Set@up#!Files-P@ssw0rD__~2402~_[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

Set@up#!Files-P@ssw0rD__~2402~_.zip
Size

3.3MB
MD5

e007ab9c05eef86c488099b95674916b
SHA1

6c06c03800a5cbfef82251f902013e5f61f3fd15
SHA256

b62c5f76b05543c1f980ccd972666e8fb769b9fb58fc6a0142d9044fea7d40d8
SHA512

4dd19c166d4e49270e0a58003c0dd695f8e2804bb5c5a7b6dc923adb43d3bb9c3ec15409ae0fd5db274f921184c9724827f10c78562319c260a54abea18c51c2
SSDEEP

98304:AlIeBRbUNPMdvCt2l5VVIEDDrrFkhIz4HDsOkdc/pmJ0:YRbUsvCibvDFky4HPf

Score

3^/10

Malware Config

Signatures

Unsigned PE 11 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Set@up#!Files-P@ssw0rD__~2402~_/libX11-6.dll
unpack001/Set@up#!Files-P@ssw0rD__~2402~_/libXau-6.dll
unpack001/Set@up#!Files-P@ssw0rD__~2402~_/libXdmcp-6.dll
unpack001/Set@up#!Files-P@ssw0rD__~2402~_/libdl.dll
unpack001/Set@up#!Files-P@ssw0rD__~2402~_/libgcc_s_dw2-1.dll
unpack001/Set@up#!Files-P@ssw0rD__~2402~_/libwinpthread-1.dll
unpack001/Set@up#!Files-P@ssw0rD__~2402~_/libxcb-1.dll
unpack001/Set@up#!Files-P@ssw0rD__~2402~_/libxcb-image-0.dll
unpack001/Set@up#!Files-P@ssw0rD__~2402~_/libxcb-shm-0.dll
unpack001/Set@up#!Files-P@ssw0rD__~2402~_/libxcb-util-1.dll
unpack001/Set@up#!Files-P@ssw0rD__~2402~_/zlib1.dll

Files

Set@up#!Files-P@ssw0rD__~2402~_.zip
.zip
Set@up#!Files-P@ssw0rD__~2402~_/Set-up.exe
.exe windows:4 windows x86 arch:x86

7467baa0cdd56b718407b66a031b7f9b

Code Sign

39:a4:aa:d7:32:d6:7f:06:d4:71:8a:b7:62:65:5f:35
Certificate

Issuer

CN=COMODO RSA Extended Validation Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

31/12/2020, 00:00

Not After

31/12/2023, 23:59

Subject

SERIALNUMBER=502 869 258 00041,CN=Mobatek,O=Mobatek,POSTALCODE=31300,STREET=15 Chemin de la Crabe,L=Toulouse,C=FR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024652

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6d:d4:72:eb:02:ae:04:06:e3:dd:84:3f:5f:e1:45:e1
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/12/2014, 00:00

Not After

02/12/2029, 23:59

Subject

CN=COMODO RSA Extended Validation Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c4:cb:e0:69:58:cd:c1:e6:e9:d7:23:f1:50:27:d2:20:78:2c:82:f5:15:42:89:28:f8:e8:b0:b2:6c:7f:fd:47
Signer

Actual PE Digest

c4:cb:e0:69:58:cd:c1:e6:e9:d7:23:f1:50:27:d2:20:78:2c:82:f5:15:42:89:28:f8:e8:b0:b2:6c:7f:fd:47

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

CryptAcquireContextA
CryptCreateHash
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptReleaseContext
RegCloseKey
RegOpenKeyA
RegQueryValueExA

gdi32

BitBlt
ChoosePixelFormat
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateFontA
CreatePalette
CreateRectRgn
CreateRectRgnIndirect
DeleteDC
DeleteObject
DescribePixelFormat
GdiFlush
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetObjectA
GetStockObject
GetSystemPaletteEntries
OffsetRgn
RealizePalette
SelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetDIBColorTable
SetDIBits
SetPaletteEntries
SetPixelFormat
SetPixelV
SetTextColor

kernel32

CloseHandle
CreateFileMappingA
CreateProcessA
DeleteCriticalSection
EnterCriticalSection
FormatMessageA
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetExitCodeProcess
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTempPathA
GetTickCount
GetVersionExA
GlobalAlloc
GlobalLock
GlobalUnlock
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LocalFree
MapViewOfFile
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoA
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

__dllonexit
__getmainargs
__initenv
__lconv_init
__mb_cur_max
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_close
_errno
_exit
_fileno
_fmode
_getpid
_hypot
_initterm
_iob
_getpid
_lock
_lseek
_mktemp
_mkdir
_onexit
_open
_putenv
_read
_setmode
_snwprintf
_stat
_stati64
_strdup
_stricmp
_strnicmp
_unlink
_unlock
_vsnprintf
_write
acos
abort
asin
atof
atoi
atol
calloc
clearerr
ctime
exit
fclose
feof
ferror
fflush
fgetc
fgets
fopen
fprintf
fputc
fputs
fread
free
frexp
fscanf
fseek
fwprintf
fwrite
getc
getenv
isalnum
isalpha
isprint
isspace
isupper
localeconv
malloc
memchr
memcmp
memmove
memset
memcpy
printf
putchar
qsort
raise
rand
realloc
remove
rename
setlocale
setvbuf
signal
sprintf
sscanf
strcat
strchr
strcmp
strcpy
strcspn
strerror
strlen
strncat
strncmp
strncpy
strrchr
strstr
strtoul
strtok
strtol
time
tolower
toupper
ungetc
vfprintf
wcscpy
wcslen

ole32

CoCreateInstance
CoInitialize
CoUninitialize
PropVariantClear

shell32

ExtractIconA
SHAppBarMessage
SHGetFolderPathA
ShellExecuteA
Shell_NotifyIconA

shlwapi

SHStrDupA

user32

AddClipboardFormatListener
AdjustWindowRectEx
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcA
CheckMenuItem
ClientToScreen
CloseClipboard
CopyRect
CreateCursor
CreateDialogParamA
CreateIconIndirect
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DeferWindowPos
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageA
DrawTextA
EmptyClipboard
EndDeferWindowPos
EndPaint
EnumDisplayMonitors
EnumDisplaySettingsA
EnumThreadWindows
EqualRect
FindWindowA
FlashWindowEx
GetActiveWindow
GetAsyncKeyState
GetClientRect
GetClipboardData
GetClipboardOwner
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetForegroundWindow
GetIconInfo
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutNameA
GetKeyboardType
GetMessageA
GetMessageTime
GetMonitorInfoA
GetOpenClipboardWindow
GetParent
GetPropA
GetQueueStatus
GetScrollInfo
GetSubMenu
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetWindow
GetWindowInfo
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
InsertMenuA
IntersectRect
InvalidateRect
IsClipboardFormatAvailable
IsDialogMessageA
IsIconic
IsWindow
IsWindowVisible
IsZoomed
KillTimer
LoadCursorA
LoadIconA
LoadImageA
LoadKeyboardLayoutA
LoadMenuA
MapVirtualKeyExA
MapWindowPoints
MessageBeep
MessageBoxA
MessageBoxW
MonitorFromPoint
MonitorFromWindow
MoveWindow
OffsetRect
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RegisterClassExA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveClipboardFormatListener
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindowEx
SendMessageA
SetActiveWindow
SetCapture
SetClipboardData
SetCursor
SetCursorPos
SetForegroundWindow
SetMenuItemInfoA
SetParent
SetPropA
SetRect
SetScrollInfo
SetTimer
SetWindowLongA
SetWindowPos
SetWindowRgn
SetWindowTextA
SetWindowTextW
SetWindowsHookExA
ShowCursor
ShowWindow
SystemParametersInfoA
TrackMouseEvent
TrackPopupMenuEx
UnhookWindowsHookEx
UpdateWindow
ValidateRect
WindowFromPoint

ws2_32

WSAGetLastError
WSASetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
gethostbyname
gethostname
getpeername
getservbyname
getsockname
getsockopt
htonl
htons
inet_ntoa
ioctlsocket
listen
recv
select
send
setsockopt
shutdown
socket

libdl

dlclose
dlerror
dlopen
dlsym

opengl32

wglCopyContext
wglCreateContext
wglDeleteContext
wglGetCurrentContext
wglGetProcAddress
wglMakeCurrent
wglShareLists
wglSwapLayerBuffers

libwinpthread-1

clock_gettime
pthread_cond_destroy
pthread_cond_init
pthread_cond_signal
pthread_cond_wait
pthread_create
pthread_exit
pthread_getclean
pthread_getspecific
pthread_join
pthread_key_create
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_unlock
pthread_once
pthread_setspecific

libx11-6

XInitThreads

libxau-6

XauDisposeAuth
XauReadAuth

libxcb-image-0

xcb_image_destroy
xcb_image_get

libxcb-util-1

xcb_aux_get_screen
xcb_aux_sync

libxcb-1

xcb_change_property
xcb_change_property_checked
xcb_change_window_attributes
xcb_change_window_attributes_checked
xcb_close_font
xcb_configure_window
xcb_connect_to_display_with_auth_info
xcb_connection_has_error
xcb_convert_selection
xcb_create_glyph_cursor
xcb_create_window_checked
xcb_delete_property
xcb_destroy_window
xcb_disconnect
xcb_flush
xcb_free_cursor
xcb_generate_id
xcb_get_atom_name
xcb_get_atom_name_name
xcb_get_atom_name_name_length
xcb_get_atom_name_reply
xcb_get_extension_data
xcb_get_file_descriptor
xcb_get_geometry
xcb_get_geometry_reply
xcb_get_maximum_request_length
xcb_get_property
xcb_get_property_reply
xcb_get_property_unchecked
xcb_get_property_value
xcb_get_property_value_length
xcb_get_selection_owner
xcb_get_selection_owner_reply
xcb_get_selection_owner_unchecked
xcb_get_setup
xcb_get_window_attributes
xcb_get_window_attributes_reply
xcb_intern_atom
xcb_intern_atom_reply
xcb_kill_client
xcb_open_font
xcb_poll_for_event
xcb_query_extension
xcb_query_extension_reply
xcb_query_tree
xcb_query_tree_reply
xcb_request_check
xcb_screen_next
xcb_send_event
xcb_send_event_checked
xcb_send_request
xcb_set_input_focus
xcb_set_selection_owner
xcb_set_selection_owner_checked
xcb_setup_roots_iterator
xcb_setup_roots_length
xcb_unmap_window
xcb_wait_for_event
xcb_wait_for_reply

