHandler
??3@YAXPAX@Z
??2@YAPAXI@Z
free
malloc
_ftol
wcscpy
wcslen
memmove
_mbscmp
_mbsnbcpy
fclose
fread
fopen
fwrite
_mbsstr
sprintf
_setjmp3
__CxxLongjmpUnwind
longjmp
calloc
printf
fflush
strtod
strtoul
_CIpow
frexp
fseek
strncmp
fprintf
_iob
strncpy
_CxxThrowException
fputc
_exit
sscanf
getenv
exit
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_initterm
_XcptFilter
_acmdln
__getmainargs
__p__commode
__setusermatherr
_adjust_fdiv
__p__fmode

wmvcore

WMCreateSyncReader

mfc42

ord3797
ord4284
ord5277
ord2862
ord6379
ord6334
ord1200
ord3573
ord3693
ord4133
ord4297
ord5788
ord5787
ord640
ord1640
ord323
ord3571
ord2405
ord800
ord537
ord5875
ord5678
ord5789
ord2754
ord2380
ord5736
ord755
ord3089
ord470
ord384
ord686
ord1099
ord535
ord860
ord1574
ord540
ord772
ord3701
ord500
ord1862
ord2566
ord283
ord4220
ord2584
ord3654
ord2438
ord6142
ord4083
ord2863
ord5606
ord2859
ord4129
ord2763
ord4277
ord5683
ord6197
ord858
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord6172
ord5873
ord5794
ord5579
ord5571
ord6061
ord5864
ord3596
ord6194
ord6215
ord2086
ord1175
ord2096
ord2408
ord5860
ord3295
ord6154
ord2530
ord4366
ord4056
ord5471
ord4121
ord2389
ord5086
ord1710
ord1715
ord4407
ord5234
ord6369
ord5279
ord5064
ord5248
ord2444
ord3395
ord3730
ord807
ord2920
ord2012
ord3289
ord2614
ord554
ord4163
ord1644
ord5572
ord2919
ord2567
ord2864
ord941
ord1621
ord2764
ord4202
ord5856
ord536
ord2452
ord2753
ord1195
ord472
ord6146
ord5883
ord1073
ord5440
ord6383
ord5450
ord6394
ord2575
ord3402
ord4396
ord3574
ord609
ord4275
ord2379
ord5053
ord4774
ord5981
ord6270
ord3874
ord613
ord6880
ord289
ord4160
ord5265
ord4376
ord4853
ord4998
ord2514
ord6052
ord1775
ord5785
ord2120
ord3597
ord641
ord324
ord4710
ord4234
ord2578
ord2411
ord2023
ord4218
ord4398
ord3582
ord616
ord541
ord801
ord6143
ord2450
ord5861
ord5651
ord3127
ord3616
ord665
ord5442
ord3318
ord5186
ord350
ord354
ord2818
ord3721
ord809
ord795
ord556
ord1088
ord2122
ord2860
ord6199
ord6358
ord6605
ord2915
ord926
ord6170
ord4287
ord6734
ord3716
ord790
ord4123
ord3766
ord3920
ord2370
ord2302
ord3706
ord2243
ord5781
ord2713
ord1168
ord4224
ord2414
ord936
ord932
ord2116
ord3370
ord3692
ord2582
ord4402
ord3640
ord3610
ord693
ord4243
ord3286
ord6453
ord6907
ord3996
ord6007
ord3301
ord2100
ord6242
ord4299
ord6675
ord2097
ord2089
ord6888
ord6905
ord3092
ord656
ord1924
ord6111
ord3496
ord4400
ord3630
ord682
ord3754
ord3753
ord3811
ord1205
ord1105
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord561
ord6930
ord6928
ord5710
ord6663
ord2621
ord1134
ord4204
ord1979
ord353
ord668
ord924
ord2770
ord356
ord6135
ord2642
ord4694
ord3337
ord3302
ord3742
ord818
ord1233
ord2841
ord2152
ord2107
ord1146
ord4267
ord567
ord3663
ord3626
ord1641
ord4080
ord4424
ord4627
ord3831
ord3079
ord3825
ord3081
ord3830
ord2976
ord3136
ord2985
ord3262
ord3147
ord4465
ord3259
ord2446
ord2982
ord2124
ord5065
ord5261
ord1727
ord2055
ord3749
ord6376
ord4837
ord2648
ord4441
ord4353
ord3798
ord5290
ord2385
ord6374
ord5163
ord1776
ord5241
ord4078
ord6055
ord5280
ord3619
ord4425
ord939
ord940
ord5216
ord1576

