971df722255c8311f6883b562a45e0ab

Sharing

Copy URL Twitter E-mail

General

Target

971df722255c8311f6883b562a45e0ab
Size

1.9MB
MD5

971df722255c8311f6883b562a45e0ab
SHA1

543f2502dccf56ef99048b1ce988f7e97cfce158
SHA256

8f951003824602cacdbb351c35c11e6a5dd82945b4ea705390f2942e9bbf6521
SHA512

d6b04d3969079b3dc359127a7c09eddd083e47a1992cf81063abf50a5e57bafda6dac5e4234c875b43320b9066f1bcfce699e7ae96be38a12d62081ff9a8606f
SSDEEP

49152:n2G2G5BHY4LCLN9aGk5xoZEwJbik30vnQ4MJ9p2jem2j/:2HGDv2RSxoZZJb70vnQjJ9Vm2j/

Score

3^/10

Malware Config

Signatures

Unsigned PE 22 IoCs

Checks for missing Authenticode signature.

resource
unpack001/WinRAR4/Default.SFX
unpack001/WinRAR4/Formats/7z.fmt
unpack001/WinRAR4/Formats/7zxa.dll
unpack001/WinRAR4/Formats/UNACEV2.DLL
unpack001/WinRAR4/Formats/ace.fmt
unpack001/WinRAR4/Formats/arj.fmt
unpack001/WinRAR4/Formats/bz2.fmt
unpack001/WinRAR4/Formats/cab.fmt
unpack001/WinRAR4/Formats/gz.fmt
unpack001/WinRAR4/Formats/iso.fmt
unpack001/WinRAR4/Formats/lzh.fmt
unpack001/WinRAR4/Formats/tar.fmt
unpack001/WinRAR4/Formats/uue.fmt
unpack001/WinRAR4/Formats/z.fmt
unpack001/WinRAR4/Rar.exe
unpack001/WinRAR4/RarExt.dll
unpack001/WinRAR4/RarExt64.dll
unpack001/WinRAR4/UnRAR.exe
unpack001/WinRAR4/Uninstall.exe
unpack001/WinRAR4/WinCon.SFX
unpack001/WinRAR4/WinRAR.exe
unpack001/WinRAR4/Zip.SFX

Files

971df722255c8311f6883b562a45e0ab
.rar
WinRAR4/Default.SFX
.exe windows:5 windows x86 arch:x86

93ff054b805e17efd7f7ae1730680391

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\SFX\build\sfxrar32\Release\sfxrar.pdb

Imports

comctl32

InitCommonControlsEx
ord17

shlwapi

SHAutoComplete

kernel32

DeleteFileW
DeleteFileA
CreateDirectoryA
CreateDirectoryW
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
GetTickCount
WideCharToMultiByte
GlobalAlloc
GetVersionExW
GetFullPathNameA
GetFullPathNameW
GetModuleFileNameW
FindResourceW
GetModuleHandleW
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
CompareStringA
ExitProcess
GetLocaleInfoW
GetNumberFormatW
DosDateTimeToFileTime
GetTimeFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
WaitForSingleObject
Sleep
GetTempPathW
MoveFileExW
UnmapViewOfFile
GetCommandLineW
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
SetEnvironmentVariableW
GetProcAddress
LocalFileTimeToFileTime
SystemTimeToFileTime
GetSystemTime
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
SetCurrentDirectoryW
GetCurrentDirectoryW
LoadLibraryW
FreeLibrary
SetFileAttributesW
SetFileAttributesA
GetFileAttributesW
GetFileAttributesA
WriteFile
GetStdHandle
SetLastError
ReadFile
CreateFileW
CreateFileA
GetFileType
SetEndOfFile
SetFilePointer
MoveFileW
SetFileTime
GetCurrentProcess
CloseHandle
GetLastError
GetDateFormatW

user32

wvsprintfW
ReleaseDC
GetDC
SendMessageW
SetDlgItemTextW
SetFocus
EndDialog
DestroyIcon
SendDlgItemMessageW
GetDlgItemTextW
GetClassNameW
DialogBoxParamW
IsWindowVisible
WaitForInputIdle
SetForegroundWindow
GetSysColor
PostMessageW
LoadBitmapW
LoadIconW
CharToOemA
OemToCharA
FindWindowExW
wvsprintfA
GetParent
MapWindowPoints
CreateWindowExW
UpdateWindow
SetWindowTextW
LoadCursorW
RegisterClassExW
SetWindowLongW
GetWindowLongW
DefWindowProcW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
GetClientRect
IsWindow
CharToOemBuffW
MessageBoxW
ShowWindow
GetDlgItem
EnableWindow
OemToCharBuffA
CharUpperA
CharToOemBuffA
LoadStringW
SetWindowPos
GetWindowTextW
GetSystemMetrics
GetWindow
CharUpperW
GetWindowRect
CopyRect

gdi32

GetDeviceCaps
GetObjectW
CreateCompatibleBitmap
SelectObject
StretchBlt
CreateCompatibleDC
DeleteObject
DeleteDC