libxdmcp-6

XdmcpARRAY8Equal
XdmcpAllocARRAY8
XdmcpCompareKeys
XdmcpDecrementKey
XdmcpDisposeARRAY16
XdmcpDisposeARRAY8
XdmcpDisposeARRAYofARRAY8
XdmcpFill
XdmcpFlush
XdmcpGenerateKey
XdmcpReadARRAY8
XdmcpReadCARD32
XdmcpReadCARD8
XdmcpReadHeader
XdmcpReallocARRAY16
XdmcpReallocARRAYofARRAY8
XdmcpUnwrap
XdmcpWrap
XdmcpWriteARRAY8
XdmcpWriteARRAYofARRAY8
XdmcpWriteCARD16
XdmcpWriteCARD32
XdmcpWriteCARD8
XdmcpWriteHeader

zlib1

inflate
inflateEnd
inflateInit2_

Exports

Exports

ALL_POWERSCHEMES_GUID
AbortDevices
AbortServer
AccelerationDefaultCleanup
AccessUsingXdmcp
AccessXCancelRepeatKey
AccessXComputeCurveFactor
AccessXFilterPressEvent
AccessXFilterReleaseEvent
AccessXInit
ActivateDevice
ActivateFocusInGrab
ActivateGrabNoDelivery
ActivateKeyboardGrab
ActivatePassiveGrab
ActivatePointerGrab
AddAuthorization
AddCallback
AddClientOnOpenFD
AddExtension
AddExtensionClient
AddGPUScreen
AddGlyph
AddHost
AddInputDevice
AddLocalHosts
AddPassiveGrabToList
AddResource
AddScreen
AddTraps
AdjustWaitForDelay
AllocARGBCursor
AllocColor
AllocColorCells
AllocColorPlanes
AllocDevicePair
AllocGlyphCursor
AllocGrab
AllocValuatorClass
AllocXTestDevice
AllocateGlyph
AllocateGlyphSet
AllocateMotionHistory
AllocatePixmap
AllowSome
AlterSaveSetForClient
AnimCurInit
AnimCursorCreate
ApplyPointerMapping
AssignTypeAndName
AtomError
AttachDevice
AttachOffloadGPU
AttachOutputGPU
AttachUnboundGPU
AttendClient
AuditF
AugmentSelf
AuthorizationFromID
AuthorizationIDOfClient
AutoResetServer
BadClass
BadDevice
BadDeviceMap
BadMode
BasicComputeAcceleration
BigReqExtensionInit
BitOrderInvert
BitmapGetInfoScalable
BitmapOpenScalable
BitmapRegisterFontFileFunctions
BlockHandler
BufFileClose
BufFileCreate
BufFileOpenRead
BufFileOpenWrite
BufFilePushCompressed
BufFilePushZIP
BufFileRead
BufFileWrite
BuiltinFileClose
BuiltinFileOpen
BuiltinReadDirectory
BuiltinRegisterFontFileFunctions
BuiltinRegisterFpeFunctions
CLSID_CDirect3DRM
CLSID_CDirect3DRMAnimation
CLSID_CDirect3DRMAnimationSet
CLSID_CDirect3DRMClippedVisual
CLSID_CDirect3DRMDevice
CLSID_CDirect3DRMFace
CLSID_CDirect3DRMFrame
CLSID_CDirect3DRMFrameInterpolator
CLSID_CDirect3DRMLight
CLSID_CDirect3DRMLightInterpolator
CLSID_CDirect3DRMMaterial
CLSID_CDirect3DRMMaterialInterpolator
CLSID_CDirect3DRMMesh
CLSID_CDirect3DRMMeshBuilder
CLSID_CDirect3DRMMeshInterpolator
CLSID_CDirect3DRMProgressiveMesh
CLSID_CDirect3DRMShadow
CLSID_CDirect3DRMTexture
CLSID_CDirect3DRMTextureInterpolator
CLSID_CDirect3DRMUserVisual
CLSID_CDirect3DRMViewport
CLSID_CDirect3DRMViewportInterpolator
CLSID_CDirect3DRMWrap
CLSID_CDirectXFile
CLSID_DP8SP_BLUETOOTH
CLSID_DP8SP_IPX
CLSID_DP8SP_MODEM
CLSID_DP8SP_SERIAL
CLSID_DP8SP_TCPIP
CLSID_DirectDraw
CLSID_DirectDraw7
CLSID_DirectDrawClipper
CLSID_DirectDrawFactory2
CLSID_DirectInput
CLSID_DirectInput8
CLSID_DirectInputDevice
CLSID_DirectInputDevice8
CLSID_DirectMusic
CLSID_DirectMusicAudioPathConfig
CLSID_DirectMusicBand
CLSID_DirectMusicBandTrack
CLSID_DirectMusicChordMap
CLSID_DirectMusicChordMapTrack
CLSID_DirectMusicChordTrack
CLSID_DirectMusicCollection
CLSID_DirectMusicCommandTrack
CLSID_DirectMusicComposer
CLSID_DirectMusicContainer
CLSID_DirectMusicGraph
CLSID_DirectMusicLoader
CLSID_DirectMusicLyricsTrack
CLSID_DirectMusicMarkerTrack
CLSID_DirectMusicMelodyFormulationTrack
CLSID_DirectMusicMotifTrack
CLSID_DirectMusicMuteTrack
CLSID_DirectMusicParamControlTrack
CLSID_DirectMusicPatternTrack
CLSID_DirectMusicPerformance
CLSID_DirectMusicScript
CLSID_DirectMusicScriptTrack
CLSID_DirectMusicSegment
CLSID_DirectMusicSegmentState
CLSID_DirectMusicSegmentTriggerTrack
CLSID_DirectMusicSeqTrack
CLSID_DirectMusicSignPostTrack
CLSID_DirectMusicSong
CLSID_DirectMusicStyle
CLSID_DirectMusicStyleTrack
CLSID_DirectMusicSynth
CLSID_DirectMusicSysExTrack
CLSID_DirectMusicTempoTrack
CLSID_DirectMusicTimeSigTrack
CLSID_DirectMusicWaveTrack
CLSID_DirectPlay
CLSID_DirectPlay8Address
CLSID_DirectPlay8Client
CLSID_DirectPlay8LobbiedApplication
CLSID_DirectPlay8LobbyClient
CLSID_DirectPlay8NATResolver
CLSID_DirectPlay8Peer
CLSID_DirectPlay8Server
CLSID_DirectPlay8ThreadPool
CLSID_DirectPlayLobby
CLSID_DirectPlayVoiceClient
CLSID_DirectPlayVoiceServer
CLSID_DirectPlayVoiceTest
CLSID_DirectSound
CLSID_DirectSound8
CLSID_DirectSoundCapture
CLSID_DirectSoundCapture8
CLSID_DirectSoundFullDuplex
CLSID_DirectSoundPrivate
CLSID_DirectSoundWave
CLSID_InMemoryPropertyStore
CLSID_PropertySystem
CLSID_TaskbarList
ChangeAccessControl
ChangeDeviceControl
ChangeDeviceNotify
ChangeDeviceNotifyMask
ChangeGC
ChangeGCXIDs
ChangeKeyMapping
ChangePicture
ChangeResourceValue
ChangeWindowAttributes
ChangeWindowDeviceCursor
CheckAuthorization
CheckCursorConfinement
CheckDeviceGrabAndHintWindow
CheckDeviceGrabs
CheckExtension
CheckFSFormat
CheckGrabValues
CheckMotion
CheckPassiveGrabsOnWindow
CheckUserAuthorization
CheckUserParameters
CheckWindowOptionalNeed
CirculateWindow
ClassFromMask
ClearWorkQueue
ClientAuthorized
ClientIsAsleep
ClientIsLocal
ClientSignal
ClientSignalAll
ClientSleep
ClientSleepUntil
ClientStateCallback
ClientTimeToServerTime
ClientWakeup
CloseDownClient
CloseDownConnection
CloseDownDevices
CloseDownEvents
CloseDownExtensions
CloseDownFileDescriptor
CloseFont
CloseInput
CloseWellKnownConnections
CompScreenPrivateKeyRec
CompSubwindowsPrivateKeyRec
CompWindowPrivateKeyRec
CompareISOLatin1Lowered
CompareTimeStamps
CompositeClientOverlayType
CompositeClientSubwindowsType
CompositeClientWindowType
CompositeExtensionInit
CompositeGlyphs
CompositePicture
CompositeRealChildHead
CompositeRects
CompositeRegisterAlternateVisuals
CompositeRegisterImplicitRedirectionException
CompositeTrapezoids
CompositeTriFan
CompositeTriStrip
CompositeTriangles
ComputeLocalClient
ConfigureWindow
ConfineToShape
ConnectionInfo
CopyColormapAndFree
CopyGC
CopyGetMasterEvent
CopyGrab
CopyISOLatin1Lowered
CopyKeyClass
CopySprite
CopySwap16Write
CopySwap32Write
CoreDump
CoreEnterLeaveEvent
CoreFocusEvent
CoreKeyboardProc
CorePointerProc
CountBits
CreateBoundingShape
CreateClassesChangedEvent
CreateClipShape
CreateColormap
CreateConicalGradientPicture
CreateConnectionBlock
CreateDefaultStipple
CreateFontRec
CreateGC
CreateGCperDepth
CreateGrab
CreateLinearGradientPicture
CreateMaskFromList
CreateNewResourceClass
CreateNewResourceType
CreatePicture
CreateRadialGradientPicture
CreateRootCursor
CreateRootWindow
CreateScratchPixmapsForScreen
CreateSolidPicture
CreateWellKnownSockets
CreateWindow
CurrentSelections
CursorMetricsFromGlyph
CursorRefCount
CursorVisible
DDVPTYPE_BROOKTREE
DDVPTYPE_CCIR656
DDVPTYPE_E_HREFH_VREFH
DDVPTYPE_E_HREFH_VREFL
DDVPTYPE_E_HREFL_VREFH
DDVPTYPE_E_HREFL_VREFL
DDVPTYPE_PHILIPS
DDXRingBell
DPAID_ComPort
DPAID_INet
DPAID_INetPort
DPAID_INetW
DPAID_LobbyProvider
DPAID_Modem
DPAID_ModemW
DPAID_Phone
DPAID_PhoneW
DPAID_ServiceProvider
DPAID_TotalSize
DPLPROPERTY_LobbyGuid
DPLPROPERTY_MessagesSupported
DPLPROPERTY_PlayerGuid
DPLPROPERTY_PlayerScore
DPSPGUID_IPX
DPSPGUID_MODEM
DPSPGUID_SERIAL
DPSPGUID_TCPIP
DPVCTGUID_ADPCM
DPVCTGUID_GSM
DPVCTGUID_NONE
DPVCTGUID_SC03
DPVCTGUID_SC06
DPVCTGUID_TRUESPEECH
DPVCTGUID_VR12
DS3DALG_HRTF_FULL
DS3DALG_HRTF_LIGHT
DS3DALG_NO_VIRTUALIZATION
DSDEVID_DefaultCapture
DSDEVID_DefaultPlayback
DSDEVID_DefaultVoiceCapture
DSDEVID_DefaultVoicePlayback
DSPROPSETID_DirectSoundDevice
DamageCreate
DamageDamageRegion
DamageDestroy
DamageDrawInternal
DamageEmpty
DamageExtSetCritical
DamageExtensionInit
DamageGetScreenFuncs
DamagePendingRegion
DamageRegion
DamageRegionAppend
DamageRegionProcessPending
DamageRegister
DamageReportDamage
DamageSetReportAfterOp
DamageSetup
DamageSubtract
DamageUnregister
DbeExtensionInit
DeactivateKeyboardGrab
DeactivatePointerGrab
DeepCopyDeviceClasses
DefineSelf
DeleteAllWindowProperties
DeleteCallback
DeleteCallbackList
DeleteCallbackManager
DeleteClientFontStuff
DeleteClientFromAnySelections
DeleteGlyph
DeleteInputDeviceRequest
DeletePassiveGrab
DeletePassiveGrabFromList
DeleteProperty
DeleteWindow
DeleteWindowFromAnyEvents
DeleteWindowFromAnyExtEvents
DeleteWindowFromAnySaveSet
DeleteWindowFromAnySelections
DeliverDeviceClassesChangedEvent
DeliverDeviceEvents
DeliverEvents
DeliverEventsToWindow
DeliverFocusedEvent
DeliverGestureEventToOwner
DeliverGrabbedEvent
DeliverOneGrabbedEvent
DeliverRawEvent
DeliverTouchEvents
DestroyFontRec
DestroySubwindows
DetachOffloadGPU
DetachOutputGPU
DetachUnboundGPU
DetermineClientCmd
DetermineClientPid
DevHasCursor
DeviceBusy
DeviceButton1MotionMask
DeviceButton2MotionMask
DeviceButton3MotionMask
DeviceButton4MotionMask
DeviceButton5MotionMask
DeviceButtonGrabMask
DeviceButtonMotionMask
DeviceButtonPress
DeviceButtonRelease
DeviceButtonStateNotify
DeviceEnterLeaveEvent
DeviceEventCallback
DeviceEventSuppressForWindow
DeviceFocusChangeMask
DeviceFocusEvent
DeviceFocusIn
DeviceFocusOut
DeviceKeyPress
DeviceKeyRelease
DeviceKeyStateNotify
DeviceMappingNotify
DeviceMappingNotifyMask
DeviceMotionNotify
DeviceOwnerGrabButtonMask
DevicePointerMotionHintMask
DevicePresenceNotify
DevicePresenceNotifyMask
DevicePropertyNotify
DevicePropertyNotifyMask
DeviceProximityMask
DeviceStateNotify
DeviceStateNotifyMask
DeviceValuator
DisableAllDevices
DisableDevice
DisableLimitedSchedulingLatency
DisableLocalAccess
DisableLocalHost
Dispatch
DoEnterLeaveEvents
DoFocusEvents
DoGetString
DontPropagateMasks
DuplicateInputAttributes
EnableCursor
EnableDevice
EnableDisableExtension
EnableDisableExtensionError
EnableLimitedSchedulingLatency
EnableLocalAccess
EnableLocalHost
EnqueueEvent
EnterWindow
ErrorF
ErrorFSigSafe
EventCallback
EventInfo
EventIsDeliverable
EventIsKeyRepeat
EventMaskForClient
EventSelectForWindow
EventSuppressForWindow
EventSwapVector
EventToCore
EventToXI
EventToXI2
ExtEventIndex
FakeAllocColor
FakeClientID
FakeFreeColor
FakeScreenFps
FatalError
FbMergeRopBits
FindAllClientResources
FindClientResourcesByType
FindGlyph
FindGlyphByHash
FindSubResources
FindWindowWithOptional
FixKeyState
FixUpEventFromWindow
FlushAllOutput
FlushCallback
FlushClient
FlushIfCriticalOutputPending
FontCharInkMetrics
FontCharReshape
FontComputeInfoAccelerators
FontCouldBeTerminal
FontDefaultFormat
FontFileAddEntry
FontFileAddFontAlias
FontFileAddFontFile
FontFileAddScaledInstance
FontFileBitmapSources
FontFileClose
FontFileCloseFont
FontFileCompleteXLFD
FontFileCountDashes
FontFileDirectoryChanged
FontFileEmptyBitmapSource
FontFileFindNameInDir
FontFileFindNameInScalableDir
FontFileFindNamesInDir
FontFileFindNamesInScalableDir
FontFileFindScaledInstance
FontFileFreeDir
FontFileFreeEntry
FontFileFreeFPE

