UCR[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

UCR.zip
Size

3.6MB
MD5

e1a95e59f61d116e9f5d1a9f47d47718
SHA1

11ef2dfcd8c9067091808b2cf9b4e2cc4b78d29c
SHA256

281079bef0f484730a9a40cb569322a71f94feb944414ee616c5ce407974b07a
SHA512

090a2946882541fc511fc8cbe76f431d3f65de391156e845962a256572a36dcd173dcfcdbcf575b4bebfb00fc1890ea66f4a52b8bce602fd8a45226ee2a786e0
SSDEEP

98304:dUb1e/GizoQO1iL54S3yXXtO/Zz5ipNcsy:dSYGizoFi5d3ynsqpc

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Resources/JoystickOEMName.dll
unpack001/Resources/ScpVBus/devcon.exe
unpack001/Resources/gcdapi.dll
unpack001/UCR.exe
unpack001/msvcr100.dll

Files

UCR.zip
.zip
CLI.ahk
Changelog.txt
Classes/BindModeHandler.ahk
Classes/GuiControls/AxisPreview.ahk
Classes/GuiControls/BannerMenu.ahk
Classes/GuiControls/ButtonPreview.ahk
Classes/GuiControls/ButtonPreviewThin.ahk
Classes/GuiControls/GuiControl.ahk
Classes/GuiControls/IOClasses/AHK.ahk
Classes/GuiControls/IOClasses/BindObject.ahk
Classes/GuiControls/IOClasses/IOClassBase.ahk
Classes/GuiControls/IOClasses/RawInput_Mouse_Delta.ahk
Classes/GuiControls/IOClasses/Titan.ahk
Classes/GuiControls/IOClasses/XInput.ahk
Classes/GuiControls/IOClasses/vGen.ahk
Classes/GuiControls/IOControl.ahk
Classes/GuiControls/InputAxis.ahk
Classes/GuiControls/InputButton.ahk
Classes/GuiControls/InputDelta.ahk
Classes/GuiControls/OutputAxis.ahk
Classes/GuiControls/OutputButton.ahk
Classes/GuiControls/ProfileSelect.ahk
Classes/InputHandler.ahk
Classes/Menu.ahk
Classes/Minimizer.ahk
Classes/Plugin.ahk
Classes/Profile.ahk
Classes/ProfilePicker.ahk
Classes/ProfileToolbox.ahk
Classes/ProfileTreeBase.ahk
Classes/UCRMain.ahk
Classes/UCRMain.ahk.bak
Functions/CreateGUID.ahk
Functions/IsEmptyAssoc.ahk
Libraries/JSON.ahk
Libraries/StickOps/StickOps.ahk
Libraries/TTS/TTS.ahk
Libraries/XInput.ahk
Plugins/Core/AxesToMouse.ahk
Plugins/Core/AxisInitializer.ahk
Plugins/Core/AxisMerger.ahk
Plugins/Core/AxisRangeToButtons.ahk
Plugins/Core/AxisSplitter.ahk
Plugins/Core/AxisSplitter.ahk.bak
Plugins/Core/AxisToAxis.ahk
Plugins/Core/AxisToButtons.ahk
Plugins/Core/ButtonInitializer.ahk
Plugins/Core/ButtonToButton.ahk
Plugins/Core/ButtonsToAxis.ahk
Plugins/Core/CodeRunner.ahk
Plugins/Core/GameBind.ahk
Plugins/Core/MouseToButtons.ahk
.js
Plugins/Core/MouseToJoy.ahk
.js
Plugins/Core/Notes.ahk
Plugins/Core/OneSwitchPulse.ahk
Plugins/Core/PauseButton.ahk
Plugins/Core/ProfileSpeaker.ahk
Plugins/Core/ProfileSwitcher.ahk
Resources/JoystickOEMName Licence.txt
Resources/JoystickOEMName.dll
.dll windows:4 windows x86 arch:x86

f9a7b25976ae60651c6a0eebf36c1918

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

AddAtomA
FindAtomA
GetAtomNameA

msvcrt

__dllonexit
_errno
_iob
abort
fflush
fprintf
free
malloc
sprintf

winmm

joyGetDevCapsA
joyGetNumDevs

Exports

Exports

joystick_OEM_name

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 432B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Resources/ScpVBus/ScpVBus.inf
Resources/ScpVBus/ScpVBus.sys
.sys windows:10 windows x64 arch:x64

57ba1b10a6493904c8bd29284f0a4b9f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

02:ce:5e:93:97:27:8f:47:e8:6d:94:31:53:63:cc:30
Certificate

Issuer

CN=DigiCert High Assurance Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09/04/2015, 00:00

Not After

13/04/2017, 12:00

Subject

CN=Shaul Eizikovich,O=Shaul Eizikovich,L=Hod HaSharon,ST=Tel Aviv,C=IL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:20:4d:b4:00:00:00:00:00:27
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:45

Not After

15/04/2021, 19:55

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:c4:d1:e5:8a:4a:68:0c:56:8d:a3:04:7e:7e:4d:5f
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert High Assurance Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

84:5c:5c:ee:7b:3f:18:02:a5:74:c7:4f:2e:57:7e:fe:8e:af:f7:ba
Signer

Actual PE Digest

84:5c:5c:ee:7b:3f:18:02:a5:74:c7:4f:2e:57:7e:fe:8e:af:f7:ba

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Shaul\Documents\GitHubVisualStudio\ScpVBus\x64\Release\ScpVBus.pdb

Imports

ntoskrnl.exe

ExAllocatePoolWithTag
ExFreePoolWithTag
ExAcquireFastMutex
ExReleaseFastMutex
ExQueryDepthSList
ExpInterlockedPopEntrySList
ExpInterlockedPushEntrySList
ExInitializeNPagedLookasideList
ExDeleteNPagedLookasideList
IofCallDriver
IofCompleteRequest
IoReleaseCancelSpinLock
IoInvalidateDeviceRelations
PsGetCurrentProcessId
KeInitializeEvent
KeWaitForSingleObject
IoBuildSynchronousFsdRequest
IoGetAttachedDeviceReference
IoRegisterDeviceInterface
IoSetDeviceInterfaceState
ObfReferenceObject
ObfDereferenceObject
IoAttachDeviceToDeviceStack
IoCreateDevice
IoDeleteDevice
IoDetachDevice
IoRequestDeviceEject
IoGetDeviceInterfaces
PoSetPowerState
PoCallDriver
KeReleaseSpinLock
MmGetSystemRoutineAddress
RtlInitUnicodeString
ObOpenObjectByPointer
IoDeviceObjectType
ZwSetSecurityObject
ZwClose
RtlGetOwnerSecurityDescriptor
RtlGetDaclSecurityDescriptor
RtlGetGroupSecurityDescriptor
RtlGetSaclSecurityDescriptor
SeCaptureSecurityDescriptor
RtlLengthSecurityDescriptor
_snwprintf
RtlCreateSecurityDescriptor
RtlLengthSid
SeExports
IoIsWdmVersionAvailable
RtlAbsoluteToSelfRelativeSD
RtlAddAccessAllowedAce
RtlSetDaclSecurityDescriptor
_wcsnicmp
wcschr
ZwOpenKey
ZwQueryValueKey
RtlFreeUnicodeString
ZwSetValueKey
ZwCreateKey
RtlAnsiCharToUnicodeChar
KeBugCheckEx
KeAcquireSpinLockRaiseToDpc
KeSetEvent
KeClearEvent
PoStartNextPowerIrp
RtlCopyUnicodeString

wdfldr.sys

WdfVersionBindClass
WdfVersionBind
WdfVersionUnbind
WdfVersionUnbindClass

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Resources/ScpVBus/WdfCoinstaller01009.dll
.dll windows:6 windows x64 arch:x64

70497fec79daa5f71de3b34faee686a5

Code Sign

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0b:99:4f:c0:00:1b:ab:11:da:3a:a1:b6:df:ec:88
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

11/10/2005, 21:55

Not After

26/04/2010, 07:00

Subject

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:02:a4:e9:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/04/2009, 05:58

Not After

26/04/2010, 07:00

Subject

CN=Microsoft Windows Component Publisher,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:63:99:fa:ac:b9:fc:49:f3:cf:78:bf:c3:d9:f2:f4:63:e5:01:2e
Signer

Actual PE Digest

05:63:99:fa:ac:b9:fc:49:f3:cf:78:bf:c3:d9:f2:f4:63:e5:01:2e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

WdfCoInstaller01009.pdb

Imports

msvcrt

memset
memcpy
__C_specific_handler
_amsg_exit
_initterm
_XcptFilter
_ultow
malloc
_wcsnicmp
free
_wtoi
_wcsicmp
_stricmp
_vsnwprintf

setupapi

SetupDiSetDeviceInstallParamsW
SetupCloseLog
SetupOpenInfFileW
SetupCloseInfFile
CM_Set_DevNode_Problem_Ex
SetupDiGetDeviceInstallParamsW
SetupLogErrorW
SetupOpenLog
SetupDiGetActualSectionToInstallW
SetupFindNextMatchLineW
SetupDiGetSelectedDriverW
SetupGetStringFieldW
SetupPromptReboot
SetupFindFirstLineW
SetupGetLineCountW
SetupDiGetDriverInfoDetailW

kernel32

GetModuleFileNameW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
Sleep
LoadLibraryExW
ExpandEnvironmentStringsW
GetFileInformationByHandle
DeleteFileW
CloseHandle
FindNextFileW
RemoveDirectoryW
LockResource
GetLocalTime
FindClose
SetLastError
CreateFileW
FileTimeToSystemTime
TerminateProcess
GetExitCodeProcess
FormatMessageW
SizeofResource
WriteFile
OutputDebugStringW
WaitForSingleObject
CreateDirectoryW
CreateProcessW
LoadResource
FindResourceW
FindFirstFileW
LoadLibraryW
WideCharToMultiByte
FreeLibrary
lstrlenA
LocalFree
GetWindowsDirectoryW
LocalAlloc
GlobalFree
GetProcAddress
GetLastError
VerifyVersionInfoW
GetModuleHandleW
VerSetConditionMask

advapi32

DeleteService
OpenSCManagerW
QueryServiceConfigW
ChangeServiceConfigW
RegFlushKey
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
CloseServiceHandle
QueryServiceStatusEx
RegQueryValueExW
OpenServiceW

crypt32

CertGetCertificateContextProperty

wintrust

WTHelperGetProvCertFromChain
WTHelperGetProvSignerFromChain
WinVerifyTrust
WTHelperProvDataFromStateData

shell32

CommandLineToArgvW

user32

LoadStringW
IsCharAlphaNumericW
IsCharAlphaW

ole32

CoTaskMemFree

Exports

Exports

WdfCoInstaller
WdfPostDeviceInstall
WdfPostDeviceRemove
WdfPreDeviceInstall
WdfPreDeviceInstallEx
WdfPreDeviceRemove

