72bf4f3b22ab6c252664e406a9c0bd0e

Sharing

Copy URL Twitter E-mail

General

Target

72bf4f3b22ab6c252664e406a9c0bd0e
Size

7.0MB
MD5

72bf4f3b22ab6c252664e406a9c0bd0e
SHA1

aebcc55db6016b4fce9561b554c8e5393b3fd480
SHA256

2cb8244faed7314546ce341b8f853ba1eeb2d12937415de447e8c279af6a22d5
SHA512

cef13199b7227c8c42ac38b6ff9df47126866af19d5548cbd750639d446a188f13bee65648a1f717bd569306f19c7c5893ddc8f54c53c627ea4b9f05ac0932d7
SSDEEP

196608:QAddTznItoSL2gfl/C3gf6qXCQO53SpT0n4Ycj74dNdV1:QsdnnsZ61oCXMU1

Score

3^/10

Malware Config

Signatures

Unsigned PE 10 IoCs

Checks for missing Authenticode signature.

resource
unpack001/货单票据打印助手/ProcBar.ocx
unpack001/货单票据打印助手/Updata.exe
unpack001/货单票据打印助手/hmButton.ocx
unpack001/货单票据打印助手/kernel32.dll
unpack001/货单票据打印助手/netsh.exe
unpack001/货单票据打印助手/shdocvw.dll
unpack001/货单票据打印助手/shell32.dll
unpack001/货单票据打印助手/user32.dll
unpack001/货单票据打印助手/开启服务.exe
unpack001/货单票据打印助手/货单票据打印助手.exe

Files

72bf4f3b22ab6c252664e406a9c0bd0e
.rar
点此安装.bat
货单票据打印助手/A-Jin软件官方网站.url
.url
货单票据打印助手/COMCTL32.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

c8cebbf034d8c6304701e5ec3fae70a4

Code Sign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

ImageList_SetOverlayImage
ImageList_DrawEx
ImageList_GetIconSize
ImageList_SetBkColor
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Add
ImageList_AddMasked
ord16
ord17
ImageList_Draw
ImageList_Create
ImageList_Destroy
ImageList_Remove

kernel32

lstrcmpA
GetProcAddress
GlobalSize
CloseHandle
GetFileSize
ReadFile
lstrcmpiA
IsDBCSLeadByte
lstrcmpiW
LockResource
FindResourceA
LoadResource
GetWindowsDirectoryA
GetLastError
GetLocaleInfoA
OpenFile
MultiByteToWideChar
lstrcatA
DisableThreadLibraryCalls
GetVersion
GetProcessHeap
GetDateFormatA
GetLocalTime
GetTimeFormatA
GetModuleFileNameA
GetCurrentThreadId
LoadLibraryA
GlobalUnlock
GlobalAlloc
GlobalLock
CompareStringA
GlobalFree
GetVersionExA
lstrlenA
lstrcpyA
IsBadReadPtr
HeapReAlloc
lstrcpynA
IsBadWritePtr
InterlockedDecrement
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
InterlockedIncrement
HeapAlloc
lstrlenW
LeaveCriticalSection
EnterCriticalSection

user32

IsWindowVisible
EndPaint
BeginPaint
MoveWindow
CharUpperA
IntersectRect
MessageBeep
SetCursor
EndDialog
RedrawWindow
GetMessagePos
CreateAcceleratorTableA
VkKeyScanA
PeekMessageA
PeekMessageW
SetWindowRgn
RegisterWindowMessageA
RegisterClipboardFormatA
SetCursorPos
OffsetRect
EqualRect
IsChild
GetWindowTextA
SetCapture
GetCursorPos
ScreenToClient
PostMessageA
DrawEdge
GetSysColor
wsprintfA
FillRect
InflateRect
DrawTextA
GetWindowRect
MapVirtualKeyA
DestroyWindow
CreateWindowExA
GetSysColorBrush
GetParent
GetAsyncKeyState
SetWindowLongA
TranslateMessage
DispatchMessageA
IsWindowEnabled
GetActiveWindow
CreateDialogIndirectParamA
IsDialogMessageA
GetNextDlgTabItem
GetWindow
CharNextA
SetParent
InvalidateRect
UpdateWindow
UnregisterClassA
MessageBoxA
SetWindowsHookExA
SetTimer
KillTimer
CheckRadioButton
CallNextHookEx
SetActiveWindow
DestroyIcon
SetFocus
DrawIcon
UnionRect
DialogBoxParamA
PtInRect
LoadCursorA
GetWindowDC
SetRect
IsRectEmpty
GetDC
ReleaseDC
GetClipboardFormatNameA
ClientToScreen
PostMessageW
FrameRect
GetClientRect
CallWindowProcA
GetKeyState
GetCapture
ReleaseCapture
GetClassInfoA
RegisterClassA
LoadIconA
GetSystemMetrics
CopyImage
MapDialogRect
GetWindowLongA
SetWindowPos
GetFocus
EnableWindow
GetDlgItemTextA
SetDlgItemTextA
GetDlgItem
SetDlgItemInt
GetDlgItemInt
IsDlgButtonChecked
SendDlgItemMessageA
CheckDlgButton
LoadStringA
DefWindowProcA
SendMessageA
ShowWindow
WinHelpA
UnhookWindowsHookEx

ole32

CreateStreamOnHGlobal
RevokeDragDrop
CreateOleAdviseHolder
RegisterDragDrop
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
DoDragDrop
ReleaseStgMedium
OleLoadFromStream
OleSaveToStream

advapi32

RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueA
RegEnumKeyExA
RegCloseKey

oleaut32

SafeArrayPutElement
SafeArrayGetElement
SafeArrayRedim
SafeArrayGetUBound
SafeArrayCreate
SafeArrayGetLBound
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayAccessData
VariantCopy
GetErrorInfo
OleCreateFontIndirect
CreateErrorInfo
SetErrorInfo
OleCreatePropertyFrame
LoadTypeLibEx
UnRegisterTypeLi
LoadRegTypeLi
RegisterTypeLi
OleLoadPicture
LoadTypeLi
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
OleCreatePictureIndirect
VariantCopyInd
OleTranslateColor
VariantChangeType
SysFreeString
SysStringLen
VariantClear
SysAllocString
VariantInit
SafeArrayCopy

comdlg32

GetOpenFileNameA

gdi32

GetNearestColor
CreatePalette
LPtoDP
GetWindowExtEx
GetBitmapBits
TextOutA
CreateDIBitmap
RealizePalette
GetViewportExtEx
SelectPalette
GetPaletteEntries
GetDIBits
CopyEnhMetaFileA
CreateICA
CopyMetaFileA
StretchBlt
Rectangle
GetObjectA
SetBkColor
CreateDCA
CreateRectRgn
SetViewportOrgEx
SetWindowOrgEx
DeleteObject
SetWindowExtEx
SetMapMode
SetViewportExtEx
CreateSolidBrush
GetDeviceCaps
SelectObject
ExcludeClipRect
GetClipRgn
SelectClipRgn
GetClipBox
DeleteDC
CreateRectRgnIndirect
CreateCompatibleDC
PatBlt
CreateCompatibleBitmap
SetBkMode
SetTextColor
CreateBitmap
GetStockObject
GetTextExtentPoint32A

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
货单票据打印助手/Flash9f.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

c78b62c1feda53e018e3bc7fa4a262b7

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4b:ea:81:7c:ba:c7:c3:8a:ba:72:e7:be:6f:00:de:6d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

07/11/2007, 00:00

Not After

10/12/2008, 23:59

Subject

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Information Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

cd:3e:63:1e:88:3a:7b:1c:fc:62:9b:7e:d0:38:04:ff:10:cc:60:5e
Signer

Actual PE Digest

cd:3e:63:1e:88:3a:7b:1c:fc:62:9b:7e:d0:38:04:ff:10:cc:60:5e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

waveOutClose
waveOutReset
timeKillEvent
waveOutGetPosition
waveOutOpen
waveOutPrepareHeader
waveInGetDevCapsA
waveOutGetNumDevs
waveInGetNumDevs
waveInStart
waveInAddBuffer
waveInStop
timeSetEvent
waveOutGetDevCapsA
waveOutUnprepareHeader
timeEndPeriod
timeBeginPeriod
timeGetDevCaps
timeGetTime
waveOutWrite
waveInPrepareHeader
waveInOpen
waveInReset
waveInUnprepareHeader
waveInClose

wininet

HttpQueryInfoA
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
InternetCloseHandle

crypt32

CryptVerifyMessageSignature
CryptGetMessageCertificates
CertCreateCertificateContext
CertFindCertificateInStore
CertVerifySubjectCertificateContext
CertFreeCertificateContext
CertCloseStore

rpcrt4

UuidToStringA
RpcStringFreeA

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VariantInit
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayCreateVector
SafeArrayLock
SafeArrayUnlock
VarBstrCat
SysAllocStringByteLen
OleCreatePropertyFrame
SysStringLen
LoadRegTypeLi
VarUI4FromStr
VariantChangeType
SysStringByteLen
VariantClear

kernel32

GetLastError
FlushInstructionCache
GetCurrentProcess
lstrcmpiA
LocalFree
LocalAlloc
SetFileAttributesA
GetFileAttributesA
CreateMutexA
CloseHandle
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GlobalUnlock
GlobalLock
MulDiv
InterlockedIncrement
InterlockedDecrement
lstrcpynA
lstrcpyA
lstrcatA
GetCurrentThreadId
OutputDebugStringA
DisableThreadLibraryCalls
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
SetErrorMode
GetTickCount
LCMapStringA
LCMapStringW
lstrlenW
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
QueryPerformanceCounter
QueryPerformanceFrequency
SetThreadPriority
CreateWaitableTimerA
WaitForSingleObject
SetWaitableTimer
CreateThread
GetTempFileNameW
GetSystemDefaultLangID
DeleteFileA
CreateFileA
MoveFileA
VirtualQuery
GetSystemInfo
GetUserDefaultLangID
ExitThread
GetFileAttributesW
WriteFile
SetFilePointer
LockResource
FindResourceExA
FindResourceExW
SetUnhandledExceptionFilter
GetTempPathA
GetCurrentProcessId
FindClose
FindNextFileA
FindFirstFileA
GetTimeZoneInformation
GetSystemTime
SystemTimeToFileTime
CreateDirectoryA
ReadFile
GetCurrentDirectoryA
GetTempFileNameA
GetSystemDirectoryA
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
GetFileSize
SetCurrentDirectoryA
GetFileAttributesExA
RemoveDirectoryA
UnmapViewOfFile
ReleaseMutex
MapViewOfFile
CreateFileMappingA
TerminateThread
IsDBCSLeadByteEx
GetProcessTimes
CreateEventA
SetEvent
ResetEvent
WaitForMultipleObjects
ReleaseSemaphore
CreateSemaphoreA
GetThreadPriority
WideCharToMultiByte
lstrlenA
GlobalAlloc
GlobalFree
GetCurrentThread
SetThreadAffinityMask
IsDBCSLeadByte
GetCPInfo
MultiByteToWideChar
InterlockedCompareExchange
Sleep
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
VirtualProtect
HeapReAlloc
GetCommandLineA
ExitProcess
GetACP
InterlockedExchange
RtlUnwind
HeapDestroy
HeapCreate
TerminateProcess
HeapSize
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetOEMCP
SetStdHandle
FlushFileBuffers
CreateProcessA

user32

EmptyClipboard
PostThreadMessageA
GetQueueStatus
MsgWaitForMultipleObjects
RegisterWindowMessageA
SetClipboardData
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
RegisterClipboardFormatA
PeekMessageA
WaitForInputIdle
GetForegroundWindow
TranslateMessage
DispatchMessageA
DialogBoxParamW
DialogBoxParamA
DialogBoxIndirectParamW
DialogBoxIndirectParamA
EndDialog
GetWindowRect
GetDesktopWindow
LoadIconA
SendMessageA
GetDlgItem
SetWindowTextA
GetMenuItemCount
GetMenuItemInfoA
InsertMenuItemA
MonitorFromWindow
GetParent
IsChild
PtInRect
SystemParametersInfoA
GetMenuItemID
DeleteMenu
TrackPopupMenu
KillTimer
SetTimer
UpdateWindow
RegisterClassA
MapVirtualKeyA
GetKeyState
GetFocus
ReleaseCapture
GetSystemMetrics
EnumDisplaySettingsA
GetCapture
WindowFromPoint
GetCursorPos
ScreenToClient
MessageBoxA
ClientToScreen
LoadMenuA
GetSubMenu
DestroyMenu
SetCursor
IsWindow
DestroyWindow
FillRect
EnableMenuItem
CheckMenuItem
LoadStringA
SetCapture
SetFocus
GetWindowInfo
CopyRect
SendInput
GetKeyboardLayout
RegisterClassExA
LoadCursorA
wsprintfA
CreateWindowExA
ShowWindow
GetClassInfoExA
InvalidateRect
CallWindowProcA
GetWindowLongA
DefWindowProcA
BeginPaint
GetClientRect
EndPaint
GetDC
ReleaseDC
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
UnionRect
SetWindowLongA
CharNextA
GetTopWindow
GetDoubleClickTime
EnumWindows
PostMessageA
IsWindowEnabled
GetClassNameA
GetWindowTextW
GetWindowTextA
UnregisterClassA
GetWindow

gdi32

ExtTextOutW
SetTextColor
GetClipRgn
CreateRectRgn
GetTextAlign
GetBkMode
GetTextColor
GetBkColor
SetTextCharacterExtra
CreatePen
DPtoLP
GetTextExtentPoint32W
GetCurrentObject
GetTextExtentPoint32A
CreatePalette
StartDocA
EndDoc
StrokePath
ExtCreatePen
SelectClipRgn
IntersectClipRect
SetBkMode
EnumFontFamiliesA
GetTextMetricsA
CreateFontIndirectA
CreateCompatibleBitmap
GetDIBits
EndPage
BeginPath
EndPath
SetPolyFillMode
MoveToEx
LineTo
PolyBezierTo
SelectClipPath
SaveDC
RestoreDC
TextOutA
SetTextAlign
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
SetWindowOrgEx
CreateMetaFileA
GetDeviceCaps
GetObjectA
DeleteObject
CreateSolidBrush
Rectangle
SelectObject
GetStockObject
StretchDIBits
FillPath
GetObjectType
CreateDIBSection
GetStretchBltMode
SetStretchBltMode
StretchBlt
SetBkColor
ExtTextOutA
RealizePalette
GdiFlush
GetPixel
SelectPalette
StartPage
GetSystemPaletteEntries
GetClipBox
BitBlt
LPtoDP
SetViewportOrgEx
CreateDCA
DeleteDC
CreateCompatibleDC

comdlg32

PrintDlgA
GetSaveFileNameA
CommDlgExtendedError
GetOpenFileNameA

advapi32

RegCreateKeyA
RegEnumKeyExA
RegQueryValueExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHAppBarMessage
SHBrowseForFolderA

ole32

OleRegGetUserType
CreateOleAdviseHolder
CoTaskMemRealloc
OleRegEnumVerbs
CreateBindCtx
CoTaskMemAlloc
CoFreeUnusedLibraries
CoInitialize
CoUninitialize
CoRegisterMessageFilter
OleSaveToStream
WriteClassStm
OleLoadFromStream
StringFromGUID2
CoCreateInstance
CreateDataAdviseHolder
OleRegGetMiscStatus
CoTaskMemFree

shlwapi

PathFindExtensionA
SHDeleteKeyA

urlmon

HlinkSimpleNavigateToMoniker
RegisterBindStatusCallback
CreateURLMoniker

ws2_32

getservbyname
htons
gethostbyaddr
ntohs
getservbyport
WSASetLastError
getsockname
setsockopt
connect
recvfrom
sendto
WSAAddressToStringA
gethostname
select
ioctlsocket
ntohl
htonl
inet_ntoa
gethostbyname
send
recv
WSAStartup
WSASocketA
socket
WSAAsyncSelect
WSAIoctl
WSAGetLastError
closesocket
WSACleanup
inet_addr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
pcre_callout
pcre_compile
pcre_compile2
pcre_exec
pcre_free
pcre_fullinfo
pcre_malloc
pcre_stack_free
pcre_stack_malloc