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 335KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 216KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Set@up#!Files-P@ssw0rD__~2402~_/equilibrator.tar
Set@up#!Files-P@ssw0rD__~2402~_/floe.txt
Set@up#!Files-P@ssw0rD__~2402~_/libX11-6.dll
.dll windows:4 windows x86 arch:x86

d53b321c8346bf6d245119af8aad975d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
ReleaseSemaphore
SetErrorMode
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject

msvcrt

__dllonexit
__mb_cur_max
_access
_amsg_exit
_close
_errno
_exit
_fileno
_fstat
_getdrives
_initterm
_iob
_lock
_onexit
_open
_read
_snwprintf
_stat
_strdup
_unlink
_unlock
_vsnprintf
abort
atoi
calloc
exit
fclose
ferror
fflush
fgets
fopen
fprintf
fputc
fputs
free
fwprintf
fwrite
getc
getenv
isalpha
isprint
isspace
isupper
isxdigit
malloc
mblen
mbstowcs
memchr
memcmp
memmove
memset
mbtowc
memcpy
putc
qsort
raise
realloc
rewind
setlocale
sprintf
sscanf
strcat
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
strrchr
strstr
strtoul
strtol
tolower
toupper
ungetc
vfprintf
wcscpy
wctomb

user32

MessageBoxW

ws2_32

WSAGetLastError
WSASetLastError
WSAStartup
__WSAFDIsSet
closesocket
connect
gethostbyname
gethostname
getpeername
getservbyname
getsockname
getsockopt
htons
inet_addr
ioctlsocket
ntohs
recv
select
send
setsockopt
shutdown
socket

libgcc_s_dw2-1

__deregister_frame_info
__register_frame_info

libdl

dlopen
dlsym

libxcb-1

xcb_connect
xcb_connect_to_display_with_auth_info
xcb_connection_has_error
xcb_disconnect
xcb_generate_id
xcb_get_file_descriptor
xcb_get_maximum_request_length
xcb_get_setup
xcb_parse_display
xcb_poll_for_event
xcb_poll_for_reply
xcb_take_socket
xcb_wait_for_event
xcb_wait_for_reply
xcb_writev