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

advapi32

RegOpenKeyExW
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
SetFileSecurityW
SetFileSecurityA
AdjustTokenPrivileges

shell32

SHChangeNotify
ShellExecuteExW
SHFileOperationW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

CreateStreamOnHGlobal
OleInitialize
CoCreateInstance
OleUninitialize
CLSIDFromString

oleaut32

VariantInit

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
WinRAR4/Descript.ion
WinRAR4/Formats/7z.fmt
.dll windows:5 windows x86 arch:x86

810ff85253ea0da9e4270285b177dcc2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\7z\build\32\Release\7z.pdb

Imports

kernel32

GetLastError
SetFilePointer
WriteFile
ReadFile
CompareStringA
MultiByteToWideChar
WideCharToMultiByte
CompareStringW
FreeLibrary
LoadLibraryA
AreFileApisANSI
LoadLibraryW
SetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
SetFileAttributesA
RemoveDirectoryA
CreateDirectoryA
CloseHandle
RemoveDirectoryW
CreateDirectoryW
FindClose
FindFirstFileA
FindFirstFileW
SetLastError
GetFileSize
SetEndOfFile
GetProcAddress
lstrcmpiW
GetModuleFileNameW
LCMapStringW
LCMapStringA
GetStringTypeW
GetVersionExA
CreateFileW
SetFileAttributesW
CreateFileA
GetStringTypeA
EnterCriticalSection
LeaveCriticalSection
GetFileType
RtlUnwind
RaiseException
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameA
HeapFree
HeapAlloc
GetModuleHandleA
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
VirtualAlloc
HeapSize

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

oleaut32

VariantClear
SysFreeString
SysAllocString

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinRAR4/Formats/7zxa.dll
.dll windows:4 windows x86 arch:x86

961ffb8f71d3099e6afd08b41dae82e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

SysAllocString
VariantClear
SysFreeString
SysAllocStringByteLen

user32

CharUpperA
CharUpperW

kernel32

GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
GetLastError
GetSystemInfo
GetProcAddress
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
WaitForMultipleObjects
GetVersionExA
DeleteCriticalSection
VirtualAlloc
VirtualFree
CloseHandle
WaitForSingleObject
CreateEventA
SetEvent
ResetEvent
InitializeCriticalSection
HeapAlloc
RaiseException
HeapFree
RtlUnwind
HeapReAlloc
CreateThread
GetCurrentThreadId
TlsSetValue
TlsGetValue
ExitThread
GetCommandLineA
GetVersion
ExitProcess
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
IsBadWritePtr
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
SetLastError
TerminateProcess
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
LCMapStringA
LCMapStringW
GetStringTypeA

Exports

Exports

CreateObject
GetHandlerProperty
GetHandlerProperty2
GetMethodProperty
GetNumberOfFormats
GetNumberOfMethods
SetLargePageMode

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinRAR4/Formats/UNACEV2.DLL
.dll windows:1 windows x86 arch:x86

8390514c40641509cd0941c1fb7588ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

ShellExecuteA
ShellExecuteExA

kernel32

AllocConsole
CloseHandle
CreateDirectoryA
CreateFileA
CreateProcessA
DeleteFileA
DeviceIoControl
DisableThreadLibraryCalls
DosDateTimeToFileTime
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeConsole
GetCommandLineA
GetConsoleCursorInfo
GetConsoleScreenBufferInfo
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFileInformationByHandle
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetSystemTime
GetTempPathA
GetTimeZoneInformation
GetVersion
GetVolumeInformationA
GlobalMemoryStatus
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
LCMapStringA
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
PeekConsoleInputA
ReadConsoleInputA
ReadConsoleOutputAttribute
ReadConsoleOutputA
ReadFile
RemoveDirectoryA
ScrollConsoleScreenBufferA
SearchPathA
SetConsoleCtrlHandler
SetConsoleCursorInfo
SetConsoleCursorPosition
SetConsoleScreenBufferSize
SetConsoleWindowInfo
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetStdHandle
Sleep
SystemTimeToFileTime
TerminateProcess
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteConsoleOutputA
WriteConsoleOutputCharacterA
WriteFile

advapi32

RegCloseKey
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

gdi32

CreateFontA
DeleteObject

user32

CharToOemBuffA
CreateDialogParamA
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
GetDlgItem
GetDlgItemTextA
GetKeyState
GetWindowTextA
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
MessageBeep
MessageBoxA
OemToCharBuffA
PeekMessageA
SendDlgItemMessageA
SetCursor
SetDlgItemTextA
SetFocus
SetTimer
SetWindowTextA
ShowCursor
ShowWindow
TranslateMessage