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 196KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
货单票据打印助手/MSINET.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

d940cf5b3d0dfb340396c0608ef1a0c5

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:0e:7d:a7:00:00:00:00:00:48
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/10/2003, 05:59

Not After

25/01/2005, 06:09

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

8a:cb:1c:af:c1:a1:9a:a8:ba:91:ac:e1:6b:ab:e7:b6:18:25:e9:91
Signer

Actual PE Digest

8a:cb:1c:af:c1:a1:9a:a8:ba:91:ac:e1:6b:ab:e7:b6:18:25:e9:91

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

wininet

FtpSetCurrentDirectoryA
FtpCreateDirectoryA
InternetCrackUrlA
InternetSetOptionA
InternetCreateUrlA
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetFindNextFileA
FtpDeleteFileA
FtpGetFileA
FtpPutFileA
FtpRenameFileA
InternetReadFile
InternetConnectA
FtpGetCurrentDirectoryA
FtpRemoveDirectoryA
FtpFindFirstFileA
HttpQueryInfoA
HttpOpenRequestA
HttpSendRequestA
InternetOpenUrlA

kernel32

LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
GetProcessHeap
CloseHandle
LocalFree
FormatMessageA
SetEvent
CreateEventA
GetLastError
MultiByteToWideChar
lstrcatA
lstrcpyA
lstrlenA
ResetEvent
SetLastError
lstrcpynA
WaitForSingleObject
WaitForMultipleObjects
GetTickCount
IsBadWritePtr
DisableThreadLibraryCalls
GetVersion
GetProcAddress
GetFileAttributesA
GetModuleFileNameA
GetWindowsDirectoryA
LoadLibraryA
GetLocaleInfoA
InterlockedIncrement
InterlockedDecrement
HeapReAlloc
lstrcmpiA
LockResource
LoadResource
FindResourceA
lstrcmpA

user32

SetDlgItemInt
SendDlgItemMessageA
GetMessageA
PostQuitMessage
GetDlgItemInt
GetDlgItemTextA
SendMessageA
ReleaseDC
GetDC
CharNextA
SetDlgItemTextA
SetWindowPos
SetWindowLongA
SetParent
EndPaint
GetClientRect
BeginPaint
GetWindowLongA
SetFocus
GetDlgItem
MoveWindow
GetWindow
GetActiveWindow
IsWindowVisible
TranslateMessage
GetParent
OffsetRect
EqualRect
DispatchMessageA
GetWindowThreadProcessId
ShowWindow
PtInRect
WinHelpA
IsDialogMessageA
GetNextDlgTabItem
IsWindowEnabled
IsChild
GetKeyState
CreateDialogIndirectParamA
MessageBoxA
MessageBeep
SetTimer
PeekMessageA
MsgWaitForMultipleObjects
PostMessageA
ClientToScreen
GetWindowRect
CreateWindowExA
EndDialog
LoadIconA
DrawEdge
DrawIcon
LoadCursorA
RegisterClassA
DestroyIcon
KillTimer
DestroyWindow
GetSystemMetrics
LoadStringA
wsprintfA
DialogBoxParamA
IntersectRect
SetWindowRgn
DefWindowProcA
PostThreadMessageA
UnregisterClassA

ole32

CoUninitialize
CoTaskMemAlloc
CoInitialize
CoTaskMemFree
CoCreateInstance
CreateOleAdviseHolder

advapi32

RegEnumKeyExA
RegQueryValueExA
RegQueryValueA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA

oleaut32

OleCreatePropertyFrame
RegisterTypeLi
LoadTypeLi
UnRegisterTypeLi
LoadTypeLibEx
SafeArrayCreate
SetErrorInfo
CreateErrorInfo
GetErrorInfo
LoadRegTypeLi
SysStringLen
SysAllocStringLen
SysFreeString
VariantInit
VariantClear
VariantChangeType
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
VariantChangeTypeEx
SysAllocString

gdi32

GetWindowExtEx
SetViewportOrgEx
LPtoDP
DeleteDC
SetWindowExtEx
SetMapMode
SetViewportExtEx
GetViewportExtEx
SetWindowOrgEx
CreateDCA
GetDeviceCaps
CreateRectRgnIndirect

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
货单票据打印助手/OldUpdataFile.dat
货单票据打印助手/ProcBar.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

b81dedb13ed6157677dc6c9c12fd258c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm50

_CIcos
_adj_fptan
__vbaStrI4
__vbaFreeVar
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaObjSet
ord595
_adj_fdiv_m16i
_adj_fdivr_m16i
__vbaBoolVar
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaI2I4
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord101
ord102
__vbaI4Var
ord103
ord104
ord105
__vbaVarDup
__vbaFpI4
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
货单票据打印助手/Updata.exe
.exe windows:4 windows x86 arch:x86

4646facc5c2f80058b73f97007fbf8d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarTstGt
__vbaVarSub
__vbaNextEachAry
_CIcos
_adj_fptan
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaAryMove
__vbaLateIdCall
__vbaStrVarMove
__vbaLenBstr
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
ord518
__vbaRecAnsiToUni
ord519
__vbaStrCat
__vbaLsetFixstr
__vbaSetSystemError
__vbaHresultCheckObj
__vbaNameFile
__vbaLenVar
_adj_fdiv_m32
__vbaAryVar
__vbaAryDestruct
__vbaVarForInit
ord301
__vbaOnError
__vbaObjSet
ord595
_adj_fdiv_m16i
ord303
__vbaObjSetAddref
_adj_fdivr_m16i
ord304
__vbaVarIndexLoad
ord598
__vbaStrFixstr
ord520
ord307
ord309
__vbaBoolVarNull
__vbaRefVarAry
__vbaVarTstLt
__vbaVargVar
_CIsin
ord709
__vbaVarCmpGt
__vbaVargVarMove
__vbaChkstk
ord526
__vbaFileClose
EVENT_SINK_AddRef
__vbaStrCmp
ord529
__vbaVarTstEq
__vbaPutOwner3
__vbaI2I4
__vbaObjVar
DllFunctionCall
__vbaStrR4
_adj_fpatan
__vbaLateIdCallLd
__vbaRecUniToAnsi
EVENT_SINK_Release
ord600
_CIsqrt
ord310
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord312
ord711
__vbaStrToUnicode
ord712
_adj_fprem
_adj_fdivr_m64
__vbaVarDiv
ord608
ord716
ord531
__vbaFPException
__vbaInStrVar
__vbaStrVarVal
__vbaUbound
__vbaVarCat
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaVarLateMemCallLdRf
__vbaNew2
__vbaVar2Vec
__vbaVarInt
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
__vbaFreeStrList
ord576
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaVarTstNe
__vbaVarSetVar
__vbaI4Var
__vbaVarCmpEq
__vbaForEachAry
__vbaVarAdd
__vbaLateMemCall
__vbaStrToAnsi
__vbaVarDup
__vbaVarTstGe
__vbaFpI4
__vbaVarLateMemCallLd
__vbaVarCopy
__vbaVarSetObjAddref
ord617
_CIatan
__vbaStrMove
__vbaAryCopy
__vbaStrVarCopy
ord619
_allmul
__vbaLateIdSt
_CItan
ord546
__vbaFPInt
__vbaAryUnlock
__vbaVarForNext
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
货单票据打印助手/UpdataFile.dat
货单票据打印助手/hmButton.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

dd1aacce9eb180f01e477e0373903d1e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaStrI4
__vbaVarVargNofree
__vbaFreeVar
__vbaLenBstr
__vbaStrVarMove
__vbaAptOffset
__vbaFreeVarList
_adj_fdiv_m64
__vbaRaiseEvent
__vbaFreeObjList
ord517
_adj_fprem1
__vbaRecAnsiToUni
__vbaCopyBytes
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
ord592
__vbaExitProc
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
ord599
__vbaStrFixstr
__vbaBoolVar
__vbaFpR8
_CIsin
__vbaErase
ord709
ord631
__vbaChkstk
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaI2I4
DllFunctionCall
__vbaCastObjVar
__vbaRedimPreserve
_adj_fpatan
__vbaR4Var
__vbaLateIdCallLd
__vbaRedim
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
_CIsqrt
__vbaObjIs
EVENT_SINK_QueryInterface
__vbaUI1I4
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaUbound
__vbaCheckType
__vbaI2Var
__vbaLsetFixstrFree
ord644
_CIlog
__vbaErrorOverflow
__vbaVarLateMemCallLdRf
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord101
ord102
__vbaI4Var
ord103
ord104
ord105
__vbaAryLock
__vbaStrToAnsi
__vbaStrComp
__vbaVarDup
__vbaCheckTypeVar
__vbaFpI4
__vbaVarLateMemCallLd
__vbaLateMemCallLd
_CIatan
__vbaStrMove
__vbaCastObj
__vbaAryCopy
_allmul
__vbaLateIdSt
_CItan
__vbaAryUnlock
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
货单票据打印助手/ico.ico
货单票据打印助手/kernel32.dll
.dll windows:5 windows x86 arch:x86

6b3a7433df9283fb2665919b42eddfd2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