Exports

Exports

KeySymToUcs4
XActivateScreenSaver
XAddConnectionWatch
XAddExtension
XAddHost
XAddHosts
XAddPixel
XAddToExtensionList
XAddToSaveSet
XAllPlanes
XAllocClassHint
XAllocColor
XAllocColorCells
XAllocColorPlanes
XAllocIconSize
XAllocNamedColor
XAllocSizeHints
XAllocStandardColormap
XAllocWMHints
XAllowEvents
XAutoRepeatOff
XAutoRepeatOn
XBaseFontNameListOfFontSet
XBell
XBitmapBitOrder
XBitmapPad
XBitmapUnit
XBlackPixel
XBlackPixelOfScreen
XCellsOfScreen
XChangeActivePointerGrab
XChangeGC
XChangeKeyboardControl
XChangeKeyboardMapping
XChangePointerControl
XChangeProperty
XChangeSaveSet
XChangeWindowAttributes
XCheckIfEvent
XCheckMaskEvent
XCheckTypedEvent
XCheckTypedWindowEvent
XCheckWindowEvent
XCirculateSubwindows
XCirculateSubwindowsDown
XCirculateSubwindowsUp
XClearArea
XClearWindow
XClipBox
XCloseDisplay
XCloseIM
XCloseOM
XConfigureWindow
XConnectionNumber
XContextDependentDrawing
XContextualDrawing
XConvertCase
XConvertSelection
XCopyArea
XCopyColormapAndFree
XCopyGC
XCopyPlane
XCreateBitmapFromData
XCreateColormap
XCreateFontCursor
XCreateFontSet
XCreateGC
XCreateGlyphCursor
XCreateIC
XCreateImage
XCreateOC
XCreatePixmap
XCreatePixmapCursor
XCreatePixmapFromBitmapData
XCreateRegion
XCreateSimpleWindow
XCreateWindow
XDefaultColormap
XDefaultColormapOfScreen
XDefaultDepth
XDefaultDepthOfScreen
XDefaultGC
XDefaultGCOfScreen
XDefaultRootWindow
XDefaultScreen
XDefaultScreenOfDisplay
XDefaultString
XDefaultVisual
XDefaultVisualOfScreen
XDefineCursor
XDeleteContext
XDeleteModifiermapEntry
XDeleteProperty
XDestroyIC
XDestroyImage
XDestroyOC
XDestroyRegion
XDestroySubwindows
XDestroyWindow
XDirectionalDependentDrawing
XDisableAccessControl
XDisplayCells
XDisplayHeight
XDisplayHeightMM
XDisplayKeycodes
XDisplayMotionBufferSize
XDisplayName
XDisplayOfIM
XDisplayOfOM
XDisplayOfScreen
XDisplayPlanes
XDisplayString
XDisplayWidth
XDisplayWidthMM
XDoesBackingStore
XDoesSaveUnders
XDrawArc
XDrawArcs
XDrawImageString
XDrawImageString16
XDrawLine
XDrawLines
XDrawPoint
XDrawPoints
XDrawRectangle
XDrawRectangles
XDrawSegments
XDrawString
XDrawString16
XDrawText
XDrawText16
XEHeadOfExtensionList
XESetBeforeFlush
XESetCloseDisplay
XESetCopyEventCookie
XESetCopyGC
XESetCreateFont
XESetCreateGC
XESetError
XESetErrorString
XESetEventToWire
XESetFlushGC
XESetFreeFont
XESetFreeGC
XESetPrintErrorValues
XESetWireToError
XESetWireToEvent
XESetWireToEventCookie
XEmptyRegion
XEnableAccessControl
XEqualRegion
XEventMaskOfScreen
XEventsQueued
XExtendedMaxRequestSize
XExtentsOfFontSet
XFetchBuffer
XFetchBytes
XFetchName
XFillArc
XFillArcs
XFillPolygon
XFillRectangle
XFillRectangles
XFilterEvent
XFindContext
XFindOnExtensionList
XFlush
XFlushGC
XFontsOfFontSet
XForceScreenSaver
XFree
XFreeColormap
XFreeColors
XFreeCursor
XFreeEventData
XFreeExtensionList
XFreeFont
XFreeFontInfo
XFreeFontNames
XFreeFontPath
XFreeFontSet
XFreeGC
XFreeModifiermap
XFreePixmap
XFreeStringList
XGContextFromGC
XGeometry
XGetAtomName
XGetAtomNames
XGetClassHint
XGetCommand
XGetDefault
XGetErrorDatabaseText
XGetErrorText
XGetEventData
XGetFontPath
XGetFontProperty
XGetGCValues
XGetGeometry
XGetICValues
XGetIMValues
XGetIconName
XGetIconSizes
XGetImage
XGetInputFocus
XGetKeyboardControl
XGetKeyboardMapping
XGetModifierMapping
XGetMotionEvents
XGetNormalHints
XGetOCValues
XGetOMValues
XGetPixel
XGetPointerControl
XGetPointerMapping
XGetRGBColormaps
XGetScreenSaver
XGetSelectionOwner
XGetSizeHints
XGetStandardColormap
XGetSubImage
XGetTextProperty
XGetTransientForHint
XGetVisualInfo
XGetWMClientMachine
XGetWMColormapWindows
XGetWMHints
XGetWMIconName
XGetWMName
XGetWMNormalHints
XGetWMProtocols
XGetWMSizeHints
XGetWindowAttributes
XGetWindowProperty
XGetZoomHints
XGrabButton
XGrabKey
XGrabKeyboard
XGrabPointer
XGrabServer
XHeightMMOfScreen
XHeightOfScreen
XIMOfIC
XIconifyWindow
XIfEvent
XImageByteOrder
XInitExtension
XInitImage
XInitThreads
XInsertModifiermapEntry
XInstallColormap
XInternAtom
XInternAtoms
XInternalConnectionNumbers
XIntersectRegion
XKeycodeToKeysym
XKeysymToKeycode
XKeysymToString
XKillClient
XLastKnownRequestProcessed
XListDepths
XListExtensions
XListFonts
XListFontsWithInfo
XListHosts
XListInstalledColormaps
XListPixmapFormats
XListProperties
XLoadFont
XLoadQueryFont
XLocaleOfFontSet
XLocaleOfIM
XLocaleOfOM
XLockDisplay
XLookupColor
XLookupKeysym
XLookupString
XLowerWindow
XMapRaised
XMapSubwindows
XMapWindow
XMaskEvent
XMatchVisualInfo
XMaxCmapsOfScreen
XMaxRequestSize
XMinCmapsOfScreen
XMoveResizeWindow
XMoveWindow
XNewModifiermap
XNextEvent
XNextRequest
XNoOp
XOMOfOC
XOffsetRegion
XOpenDisplay
XOpenIM
XOpenOM
XParseColor
XParseGeometry
XPeekEvent
XPeekIfEvent
XPending
XPlanesOfScreen
XPointInRegion
XPolygonRegion
XProcessInternalConnection
XProtocolRevision
XProtocolVersion
XPutBackEvent
XPutImage
XPutPixel
XQLength
XQueryBestCursor
XQueryBestSize
XQueryBestStipple
XQueryBestTile
XQueryColor
XQueryColors
XQueryExtension
XQueryFont
XQueryKeymap
XQueryPointer
XQueryTextExtents
XQueryTextExtents16
XQueryTree
XRaiseWindow
XReadBitmapFile
XReadBitmapFileData
XRebindKeysym
XRecolorCursor
XReconfigureWMWindow
XRectInRegion
XRefreshKeyboardMapping
XRegisterIMInstantiateCallback
XRemoveConnectionWatch
XRemoveFromSaveSet
XRemoveHost
XRemoveHosts
XReparentWindow
XResetScreenSaver
XResizeWindow
XResourceManagerString
XRestackWindows
XRootWindow
XRootWindowOfScreen
XRotateBuffers
XRotateWindowProperties
XSaveContext
XScreenCount
XScreenNumberOfScreen
XScreenOfDisplay
XScreenResourceString
XSelectInput
XSendEvent
XServerVendor
XSetAccessControl
XSetAfterFunction
XSetArcMode
XSetAuthorization
XSetBackground
XSetClassHint
XSetClipMask
XSetClipOrigin
XSetClipRectangles
XSetCloseDownMode
XSetCommand
XSetDashes
XSetErrorHandler
XSetFillRule
XSetFillStyle
XSetFont
XSetFontPath
XSetForeground
XSetFunction
XSetGraphicsExposures
XSetICFocus
XSetICValues
XSetIMValues
XSetIOErrorHandler
XSetIconName
XSetIconSizes
XSetInputFocus
XSetLineAttributes
XSetLocaleModifiers
XSetModifierMapping
XSetNormalHints
XSetOCValues
XSetOMValues
XSetPlaneMask
XSetPointerMapping
XSetRGBColormaps
XSetRegion
XSetScreenSaver
XSetSelectionOwner
XSetSizeHints
XSetStandardColormap
XSetStandardProperties
XSetState
XSetStipple
XSetSubwindowMode
XSetTSOrigin
XSetTextProperty
XSetTile
XSetTransientForHint
XSetWMClientMachine
XSetWMColormapWindows
XSetWMHints
XSetWMIconName
XSetWMName
XSetWMNormalHints
XSetWMProperties
XSetWMProtocols
XSetWMSizeHints
XSetWindowBackground
XSetWindowBackgroundPixmap
XSetWindowBorder
XSetWindowBorderPixmap
XSetWindowBorderWidth
XSetWindowColormap
XSetZoomHints
XShrinkRegion
XStoreBuffer
XStoreBytes
XStoreColor
XStoreColors
XStoreName
XStoreNamedColor
XStringListToTextProperty
XStringToKeysym
XSubImage
XSubtractRegion
XSupportsLocale
XSync
XSynchronize
XTextExtents
XTextExtents16
XTextPropertyToStringList
XTextWidth
XTextWidth16
XTranslateCoordinates
XUndefineCursor
XUngrabButton
XUngrabKey
XUngrabKeyboard
XUngrabPointer
XUngrabServer
XUninstallColormap
XUnionRectWithRegion
XUnionRegion
XUnloadFont
XUnlockDisplay
XUnmapSubwindows
XUnmapWindow
XUnregisterIMInstantiateCallback
XUnsetICFocus
XVaCreateNestedList
XVendorRelease
XVisualIDFromVisual
XWMGeometry
XWarpPointer
XWhitePixel
XWhitePixelOfScreen
XWidthMMOfScreen
XWidthOfScreen
XWindowEvent
XWithdrawWindow
XWriteBitmapFile
XXorRegion
XcmsAddColorSpace
XcmsAddFunctionSet
XcmsAllocColor
XcmsAllocNamedColor
XcmsCCCOfColormap
XcmsCIELabClipL
XcmsCIELabClipLab
XcmsCIELabClipab
XcmsCIELabColorSpace
XcmsCIELabQueryMaxC
XcmsCIELabQueryMaxL
XcmsCIELabQueryMaxLC
XcmsCIELabQueryMinL
XcmsCIELabToCIEXYZ
XcmsCIELabWhiteShiftColors
XcmsCIELuvClipL
XcmsCIELuvClipLuv
XcmsCIELuvClipuv
XcmsCIELuvColorSpace
XcmsCIELuvQueryMaxC
XcmsCIELuvQueryMaxL
XcmsCIELuvQueryMaxLC
XcmsCIELuvQueryMinL
XcmsCIELuvToCIEuvY
XcmsCIELuvWhiteShiftColors
XcmsCIEXYZColorSpace
XcmsCIEXYZToCIELab
XcmsCIEXYZToCIEuvY
XcmsCIEXYZToCIExyY
XcmsCIEXYZToRGBi
XcmsCIEuvYColorSpace
XcmsCIEuvYToCIELuv