msvcrt

abort
_setmbcp

kernel32

InitializeCriticalSection
GetStartupInfoA
Beep
DeleteFileA
HeapFree
DeviceIoControl
CreateDirectoryA
GetTickCount
GetCommandLineA
GetModuleFileNameA
Sleep
MultiByteToWideChar
InterlockedDecrement
SetLastError
GetFileSize
SetFilePointer
InterlockedIncrement
GetLastError
GetFileType
ReadFile
SetEvent
WaitForSingleObject
GetDriveTypeA
lstrcatA
WinExec
CreateEventA
GetWindowsDirectoryA
LoadLibraryA
lstrcpyA
MulDiv
SizeofResource
FreeLibrary
GlobalLock
GlobalUnlock
GlobalAlloc
GlobalFree
CreateFileA
CloseHandle
GetModuleHandleA
WriteFile
lstrcmpiA
FindResourceA
GetProcAddress
LockResource
GetCPInfo
LoadResource
lstrlenA
GetVersion
lstrlenW
EnterCriticalSection
DeleteCriticalSection
GetVersionExA
ExitProcess
HeapAlloc
LeaveCriticalSection
SetThreadPriority
GetProcessHeap

user32

LoadIconA
MoveWindow
LockWindowUpdate
CopyImage
UpdateWindow
GetWindowDC
SetCapture
ReleaseCapture
EqualRect
GetFocus
DefWindowProcA
SetWindowRgn
SetWindowPos
SetForegroundWindow
UnregisterClassA
RegisterWindowMessageA
SetWindowTextA
GetDlgItem
RegisterHotKey
GetSystemMenu
DestroyWindow
CloseWindow
LoadCursorA
BringWindowToTop
GetCursorPos
TranslateMessage
DispatchMessageA
PeekMessageA
CopyIcon
GetMessagePos
ScreenToClient
PtInRect
SetTimer
MessageBeep
KillTimer
SetWindowLongA
RedrawWindow
GetIconInfo
CreateIconIndirect
DrawStateA
FrameRect
MessageBoxA
DrawFocusRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
GetWindowLongA
DestroyCursor
GetSubMenu
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
GetMenuItemID
GetMenuState
GrayStringA
TabbedTextOutA
ModifyMenuA
GetMenuItemCount
AppendMenuA
GetSystemMetrics
GetDesktopWindow
GetDC
DrawTextA
DrawIconEx
DestroyIcon
SystemParametersInfoA
DrawEdge
SetRect
GetMenuItemInfoA
EnableWindow
ReleaseDC
CopyRect
OffsetRect
LoadBitmapA
GetClientRect
SendMessageA
LoadImageA
IsWindow
InvalidateRect
GetSysColor
FillRect
InflateRect
SetWindowPlacement
UnregisterHotKey

gdi32

CreateRoundRectRgn
GetViewportOrgEx
CreatePolygonRgn
FrameRgn
OffsetRgn
SetBkMode
FillRgn
CreateEllipticRgnIndirect
SetPixelV
CreateICA
SelectPalette
RealizePalette
CreateRectRgn
FloodFill
SetPixel
SetViewportOrgEx
ExtCreateRegion
CombineRgn
GetDIBits
CreateBitmap
SetBkColor
SetTextColor
RoundRect
GetStockObject
PatBlt
GetPixel
CreateDIBSection
DeleteDC
Ellipse
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetTextExtentPoint32W
CreateCompatibleBitmap
GetBkMode
GetDeviceCaps
CreateFontIndirectA
GetTextExtentPoint32A
StretchBlt
CreateCompatibleDC
BitBlt
Rectangle
GetObjectA
SetROP2
CreateSolidBrush
SelectObject
DeleteObject
CreatePen
MoveToEx
LineTo

comdlg32

GetOpenFileNameA

advapi32

RegOpenKeyExA
RegQueryValueA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA
ShellExecuteExA
Shell_NotifyIconA

comctl32

_TrackMouseEvent
ImageList_GetIcon
FlatSB_EnableScrollBar
InitializeFlatSB
ImageList_GetImageInfo
ImageList_Draw
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_GetImageCount

ole32

CoTaskMemFree
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
CoCreateInstance