_wcsnicmp
NtFsControlFile
NtCreateFile
RtlAllocateHeap
RtlFreeHeap
NtOpenFile
NtQueryInformationFile
NtQueryEaFile
RtlLengthSecurityDescriptor
NtQuerySecurityObject
NtSetEaFile
NtSetSecurityObject
NtSetInformationFile
CsrClientCallServer
NtDeviceIoControlFile
NtClose
RtlInitUnicodeString
wcscspn
RtlUnicodeToMultiByteSize
wcslen
_memicmp
memmove
NtQueryValueKey
NtOpenKey
NtFlushKey
NtSetValueKey
NtCreateKey
RtlNtStatusToDosError
RtlFreeUnicodeString
RtlDnsHostNameToComputerName
wcsncpy
RtlUnicodeStringToAnsiString
RtlxUnicodeStringToAnsiSize
NlsMbCodePageTag
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlCreateUnicodeStringFromAsciiz
wcschr
wcsstr
RtlPrefixString
_wcsicmp
RtlGetFullPathName_U
RtlGetCurrentDirectory_U
NtQueryInformationProcess
RtlUnicodeStringToOemString
RtlReleasePebLock
RtlEqualUnicodeString
RtlAcquirePebLock
RtlFreeAnsiString
RtlSetCurrentDirectory_U
RtlTimeToTimeFields
NtSetSystemTime
RtlTimeFieldsToTime
NtQuerySystemInformation
RtlSetTimeZoneInformation
NtSetSystemInformation
RtlCutoverTimeToSystemTime
_allmul
DbgBreakPoint
RtlFreeSid
RtlSetDaclSecurityDescriptor
RtlCreateSecurityDescriptor
RtlAddAccessAllowedAce
RtlCreateAcl
RtlLengthSid
RtlAllocateAndInitializeSid
DbgPrint
NtOpenProcess
CsrGetProcessId
DbgUiDebugActiveProcess
DbgUiConnectToDbg
DbgUiIssueRemoteBreakin
NtSetInformationDebugObject
DbgUiGetThreadDebugObject
NtQueryInformationThread
DbgUiConvertStateChangeStructure
DbgUiWaitStateChange
DbgUiContinue
DbgUiStopDebugging
RtlDosPathNameToNtPathName_U
RtlIsDosDeviceName_U
RtlCreateAtomTable
NtAddAtom
RtlAddAtomToAtomTable
NtFindAtom
RtlLookupAtomInAtomTable
NtDeleteAtom
RtlDeleteAtomFromAtomTable
NtQueryInformationAtom
RtlQueryAtomInAtomTable
RtlOemStringToUnicodeString
RtlMultiByteToUnicodeN
RtlUnicodeToMultiByteN
RtlMultiByteToUnicodeSize
RtlPrefixUnicodeString
RtlLeaveCriticalSection
RtlEnterCriticalSection
NtEnumerateValueKey
RtlIsTextUnicode
NtReadFile
NtAllocateVirtualMemory
NtUnlockFile
NtLockFile
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
RtlCopyUnicodeString
NtFreeVirtualMemory
NtWriteFile
RtlCreateUnicodeString
RtlFormatCurrentUserKeyPath
RtlGetLongestNtPathLength
NtDuplicateObject
NtQueryKey
NtEnumerateKey
NtDeleteValueKey
RtlEqualString
CsrFreeCaptureBuffer
CsrCaptureMessageString
CsrAllocateCaptureBuffer
strncpy
RtlCharToInteger
RtlUpcaseUnicodeChar
RtlUpcaseUnicodeString
CsrAllocateMessagePointer
NtQueryObject
wcscmp
RtlCompareMemory
NtQueryDirectoryObject
NtQuerySymbolicLinkObject
NtOpenSymbolicLinkObject
NtOpenDirectoryObject
NtCreateIoCompletion
NtSetIoCompletion
NtRemoveIoCompletion
NtSetInformationProcess
NtQueryDirectoryFile
RtlDeleteCriticalSection
NtNotifyChangeDirectoryFile
NtWaitForSingleObject
RtlInitializeCriticalSection
NtQueryVolumeInformationFile
NtFlushBuffersFile
RtlDeactivateActivationContextUnsafeFast
RtlActivateActivationContextUnsafeFast
NtCancelIoFile
NtReadFileScatter
NtWriteFileGather
wcscpy
NtOpenSection
NtMapViewOfSection
NtFlushVirtualMemory
RtlFlushSecureMemoryCache
NtUnmapViewOfSection
NtCreateSection
NtQueryFullAttributesFile
swprintf
NtQueryAttributesFile
RtlDetermineDosPathNameType_U
NtRaiseHardError
NtQuerySystemEnvironmentValueEx
RtlGUIDFromString
NtSetSystemEnvironmentValueEx
RtlInitString
RtlUnlockHeap
RtlSetUserValueHeap
RtlFreeHandle
RtlAllocateHandle
RtlLockHeap
RtlSizeHeap
RtlGetUserInfoHeap
RtlReAllocateHeap
RtlIsValidHandle
RtlCompactHeap
RtlImageNtHeader
NtProtectVirtualMemory
NtQueryVirtualMemory
NtLockVirtualMemory
NtUnlockVirtualMemory
NtFlushInstructionCache
NtAllocateUserPhysicalPages
NtFreeUserPhysicalPages
NtMapUserPhysicalPages
NtMapUserPhysicalPagesScatter
NtGetWriteWatch
NtResetWriteWatch
NtSetInformationObject
CsrNewThread
CsrClientConnectToServer
RtlCreateTagHeap
LdrSetDllManifestProber
RtlSetThreadPoolStartFunc
RtlEncodePointer
_stricmp
wcscat
RtlCreateHeap
RtlDestroyHeap
RtlExtendHeap
RtlQueryTagHeap
RtlUsageHeap
RtlValidateHeap
RtlGetProcessHeaps
RtlWalkHeap
RtlSetHeapInformation
RtlQueryHeapInformation
RtlInitializeHandleTable
RtlExtendedLargeIntegerDivide
NtCreateMailslotFile
RtlFormatMessage
RtlFindMessage
LdrUnloadDll
LdrUnloadAlternateResourceModule
LdrDisableThreadCalloutsForDll
strchr
LdrGetDllHandle
LdrUnlockLoaderLock
LdrAddRefDll
RtlComputePrivatizedDllName_U
RtlPcToFileHeader
LdrLockLoaderLock
RtlGetVersion
RtlVerifyVersionInfo
LdrEnumerateLoadedModules
RtlUnicodeStringToInteger
LdrLoadAlternateResourceModule
RtlDosApplyFileIsolationRedirection_Ustr
LdrLoadDll
LdrGetProcedureAddress
LdrFindResource_U
LdrAccessResource
LdrFindResourceDirectory_U
RtlImageDirectoryEntryToData
_strcmpi
NtSetInformationThread
NtOpenThreadToken
NtCreateNamedPipeFile
RtlDefaultNpAcl
RtlDosSearchPath_Ustr
RtlInitUnicodeStringEx
RtlQueryEnvironmentVariable_U
RtlAnsiCharToUnicodeChar
RtlIntegerToChar
NtSetVolumeInformationFile
RtlIsNameLegalDOS8Dot3
NtQueryPerformanceCounter
sprintf
NtPowerInformation
NtInitiatePowerAction
NtSetThreadExecutionState
NtRequestWakeupLatency
NtGetDevicePowerState
NtIsSystemResumeAutomatic
NtRequestDeviceWakeup
NtCancelDeviceWakeupRequest
NtWriteVirtualMemory
LdrShutdownProcess
NtTerminateProcess
RtlRaiseStatus
RtlSetEnvironmentVariable
RtlExpandEnvironmentStrings_U
NtReadVirtualMemory
RtlCompareUnicodeString
RtlQueryRegistryValues
NtCreateJobSet
NtCreateJobObject
NtIsProcessInJob
RtlEqualSid
RtlSubAuthoritySid
RtlInitializeSid
NtQueryInformationToken
NtOpenProcessToken
NtResumeThread
NtAssignProcessToJobObject
CsrCaptureMessageMultiUnicodeStringsInPlace
NtCreateThread
NtCreateProcessEx
LdrQueryImageFileExecutionOptions
RtlDestroyEnvironment
NtQuerySection
NtQueryInformationJobObject
RtlGetNativeSystemInformation
RtlxAnsiStringToUnicodeSize
NtOpenEvent
NtQueryEvent
NtTerminateThread
wcsrchr
NlsMbOemCodePageTag
RtlxUnicodeStringToOemSize
NtAdjustPrivilegesToken
RtlImpersonateSelf
wcsncmp
RtlDestroyProcessParameters
RtlCreateProcessParameters
RtlInitializeCriticalSectionAndSpinCount
NtSetEvent
NtClearEvent
NtPulseEvent
NtCreateSemaphore
NtOpenSemaphore
NtReleaseSemaphore
NtCreateMutant
NtOpenMutant
NtReleaseMutant
NtSignalAndWaitForSingleObject
NtWaitForMultipleObjects
NtDelayExecution
NtCreateTimer
NtOpenTimer
NtSetTimer
NtCancelTimer
NtCreateEvent
RtlCopyLuid
strrchr
_vsnwprintf
RtlReleaseActivationContext
RtlActivateActivationContextEx
RtlQueryInformationActivationContext
NtOpenThread
LdrShutdownThread
RtlFreeThreadActivationContextStack
NtGetContextThread
NtSetContextThread
NtSuspendThread
RtlRaiseException
RtlDecodePointer
towlower
RtlClearBits
RtlFindClearBitsAndSet
RtlAreBitsSet
NtQueueApcThread
NtYieldExecution
RtlRegisterWait
RtlDeregisterWait
RtlDeregisterWaitEx
RtlQueueWorkItem
RtlSetIoCompletionCallback
RtlCreateTimerQueue
RtlCreateTimer
RtlUpdateTimer
RtlDeleteTimer
RtlDeleteTimerQueueEx
CsrIdentifyAlertableThread
RtlApplicationVerifierStop
_alloca_probe
RtlDestroyQueryDebugBuffer
RtlQueryProcessDebugInformation
RtlCreateQueryDebugBuffer
RtlCreateEnvironment
RtlFreeOemString
strstr
toupper
isdigit
atol
tolower
NtOpenJobObject
NtTerminateJobObject
NtSetInformationJobObject
RtlAddRefActivationContext
RtlZombifyActivationContext
RtlActivateActivationContext
RtlDeactivateActivationContext
RtlGetActiveActivationContext
DbgPrintEx
LdrDestroyOutOfProcessImage
LdrAccessOutOfProcessResource
LdrFindCreateProcessManifest
LdrCreateOutOfProcessImage
RtlNtStatusToDosErrorNoTeb
RtlpApplyLengthFunction
RtlGetLengthWithoutLastFullDosOrNtPathElement
RtlpEnsureBufferSize
RtlMultiAppendUnicodeStringBuffer
_snwprintf
RtlCreateActivationContext
RtlFindActivationContextSectionString
RtlFindActivationContextSectionGuid
_allshl
RtlNtPathNameToDosPathName
RtlUnhandledExceptionFilter
CsrCaptureMessageBuffer
NtQueryInstallUILanguage
NtQueryDefaultUILanguage
wcspbrk
RtlOpenCurrentUser
RtlGetDaclSecurityDescriptor
NtCreateDirectoryObject
_wcslwr
_wtol
RtlIntegerToUnicodeString
NtQueryDefaultLocale
_strlwr
RtlUnwind

Exports

Exports

ActivateActCtx
AddAtomA
AddAtomW
AddConsoleAliasA
AddConsoleAliasW
AddLocalAlternateComputerNameA
AddLocalAlternateComputerNameW
AddRefActCtx
AddVectoredExceptionHandler
AllocConsole
AllocateUserPhysicalPages
AreFileApisANSI
AssignProcessToJobObject
AttachConsole
BackupRead
BackupSeek
BackupWrite
BaseCheckAppcompatCache
BaseCleanupAppcompatCache
BaseCleanupAppcompatCacheSupport
BaseDumpAppcompatCache
BaseFlushAppcompatCache
BaseInitAppcompatCache
BaseInitAppcompatCacheSupport
BaseProcessInitPostImport
BaseQueryModuleData
BaseUpdateAppcompatCache
BasepCheckWinSaferRestrictions
Beep
BeginUpdateResourceA
BeginUpdateResourceW
BindIoCompletionCallback
BuildCommDCBA
BuildCommDCBAndTimeoutsA
BuildCommDCBAndTimeoutsW
BuildCommDCBW
CallNamedPipeA
CallNamedPipeW
CancelDeviceWakeupRequest
CancelIo
CancelTimerQueueTimer
CancelWaitableTimer
ChangeTimerQueueTimer
CheckNameLegalDOS8Dot3A
CheckNameLegalDOS8Dot3W
CheckRemoteDebuggerPresent
ClearCommBreak
ClearCommError
CloseConsoleHandle
CloseHandle
CloseProfileUserMapping
CmdBatNotification
CommConfigDialogA
CommConfigDialogW
CompareFileTime
CompareStringA
CompareStringW
ConnectNamedPipe
ConsoleMenuControl
ContinueDebugEvent
ConvertDefaultLocale
ConvertFiberToThread
ConvertThreadToFiber
CopyFileA
CopyFileExA
CopyFileExW
CopyFileW
CopyLZFile
CreateActCtxA
CreateActCtxW
CreateConsoleScreenBuffer
CreateDirectoryA
CreateDirectoryExA
CreateDirectoryExW
CreateDirectoryW
CreateEventA
CreateEventW
CreateFiber
CreateFiberEx
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateHardLinkA
CreateHardLinkW
CreateIoCompletionPort
CreateJobObjectA
CreateJobObjectW
CreateJobSet
CreateMailslotA
CreateMailslotW
CreateMemoryResourceNotification
CreateMutexA
CreateMutexW
CreateNamedPipeA
CreateNamedPipeW
CreateNlsSecurityDescriptor
CreatePipe
CreateProcessA
CreateProcessInternalA
CreateProcessInternalW
CreateProcessInternalWSecure
CreateProcessW
CreateRemoteThread
CreateSemaphoreA
CreateSemaphoreW
CreateSocketHandle
CreateTapePartition
CreateThread
CreateTimerQueue
CreateTimerQueueTimer
CreateToolhelp32Snapshot
CreateVirtualBuffer
CreateWaitableTimerA
CreateWaitableTimerW
DeactivateActCtx
DebugActiveProcess
DebugActiveProcessStop
DebugBreak
DebugBreakProcess
DebugSetProcessKillOnExit
DecodePointer
DecodeSystemPointer
DefineDosDeviceA
DefineDosDeviceW
DelayLoadFailureHook
DeleteAtom
DeleteCriticalSection
DeleteFiber
DeleteFileA
DeleteFileW
DeleteTimerQueue
DeleteTimerQueueEx
DeleteTimerQueueTimer
DeleteVolumeMountPointA
DeleteVolumeMountPointW
DeviceIoControl
DisableThreadLibraryCalls
DisconnectNamedPipe
DnsHostnameToComputerNameA
DnsHostnameToComputerNameW
DosDateTimeToFileTime
DosPathToSessionPathA
DosPathToSessionPathW
DuplicateConsoleHandle
DuplicateHandle
EncodePointer
EncodeSystemPointer
EndUpdateResourceA
EndUpdateResourceW
EnterCriticalSection
EnumCalendarInfoA
EnumCalendarInfoExA
EnumCalendarInfoExW
EnumCalendarInfoW
EnumDateFormatsA
EnumDateFormatsExA
EnumDateFormatsExW
EnumDateFormatsW
EnumLanguageGroupLocalesA
EnumLanguageGroupLocalesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceNamesA
EnumResourceNamesW
EnumResourceTypesA
EnumResourceTypesW
EnumSystemCodePagesA
EnumSystemCodePagesW
EnumSystemGeoID
EnumSystemLanguageGroupsA
EnumSystemLanguageGroupsW
EnumSystemLocalesA
EnumSystemLocalesW
EnumTimeFormatsA
EnumTimeFormatsW
EnumUILanguagesA
EnumUILanguagesW
EnumerateLocalComputerNamesA
EnumerateLocalComputerNamesW
EraseTape
EscapeCommFunction
ExitProcess
ExitThread
ExitVDM
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
ExpungeConsoleCommandHistoryA
ExpungeConsoleCommandHistoryW
ExtendVirtualBuffer
FatalAppExitA
FatalAppExitW
FatalExit
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FillConsoleOutputCharacterW
FindActCtxSectionGuid
FindActCtxSectionStringA
FindActCtxSectionStringW
FindAtomA
FindAtomW
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstChangeNotificationW
FindFirstFileA
FindFirstFileExA
FindFirstFileExW
FindFirstFileW
FindFirstVolumeA
FindFirstVolumeMountPointA
FindFirstVolumeMountPointW
FindFirstVolumeW
FindNextChangeNotification
FindNextFileA
FindNextFileW
FindNextVolumeA
FindNextVolumeMountPointA
FindNextVolumeMountPointW
FindNextVolumeW
FindResourceA
FindResourceExA
FindResourceExW
FindResourceW
FindVolumeClose
FindVolumeMountPointClose
FlushConsoleInputBuffer
FlushFileBuffers
FlushInstructionCache
FlushViewOfFile
FoldStringA
FoldStringW
FormatMessageA
FormatMessageW
FreeConsole
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
FreeResource
FreeUserPhysicalPages
FreeVirtualBuffer
GenerateConsoleCtrlEvent
GetACP
GetAtomNameA
GetAtomNameW
GetBinaryType
GetBinaryTypeA
GetBinaryTypeW
GetCPFileNameFromRegistry
GetCPInfo
GetCPInfoExA
GetCPInfoExW
GetCalendarInfoA
GetCalendarInfoW
GetComPlusPackageInstallStatus
GetCommConfig
GetCommMask
GetCommModemStatus
GetCommProperties
GetCommState
GetCommTimeouts
GetCommandLineA
GetCommandLineW
GetCompressedFileSizeA
GetCompressedFileSizeW
GetComputerNameA
GetComputerNameExA
GetComputerNameExW
GetComputerNameW
GetConsoleAliasA
GetConsoleAliasExesA
GetConsoleAliasExesLengthA
GetConsoleAliasExesLengthW
GetConsoleAliasExesW
GetConsoleAliasW
GetConsoleAliasesA
GetConsoleAliasesLengthA
GetConsoleAliasesLengthW
GetConsoleAliasesW
GetConsoleCP
GetConsoleCharType
GetConsoleCommandHistoryA
GetConsoleCommandHistoryLengthA
GetConsoleCommandHistoryLengthW
GetConsoleCommandHistoryW
GetConsoleCursorInfo
GetConsoleCursorMode
GetConsoleDisplayMode
GetConsoleFontInfo
GetConsoleFontSize
GetConsoleHardwareState
GetConsoleInputExeNameA
GetConsoleInputExeNameW
GetConsoleInputWaitHandle
GetConsoleKeyboardLayoutNameA
GetConsoleKeyboardLayoutNameW
GetConsoleMode
GetConsoleNlsMode
GetConsoleOutputCP
GetConsoleProcessList
GetConsoleScreenBufferInfo
GetConsoleSelectionInfo
GetConsoleTitleA
GetConsoleTitleW
GetConsoleWindow
GetCurrencyFormatA
GetCurrencyFormatW
GetCurrentActCtx
GetCurrentConsoleFont
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDateFormatW
GetDefaultCommConfigA
GetDefaultCommConfigW
GetDefaultSortkeySize
GetDevicePowerState
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDllDirectoryA
GetDllDirectoryW
GetDriveTypeA
GetDriveTypeW
GetEnvironmentStrings
GetEnvironmentStringsA
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetExitCodeProcess
GetExitCodeThread
GetExpandedNameA
GetExpandedNameW
GetFileAttributesA
GetFileAttributesExA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFirmwareEnvironmentVariableA
GetFirmwareEnvironmentVariableW
GetFullPathNameA
GetFullPathNameW
GetGeoInfoA
GetGeoInfoW
GetHandleContext
GetHandleInformation
GetLargestConsoleWindowSize
GetLastError
GetLinguistLangSize
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDriveStringsA
GetLogicalDriveStringsW
GetLogicalDrives
GetLongPathNameA
GetLongPathNameW
GetMailslotInfo
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetNamedPipeHandleStateA
GetNamedPipeHandleStateW
GetNamedPipeInfo
GetNativeSystemInfo
GetNextVDMCommand
GetNlsSectionName
GetNumaAvailableMemory
GetNumaAvailableMemoryNode
GetNumaHighestNodeNumber
GetNumaNodeProcessorMask
GetNumaProcessorMap
GetNumaProcessorNode
GetNumberFormatA
GetNumberFormatW
GetNumberOfConsoleFonts
GetNumberOfConsoleInputEvents
GetNumberOfConsoleMouseButtons
GetOEMCP
GetOverlappedResult
GetPriorityClass
GetPrivateProfileIntA
GetPrivateProfileIntW
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetPrivateProfileStructA
GetPrivateProfileStructW
GetProcAddress
GetProcessAffinityMask
GetProcessHandleCount
GetProcessHeap
GetProcessHeaps
GetProcessId
GetProcessIoCounters
GetProcessPriorityBoost
GetProcessShutdownParameters
GetProcessTimes
GetProcessVersion
GetProcessWorkingSetSize
GetProfileIntA
GetProfileIntW
GetProfileSectionA
GetProfileSectionW
GetProfileStringA
GetProfileStringW
GetQueuedCompletionStatus
GetShortPathNameA
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeExA
GetStringTypeExW
GetStringTypeW
GetSystemDefaultLCID
GetSystemDefaultLangID
GetSystemDefaultUILanguage
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemPowerStatus
GetSystemRegistryQuota
GetSystemTime
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetSystemTimes
GetSystemWindowsDirectoryA
GetSystemWindowsDirectoryW
GetSystemWow64DirectoryA
GetSystemWow64DirectoryW
GetTapeParameters
GetTapePosition
GetTapeStatus
GetTempFileNameA
GetTempFileNameW
GetTempPathA
GetTempPathW
GetThreadContext
GetThreadIOPendingFlag
GetThreadLocale
GetThreadPriority
GetThreadPriorityBoost
GetThreadSelectorEntry
GetThreadTimes
GetTickCount
GetTimeFormatA
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetUserDefaultUILanguage
GetUserGeoID
GetVDMCurrentDirectories
GetVersion
GetVersionExA
GetVersionExW
GetVolumeInformationA
GetVolumeInformationW
GetVolumeNameForVolumeMountPointA
GetVolumeNameForVolumeMountPointW
GetVolumePathNameA
GetVolumePathNameW
GetVolumePathNamesForVolumeNameA
GetVolumePathNamesForVolumeNameW
GetWindowsDirectoryA
GetWindowsDirectoryW
GetWriteWatch
GlobalAddAtomA
GlobalAddAtomW
GlobalAlloc
GlobalCompact
GlobalDeleteAtom
GlobalFindAtomA
GlobalFindAtomW
GlobalFix
GlobalFlags
GlobalFree
GlobalGetAtomNameA
GlobalGetAtomNameW