Exports

Exports

ACEExtract
ACEInitDll
ACEList
ACEReadArchiveData
ACETest
___DllMainCRTStartup@12

Sections

AUTO
Size: 59KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 210KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
WinRAR4/Formats/ace.fmt
.dll windows:5 windows x86 arch:x86

03ee27585fbe4280f8bce8f0a2a3c262

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\ace\build\32\Release\ace.pdb

Imports

kernel32

LocalFileTimeToFileTime
DosDateTimeToFileTime
GetCurrentDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
SetEndOfFile
ReadFile
RaiseException
GetLastError
HeapFree
HeapAlloc
RtlUnwind
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFileType
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetModuleHandleA
Sleep
WideCharToMultiByte
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetStdHandle
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersion
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
CreateFileA
CloseHandle
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProcessHeap

user32

OemToCharA

Exports

Exports

Close
Extract
GetComment
GetListItem
GetNextName
Open
Prepare

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinRAR4/Formats/arj.fmt
.dll windows:5 windows x86 arch:x86

1e364ee23def5d605ef85e53a4bded2d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\arj\build\32\Release\arj.pdb

Imports

kernel32

GetFileAttributesA
SetFileAttributesA
CloseHandle
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateFileA
CreateDirectoryA
HeapAlloc
GetLastError
HeapFree
DeleteFileA
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
MultiByteToWideChar
ReadFile
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
HeapDestroy
GetModuleHandleA
Sleep
GetProcAddress
GetModuleHandleW
ExitProcess
GetModuleFileNameA
SetFilePointer
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersion
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
LoadLibraryA
CreateFileW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
SetEndOfFile
GetProcessHeap
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

user32

OemToCharA

Exports

Exports

Close
Extract
GetComment
GetListItem
GetNextName
Open
Prepare

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinRAR4/Formats/bz2.fmt
.dll windows:5 windows x86 arch:x86

a571b72321514a15e5ef913d5ddebafb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\bzip2\build\32\Release\bz2.pdb

Imports

kernel32

GetProcAddress
GetModuleHandleA
CreateFileA
CloseHandle
GetLastError
SetFilePointer
WriteFile
CreateHardLinkA
GetFullPathNameA
GetFileAttributesA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetFileSize
ReadFile
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFileTime
CreateDirectoryA
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
DeleteFileA
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
SetLastError
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
RtlUnwind
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetModuleHandleW
ExitProcess
GetModuleFileNameA
MultiByteToWideChar
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
SetEndOfFile
GetProcessHeap
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinRAR4/Formats/cab.fmt
.dll windows:5 windows x86 arch:x86

18a24461d3867eae573f22f70e5bc4cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\cab\build\32\Release\cab.pdb

Imports

kernel32

LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFilePointer
ReadFile
CloseHandle
CreateFileA
HeapAlloc
HeapFree
DeleteFileA
WaitForSingleObject
CreateProcessA
CreateFileW
lstrcmpiA
SetFileAttributesA
SetFileTime
CreateDirectoryA
HeapDestroy
FreeLibrary
HeapCreate
GetProcAddress
GetShortPathNameA
LoadLibraryA
GetLastError
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetModuleHandleA
Sleep
WideCharToMultiByte
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersion
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
SetEndOfFile
GetProcessHeap

Exports

Exports

Close
Extract
GetListItem
GetNextName
Open
Prepare

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinRAR4/Formats/gz.fmt
.dll windows:5 windows x86 arch:x86

a5558bec30dbda6969f609ece32f46dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\gz\build\32\Release\gz.pdb

Imports

kernel32

CreateFileA
CreateFileW
GetVersionExA
CloseHandle
GetLastError
SetFilePointer
WriteFile
GetProcAddress
GetModuleHandleA
ReadFile
CreateHardLinkA
GetFullPathNameA
GetFileAttributesA
SetCurrentDirectoryA
GetCurrentDirectoryA
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileTime
SetFileTime
CreateDirectoryA
FileTimeToDosDateTime
FileTimeToLocalFileTime
DeleteFileA
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
HeapFree
HeapReAlloc
HeapAlloc
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
SetLastError
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetModuleHandleW
ExitProcess
GetModuleFileNameA
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
FlushFileBuffers
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
SetEndOfFile
GetProcessHeap
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinRAR4/Formats/iso.fmt
.dll windows:5 windows x86 arch:x86

abfb7f92f2f56435c1982b30abece301

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\iso\build\32\Release\iso.pdb