Sections

.text
Size: 615KB - Virtual size: 615KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 500KB - Virtual size: 499KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Set@up#!Files-P@ssw0rD__~2402~_/libXau-6.dll
.dll windows:4 windows x86 arch:x86

09daa8401f147bab5768a0fe57758d89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_access
_amsg_exit
_close
_errno
_initterm
_iob
_lock
_onexit
_open
_stat
_unlock
_vsnprintf
abort
calloc
fclose
fopen
fread
free
fwrite
getenv
malloc
memcmp
memset
memcpy
remove
rename
strlen
strncmp
time
vfprintf

libgcc_s_dw2-1

__deregister_frame_info
__register_frame_info

Exports

Exports

XauDisposeAuth
XauFileName
XauGetAuthByAddr
XauGetBestAuthByAddr
XauLockAuth
XauReadAuth
XauUnlockAuth
XauWriteAuth

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 249B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Set@up#!Files-P@ssw0rD__~2402~_/libXdmcp-6.dll
.dll windows:4 windows x86 arch:x86

9756e50044d0589bb9d214b2c53a0c90

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_getpid
_initterm
_iob
_lock
_onexit
_unlock
abort
calloc
free
fwrite
malloc
memcmp
memmove
memset
rand
realloc
srand
strlen
strncmp
time
vfprintf

ws2_32

recvfrom
sendto

libgcc_s_dw2-1

__deregister_frame_info
__register_frame_info

Exports

Exports

XdmcpARRAY8Equal
XdmcpAllocARRAY16
XdmcpAllocARRAY32
XdmcpAllocARRAY8
XdmcpAllocARRAYofARRAY8
XdmcpCompareKeys
XdmcpCopyARRAY8
XdmcpDecrementKey
XdmcpDisposeARRAY16
XdmcpDisposeARRAY32
XdmcpDisposeARRAY8
XdmcpDisposeARRAYofARRAY8
XdmcpFill
XdmcpFlush
XdmcpGenerateKey
XdmcpIncrementKey
XdmcpReadARRAY16
XdmcpReadARRAY32
XdmcpReadARRAY8
XdmcpReadARRAYofARRAY8
XdmcpReadCARD16
XdmcpReadCARD32
XdmcpReadCARD8
XdmcpReadHeader
XdmcpReadRemaining
XdmcpReallocARRAY16
XdmcpReallocARRAY32
XdmcpReallocARRAY8
XdmcpReallocARRAYofARRAY8
XdmcpUnwrap
XdmcpWrap
XdmcpWriteARRAY16
XdmcpWriteARRAY32
XdmcpWriteARRAY8
XdmcpWriteARRAYofARRAY8
XdmcpWriteCARD16
XdmcpWriteCARD32
XdmcpWriteCARD8
XdmcpWriteHeader
_XdmcpAuthDoIt
_XdmcpAuthSetup
_XdmcpWrapperToOddParity

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Set@up#!Files-P@ssw0rD__~2402~_/libdl.dll
.dll windows:4 windows x86 arch:x86

63cfdb78f5b3579cc2752cc88e3ba4e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FormatMessageA
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
QueryPerformanceCounter
SetErrorMode
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_initterm
_iob
_lock
_onexit
_unlock
_vsnprintf
abort
calloc
free
fwrite
malloc
strlen
strncmp
vfprintf

psapi

EnumProcessModules

libgcc_s_dw2-1

__deregister_frame_info
__register_frame_info

Exports

Exports

dlclose
dlerror
dlopen
dlsym

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 65KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 119B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Set@up#!Files-P@ssw0rD__~2402~_/libgcc_s_dw2-1.dll
.dll windows:4 windows x86 arch:x86

5a18b12e92e997d2ca370de96393cb7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_initterm
_iob
_lock
_onexit
_unlock
abort
calloc
free
fwrite
malloc
memset
memcpy
realloc
strlen
strncmp
vfprintf

libwinpthread-1

pthread_getspecific
pthread_key_create
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_unlock
pthread_once
pthread_setspecific

Exports

Exports

_Unwind_Backtrace
_Unwind_DeleteException
_Unwind_FindEnclosingFunction
_Unwind_Find_FDE
_Unwind_ForcedUnwind
_Unwind_GetCFA
_Unwind_GetDataRelBase
_Unwind_GetGR
_Unwind_GetIP
_Unwind_GetIPInfo
_Unwind_GetLanguageSpecificData
_Unwind_GetRegionStart
_Unwind_GetTextRelBase
_Unwind_RaiseException
_Unwind_Resume
_Unwind_Resume_or_Rethrow
_Unwind_SetGR
_Unwind_SetIP
__absvdi2
__absvsi2
__addtf3
__addvdi3
__addvsi3
__ashldi3
__ashrdi3
__bswapdi2
__bswapsi2
__clear_cache
__clrsbdi2
__clrsbsi2
__clzdi2
__clzsi2
__cmpdi2
__ctzdi2
__ctzsi2
__deregister_frame
__deregister_frame_info
__deregister_frame_info_bases
__divdc3
__divdi3
__divsc3
__divtc3
__divtf3
__divxc3
__emutls_get_address
__emutls_register_common
__enable_execute_stack
__eqtf2
__extenddftf2
__extendsftf2
__extendxftf2
__ffsdi2
__ffssi2
__fixdfdi
__fixsfdi
__fixtfdi
__fixtfsi
__fixunsdfdi
__fixunsdfsi
__fixunssfdi
__fixunssfsi
__fixunstfdi
__fixunstfsi
__fixunsxfdi
__fixunsxfsi
__fixxfdi
__floatdidf
__floatdisf
__floatditf
__floatdixf
__floatsitf
__floatundidf
__floatundisf
__floatunditf
__floatundixf
__floatunsitf
__gcc_personality_v0
__getf2
__gttf2
__letf2
__lshrdi3
__lttf2
__moddi3
__muldc3
__muldi3
__mulsc3
__multc3
__multf3
__mulvdi3
__mulvsi3
__mulxc3
__negdi2
__negtf2
__negvdi2
__negvsi2
__netf2
__paritydi2
__paritysi2
__popcountdi2
__popcountsi2
__powidf2
__powisf2
__powitf2
__powixf2
__register_frame
__register_frame_info
__register_frame_info_bases
__register_frame_info_table
__register_frame_info_table_bases
__register_frame_table
__subtf3
__subvdi3
__subvsi3
__trunctfdf2
__trunctfsf2
__trunctfxf2
__ucmpdi2
__udivdi3
__udivmoddi4
__umoddi3
__unordtf2

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Set@up#!Files-P@ssw0rD__~2402~_/libwinpthread-1.dll
.dll windows:4 windows x86 arch:x86

44a429043c8b96115c554fa01325a0db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FileTimeToSystemTime
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetProcessTimes
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetThreadTimes
GetTickCount
InitializeCriticalSection
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
SetCriticalSectionSpinCount
SetEvent
SetLastError
SetProcessAffinityMask
SetSystemTime
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject

msvcrt

__dllonexit
_amsg_exit
_beginthreadex
_endthreadex
_errno
_initterm
_iob
_lock
_onexit
_setjmp3
_strdup
_ultoa
_unlock
_vsnprintf
_vsnwprintf
abort
calloc
exit
fprintf
free
fwrite
longjmp
malloc
memmove
memset
printf
realloc
strlen
strncmp
vfprintf