olepro32

ord251

Sections

.text
Size: 496KB - Virtual size: 492KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
whwnmp4change/whwnmtvdecode.dll
.dll windows:4 windows x86 arch:x86

b0a6886e33bdcee4f06096bc8a761499

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
HeapAlloc
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
GetVersion
GetLastError
CloseHandle
WriteFile
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
RtlUnwind
GetProcAddress
SetFilePointer
InterlockedDecrement
InterlockedIncrement
ReadFile
SetStdHandle
GetFileType
SetHandleCount
GetStdHandle
GetStartupInfoA
TerminateProcess
GetCurrentProcess
HeapFree
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
FlushFileBuffers
CreateFileA
GetCPInfo
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetACP
GetOEMCP
LoadLibraryA
SetEndOfFile
GetStringTypeA
GetStringTypeW

Exports

Exports

amv_close
amv_getaudio
amv_getdata
amv_getvideo
amv_init
mtv_close
mtv_getaudio
mtv_getdata
mtv_getpicinfo
mtv_getvideo
mtv_init

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/whwnpcmchange.dll
.dll windows:4 windows x86 arch:x86

60cf4e379582866a5bbc544ef8c844b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord825
ord1253
ord342
ord823
ord1182
ord3663
ord1168

msvcrt

malloc
realloc
floor
free
_ftol
fprintf
_CIpow
ceil
_CIfmod
_except_handler3
?terminate@@YAXXZ
_initterm
_adjust_fdiv

Exports

Exports

??0Cwhwnpcmchange@@QAE@XZ
??1Cwhwnpcmchange@@UAE@XZ
??_7Cwhwnpcmchange@@6B@
?FIxKaiser@Cwhwnpcmchange@@QAENNN@Z
?FNbessI0@Cwhwnpcmchange@@QAENN@Z
?FNgcd@Cwhwnpcmchange@@QAEJJJ@Z
?FNsinc@Cwhwnpcmchange@@QAENN@Z
?MAfAllocMat@Cwhwnpcmchange@@QAEPAPAMHH@Z
?MSiCeil@Cwhwnpcmchange@@QAEHHH@Z
?MSratio@Cwhwnpcmchange@@QAEXNPAJ0NJJ@Z
?RSKaiserLPF@Cwhwnpcmchange@@QAEXPAMHNNNNN@Z
?RSKalphaXD@Cwhwnpcmchange@@QAENN@Z
?RSKalphaXatt@Cwhwnpcmchange@@QAENN@Z
?RSKattenXalpha@Cwhwnpcmchange@@QAENN@Z
?RS_conv@Cwhwnpcmchange@@SAMPBM0H@Z
?RS_parFilt@Cwhwnpcmchange@@QAEXNNPAUFspec_T@@0@Z
?RS_polyphase@Cwhwnpcmchange@@QAEXPBMHHPAUFpoly_T@@@Z
?RSexpTime@Cwhwnpcmchange@@QAEXNJPAUTval_T@@@Z
?RSincTime@Cwhwnpcmchange@@QAEXPAUTval_T@@N@Z
?RSintFilt@Cwhwnpcmchange@@QAEXNNPAUFspec_T@@PAUFpoly_T@@PANPAU_iobuf@@@Z
?RSinterp@Cwhwnpcmchange@@QAEXPBMHPAMHNPBUTval_T@@PBUFpoly_T@@@Z
?RSratio@Cwhwnpcmchange@@QAEXNHPAJPANJJPAU_iobuf@@@Z
?RSrefresh@Cwhwnpcmchange@@QAEHJQAMH@Z
?UTfree@Cwhwnpcmchange@@QAEXPAX@Z
?UTmalloc@Cwhwnpcmchange@@QAEPAXH@Z
?UTrealloc@Cwhwnpcmchange@@QAEPAXPAXH@Z
?VRfShift@Cwhwnpcmchange@@QAEXPAMHH@Z
?bandfilter_data@Cwhwnpcmchange@@QAEHPAEHHH@Z
?high_data@Cwhwnpcmchange@@QAEHPAMHH@Z
?high_filter_data@Cwhwnpcmchange@@QAEHPAEHHH@Z
?highpass_data@Cwhwnpcmchange@@QAEHPAEHHH@Z
?low_data@Cwhwnpcmchange@@QAEHPAMHH@Z
?low_filter_data@Cwhwnpcmchange@@QAEHPAEHHH@Z
?lowpass_data@Cwhwnpcmchange@@QAEHPAEHHH@Z
?pcm_bitchange@Cwhwnpcmchange@@QAEHPAE0HHH@Z
?pcm_change@Cwhwnpcmchange@@QAEHPAEH0H_N@Z
?pcm_chchange@Cwhwnpcmchange@@QAEHPAE0HHHH@Z
?pcm_close@Cwhwnpcmchange@@QAEHXZ
?pcm_combine@Cwhwnpcmchange@@QAEHPAE0HH@Z
?pcm_getch@Cwhwnpcmchange@@QAEHPAE0HHHH@Z
?pcm_init@Cwhwnpcmchange@@QAEHNHHH@Z
?pcm_setbit@Cwhwnpcmchange@@QAEXH@Z
?pcm_setch@Cwhwnpcmchange@@QAEXH@Z
?set_filter@Cwhwnpcmchange@@QAEHHHHHH@Z
?set_high_filter@Cwhwnpcmchange@@QAEHHMHH@Z
?set_low_filter@Cwhwnpcmchange@@QAEHHMHH@Z