Imports

kernel32

CreateFileA
CreateFileW
GetVersionExA
CloseHandle
GetLastError
SetFilePointer
WriteFile
SystemTimeToFileTime
ReadFile
DeleteFileW
SetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
CreateDirectoryW
SetFileAttributesW
GetFileAttributesW
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
HeapFree
HeapAlloc
RtlUnwind
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
SetLastError
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
GetModuleHandleA
WideCharToMultiByte
GetProcAddress
GetModuleHandleW
ExitProcess
GetModuleFileNameA
GetConsoleCP
GetConsoleMode
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
SetEndOfFile
GetProcessHeap

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinRAR4/Formats/lzh.fmt
.dll windows:5 windows x86 arch:x86

d1fafdeb635fd965ec8877edeb363ff6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\lzh\build\32\Release\lzh.pdb

Imports

kernel32

LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFileAttributesA
CreateDirectoryA
SetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetLastError
HeapFree
HeapAlloc
RtlUnwind
DeleteFileA
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
RaiseException
GetCurrentThreadId
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
ReadFile
SetFilePointer
CloseHandle
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
GetModuleHandleA
Sleep
GetProcAddress
GetModuleHandleW
ExitProcess
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetVersion
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CreateFileW
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
CreateFileA
SetEndOfFile
GetProcessHeap
HeapSize
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

user32

OemToCharA

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinRAR4/Formats/tar.fmt
.dll windows:5 windows x86 arch:x86

5cba4bbbe1a10a51c0adbfce2eea3e54

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\tar\build\32\Release\tar.pdb

Imports

kernel32

CreateFileA
CreateFileW
GetVersionExA
CloseHandle
GetLastError
SetFilePointer
WriteFile
GetFileSize
GetProcAddress
GetModuleHandleA
ReadFile
CreateHardLinkA
GetFullPathNameA
GetFileAttributesA
SetCurrentDirectoryA
GetCurrentDirectoryA
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFileTime
CreateDirectoryA
FileTimeToDosDateTime
FileTimeToLocalFileTime
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
HeapFree
DeleteFileA
HeapAlloc
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
SetLastError
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
RtlUnwind
GetModuleHandleW
ExitProcess
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
FlushFileBuffers
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
SetEndOfFile
GetProcessHeap
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinRAR4/Formats/uue.fmt
.dll windows:5 windows x86 arch:x86

92d227f3b96bb1ef31d08aaeb66b079a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\uue\build\32\Release\uue.pdb

Imports

kernel32

CreateFileA
CreateFileW
CloseHandle
GetLastError
SetFilePointer
WriteFile
ReadFile
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
SetLastError
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
HeapFree
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
RtlUnwind
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapAlloc
HeapReAlloc
VirtualAlloc
FlushFileBuffers
MultiByteToWideChar
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
HeapSize
SetEndOfFile
GetProcessHeap
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinRAR4/Formats/z.fmt
.dll windows:5 windows x86 arch:x86

690706108c4d5618e6012f84061ddfa3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\Z\build\32\Release\z.pdb

Imports

kernel32

CreateFileA
CreateFileW
GetVersionExA
CloseHandle
GetLastError
SetFilePointer
WriteFile
GetProcAddress
GetModuleHandleA
ReadFile
CreateHardLinkA
GetFullPathNameA
GetFileAttributesA
SetCurrentDirectoryA
GetCurrentDirectoryA
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFileTime
CreateDirectoryA
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileTime
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
HeapReAlloc
HeapAlloc
HeapFree
DeleteFileA
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
SetLastError
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
RtlUnwind
GetModuleHandleW
ExitProcess
GetModuleFileNameA
FlushFileBuffers
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
SetEndOfFile
GetProcessHeap
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 434KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinRAR4/License.txt
WinRAR4/Package.ini
WinRAR4/Rar.exe
.exe windows:5 windows x86 arch:x86

434e8913d710f61d1d0d6dfce78e8d29

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\rar\build\rar32\Release\RAR.pdb

Imports

kernel32

GetLastError
GetCurrentDirectoryW
CloseHandle
GetCurrentProcess
CreateFileW
BackupRead
BackupSeek
SetFileTime
MoveFileW
FlushFileBuffers
SetFilePointer
SetEndOfFile
GetFileTime
GetFileType
CreateFileA
ReadFile
WriteFile
GetDriveTypeA
GetDiskFreeSpaceA
GetVolumeInformationA
GetFileAttributesA
GetFileAttributesW
SetFileAttributesA
SetFileAttributesW
MoveFileA
DeleteFileA
DeleteFileW
RemoveDirectoryA
RemoveDirectoryW
DeviceIoControl
CreateDirectoryA
CreateDirectoryW
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
GetVersionExW
CreateThread
FormatMessageW
GetProcessAffinityMask
WaitForSingleObject
SetEvent
ResetEvent
WaitForMultipleObjects
CreateEventW
GetFullPathNameA
GetFullPathNameW
GetModuleFileNameA
GetModuleFileNameW
SetErrorMode
FreeLibrary
LoadLibraryW
LoadLibraryExW
CompareStringA
SetThreadPriority
GetCurrentThread
SetPriorityClass
SetCurrentDirectoryA
GetCurrentDirectoryA
LocalFileTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetEnvironmentVariableA
GetLocaleInfoA
LocalFree
SetConsoleCtrlHandler
Sleep
GetTickCount
GetSystemTime
SystemTimeToFileTime
GetStdHandle
GetConsoleMode
SetConsoleMode
ReadConsoleW
SetLastError
GetModuleHandleW
ExitThread
GetProcAddress
GetStringTypeW
GetStringTypeA
GetConsoleCP
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
HeapFree
HeapReAlloc
HeapAlloc
RtlUnwind
GetModuleHandleA
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
RaiseException
GetACP
GetOEMCP
IsValidCodePage
HeapSize
LoadLibraryA
GetVersion
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount

user32

CharLowerW
ExitWindowsEx
CharUpperA
CharLowerA
LoadStringW
CharUpperW
OemToCharBuffW
CharToOemA
CharToOemBuffA
OemToCharA
OemToCharBuffA
CharToOemBuffW

advapi32

RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetFileSecurityW
GetFileSecurityA
GetSecurityDescriptorLength
SetFileSecurityW
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW

shell32

SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHFileOperationW

Sections

.text
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinRAR4/RarExt.dll
.dll windows:5 windows x86 arch:x86

fe39fa4b802fa06aa43e7bcb72864ddf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\RarExt\build\32\Release\rarext.pdb

Imports

comctl32

DestroyPropertySheetPage
CreatePropertySheetPageW
ord8

kernel32

DeleteFileW
DeleteFileA
CreateDirectoryW
GetVersionExW
GetFullPathNameA
GetFullPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetLocaleInfoW
GetNumberFormatW
GetDriveTypeW
ExpandEnvironmentStringsW
WaitForSingleObject
FindResourceW
LoadLibraryExW
CompareStringA
GetCurrentProcess
Sleep
SystemTimeToFileTime
FileTimeToSystemTime
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
GetTempPathW
GetLastError
SetFileAttributesW
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
LoadLibraryA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetConsoleMode
GetConsoleCP
HeapSize
InitializeCriticalSectionAndSpinCount
GetVersion
GetStartupInfoA
SetHandleCount
ExitProcess
GetModuleHandleA
SetFileAttributesA
GetFileAttributesW
GetFileAttributesA
GetModuleHandleW
WriteFile
SetLastError
SetFileTime
GetStdHandle
ReadFile
CreateFileW
CreateFileA
GetFileType
SetFilePointer
FlushFileBuffers
CloseHandle
FindFirstFileW
FindNextFileW
FindClose
LoadLibraryW
GetProcAddress
FreeLibrary
DosDateTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
HeapDestroy
HeapCreate
VirtualAlloc
VirtualFree
DeleteCriticalSection
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
RaiseException
GetSystemTimeAsFileTime
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GetCommandLineA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement

user32

OemToCharA
CharUpperW
CharLowerW
CharLowerA
CharToOemA
LoadStringW
GetWindowRect
SetWindowPos
GetWindowTextW
GetSystemMetrics
GetWindow
GetClassNameW
CharUpperA
GetWindowLongW
SetWindowTextW
GetSysColor
LoadImageW
SendDlgItemMessageW
SetDlgItemTextW
SetWindowLongW
GetDlgItemTextW
GetClientRect
BeginPaint
EndPaint
CreatePopupMenu
InsertMenuItemW
GetParent
InvalidateRect
GetDC
SendMessageW
ReleaseDC
ShowWindow
GetDlgItem

gdi32

GetObjectW
CreateCompatibleDC
GetPixel
SetPixel
DeleteDC
CreatePen
CreateSolidBrush
SetTextColor
TextOutW
Polygon
Polyline
DeleteObject
SelectObject
GetTextFaceW
GetTextMetricsW
CreateFontW
GetDeviceCaps

advapi32

RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey

shell32

DragQueryFileW
ShellExecuteExW
SHGetPathFromIDListW

ole32

ReleaseStgMedium

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinRAR4/RarExt64.dll
.dll windows:5 windows x64 arch:x64

1ccfd7c74c5ad23c47d3bc22e4fe0e3e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\RarExt\build\64\Release\rarext.pdb