Sections

.text
Size: 520KB - Virtual size: 520KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 565KB - Virtual size: 564KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
货单票据打印助手/loading.swf
货单票据打印助手/mu.dll/Desktop.ini
货单票据打印助手/mu.dll/EMS.jpg
.jpg
货单票据打印助手/mu.dll/EMS快递.pip
货单票据打印助手/mu.dll/Thumbs.db
货单票据打印助手/mu.dll/dds.jpg
.jpg
货单票据打印助手/mu.dll/dds.pip
货单票据打印助手/mu.dll/ico.jpg
.jpg
货单票据打印助手/mu.dll/shunfen.jpg
.jpg
货单票据打印助手/mu.dll/sto.jpg
.jpg
货单票据打印助手/mu.dll/tiantian.jpg
.jpg
货单票据打印助手/mu.dll/yuantong.jpg
.jpg
货单票据打印助手/mu.dll/yuda.jpg
.jpg
货单票据打印助手/mu.dll/zaijison.jpg
.jpg
货单票据打印助手/mu.dll/zhongtong.jpg
.jpg
货单票据打印助手/mu.dll/中通速递.pip
货单票据打印助手/mu.dll/圆通快递.pip
货单票据打印助手/mu.dll/天天.pip
货单票据打印助手/mu.dll/宅急送.pip
货单票据打印助手/mu.dll/申通快递.pip
货单票据打印助手/mu.dll/韵达.pip
货单票据打印助手/mu.dll/顺丰快递.pip
货单票据打印助手/netsh.exe
.exe windows:5 windows x86 arch:x86

aae38da216fd60b3b7689e2a3c11d2a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
__winitenv
exit
_cexit
_XcptFilter
_exit
_c_exit
wcspbrk
_except_handler3
_wctime
printf
time
fflush
fgets
_wcsnicmp
wprintf
swprintf
_iob
_wfopen
fclose
iswctype
_wcslwr
wcstok
_wcsdup
wcscpy
wcslen
wcsncpy
wcscat
qsort
_wcsicmp
wcschr
_wcsupr
wcsrchr
free
wcscmp

advapi32

RegQueryValueExW
CloseEventLog
NotifyChangeEventLog
OpenEventLogW
ReadEventLogW
RegQueryInfoKeyW
RegEnumValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegCloseKey
RegConnectRegistryW

kernel32

GetLastError
HeapAlloc
GetProcessHeap
HeapFree
GetModuleHandleA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetFilePointer
WaitForMultipleObjectsEx
WideCharToMultiByte
GetConsoleOutputCP
MultiByteToWideChar
WriteFile
WaitForSingleObject
ResetEvent
CreateEventW
CreateConsoleScreenBuffer
SetConsoleScreenBufferSize
SetConsoleActiveScreenBuffer
GetConsoleScreenBufferInfo
FillConsoleOutputCharacterW
FillConsoleOutputAttribute
SetConsoleCursorPosition
CreateFileW
FreeLibrary
GetProcAddress
LoadLibraryW
HeapReAlloc
GetComputerNameW
SetConsoleCtrlHandler
GetModuleHandleW
FormatMessageW
LocalFree
GetStdHandle
SetEvent
ExpandEnvironmentStringsW
CloseHandle
OpenEventW

mprapi

MprConfigGetFriendlyName
MprConfigBufferFree
MprConfigInterfaceEnum
MprConfigGetGuidName
MprAdminGetErrorString
MprConfigInterfaceGetHandle

ntdll

RtlInitUnicodeString
RtlGUIDFromString

ole32

CoUninitialize
CoSetProxyBlanket
CoCreateInstance
CoInitializeEx

oleaut32

SysFreeString
VariantChangeType
SysAllocString

rasapi32

RasGetErrorStringW

user32

LoadStringW
wsprintfW

iphlpapi

NhGetInterfaceNameFromGuid

Exports

Exports

ConvertGuidToString
ConvertStringToGuid
DisplayMessageM
DisplayMessageToConsole
FreeQuotedString
FreeString
GenericMonitor
GetEnumString
GetHostMachineInfo
InitializeConsole
MakeQuotedString
MakeString
MatchCmdLine
MatchEnumTag
MatchTagsInCmdLine
MatchToken
NsGetFriendlyNameFromIfName
NsGetIfNameFromFriendlyName
PreprocessCommand
PrintError
PrintEventLog
PrintMessage
PrintMessageFromModule
RefreshConsole
RegisterContext
RegisterHelper

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
货单票据打印助手/se.dll
货单票据打印助手/shdocvw.dll
.dll regsvr32 windows:5 windows x86 arch:x86

63f0fb1cf004e8958b682f75454b5ad2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExW
RegQueryValueExW
RegEnumValueA

crypt32

CryptMsgClose
CryptQueryObject
CryptMsgGetParam
CertCloseStore

cryptui

CryptUIDlgViewSignerInfoW

gdi32

DeleteObject
DeleteDC
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
LPtoDP
GetDeviceCaps
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
SetPaletteEntries
GetPaletteEntries
RealizePalette
SelectPalette
GetStockObject
CreatePalette
SetBkColor
SetBkMode
SetTextColor
SelectObject
GetTextExtentPointW
IntersectClipRect
CreateDCA
CloseEnhMetaFile
CreateEnhMetaFileA
LineTo
MoveToEx
Rectangle
StretchBlt
CreateCompatibleDC
BitBlt
GetTextCharset
CreateCompatibleBitmap
GetTextExtentPoint32W
RestoreDC

kernel32

GetSystemDefaultLCID
CreateThread
CompareFileTime
GetSystemTimeAsFileTime
IsDBCSLeadByte
CreateDirectoryA
SetCurrentDirectoryA
SetFilePointer
ReadFile
GetFileSize
WriteFile
FindClose
WaitForSingleObject
SetEvent
CreateFileA
ReleaseMutex
LocalFileTimeToFileTime
SystemTimeToFileTime
GetTempPathA
ExitProcess
GetCommandLineW
OpenMutexW
TlsGetValue
GetSystemTime
GetCurrentProcessId
GlobalFlags
lstrcmpiA
GlobalReAlloc
TlsSetValue
GetLocalTime
FileTimeToSystemTime
GetSystemInfo
ReleaseSemaphore
UnhandledExceptionFilter
SetErrorMode
GetCurrentDirectoryA
GetShortPathNameA
ResetEvent
HeapFree
GetProcessHeap
InterlockedExchange
TerminateThread
GetExitCodeThread
QueryPerformanceCounter
TerminateProcess
SetUnhandledExceptionFilter
FileTimeToLocalFileTime
HeapAlloc
GetLocaleInfoW
LoadLibraryW
DosDateTimeToFileTime
GetModuleHandleW
CreateEventA
LoadLibraryA
VirtualFree
VirtualAlloc
lstrcpynW
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
GetProcAddress
LocalFree
LocalAlloc
MultiByteToWideChar
GetVersionExA
lstrcmpA
GetSystemDirectoryA
LocalReAlloc
GetDriveTypeW
CreateMutexA
lstrlenA
Sleep
WideCharToMultiByte
lstrcpynA
GetUserDefaultLCID
GlobalFree
LocalSize
GetTickCount
GetLastError
LoadLibraryExA
SetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
lstrlenW
GlobalAlloc
GlobalLock
GlobalUnlock
HeapDestroy
EnterCriticalSection
LeaveCriticalSection
MulDiv
DisableThreadLibraryCalls
InitializeCriticalSection
TlsAlloc
GetACP
CloseHandle
TlsFree
DeleteCriticalSection
FreeLibrary
InterlockedDecrement
OpenMutexA
InterlockedIncrement
RaiseException
GlobalSize

msvcrt

_onexit
__dllonexit
_adjust_fdiv
_initterm
_ftol
wcslen
free
_vsnprintf
_except_handler3
_wcsnicmp
wcsrchr
_ltow
memmove
malloc
realloc
_vsnwprintf

shlwapi

ord81
ord561
ord231
wnsprintfW
ord24
ord516
ord517
ord446
SHDeleteKeyW
ord491
ord176
ord204
ord509
ord172
ord199
ord164
StrCpyNW
ord117
SHRegGetBoolUSValueW
ord163
ord133
ord154
ord240
ord178
ord84
ord171
ord249
PathCreateFromUrlW
StrChrW
ord346
ord184
SHStrDupW
ord212
ord174
ord284
ord282
PathFileExistsW
ord384
ord287
ord83
ord318
SHRegGetUSValueW
StrCmpNIW
StrStrIW
StrDupW
ord15
SHQueryValueExW
ord120
ord302
ord192
ord303
ord139
ord558
ord564
ord436
ord128
ord123
ord193
PathQuoteSpacesW
ord75
PathCombineW
ord97
ord299
PathRemoveFileSpecW
ord60
ord116
ord394
ord538
ord149
ord135
ord74
ord104
ord389
ord426
ord427
ord425
ord106
ord108
ord401
ord402
StrCatBuffW
ord57
ord80
ord542
UrlCanonicalizeW
AssocQueryStringW
ord124
SHRegCloseUSKey
SHRegDeleteUSValueW
SHRegOpenUSKeyW
StrDupA
ord122
ord13
ord175
ord127
StrCmpW
StrCmpNW
ord158
ord562
ord146
ord40
PathUnquoteSpacesW
PathRemoveBlanksW
ord539
ord186
ord181
ord237
ord217
ord382
ord168
ord66
SHRegSetUSValueW
ord221
ord173
ord220
ord248
ord198
ord79
ord467
ord100
ord2
ord484
ord383
UrlGetPartW
StrStrW
StrChrIW
PathAppendW
ord559
ord138
StrFromTimeIntervalW
ord336
ord99
ord143
ord67
ord216
PathFindExtensionA
UrlCanonicalizeA
ord218
AssocIsDangerous
AssocCreate
ord130
PathUndecorateW
ord103
ord313
PathParseIconLocationW
ord52
ord165
ord16
PathCompactPathW
ord331
ord72
PathIsRelativeW
ord476
ord134
ord87
ord140
PathRemoveExtensionW
ord334
ord50
ord333
PathCommonPrefixW
UrlIsW
StrTrimW
ord36
PathAddBackslashW
SHQueryValueExA
StrCatBuffA
StrStrIA
PathFindFileNameA
StrCmpNIA
SHSetValueA
wnsprintfA
SHGetValueA
ord126
SHDeleteOrphanKeyA
PathRemoveFileSpecA
SHDeleteKeyA
SHDeleteValueA
ord433
SHDeleteValueW
ord294
ord90
ord129
StrToIntExW
ord372
ord373
ord371
ord286
UrlCombineW
ord376
UrlGetLocationW
StrToIntW
ord283
ord281
PathIsURLW
ord51
ord28
ord39
UrlHashW
StrRChrW
StrChrIA
ord41
ord352
ord350
wvnsprintfA
ord65
ord341
ord403
ord360
ord137
ord305
ord71
wvnsprintfW
SHOpenRegStream2W
ord187
ord471
ord270
ord263
PathIsPrefixW
PathSearchAndQualifyW
ord73
ord298
ord296
PathRenameExtensionW
ord12
ord112
ord89
ord236
ord96
ord354
ord370
ord274
ord460
ord76
StrTrimA
ord295
ord98
ord260
ord49
PathCombineA
PathGetArgsW
ord347
ord366
ord121
ord43
ord362
SHRegDuplicateHKey
ord551
ord195
ord197
ord61
ord91
ord53
ord312
StrRetToBufW
ord279
ord479
StrPBrkW
ord113
SHCreateStreamOnFileW
PathCompactPathExW
ord338
ord142
ord182
ord428
ord132
ord355
SHSkipJunction
ord269
ord342
AssocQueryKeyW
PathIsContentTypeW
UrlEscapeW
ord316
PathCanonicalizeW
UrlCreateFromPathW
ord206
ord242
ord243
ord167
ord189
ord188
ord520
ord505
ord507
ord506
ord101
ord93
ord280
ord10
ord9
ord8
ord278
ord105
ord439
StrToIntExA
UrlUnescapeA
ord477
SHRegEnumUSValueW
UrlApplySchemeW
ord462
UrlIsNoHistoryW
StrCSpnW
StrSpnW
ord85
ord367
ord368
ord214
ord310
PathRemoveExtensionA
HashData
UrlUnescapeW
ord496
ord266
ord223
ord222
ord423
ord353
ord319
PathIsURLA
PathRemoveBackslashW
ord375
ord458
ord434
PathCreateFromUrlA
ord357
PathIsFileSpecW
PathIsDirectoryW
PathIsUNCW
SHAutoComplete
ord145
ord480
ord311
ord563
StrFormatKBSizeW
ChrCmpIW
ord229
ord560
SHRegGetValueW
ord157
StrRetToStrW
ord540
PathGetDriveNumberW
ord289
ord267
ord268
ord534
ord1
ord335
ord219
PathFindExtensionW
PathFindFileNameW
ord55
ord315
ord102
ord314
ord37
ord304
ord48
ord131
ord56
ord136
ord141
ord94
ord156
ord161
ord437
ord241
SHCreateShellPalette
ord239
ord461
SHSetValueW
SHGetValueW
StrCmpIW
ord68
ord95
ord340
ord418
ord549
ord276
ord125
ord309
ord406
ord416
ord398
ord414
ord107
ord378
ord431
ord215
StrFormatByteSizeW
PathIsUNCServerShareW
PathStripToRootW
ord59
AssocGetPerceivedType
ord351