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Resources/ScpVBus/devcon.exe
.exe windows:10 windows x64 arch:x64

4e103e12a556650a62d353114d81142e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

devcon.pdb

Imports

advapi32

OpenProcessToken
RegQueryValueExW
LookupPrivilegeValueW
AdjustTokenPrivileges
InitiateSystemShutdownExW
RegCloseKey
CloseServiceHandle
OpenSCManagerW
OpenServiceW
RegDeleteValueW
RegSetValueExW

kernel32

GetCurrentProcess
FormatMessageW
lstrlenW
GetLastError
CloseHandle
LocalFree
GetDateFormatW
FreeLibrary
LoadLibraryW
FileTimeToSystemTime
GetProcAddress
GetFullPathNameW
FindFirstFileW
GetFileAttributesW
FindClose
FindNextFileW
GetWindowsDirectoryW
GetModuleHandleW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter

msvcrt

towupper
__iob_func
?terminate@@YAXXZ
_commode
_fmode
__C_specific_handler
fputws
__setusermatherr
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
_XcptFilter
_callnewh
malloc
free
iswalpha
memset
_initterm
wcsrchr
fputs
_wcsnicmp
towlower
_wcsicmp
wcschr
wprintf

ntdll

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

ole32

CLSIDFromString

setupapi

SetupDiSetClassInstallParamsW
SetupDiClassNameFromGuidExW
CM_Reenumerate_DevNode_Ex
SetupCopyOEMInfW
SetupDiSetDeviceRegistryPropertyW
SetupDiGetINFClassW
CM_Disconnect_Machine
SetupDiBuildClassInfoListExW
SetupDiCreateDeviceInfoW
SetupDiCreateDeviceInfoList
CM_Connect_MachineW
CM_Locate_DevNode_ExW
CM_Get_DevNode_Status_Ex
SetupDiBuildDriverInfoList
SetupDiGetDeviceInstallParamsW
SetupDiOpenDevRegKey
SetupDiSetSelectedDriverW
SetupGetStringFieldW
CM_Get_Res_Des_Data_Size_Ex
SetupDiEnumDriverInfoW
CM_Free_Log_Conf_Handle
SetupScanFileQueueW
CM_Get_Next_Res_Des_Ex
SetupCloseFileQueue
SetupDiGetDriverInstallParamsW
CM_Get_Res_Des_Data_Ex
CM_Get_Device_ID_ExW
SetupDiGetClassDevsExW
SetupDiGetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiCreateDeviceInfoListExW
SetupDiGetDeviceInfoListDetailW
SetupDiOpenDeviceInfoW
SetupDiClassGuidsFromNameExW
SetupDiGetClassDescriptionExW
SetupDiGetDriverInfoDetailW
SetupFindFirstLineW
SetupDiSetDeviceInstallParamsW
CM_Get_First_Log_Conf_Ex
CM_Free_Res_Des_Handle
SetupOpenInfFileW
SetupDiDestroyDriverInfoList
SetupDiCallClassInstaller
SetupOpenFileQueue
SetupCloseInfFile
SetupDiOpenClassRegKeyExW

user32

CharNextW
CharPrevW
LoadStringW

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Resources/ScpVBus/install.bat
Resources/ScpVBus/scpvbus.cat
Resources/ScpVBus/uninstall.bat
Resources/gcdapi.dll
.dll windows:5 windows x86 arch:x86

5c7ac66c9193666307f3a78669f1cb1a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
CloseHandle
CreateThread
WriteFile
ReadFile
CreateFileW
GetOverlappedResult
GetLastError
EnterCriticalSection
CreateEventW
CancelIo
LoadLibraryW
IsProcessorFeaturePresent
LeaveCriticalSection
Sleep
InitializeCriticalSection
GetTickCount
ResetEvent
WaitForSingleObject
InterlockedDecrement
InterlockedIncrement
HeapFree
HeapAlloc
GetCurrentThreadId
DecodePointer
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetProcAddress
InitializeCriticalSectionAndSpinCount
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
MultiByteToWideChar
HeapCreate
HeapDestroy
ExitProcess
GetStdHandle
GetModuleFileNameW
SetHandleCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringW
RtlUnwind
HeapReAlloc
HeapSize

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW

hid

HidD_GetHidGuid
HidD_GetAttributes
HidD_FreePreparsedData
HidP_GetCaps
HidD_GetPreparsedData