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/whwnpicdo.dll
.dll windows:4 windows x86 arch:x86

23a07a2404cc18888973b0ab77c2bc9c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualFree
VirtualAlloc
FreeEnvironmentStringsW
WideCharToMultiByte
LCMapStringW
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
InterlockedExchange
GetProcAddress
GetModuleHandleA
RaiseException
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
LCMapStringA
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
WriteFile
IsBadWritePtr
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW

user32

IntersectRect
SetRectEmpty
IsRectEmpty
SetRect
CopyRect

gdi32

DeleteObject
DeleteDC
SetDIBColorTable
GetDIBColorTable
CreateICA
GetDeviceCaps
CreateDIBSection
GetObjectA
SelectObject
SetStretchBltMode
CreateCompatibleDC
SelectClipRgn
BitBlt

Exports

Exports

WEP
whwnpic_change
whwnpic_close
whwnpic_init

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/whwnsoundmix.dll
.dll windows:4 windows x86 arch:x86

4150835a1f5cea001a2162ec5cb47c33

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord535
ord860
ord1574
ord540
ord772
ord3701
ord1099
ord500
ord1862
ord2566
ord283
ord4220
ord2584
ord3654
ord2438
ord6142
ord4083
ord2863
ord5606
ord4129
ord2763
ord4277
ord5683
ord2567
ord2614
ord858
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord6172
ord5873
ord5794
ord5579
ord5571
ord6061
ord5864
ord3596
ord6194
ord5785
ord1175
ord2096
ord2408
ord5860
ord384
ord686
ord807
ord2920
ord2012
ord2120
ord554
ord4163
ord1644
ord5572
ord2919
ord939
ord940
ord941
ord1621
ord2764
ord4202
ord5856
ord536
ord2452
ord2753
ord1195
ord472
ord5440
ord6383
ord5450
ord6394
ord2575
ord3402
ord4396
ord3574
ord609
ord4275
ord2379
ord5053
ord4774
ord5981
ord6270
ord3874
ord613
ord6880
ord289
ord641
ord324
ord4710
ord4234
ord6143
ord2578
ord2411
ord2023
ord1146
ord4267
ord3582
ord616
ord541
ord801
ord2450
ord2642
ord6135
ord6111
ord5148
ord4224
ord4694
ord5736
ord3089
ord3721
ord809
ord795
ord556
ord1088
ord2122
ord2860
ord6199
ord6358
ord6605
ord2915
ord926
ord2818
ord6170
ord4287
ord6734
ord3716
ord790
ord4123
ord3766
ord3920
ord3302
ord6905
ord3301
ord5216
ord936
ord932
ord2116
ord3370
ord3692
ord2582
ord4402
ord3640
ord3610
ord693
ord4243
ord3286
ord6453
ord3998
ord6907
ord3996
ord6007
ord3573
ord2100
ord6242
ord4299
ord6675
ord2097
ord2089
ord6888
ord1168
ord656
ord2370
ord3706
ord2243
ord2713
ord4400
ord3630
ord682
ord3754
ord3753
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord4622
ord3738
ord561
ord815
ord2725
ord6467
ord3742
ord818
ord1233
ord2841
ord2152
ord2107
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4853
ord4376
ord5265
ord567
ord804
ord3729
ord4424
ord5290
ord4406
ord1776
ord6055
ord2587
ord3619
ord4476
ord470
ord2864
ord2859
ord5781
ord755
ord1641
ord2380
ord2754
ord5789
ord5678
ord5875
ord2405
ord3571
ord323
ord1640
ord640
ord823
ord5787
ord5788
ord4297
ord4133
ord3693
ord1200
ord6334
ord2862
ord4284
ord3797
ord6379
ord6197
ord6785
ord2086
ord6215
ord537
ord800
ord3663
ord2302
ord2414
ord3597
ord3626
ord825
ord4080
ord4425
ord4627
ord3831
ord3079
ord3825
ord3081
ord3830
ord2976
ord3136
ord2985
ord3262
ord3147
ord4465
ord3259
ord2124
ord2982
ord5277
ord1727
ord2446
ord5261
ord6376
ord5065
ord3749
ord4441
ord2055
ord2648
ord5861
ord4837
ord3092
ord4218
ord4398
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord1176
ord1116