user32

UnionRect
ReleaseDC
GetDC
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
EndPaint
BeginPaint
IsChild
GetFocus
IsWindow
DestroyAcceleratorTable
GetKeyState
InvalidateRect
wsprintfW
SetFocus
GetParent
EndDialog
GetWindowLongA
IsWindowEnabled
SetCursor
SetForegroundWindow
SetRect
IsWindowVisible
GetLastActivePopup
GetCapture
GetMenuItemCount
TranslateMessage
ChildWindowFromPointEx
ScreenToClient
GetDlgCtrlID
IsDlgButtonChecked
EnableMenuItem
CheckMenuItem
GetMenuItemID
GetSubMenu
CheckDlgButton
CheckRadioButton
EnableWindow
GetDlgItem
GetDesktopWindow
RemoveMenu
GetMenuState
CreateMenu
MessageBeep
InflateRect
MoveWindow
PostQuitMessage
MapWindowPoints
GetDoubleClickTime
WaitMessage
GetAsyncKeyState
GetSystemMenu
CreatePopupMenu
SetParent
GetWindow
AdjustWindowRect
GetSysColor
GetNextDlgTabItem
CheckMenuRadioItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
MsgWaitForMultipleObjects
IsIconic
SetWindowPlacement
GetWindowPlacement
DdeCreateDataHandle
DdeDisconnect
DdeClientTransaction
DdeConnect
DdeFreeStringHandle
DdeUninitialize
DdeNameService
GetForegroundWindow
DdeFreeDataHandle
DdeGetData
CharLowerBuffA
RegisterWindowMessageA
CharNextA
GetActiveWindow
EnumWindows
ChildWindowFromPoint
SetMenuDefaultItem
GetMenuDefaultItem
GetSystemMetrics
SystemParametersInfoA
DrawIconEx
ChangeClipboardChain
SetClipboardViewer
CopyRect
IsRectEmpty
UpdateWindow
GetMessagePos
SetRectEmpty
CallNextHookEx
UnhookWindowsHookEx
GetWindowThreadProcessId
SetWindowLongA
SendMessageTimeoutA
IsHungAppWindow
LoadMenuA
LoadMenuW
InsertMenuA
InsertMenuW
DrawFocusRect
ShowWindowAsync
GetShellWindow
ReleaseCapture
SetCapture
GetWindowDC
TrackMouseEvent
GetCursorPos
CharNextW
RegisterClipboardFormatW
DrawTextExW
SendMessageW
SetWindowTextW
PtInRect
SetTimer
GetSysColorBrush
FillRect
GetWindowRect
RedrawWindow
DestroyWindow
GetClientRect
AdjustWindowRectEx
SetWindowPos
KillTimer
ShowWindow
DestroyIcon
LoadStringA

Exports

Exports

AddUrlToFavorites
DllCanUnloadNow
DllGetClassObject
DllGetVersion
DllInstall
DllRegisterServer
DllRegisterWindowClasses
DllUnregisterServer
DoAddToFavDlg
DoAddToFavDlgW
DoFileDownload
DoFileDownloadEx
DoOrganizeFavDlg
DoOrganizeFavDlgW
DoPrivacyDlg
HlinkFindFrame
HlinkFrameNavigate
HlinkFrameNavigateNHL
IEWriteErrorLog
ImportPrivacySettings
OpenURL
SHAddSubscribeFavorite
SHGetIDispatchForFolder
SetQueryNetSessionCount
SetShellOfflineState
SoftwareUpdateMessageBox
URLQualifyA
URLQualifyW

Sections

.text
Size: 862KB - Virtual size: 861KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 546KB - Virtual size: 546KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
货单票据打印助手/shell32.dll
.dll regsvr32 windows:5 windows x86 arch:x86

26f0eb09ef4dd2b296eaa82116815e72

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
AllocateAndInitializeSid
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
MakeSelfRelativeSD
GetSecurityDescriptorLength
EqualSid
GetSecurityDescriptorDacl
GetSecurityDescriptorOwner
GetFileSecurityW
RegCreateKeyExW
RegOpenKeyExW
FreeSid
GetAce
AddAccessAllowedAce
InitializeAcl
RegNotifyChangeKeyValue
RegCreateKeyW
GetSecurityDescriptorControl
EncryptFileW
DecryptFileW
ChangeServiceConfigW
StartServiceW
ControlService
OpenSCManagerW
OpenServiceW
QueryServiceStatus
CloseServiceHandle
GetNamedSecurityInfoW
ConvertSidToStringSidW
RegOpenCurrentUser
LookupAccountNameW
SetNamedSecurityInfoW
CreateProcessWithLogonW
CreateProcessAsUserW
SaferGetPolicyInformation
SaferiIsExecutableFileType
SaferIdentifyLevel
SaferRecordEventLogEntry
SaferGetLevelInformation
InstallApplication
SaferCreateLevel
SaferComputeTokenFromLevel
SaferCloseLevel
RegQueryValueW
OpenThreadToken
CheckTokenMembership
LookupPrivilegeValueW
AdjustTokenPrivileges
CommandLineFromMsiDescriptor
RegSetKeySecurity
RegQueryInfoKeyW
GetUserNameW
RegEnumKeyExW
RegDeleteKeyW
RegEnumValueW
SetFileSecurityW
TreeResetNamedSecurityInfoW
RegEnumKeyW
RegOpenKeyW
RegSetValueW
LookupAccountSidW
GetTokenInformation
OpenProcessToken
RegQueryValueExA
RegOpenKeyExA
GetLengthSid

gdi32

FillRgn
CreateSolidBrush
CombineRgn
CreateRectRgn
OffsetRgn
CreateEllipticRgnIndirect
ExtTextOutW
SetBkColor
GetStockObject
GetDeviceCaps
CreateICW
PatBlt
SetTextColor
CreatePen
GetTextExtentPoint32W
CreateFontA
AddFontResourceW
GetTextMetricsW
EnumFontFamiliesA
GetNearestColor
GetObjectW
CreateCompatibleBitmap
CreateFontIndirectW
EnumFontFamiliesExW
CreateDCW
GetTextFaceW
SetFontEnumeration
TranslateCharsetInfo
GetPixel
RealizePalette
SelectPalette
RectVisible
CreateDIBSection
GetBitmapBits
CreateBitmap
CreateDIBitmap
GdiFlush
TextOutW
SetBkMode
GetDIBColorTable
CreateRectRgnIndirect
RestoreDC
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
LPtoDP
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileW
SetStretchBltMode
SetLayout
GetBkColor
GetClipBox
SetRectRgn
GetDIBits
GetPaletteEntries
StretchDIBits
Rectangle
SetDIBits
CreateBitmapIndirect
GetClipRgn
SelectClipRgn
SetPixel
ExtFloodFill
CreatePalette
CreatePatternBrush
IntersectClipRect
CreateHalftonePalette
GetNearestPaletteIndex
Ellipse
Pie
Arc
MoveToEx
LineTo
GetTextExtentPointW
CreateCompatibleDC
SelectObject
StretchBlt
DeleteObject
DeleteDC
TextOutA
GetTextExtentPoint32A
GetObjectA
DeleteEnhMetaFile
SetTextAlign
PlayEnhMetaFile
SetBrushOrgEx
GetBrushOrgEx
CreateDIBPatternBrushPt
GetLayout
BitBlt
ExtTextOutA

kernel32

GetAtomNameW
FindAtomW
OutputDebugStringW
SetProcessWorkingSetSize
DelayLoadFailureHook
VirtualAlloc
GetVersionExA
CreateEventA
GetModuleHandleA
lstrcatW
GlobalGetAtomNameW
FindFirstFileA
lstrcatA
FindNextFileA
HeapCreate
DeleteAtom
AddAtomW
CreateHardLinkW
LocalFileTimeToFileTime
GlobalMemoryStatus
VirtualFree
HeapReAlloc
HeapAlloc
SizeofResource
HeapFree
QueryDosDeviceW
SetVolumeLabelW
GetPrivateProfileSectionNamesW
OpenThread
GetSystemDefaultLCID
CreateSemaphoreW
ResumeThread
WaitForMultipleObjects
ReleaseSemaphore
SetThreadPriority
FlushInstructionCache
GetLocalTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
GetFileInformationByHandle
GetPrivateProfileSectionW
GetStringTypeExW
GetTimeFormatW
DosDateTimeToFileTime
FileTimeToSystemTime
MoveFileExW
GetProcessHeap
ExitProcess
IsBadStringPtrW
CopyFileW
FindFirstChangeNotificationW
FindNextChangeNotification
FindCloseChangeNotification
GetSystemDefaultUILanguage
FindResourceExW
GetCurrentThread
IsBadStringPtrA
HeapDestroy
QueryPerformanceFrequency
IsBadWritePtr
GetOverlappedResult
GetDateFormatW
GetVolumePathNamesForVolumeNameW
CreateMutexW
ReleaseMutex
GetVolumeNameForVolumeMountPointW
DeviceIoControl
TlsGetValue
TlsSetValue
GetProfileSectionW
GetUserDefaultLCID
GetNumberFormatW
GetVolumePathNameW
FindFirstFileExW
InterlockedExchange
CompareStringW
CompareFileTime
ExpandEnvironmentStringsW
QueueUserAPC
GetExitCodeThread
WaitForSingleObjectEx
DuplicateHandle
ProcessIdToSessionId
WTSGetActiveConsoleSessionId
SetUnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
LoadLibraryA
GetBinaryTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
EnumSystemLocalesW
GetLocaleInfoW
GetOEMCP
GetSystemInfo
GetShortPathNameA
GetFileAttributesA
GetSystemDefaultLangID
GetProfileIntW
GetPrivateProfileIntW
GetComputerNameW
GetCurrentProcess
GetFullPathNameA
GetFullPathNameW
GetEnvironmentVariableW
SetEnvironmentVariableW
lstrcmpiA
lstrcpyA
GlobalReAlloc
lstrcpyW
VerLanguageNameW
InitializeCriticalSection
lstrcpynA
GetProfileStringW
WriteProfileStringW
EnumResourceNamesW
GetTempPathW
GetLongPathNameW
GetFileSize
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
RemoveDirectoryW
MoveFileW
GetCurrentThreadId
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryW
CreateProcessW
GetExitCodeProcess
IsBadReadPtr
IsBadCodePtr
InterlockedCompareExchange
lstrcmpA
FormatMessageA
LocalSize
GetACP
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsFree
DeleteCriticalSection
GetModuleHandleW
GetCompressedFileSizeW
GetFileAttributesExW
GetLogicalDrives
FindResourceW
LoadResource
LockResource
FreeResource
SearchPathW
GlobalSize
_lclose
GlobalAlloc
GlobalLock
_lread
GlobalUnlock
GlobalFree
GetFileTime
lstrcpynW
WideCharToMultiByte
GlobalDeleteAtom
GlobalAddAtomW
SetThreadExecutionState
CreateDirectoryW
CreateDirectoryExW
MoveFileWithProgressW
WritePrivateProfileSectionW
SetFileTime
GetTempFileNameW
FormatMessageW
OpenEventW
WaitForSingleObject
ResetEvent
CreateEventW
SetEvent
GetCurrentDirectoryW
SetCurrentDirectoryW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
CopyFileExW
DeleteFileW
InterlockedIncrement
InterlockedDecrement
GetCurrentProcessId
OpenProcess
CreateActCtxW
GetModuleFileNameW
ReleaseActCtx
lstrcmpW
GetUserDefaultUILanguage
GetSystemDirectoryW
GetPrivateProfileStringW
GetWindowsDirectoryW
ActivateActCtx
SetErrorMode
UnhandledExceptionFilter
DeactivateActCtx
GetCommandLineW
LoadLibraryW
GetProcAddress
GetShortPathNameW
GetSystemTime
SystemTimeToFileTime
CreateThread
WritePrivateProfileStringW
CreateFileW
GetLastError
Sleep
ReadFile
GetDriveTypeW
GetVolumeInformationW
GetTickCount
SetFileAttributesW
SetLastError
lstrcmpiW
GetFileAttributesW
FindFirstFileW
FindNextFileW
FindClose
CloseHandle
SetEndOfFile
SetFilePointer
WriteFile
EnterCriticalSection
LeaveCriticalSection
lstrlenA
MultiByteToWideChar
MulDiv
LoadLibraryExW
FreeLibrary
GlobalMemoryStatusEx
LocalAlloc
GetVersionExW
lstrlenW
LocalFree
LocalReAlloc
LoadLibraryExA

msvcrt

free
realloc
malloc
_initterm
_adjust_fdiv
__dllonexit
_onexit
_vsnwprintf
_except_handler3
wcslen
wcscmp
_wcsicmp
wcscpy
_strnicmp
_local_unwind2
_ftol
_snwprintf
wcsncmp
_iob
fwrite
strtol
_wtoi
_itow
swprintf
wcsncpy
atoi
qsort
wcstok
swscanf
_vsnprintf
memmove