Exports

Exports

gcapi_CalcPressTime
gcapi_GetFWVer
gcapi_GetTimeVal
gcapi_IsConnected
gcapi_Read
gcapi_ReadEX
gcapi_Write
gcapi_WriteEX
gcdapi_DevicePID
gcdapi_Load
gcdapi_LoadDevice
gcdapi_Unload
gcmapi_CalcPressTime
gcmapi_Connect
gcmapi_GetFWVer
gcmapi_GetSerialNumber
gcmapi_GetTimeVal
gcmapi_IsConnected
gcmapi_Load
gcmapi_Read
gcmapi_ReadEX
gcmapi_Unload
gcmapi_Write
gcmapi_WriteEX

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Resources/icons/close.png
.png
Resources/icons/down.png
.png
Resources/icons/light-iocontrol-neutral.png
.png
Resources/icons/light-iocontrol-off.png
.png
Resources/icons/light-iocontrol-on.png
.png
Resources/icons/light-neutral.png
.png
Resources/icons/light-off.png
.png
Resources/icons/light-on.png
.png
Resources/icons/up.png
.png
Threads/BindModeThread.ahk
Threads/MessageFilterThread.ahk
Threads/ProfileInputThread.ahk
UCR.ahk
UCR.exe
.exe windows:5 windows x86 arch:x86

2bc241889b697a6d22944b79e4901cdf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

socket
getservbyname
WSASetLastError
closesocket
gethostbyaddr
gethostbyname
send
WSAAsyncSelect
recv
gethostname
inet_ntoa
connect
inet_addr
WSAStartup
ioctlsocket
htonl
WSAGetLastError
htons
ntohs
shutdown
getservbyport
WSACleanup

winmm

mixerGetLineControlsW
mixerGetLineInfoW
mixerSetControlDetails
waveOutGetVolume
mixerGetDevCapsW
mixerOpen
mixerGetControlDetailsW
mixerClose
mciSendStringW
joyGetDevCapsW
waveOutSetVolume
joyGetPosEx

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

comctl32

ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_Create
CreateStatusWindowW
InitCommonControlsEx
ImageList_AddMasked
ImageList_Destroy

shlwapi

HashData

crypt32

CryptBinaryToStringA
CryptStringToBinaryW
CryptStringToBinaryA

psapi

GetModuleFileNameExW
GetModuleBaseNameW

kernel32

SetErrorMode
GetCurrentDirectoryW
LoadLibraryW
AddVectoredExceptionHandler
GlobalLock
GlobalUnlock
GetEnvironmentVariableW
FreeLibrary
OutputDebugStringW
WideCharToMultiByte
GetSystemDirectoryA
LoadLibraryA
GetCurrentThreadId
SuspendThread
ResumeThread
EnterCriticalSection
LeaveCriticalSection
OpenThread
lstrcmpiW
GetStringTypeExW
CreateThread
SetThreadPriority
GetExitCodeThread
CloseHandle
CreateMutexW
GetLastError
GetModuleHandleW
MultiByteToWideChar
SystemTimeToFileTime
SetFilePointerEx
ReadFile
SetFilePointer
GlobalSize
lstrcpyA
lstrlenA
lstrcmpiA
lstrcmpA
LocalFileTimeToFileTime
CreateDirectoryA
CreateDirectoryW
IsBadReadPtr
CreateFileW
CreateFileA
WriteFile
InitializeCriticalSection
DuplicateHandle
LoadResource
LockResource
SizeofResource
GetCurrentDirectoryA
FileTimeToSystemTime
GetLocalTime
GetFileInformationByHandle
GetFileSize
lstrlenW
FindFirstFileW
FindNextFileW
FindClose
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
SetLastError
VirtualAlloc
VirtualFree
GetTempPathA
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
HeapFree
HeapDestroy
GetCommandLineW
WaitForSingleObject
GetThreadLocale
VirtualQuery
HeapCreate
FlushInstructionCache
GetVersionExW
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
GetFileAttributesW
OpenProcess
GetCurrentProcessId
GetFullPathNameW
LocalFree
FileTimeToLocalFileTime
SetEnvironmentVariableW
Beep
MoveFileW
CreateProcessW
GetExitCodeProcess
WriteProcessMemory
ReadProcessMemory
TerminateProcess
SetPriorityClass
GetDateFormatW
GetTimeFormatW
GetDiskFreeSpaceW
SetVolumeLabelW
DeviceIoControl
GetDriveTypeW
GetVolumeInformationW
DeleteFileW
CopyFileW
SetFileAttributesW
GetFileSizeEx
GetSystemTime
GetSystemDefaultUILanguage
GetComputerNameW
GetWindowsDirectoryW
GetTempPathW
GetShortPathNameW
TryEnterCriticalSection
QueryDosDeviceW
CompareStringW
RemoveDirectoryW
FormatMessageW
GetPrivateProfileStringW
GetPrivateProfileSectionW
GetPrivateProfileSectionNamesW
WritePrivateProfileStringW
WritePrivateProfileSectionW
SetEndOfFile
GetACP
GetFileType
GetStdHandle
VirtualAllocEx
VirtualFreeEx
EnumResourceNamesW
LoadLibraryExW
RemoveVectoredExceptionHandler
ExitProcess
ExitThread
VirtualProtect
GetSystemTimeAsFileTime
GetProcessTimes
GetCurrentProcess
CheckRemoteDebuggerPresent
GetCurrentThread
GetProcAddress
GlobalFree
_lclose
_lopen
_lread
GetModuleFileNameA
GlobalAlloc
GetModuleHandleA
FindResourceW
GetCPInfo
SetCurrentDirectoryW
Sleep
GetTickCount
MulDiv
InterlockedExchange
InterlockedCompareExchange
HeapSetInformation
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
UnhandledExceptionFilter
IsDebuggerPresent
SetFileTime
IsProcessorFeaturePresent

user32

ScrollWindow
SetScrollInfo
ExitWindowsEx
GetMenuStringW
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetLastInputInfo
GetCursor
ClientToScreen
MessageBeep
SetDlgItemTextW
GetDlgItem
SendDlgItemMessageW
DialogBoxParamW
SetForegroundWindow
DefWindowProcW
FillRect
DrawIconEx
GetSysColorBrush
GetSysColor
RegisterWindowMessageW
IsIconic
IsZoomed
EnumWindows
GetWindowTextLengthW
EnableWindow
InvalidateRect
SetLayeredWindowAttributes
SetWindowPos
SetWindowRgn
SetFocus
GetGUIThreadInfo
SetActiveWindow
EnumChildWindows
MoveWindow
GetQueueStatus
GetWindowRect
GetClientRect
SystemParametersInfoW
AdjustWindowRectEx
DrawTextW
SetRect
GetIconInfo
SetWindowTextW
IsWindowVisible
GetMenu
CheckMenuItem
CharLowerA
LoadImageW
ChangeClipboardChain
SetMenu
FlashWindow
GetPropW
SetPropW
RemovePropW
MapWindowPoints
RedrawWindow
SetParent
GetClassInfoExW
GetAncestor
UpdateWindow
GetMessagePos
GetClassLongW
DefDlgProcW
SetClipboardViewer
LoadAcceleratorsW
CreateWindowExW
RegisterClassExW
LoadCursorW
DestroyAcceleratorTable
UnregisterClassW
DestroyWindow
IsCharAlphaW
GetTopWindow
BringWindowToTop
GetWindow
EnumClipboardFormats
CreateIconFromResourceEx
CreateIconIndirect
CopyImage
GetDesktopWindow
TrackPopupMenuEx
DestroyMenu
AppendMenuW
SetMenuInfo
CreatePopupMenu
CreateMenu
GetMenuItemInfoW
IsMenu
SetMenuItemInfoW
RemoveMenu
SetMenuDefaultItem
InsertMenuItemW
CreateAcceleratorTableW
MapVirtualKeyW
MapVirtualKeyExW
GetKeyboardLayoutList
VkKeyScanExW
GetWindowTextW
mouse_event
GetSystemMetrics
keybd_event
SetKeyboardState
GetKeyboardState
GetCursorPos
GetAsyncKeyState
AttachThreadInput
SendInput
UnregisterHotKey
RegisterHotKey
PostQuitMessage
SendMessageTimeoutW
UnhookWindowsHookEx
SetWindowsHookExW
PostThreadMessageW
IsCharAlphaNumericW
IsCharUpperW
IsCharLowerW
ToUnicodeEx
GetKeyboardLayout
CallNextHookEx
CharLowerW
ReleaseDC
GetDC
MessageBoxW
OpenClipboard
GetClipboardData
GetClipboardFormatNameW
CloseClipboard
SetClipboardData
EmptyClipboard
PostMessageW
FindWindowW
EndDialog
IsWindow
DispatchMessageW
TranslateMessage
ShowWindow
CountClipboardFormats
SetWindowLongW
ScreenToClient
IsDialogMessageW
WindowFromPoint
SendMessageW
IsWindowEnabled
GetWindowLongW
GetKeyState
TranslateAcceleratorW
KillTimer
PeekMessageW
GetFocus
GetClassNameW
GetWindowThreadProcessId
GetForegroundWindow
GetMessageW
SetTimer
GetScrollInfo
GetParent
GetDlgCtrlID
CharUpperW
IsClipboardFormatAvailable
CreateDialogIndirectParamW
PtInRect
IntersectRect
CheckRadioButton
CallWindowProcW
DestroyIcon

gdi32

GetClipBox
FillRgn
GetClipRgn
GetCharABCWidthsW
SetTextColor
CreateDIBSection
GdiFlush
SetBkMode
CreatePatternBrush
ExcludeClipRect
EnumFontFamiliesExW
SetBkColor
GetPixel
BitBlt
CreateCompatibleBitmap
GetSystemPaletteEntries
GetDIBits
CreateCompatibleDC
CreatePolygonRgn
CreateRectRgn
CreateRoundRectRgn
CreateEllipticRgn
DeleteDC
GetObjectW
GetTextMetricsW
GetTextFaceW
SelectObject
GetStockObject
CreateDCW
CreateSolidBrush
CreateFontW
DeleteObject
SetBrushOrgEx
GetDeviceCaps

comdlg32

GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError

advapi32

RegDeleteKeyW
RegConnectRegistryW
RegCloseKey
RegOpenKeyExW
RegQueryInfoKeyW
CryptReleaseContext
CryptDestroyKey
CryptDestroyHash
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptAcquireContextW
RegDeleteValueW
RegEnumValueW
RegEnumKeyExW
GetUserNameW
OpenSCManagerW
LockServiceDatabase
UnlockServiceDatabase
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW

shell32

DragFinish
DragQueryPoint
ExtractIconW
Shell_NotifyIconW
SHEmptyRecycleBinW
SHFileOperationW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetDesktopFolder
SHGetMalloc
SHGetFolderPathW
ShellExecuteExW
CommandLineToArgvW
DragQueryFileW

ole32

OleInitialize
CoInitialize
CoCreateInstance
CoUninitialize
CLSIDFromString
CoGetObject
StringFromGUID2
CreateStreamOnHGlobal

oleaut32

VariantClear
GetActiveObject
SysStringLen
SysFreeString
SafeArrayCreate
OleLoadPicture
SafeArrayUnaccessData
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnlock
SafeArrayPtrOfIndex
SafeArrayLock
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
VariantCopyInd
SafeArrayCopy
SysAllocString
VariantChangeType
SafeArrayDestroy

msvcr100

strcpy_s
fread
fgets
strtol
_wfopen
atoi
strchr
strstr
calloc
_wtoi
strncmp
memmove
_atoi64
sprintf_s
_itoa
_strnicmp
sprintf
_stricmp
wcschr
_purecall
__iob_func
setvbuf
wcsrchr
??2@YAPAXI@Z
_swprintf
__wargv
__argc
_wcsnicmp
realloc
free
??3@YAXPAX@Z
malloc
_wtoi64
_wcstoi64
isxdigit
_wcsicmp
_i64tow
_scwprintf
wcstoul
_wcsdup
wcstombs
fwrite
_wsplitpath
wcstod
wcscspn
_msize
ftell
strtoul
strcat_s
fseek
atof
_isctype
fclose
strncpy_s
wcsstr
??_U@YAPAXI@Z
qsort
??_V@YAXPAX@Z
_itow
exit
wcstol
toupper
isdigit
rand
_beginthreadex
wcsncpy
_snwprintf
iswspace
_wtof
iswdigit
wcsncmp
tolower
iswxdigit
fwprintf
fputws
_vsnwprintf
_wcstoui64
_ultow
towupper
_wcsupr
_expand
_vsnprintf
_unlock
__dllonexit
_lock
_onexit
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_invoke_watson
_controlfp_s
_crt_debugger_hook
memcpy
memset
__RTDynamicCast
__CxxFrameHandler3
_except_handler3
_ultoa

Exports

Exports

ADDFILE
ADDSCRIPT
AHKASSIGN
AHKEXEC
AHKEXECUTELINE
AHKFINDFUNC
AHKFINDLABEL
AHKFUNCTION
AHKGETVAR
AHKISUNICODE
AHKLABEL
AHKPAUSE
AHKPOSTFUNCTION
AddFile
AddScript
Addfile
Addscript
AhkAssign
AhkExec
AhkExecuteLine
AhkExecuteline
AhkFindFunc
AhkFindLabel
AhkFindfunc
AhkFindlabel
AhkFunction
AhkGetVar
AhkGetvar
AhkIsUnicode
AhkIsunicode
AhkLabel
AhkPause
AhkPostFunction
AhkPostfunction
Ahkassign
Ahkexec
AhkexecuteLine
Ahkexecuteline
AhkfindFunc
AhkfindLabel
Ahkfindfunc
Ahkfindlabel
Ahkfunction
AhkgetVar
Ahkgetvar
AhkisUnicode
Ahkisunicode
Ahklabel
Ahkpause
AhkpostFunction
Ahkpostfunction
addFile
addScript
addfile
addscript
ahkAssign
ahkExec
ahkExecuteLine
ahkExecuteline
ahkFindFunc
ahkFindLabel
ahkFindfunc
ahkFindlabel
ahkFunction
ahkGetVar
ahkGetvar
ahkIsUnicode
ahkIsunicode
ahkLabel
ahkPause
ahkPostFunction
ahkPostfunction
ahkassign
ahkexec
ahkexecuteLine
ahkexecuteline
ahkfindFunc
ahkfindLabel
ahkfindfunc
ahkfindlabel
ahkfunction
ahkgetVar
ahkgetvar
ahkisUnicode
ahkisunicode
ahklabel
ahkpause
ahkpostFunction
ahkpostfunction

Sections

.text
Size: 738KB - Virtual size: 737KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
UCRDebug.ahk
msvcr100.dll
.dll windows:5 windows x86 arch:x86

5271d5ce8b44dd47bc92563e27585466

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr100.i386.pdb

Imports

kernel32

EncodePointer
DecodePointer
RaiseException
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetCurrentThreadId
TlsGetValue
GetCommandLineW
GetCommandLineA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileExA
FindClose
FindNextFileW
FindFirstFileExW
GetLogicalDrives
GetDiskFreeSpaceA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
Sleep
Beep
GetFileAttributesA
SetFileAttributesA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameA
GetDriveTypeW
GetCurrentProcessId
CreateDirectoryA
MoveFileA
RemoveDirectoryA
GetDriveTypeA
DeleteFileA
GetFileAttributesW
SetEnvironmentVariableW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
FreeLibrary
CreateProcessW
ReadFile
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
WideCharToMultiByte
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
InterlockedPopEntrySList
InterlockedFlushSList
QueryDepthSList
InterlockedPushEntrySList
CreateTimerQueue
CreateTimerQueueTimer
DeleteTimerQueueTimer
SetEvent
CreateEventW
SwitchToThread
SignalObjectAndWait
TryEnterCriticalSection
GetTickCount
VirtualFree
GetVersionExW
SetThreadPriority
VirtualAlloc
GetSystemInfo
GetProcessAffinityMask
VirtualProtect
SetThreadAffinityMask
InitializeSListHead
ReleaseSemaphore
CreateSemaphoreW
WaitForMultipleObjects
GetThreadPriority
LoadLibraryW
SleepEx
OutputDebugStringW
FreeLibraryAndExitThread
GetModuleHandleA
GetThreadTimes
DebugBreak
MultiByteToWideChar
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
GetTimeFormatW
GetDateFormatW
RtlUnwind
HeapAlloc
HeapFree
HeapCreate
HeapDestroy
HeapQueryInformation
HeapReAlloc
HeapSize
HeapValidate
HeapCompact
HeapWalk
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoW
GetFileInformationByHandle
PeekNamedPipe
CreateFileA
CreateFileW
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CreatePipe
SetStdHandle
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
WriteConsoleW
ReadConsoleW
SetEndOfFile
GetProcessHeap
InterlockedExchange
LockFile
UnlockFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
SetConsoleCtrlHandler
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
LCMapStringW
CompareStringW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsProcessorFeaturePresent

Exports

Exports

$I10_OUTPUT
??0?$_SpinWait@$00@details@Concurrency@@QAE@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QAE@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QAA@IZZ
??0SchedulerPolicy@Concurrency@@QAE@ABV01@@Z
??0SchedulerPolicy@Concurrency@@QAE@XZ
??0_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_ReaderWriterLock@details@Concurrency@@QAE@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_ReentrantLock@details@Concurrency@@QAE@XZ
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
??0_TaskCollection@details@Concurrency@@QAE@XZ
??0_Timer@details@Concurrency@@IAE@I_N@Z
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0__non_rtti_object@std@@QAE@PBD@Z
??0bad_cast@std@@AAE@PBQBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@XZ
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@XZ
??0context_unblock_unbalanced@Concurrency@@QAE@PBD@Z
??0context_unblock_unbalanced@Concurrency@@QAE@XZ
??0critical_section@Concurrency@@QAE@XZ
??0default_scheduler_exists@Concurrency@@QAE@PBD@Z
??0default_scheduler_exists@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??0improper_lock@Concurrency@@QAE@PBD@Z
??0improper_lock@Concurrency@@QAE@XZ
??0improper_scheduler_attach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_attach@Concurrency@@QAE@XZ
??0improper_scheduler_detach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_detach@Concurrency@@QAE@XZ
??0improper_scheduler_reference@Concurrency@@QAE@PBD@Z
??0improper_scheduler_reference@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0invalid_link_target@Concurrency@@QAE@XZ
??0invalid_multiple_scheduling@Concurrency@@QAE@PBD@Z
??0invalid_multiple_scheduling@Concurrency@@QAE@XZ
??0invalid_operation@Concurrency@@QAE@PBD@Z
??0invalid_operation@Concurrency@@QAE@XZ
??0invalid_oversubscribe_operation@Concurrency@@QAE@PBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_key@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_value@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QAE@XZ
??0message_not_found@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0missing_wait@Concurrency@@QAE@PBD@Z
??0missing_wait@Concurrency@@QAE@XZ
??0nested_scheduler_missing_detach@Concurrency@@QAE@PBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QAE@XZ
??0operation_timed_out@Concurrency@@QAE@PBD@Z
??0operation_timed_out@Concurrency@@QAE@XZ
??0reader_writer_lock@Concurrency@@QAE@XZ
??0scheduler_not_attached@Concurrency@@QAE@PBD@Z
??0scheduler_not_attached@Concurrency@@QAE@XZ
??0scheduler_resource_allocation_error@Concurrency@@QAE@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QAE@PBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0task_canceled@details@Concurrency@@QAE@PBD@Z
??0task_canceled@details@Concurrency@@QAE@XZ
??0unsupported_os@Concurrency@@QAE@PBD@Z
??0unsupported_os@Concurrency@@QAE@XZ
??1SchedulerPolicy@Concurrency@@QAE@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??1_TaskCollection@details@Concurrency@@QAE@XZ
??1_Timer@details@Concurrency@@IAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
??1exception@std@@UAE@XZ
??1reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock@critical_section@Concurrency@@QAE@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@ABV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@ABV012@@Z
??4SchedulerPolicy@Concurrency@@QAEAAV01@ABV01@@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_F?$_SpinWait@$00@details@Concurrency@@QAEXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QAEXXZ
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?Alloc@Concurrency@@YAPAXI@Z
?Block@Context@Concurrency@@SAXXZ
?Create@CurrentScheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPAV12@ABVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPAX@Z
?Get@CurrentScheduler@Concurrency@@SAPAVScheduler@2@XZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QBEIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?Log2@details@Concurrency@@YAKI@Z
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QAEXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QAEIW4PolicyElementKey@2@I@Z
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QAEXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
?_ConcRT_Assert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_CoreAssert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_DumpMessage@details@Concurrency@@YAXPB_WZZ
?_ConcRT_Trace@details@Concurrency@@YAXHPB_WZZ
?_Copy_str@exception@std@@AAEXPBD@Z
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QAE_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QAE_NXZ
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IAEKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IAEKXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QAEXXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QAEXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QAEXI@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IAE_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IAE_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QAE_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IAEXXZ
?_Stop@_Timer@details@Concurrency@@IAEXXZ
?_Tidy@exception@std@@AAEXXZ
?_Trace_ppl_function@Concurrency@@YAXABU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QAE_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QAE_NXZ
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCompare@@YA_NPBX0@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QBEJXZ
?lock@critical_section@Concurrency@@QAEXXZ
?lock@reader_writer_lock@Concurrency@@QAEXXZ
?lock_read@reader_writer_lock@Concurrency@@QAEXXZ
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?native_handle@critical_section@Concurrency@@QAEAAV12@XZ
?raw_name@type_info@@QBEPBDXZ
?reset@event@Concurrency@@QAEXXZ
?set@event@Concurrency@@QAEXXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock@reader_writer_lock@Concurrency@@QAE_NXZ
?try_lock_read@reader_writer_lock@Concurrency@@QAE_NXZ
?unexpected@@YAXXZ
?unlock@critical_section@Concurrency@@QAEXXZ
?unlock@reader_writer_lock@Concurrency@@QAEXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?wait@Concurrency@@YAXI@Z
?wait@event@Concurrency@@QAEII@Z
?wait_for_multiple@event@Concurrency@@SAIPAPAV12@I_NI@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p

Sections

.text
Size: 705KB - Virtual size: 705KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9a7b25976ae60651c6a0eebf36c1918

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

winmm

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 32B

.rdata Size: 512B - Virtual size: 432B

.bss Size: - Virtual size: 432B

.edata Size: 512B - Virtual size: 176B

.idata Size: 1024B - Virtual size: 652B

.rsrc Size: 1024B - Virtual size: 856B

.reloc Size: 512B - Virtual size: 448B

57ba1b10a6493904c8bd29284f0a4b9f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

02:ce:5e:93:97:27:8f:47:e8:6d:94:31:53:63:cc:30Certificate

Extended Key Usages

Key Usages

61:20:4d:b4:00:00:00:00:00:27Certificate

Key Usages

02:c4:d1:e5:8a:4a:68:0c:56:8d:a3:04:7e:7e:4d:5fCertificate

Extended Key Usages

Key Usages

84:5c:5c:ee:7b:3f:18:02:a5:74:c7:4f:2e:57:7e:fe:8e:af:f7:baSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ntoskrnl.exe

wdfldr.sys

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 4KB

.pdata Size: 1KB - Virtual size: 1KB

.gfids Size: 512B - Virtual size: 4B

PAGE Size: 13KB - Virtual size: 12KB

INIT Size: 3KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 512B - Virtual size: 52B

70497fec79daa5f71de3b34faee686a5

Code Sign

61:47:52:ba:00:00:00:00:00:04Certificate

Extended Key Usages

Key Usages

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2Certificate

Extended Key Usages

Key Usages

6a:0b:99:4f:c0:00:1b:ab:11:da:3a:a1:b6:df:ec:88Certificate

Extended Key Usages

Key Usages

61:02:a4:e9:00:00:00:00:00:09Certificate

Extended Key Usages

Key Usages

05:63:99:fa:ac:b9:fc:49:f3:cf:78:bf:c3:d9:f2:f4:63:e5:01:2eSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

setupapi

.text
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 32B

.rdata
Size: 512B - Virtual size: 432B

.bss
Size: - Virtual size: 432B

.edata
Size: 512B - Virtual size: 176B

.idata
Size: 1024B - Virtual size: 652B

.rsrc
Size: 1024B - Virtual size: 856B

.reloc
Size: 512B - Virtual size: 448B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

02:ce:5e:93:97:27:8f:47:e8:6d:94:31:53:63:cc:30
Certificate

61:20:4d:b4:00:00:00:00:00:27
Certificate

02:c4:d1:e5:8a:4a:68:0c:56:8d:a3:04:7e:7e:4d:5f
Certificate

84:5c:5c:ee:7b:3f:18:02:a5:74:c7:4f:2e:57:7e:fe:8e:af:f7:ba
Signer

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 4KB

.pdata
Size: 1KB - Virtual size: 1KB

.gfids
Size: 512B - Virtual size: 4B

PAGE
Size: 13KB - Virtual size: 12KB

INIT
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 512B - Virtual size: 52B

61:47:52:ba:00:00:00:00:00:04
Certificate

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

6a:0b:99:4f:c0:00:1b:ab:11:da:3a:a1:b6:df:ec:88
Certificate

61:02:a4:e9:00:00:00:00:00:09
Certificate

05:63:99:fa:ac:b9:fc:49:f3:cf:78:bf:c3:d9:f2:f4:63:e5:01:2e
Signer

.text
Size: 62KB - Virtual size: 61KB

.data
Size: 1KB - Virtual size: 18KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.reloc
Size: 512B - Virtual size: 280B

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 1024B - Virtual size: 924B

.rsrc
Size: 44KB - Virtual size: 43KB

.reloc
Size: 512B - Virtual size: 144B

.text
Size: 41KB - Virtual size: 41KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 3KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB