Extracted

• 9969f76b456b3c5920728fa678d7abfe

  .dll windows:4 windows x86 arch:x86

  d0067fcb32a2618b00de96885b3d3d73

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  kernel32

  GetFileSize

  ReadFile

  UnmapViewOfFile

  MapViewOfFile

  CreateFileMappingA

  FindClose

  SetFileAttributesA

  GetFileAttributesA

  FindNextFileA

  FindFirstFileA

  lstrcatA

  SetConsoleTextAttribute

  GetConsoleScreenBufferInfo

  GetStdHandle

  SetUnhandledExceptionFilter

  DeleteFileA

  TerminateProcess

  OpenProcess

  GetCurrentProcessId

  LeaveCriticalSection

  EnterCriticalSection

  Process32Next

  DeleteCriticalSection

  Process32First

  CreateToolhelp32Snapshot

  InitializeCriticalSection

  ReadProcessMemory

  CopyFileA

  GetWindowsDirectoryA

  GetLocalTime

  SetThreadPriority

  GetVersionExA

  GlobalMemoryStatus

  TransactNamedPipe

  GetTimeZoneInformation

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  WaitForSingleObject

  WideCharToMultiByte

  HeapAlloc

  GetProcessHeap

  lstrcmpiA

  lstrcmpA

  lstrcpynA

  GlobalFree

  HeapFree

  InterlockedDecrement

  InterlockedIncrement

  GlobalAlloc

  GetTempFileNameA

  GetTempPathA

  GetEnvironmentVariableA

  GetDriveTypeA

  GetCurrentThread

  SetFilePointer

  GetSystemTime

  GlobalUnlock

  GlobalLock

  GetTimeFormatA

  GetDateFormatA

  TerminateThread

  ExitThread

  CreateFileA

  WriteFile

  GetSystemDirectoryA

  GetModuleHandleA

  GetModuleFileNameA

  CreateProcessA

  ExitProcess

  DisableThreadLibraryCalls

  CreateMutexA

  GetLastError

  LoadLibraryA

  GetProcAddress

  GetCurrentProcess

  CloseHandle

  CreateThread

  Sleep

  GetTickCount

  lstrcpyA

  SetErrorMode

  lstrlenA

  user32

  TranslateMessage

  PeekMessageA

  SendMessageA

  FindWindowA

  FindWindowExA

  wvsprintfA

  CharUpperBuffA

  CharUpperA

  CharLowerA

  CloseClipboard

  DispatchMessageA

  EmptyClipboard

  OpenClipboard

  VkKeyScanA

  GetWindowTextA

  ShowWindow

  SetFocus

  SetForegroundWindow

  BlockInput

  GetWindowPlacement

  SetClipboardData

  GetForegroundWindow

  wsprintfA

  GetClassNameA

  keybd_event

  advapi32

  RegCloseKey

  LookupPrivilegeValueA

  OpenProcessToken

  RegSetValueExA

  RegCreateKeyExA

  RegDeleteValueA

  RegEnumValueA

  SetServiceStatus

  RegisterServiceCtrlHandlerA

  RegOpenKeyExA

  StartServiceA

  CreateServiceA

  OpenServiceA

  OpenSCManagerA

  StartServiceCtrlDispatcherA

  RegQueryValueExA

  ImpersonateLoggedOnUser

  CloseServiceHandle

  EnumServicesStatusA

  RegEnumKeyA

  AdjustTokenPrivileges

  shell32

  ShellExecuteA

  ole32

  CoCreateInstance

  CoInitialize

  CoUninitialize

  oleaut32

  VariantClear

  VariantCopy

  VariantInit

  SysAllocString

  VariantChangeType

  odbc32

  ord41

  ord31

  ord75

  ord11

  ord3

  ord24

  ws2_32

  closesocket

  ntohl

  ntohs

  ioctlsocket

  inet_addr

  getsockname

  WSAStartup

  listen

  bind

  setsockopt

  htons

  gethostbyaddr

  inet_ntoa

  gethostbyname

  getpeername

  connect

  socket

  recv

  send

  WSACleanup

  sendto

  recvfrom

  select

  accept

  __WSAFDIsSet

  WSAGetLastError

  htonl

  WSASocketA

  wininet

  InternetOpenA

  HttpSendRequestA

  HttpOpenRequestA

  InternetConnectA

  InternetCrackUrlA

  InternetReadFile

  InternetCloseHandle

  InternetOpenUrlA

  psapi

  GetModuleBaseNameA

  EnumProcesses

  EnumProcessModules

  mpr

  WNetAddConnection2A

  netapi32

  NetWkstaUserGetInfo

  NetApiBufferFree

  msvcp60

  ??0Init@ios_base@std@@QAE@XZ

  ??0_Winit@std@@QAE@XZ

  ??1_Winit@std@@QAE@XZ

  ??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

  ?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBD@Z

  ?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBD@Z

  ?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z

  ??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z

  ??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

  ?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ

  ??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

  ?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHPBD@Z

  ?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z

  ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

  ?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z

  ??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z

  ??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z

  ??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z

  ?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z

  ?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z

  ??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ

  ??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAD@Z

  ??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z

  ??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z

  ?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IABV12@II@Z

  ?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z

  ?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

  ??1Init@ios_base@std@@QAE@XZ

  msvcrt

  _stricmp

  exit

  _snprintf

  sprintf

  strcmp

  memset

  strncat

  strcpy

  strncpy

  strstr

  free

  malloc

  __CxxFrameHandler

  ??2@YAPAXI@Z

  strlen

  rand

  strcat

  _vsnprintf

  memcpy

  fclose

  fread

  fseek

  _adjust_fdiv

  _initterm

  _onexit

  __dllonexit

  __mb_cur_max

  _isctype

  _pctype

  tolower

  _iob

  fflush

  srand

  _ftol

  strtok

  fgets

  fprintf

  toupper

  printf

  _strcmpi

  _except_handler3

  realloc

  _purecall

  sscanf

  fopen

  atoi

  strtoul

  strchr

  Sections

  .text

  Size: 106KB - Virtual size: 106KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 13KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 28KB - Virtual size: 75KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  NSA

  Size: 16KB - Virtual size: 16KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: 10KB - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