Exports

Exports

__pth_gpointer_locked
__pthread_clock_nanosleep
_pthread_cleanup_dest
_pthread_get_state
_pthread_invoke_cancel
_pthread_key_dest
_pthread_rel_time_in_ms
_pthread_set_state
_pthread_time_in_ms
_pthread_time_in_ms_from_timespec
_pthread_tryjoin
clock_getres
clock_gettime
clock_nanosleep
clock_settime
nanosleep
pthread_attr_destroy
pthread_attr_getdetachstate
pthread_attr_getinheritsched
pthread_attr_getschedparam
pthread_attr_getschedpolicy
pthread_attr_getscope
pthread_attr_getstackaddr
pthread_attr_getstacksize
pthread_attr_init
pthread_attr_setdetachstate
pthread_attr_setinheritsched
pthread_attr_setschedparam
pthread_attr_setschedpolicy
pthread_attr_setscope
pthread_attr_setstackaddr
pthread_attr_setstacksize
pthread_barrier_destroy
pthread_barrier_init
pthread_barrier_wait
pthread_barrierattr_destroy
pthread_barrierattr_getpshared
pthread_barrierattr_init
pthread_barrierattr_setpshared
pthread_cancel
pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_init
pthread_cond_signal
pthread_cond_timedwait
pthread_cond_timedwait_relative_np
pthread_cond_wait
pthread_condattr_destroy
pthread_condattr_getclock
pthread_condattr_getpshared
pthread_condattr_init
pthread_condattr_setclock
pthread_condattr_setpshared
pthread_create
pthread_create_wrapper
pthread_delay_np
pthread_detach
pthread_equal
pthread_exit
pthread_get_concurrency
pthread_getclean
pthread_getconcurrency
pthread_getevent
pthread_gethandle
pthread_getname_np
pthread_getschedparam
pthread_getspecific
pthread_join
pthread_key_create
pthread_key_delete
pthread_kill
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_timedlock
pthread_mutex_trylock
pthread_mutex_unlock
pthread_mutexattr_destroy
pthread_mutexattr_getprioceiling
pthread_mutexattr_getprotocol
pthread_mutexattr_getpshared
pthread_mutexattr_gettype
pthread_mutexattr_init
pthread_mutexattr_setprioceiling
pthread_mutexattr_setprotocol
pthread_mutexattr_setpshared
pthread_mutexattr_settype
pthread_num_processors_np
pthread_once
pthread_rwlock_destroy
pthread_rwlock_init
pthread_rwlock_rdlock
pthread_rwlock_timedrdlock
pthread_rwlock_timedwrlock
pthread_rwlock_tryrdlock
pthread_rwlock_trywrlock
pthread_rwlock_unlock
pthread_rwlock_wrlock
pthread_rwlockattr_destroy
pthread_rwlockattr_getpshared
pthread_rwlockattr_init
pthread_rwlockattr_setpshared
pthread_self
pthread_set_concurrency
pthread_set_num_processors_np
pthread_setcancelstate
pthread_setcanceltype
pthread_setconcurrency
pthread_setname_np
pthread_setschedparam
pthread_setspecific
pthread_spin_destroy
pthread_spin_init
pthread_spin_lock
pthread_spin_trylock
pthread_spin_unlock
pthread_testcancel
pthread_timechange_handler_np
pthread_tls_init
sched_get_priority_max
sched_get_priority_min
sched_getscheduler
sched_setscheduler
sched_yield
sem_close
sem_destroy
sem_getvalue
sem_init
sem_open
sem_post
sem_post_multiple
sem_timedwait
sem_trywait
sem_unlink
sem_wait

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Set@up#!Files-P@ssw0rD__~2402~_/libxcb-1.dll
.dll windows:4 windows x86 arch:x86

66fa70f19d2581706eff67c88eb4177c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_close
_errno
_exit
_initterm
_iob
_getpid
_lock
_onexit
_snwprintf
_unlock
_vsnprintf
_write
abort
calloc
free
fwprintf
fwrite
getenv
malloc
memcmp
memmove
memset
memcpy
raise
realloc
strcmp
strlen
strncmp
strrchr
strtoul
time
vfprintf
wcscpy

libwinpthread-1

pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_init
pthread_cond_signal
pthread_cond_wait
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_unlock

user32

MessageBoxW

ws2_32

WSACleanup
WSAGetLastError
WSAStartup
__WSAFDIsSet
connect
gethostbyname
gethostname
getpeername
getsockname
htonl
htons
ioctlsocket
recv
select
send
setsockopt
shutdown
socket

libgcc_s_dw2-1

__deregister_frame_info
__register_frame_info

libxau-6

XauDisposeAuth
XauGetBestAuthByAddr

libxdmcp-6

XdmcpWrap

Exports

Exports

IN6_IS_ADDR_LOOPBACK
IN6_IS_ADDR_V4MAPPED
_xcb_conn_ret_error
_xcb_conn_shutdown
_xcb_conn_wait
_xcb_ext_destroy
_xcb_ext_init
_xcb_get_auth_info
_xcb_in_destroy
_xcb_in_expect_reply
_xcb_in_init
_xcb_in_read
_xcb_in_read_block
_xcb_in_replies_done
_xcb_in_wake_up_next_reader
_xcb_map_delete
_xcb_map_new
_xcb_map_put
_xcb_map_remove
_xcb_out_destroy
_xcb_out_flush_to
_xcb_out_init
_xcb_out_send
_xcb_out_send_sync
_xcb_xid_destroy
_xcb_xid_init
xcb_alloc_color
xcb_alloc_color_cells
xcb_alloc_color_cells_masks
xcb_alloc_color_cells_masks_end
xcb_alloc_color_cells_masks_length
xcb_alloc_color_cells_pixels
xcb_alloc_color_cells_pixels_end
xcb_alloc_color_cells_pixels_length
xcb_alloc_color_cells_reply
xcb_alloc_color_cells_sizeof
xcb_alloc_color_cells_unchecked
xcb_alloc_color_planes
xcb_alloc_color_planes_pixels
xcb_alloc_color_planes_pixels_end
xcb_alloc_color_planes_pixels_length
xcb_alloc_color_planes_reply
xcb_alloc_color_planes_sizeof
xcb_alloc_color_planes_unchecked
xcb_alloc_color_reply
xcb_alloc_color_unchecked
xcb_alloc_named_color
xcb_alloc_named_color_reply
xcb_alloc_named_color_sizeof
xcb_alloc_named_color_unchecked
xcb_allow_events
xcb_allow_events_checked
xcb_arc_end
xcb_arc_next
xcb_atom_end
xcb_atom_next
xcb_bell
xcb_bell_checked
xcb_big_requests_enable
xcb_big_requests_enable_reply
xcb_big_requests_enable_unchecked
xcb_big_requests_id
xcb_button_end
xcb_button_next
xcb_change_active_pointer_grab
xcb_change_active_pointer_grab_checked
xcb_change_gc
xcb_change_gc_checked
xcb_change_gc_sizeof
xcb_change_hosts
xcb_change_hosts_checked
xcb_change_hosts_sizeof
xcb_change_keyboard_control
xcb_change_keyboard_control_checked
xcb_change_keyboard_control_sizeof
xcb_change_keyboard_mapping
xcb_change_keyboard_mapping_checked
xcb_change_keyboard_mapping_sizeof
xcb_change_pointer_control
xcb_change_pointer_control_checked
xcb_change_property
xcb_change_property_checked
xcb_change_property_sizeof
xcb_change_save_set
xcb_change_save_set_checked
xcb_change_window_attributes
xcb_change_window_attributes_checked
xcb_change_window_attributes_sizeof
xcb_char2b_end
xcb_char2b_next
xcb_charinfo_end
xcb_charinfo_next
xcb_circulate_window
xcb_circulate_window_checked
xcb_clear_area
xcb_clear_area_checked
xcb_client_message_data_end
xcb_client_message_data_next
xcb_close_font
xcb_close_font_checked
xcb_coloritem_end
xcb_coloritem_next
xcb_colormap_end
xcb_colormap_next
xcb_configure_window
xcb_configure_window_checked
xcb_configure_window_sizeof
xcb_connect
xcb_connect_to_display_with_auth_info
xcb_connect_to_fd
xcb_connection_has_error
xcb_convert_selection
xcb_convert_selection_checked
xcb_copy_area
xcb_copy_area_checked
xcb_copy_colormap_and_free
xcb_copy_colormap_and_free_checked
xcb_copy_gc
xcb_copy_gc_checked
xcb_copy_plane
xcb_copy_plane_checked
xcb_create_colormap
xcb_create_colormap_checked
xcb_create_cursor
xcb_create_cursor_checked
xcb_create_gc
xcb_create_gc_checked
xcb_create_gc_sizeof
xcb_create_glyph_cursor
xcb_create_glyph_cursor_checked
xcb_create_pixmap
xcb_create_pixmap_checked
xcb_create_window
xcb_create_window_checked
xcb_create_window_sizeof
xcb_cursor_end
xcb_cursor_next
xcb_delete_property
xcb_delete_property_checked
xcb_depth_end
xcb_depth_next
xcb_depth_sizeof
xcb_depth_visuals
xcb_depth_visuals_iterator
xcb_depth_visuals_length
xcb_destroy_subwindows
xcb_destroy_subwindows_checked
xcb_destroy_window
xcb_destroy_window_checked
xcb_discard_reply
xcb_disconnect
xcb_drawable_end
xcb_drawable_next
xcb_fill_poly
xcb_fill_poly_checked
xcb_fill_poly_sizeof
xcb_flush
xcb_font_end
xcb_font_next
xcb_fontable_end
xcb_fontable_next
xcb_fontprop_end
xcb_fontprop_next
xcb_force_screen_saver
xcb_force_screen_saver_checked
xcb_format_end
xcb_format_next
xcb_free_colormap
xcb_free_colormap_checked
xcb_free_colors
xcb_free_colors_checked
xcb_free_colors_sizeof
xcb_free_cursor
xcb_free_cursor_checked
xcb_free_gc
xcb_free_gc_checked
xcb_free_pixmap
xcb_free_pixmap_checked
xcb_gcontext_end
xcb_gcontext_next
xcb_generate_id
xcb_get_atom_name
xcb_get_atom_name_name
xcb_get_atom_name_name_end
xcb_get_atom_name_name_length
xcb_get_atom_name_reply
xcb_get_atom_name_sizeof
xcb_get_atom_name_unchecked
xcb_get_extension_data
xcb_get_file_descriptor
xcb_get_font_path
xcb_get_font_path_path_iterator
xcb_get_font_path_path_length
xcb_get_font_path_reply
xcb_get_font_path_sizeof
xcb_get_font_path_unchecked
xcb_get_geometry
xcb_get_geometry_reply
xcb_get_geometry_unchecked
xcb_get_image
xcb_get_image_data
xcb_get_image_data_end
xcb_get_image_data_length
xcb_get_image_reply
xcb_get_image_sizeof
xcb_get_image_unchecked
xcb_get_input_focus
xcb_get_input_focus_reply
xcb_get_input_focus_unchecked
xcb_get_keyboard_control
xcb_get_keyboard_control_reply
xcb_get_keyboard_control_unchecked
xcb_get_keyboard_mapping
xcb_get_keyboard_mapping_keysyms
xcb_get_keyboard_mapping_keysyms_end
xcb_get_keyboard_mapping_keysyms_length
xcb_get_keyboard_mapping_reply
xcb_get_keyboard_mapping_sizeof
xcb_get_keyboard_mapping_unchecked
xcb_get_maximum_request_length
xcb_get_modifier_mapping
xcb_get_modifier_mapping_keycodes
xcb_get_modifier_mapping_keycodes_end
xcb_get_modifier_mapping_keycodes_length
xcb_get_modifier_mapping_reply
xcb_get_modifier_mapping_sizeof
xcb_get_modifier_mapping_unchecked
xcb_get_motion_events
xcb_get_motion_events_events
xcb_get_motion_events_events_iterator
xcb_get_motion_events_events_length
xcb_get_motion_events_reply
xcb_get_motion_events_sizeof
xcb_get_motion_events_unchecked
xcb_get_pointer_control
xcb_get_pointer_control_reply
xcb_get_pointer_control_unchecked
xcb_get_pointer_mapping
xcb_get_pointer_mapping_map
xcb_get_pointer_mapping_map_end
xcb_get_pointer_mapping_map_length
xcb_get_pointer_mapping_reply
xcb_get_pointer_mapping_sizeof
xcb_get_pointer_mapping_unchecked
xcb_get_property
xcb_get_property_reply
xcb_get_property_sizeof
xcb_get_property_unchecked
xcb_get_property_value
xcb_get_property_value_end
xcb_get_property_value_length
xcb_get_reply_fds
xcb_get_screen_saver
xcb_get_screen_saver_reply
xcb_get_screen_saver_unchecked
xcb_get_selection_owner
xcb_get_selection_owner_reply
xcb_get_selection_owner_unchecked
xcb_get_setup
xcb_get_window_attributes
xcb_get_window_attributes_reply
xcb_get_window_attributes_unchecked
xcb_grab_button
xcb_grab_button_checked
xcb_grab_key
xcb_grab_key_checked
xcb_grab_keyboard
xcb_grab_keyboard_reply
xcb_grab_keyboard_unchecked
xcb_grab_pointer
xcb_grab_pointer_reply
xcb_grab_pointer_unchecked
xcb_grab_server
xcb_grab_server_checked
xcb_host_address
xcb_host_address_end
xcb_host_address_length
xcb_host_end
xcb_host_next
xcb_host_sizeof
xcb_image_text_16
xcb_image_text_16_checked
xcb_image_text_16_sizeof
xcb_image_text_8
xcb_image_text_8_checked
xcb_image_text_8_sizeof
xcb_install_colormap
xcb_install_colormap_checked
xcb_intern_atom
xcb_intern_atom_reply
xcb_intern_atom_sizeof
xcb_intern_atom_unchecked
xcb_keycode_end
xcb_keycode_next
xcb_keysym_end
xcb_keysym_next
xcb_kill_client
xcb_kill_client_checked
xcb_list_extensions
xcb_list_extensions_names_iterator
xcb_list_extensions_names_length
xcb_list_extensions_reply
xcb_list_extensions_sizeof
xcb_list_extensions_unchecked
xcb_list_fonts
xcb_list_fonts_names_iterator
xcb_list_fonts_names_length
xcb_list_fonts_reply
xcb_list_fonts_sizeof
xcb_list_fonts_unchecked
xcb_list_fonts_with_info
xcb_list_fonts_with_info_name
xcb_list_fonts_with_info_name_end
xcb_list_fonts_with_info_name_length
xcb_list_fonts_with_info_properties
xcb_list_fonts_with_info_properties_iterator
xcb_list_fonts_with_info_properties_length
xcb_list_fonts_with_info_reply
xcb_list_fonts_with_info_sizeof
xcb_list_fonts_with_info_unchecked
xcb_list_hosts
xcb_list_hosts_hosts_iterator
xcb_list_hosts_hosts_length
xcb_list_hosts_reply
xcb_list_hosts_sizeof
xcb_list_hosts_unchecked
xcb_list_installed_colormaps
xcb_list_installed_colormaps_cmaps
xcb_list_installed_colormaps_cmaps_end
xcb_list_installed_colormaps_cmaps_length
xcb_list_installed_colormaps_reply
xcb_list_installed_colormaps_sizeof
xcb_list_installed_colormaps_unchecked
xcb_list_properties
xcb_list_properties_atoms
xcb_list_properties_atoms_end
xcb_list_properties_atoms_length
xcb_list_properties_reply
xcb_list_properties_sizeof
xcb_list_properties_unchecked
xcb_lookup_color
xcb_lookup_color_reply
xcb_lookup_color_sizeof
xcb_lookup_color_unchecked
xcb_map_subwindows
xcb_map_subwindows_checked
xcb_map_window
xcb_map_window_checked
xcb_no_operation
xcb_no_operation_checked
xcb_open_font
xcb_open_font_checked
xcb_open_font_sizeof
xcb_parse_display
xcb_pixmap_end
xcb_pixmap_next
xcb_point_end
xcb_point_next
xcb_poll_for_event
xcb_poll_for_queued_event
xcb_poll_for_reply
xcb_poll_for_special_event
xcb_poly_arc
xcb_poly_arc_checked
xcb_poly_arc_sizeof
xcb_poly_fill_arc
xcb_poly_fill_arc_checked
xcb_poly_fill_arc_sizeof
xcb_poly_fill_rectangle
xcb_poly_fill_rectangle_checked
xcb_poly_fill_rectangle_sizeof
xcb_poly_line
xcb_poly_line_checked
xcb_poly_line_sizeof
xcb_poly_point
xcb_poly_point_checked
xcb_poly_point_sizeof
xcb_poly_rectangle
xcb_poly_rectangle_checked
xcb_poly_rectangle_sizeof
xcb_poly_segment
xcb_poly_segment_checked
xcb_poly_segment_sizeof
xcb_poly_text_16
xcb_poly_text_16_checked
xcb_poly_text_16_sizeof
xcb_poly_text_8
xcb_poly_text_8_checked
xcb_poly_text_8_sizeof
xcb_popcount
xcb_prefetch_extension_data
xcb_prefetch_maximum_request_length
xcb_put_image
xcb_put_image_checked
xcb_put_image_sizeof
xcb_query_best_size
xcb_query_best_size_reply
xcb_query_best_size_unchecked
xcb_query_colors
xcb_query_colors_colors
xcb_query_colors_colors_iterator
xcb_query_colors_colors_length
xcb_query_colors_reply
xcb_query_colors_sizeof
xcb_query_colors_unchecked
xcb_query_extension
xcb_query_extension_reply
xcb_query_extension_sizeof
xcb_query_extension_unchecked
xcb_query_font
xcb_query_font_char_infos
xcb_query_font_char_infos_iterator
xcb_query_font_char_infos_length
xcb_query_font_properties
xcb_query_font_properties_iterator
xcb_query_font_properties_length
xcb_query_font_reply
xcb_query_font_sizeof
xcb_query_font_unchecked
xcb_query_keymap
xcb_query_keymap_reply
xcb_query_keymap_unchecked
xcb_query_pointer
xcb_query_pointer_reply
xcb_query_pointer_unchecked
xcb_query_text_extents
xcb_query_text_extents_reply
xcb_query_text_extents_sizeof
xcb_query_text_extents_unchecked
xcb_query_tree
xcb_query_tree_children
xcb_query_tree_children_end
xcb_query_tree_children_length
xcb_query_tree_reply
xcb_query_tree_sizeof
xcb_query_tree_unchecked
xcb_recolor_cursor
xcb_recolor_cursor_checked
xcb_rectangle_end
xcb_rectangle_next
xcb_register_for_special_xge
xcb_reparent_window
xcb_reparent_window_checked
xcb_request_check
xcb_rgb_end
xcb_rgb_next
xcb_rotate_properties
xcb_rotate_properties_checked
xcb_rotate_properties_sizeof
xcb_screen_allowed_depths_iterator
xcb_screen_allowed_depths_length
xcb_screen_end
xcb_screen_next
xcb_screen_sizeof
xcb_segment_end
xcb_segment_next
xcb_send_event
xcb_send_event_checked
xcb_send_fd
xcb_send_request
xcb_set_access_control
xcb_set_access_control_checked
xcb_set_clip_rectangles
xcb_set_clip_rectangles_checked
xcb_set_clip_rectangles_sizeof
xcb_set_close_down_mode
xcb_set_close_down_mode_checked
xcb_set_dashes
xcb_set_dashes_checked
xcb_set_dashes_sizeof
xcb_set_font_path
xcb_set_font_path_checked
xcb_set_font_path_sizeof
xcb_set_input_focus
xcb_set_input_focus_checked
xcb_set_modifier_mapping
xcb_set_modifier_mapping_reply
xcb_set_modifier_mapping_sizeof
xcb_set_modifier_mapping_unchecked
xcb_set_pointer_mapping
xcb_set_pointer_mapping_reply
xcb_set_pointer_mapping_sizeof
xcb_set_pointer_mapping_unchecked
xcb_set_screen_saver
xcb_set_screen_saver_checked
xcb_set_selection_owner
xcb_set_selection_owner_checked
xcb_setup_authenticate_end
xcb_setup_authenticate_next
xcb_setup_authenticate_reason
xcb_setup_authenticate_reason_end
xcb_setup_authenticate_reason_length
xcb_setup_authenticate_sizeof
xcb_setup_end
xcb_setup_failed_end
xcb_setup_failed_next
xcb_setup_failed_reason
xcb_setup_failed_reason_end
xcb_setup_failed_reason_length
xcb_setup_failed_sizeof

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Set@up#!Files-P@ssw0rD__~2402~_/libxcb-image-0.dll
.dll windows:4 windows x86 arch:x86

b2181da99e5964a405c86feec4641e5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_exit
_initterm
_iob
_lock
_onexit
_snwprintf
_unlock
abort
calloc
fprintf
free
fwprintf
fwrite
malloc
memcpy
raise
strlen
strncmp
vfprintf
wcscpy

user32

MessageBoxW

libgcc_s_dw2-1

__deregister_frame_info
__register_frame_info

libxcb-shm-0

xcb_shm_get_image
xcb_shm_get_image_reply
xcb_shm_put_image

libxcb-util-1

xcb_aux_create_gc

libxcb-1

xcb_create_pixmap
xcb_free_gc
xcb_generate_id
xcb_get_image
xcb_get_image_data
xcb_get_image_data_length
xcb_get_image_reply
xcb_get_setup
xcb_put_image
xcb_setup_pixmap_formats
xcb_setup_pixmap_formats_length

Exports

Exports

xcb_create_pixmap_from_bitmap_data
xcb_image_annotate
xcb_image_convert
xcb_image_create
xcb_image_create_from_bitmap_data
xcb_image_create_native
xcb_image_destroy
xcb_image_get
xcb_image_get_pixel
xcb_image_native
xcb_image_put
xcb_image_put_pixel
xcb_image_shm_get
xcb_image_shm_put
xcb_image_subimage

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 514B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Set@up#!Files-P@ssw0rD__~2402~_/libxcb-shm-0.dll
.dll windows:4 windows x86 arch:x86

328de4287022278613400419d8ad45d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

libxcb-1

xcb_get_reply_fds
xcb_send_fd
xcb_send_request
xcb_wait_for_reply

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_initterm
_iob
_lock
_onexit
_unlock
abort
calloc
free
fwrite
malloc
memset
strlen
strncmp
vfprintf

libgcc_s_dw2-1

__deregister_frame_info
__register_frame_info

Exports

Exports

xcb_shm_attach
xcb_shm_attach_checked
xcb_shm_attach_fd
xcb_shm_attach_fd_checked
xcb_shm_create_pixmap
xcb_shm_create_pixmap_checked
xcb_shm_create_segment
xcb_shm_create_segment_reply
xcb_shm_create_segment_reply_fds
xcb_shm_create_segment_unchecked
xcb_shm_detach
xcb_shm_detach_checked
xcb_shm_get_image
xcb_shm_get_image_reply
xcb_shm_get_image_unchecked
xcb_shm_id
xcb_shm_put_image
xcb_shm_put_image_checked
xcb_shm_query_version
xcb_shm_query_version_reply
xcb_shm_query_version_unchecked
xcb_shm_seg_end
xcb_shm_seg_next

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 817B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Set@up#!Files-P@ssw0rD__~2402~_/libxcb-util-1.dll
.dll windows:4 windows x86 arch:x86

14b002f3b1e6e9fc30dd3c5bd6835d42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_initterm
_iob
_lock
_onexit
_unlock
_vsnprintf
abort
calloc
free
fwrite
malloc
strlen
strncmp
vfprintf

libgcc_s_dw2-1

__deregister_frame_info
__register_frame_info

libxcb-1

xcb_change_gc
xcb_change_gc_checked
xcb_change_keyboard_control
xcb_change_window_attributes
xcb_change_window_attributes_checked
xcb_clear_area
xcb_configure_window
xcb_create_gc
xcb_create_gc_checked
xcb_create_window
xcb_create_window_checked
xcb_depth_next
xcb_depth_visuals_iterator
xcb_get_geometry
xcb_get_geometry_reply
xcb_get_input_focus
xcb_get_input_focus_reply
xcb_get_setup
xcb_screen_allowed_depths_iterator
xcb_screen_next
xcb_setup_roots_iterator
xcb_visualtype_next

Exports

Exports

xcb_atom_name_by_resource
xcb_atom_name_by_screen
xcb_atom_name_unique
xcb_aux_change_gc
xcb_aux_change_gc_checked
xcb_aux_change_keyboard_control
xcb_aux_change_window_attributes
xcb_aux_change_window_attributes_checked
xcb_aux_clear_window
xcb_aux_configure_window
xcb_aux_create_gc
xcb_aux_create_gc_checked
xcb_aux_create_window
xcb_aux_create_window_checked
xcb_aux_find_visual_by_attrs
xcb_aux_find_visual_by_id
xcb_aux_get_depth
xcb_aux_get_depth_of_visual
xcb_aux_get_screen
xcb_aux_get_visualtype
xcb_aux_parse_color
xcb_aux_set_line_attributes_checked
xcb_aux_sync
xcb_event_get_error_label
xcb_event_get_label
xcb_event_get_request_label

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 967B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Set@up#!Files-P@ssw0rD__~2402~_/zlib1.dll
.dll windows:4 windows x86 arch:x86

b1c26dddccb8f01bb64ca87992852ed5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_close
_errno
_initterm
_iob
_lock
_lseeki64
_onexit
_open
_read
_unlock
_vsnprintf
_wopen
_write
abort
calloc
free
fwrite
malloc
memchr
memset
memcpy
strerror
strlen
strncmp
vfprintf
wcstombs

libgcc_s_dw2-1

__deregister_frame_info
__register_frame_info

Exports

Exports

_dist_code
_length_code
_tr_align
_tr_flush_bits
_tr_flush_block
_tr_init
_tr_stored_block
_tr_tally
adler32
adler32_combine
adler32_combine64
compress
compress2
compressBound
crc32
crc32_combine
crc32_combine64
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePending
deflatePrime
deflateReset
deflateResetKeep
deflateSetDictionary
deflateSetHeader
deflateTune
deflate_copyright
get_crc_table
gz_error
gzbuffer
gzclearerr
gzclose
gzclose_r
gzclose_w
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgetc_
gzgets
gzoffset
gzoffset64
gzopen
gzopen64
gzopen_w
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzseek64
gzsetparams
gztell
gztell64
gzungetc
gzvprintf
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCopy
inflateEnd
inflateGetDictionary
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateResetKeep
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
inflate_copyright
inflate_fast
inflate_table
uncompress
zError
z_errmsg
zcalloc
zcfree
zlibCompileFlags
zlibVersion

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7467baa0cdd56b718407b66a031b7f9b

Code Sign

39:a4:aa:d7:32:d6:7f:06:d4:71:8a:b7:62:65:5f:35Certificate

Extended Key Usages

Key Usages

6d:d4:72:eb:02:ae:04:06:e3:dd:84:3f:5f:e1:45:e1Certificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

c4:cb:e0:69:58:cd:c1:e6:e9:d7:23:f1:50:27:d2:20:78:2c:82:f5:15:42:89:28:f8:e8:b0:b2:6c:7f:fd:47Signer

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

msvcrt

ole32

shell32

shlwapi

user32

ws2_32

libdl

opengl32

libwinpthread-1

libx11-6

libxau-6

libxcb-image-0

libxcb-util-1

libxcb-1

libxdmcp-6

zlib1

Exports

Exports

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.data Size: 20KB - Virtual size: 20KB

.rdata Size: 240KB - Virtual size: 240KB

/4 Size: 335KB - Virtual size: 335KB

.bss Size: - Virtual size: 216KB

.edata Size: 196KB - Virtual size: 196KB

.idata Size: 15KB - Virtual size: 14KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 25KB - Virtual size: 26KB

.reloc Size: 59KB - Virtual size: 58KB

d53b321c8346bf6d245119af8aad975d

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

ws2_32

libgcc_s_dw2-1

libdl

libxcb-1

Exports

Exports

Sections

.text Size: 615KB - Virtual size: 615KB

.data Size: 10KB - Virtual size: 9KB

.rdata Size: 500KB - Virtual size: 499KB

/4 Size: 88KB - Virtual size: 88KB

.bss Size: - Virtual size: 2KB

.edata Size: 34KB - Virtual size: 33KB

.idata Size: 4KB - Virtual size: 4KB

.CRT Size: 512B - Virtual size: 44B

.tls Size: 512B - Virtual size: 32B

.reloc Size: 10KB - Virtual size: 10KB

39:a4:aa:d7:32:d6:7f:06:d4:71:8a:b7:62:65:5f:35
Certificate

6d:d4:72:eb:02:ae:04:06:e3:dd:84:3f:5f:e1:45:e1
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

c4:cb:e0:69:58:cd:c1:e6:e9:d7:23:f1:50:27:d2:20:78:2c:82:f5:15:42:89:28:f8:e8:b0:b2:6c:7f:fd:47
Signer

.text
Size: 2.4MB - Virtual size: 2.4MB

.data
Size: 20KB - Virtual size: 20KB

.rdata
Size: 240KB - Virtual size: 240KB

/4
Size: 335KB - Virtual size: 335KB

.bss
Size: - Virtual size: 216KB

.edata
Size: 196KB - Virtual size: 196KB

.idata
Size: 15KB - Virtual size: 14KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 25KB - Virtual size: 26KB

.reloc
Size: 59KB - Virtual size: 58KB

.text
Size: 615KB - Virtual size: 615KB

.data
Size: 10KB - Virtual size: 9KB

.rdata
Size: 500KB - Virtual size: 499KB

/4
Size: 88KB - Virtual size: 88KB

.bss
Size: - Virtual size: 2KB

.edata
Size: 34KB - Virtual size: 33KB

.idata
Size: 4KB - Virtual size: 4KB

.CRT
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 32B

.reloc
Size: 10KB - Virtual size: 10KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 32B

.rdata
Size: 2KB - Virtual size: 1KB

/4
Size: 3KB - Virtual size: 3KB

.bss
Size: - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 249B

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 32B

.reloc
Size: 1024B - Virtual size: 636B

.text
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 28B

.rdata
Size: 6KB - Virtual size: 5KB

/4
Size: 4KB - Virtual size: 4KB

.bss
Size: - Virtual size: 1KB

.edata
Size: 1KB - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 32B

.reloc
Size: 1024B - Virtual size: 656B

.text
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 36B

.rdata
Size: 1KB - Virtual size: 1KB

/4
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 65KB

.edata
Size: 512B - Virtual size: 119B

.idata
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 32B

.reloc
Size: 1024B - Virtual size: 664B