msvcrt

fopen
__CxxFrameHandler
malloc
free
_ftol
wcscpy
wcslen
memmove
_mbscmp
_CIpow
_mbsnbcpy
fclose
fread
fwrite
sprintf
rand
_mbsstr
atoi
strtod
strtoul
floor
_CIfmod
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ

kernel32

LocalAlloc
GetModuleFileNameA
lstrcatA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
MulDiv
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
GetModuleHandleA
GetProcAddress
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetCPInfo
lstrlenW
lstrlenA
GetVersion
LocalFree
GetVersionExA

user32

GetMenuState
ModifyMenuA
GetMenuItemCount
GetMenuItemID
AppendMenuA
GetSystemMetrics
GetDesktopWindow
GetDC
DrawTextA
DrawIconEx
DestroyIcon
SystemParametersInfoA
DrawEdge
FrameRect
InflateRect
DestroyCursor
CopyRect
OffsetRect
LoadBitmapA
GetClientRect
SendMessageA
LoadImageA
IsWindow
CreateMenu
CreatePopupMenu
EnableWindow
GetWindowDC
ShowWindow
GetSysColor
GrayStringA
GetSysColorBrush
TabbedTextOutA
GetSubMenu
SetWindowRgn
GetCursorPos
CloseWindow
DestroyWindow
SetForegroundWindow
SetWindowPos
LoadIconA
ReleaseCapture
SetCapture
CopyImage
LockWindowUpdate
UpdateWindow
LoadCursorA
CopyIcon
GetMessagePos
InvalidateRect
FillRect
GetMenuStringA
ScreenToClient
PtInRect
SetTimer
MessageBeep
KillTimer
MoveWindow
SetWindowTextA
GetDlgItem
SetWindowLongA
RedrawWindow
GetIconInfo
CreateIconIndirect
DrawStateA
DrawFocusRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
GetWindowLongA
GetMenuItemInfoA
SetRect
ReleaseDC

gdi32

DeleteObject
LineTo
MoveToEx
SetPixel
SetROP2
CreateFontA
CreatePen
Rectangle
BitBlt
GetObjectA
StretchBlt
GetTextExtentPoint32A
CreateCompatibleDC
GetDeviceCaps
GetBkMode
CreateFontIndirectA
GetTextExtentPoint32W
PtVisible
CreateCompatibleBitmap
TextOutA
ExtTextOutA
RectVisible
Ellipse
DeleteDC
Escape
GetPixel
PatBlt
CreateDIBSection
GetStockObject
RoundRect
SetBkColor
CreateBitmap
GetViewportOrgEx
FloodFill
SetViewportOrgEx
CombineRgn
RealizePalette
SelectPalette
ExtCreateRegion
GetDIBits
CreateICA
SelectObject
CreateRectRgn
OffsetRgn
FrameRgn
FillRgn
CreatePolygonRgn
CreateRoundRectRgn
CreateSolidBrush

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA

shell32

ShellExecuteA
ShellExecuteExA

comctl32

ImageList_GetImageCount
ImageList_Draw
ImageList_GetImageInfo
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
_TrackMouseEvent
FlatSB_EnableScrollBar
InitializeFlatSB

ole32

CreateStreamOnHGlobal

olepro32

ord251

Exports

Exports

whwnmix_begin
whwnmix_change
whwnmix_close
whwnmix_datarefresh
whwnmix_get
whwnmix_get_dispstatus
whwnmix_init
whwnmix_set
whwnmix_set_dispmode
whwnmix_set_mainwnd
whwnmix_setdisp
whwnmix_setecho
whwnmix_setiir
whwnmix_setlevel

Sections

.text
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 989KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/whwnvideochange.dll
.dll windows:4 windows x86 arch:x86

bdf50472214a9c06f8ace214c91532d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord5277
ord2982
ord3147
ord2124
ord3259
ord3136
ord3262
ord2985
ord3081
ord2976
ord4465
ord3830
ord3825
ord3079
ord4080
ord4627
ord4424
ord807
ord2920
ord2012
ord2120
ord3831
ord4163
ord1644
ord554
ord5572
ord2915
ord939
ord940
ord941
ord5787
ord4133
ord4297
ord1621
ord537
ord2764
ord4202
ord5856
ord536
ord2452
ord2753
ord1195
ord472
ord5440
ord6383
ord5450
ord1146
ord2575
ord4396
ord5241
ord6374
ord6394
ord5065
ord5261
ord2446
ord3402
ord3574
ord809
ord609
ord556
ord567
ord4275
ord4284
ord2379
ord5053
ord4774
ord5981
ord6270
ord3874
ord283
ord613
ord6880
ord289
ord2122
ord6358
ord1088
ord5265
ord4376
ord4853
ord4998
ord2514
ord6052
ord1775
ord5280
ord4425
ord3597
ord2582
ord4402
ord3370
ord3640
ord641
ord324
ord693
ord2302
ord6007
ord2862
ord3996
ord1168
ord4710
ord5290
ord5794
ord6905
ord3998
ord3301
ord6215
ord6199
ord6135
ord6111
ord4694
ord3089
ord1727
ord2023
ord4218
ord2578
ord4398
ord3582
ord616
ord4224
ord755
ord470
ord2370
ord6334
ord293
ord3019
ord361
ord3721
ord795
ord2860
ord3797
ord2754
ord6197
ord6605
ord1200
ord926
ord2818
ord6170
ord4287
ord6734
ord3716
ord790
ord4123
ord2380
ord3766
ord2566
ord3920
ord2587
ord4406
ord3394
ord3729
ord804
ord4267
ord6379
ord2086
ord3706
ord2243
ord5781
ord2713
ord4274
ord6375
ord384
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord4622
ord3738
ord561
ord815
ord6467
ord4220
ord1862
ord825
ord500
ord3701
ord772
ord540
ord1574
ord860
ord535
ord800
ord1099
ord686
ord5860
ord2408
ord2096
ord1175
ord2864
ord2405
ord5785
ord323
ord1640
ord6194
ord640
ord3619
ord3596
ord5864
ord6061
ord5571
ord5579
ord5736
ord5678
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord4353
ord5163
ord2385
ord4407
ord1776
ord4078
ord6055
ord2642
ord2411
ord5789
ord5873
ord6172
ord6021
ord6189
ord4330
ord6186
ord5756
ord6192
ord5759
ord2971
ord1641
ord858
ord2614
ord5788
ord2567
ord2414
ord5683
ord4277
ord2763
ord4129
ord5875
ord3626
ord3693
ord3573
ord3571
ord2859
ord5606
ord2863
ord4083
ord6142
ord823
ord2438
ord3663
ord3654
ord2584
ord6907
ord3302
ord4234
ord4486
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord1577
ord1575
ord1176
ord1116

msvcrt

free
malloc
__CxxFrameHandler
wcscpy
wcslen
_ftol
memmove
_mbscmp
_mbsnbcpy
atoi
sprintf
fclose
fread
fopen
rand
strncmp
_mbsstr
_setjmp3
__CxxLongjmpUnwind
longjmp
sscanf
getenv
_EH_prolog
__dllonexit
_onexit
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ

kernel32

LocalFree
lstrcatA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
MulDiv
SizeofResource
InterlockedExchange
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetCPInfo
lstrlenW
lstrlenA
GetVersion
LocalAlloc
GetVersionExA

user32

GetMenuState
ModifyMenuA
GetMenuItemCount
GetMenuItemID
AppendMenuA
GetSystemMetrics
GetDesktopWindow
GetDC
DrawStateA
GetClientRect
MessageBeep
KillTimer
SystemParametersInfoA
GetSysColor
CopyRect
FillRect
DrawEdge
SetRect
GetMenuItemInfoA
LoadBitmapA
TabbedTextOutA
GrayStringA
CreateMenu
CreatePopupMenu
GetSubMenu
EnableWindow
DestroyCursor
GetWindowLongA
GetMenuStringA
IsMenu
GetNextDlgTabItem
GetParent
SetCursor
CloseWindow
DestroyWindow
SetForegroundWindow
SetWindowPos
CopyImage
LoadIconA
LoadImageA
GetSysColorBrush
RedrawWindow
UpdateWindow
MessageBoxA
CopyIcon
IsWindow
GetMessagePos
ScreenToClient
PtInRect
GetIconInfo
CreateIconIndirect
SendMessageA
IntersectRect
IsRectEmpty
SetRectEmpty
GetWindowDC
SetWindowPlacement
ShowWindow
LoadCursorA
GetDlgItem
SetTimer
SetWindowLongA
DrawIconEx
InvalidateRect
FrameRect
InflateRect
OffsetRect
DrawFocusRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
ReleaseDC
DrawTextA
DestroyIcon

gdi32

GetDeviceCaps
CreatePen
CreateSolidBrush
CreateFontIndirectA
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
GetTextExtentPoint32W
GetTextExtentPoint32A
Ellipse
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
PtVisible
RectVisible
SetPixel
GetPixel
GetObjectA
TextOutA
ExtTextOutA
PatBlt
Escape
Rectangle
GetStockObject
SetBkColor
CreateBitmap
SetROP2
LineTo
MoveToEx
CreateDIBitmap
GetDIBits
CombineRgn
ExtCreateRegion
SetStretchBltMode
SelectClipRgn
CreateRectRgn
GetBkMode
SetViewportOrgEx
GetViewportOrgEx
FloodFill
RoundRect
CreateICA
GetDIBColorTable
SetDIBColorTable

comdlg32

GetOpenFileNameA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA

shell32

ShellExecuteA
ShellExecuteExA

comctl32

ImageList_Draw
ImageList_GetImageCount
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
_TrackMouseEvent

ole32

CreateStreamOnHGlobal

olepro32

ord251

msvcirt

?seekg@istream@@QAEAAV1@JW4seek_dir@ios@@@Z
?seekg@istream@@QAEAAV1@J@Z
?openprot@filebuf@@2HB
?open@ifstream@@QAEXPBDHH@Z
?read@istream@@QAEAAV1@PADH@Z
?tellg@istream@@QAEJXZ
?close@ifstream@@QAEXXZ
??1ifstream@@UAE@XZ
??1ios@@UAE@XZ
??_Difstream@@QAEXXZ
??0ifstream@@QAE@XZ

Exports

Exports

whwnvideo_begin
whwnvideo_change
whwnvideo_close
whwnvideo_getpicflag
whwnvideo_getpicvalid
whwnvideo_gettextflag
whwnvideo_gettextvalid
whwnvideo_init
whwnvideo_picture
whwnvideo_setdisp
whwnvideo_text

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/whwnx264decode.dll
.dll windows:4 windows x86 arch:x86

3ab2c99ab8d1e4deec6cda8c0b4e1090

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileType
HeapReAlloc
HeapFree
GetModuleFileNameA
InterlockedDecrement
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetLastError
WriteFile
GetStdHandle
GetProcAddress
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
InitializeCriticalSection
DeleteCriticalSection
RtlUnwind
LoadLibraryA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetHandleCount
HeapAlloc
GetStartupInfoA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
FlushFileBuffers
GetCPInfo
GetStringTypeA
GetStringTypeW
SetFilePointer
GetACP
GetOEMCP
ReadFile
SetStdHandle
CloseHandle

Exports

Exports

whwn264decode_close
whwn264decode_decode
whwn264decode_decodeyuv
whwn264decode_init

Sections

.text
Size: 304KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/whwnx264encode.dll
.dll windows:4 windows x86 arch:x86

b8751c358987009055b0d1b5f0ff9785

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetEnvironmentStrings
HeapAlloc
GetCommandLineA
GetVersion
GetModuleFileNameA
GetLastError
MoveFileA
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
HeapFree
GetEnvironmentStringsW
DisableThreadLibraryCalls
WriteFile
GetProcAddress
CloseHandle
ReadFile
SetFilePointer
LoadLibraryA
RaiseException
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
FlushFileBuffers
SetStdHandle
CreateFileA
LCMapStringA
LCMapStringW
RtlUnwind
SetEndOfFile
DeleteFileA

Exports

Exports

whwn264encode_close
whwn264encode_encode
whwn264encode_encodeavi
whwn264encode_getpps
whwn264encode_getsps
whwn264encode_getx264
whwn264encode_init

Sections

.text
Size: 328KB - Virtual size: 327KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/xvidcore.dll
.dll windows:4 windows x86 arch:x86

7660318574e59284a0dd0ac1f0abf57c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeEnvironmentStringsA
HeapAlloc
HeapReAlloc
RtlUnwind
GetCommandLineA
GetVersion
GetProcAddress
GetModuleHandleA
EnterCriticalSection
LeaveCriticalSection
GetLastError
CloseHandle
WriteFile
InitializeCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
ExitProcess
VirtualAlloc
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
HeapFree
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
SetFilePointer
SetStdHandle
FlushFileBuffers
CreateFileA
ReadFile
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetEndOfFile

Exports

Exports

xvid_decore
xvid_encore
xvid_global
xvid_plugin_2pass1
xvid_plugin_2pass2
xvid_plugin_dump
xvid_plugin_lumimasking
xvid_plugin_psnr
xvid_plugin_single

Sections

.text
Size: 432KB - Virtual size: 431KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 474KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whwnmp4change/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

758f4745f1597b57f518e37f66808aa1

Headers

File Characteristics

Imports

msvcrtd

kernel32

gdi32

user32

Sections

.text Size: 680KB - Virtual size: 677KB

.rdata Size: 132KB - Virtual size: 130KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 32KB - Virtual size: 29KB

.reloc Size: 52KB - Virtual size: 49KB

265cd32afd4d72991a91eb9bf6c51bae

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 340KB - Virtual size: 338KB

.rdata Size: 36KB - Virtual size: 33KB

.data Size: 24KB - Virtual size: 28KB

.rsrc Size: 4KB - Virtual size: 936B

.reloc Size: 16KB - Virtual size: 15KB

ff5f2261d98de1cfa422c92db550f5d2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 52KB - Virtual size: 50KB

.data Size: 24KB - Virtual size: 37KB

.rsrc Size: 4KB - Virtual size: 928B

.reloc Size: 28KB - Virtual size: 26KB

7f54fbd6c699bd468624d69053eae4cb

Headers

File Characteristics

Imports

kernel32

msvcrt

ole32

Exports

Exports

Sections

.text Size: 201KB - Virtual size: 200KB

.data Size: 1024B - Virtual size: 844B

.rsrc Size: 1024B - Virtual size: 1000B

.reloc Size: 9KB - Virtual size: 8KB

6f3c714b8cb3ad114b9e28d99535c21e

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9dCertificate

Extended Key Usages

Key Usages

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6Certificate

Extended Key Usages

Key Usages

61:07:11:43:00:00:00:00:00:34Certificate

Extended Key Usages

.text
Size: 680KB - Virtual size: 677KB

.rdata
Size: 132KB - Virtual size: 130KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 32KB - Virtual size: 29KB

.reloc
Size: 52KB - Virtual size: 49KB

.text
Size: 340KB - Virtual size: 338KB

.rdata
Size: 36KB - Virtual size: 33KB

.data
Size: 24KB - Virtual size: 28KB

.rsrc
Size: 4KB - Virtual size: 936B

.reloc
Size: 16KB - Virtual size: 15KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 24KB - Virtual size: 37KB

.rsrc
Size: 4KB - Virtual size: 928B

.reloc
Size: 28KB - Virtual size: 26KB

.text
Size: 201KB - Virtual size: 200KB

.data
Size: 1024B - Virtual size: 844B

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 9KB - Virtual size: 8KB

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

61:07:11:43:00:00:00:00:00:34
Certificate

.text
Size: 1.6MB - Virtual size: 1.6MB

.data
Size: 24KB - Virtual size: 54KB

.rsrc
Size: 312KB - Virtual size: 310KB

.reloc
Size: 48KB - Virtual size: 47KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 1.1MB

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 11KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 36KB - Virtual size: 346KB

.reloc
Size: 8KB - Virtual size: 6KB

.text
Size: 44KB - Virtual size: 40KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 13KB

.reloc
Size: 8KB - Virtual size: 4KB