ntdll

RtlRandomEx
RtlDowncaseUnicodeString
RtlOemStringToUnicodeString
RtlInitString
RtlPrefixString
NtFsControlFile
NtCreateFile
RtlConvertSidToUnicodeString
RtlFreeUnicodeString
RtlGetNtProductType
NtQuerySystemInformation
NtQueryVolumeInformationFile
NtEnumerateValueKey
NtOpenKey
RtlCreateEnvironment
RtlSetCurrentEnvironment
RtlDestroyEnvironment
RtlExpandEnvironmentStrings_U
RtlInitUnicodeStringEx
RtlQueryEnvironmentVariable_U
RtlInitUnicodeString
RtlSetEnvironmentVariable
RtlImageNtHeader
RtlDosPathNameToNtPathName_U
NtOpenFile
RtlFreeHeap
NtQueryInformationFile
NtClose
NtSetInformationFile
RtlNtStatusToDosError
RtlUnicodeStringToOemString

rpcrt4

RpcStringFreeW
RpcBindingFree
RpcAsyncCompleteCall
RpcAsyncCancelCall
RpcAsyncInitializeHandle
RpcBindingFromStringBindingW
RpcStringBindingComposeW
NdrAsyncClientCall

shlwapi

ColorHLSToRGB
ord207
ord404
ord479
ord56
ord271
StrRetToBSTR
ord283
ord80
ord1
ord560
ord526
ord533
ord525
ord534
ord263
ord265
ord178
ord488
PathAddExtensionW
ord242
ord240
StrToIntA
ord384
ord546
ord167
PathCanonicalizeW
ord538
StrPBrkW
ord52
ord550
ord556
ord541
ord486
StrToInt64ExW
ord551
SHGetInverseCMAP
ord450
ord531
ord12
ord532
ord214
StrCatChainW
ord407
ord381
PathUnmakeSystemFolderW
ord267
PathBuildRootA
ord157
ord171
StrRetToStrW
wnsprintfA
ord409
PathGetArgsA
ord496
ord18
ord19
ord17
PathRelativePathToW
ord21
ord20
ord22
ord168
ord284
PathIsDirectoryA
StrDupA
SHQueryInfoKeyW
SHEnumKeyExW
ord177
ord345
SHCreateShellPalette
ord166
ord512
ord513
ord520
ord535
UrlIsA
UrlCombineA
PathCreateFromUrlA
StrFormatKBSizeW
SHCreateStreamOnFileEx
ord485
ord472
ord471
ord554
ord553
ord218
SHRegSetUSValueW
ord163
UrlGetLocationW
UrlGetPartW
ord2
ord206
SHCreateStreamOnFileW
ord382
SHRegQueryUSValueW
AssocQueryStringByKeyW
ord268
ord552
ord511
AssocIsDangerous
ord231
UrlApplySchemeW
SHIsLowMemoryMachine
UrlUnescapeW
UrlCombineW
UrlCreateFromPathW
ord191
ord225
AssocQueryKeyW
PathRenameExtensionW
ord548
ord510
SHRegSetPathW
ord444
ord466
ord464
StrCpyW
ord194
ord172
PathIsURLA
ord11
ord197
ord518
SHDeleteKeyA
ord537
ord184
ord237
ColorRGBToHLS
ord260
PathCreateFromUrlW
ord256
ord505
ord278
ord173
ord536
ord179
ord545
ord515
ord539
ord204
ord164
ord484
ord198
ord234
ord229
ord288
SHRegisterValidateTemplate
SHDeleteValueW
ord508
SHRegQueryInfoUSKeyW
SHRegEnumUSKeyW
ord506
ord497
ord187
ord507
SHRegOpenUSKeyW
SHRegEnumUSValueW
SHRegCloseUSKey
SHDeleteKeyW
ord477
ord499
ord495
ord494
SHGetThreadRef
ord199
GetMenuPosFromID
ord23
ord192
SHRegDuplicateHKey
StrToIntExW
ord348
ord441
ord175
ord517
ord433
ord519
StrCmpLogicalW
ord266
ord439
PathIsNetworkPathW
ord176
ord487
ord294
PathSkipRootW
ord355
ord174
ord186
SHSkipJunction
ord213
ord316
ord317
ord212
ord544
ord216
PathIsContentTypeW
SHSetValueW
SHRegGetUSValueW
SHCopyKeyW
SHStrDupW
ord540
ord413
SHRegGetBoolUSValueW
AssocCreate
ord219
StrCmpW
AssocGetPerceivedType
ord165
PathQuoteSpacesA
wvnsprintfW
StrTrimA
ord483
SHOpenRegStream2W
ord7
ord10
ord8
ord9
ord516
PathMakeSystemFolderW
PathUnExpandEnvStringsW
ord473
ord474
ord448
ord456
ord452
PathFindNextComponentW
PathAppendA
ord445
PathIsDirectoryW
PathIsURLW
PathParseIconLocationW
PathMatchSpecW
PathQuoteSpacesW
PathIsRootA
PathRemoveFileSpecA
PathRemoveBlanksW
PathRemoveArgsW
PathMakePrettyW
PathIsPrefixW
ord6
ord4
StrRetToBufW
ord549
ord476
ord236
ord24
ord239
ord459
PathIsUNCServerW
PathIsUNCServerShareW
PathGetArgsW
PathUnquoteSpacesW
UrlIsW
ord446
ord346
PathIsFileSpecW
PathFindOnPathW
StrCSpnW
SHRegGetValueW
ord16
ord424
PathCompactPathExW
StrCmpIW
IntlStrEqWorkerW
ord158
AssocQueryStringW
StrFormatByteSizeW
ord354
ord300
ord210
ord208
ord211
ord509
PathRemoveExtensionA
PathFindFileNameA
ord514
PathGetCharTypeW
ord195
ord220
ord221
ord478
ord481
ord201
ord269
ord270
ord461
ord388
StrChrA
StrChrIA
StrChrIW
StrChrW
StrCmpNA
StrCmpNIA
StrCmpNIW
StrCmpNW
StrRChrA
StrRChrIA
StrRChrIW
StrRChrW
StrRStrIA
StrRStrIW
StrStrA
StrStrIA
StrStrIW
StrStrW
SHQueryValueExW
StrCatBuffW
SHGetValueW
StrCpyNW
wnsprintfW
ord437
ord193
PathCombineW
ord223
ord423
ord491
ord224
StrToIntW
PathFindFileNameW
ord475
PathIsDirectoryEmptyW
PathIsUNCW
PathGetDriveNumberW
ord460
ord344
PathStripToRootW
PathAppendW
PathRemoveBackslashW
PathFindExtensionW
ord244
ord241
PathCommonPrefixW
PathBuildRootW
PathAddBackslashW
PathFileExistsW
ord215
PathRemoveFileSpecW
ord217
ord365
ord342
ord222
ord152
ord169
PathIsSameRootW
PathIsLFNFileSpecW
StrDupW
ord292
ord563
SHAutoComplete
PathSetDlgItemPathW
PathStripPathW
PathCompactPathW
PathIsRelativeW
PathRemoveExtensionW
PathIsRootW
ord156
PathFindSuffixArrayW
ord200

user32

PrivateExtractIconExW
PrivateExtractIconExA
SetShellWindowEx
GetTaskmanWindow
SetTaskmanWindow
AnimateWindow
AdjustWindowRectEx
NotifyWinEvent
SystemParametersInfoA
HideCaret
ShowCaret
LockSetForegroundWindow
TrackPopupMenuEx
SetMenu
CreateWindowExW
CreateDialogParamW
DialogBoxParamW
DefWindowProcA
SendMessageA
GetSystemMetrics
LoadStringW
ShowWindow
GetDlgItem
SendDlgItemMessageW
SetDlgItemTextW
GetDlgItemTextW
SetWindowTextW
GetWindowTextW
EndPaint
LoadImageW
GetClientRect
BeginPaint
EndDialog
GetShellWindow
LoadCursorW
SetCursor
DestroyIcon
DestroyWindow
SetWindowPos
MapWindowPoints
GetWindowRect
SetWindowLongW
GetKeyState
GetWindowLongW
SendMessageW
LoadIconW
MessageBoxW
DeferWindowPos
EndDeferWindowPos
BeginDeferWindowPos
ReleaseDC
DrawTextW
GetDC
SetFocus
EnableWindow
SetPropW
IsWindowEnabled
GetPropW
MonitorFromWindow
PostMessageW
DispatchMessageW
TranslateMessage
IsDialogMessageW
PeekMessageW
SetForegroundWindow
MonitorFromPoint
GetCursorPos
GetWindow
SetTimer
GetMessageW
GetClassNameW
EnumWindows
CopyIcon
RemovePropW
GetWindowThreadProcessId
IsWindow
GetLastActivePopup
GetSysColor
PrivateExtractIconsW
CreateIconIndirect
GetIconInfo
LookupIconIdFromDirectory
ScreenToClient
UpdateWindow
LoadStringA
MessageBoxA
GetWindowTextA
InvalidateRect
DrawFocusRect
DrawIcon
WinHelpW
SendNotifyMessageW
GetAncestor
ExitWindowsEx
EnableMenuItem
GetAsyncKeyState
EqualRect
IntersectRect
GetMonitorInfoW
IsWindowVisible
GetForegroundWindow
RegisterWindowMessageW
SendMessageTimeoutW
DefWindowProcW
RegisterClassW
GetClassInfoW
FindWindowW
SwitchToThisWindow
GetParent
OffsetRect
MessageBeep
CharNextA
CharNextW
IsCharAlphaW
CharUpperW
CharUpperA
CharToOemBuffA
OemToCharBuffA
UnregisterClassW
GetSysColorBrush
CopyRect
InflateRect
TabbedTextOutW
GrayStringW
FillRect
DrawFrameControl
DrawEdge
CheckDlgButton
IsIconic
GetWindowPlacement
MapVirtualKeyW
SetDlgItemTextA
IsDlgButtonChecked
GetDlgItemTextA
GetDlgItemInt
EnumChildWindows
SetDlgItemInt
GetNextDlgTabItem
FrameRect
CheckRadioButton
GetDlgCtrlID
GetFocus
IsChild
LoadBitmapW
MonitorFromRect
MoveWindow
AdjustWindowRect
SetRect
SystemParametersInfoW
CloseDesktop
OpenInputDesktop
GetWindowModuleFileNameW
AllowSetForegroundWindow
RegisterDeviceNotificationW
UnregisterDeviceNotification
GetMessagePos
DeleteMenu
InsertMenuItemW
CreatePopupMenu
GetMenuItemInfoW
InsertMenuW
GetMenuItemCount
TrackPopupMenu
GetUserObjectInformationW
GetThreadDesktop
GetProcessWindowStation
RegisterClipboardFormatW
CharLowerW
LoadMenuW
DestroyMenu
GetClipboardOwner
CountClipboardFormats
ModifyMenuW
GetMenuState
GetMenuDefaultItem
SetMenuDefaultItem
SetMenuItemInfoW
GetMenuItemID
KillTimer
AppendMenuW
CheckMenuRadioItem
FindWindowExW
SetClipboardViewer
PtInRect
GetScrollInfo
GetDoubleClickTime
LoadAcceleratorsW
RedrawWindow
GetSubMenu
CreateMenu
CheckMenuItem
ChangeClipboardChain
TranslateAcceleratorW
ClientToScreen
GetDesktopWindow
EnumDisplayDevicesW
GetDCEx
DestroyCursor
GetCursor
DrawIconEx
CopyImage
ShowCursor
UpdateLayeredWindow
LockWindowUpdate
BringWindowToTop
BroadcastSystemMessageW
SetActiveWindow
AttachThreadInput
GetWindowDC
SetCapture
ReleaseCapture
CallWindowProcW
RegisterClassExW
MsgWaitForMultipleObjects
PostThreadMessageW
SendMessageCallbackW
MsgWaitForMultipleObjectsEx
DeregisterShellHookWindow
RegisterShellHookWindow
FreeDDElParam
UnpackDDElParam
PackDDElParam
IsWindowUnicode
WaitForInputIdle
MessageBoxIndirectW
CloseClipboard
SetClipboardData
GetClipboardData
OpenClipboard
CharUpperBuffW
MapDialogRect
GetLastInputInfo
GetClassInfoExW
PostQuitMessage
RemoveMenu
SetScrollInfo
wsprintfW
SetWindowRgn
DestroyAcceleratorTable
UnionRect
TrackMouseEvent
GetWindowTextLengthW
ChildWindowFromPoint
InvalidateRgn
CreateAcceleratorTableW
DrawStateW
GetScrollPos
GetCapture
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
WindowFromPoint
GetWindowRgn
GetUpdateRect
SetClassLongW
GetClassLongW
GetMenuStringW
ValidateRect
SetRectEmpty
GetWindowLongA
FindWindowA
DdeQueryConvInfo
DdeFreeStringHandle
DdeCreateStringHandleW
DdeCreateDataHandle
DdeNameService
DdeGetLastError
DdeGetData
DdeQueryStringW
DdeDisconnect
DdeUninitialize
DdeInitializeW
EnumDisplayMonitors
EnumDisplaySettingsW
SubtractRect
IsRectEmpty
SetParent
WaitMessage
PaintDesktop
DrawAnimatedRects
CharPrevW
DrawTextExW
GetDialogBaseUnits
GetActiveWindow

Exports

Exports

Activate_RunDLL
AppCompat_RunDLLW
CDefFolderMenu_Create
CDefFolderMenu_Create2
CallCPLEntry16
CheckEscapesA
CheckEscapesW
CommandLineToArgvW
Control_FillCache_RunDLL
Control_FillCache_RunDLLA
Control_FillCache_RunDLLW
Control_RunDLL
Control_RunDLLA
Control_RunDLLAsUserW
Control_RunDLLW
DAD_AutoScroll
DAD_DragEnterEx
DAD_DragEnterEx2
DAD_DragLeave
DAD_DragMove
DAD_SetDragImage
DAD_ShowDragImage
DllCanUnloadNow
DllGetClassObject
DllGetVersion
DllInstall
DllRegisterServer
DllUnregisterServer
DoEnvironmentSubstA
DoEnvironmentSubstW
DragAcceptFiles
DragFinish
DragQueryFile
DragQueryFileA
DragQueryFileAorW
DragQueryFileW
DragQueryPoint
DriveType
DuplicateIcon
ExtractAssociatedIconA
ExtractAssociatedIconExA
ExtractAssociatedIconExW
ExtractAssociatedIconW
ExtractIconA
ExtractIconEx
ExtractIconExA
ExtractIconExW
ExtractIconResInfoA
ExtractIconResInfoW
ExtractIconW
ExtractVersionResource16W
FindExeDlgProc
FindExecutableA
FindExecutableW
FreeIconList
GetFileNameFromBrowse
ILAppendID
ILClone
ILCloneFirst
ILCombine
ILCreateFromPath
ILCreateFromPathA
ILCreateFromPathW
ILFindChild
ILFindLastID
ILFree
ILGetNext
ILGetSize
ILIsEqual
ILIsParent
ILLoadFromStream
ILRemoveLastID
ILSaveToStream
InternalExtractIconListA
InternalExtractIconListW
IsLFNDrive
IsLFNDriveA
IsLFNDriveW
IsNetDrive
IsUserAnAdmin
OpenAs_RunDLL
OpenAs_RunDLLA
OpenAs_RunDLLW
OpenRegStream
Options_RunDLL
Options_RunDLLA
Options_RunDLLW
PathCleanupSpec
PathGetShortPath
PathIsExe
PathIsSlowA
PathIsSlowW
PathMakeUniqueName
PathProcessCommand
PathQualify
PathResolve
PathYetAnotherMakeUniqueName
PickIconDlg
PifMgr_CloseProperties
PifMgr_GetProperties
PifMgr_OpenProperties
PifMgr_SetProperties
PrintersGetCommand_RunDLL
PrintersGetCommand_RunDLLA
PrintersGetCommand_RunDLLW
ReadCabinetState
RealDriveType
RealShellExecuteA
RealShellExecuteExA
RealShellExecuteExW
RealShellExecuteW
RegenerateUserEnvironment
RestartDialog
RestartDialogEx
SHAddFromPropSheetExtArray
SHAddToRecentDocs
SHAlloc
SHAllocShared
SHAppBarMessage
SHBindToParent
SHBrowseForFolder
SHBrowseForFolderA
SHBrowseForFolderW
SHCLSIDFromString
SHChangeNotification_Lock
SHChangeNotification_Unlock
SHChangeNotify
SHChangeNotifyDeregister
SHChangeNotifyRegister
SHChangeNotifySuspendResume
SHCloneSpecialIDList
SHCoCreateInstance
SHCreateDirectory
SHCreateDirectoryExA
SHCreateDirectoryExW
SHCreateFileExtractIconW
SHCreateLocalServerRunDll
SHCreateProcessAsUserW
SHCreatePropSheetExtArray
SHCreateQueryCancelAutoPlayMoniker
SHCreateShellFolderView
SHCreateShellFolderViewEx
SHCreateShellItem
SHCreateStdEnumFmtEtc
SHDefExtractIconA
SHDefExtractIconW
SHDestroyPropSheetExtArray
SHDoDragDrop
SHEmptyRecycleBinA
SHEmptyRecycleBinW
SHEnableServiceObject
SHEnumerateUnreadMailAccountsW
SHExtractIconsW
SHFileOperation
SHFileOperationA
SHFileOperationW
SHFindFiles
SHFind_InitMenuPopup
SHFlushClipboard
SHFlushSFCache
SHFormatDrive
SHFree
SHFreeNameMappings
SHFreeShared
SHGetAttributesFromDataObject
SHGetDataFromIDListA
SHGetDataFromIDListW
SHGetDesktopFolder
SHGetDiskFreeSpaceA
SHGetDiskFreeSpaceExA
SHGetDiskFreeSpaceExW
SHGetFileInfo
SHGetFileInfoA
SHGetFileInfoW
SHGetFolderLocation
SHGetFolderPathA
SHGetFolderPathAndSubDirA
SHGetFolderPathAndSubDirW
SHGetFolderPathW
SHGetIconOverlayIndexA
SHGetIconOverlayIndexW
SHGetImageList
SHGetInstanceExplorer
SHGetMalloc
SHGetNewLinkInfo
SHGetNewLinkInfoA
SHGetNewLinkInfoW
SHGetPathFromIDList
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetRealIDL
SHGetSetFolderCustomSettingsW
SHGetSetSettings
SHGetSettings
SHGetShellStyleHInstance
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
SHGetUnreadMailCountW
SHHandleUpdateImage
SHHelpShortcuts_RunDLL
SHHelpShortcuts_RunDLLA
SHHelpShortcuts_RunDLLW
SHILCreateFromPath
SHInvokePrinterCommandA
SHInvokePrinterCommandW
SHIsFileAvailableOffline
SHLimitInputEdit
SHLoadInProc
SHLoadNonloadedIconOverlayIdentifiers
SHLoadOLE
SHLockShared
SHMapIDListToImageListIndexAsync
SHMapPIDLToSystemImageListIndex
SHMultiFileProperties
SHObjectProperties
SHOpenFolderAndSelectItems
SHOpenPropSheetW
SHParseDisplayName
SHPathPrepareForWriteA
SHPathPrepareForWriteW
SHPropStgCreate
SHPropStgReadMultiple
SHPropStgWriteMultiple
SHQueryRecycleBinA
SHQueryRecycleBinW
SHReplaceFromPropSheetExtArray
SHRestricted
SHRunControlPanel
SHSetInstanceExplorer
SHSetLocalizedName
SHSetUnreadMailCountW
SHShellFolderView_Message
SHSimpleIDListFromPath
SHStartNetConnectionDialogW
SHTestTokenMembership
SHUnlockShared
SHUpdateImageA
SHUpdateImageW
SHUpdateRecycleBinIcon
SHValidateUNC
SheChangeDirA
SheChangeDirExA
SheChangeDirExW
SheChangeDirW
SheConvertPathW
SheFullPathA
SheFullPathW
SheGetCurDrive
SheGetDirA
SheGetDirExW
SheGetDirW
SheGetPathOffsetW
SheRemoveQuotesA
SheRemoveQuotesW
SheSetCurDrive
SheShortenPathA
SheShortenPathW
ShellAboutA
ShellAboutW
ShellExec_RunDLL
ShellExec_RunDLLA
ShellExec_RunDLLW
ShellExecuteA
ShellExecuteEx
ShellExecuteExA
ShellExecuteExW
ShellExecuteW
ShellHookProc
ShellMessageBoxA
ShellMessageBoxW
Shell_GetCachedImageIndex
Shell_GetImageLists
Shell_MergeMenus
Shell_NotifyIcon
Shell_NotifyIconA
Shell_NotifyIconW
SignalFileOpen
StrChrA
StrChrIA
StrChrIW
StrChrW
StrCmpNA
StrCmpNIA
StrCmpNIW
StrCmpNW
StrCpyNA
StrCpyNW
StrNCmpA
StrNCmpIA
StrNCmpIW
StrNCmpW
StrNCpyA
StrNCpyW
StrRChrA
StrRChrIA
StrRChrIW
StrRChrW
StrRStrA
StrRStrIA
StrRStrIW
StrRStrW
StrStrA
StrStrIA
StrStrIW
StrStrW
WOWShellExecute
Win32DeleteFile
WriteCabinetState

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
货单票据打印助手/su.dll
货单票据打印助手/user32.dll
.dll windows:5 windows x86 arch:x86

f7fe27ab17063e396df0905182b8e5e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

GetClipRgn
ExtSelectClipRgn
GetHFONT
GetMapMode
SetGraphicsMode
GetClipBox
CreateRectRgn
CreateRectRgnIndirect
SetLayout
GetBoundsRect
ExcludeClipRect
PlayEnhMetaFile
CreatePen
Ellipse
CreateEllipticRgn
GdiFixUpHandle
GetTextCharacterExtra
SetTextCharacterExtra
GetCurrentObject
GetViewportOrgEx
SetViewportOrgEx
PolyPatBlt
CreateBrushIndirect
SetBoundsRect
CopyEnhMetaFileW
CopyMetaFileW
GetPaletteEntries
CreatePalette
SetPaletteEntries
bInitSystemAndFontsDirectoriesW
bMakePathNameW
cGetTTFFromFOT
GetPixel
ExtTextOutA
GetTextCharsetInfo
QueryFontAssocStatus
GetCharWidthInfo
GetCharWidthA
GetTextFaceW
GetCharABCWidthsA
GetCharABCWidthsW
SetBrushOrgEx
CreateFontIndirectW
EnumFontsW
GetTextFaceAliasW
GetTextMetricsW
GetTextColor
GetBkMode
GetViewportExtEx
GetWindowExtEx
GdiGetCharDimensions
GdiGetCodePage
GetTextCharset
GdiPrinterThunk
GdiAddFontResourceW
TranslateCharsetInfo
SaveDC
OffsetWindowOrgEx
RestoreDC
ExtTextOutW
GetObjectType
GetDIBits
CreateDIBSection
SetStretchBltMode
SelectPalette
RealizePalette
SetDIBits
CreateDCW
CreateDIBitmap
CreateCompatibleBitmap
SetBitmapBits
DeleteDC
GdiValidateHandle
GdiProcessSetup
CreateSolidBrush
GetStockObject
CreateCompatibleDC
GdiConvertBitmapV5
GdiCreateLocalEnhMetaFile
GdiCreateLocalMetaFilePict
GetRgnBox
CombineRgn
OffsetRgn
MirrorRgn
EnableEUDC
GdiConvertToDevmodeW
GetTextExtentPointA
GetTextExtentPointW
CreateBitmap
SetLayoutWidth
PatBlt
TextOutA
TextOutW
BitBlt
GdiConvertAndCheckDC
StretchBlt
SetRectRgn
GdiReleaseDC
GdiConvertEnhMetaFile
GdiConvertMetaFilePict
DeleteEnhMetaFile
DeleteMetaFile
DeleteObject
GetDIBColorTable
GetDeviceCaps
StretchDIBits
GetLayout
SetBkColor
SetTextColor
GetObjectW
GetBkColor
SetBkMode
SelectObject
IntersectClipRect
GetTextAlign
SetTextAlign
GdiDllInitialize

kernel32

LocalSize
LocalUnlock
SizeofResource
LoadResource
FindResourceExW
FindResourceExA
GetModuleHandleW
DisableThreadLibraryCalls
GetCurrentThreadId
IsDBCSLeadByteEx
SearchPathW
ExpandEnvironmentStringsW
LoadLibraryExW
GlobalAddAtomW
GetSystemDirectoryW
GetComputerNameW
GetCurrentProcess
GetCurrentThread
ExitThread
GetExitCodeThread
CreateThread
HeapReAlloc
GlobalHandle
FoldStringW
Sleep
GetStringTypeW
GetStringTypeA
GetCPInfo
HeapSize
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
ReadFile
SetFileTime
GetFileTime
GetSystemWindowsDirectoryW
CopyFileW
MoveFileW
DeleteFileW
CreateProcessW
AddAtomA
AddAtomW
GetAtomNameW
GetAtomNameA
IsValidLocale
ConvertDefaultLocale
CompareStringW
GetCurrentDirectoryW
SetCurrentDirectoryW
lstrlenW
GetLogicalDrives
FindClose
FindNextFileW
FindFirstFileW
GetThreadLocale
VirtualFree
ProcessIdToSessionId
GetCurrentProcessId
InterlockedCompareExchange
IsDBCSLeadByte
LCMapStringW
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount
lstrlenA
GlobalFindAtomA
GetModuleFileNameA
GetModuleHandleA
GlobalAddAtomA
DelayLoadFailureHook
LoadLibraryA
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LocalLock
LocalReAlloc
GetACP
GetOEMCP
InterlockedIncrement
InterlockedDecrement
SetLastError
GlobalFindAtomW
GlobalAlloc
MultiByteToWideChar
GlobalReAlloc
GetLastError
GetProcAddress
LoadLibraryW
FreeLibrary
lstrcpynW
CreateFileW
WritePrivateProfileStringW
lstrcmpiW
SetEvent
WaitForMultipleObjectsEx
WideCharToMultiByte
GlobalFlags
GetLocaleInfoW
GlobalFree
GetModuleFileNameW
GlobalGetAtomNameW
GlobalGetAtomNameA
InterlockedExchange
DeleteAtom
LocalAlloc
GlobalDeleteAtom
LocalFree
GlobalSize
GlobalLock
GlobalUnlock
GetUserDefaultLCID
HeapAlloc
HeapFree
lstrcpyW
lstrcatW
GetPrivateProfileStringW
RegisterWaitForInputIdle

ntdll

NtQueryVirtualMemory
RtlUnwind
RtlNtStatusToDosError
NlsAnsiCodePage
RtlAllocateHeap
qsort
RtlMultiByteToUnicodeSize
LdrFlushAlternateResourceModules
RtlPcToFileHeader
wcsrchr
NtRaiseHardError
RtlIsNameLegalDOS8Dot3
strrchr
sscanf
NtQueryKey
NtEnumerateValueKey
RtlRunEncodeUnicodeString
RtlRunDecodeUnicodeString
_wcsicmp
CsrAllocateCaptureBuffer
CsrCaptureMessageBuffer
CsrFreeCaptureBuffer
NtOpenThreadToken
NtOpenProcessToken
NtQueryInformationToken
CsrClientCallServer
memmove
NtCallbackReturn
RtlUnicodeToMultiByteSize
RtlActivateActivationContextUnsafeFast
RtlDeactivateActivationContextUnsafeFast
RtlInitializeCriticalSection
NtQuerySystemInformation
swprintf
RtlDeleteCriticalSection
RtlImageNtHeader
CsrClientConnectToServer
NtYieldExecution
NtCreateKey
NtSetValueKey
NtDeleteValueKey
RtlQueryInformationActiveActivationContext
RtlReleaseActivationContext
RtlFreeHeap
wcsncpy
wcscmp
wcstoul
wcscat
RtlInitAnsiString
RtlAnsiStringToUnicodeString
RtlCreateUnicodeStringFromAsciiz
RtlFreeUnicodeString
NtOpenDirectoryObject
_chkstk
wcscpy
wcsncat
NtSetSecurityObject
NtQuerySecurityObject
NtQueryInformationProcess
wcstol
wcslen
RtlFindActivationContextSectionString
RtlMultiByteToUnicodeN
RtlUnicodeToMultiByteN
RtlLeaveCriticalSection
RtlEnterCriticalSection
RtlOpenCurrentUser
NtEnumerateKey
NtOpenKey
NtClose
NtQueryValueKey
RtlInitUnicodeString
RtlUnicodeStringToInteger

Exports

Exports

ActivateKeyboardLayout
AdjustWindowRect
AdjustWindowRectEx
AlignRects
AllowForegroundActivation
AllowSetForegroundWindow
AnimateWindow
AnyPopup
AppendMenuA
AppendMenuW
ArrangeIconicWindows
AttachThreadInput
BeginDeferWindowPos
BeginPaint
BlockInput
BringWindowToTop
BroadcastSystemMessage
BroadcastSystemMessageA
BroadcastSystemMessageExA
BroadcastSystemMessageExW
BroadcastSystemMessageW
BuildReasonArray
CalcMenuBar
CallMsgFilter
CallMsgFilterA
CallMsgFilterW
CallNextHookEx
CallWindowProcA
CallWindowProcW
CascadeChildWindows
CascadeWindows
ChangeClipboardChain
ChangeDisplaySettingsA
ChangeDisplaySettingsExA
ChangeDisplaySettingsExW
ChangeDisplaySettingsW
ChangeMenuA
ChangeMenuW
CharLowerA
CharLowerBuffA
CharLowerBuffW
CharLowerW
CharNextA
CharNextExA
CharNextW
CharPrevA
CharPrevExA
CharPrevW
CharToOemA
CharToOemBuffA
CharToOemBuffW
CharToOemW
CharUpperA
CharUpperBuffA
CharUpperBuffW
CharUpperW
CheckDlgButton
CheckMenuItem
CheckMenuRadioItem
CheckRadioButton
ChildWindowFromPoint
ChildWindowFromPointEx
CliImmSetHotKey
ClientThreadSetup
ClientToScreen
ClipCursor
CloseClipboard
CloseDesktop
CloseWindow
CloseWindowStation
CopyAcceleratorTableA
CopyAcceleratorTableW
CopyIcon
CopyImage
CopyRect
CountClipboardFormats
CreateAcceleratorTableA
CreateAcceleratorTableW
CreateCaret
CreateCursor
CreateDesktopA
CreateDesktopW
CreateDialogIndirectParamA
CreateDialogIndirectParamAorW
CreateDialogIndirectParamW
CreateDialogParamA
CreateDialogParamW
CreateIcon
CreateIconFromResource
CreateIconFromResourceEx
CreateIconIndirect
CreateMDIWindowA
CreateMDIWindowW
CreateMenu
CreatePopupMenu
CreateSystemThreads
CreateWindowExA
CreateWindowExW
CreateWindowStationA
CreateWindowStationW
CsrBroadcastSystemMessageExW
CtxInitUser32
DdeAbandonTransaction
DdeAccessData
DdeAddData
DdeClientTransaction
DdeCmpStringHandles
DdeConnect
DdeConnectList
DdeCreateDataHandle
DdeCreateStringHandleA
DdeCreateStringHandleW
DdeDisconnect
DdeDisconnectList
DdeEnableCallback
DdeFreeDataHandle
DdeFreeStringHandle
DdeGetData
DdeGetLastError
DdeGetQualityOfService
DdeImpersonateClient
DdeInitializeA
DdeInitializeW
DdeKeepStringHandle
DdeNameService
DdePostAdvise
DdeQueryConvInfo
DdeQueryNextServer
DdeQueryStringA
DdeQueryStringW
DdeReconnect
DdeSetQualityOfService
DdeSetUserHandle
DdeUnaccessData
DdeUninitialize
DefDlgProcA
DefDlgProcW
DefFrameProcA
DefFrameProcW
DefMDIChildProcA
DefMDIChildProcW
DefRawInputProc
DefWindowProcA
DefWindowProcW
DeferWindowPos
DeleteMenu
DeregisterShellHookWindow
DestroyAcceleratorTable
DestroyCaret
DestroyCursor
DestroyIcon
DestroyMenu
DestroyReasons
DestroyWindow
DeviceEventWorker
DialogBoxIndirectParamA
DialogBoxIndirectParamAorW
DialogBoxIndirectParamW
DialogBoxParamA
DialogBoxParamW
DisableProcessWindowsGhosting
DispatchMessageA
DispatchMessageW
DisplayExitWindowsWarnings
DlgDirListA
DlgDirListComboBoxA
DlgDirListComboBoxW
DlgDirListW
DlgDirSelectComboBoxExA
DlgDirSelectComboBoxExW
DlgDirSelectExA
DlgDirSelectExW
DragDetect
DragObject
DrawAnimatedRects
DrawCaption
DrawCaptionTempA
DrawCaptionTempW
DrawEdge
DrawFocusRect
DrawFrame
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawMenuBarTemp
DrawStateA
DrawStateW
DrawTextA
DrawTextExA
DrawTextExW
DrawTextW
EditWndProc
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndDeferWindowPos
EndDialog
EndMenu
EndPaint
EndTask
EnterReaderModeHelper
EnumChildWindows
EnumClipboardFormats
EnumDesktopWindows
EnumDesktopsA
EnumDesktopsW
EnumDisplayDevicesA
EnumDisplayDevicesW
EnumDisplayMonitors
EnumDisplaySettingsA
EnumDisplaySettingsExA
EnumDisplaySettingsExW
EnumDisplaySettingsW
EnumPropsA
EnumPropsExA
EnumPropsExW
EnumPropsW
EnumThreadWindows
EnumWindowStationsA
EnumWindowStationsW
EnumWindows
EqualRect
ExcludeUpdateRgn
ExitWindowsEx
FillRect
FindWindowA
FindWindowExA
FindWindowExW
FindWindowW
FlashWindow
FlashWindowEx
FrameRect
FreeDDElParam
GetActiveWindow
GetAltTabInfo
GetAltTabInfoA
GetAltTabInfoW
GetAncestor
GetAppCompatFlags
GetAppCompatFlags2
GetAsyncKeyState
GetCapture
GetCaretBlinkTime
GetCaretPos
GetClassInfoA
GetClassInfoExA
GetClassInfoExW
GetClassInfoW
GetClassLongA
GetClassLongW
GetClassNameA
GetClassNameW
GetClassWord
GetClientRect
GetClipCursor
GetClipboardData
GetClipboardFormatNameA
GetClipboardFormatNameW
GetClipboardOwner
GetClipboardSequenceNumber
GetClipboardViewer
GetComboBoxInfo
GetCursor
GetCursorFrameInfo
GetCursorInfo
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDialogBaseUnits
GetDlgCtrlID
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
GetDlgItemTextW
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetGUIThreadInfo
GetGuiResources
GetIconInfo
GetInputDesktop
GetInputState
GetInternalWindowPos
GetKBCodePage
GetKeyNameTextA
GetKeyNameTextW
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardLayoutNameA
GetKeyboardLayoutNameW
GetKeyboardState
GetKeyboardType
GetLastActivePopup
GetLastInputInfo
GetLayeredWindowAttributes
GetListBoxInfo
GetMenu
GetMenuBarInfo
GetMenuCheckMarkDimensions
GetMenuContextHelpId
GetMenuDefaultItem
GetMenuInfo
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuItemInfoW
GetMenuItemRect
GetMenuState
GetMenuStringA
GetMenuStringW
GetMessageA
GetMessageExtraInfo
GetMessagePos
GetMessageTime
GetMessageW
GetMonitorInfoA
GetMonitorInfoW
GetMouseMovePointsEx
GetNextDlgGroupItem
GetNextDlgTabItem
GetOpenClipboardWindow
GetParent
GetPriorityClipboardFormat
GetProcessDefaultLayout
GetProcessWindowStation
GetProgmanWindow
GetPropA
GetPropW
GetQueueStatus
GetRawInputBuffer
GetRawInputData
GetRawInputDeviceInfoA
GetRawInputDeviceInfoW
GetRawInputDeviceList
GetReasonTitleFromReasonCode
GetRegisteredRawInputDevices
GetScrollBarInfo
GetScrollInfo
GetScrollPos
GetScrollRange
GetShellWindow
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTabbedTextExtentA
GetTabbedTextExtentW
GetTaskmanWindow
GetThreadDesktop
GetTitleBarInfo
GetTopWindow
GetUpdateRect
GetUpdateRgn
GetUserObjectInformationA
GetUserObjectInformationW
GetUserObjectSecurity
GetWinStationInfo
GetWindow
GetWindowContextHelpId
GetWindowDC
GetWindowInfo
GetWindowLongA
GetWindowLongW
GetWindowModuleFileName
GetWindowModuleFileNameA
GetWindowModuleFileNameW
GetWindowPlacement
GetWindowRect
GetWindowRgn
GetWindowRgnBox
GetWindowTextA
GetWindowTextLengthA
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
GetWindowWord
GrayStringA
GrayStringW
HideCaret
HiliteMenuItem
IMPGetIMEA
IMPGetIMEW
IMPQueryIMEA
IMPQueryIMEW
IMPSetIMEA
IMPSetIMEW
ImpersonateDdeClientWindow
InSendMessage
InSendMessageEx
InflateRect
InitializeLpkHooks
InitializeWin32EntryTable
InsertMenuA
InsertMenuItemA
InsertMenuItemW
InsertMenuW
InternalGetWindowText
IntersectRect
InvalidateRect
InvalidateRgn
InvertRect
IsCharAlphaA
IsCharAlphaNumericA
IsCharAlphaNumericW
IsCharAlphaW
IsCharLowerA
IsCharLowerW
IsCharUpperA
IsCharUpperW
IsChild
IsClipboardFormatAvailable
IsDialogMessage
IsDialogMessageA
IsDialogMessageW
IsDlgButtonChecked
IsGUIThread
IsHungAppWindow
IsIconic
IsMenu
IsRectEmpty
IsServerSideWindow
IsWinEventHookInstalled
IsWindow
IsWindowEnabled
IsWindowInDestroy
IsWindowUnicode
IsWindowVisible
IsZoomed
KillSystemTimer
KillTimer
LoadAcceleratorsA
LoadAcceleratorsW
LoadBitmapA
LoadBitmapW
LoadCursorA
LoadCursorFromFileA
LoadCursorFromFileW
LoadCursorW
LoadIconA
LoadIconW
LoadImageA
LoadImageW
LoadKeyboardLayoutA
LoadKeyboardLayoutEx
LoadKeyboardLayoutW
LoadLocalFonts
LoadMenuA
LoadMenuIndirectA
LoadMenuIndirectW
LoadMenuW
LoadRemoteFonts
LoadStringA
LoadStringW
LockSetForegroundWindow
LockWindowStation
LockWindowUpdate
LockWorkStation
LookupIconIdFromDirectory
LookupIconIdFromDirectoryEx
MBToWCSEx
MB_GetString
MapDialogRect
MapVirtualKeyA
MapVirtualKeyExA
MapVirtualKeyExW
MapVirtualKeyW
MapWindowPoints
MenuItemFromPoint
MenuWindowProcA
MenuWindowProcW
MessageBeep
MessageBoxA
MessageBoxExA
MessageBoxExW
MessageBoxIndirectA
MessageBoxIndirectW
MessageBoxTimeoutA
MessageBoxTimeoutW
MessageBoxW
ModifyMenuA
ModifyMenuW
MonitorFromPoint
MonitorFromRect
MonitorFromWindow
MoveWindow
MsgWaitForMultipleObjects
MsgWaitForMultipleObjectsEx
NotifyWinEvent
OemKeyScan
OemToCharA
OemToCharBuffA
OemToCharBuffW
OemToCharW
OffsetRect
OpenClipboard

Sections

.text
Size: 380KB - Virtual size: 379KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
货单票据打印助手/使用说明.txt
货单票据打印助手/修复打印失灵补丁.reg
货单票据打印助手/开启服务.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

test
Size: - Virtual size: 988KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

data
Size: 625KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
货单票据打印助手/开始绿化.bat
.bat .vbs
货单票据打印助手/打开就能玩的热门游戏.url
货单票据打印助手/新云软件.url
.url
货单票据打印助手/添加到桌面.bat
.bat .vbs
货单票据打印助手/货单票据打印助手.exe
.exe windows:4 windows x86 arch:x86

64c41fc3b1c04131fb0eeff18392ee44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarTstGt
_CIcos
_adj_fptan
__vbaVarMove
__vbaStrI4
__vbaVarVargNofree
__vbaFreeVar
__vbaAryMove
__vbaLateIdCall
__vbaStrVarMove
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
ord518
__vbaRecAnsiToUni
__vbaStrCat
__vbaVarCmpNe
__vbaLsetFixstr
__vbaSetSystemError
__vbaHresultCheckObj
__vbaLenVar
_adj_fdiv_m32
__vbaVarTstLe
__vbaAryDestruct
__vbaObjSet
__vbaOnError
ord595
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaStrFixstr
ord520
__vbaBoolVarNull
_CIsin
__vbaVargVarMove
__vbaVarCmpGt
__vbaChkstk
ord526
EVENT_SINK_AddRef
__vbaStrCmp
__vbaVarTstEq
__vbaI2I4
__vbaObjVar
DllFunctionCall
__vbaVarOr
_adj_fpatan
__vbaR4Var
__vbaLateIdCallLd
__vbaRecUniToAnsi
EVENT_SINK_Release
ord600
_CIsqrt
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord608
ord716
__vbaFPException
__vbaInStrVar
ord717
__vbaStrVarVal
__vbaVarCat
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaNew2
__vbaVar2Vec
__vbaVarLateMemCallLdRf
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarTstNe
__vbaVarSetVar
__vbaI4Var
__vbaVarCmpEq
__vbaLateMemCall
__vbaStrToAnsi
__vbaVarDup
__vbaVarLateMemCallLd
__vbaFpI4
ord617
__vbaVarSetObjAddref
_CIatan
__vbaStrMove
_allmul
__vbaLateIdSt
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
货单票据打印助手/默认系统打印边距为零.reg

Sharing

General

Malware Config

Signatures

Files

c8cebbf034d8c6304701e5ec3fae70a4

Code Sign

Signer

Headers

File Characteristics

Imports

version

comctl32

kernel32

user32

ole32

advapi32

oleaut32

comdlg32

gdi32

Exports

Exports

Sections

.text Size: 332KB - Virtual size: 332KB

.data Size: 7KB - Virtual size: 7KB

.rsrc Size: 224KB - Virtual size: 224KB

.reloc Size: 24KB - Virtual size: 23KB

c78b62c1feda53e018e3bc7fa4a262b7

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

4b:ea:81:7c:ba:c7:c3:8a:ba:72:e7:be:6f:00:de:6dCertificate

Extended Key Usages

Key Usages

cd:3e:63:1e:88:3a:7b:1c:fc:62:9b:7e:d0:38:04:ff:10:cc:60:5eSigner

Headers

File Characteristics

Imports

version

winmm

wininet

crypt32

rpcrt4

oleaut32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

urlmon

ws2_32

Exports

Exports

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 280KB - Virtual size: 276KB

.data Size: 196KB - Virtual size: 1.0MB

.rodata Size: 4KB - Virtual size: 192B

.rsrc Size: 52KB - Virtual size: 48KB

.reloc Size: 80KB - Virtual size: 79KB

d940cf5b3d0dfb340396c0608ef1a0c5

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88Certificate

Extended Key Usages

Key Usages

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6Certificate

.text
Size: 332KB - Virtual size: 332KB

.data
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 224KB - Virtual size: 224KB

.reloc
Size: 24KB - Virtual size: 23KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

4b:ea:81:7c:ba:c7:c3:8a:ba:72:e7:be:6f:00:de:6d
Certificate

cd:3e:63:1e:88:3a:7b:1c:fc:62:9b:7e:d0:38:04:ff:10:cc:60:5e
Signer

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 280KB - Virtual size: 276KB

.data
Size: 196KB - Virtual size: 1.0MB

.rodata
Size: 4KB - Virtual size: 192B

.rsrc
Size: 52KB - Virtual size: 48KB

.reloc
Size: 80KB - Virtual size: 79KB

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

61:0e:7d:a7:00:00:00:00:00:48
Certificate

8a:cb:1c:af:c1:a1:9a:a8:ba:91:ac:e1:6b:ab:e7:b6:18:25:e9:91
Signer

.text
Size: 68KB - Virtual size: 66KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 36KB - Virtual size: 32KB

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 13KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 2KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 108KB - Virtual size: 106KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 24KB - Virtual size: 22KB

.text
Size: 100KB - Virtual size: 97KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 20KB - Virtual size: 17KB

.reloc
Size: 8KB - Virtual size: 6KB

.text
Size: 520KB - Virtual size: 520KB

.data
Size: 9KB - Virtual size: 16KB

.rsrc
Size: 565KB - Virtual size: 564KB

.reloc
Size: 23KB - Virtual size: 22KB