Imports

comctl32

DestroyPropertySheetPage
CreatePropertySheetPageW
ord8

kernel32

SetFileAttributesW
DeleteFileW
DeleteFileA
CreateDirectoryW
GetVersionExW
GetFullPathNameA
GetFullPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetLocaleInfoW
GetNumberFormatW
GetDriveTypeW
ExpandEnvironmentStringsW
FindResourceW
LoadLibraryExW
CompareStringA
GetCurrentProcess
Sleep
SystemTimeToFileTime
FileTimeToSystemTime
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
GetTempPathW
FlushFileBuffers
SetFileAttributesA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
LoadLibraryA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetConsoleMode
GetConsoleCP
HeapSize
InitializeCriticalSectionAndSpinCount
GetVersion
DeleteCriticalSection
GetStartupInfoA
SetHandleCount
RtlCaptureContext
GetFileAttributesW
GetFileAttributesA
GetModuleHandleW
WriteFile
SetLastError
SetFileTime
GetStdHandle
ReadFile
CreateFileW
CreateFileA
GetFileType
SetFilePointer
GetLastError
FindFirstFileW
WaitForSingleObject
CloseHandle
FindNextFileW
FindClose
LoadLibraryW
GetProcAddress
FreeLibrary
DosDateTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapDestroy
HeapCreate
HeapSetInformation
ExitProcess
RtlLookupFunctionEntry
RtlUnwindEx
HeapAlloc
HeapFree
RtlFillMemory
HeapReAlloc
RaiseException
RtlPcToFileHeader
GetSystemTimeAsFileTime
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
FlsSetValue
GetCommandLineA
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc

user32

OemToCharA
CharLowerW
CharUpperA
CharLowerA
CharToOemA
LoadStringW
GetWindowRect
SetWindowPos
GetWindowTextW
GetSystemMetrics
GetWindow
GetClassNameW
CharUpperW
GetWindowLongW
SetWindowLongW
SetWindowTextW
LoadImageW
GetSysColor
SendDlgItemMessageW
SetDlgItemTextW
SetWindowLongPtrW
GetDlgItemTextW
GetClientRect
BeginPaint
EndPaint
CreatePopupMenu
InsertMenuItemW
GetParent
InvalidateRect
GetDC
SendMessageW
ReleaseDC
ShowWindow
GetDlgItem

gdi32

GetObjectW
CreateCompatibleDC
GetPixel
SetPixel
DeleteDC
CreatePen
CreateSolidBrush
SetTextColor
TextOutW
Polygon
Polyline
DeleteObject
SelectObject
GetTextFaceW
GetTextMetricsW
CreateFontW
GetDeviceCaps

advapi32

RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetPathFromIDListW
DragQueryFileW
ShellExecuteExW

ole32

ReleaseStgMedium

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinRAR4/RarFiles.lst
WinRAR4/UnRAR.exe
.exe windows:5 windows x86 arch:x86

1da1fb3d1356bfe063e7074a84c82ba0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\rar\build\unrar32\Release\UnRAR.pdb

Imports

kernel32

GetCurrentProcess
SetFileTime
MoveFileW
FlushFileBuffers
SetFilePointer
SetEndOfFile
GetFileType
CreateFileA
CreateFileW
ReadFile
SetLastError
WriteFile
GetDriveTypeA
GetDiskFreeSpaceA
GetProcAddress
GetModuleHandleW
GetFileAttributesA
GetFileAttributesW
SetFileAttributesA
SetFileAttributesW
MoveFileA
DeleteFileA
DeleteFileW
DeviceIoControl
CreateDirectoryA
CreateDirectoryW
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
CloseHandle
GetFullPathNameA
GetModuleFileNameA
GetModuleFileNameW
SetErrorMode
FreeLibrary
LoadLibraryW
LoadLibraryExW
CompareStringA
SetThreadPriority
GetCurrentThread
SetPriorityClass
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemTime
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetEnvironmentVariableA
GetLocaleInfoA
GetCurrentDirectoryW
GetLastError
FormatMessageW
LocalFree
SetConsoleCtrlHandler
Sleep
GetStdHandle
GetConsoleMode
SetConsoleMode
GetVersionExW
ReadConsoleW
GetStringTypeW
GetStringTypeA
GetConsoleCP
GetCurrentProcessId
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
GetModuleHandleA
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapCreate
GetACP
GetOEMCP
IsValidCodePage
RaiseException
HeapSize
LoadLibraryA
GetVersion
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
QueryPerformanceCounter
GetTickCount

user32

CharLowerW
ExitWindowsEx
CharUpperA
CharLowerA
LoadStringW
CharUpperW
CharToOemBuffW
OemToCharBuffW
CharToOemA
OemToCharA
OemToCharBuffA

advapi32

RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
SetFileSecurityW
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW

shell32

SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

Sections

.text
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinRAR4/Uninstall.exe
.exe windows:5 windows x86 arch:x86

0ddc44c438bfbed8290d1c2d60e4751a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\uninstall\build\uninstall32\Release\uninstall.pdb

Imports

kernel32

DeleteFileA
CreateDirectoryA
CreateDirectoryW
GetCurrentProcess
GetModuleFileNameW
GetVersionExW
GetModuleFileNameA
FindResourceW
FreeLibrary
ExpandEnvironmentStringsW
LoadLibraryW
LoadLibraryExW
CompareStringA
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
CopyFileW
GetEnvironmentVariableW
CreateProcessW
GetCurrentDirectoryW
GetTempPathW
MoveFileExW
RemoveDirectoryW
SetCurrentDirectoryW
Sleep
GetCommandLineW
DeleteFileW
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
LoadLibraryA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
RtlUnwind
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetConsoleMode
GetConsoleCP
HeapSize
InterlockedDecrement
GetCurrentThreadId
InterlockedIncrement
TlsFree
ExitProcess
TlsSetValue
TlsAlloc
TlsGetValue
InitializeCriticalSectionAndSpinCount
MoveFileW
SetFileAttributesW
SetFileAttributesA
GetFileAttributesW
GetFileAttributesA
GetModuleHandleW
GetProcAddress
WriteFile
SetLastError
ReadFile
GetStdHandle
CreateFileW
CreateFileA
GetFileType
SetFilePointer
GetLastError
FlushFileBuffers
CloseHandle
TerminateProcess
GetModuleHandleA
HeapCreate
VirtualAlloc
VirtualFree
DeleteCriticalSection
GetStartupInfoA
GetVersion
SetHandleCount
IsDebuggerPresent
SetUnhandledExceptionFilter
RaiseException
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
GetCommandLineA
UnhandledExceptionFilter

user32

LoadStringW
EnableWindow
GetDlgItem
ShowWindow
GetDC
ReleaseDC
LoadIconW
SetForegroundWindow
GetSysColor
MessageBoxW
SendDlgItemMessageW
SetDlgItemTextW
CharUpperW
CharUpperA
GetWindowRect
GetClientRect
SetWindowPos
GetWindowTextW
SetWindowTextW
GetSystemMetrics
GetWindow
GetClassNameW
GetWindowLongW
SetWindowLongW
DialogBoxParamW
EndDialog
CheckDlgButton
IsDlgButtonChecked
GetParent
SendMessageW
InvalidateRect

gdi32

CreateFontW
DeleteObject
GetDeviceCaps

advapi32

RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

ShellExecuteW
SHChangeNotify
SHFileOperationW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW

ole32

OleInitialize
CoCreateInstance
OleUninitialize

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinRAR4/Uninstall.lst
WinRAR4/WinCon.SFX
.exe windows:5 windows x86 arch:x86

d664338ea009589942dd6aacfe0873b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\rar\build\sfxcon32\Release\sfxcon.pdb

Imports

kernel32

GetLastError
GetCurrentProcess
SetFileTime
MoveFileW
SetFilePointer
SetEndOfFile
GetFileType
CreateFileA
CreateFileW
ReadFile
WriteFile
GetDriveTypeA
GetFileAttributesA
GetFileAttributesW
SetFileAttributesA
SetFileAttributesW
DeleteFileA
DeleteFileW
CreateDirectoryA
CreateDirectoryW
FindClose
FindNextFileA
FindFirstFileA
CloseHandle
FindFirstFileW
GetVersionExW
GetCommandLineA
SetErrorMode
GetModuleFileNameW
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
CompareStringA
ExitProcess
GetProcAddress
GetModuleHandleW
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemTime
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
Sleep
GetStdHandle
GetConsoleMode
SetConsoleMode
FindNextFileW
ReadConsoleW

user32

CharUpperW
LoadStringW
CharToOemBuffA
CharUpperA
wvsprintfW
CharToOemBuffW
OemToCharBuffW
wvsprintfA
CharToOemA
OemToCharBuffA
OemToCharA

advapi32

LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityA
SetFileSecurityW
AdjustTokenPrivileges

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
WinRAR4/WinRAR.chm
.chm
WinRAR4/WinRAR.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: - Virtual size: 940KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 443KB - Virtual size: 444KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
WinRAR4/Zip.SFX
.exe windows:5 windows x86 arch:x86

ececc473fe0400492818c3054a72770e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\SFX\build\sfxzip32\Release\sfxzip.pdb

Imports

comctl32

InitCommonControlsEx
ord17

shlwapi

SHAutoComplete

kernel32

SetFileAttributesA
SetFileAttributesW
MoveFileW
DeleteFileW
DeleteFileA
CreateDirectoryA
CreateDirectoryW
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
GetTickCount
WideCharToMultiByte
GlobalAlloc
GetVersionExW
GetFullPathNameA
GetFullPathNameW
GetModuleFileNameW
FindResourceW
GetModuleHandleW
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
CompareStringA
ExitProcess
GetLocaleInfoW
GetFileAttributesW
DosDateTimeToFileTime
GetDateFormatW
GetTimeFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
WaitForSingleObject
Sleep
GetTempPathW
MoveFileExW
UnmapViewOfFile
GetCommandLineW
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
SetEnvironmentVariableW
GetProcAddress
LocalFileTimeToFileTime
SystemTimeToFileTime
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
SetCurrentDirectoryW
GetCurrentDirectoryW
LoadLibraryW
FreeLibrary
GetFileAttributesA
WriteFile
SetFileTime
GetStdHandle
SetLastError
ReadFile
CreateFileW
CreateFileA
GetFileType
SetFilePointer
CloseHandle
SetEndOfFile
GetLastError
GetNumberFormatW

user32

CharUpperA
OemToCharBuffA
wvsprintfA
wvsprintfW
ReleaseDC
GetDC
SendMessageW
SetDlgItemTextW
SetFocus
EndDialog
DestroyIcon
SendDlgItemMessageW
GetDlgItemTextW
GetClassNameW
DialogBoxParamW
IsWindowVisible
WaitForInputIdle
SetForegroundWindow
GetSysColor
PostMessageW
LoadBitmapW
CharToOemBuffA
CharToOemA
OemToCharA
FindWindowExW
UpdateWindow
SetWindowTextW
LoadCursorW
RegisterClassExW
SetWindowLongW
GetWindowLongW
DefWindowProcW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
GetClientRect
IsWindow
MessageBoxW
ShowWindow
GetDlgItem
EnableWindow
LoadStringW
SetWindowPos
GetWindowTextW
GetSystemMetrics
GetWindow
CharUpperW
GetWindowRect
GetParent
MapWindowPoints
LoadIconW
CreateWindowExW
CopyRect

gdi32

CreateCompatibleDC
GetDeviceCaps
GetObjectW
CreateCompatibleBitmap
SelectObject
StretchBlt
DeleteObject
DeleteDC

advapi32

RegCloseKey
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW

shell32

SHChangeNotify
ShellExecuteExW
SHFileOperationW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

CreateStreamOnHGlobal
OleInitialize
CoCreateInstance
OleUninitialize
CLSIDFromString

oleaut32

VariantInit

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
WinRAR4/rarnew.dat
.rar
WinRAR4/rarreg.key
WinRAR4/zipnew.dat
WinRAR4/软件简介.txt

Sharing

General

Malware Config

Signatures

Files

93ff054b805e17efd7f7ae1730680391

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

shlwapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 70KB - Virtual size: 69KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 63KB

.CRT Size: 512B - Virtual size: 16B

.rsrc Size: 13KB - Virtual size: 13KB

810ff85253ea0da9e4270285b177dcc2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 52KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 3KB - Virtual size: 17KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 6KB

961ffb8f71d3099e6afd08b41dae82e3

Headers

File Characteristics

Imports

oleaut32

user32

kernel32

Exports

Exports

Sections

.text Size: 123KB - Virtual size: 123KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 13KB - Virtual size: 32KB

.sxdata Size: 512B - Virtual size: 4B

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 9KB - Virtual size: 9KB

8390514c40641509cd0941c1fb7588ab

Headers

File Characteristics

Imports

shell32

kernel32

advapi32

gdi32

user32

Exports

Exports

Sections

AUTO Size: 59KB - Virtual size:

.idata Size: 4KB - Virtual size:

DGROUP Size: 4KB - Virtual size:

.bss Size: 210KB - Virtual size:

.edata Size: 512B - Virtual size:

.reloc Size: 5KB - Virtual size:

.rsrc Size: 1KB - Virtual size:

03ee27585fbe4280f8bce8f0a2a3c262

.text
Size: 70KB - Virtual size: 69KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 63KB

.CRT
Size: 512B - Virtual size: 16B

.rsrc
Size: 13KB - Virtual size: 13KB

.text
Size: 52KB - Virtual size: 52KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 3KB - Virtual size: 17KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 6KB

.text
Size: 123KB - Virtual size: 123KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 13KB - Virtual size: 32KB

.sxdata
Size: 512B - Virtual size: 4B

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 9KB - Virtual size: 9KB

AUTO
Size: 59KB - Virtual size:

.idata
Size: 4KB - Virtual size:

DGROUP
Size: 4KB - Virtual size:

.bss
Size: 210KB - Virtual size:

.edata
Size: 512B - Virtual size:

.reloc
Size: 5KB - Virtual size:

.rsrc
Size: 1KB - Virtual size:

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 32KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 6KB

.text
Size: 53KB - Virtual size: 53KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 29KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 4KB

.text
Size: 60KB - Virtual size: 60KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 6KB - Virtual size: 26KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 4KB

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 19KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB