a9b0705c9d6225824885f52135a29292

Sharing

Copy URL

Twitter E-mail

General

Target

a9b0705c9d6225824885f52135a29292
Size

8.7MB
MD5

a9b0705c9d6225824885f52135a29292
SHA1

0f382e7fcbd165fe35af0ccc0b73c77e2809b38f
SHA256

33a1c7f4799b940d2a1e9766e4b37cb298f40377982ac4773443dd500aaf085e
SHA512

202f3cf6d970a90400f4ac8d137b74d0aedeaae7b25a484ad9e04b65dbf73207dc94e8ab48341bd31c6640ba6671c7f0ff93a25d46a48b8a4d5596a284d950cf
SSDEEP

196608:QU6Us7O75l+vPordTWS+N0Uk8e0t1eiblUeCgSsAnu7:A7O7f+vPolBDUdxtsLeCc2u7

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack002/f0000030	aspack_v212_v242

Unsigned PE 29 IoCs

Checks for missing Authenticode signature.

resource
unpack002/ACMSETUP.EXE
unpack002/MSSETUP.DLL
unpack002/MSVCRT.DLL
unpack002/MSVCRT40.DLL
unpack002/WIZSET32.DLL
unpack002/f0000007
unpack002/f0000009
unpack002/f0000011
unpack002/f0000021
unpack002/f0000029
unpack002/f0000030
unpack002/f0000031
unpack002/f0000033
unpack002/f0000034
unpack002/f0000072
unpack002/f0000074
unpack002/f0000075
unpack002/f0000076
unpack002/f0000077
unpack002/f0000079
unpack002/f0000080
unpack002/f0000086
unpack002/f0000087
unpack002/f0000088
unpack002/f0000089
unpack002/f0000091
unpack002/f0000093
unpack002/f0000095
unpack001/数据王538/odbcstf.dll

Files

a9b0705c9d6225824885f52135a29292
.rar
下载说明.htm
.html .js polyglot
数据王538/SETUP1.CAB
.cab
ACMSETUP.EXE
.exe windows:1 windows x86 arch:x86

d057661fa0c57da4e10eca58cdf1dc72

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
lstrcpynA
SetFileTime
GetFileTime
GetCurrentDirectoryA
FindFirstFileA
GetDiskFreeSpaceA
GetShortPathNameA
SetCurrentDirectoryA
HeapDestroy
HeapAlloc
GetSystemDirectoryA
GetVersionExA
GlobalUnlock
HeapCreate
GlobalLock
GetComputerNameA
GetLocalTime
LoadLibraryA
lstrcmpA
GetTickCount
GetProcAddress
FreeLibrary
SetErrorMode
GetDriveTypeA
GetLocaleInfoA
GlobalHandle
GetVolumeInformationA
lstrcatA
IsDBCSLeadByte
LoadResource
FindResourceA
CompareStringA
VirtualAlloc
RtlUnwind
VirtualFree
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapFree
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
WideCharToMultiByte
GetCommandLineA
GetStartupInfoA
SetEnvironmentVariableA
GetFullPathNameA
FindNextFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetSystemTime
GetTimeZoneInformation
GetCurrentProcess
TerminateProcess
ExitProcess
lstrcpyA
LockResource
FreeResource
GetLogicalDrives
GetLogicalDriveStringsA
SetFileAttributesA
DeleteFileA
GlobalMemoryStatus
CreateFileA
ReadFile
SetFilePointer
OpenFile
WriteFile
CloseHandle
MultiByteToWideChar
GetModuleFileNameA
GlobalAlloc
GlobalFree
GetPrivateProfileStringA
lstrcmpiA
GetLastError
GetWindowsDirectoryA
GetTempPathA
GetModuleHandleA
LoadLibraryExA
GetVersion
GetSystemDefaultLCID
CompareStringW
MulDiv
lstrlenA
HeapReAlloc

advapi32

RegCreateKeyExA
RegEnumKeyExA
RegSetValueExA
GetUserNameA
RegEnumValueA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegCloseKey

user32

GetWindowLongA
GetWindowTextA
BeginPaint
SetWindowLongA
FillRect
DrawFocusRect
SetRect
GetActiveWindow
EndDialog
RegisterClassA
LoadCursorA
LoadStringA
LoadBitmapA
CharUpperBuffA
SetFocus
GetDlgItemInt
GetSystemMetrics
GetFocus
CallWindowProcA
GetClassLongA
CopyRect
CharLowerA
SetCursor
ShowCursor
InvalidateRect
ScreenToClient
BroadcastSystemMessage
SendNotifyMessageA
GetDlgCtrlID
MessageBeep
InvertRect
CharUpperA
InflateRect
CheckRadioButton
CharNextA
SendDlgItemMessageA
GetSysColor
DestroyWindow
GetParent
MessageBoxA
GetKeyState
EnableWindow
LoadIconA
DrawIcon
EndPaint
DefWindowProcA
ReleaseDC
SetWindowTextA
CharPrevA
GetDlgItemTextA
wsprintfA
GetDialogBaseUnits
GetClientRect
ClientToScreen
ShowWindow
IsWindowEnabled
GetDlgItem
PostMessageA
GetWindow
SendMessageA
GetDC
DrawTextA
GetWindowRect
SetWindowPos
SetDlgItemTextA
GetSystemMenu
RemoveMenu
FindWindowA
SetForegroundWindow

gdi32

SetTextColor
GetObjectA
CreateCompatibleDC
BitBlt
CreateDiscardableBitmap
CreateDIBitmap
GetTextMetricsA
GetStockObject
AddFontResourceA
RemoveFontResourceA
CreateScalableFontResourceA
PatBlt
StretchBlt
CreateSolidBrush
CreatePatternBrush
CreateBitmap
RestoreDC
IntersectClipRect
SaveDC
GetPixel
GetNearestColor
SetBkColor
SelectObject
GetTextExtentPointA
DeleteObject
ExtTextOutA
CreateFontIndirectA
DeleteDC
CreateCompatibleBitmap
GetDeviceCaps

ole32

OleInitialize
OleUninitialize
CoCreateInstance

mpr

WNetAddConnection2A
WNetCancelConnection2A
WNetGetLastErrorA
WNetConnectionDialog
WNetCancelConnectionA
WNetAddConnectionA
WNetGetConnectionA

mssetup

FLongFileNamesSuppressed
CreateIniKeyValue
InitLongFileNames
SetAcmeInst
WriteLogDivider
FWriteToLogFile
SetErrorParamConst
PrependToPath
AddShareToAutoexec
RenameFile
GetEnvVariableValue
StampResource
FReadResource
CompareFileVersions
SetErrorParamInt
EercOpenFile
LfaSeekFile
CbReadFile
FCloseFile
CbStrCopyToBuffer
FLanguageMismatchInf
FChmodFile
AddLineToRestartFile
GetSectionKeyFilename
FGetKeyInfo
GetVersionNthField
TermIME
FRemoveOurDir
HmodUIHookDll
DoesInfSectionKeyExist
EnsurePathExists
SetErrorParamCopy
CreateProgmanItem
ShowProgmanGroup
DeleteProgmanItem
MakeListFromProgmanGroups
IsFileInUseBySystem
ReactivateSetupScript
FSetSymbolValue
HdlgShowHelp
ProcessMessageId
DoesIniKeyExist
UIPop
ForceNewDialog
GetScreenHeight
UIStartExeDlg
GetWindowsMode
SzLastChar
IsCtl3dEnabled
RemoveSymbol
GetListItem
GetListLength
UIStartExeDlgWinHelp
GetSymbolValue
SetPassInfo
HwndFrame
CopyFilesInCopyList
LogMessageId
Validate
GetCopyListCost
ClearCopyList
SetRestartDir
HandleOOM
PbAlloc
DoesFileExist
ReadInfFile
AddListItem
ClearBillboardList
SetCopyGaugePosition
ReplaceListItem
GetFreeSpaceForDrive
DriveNumToRootPath
SetErrorParam
FValidFilePath
IsDriveNetwork
CrcStringCompareI
CbGetListItem
GetNetworkDrivesList
SetSymbolValue
DoesDirExist
GetWindowsSysDir
IsWindowsShared
ShowWaitCursor
RestoreCursor
FRegCloseKey
SetRegKeyValue32Ex
GetRegKeyValue32Ex
FRegCreateKey32
DeleteRegKeyValue32
ForceRestartOn
EnableIME
InitIME
InitSetupToolkit
SetFEFontProc
GetSectionKeyVersion
DoesInfSectionExist
GetRegKeyValue32
GetScreenWidth
DoMsgBox
SuppressLongFileNames
SetAdminMode
SetSilentMode
SetTitle
SetBitmap
SetSizeCheckMode
SetAbout
EndSetupToolkit
FCloseLogFile
FFree
ExitExecRestart
RestartListEmpty
GetDOSMajorVersion
IsDirWritable
GetWindowsDirPath
SetRegKeyValue32
RemoveIniKey
RemoveDir
CrcStringCompare
GetIniKeyString
FOpenLogFile
SzGetLastSetupErrMsg
FindFileInTree
CbGetSymbolValue
IsWindows
OpenIME
RemoveFile
FCloseSrcFile
EercReadSrcFile
EercOpenSrcFileEx
EercWriteSrcFile
EercOpenSrcFile
IsDriveRemovable
EercFindHddiFloppy
SetErrorParamChar
GetVersionOfFile
IsDriveLocalHard
IsFileWritable
AddSectionKeyFileToCopyList
FindTargetOnEnvVar
GetNthFieldFromIniString
FindFileUsingFileOpen
AddToBillboardList
GetSectionKeySize
RemoveSectionKeyFileToCopyList
RemoveSpecialFileToCopyList
AddSpecialFileToCopyList
LogValidate
BindImage
MakeListFromSectionSize
RemoveSectionFilesToCopyList
AddSectionFilesToCopyList
CreateDir

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

shell32

ShellExecuteA

Sections

.text
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 87KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ACMSETUP.HLP
MSSETUP.DLL
.dll windows:1 windows x86 arch:x86

9f91a6d65da7fff6bdb420d66d40fac0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RemoveDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetFileAttributesA
GetFileAttributesA
FindClose
FindNextFileA
FindFirstFileA
CreateDirectoryA
GetCurrentThreadId
lstrcmpiA
GetProfileStringA
GlobalAddAtomA
GlobalDeleteAtom
IsBadReadPtr
GetVersion
GlobalFree
GlobalAlloc
LoadResource
SizeofResource
FindResourceA
DeviceIoControl
GetDriveTypeA
GetFileTime
FreeLibrary
GetProcAddress
LoadLibraryA
GetVolumeInformationA
ReadFile
FileTimeToLocalFileTime
GetLocaleInfoA
WritePrivateProfileStringA
WriteProfileStringA
GetPrivateProfileStringA
GetModuleFileNameA
GlobalLock
GlobalHandle
GlobalReAlloc
GetCurrentProcess
ReleaseMutex
CreateMutexA
GetShortPathNameA
OpenMutexA
GetSystemInfo
GetWindowsDirectoryA
GetSystemDirectoryA
GetEnvironmentVariableA
CreateFileA
SearchPathA
CreateFileMappingA
MapViewOfFile
RtlMoveMemory
FlushViewOfFile
GetSystemTime
SystemTimeToFileTime
SetFileTime
LocalAlloc
GetFileSize
UnmapViewOfFile
CloseHandle
LocalFree
GetTempPathA
FileTimeToDosDateTime
DeleteFileA
MoveFileExA
GetTempFileNameA
MoveFileA
LocalFileTimeToFileTime
GetLastError
DosDateTimeToFileTime
IsDBCSLeadByte
lstrcatA
SetErrorMode
lstrcpyA
GetTickCount
lstrcmpA
WriteFile
lstrlenA
SetFilePointer
GetDiskFreeSpaceA
CompareStringW
GetTimeZoneInformation
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcessId
VirtualAlloc
VirtualFree
HeapCreate
CompareStringA
HeapReAlloc
HeapDestroy
LCMapStringW
LCMapStringA
TerminateProcess
RtlZeroMemory
MultiByteToWideChar
GetStringTypeW
ExitProcess
WideCharToMultiByte
GetModuleHandleA
GetStringTypeA
HeapFree
HeapAlloc
GetCommandLineA
SetEnvironmentVariableA
FileTimeToSystemTime
GetFullPathNameA
RtlUnwind
OpenFile
GetLocalTime
SetUnhandledExceptionFilter
IsBadWritePtr
IsBadCodePtr
lstrcpynA

advapi32

RegQueryInfoKeyA
RegQueryValueA
RegFlushKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA

user32

SetWindowWord
GetWindowWord
EnableWindow
SetWindowTextA
MapDialogRect
SetWindowPos
SendDlgItemMessageA
ShowWindow
AppendMenuA
DeleteMenu
GetSystemMenu
LoadIconA
CreateWindowExA
SendNotifyMessageA
GetDialogBaseUnits
MessageBoxA
DialogBoxParamA
CopyRect
EndDialog
RemoveMenu
DrawIcon
SetRect
DdeUninitialize
DdeDisconnect
DdeInitializeA
DdeFreeStringHandle
DdeConnect
DdeCreateStringHandleA
DdeFreeDataHandle
SetFocus
GetDlgItem
PostMessageA
DdeGetLastError
ExitWindowsEx
IsWindow
LoadBitmapA
GetLastActivePopup
UnregisterClassA
CreateDialogParamA
GetMessageA
GetKeyState
SendMessageA
SetWindowLongA
SetPropA
GetPropA
PeekMessageA
TranslateMessage
DispatchMessageA
IsDialogMessageA
CharUpperBuffA
CharUpperA
MessageBeep
UpdateWindow
WinHelpA
CharPrevA
GetActiveWindow
SetActiveWindow
LoadCursorA
SetCursor
LoadStringA
DestroyWindow
SetDlgItemTextA
ShowCursor
GetSystemMetrics
RegisterClassA
CharNextA
wsprintfA
GetCursor
ShowCaret
HideCaret
MapWindowPoints
ExcludeUpdateRgn
BeginPaint
EndPaint
IsWindowEnabled
GetWindowTextA
ClientToScreen
IntersectRect
DrawTextA
GetFocus
ScreenToClient
DrawFocusRect
GetClassNameA
CallNextHookEx
InvalidateRect
GetClassInfoA
DdeAccessData
DefWindowProcA
GetWindowDC
GetWindowRect
InflateRect
OffsetRect
ReleaseDC
GetWindowLongA
GetWindow
IsChild
SetWindowsHookExA
UnhookWindowsHookEx
GetClientRect
RemovePropA
CallWindowProcA
DdeClientTransaction
DdeUnaccessData
GetDC
GetSysColor
GetParent
OemToCharA

gdi32

DeleteObject
ExtTextOutA
IntersectClipRect
SetBkColor
GetTextMetricsA
SetTextColor
GetTextExtentPointA
GetDeviceCaps
CreateSolidBrush
SelectObject
BitBlt
CreateCompatibleDC
DeleteDC
CreateDIBitmap
GetNearestColor
SetBkMode
GetStockObject
GetObjectA
PatBlt

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerFindFileA

lz32

LZOpenFileA
LZCopy
LZClose

Exports

Exports

AddLineToRestartFile
AddListItem
AddSectionFilesToCopyList
AddSectionKeyFileToCopyList
AddShareToAutoexec
AddSpecialFileToCopyList
AddToBillboardList
BindImage
BtnWndProc3d
CbGetListItem
CbGetSymbolValue
CbReadFile
CbStrCopyToBuffer
CbWriteFile
CleanupTrap
ClearBillboardList
ClearCopyList
ComboWndProc3d
CompareFileVersions
CopyFile
CopyFilesInCopyList
CrcStringCompare
CrcStringCompareI
CreateDir
CreateIniKeyValue
CreateProgmanGroup
CreateProgmanItem
CreateSysIniKeyValue
Ctl3dAutoSubclass
Ctl3dColorChange
Ctl3dCtlColor
Ctl3dCtlColorEx
Ctl3dDlgFramePaint
Ctl3dDlgProc
Ctl3dEnabled
Ctl3dGetVer
Ctl3dRegister
Ctl3dSetStyle
Ctl3dSubclassCtl
Ctl3dSubclassDlg
Ctl3dSubclassDlgEx
Ctl3dUnregister
Ctl3dWinIniChange
DBCS_fullpath
DBCS_splitpath
DebugMessagesOn
DeleteProgmanGroup
DeleteProgmanItem
DeleteRegKeyValue32
DoMsgBox
DoesDirExist
DoesFileExist
DoesInfSectionExist
DoesInfSectionKeyExist
DoesIniKeyExist
DoesIniSectionExist
DoesSysIniKeyValueExist
DriveNumToRootPath
EditWndProc3d
EercErrorHandler
EercFindHddiFloppy
EercOpenFile
EercOpenSrcFile
EercOpenSrcFileEx
EercReadSrcFile
EercWriteSrcFile
EnableIME
EndSetupToolkit
EnsurePathExists
ExitExecRestart
FAddLineToRestartFile
FAddListItem
FAddSymbolValueToSymTab
FChmodFile
FCloseFile
FCloseHelp
FCloseLogFile
FCloseSrcFile
FDisplaySystemMsg
FFileExist
FFree
FGetKeyInfo
FGstGenericDlgProc
FGstGenericHelpDlgProc
FHasInfBeenOpened
FInstRemoveableDrive
FLanguageMismatchInf
FLogOpen
FLongFileNamesSuppressed
FMakeFATPathFromDirAndSubPath
FMsgBoxDlgProc
FOpenLogFile
FReadResource
FRegCloseKey
FRegCreateKey32
FRemoveOurDir
FRemoveSymbol
FSetSymbolValue
FStampResource
FValidFilePath
FWriteToLogFile
FailAssert
FailRTChkArg
FindFileInTree
FindFileUsingFileOpen
FindTargetOnEnvVar
ForceNewDialog
ForceRestartOff
ForceRestartOn
FrameWndProc
GetCopyListCost
GetDOSMajorVersion
GetDOSMinorVersion
GetEnvVariableValue
GetExistingFOTFileForTTF
GetFreeSpaceForDrive
GetIniKeyString
GetListItem
GetListLength
GetNetworkDrivesList
GetNthFieldFromIniString
GetProcessorType
GetRegKeyValue32
GetRegKeyValue32Ex
GetScreenHeight
GetScreenWidth
GetSectionKeyDate
GetSectionKeyFilename
GetSectionKeySize
GetSectionKeyVersion
GetSilentMode
GetSizeOfFile
GetSymbolValue
GetTotalSpaceForDrive
GetTypeFaceNameFromTTF
GetVersionNthField
GetVersionOfFile
GetWindowsDirPath
GetWindowsMajorVersion
GetWindowsMinorVersion
GetWindowsMode
GetWindowsSysDir
HandleOOM
HdlgShowHelp
HinstFrame
HmodUIHookDll
HwndFrame
InitIME
InitLongFileNames
InitSetupToolkit
IsAdminMode
IsCtl3dEnabled
IsDirWritable
IsDriveLocalHard
IsDriveNetwork
IsDriveRemovable
IsDriverInConfig
IsFileInUseBySystem
IsFileWritable
IsWindows
IsWindowsDBCS
IsWindowsJapanese
IsWindowsShared
LfaSeekFile
ListWndProc3d
LogMessageId
LogValidate
MBIconProc
MakeListFromProgmanGroups
MakeListFromSectionDate
MakeListFromSectionFilename
MakeListFromSectionKeys
MakeListFromSectionSize
MakeListFromSectionVersion
OpenIME
PbAlloc
PbRealloc
PrependToPath
ProBarProc
ProDlgProc
ProcessDebugMessage
ProcessMessage
ProcessMessageId
PsdleFromDid
ReactivateSetupScript
ReadInfFile
RemoveDir
RemoveFile
RemoveIniKey
RemoveIniSection
RemoveSectionFilesToCopyList
RemoveSectionKeyFileToCopyList
RemoveSpecialFileToCopyList
RemoveSymbol
RenameFile
ReplaceListItem
ResponseFile
RestartListEmpty
RestoreCursor
STF_AddLineToRestartFile
STF_AddListItem
STF_AddSectionFilesToCopyList
STF_AddSectionKeyFileToCopyList
STF_AddShareToAutoexec
STF_AddSpecialFileToCopyList
STF_AddToBillboardList
STF_ClearBillboardList
STF_CopyFile
STF_CopyFilesInCopyList
STF_CreateDir
STF_CreateIniKeyValue
STF_CreateProgmanGroup
STF_CreateProgmanItem
STF_DoesDirExist
STF_DoesInfSectionExist
STF_DoesInfSectionKeyExist
STF_DoesIniKeyExist
STF_DoesIniSectionExist
STF_FindFileInTree
STF_FindFileUsingFileOpen
STF_FindTargetOnEnvVar
STF_ForceNewDialog
STF_GetCopyListCost
STF_GetExistingFOTFileForTTF
STF_GetFreeSpaceForDrive
STF_GetIniKeyString
STF_GetListItem
STF_GetListLength
STF_GetNetworkDrivesList
STF_GetNthFieldFromIniString
STF_GetSectionKeyDate
STF_GetSectionKeyFilename
STF_GetSectionKeySize
STF_GetSectionKeyVersion
STF_GetSizeOfFile
STF_GetSymbolValue
STF_GetTotalSpaceForDrive
STF_GetTypeFaceNameFromTTF
STF_GetVersionNthField
STF_GetVersionOfFile
STF_GetWindowsDirPath
STF_GetWindowsSysDir
STF_InitSetupToolkit
STF_IsDirWritable
STF_IsDriveLocalHard
STF_IsDriveNetwork
STF_IsDriveRemovable
STF_IsFileInUseBySystem
STF_IsFileWritable
STF_IsWindowsShared
STF_MakeListFromProgmanGroups
STF_MakeListFromSectionDate
STF_MakeListFromSectionFilename
STF_MakeListFromSectionKeys
STF_MakeListFromSectionSize
STF_MakeListFromSectionVersion
STF_PrependToPath
STF_ReadInfFile
STF_RemoveDir
STF_RemoveFile
STF_RemoveIniKey
STF_RemoveIniSection
STF_RemoveSectionFilesToCopyList
STF_RemoveSectionKeyFileToCopyList
STF_RemoveSpecialFileToCopyList
STF_RemoveSymbol
STF_RenameFile
STF_RestoreCursor
STF_SetAbout
STF_SetBitmap
STF_SetRestartDir
STF_SetSymbolValue
STF_ShowProgmanGroup
STF_StampResource
STF_UIPop
STF_UIPopAll
STF_UIStartDlg
STF_UIStartExeDlg
STF_UIStartExeDlgWinHelp
SetAbout
SetAcmeInst
SetAdminMode
SetBitmap
SetCopyGaugePosition
SetErrorParam
SetErrorParamChar
SetErrorParamConst
SetErrorParamCopy
SetErrorParamInt
SetFEFontProc
SetLastSetupErrMsg
SetPassInfo
SetRegKeyValue32
SetRegKeyValue32Ex
SetRestartDir
SetSilentMode
SetSizeCheckMode
SetSymbolValue
SetTitle
SetupApiErr
ShowProgmanGroup
ShowWaitCursor
StampResource
StaticWndProc3d
SuppressLongFileNames
SzFindSymbolValueInSymTab
SzGetLastSetupErrMsg
SzLastChar
TermIME
UIPop
UIPopAll
UIStartDlg
UIStartExeDlg
UIStartExeDlgWinHelp
UiFindSrcFileName
UiPromptForDisk
UsGetListLength
Validate
WriteLogDivider
fnText

Sections

.text
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.expo
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSVCRT.DLL
.dll windows:4 windows x86 arch:x86

8d26773106ed39fbb89a157d19d8aa89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
RtlUnwind
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetUnhandledExceptionFilter
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
ResumeThread
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapFree
HeapAlloc
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
SetEnvironmentVariableW
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
RaiseException
SetStdHandle
Sleep
CompareStringA
CompareStringW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
GetTimeZoneInformation
SetEnvironmentVariableA
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
HeapSize
ReadConsoleA
SetConsoleMode
GetConsoleMode
SetEndOfFile
WriteConsoleA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
GetSystemTimeAsFileTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime
GetSystemTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__argc
__argv
__badioinfo
__crtCompareStringA
__crtGetLocaleInfoW
__crtLCMapStringA
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__isascii
__iscsym
__iscsymf
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pioinfo
__pxcptinfoptrs
__set_app_type
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__unguarded_readlc_active
__wargv
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_creat
_cscanf
_ctype
_cwait
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirsti64
_findnext
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstati64
_ftime
_ftol
_fullpath
_futime
_gcvt
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getws
_global_unwind2
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putws
_pwctype
_read
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_searchenv
_seh_longjmp_unwind
_set_error_mode
_set_sbh_threshold
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snwprintf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_splitpath
_stat
_stati64
_statusfp
_strcmpi
_strdate
_strdup
_strerror
_stricmp
_stricoll
_strlwr
_strncoll
_strnicmp
_strnicoll
_strnset
_strrev
_strset
_strtime
_strupr
_swab
_sys_errlist
_sys_nerr
_tell
_telli64
_tempnam
_timezone
_tolower
_toupper
_tzname
_tzset
_ui64toa
_ui64tow
_ultoa
_ultow
_umask
_ungetch
_unlink
_unloaddll
_unlock
_utime
_vsnprintf
_vsnwprintf
_waccess
_wasctime
_wchdir
_wchmod
_wcmdln
_wcreat
_wcsdup
_wcsicmp
_wcsicoll
_wcslwr
_wcsncoll
_wcsnicmp
_wcsnicoll
_wcsnset
_wcsrev
_wcsset
_wcsupr

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSVCRT40.DLL
.dll windows:4 windows x86 arch:x86

57259dcda30c27e977785c33a8441434

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsValidLocale
RtlUnwind
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ResumeThread
GetLastError
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
HeapFree
HeapAlloc
HeapCreate
HeapDestroy
ReadFile
SetFilePointer
SetHandleCount
GetFileType
GetStartupInfoA
CreateFileA
SetStdHandle
SetEndOfFile
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
Sleep
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
SetEnvironmentVariableW
RaiseException
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
GetLocaleInfoW
GetTimeZoneInformation
HeapReAlloc
HeapSize
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapUnlock
HeapWalk
HeapLock
HeapCompact
ReadConsoleA
SetConsoleMode
GetConsoleMode
WriteConsoleA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
LockFile
UnlockFile
CreatePipe
CreateFileW
GetLocalTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
GetSystemTime

Exports

Exports

$I10_OUTPUT
??0Iostream_init@@QAE@AAVios@@H@Z
??0Iostream_init@@QAE@XZ
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??0filebuf@@QAE@ABV0@@Z
??0filebuf@@QAE@H@Z
??0filebuf@@QAE@HPADH@Z
??0filebuf@@QAE@XZ
??0fstream@@QAE@ABV0@@Z
??0fstream@@QAE@H@Z
??0fstream@@QAE@HPADH@Z
??0fstream@@QAE@PBDHH@Z
??0fstream@@QAE@XZ
??0ifstream@@QAE@ABV0@@Z
??0ifstream@@QAE@H@Z
??0ifstream@@QAE@HPADH@Z
??0ifstream@@QAE@PBDHH@Z
??0ifstream@@QAE@XZ
??0ios@@IAE@ABV0@@Z
??0ios@@IAE@XZ
??0ios@@QAE@PAVstreambuf@@@Z
??0iostream@@IAE@ABV0@@Z
??0iostream@@IAE@XZ
??0iostream@@QAE@PAVstreambuf@@@Z
??0istream@@IAE@ABV0@@Z
??0istream@@IAE@XZ
??0istream@@QAE@PAVstreambuf@@@Z
??0istream_withassign@@QAE@ABV0@@Z
??0istream_withassign@@QAE@PAVstreambuf@@@Z
??0istream_withassign@@QAE@XZ
??0istrstream@@QAE@ABV0@@Z
??0istrstream@@QAE@PAD@Z
??0istrstream@@QAE@PADH@Z
??0logic_error@@QAE@ABQBD@Z
??0logic_error@@QAE@ABV0@@Z
??0ofstream@@QAE@ABV0@@Z
??0ofstream@@QAE@H@Z
??0ofstream@@QAE@HPADH@Z
??0ofstream@@QAE@PBDHH@Z
??0ofstream@@QAE@XZ
??0ostream@@IAE@ABV0@@Z
??0ostream@@IAE@XZ
??0ostream@@QAE@PAVstreambuf@@@Z
??0ostream_withassign@@QAE@ABV0@@Z
??0ostream_withassign@@QAE@PAVstreambuf@@@Z
??0ostream_withassign@@QAE@XZ
??0ostrstream@@QAE@ABV0@@Z
??0ostrstream@@QAE@PADHH@Z
??0ostrstream@@QAE@XZ
??0stdiobuf@@QAE@ABV0@@Z
??0stdiobuf@@QAE@PAU_iobuf@@@Z
??0stdiostream@@QAE@ABV0@@Z
??0stdiostream@@QAE@PAU_iobuf@@@Z
??0streambuf@@IAE@PADH@Z
??0streambuf@@IAE@XZ
??0streambuf@@QAE@ABV0@@Z
??0strstream@@QAE@ABV0@@Z
??0strstream@@QAE@PADHH@Z
??0strstream@@QAE@XZ
??0strstreambuf@@QAE@ABV0@@Z
??0strstreambuf@@QAE@H@Z
??0strstreambuf@@QAE@P6APAXJ@ZP6AXPAX@Z@Z
??0strstreambuf@@QAE@PADH0@Z
??0strstreambuf@@QAE@XZ
??1Iostream_init@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1filebuf@@UAE@XZ
??1fstream@@UAE@XZ
??1ifstream@@UAE@XZ
??1ios@@UAE@XZ
??1iostream@@UAE@XZ
??1istream@@UAE@XZ
??1istream_withassign@@UAE@XZ
??1istrstream@@UAE@XZ
??1logic_error@@UAE@XZ
??1ofstream@@UAE@XZ
??1ostream@@UAE@XZ
??1ostream_withassign@@UAE@XZ
??1ostrstream@@UAE@XZ
??1stdiobuf@@UAE@XZ
??1stdiostream@@UAE@XZ
??1streambuf@@UAE@XZ
??1strstream@@UAE@XZ
??1strstreambuf@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4Iostream_init@@QAEAAV0@ABV0@@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??4filebuf@@QAEAAV0@ABV0@@Z
??4fstream@@QAEAAV0@AAV0@@Z
??4ifstream@@QAEAAV0@ABV0@@Z
??4ios@@IAEAAV0@ABV0@@Z
??4iostream@@IAEAAV0@AAV0@@Z
??4iostream@@IAEAAV0@PAVstreambuf@@@Z
??4istream@@IAEAAV0@ABV0@@Z
??4istream@@IAEAAV0@PAVstreambuf@@@Z
??4istream_withassign@@QAEAAV0@ABV0@@Z
??4istream_withassign@@QAEAAVistream@@ABV1@@Z
??4istream_withassign@@QAEAAVistream@@PAVstreambuf@@@Z
??4istrstream@@QAEAAV0@ABV0@@Z
??4logic_error@@QAEAAV0@ABV0@@Z
??4ofstream@@QAEAAV0@ABV0@@Z
??4ostream@@IAEAAV0@ABV0@@Z
??4ostream@@IAEAAV0@PAVstreambuf@@@Z
??4ostream_withassign@@QAEAAV0@ABV0@@Z
??4ostream_withassign@@QAEAAVostream@@ABV1@@Z
??4ostream_withassign@@QAEAAVostream@@PAVstreambuf@@@Z
??4ostrstream@@QAEAAV0@ABV0@@Z
??4stdiobuf@@QAEAAV0@ABV0@@Z
??4stdiostream@@QAEAAV0@AAV0@@Z
??4streambuf@@QAEAAV0@ABV0@@Z
??4strstream@@QAEAAV0@AAV0@@Z
??4strstreambuf@@QAEAAV0@ABV0@@Z
??5istream@@QAEAAV0@AAC@Z
??5istream@@QAEAAV0@AAD@Z
??5istream@@QAEAAV0@AAE@Z
??5istream@@QAEAAV0@AAF@Z
??5istream@@QAEAAV0@AAG@Z
??5istream@@QAEAAV0@AAH@Z
??5istream@@QAEAAV0@AAI@Z
??5istream@@QAEAAV0@AAJ@Z
??5istream@@QAEAAV0@AAK@Z
??5istream@@QAEAAV0@AAM@Z
??5istream@@QAEAAV0@AAN@Z
??5istream@@QAEAAV0@AAO@Z
??5istream@@QAEAAV0@P6AAAV0@AAV0@@Z@Z
??5istream@@QAEAAV0@P6AAAVios@@AAV1@@Z@Z
??5istream@@QAEAAV0@PAC@Z
??5istream@@QAEAAV0@PAD@Z
??5istream@@QAEAAV0@PAE@Z
??5istream@@QAEAAV0@PAVstreambuf@@@Z
??6ostream@@QAEAAV0@C@Z
??6ostream@@QAEAAV0@D@Z
??6ostream@@QAEAAV0@E@Z
??6ostream@@QAEAAV0@F@Z
??6ostream@@QAEAAV0@G@Z
??6ostream@@QAEAAV0@H@Z
??6ostream@@QAEAAV0@I@Z
??6ostream@@QAEAAV0@J@Z
??6ostream@@QAEAAV0@K@Z
??6ostream@@QAEAAV0@M@Z
??6ostream@@QAEAAV0@N@Z
??6ostream@@QAEAAV0@O@Z
??6ostream@@QAEAAV0@P6AAAV0@AAV0@@Z@Z
??6ostream@@QAEAAV0@P6AAAVios@@AAV1@@Z@Z
??6ostream@@QAEAAV0@PAVstreambuf@@@Z
??6ostream@@QAEAAV0@PBC@Z
??6ostream@@QAEAAV0@PBD@Z
??6ostream@@QAEAAV0@PBE@Z
??6ostream@@QAEAAV0@PBX@Z
??7ios@@QBEHXZ
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??Bios@@QBEPAXXZ
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_7filebuf@@6B@
??_7fstream@@6B@
??_7ifstream@@6B@
??_7ios@@6B@
??_7iostream@@6B@
??_7istream@@6B@
??_7istream_withassign@@6B@
??_7istrstream@@6B@
??_7logic_error@@6B@
??_7ofstream@@6B@
??_7ostream@@6B@
??_7ostream_withassign@@6B@
??_7ostrstream@@6B@
??_7stdiobuf@@6B@
??_7stdiostream@@6B@
??_7streambuf@@6B@
??_7strstream@@6B@
??_7strstreambuf@@6B@
??_8fstream@@7Bistream@@@
??_8fstream@@7Bostream@@@
??_8ifstream@@7B@
??_8iostream@@7Bistream@@@
??_8iostream@@7Bostream@@@
??_8istream@@7B@
??_8istream_withassign@@7B@
??_8istrstream@@7B@
??_8ofstream@@7B@
??_8ostream@@7B@
??_8ostream_withassign@@7B@
??_8ostrstream@@7B@
??_8stdiostream@@7Bistream@@@
??_8stdiostream@@7Bostream@@@
??_8strstream@@7Bistream@@@
??_8strstream@@7Bostream@@@
??_Dfstream@@QAEXXZ
??_Difstream@@QAEXXZ
??_Diostream@@QAEXXZ
??_Distream@@QAEXXZ
??_Distream_withassign@@QAEXXZ
??_Distrstream@@QAEXXZ
??_Dofstream@@QAEXXZ
??_Dostream@@QAEXXZ
??_Dostream_withassign@@QAEXXZ
??_Dostrstream@@QAEXXZ
??_Dstdiostream@@QAEXXZ
??_Dstrstream@@QAEXXZ
??_EIostream_init@@QAEPAXI@Z
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_Efilebuf@@UAEPAXI@Z
??_Efstream@@UAEPAXI@Z
??_Eifstream@@UAEPAXI@Z
??_Eios@@UAEPAXI@Z
??_Eiostream@@UAEPAXI@Z
??_Eistream@@UAEPAXI@Z
??_Eistream_withassign@@UAEPAXI@Z
??_Eistrstream@@UAEPAXI@Z
??_Elogic_error@@UAEPAXI@Z
??_Eofstream@@UAEPAXI@Z
??_Eostream@@UAEPAXI@Z
??_Eostream_withassign@@UAEPAXI@Z
??_Eostrstream@@UAEPAXI@Z
??_Estdiobuf@@UAEPAXI@Z
??_Estdiostream@@UAEPAXI@Z
??_Estreambuf@@UAEPAXI@Z
??_Estrstream@@UAEPAXI@Z
??_Estrstreambuf@@UAEPAXI@Z
??_GIostream_init@@QAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
??_Gfilebuf@@UAEPAXI@Z
??_Gfstream@@UAEPAXI@Z
??_Gifstream@@UAEPAXI@Z
??_Gios@@UAEPAXI@Z
??_Giostream@@UAEPAXI@Z
??_Gistream@@UAEPAXI@Z
??_Gistream_withassign@@UAEPAXI@Z
??_Gistrstream@@UAEPAXI@Z
??_Glogic_error@@UAEPAXI@Z
??_Gofstream@@UAEPAXI@Z
??_Gostream@@UAEPAXI@Z
??_Gostream_withassign@@UAEPAXI@Z
??_Gostrstream@@UAEPAXI@Z
??_Gstdiobuf@@UAEPAXI@Z
??_Gstdiostream@@UAEPAXI@Z
??_Gstreambuf@@UAEPAXI@Z
??_Gstrstream@@UAEPAXI@Z
??_Gstrstreambuf@@UAEPAXI@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?adjustfield@ios@@2JB
?allocate@streambuf@@IAEHXZ
?attach@filebuf@@QAEPAV1@H@Z
?attach@fstream@@QAEXH@Z
?attach@ifstream@@QAEXH@Z
?attach@ofstream@@QAEXH@Z
?bad@ios@@QBEHXZ
?base@streambuf@@IBEPADXZ
?basefield@ios@@2JB
?before@type_info@@QBEHABV1@@Z
?binary@filebuf@@2HB
?bitalloc@ios@@SAJXZ
?blen@streambuf@@IBEHXZ
?cerr@@3Vostream_withassign@@A
?cin@@3Vistream_withassign@@A
?clear@ios@@QAEXH@Z
?clog@@3Vostream_withassign@@A
?close@filebuf@@QAEPAV1@XZ
?close@fstream@@QAEXXZ
?close@ifstream@@QAEXXZ
?close@ofstream@@QAEXXZ
?clrlock@ios@@QAAXXZ
?clrlock@streambuf@@QAEXXZ
?cout@@3Vostream_withassign@@A
?dbp@streambuf@@QAEXXZ
?dec@@YAAAVios@@AAV1@@Z
?delbuf@ios@@QAEXH@Z
?delbuf@ios@@QBEHXZ
?doallocate@streambuf@@MAEHXZ
?doallocate@strstreambuf@@MAEHXZ
?eatwhite@istream@@QAEXXZ
?eback@streambuf@@IBEPADXZ
?ebuf@streambuf@@IBEPADXZ
?egptr@streambuf@@IBEPADXZ
?endl@@YAAAVostream@@AAV1@@Z
?ends@@YAAAVostream@@AAV1@@Z
?eof@ios@@QBEHXZ
?epptr@streambuf@@IBEPADXZ
?fLockcInit@ios@@0HA
?fail@ios@@QBEHXZ
?fd@filebuf@@QBEHXZ
?fd@fstream@@QBEHXZ
?fd@ifstream@@QBEHXZ
?fd@ofstream@@QBEHXZ
?fill@ios@@QAEDD@Z
?fill@ios@@QBEDXZ
?flags@ios@@QAEJJ@Z
?flags@ios@@QBEJXZ
?floatfield@ios@@2JB
?flush@@YAAAVostream@@AAV1@@Z
?flush@ostream@@QAEAAV1@XZ
?freeze@strstreambuf@@QAEXH@Z
?gbump@streambuf@@IAEXH@Z
?gcount@istream@@QBEHXZ
?get@istream@@IAEAAV1@PADHH@Z
?get@istream@@QAEAAV1@AAC@Z
?get@istream@@QAEAAV1@AAD@Z
?get@istream@@QAEAAV1@AAE@Z
?get@istream@@QAEAAV1@AAVstreambuf@@D@Z
?get@istream@@QAEAAV1@PACHD@Z
?get@istream@@QAEAAV1@PADHD@Z
?get@istream@@QAEAAV1@PAEHD@Z
?get@istream@@QAEHXZ
?getdouble@istream@@AAEHPADH@Z
?getint@istream@@AAEHPAD@Z
?getline@istream@@QAEAAV1@PACHD@Z
?getline@istream@@QAEAAV1@PADHD@Z
?getline@istream@@QAEAAV1@PAEHD@Z
?good@ios@@QBEHXZ
?gptr@streambuf@@IBEPADXZ
?hex@@YAAAVios@@AAV1@@Z
?ignore@istream@@QAEAAV1@HH@Z
?in_avail@streambuf@@QBEHXZ
?init@ios@@IAEXPAVstreambuf@@@Z
?ipfx@istream@@QAEHH@Z
?is_open@filebuf@@QBEHXZ
?is_open@fstream@@QBEHXZ
?is_open@ifstream@@QBEHXZ
?is_open@ofstream@@QBEHXZ
?isfx@istream@@QAEXXZ
?iword@ios@@QBEAAJH@Z
?lock@ios@@QAAXXZ
?lock@streambuf@@QAEXXZ
?lockbuf@ios@@QAAXXZ
?lockc@ios@@KAXXZ
?lockptr@ios@@IAEPAU_CRT_CRITICAL_SECTION@@XZ
?lockptr@streambuf@@IAEPAU_CRT_CRITICAL_SECTION@@XZ
?name@type_info@@QBEPBDXZ
?oct@@YAAAVios@@AAV1@@Z
?open@filebuf@@QAEPAV1@PBDHH@Z
?open@fstream@@QAEXPBDHH@Z
?open@ifstream@@QAEXPBDHH@Z
?open@ofstream@@QAEXPBDHH@Z
?openprot@filebuf@@2HB
?opfx@ostream@@QAEHXZ
?osfx@ostream@@QAEXXZ
?out_waiting@streambuf@@QBEHXZ
?overflow@filebuf@@UAEHH@Z
?overflow@stdiobuf@@UAEHH@Z
?overflow@strstreambuf@@UAEHH@Z
?pbackfail@stdiobuf@@UAEHH@Z
?pbackfail@streambuf@@UAEHH@Z
?pbase@streambuf@@IBEPADXZ
?pbump@streambuf@@IAEXH@Z
?pcount@ostrstream@@QBEHXZ
?pcount@strstream@@QBEHXZ
?peek@istream@@QAEHXZ
?pptr@streambuf@@IBEPADXZ
?precision@ios@@QAEHH@Z
?precision@ios@@QBEHXZ
?put@ostream@@QAEAAV1@C@Z
?put@ostream@@QAEAAV1@D@Z
?put@ostream@@QAEAAV1@E@Z
?putback@istream@@QAEAAV1@D@Z
?pword@ios@@QBEAAPAXH@Z
?raw_name@type_info@@QBEPBDXZ
?rdbuf@fstream@@QBEPAVfilebuf@@XZ
?rdbuf@ifstream@@QBEPAVfilebuf@@XZ
?rdbuf@ios@@QBEPAVstreambuf@@XZ
?rdbuf@istrstream@@QBEPAVstrstreambuf@@XZ
?rdbuf@ofstream@@QBEPAVfilebuf@@XZ
?rdbuf@ostrstream@@QBEPAVstrstreambuf@@XZ
?rdbuf@stdiostream@@QBEPAVstdiobuf@@XZ
?rdbuf@strstream@@QBEPAVstrstreambuf@@XZ
?rdstate@ios@@QBEHXZ
?read@istream@@QAEAAV1@PACH@Z
?read@istream@@QAEAAV1@PADH@Z
?read@istream@@QAEAAV1@PAEH@Z
?sbumpc@streambuf@@QAEHXZ
?seekg@istream@@QAEAAV1@J@Z
?seekg@istream@@QAEAAV1@JW4seek_dir@ios@@@Z
?seekoff@filebuf@@UAEJJW4seek_dir@ios@@H@Z
?seekoff@stdiobuf@@UAEJJW4seek_dir@ios@@H@Z
?seekoff@streambuf@@UAEJJW4seek_dir@ios@@H@Z
?seekoff@strstreambuf@@UAEJJW4seek_dir@ios@@H@Z
?seekp@ostream@@QAEAAV1@J@Z
?seekp@ostream@@QAEAAV1@JW4seek_dir@ios@@@Z
?seekpos@streambuf@@UAEJJH@Z
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?setb@streambuf@@IAEXPAD0H@Z
?setbuf@filebuf@@UAEPAVstreambuf@@PADH@Z
?setbuf@fstream@@QAEPAVstreambuf@@PADH@Z
?setbuf@ifstream@@QAEPAVstreambuf@@PADH@Z
?setbuf@ofstream@@QAEPAVstreambuf@@PADH@Z
?setbuf@streambuf@@UAEPAV1@PADH@Z
?setbuf@strstreambuf@@UAEPAVstreambuf@@PADH@Z
?setf@ios@@QAEJJ@Z
?setf@ios@@QAEJJJ@Z
?setg@streambuf@@IAEXPAD00@Z
?setlock@ios@@QAAXXZ
?setlock@streambuf@@QAEXXZ
?setmode@filebuf@@QAEHH@Z
?setmode@fstream@@QAEHH@Z
?setmode@ifstream@@QAEHH@Z
?setmode@ofstream@@QAEHH@Z
?setp@streambuf@@IAEXPAD0@Z
?setrwbuf@stdiobuf@@QAEHHH@Z
?sgetc@streambuf@@QAEHXZ
?sgetn@streambuf@@QAEHPADH@Z
?sh_none@filebuf@@2HB
?sh_read@filebuf@@2HB
?sh_write@filebuf@@2HB
?snextc@streambuf@@QAEHXZ
?sputbackc@streambuf@@QAEHD@Z
?sputc@streambuf@@QAEHH@Z
?sputn@streambuf@@QAEHPBDH@Z
?stdiofile@stdiobuf@@QAEPAU_iobuf@@XZ
?stossc@streambuf@@QAEXXZ
?str@istrstream@@QAEPADXZ
?str@ostrstream@@QAEPADXZ
?str@strstream@@QAEPADXZ
?str@strstreambuf@@QAEPADXZ
?sunk_with_stdio@ios@@0HA
?sync@filebuf@@UAEHXZ
?sync@istream@@QAEHXZ
?sync@stdiobuf@@UAEHXZ
?sync@streambuf@@UAEHXZ
?sync@strstreambuf@@UAEHXZ
?sync_with_stdio@ios@@SAXXZ
?tellg@istream@@QAEJXZ
?tellp@ostream@@QAEJXZ
?terminate@@YAXXZ
?text@filebuf@@2HB
?tie@ios@@QAEPAVostream@@PAV2@@Z
?tie@ios@@QBEPAVostream@@XZ
?unbuffered@streambuf@@IAEXH@Z
?unbuffered@streambuf@@IBEHXZ
?underflow@filebuf@@UAEHXZ
?underflow@stdiobuf@@UAEHXZ
?underflow@strstreambuf@@UAEHXZ
?unexpected@@YAXXZ
?unlock@ios@@QAAXXZ
?unlock@streambuf@@QAEXXZ
?unlockbuf@ios@@QAAXXZ
?unlockc@ios@@KAXXZ
?unsetf@ios@@QAEJJ@Z
?what@exception@@UBEPBDXZ
?width@ios@@QAEHH@Z
?width@ios@@QBEHXZ
?write@ostream@@QAEAAV1@PBCH@Z
?write@ostream@@QAEAAV1@PBDH@Z
?write@ostream@@QAEAAV1@PBEH@Z
?writepad@ostream@@AAEAAV1@PBD0@Z
?ws@@YAAAVistream@@AAV1@@Z
?x_curindex@ios@@0HA
?x_lockc@ios@@0U_CRT_CRITICAL_SECTION@@A
?x_maxbit@ios@@0JA
?x_statebuf@ios@@0PAJA
?xalloc@ios@@SAHXZ
?xsgetn@streambuf@@UAEHPADH@Z
?xsputn@streambuf@@UAEHPBDH@Z
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CxxThrowException

Sections

.text
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SETUP2.LST
WIZSET32.DLL
.dll windows:4 windows x86 arch:x86

a6ddee4715543289a7e54b780402c0c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mssetup

PbAlloc
DoMsgBox
FFree
DoesInfSectionKeyExist
DoesInfSectionExist
FWriteToLogFile
FValidFilePath
GetRegKeyValue32
SzLastChar
DoesFileExist
DriveNumToRootPath
GetVersionNthField
FLanguageMismatchInf
GetSectionKeyVersion
GetVersionOfFile
AddSectionKeyFileToCopyList
GetSectionKeyFilename
CbStrCopyToBuffer
HandleOOM
GetSectionKeySize
DeleteProgmanItem

kernel32

LCMapStringA
GetCommandLineA
SetStdHandle
FlushFileBuffers
SetFilePointer
VirtualAlloc
GetVersion
lstrcmpiA
lstrcpyA
CloseHandle
WaitForSingleObject
CreateProcessA
GetShortPathNameA
GetCurrentProcess
GetLastError
GetCurrentThread
lstrlenA
lstrcatA
DeleteFileA
GetDiskFreeSpaceA
SetErrorMode
GetLocaleInfoW
GetLocaleInfoA
LCMapStringW
TlsFree
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
HeapAlloc
HeapFree
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
LoadLibraryA
GetProcAddress
GetModuleHandleA
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
MultiByteToWideChar
ExitProcess
TerminateProcess
GetCurrentThreadId
TlsSetValue
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP

user32

CharPrevA
CharUpperBuffA
CharNextA
wsprintfA
LoadCursorA
SetCursor
MessageBoxA

advapi32

RegQueryValueExA
OpenProcessToken
GetTokenInformation
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
OpenThreadToken
RegCloseKey
AllocateAndInitializeSid
EqualSid
FreeSid
RegOpenKeyA
RegQueryValueA

Exports

Exports

DelProgmanItem
Detect95
DetectAdminPrivileges
DetectRegData
DoMessageBox
ExecutePostSetupCommand
GetPathFromReg
InstallSys16PermFile
NeverRemoveGroup
RemoveHelpAuxFile
Silence16BitDSNConversion
SzGetDatadefVer

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000007
.dll windows:4 windows x86 arch:x86

28b659576236be75a4bbcbfa9113e470

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ole32

ReleaseStgMedium

user32

UnionRect

gdi32

CreateSolidBrush
SetDIBits
SetMapMode
DeleteObject
PatBlt
GetCurrentObject
SelectObject
SetStretchBltMode
GetObjectA
GetNearestPaletteIndex
SetDIBColorTable
GetNearestColor
SelectPalette
SetDIBitsToDevice
StretchDIBits

kernel32

SetLastError
GetCPInfo
GetACP
GetStartupInfoA
InterlockedIncrement
InitializeCriticalSection
InterlockedDecrement
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetTickCount
lstrlenA
GlobalDeleteAtom
GlobalAddAtomA
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
HeapFree
GetModuleFileNameA
RtlUnwind
HeapAlloc
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetLocaleInfoA
GetLocaleInfoW
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
LoadLibraryA
FlushFileBuffers
SetFilePointer
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CloseHandle
ReadFile

Exports

Exports

DllCanUnloadNow
FilterCreateInstance

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000008
f0000009
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 512B - Virtual size: 227B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000010
f0000011
.sys windows:5 windows x86 arch:x86

b341f9824cfdc72e86b1584616273e2e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExAllocatePoolWithTag
IoDeleteDevice
IoCreateSymbolicLink
memmove
ExFreePool
RtlQueryRegistryValues
IofCompleteRequest
IoDeleteSymbolicLink
MmUnmapIoSpace
MmMapIoSpace
IoReportResourceUsage
KeQuerySystemTime
IoCreateDevice
RtlInitUnicodeString

hal

HalTranslateBusAddress
KeStallExecutionProcessor
READ_PORT_UCHAR
WRITE_PORT_UCHAR

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 192B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32B - Virtual size: 30B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 544B - Virtual size: 536B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 896B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 192B - Virtual size: 174B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000012
f0000013
f0000014
f0000015
f0000016
f0000017
f0000018
f0000019
f0000020
f0000021
.dll windows:4 windows x86 arch:x86

d2d3c57ecd284b74a69c78ad8d664a33

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LeaveCriticalSection
CreateFileA
CloseHandle
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
SetFilePointer
EnterCriticalSection
DeviceIoControl
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
RtlUnwind

Exports

Exports

DOGCHECK
DOGCLOSE
DOGOPEN
DOGREAD
DOGWRITE

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000022
f0000023
f0000024
f0000025
f0000026
f0000027
f0000028
f0000029
.dll regsvr32 windows:5 windows x86 arch:x86

d9b8ba50c01827c6af0aafd6f61c750a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

msvcrt

??2@YAPAXI@Z
wcsrchr
wcscat
wcscpy
_itow
sprintf
wcstol
_memicmp
_wcsnicmp
wcschr
qsort
_wcsicmp
_except_handler3
free
wcscmp
??3@YAXPAX@Z
_initterm
malloc
_adjust_fdiv

crypt32

I_CryptGetDefaultCryptProv
CryptMsgEncodeAndSignCTL
CertCreateCTLContext
CertFreeCTLContext
CryptSIPRetrieveSubjectGuid
CryptEncodeObject
CryptDecodeObject
CryptSIPLoad
CertAlgIdToOID

advapi32

RegQueryValueExW
RegSetValueExW
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExW
RegCreateKeyExA

kernel32

lstrlenW
CreateFileA
LoadLibraryA
CreateMutexW
CreateMutexA
GetProcAddress
ReleaseMutex
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
lstrcmpiA
DeleteCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
SetLastError
GetVersionExA
GetLastError
SystemTimeToFileTime
GetSystemTime
MultiByteToWideChar
GetSystemDirectoryA
WideCharToMultiByte
lstrcpyA
lstrlenA
CloseHandle
SetFilePointer
ReadFile
UnmapViewOfFile
WriteFile
MapViewOfFile
CreateFileMappingA
GetFileSize
lstrcmpA
GetSystemTimeAsFileTime
FreeLibrary
CreateFileW
CopyFileA
CopyFileW
SetFileAttributesA
SetFileAttributesW
LocalFree
LocalAlloc
CreateDirectoryA
CreateDirectoryW

Exports

Exports

CryptCATAdminAcquireContext
CryptCATAdminAddCatalog
CryptCATAdminCalcHashFromFileHandle
CryptCATAdminEnumCatalogFromHash
CryptCATAdminReleaseCatalogContext
CryptCATAdminReleaseContext
CryptCATCDFClose
CryptCATCDFEnumAttributes
CryptCATCDFEnumAttributesWithCDFTag
CryptCATCDFEnumCatAttributes
CryptCATCDFEnumMembers
CryptCATCDFEnumMembersByCDFTag
CryptCATCDFOpen
CryptCATCatalogInfoFromContext
CryptCATClose
CryptCATEnumerateAttr
CryptCATEnumerateCatAttr
CryptCATEnumerateMember
CryptCATGetAttrInfo
CryptCATGetCatAttrInfo
CryptCATGetMemberInfo
CryptCATHandleFromStore
CryptCATOpen
CryptCATPersistStore
CryptCATPutAttrInfo
CryptCATPutCatAttrInfo
CryptCATPutMemberInfo
CryptCATStoreFromHandle
CryptCATVerifyMember
DllRegisterServer
DllUnregisterServer
IsCatalogFile
MsCatConstructHashTag
MsCatFreeHashTag

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000030
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

CAPIDecryptFile
CAPIEncryptFile
DPGetDefaultPrinter
DPSetDefaultPrinter
DialUp
DisconnectRas
InitUser
IsConnected
IsDiskInDrive
IsWin2000
ListMail
LoadIME
MD5File
MD5String
MyInputBox
PrintStringDirect
SetTime
ShellExecWait
TerminateApp
VolumeNumber
cancelconnect
changeres
compress
connecttonetwork
decompress
dirsize
encstr
exitw
formtobmp
getallproc
getbmpdimension
getcpuid
getcrc
getip
getjpgdimension
getmac
getmetric
getname
getserial
httpdownload
hzbh
killtask
myftpgetfile
myftpputfile
num2txt_c
num2txt_e
pinghost
sendmail
shareadd
sharedel
smail
tobmp
tojpeg
topy
vfpbeep

Sections

.text
Size: 102KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
f0000031
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000032
f0000033
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000034
.dll windows:4 windows x86 arch:x86

4fef2b04d1a43ef6c073b0b58e4aa33f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStdHandle
CreateFileA
GetVersionExA
CloseHandle
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetFileType
DeviceIoControl
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualAlloc
LoadLibraryA
FlushFileBuffers
SetStdHandle
SetFilePointer

Exports

Exports

DOGCHECK
DOGCLOSE
DOGOPEN
DOGPAGE
DOGREAD
DOGSTATUS
DOGWRITE

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000035
f0000036
f0000037
f0000038
f0000039
f0000040
f0000041
f0000042
f0000043
f0000044
f0000045
f0000046
f0000047
f0000048
f0000049
f0000050
f0000051
f0000052
f0000053
f0000054
f0000055
f0000056
f0000057
f0000058
f0000059
f0000060
f0000061
f0000062
f0000063
f0000064
f0000065
f0000066
f0000067
f0000068
f0000069
f0000070
.chm
f0000071
f0000072
.dll regsvr32 windows:4 windows x86 arch:x86

477e318c71b23a3694590b04947b255e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

LoadTypeLi
VariantClear
SysStringLen
VariantChangeType
SysAllocString
VarDateFromStr
VariantInit
SysAllocStringLen
LoadRegTypeLi

kernel32

GlobalUnlock
InterlockedIncrement
GetSystemDefaultLangID
GlobalAlloc
GlobalLock
GetWindowsDirectoryA
EnterCriticalSection
LeaveCriticalSection
OpenFile
GetModuleFileNameA
lstrcatA
GetProcessHeap
GetVersion
InitializeCriticalSection
MulDiv
DisableThreadLibraryCalls
DeleteCriticalSection
lstrlenW
lstrcpyA
lstrcpynA
GetProcAddress
WideCharToMultiByte
LoadLibraryA
lstrlenA
FreeLibrary
HeapAlloc
HeapFree
MultiByteToWideChar
GetLocaleInfoA
InterlockedDecrement
GetVersionExA
GetLastError
GetLocalTime
HeapReAlloc

user32

CheckDlgButton
IsDlgButtonChecked
GetDlgItemTextA
WinHelpA
DestroyWindow
UnregisterClassA
SendDlgItemMessageA
GetActiveWindow
GetSystemMetrics
MapWindowPoints
SetWindowLongA
EqualRect
SetWindowRgn
GetWindowLongA
IsWindowVisible
DefWindowProcA
CharNextA
GetDlgItem
GetWindow
CallWindowProcA
GetCapture
ScrollWindowEx
IsDialogMessageA
GetNextDlgTabItem
IsWindowEnabled
IsChild
CreateDialogParamA
SetFocus
TranslateAcceleratorA
SendMessageA
InvalidateRect
ReleaseCapture
PtInRect
SetCapture
GetClientRect
FrameRect
UpdateWindow
ShowWindow
GetWindowRect
LoadAcceleratorsA
BeginPaint
EndPaint
DrawFocusRect
GetWindowDC
CopyRect
FillRect
GetDC
ReleaseDC
IntersectRect
InflateRect
OffsetRect
GetFocus
GetSysColor
GetParent
SetParent
SetWindowPos
LoadCursorA
RegisterClassA
EndDialog
wsprintfA
LoadStringA
MessageBeep
CreateWindowExA
MoveWindow
GetKeyState
IsWindow
DialogBoxParamA

ole32

CreateOleAdviseHolder
CreateDataAdviseHolder
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
OleSetAutoConvert
CoCreateInstance

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

gdi32

CreateEnhMetaFileA
SetWindowOrgEx
SetWindowExtEx
CreateMetaFileA
CreateRectRgnIndirect
CreateDCA
SetViewportExtEx
LPtoDP
SetViewportOrgEx
SaveDC
RestoreDC
DeleteDC
SetMapMode
CreateCompatibleDC
DeleteObject
GetDeviceCaps
SetTextColor
SetTextAlign
ExtTextOutA
MoveToEx
SelectObject
LineTo
SetBkMode
CreateSolidBrush
GetStockObject
Polygon
DPtoLP
CreatePen
CreateFontIndirectA
CloseMetaFile
GetTextExtentPoint32A
CloseEnhMetaFile

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllRegisterServerEx
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000073
.dll regsvr32 windows:4 windows x86 arch:x86

50ccb1d881ea89a41a10cced45c79649

Code Sign

03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

09-04-1996 00:00

Not After

07-01-2004 23:59

Subject

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

fc:a4:a5:9f:2c:0f:c0:b9:03:98:33:1b:7b:54:54:1d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

16-11-1999 00:00

Not After

06-01-2004 23:59

Subject

CN=VeriSign Time Stamping Service CA SW1,OU=VeriSign Trust Network+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

75:f2:8e:f8:a8:fb:ea:6d:11:52:97:14:95:4b:65:5c
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

04-04-2000 00:00

Not After

17-04-2001 23:59

Subject

CN=Microsoft Corporation,OU=VeriSign Commercial Software Publishers CA+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98+OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Microsoft Corporation,O=VeriSign\, Inc.,L=Internet+L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
LocalReAlloc
GetProfileIntA
RtlMoveMemory
LocalSize
FreeResource
GetCurrentProcessId
MulDiv
GetTickCount
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
GlobalReAlloc
IsBadReadPtr
Sleep
WaitForSingleObject
GlobalHandle
GetThreadLocale
LocalFree
LocalAlloc
GlobalAddAtomA
SetFilePointer
SetStdHandle
FlushFileBuffers
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentProcess
TerminateProcess
ExitProcess
RtlUnwind
GetCommandLineA
CompareStringW
GlobalSize
CreateFileA
GetFileSize
GlobalUnlock
GlobalLock
ReadFile
CloseHandle
GlobalFree
IsDBCSLeadByte
GetModuleHandleA
FindResourceA
LoadResource
LockResource
GetLastError
GetFileAttributesA
GetVersion
DisableThreadLibraryCalls
GetProcAddress
GetLocaleInfoA
LoadLibraryA
GetWindowsDirectoryA
lstrcatA
GetModuleFileNameA
IsBadWritePtr
lstrcmpiA
GetLocalTime
GetTimeFormatA
GetDateFormatA
lstrcmpA
GlobalAlloc
GetVersionExA
GetCurrentThreadId
MultiByteToWideChar
CompareStringA
lstrcpyA
InterlockedExchange
lstrlenA
GetSystemDefaultLCID
lstrcpynA
HeapAlloc
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
InterlockedIncrement
InterlockedDecrement
HeapReAlloc

user32

DrawFocusRect
AdjustWindowRect
DrawFrameControl
TrackPopupMenu
GetMessageA
AdjustWindowRectEx
CopyRect
GetKeyNameTextA
ShowCaret
SetCaretPos
GrayStringA
HideCaret
DestroyCaret
CreateCaret
SetWindowTextA
SetScrollInfo
DrawTextExA
InvertRect
SetRectEmpty
GetShellWindow
SetKeyboardState
GetKeyboardState
GetScrollInfo
GetKeyboardLayout
DestroyCursor
GetUpdateRgn
GetUpdateRect
GetWindowRgn
ValidateRect
CallMsgFilterA
LockWindowUpdate
IsZoomed
GetDesktopWindow
GetIconInfo
GetCursor
GetForegroundWindow
InvalidateRgn
EndDeferWindowPos
EnumChildWindows
GetDoubleClickTime
FindWindowA
GetMessageTime
GetWindowThreadProcessId
RemovePropA
SendNotifyMessageA
SetScrollPos
SetScrollRange
GetWindowTextLengthA
EnableScrollBar
ChildWindowFromPoint
GetDlgItemInt
EndDialog
GetActiveWindow
GetWindow
GetPropA
GetCursorPos
WindowFromPoint
GetClassNameA
GetDlgCtrlID
IsWindow
SetPropA
IsWindowEnabled
IsWindowVisible
UnregisterClassA
CharNextA
MessageBoxA
SetActiveWindow
CheckRadioButton
SetFocus
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
CheckDlgButton
GetDlgItem
GetDCEx
DrawIconEx
CreateIconIndirect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetClipboardFormatNameA
SetCursorPos
RegisterClipboardFormatA
MessageBeep
RegisterWindowMessageA
PeekMessageA
PostMessageW
PeekMessageW
VkKeyScanA
SetParent
CharUpperA
GetDlgItemTextA
SetCursor
CreateDialogIndirectParamA
GetNextDlgTabItem
IsDialogMessageA
ScrollWindowEx
SendDlgItemMessageA
SetWindowRgn
IntersectRect
EqualRect
MoveWindow
BeginPaint
EndPaint
DeferWindowPos
BeginDeferWindowPos
CharNextExA
SetTimer
KillTimer
DrawIcon
DestroyIcon
MapWindowPoints
CreatePopupMenu
AppendMenuA
TrackPopupMenuEx
DestroyMenu
WinHelpA
PtInRect
DefWindowProcA
GetWindowDC
SetRect
LoadCursorA
IsRectEmpty
ClientToScreen
GetWindowRect
MapVirtualKeyA
DestroyWindow
CreateWindowExA
GetSysColorBrush
GetAsyncKeyState
EnableWindow
PostMessageA
TranslateMessage
DispatchMessageA
wsprintfA
DialogBoxParamA
UpdateWindow
GetWindowLongA
SetWindowLongA
GetDC
ReleaseDC
GetParent
OffsetRect
UnionRect
GetFocus
IsChild
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetMessagePos
ScreenToClient
SetWindowPos
SetCapture
GetWindowTextA
WindowFromDC
GetClientRect
CallWindowProcA
DrawEdge
GetSysColor
FrameRect
InflateRect
FillRect
DrawTextA
GetKeyState
GetCapture
ReleaseCapture
GetClassInfoA
RegisterClassA
InvalidateRect
LoadIconA
GetSystemMetrics
CopyImage
SendMessageA
LoadStringA
RedrawWindow
ShowWindow
CreateAcceleratorTableA

ole32

ReleaseStgMedium
DoDragDrop
RegisterDragDrop
RevokeDragDrop
CreateStreamOnHGlobal
OleLoadFromStream
OleSaveToStream
CreateOleAdviseHolder
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

advapi32

RegDeleteKeyA
RegOpenKeyA
RegQueryValueA
RegQueryValueExA
RegEnumKeyExA
RegCreateKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegDeleteValueA

oleaut32

SafeArrayRedim
SafeArrayPutElement
SafeArrayGetElement
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
GetErrorInfo
OleCreateFontIndirect
OleCreatePropertyFrame
LoadTypeLibEx
UnRegisterTypeLi
RegisterTypeLi
CreateErrorInfo
SetErrorInfo
LoadRegTypeLi
LoadTypeLi
VariantChangeTypeEx
SysStringByteLen
SysAllocStringByteLen
OleLoadPicture
SysAllocStringLen
VariantCopy
OleTranslateColor
VariantChangeType
OleCreatePictureIndirect
VariantCopyInd
SysStringLen
SysFreeString
VariantInit
VariantClear
SysAllocString
SafeArrayCopy

comdlg32

GetOpenFileNameA

gdi32

Arc
GetTextExtentPointA
GetCharWidthA
OffsetWindowOrgEx
ExtTextOutW
GetTextExtentPointW
Polyline
GetTextAlign
SetTextAlign
OffsetRgn
GetTextColor
CombineRgn
GetTextMetricsA
MoveToEx
LineTo
Ellipse
DeleteObject
SelectObject
CreateSolidBrush
SetViewportOrgEx
SetWindowOrgEx
SetViewportExtEx
SetWindowExtEx
SetMapMode
GetDeviceCaps
CreateFontIndirectA
GetObjectA
SelectClipRgn
ExcludeClipRect
RectVisible
GetClipBox
IntersectClipRect
GetClipRgn
CreateRectRgnIndirect
RealizePalette
SelectPalette
PatBlt
CreateCompatibleBitmap
CreateBitmap
CreateCompatibleDC
GetTextExtentPoint32A
TextOutA
SetBkColor
SetTextColor
SetBkMode
Rectangle
CreatePen
GetStockObject
GetViewportExtEx
GetWindowExtEx
LPtoDP
DeleteDC
CreateDCA
CreateRectRgn
StretchBlt
CreateICA
CopyMetaFileA
CopyEnhMetaFileA
GetPaletteEntries
GetDIBits
CreateDIBitmap
GetBitmapBits
CreatePalette
GetNearestColor
CreatePatternBrush
CreateDIBSection
CreateHalftonePalette
BitBlt
SetDIBColorTable
GetDIBColorTable
GetPixel
StretchDIBits
SetBrushOrgEx
GetBkColor
ExtTextOutA
RestoreDC
SaveDC
CreateFontA

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 687KB - Virtual size: 687KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 279KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000074
.dll regsvr32 windows:4 windows x86 arch:x86

d7112004d3c345a2ed68d74bba3d37f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ole32

StgCreateDocfileOnILockBytes
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
MkParseDisplayName
StgCreateDocfile
CreateBindCtx
CoCreateInstance
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
CoSetState
ReleaseStgMedium
CoGetClassObject
StringFromGUID2
CreateItemMoniker
GetRunningObjectTable
CoGetMalloc
CLSIDFromString
CoUnmarshalInterface
CoMarshalInterface
CoUnmarshalHresult
CoMarshalHresult

user32

CreateWindowExA
RegisterClipboardFormatA
RegisterClassA
GetClassInfoA
GetWindowLongA
IsWindow
DestroyWindow
DefWindowProcA
GetSysColor
SetWindowLongA
SetFocus
SetActiveWindow
GetActiveWindow
PostQuitMessage
PostMessageA
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageW
GetMessageA
SendMessageA
EnableWindow
GetParent
GetFocus
CharNextA
GetWindowTextA
CharLowerA
SendMessageW
GetDlgItem
GetKeyState
ReleaseDC
GetDialogBaseUnits
GetDC
GetClientRect
IsWindowUnicode
GetTopWindow
WinHelpA
wsprintfA
DestroyIcon
CreateIcon
CreateCursor
DrawIcon
GetSystemMetrics
GetIconInfo
CopyIcon
CopyImage

gdi32

GetWindowOrgEx
CreateHalftonePalette
CreateDIBitmap
CreateDIBSection
Escape
SetBitmapBits
SetDIBits
PlayMetaFileRecord
CreatePalette
GetEnhMetaFileBits
GetMetaFileBitsEx
CreateCompatibleDC
BitBlt
DeleteDC
CreateCompatibleBitmap
GetBitmapBits
SetEnhMetaFileBits
SaveDC
IntersectClipRect
GetPaletteEntries
OffsetViewportOrgEx
PlayEnhMetaFile
EnumMetaFile
RestoreDC
SetStretchBltMode
SetBkColor
SetTextColor
SetMapMode
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
GetWinMetaFileBits
GetCurrentObject
GetObjectType
GetStockObject
SelectPalette
RealizePalette
StretchBlt
GetDIBits
StretchDIBits
GetObjectA
GetBitmapDimensionEx
GetEnhMetaFileHeader
SetMetaFileBitsEx
CreateBitmap
PatBlt
DeleteEnhMetaFile
DeleteMetaFile
GetTextExtentPointA
GetDeviceCaps
SelectObject
GetTextMetricsW
GetTextMetricsA
GetTextFaceW
GetTextFaceA
EnumFontFamiliesExA
CreateFontIndirectA
DeleteObject

kernel32

LoadLibraryA
GlobalSize
FreeLibrary
LockResource
FlushFileBuffers
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
GetCurrentDirectoryA
VirtualAlloc
HeapSize
HeapReAlloc
RaiseException
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
ExitProcess
DeleteFileA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
HeapFree
HeapAlloc
SetEnvironmentVariableA
SetFilePointer
GetLocalTime
MultiByteToWideChar
GetProcAddress
SetStdHandle
GetLocaleInfoA
GetSystemDefaultLCID
GetUserDefaultLCID
GetVersionExA
TlsGetValue
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
GetModuleHandleA
CompareStringA
CompareStringW
LCMapStringA
LCMapStringW
GetStringTypeExA
GetStringTypeExW
GetLocaleInfoW
GetLastError
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
IsBadWritePtr
IsBadReadPtr
InterlockedExchange
GetVersion
IsDBCSLeadByte
MulDiv
RtlUnwind
GetDriveTypeA
LoadResource
FindResourceA
_lclose
_lread
_lwrite
_llseek
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
MapViewOfFile
GlobalHandle
GlobalReAlloc
GlobalDeleteAtom
GlobalAddAtomA
lstrlenW
GetDriveTypeW
TlsAlloc
_lopen
lstrcmpiA
UnmapViewOfFile
CloseHandle
TlsSetValue
GetSystemInfo
CreateFileMappingA
GetFileSize
SearchPathA
TlsFree
CreateFileA
SetErrorMode
GetFullPathNameA
SetLastError
GetCommandLineA

advapi32

RegOpenKeyW
RegQueryInfoKeyA
RegDeleteKeyA
RegCreateKeyW
RegQueryValueExW
RegSetValueExW
RegQueryValueW
RegEnumKeyW
RegCloseKey
RegFlushKey
RegSetValueA
RegEnumKeyA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyA
RegSetValueExA

Exports

Exports

BSTR_UserFree
BSTR_UserMarshal
BSTR_UserSize
BSTR_UserUnmarshal
BstrFromVector
ClearCustData
CreateDispTypeInfo
CreateErrorInfo
CreateStdDispatch
CreateTypeLib
CreateTypeLib2
DispCallFunc
DispGetIDsOfNames
DispGetParam
DispInvoke
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
DosDateTimeToVariantTime
GetActiveObject
GetAltMonthNames
GetErrorInfo
GetRecordInfoFromGuids
GetRecordInfoFromTypeInfo
LHashValOfNameSys
LHashValOfNameSysA
LPSAFEARRAY_Marshal
LPSAFEARRAY_Size
LPSAFEARRAY_Unmarshal
LPSAFEARRAY_UserFree
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserSize
LPSAFEARRAY_UserUnmarshal
LoadRegTypeLib
LoadTypeLib
LoadTypeLibEx
OACreateTypeLib2
OaBuildVersion
OleCreateFontIndirect
OleCreatePictureIndirect
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPicture
OleLoadPictureEx
OleLoadPictureFile
OleLoadPictureFileEx
OleLoadPicturePath
OleSavePictureFile
OleTranslateColor
QueryPathOfRegTypeLib
RegisterActiveObject
RegisterTypeLib
RevokeActiveObject
SafeArrayAccessData
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayAllocDescriptorEx
SafeArrayCopy
SafeArrayCopyData
SafeArrayCreate
SafeArrayCreateEx
SafeArrayCreateVector
SafeArrayCreateVectorEx
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayGetDim
SafeArrayGetElement
SafeArrayGetElemsize
SafeArrayGetIID
SafeArrayGetLBound
SafeArrayGetRecordInfo
SafeArrayGetUBound
SafeArrayGetVartype
SafeArrayLock
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SafeArraySetIID
SafeArraySetRecordInfo
SafeArrayUnaccessData
SafeArrayUnlock
SetErrorInfo
SysAllocString
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
SysReAllocString
SysReAllocStringLen
SysStringByteLen
SysStringLen
SystemTimeToVariantTime
UnRegisterTypeLib
UserBSTR_free_inst
UserBSTR_free_local
UserBSTR_from_local
UserBSTR_to_local
UserEXCEPINFO_free_inst
UserEXCEPINFO_free_local
UserEXCEPINFO_from_local
UserEXCEPINFO_to_local
UserHWND_free_inst
UserHWND_free_local
UserHWND_from_local
UserHWND_to_local
UserMSG_free_inst
UserMSG_free_local
UserMSG_from_local
UserMSG_to_local
UserVARIANT_free_inst
UserVARIANT_free_local
UserVARIANT_from_local
UserVARIANT_to_local
VARIANT_UserFree
VARIANT_UserMarshal
VARIANT_UserSize
VARIANT_UserUnmarshal
VarAbs
VarAdd
VarAnd
VarBoolFromCy
VarBoolFromDate
VarBoolFromDec
VarBoolFromDisp
VarBoolFromI1
VarBoolFromI2
VarBoolFromI4
VarBoolFromR4
VarBoolFromR8
VarBoolFromStr
VarBoolFromUI1
VarBoolFromUI2
VarBoolFromUI4
VarBstrCat
VarBstrCmp
VarBstrFromBool
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarBstrFromDisp
VarBstrFromI1
VarBstrFromI2
VarBstrFromI4
VarBstrFromR4
VarBstrFromR8
VarBstrFromUI1
VarBstrFromUI2
VarBstrFromUI4
VarCat
VarCmp
VarCyAbs
VarCyAdd
VarCyCmp
VarCyCmpR8
VarCyFix
VarCyFromBool
VarCyFromDate
VarCyFromDec
VarCyFromDisp
VarCyFromI1
VarCyFromI2
VarCyFromI4
VarCyFromR4
VarCyFromR8
VarCyFromStr
VarCyFromUI1
VarCyFromUI2
VarCyFromUI4
VarCyInt
VarCyMul
VarCyMulI4
VarCyNeg
VarCyRound
VarCySub
VarDateFromBool
VarDateFromCy
VarDateFromDec
VarDateFromDisp
VarDateFromI1
VarDateFromI2
VarDateFromI4
VarDateFromR4
VarDateFromR8
VarDateFromStr
VarDateFromUI1
VarDateFromUI2
VarDateFromUI4
VarDateFromUdate
VarDateFromUdateEx
VarDecAbs
VarDecAdd
VarDecCmp
VarDecCmpR8
VarDecDiv
VarDecFix
VarDecFromBool
VarDecFromCy
VarDecFromDate
VarDecFromDisp
VarDecFromI1
VarDecFromI2
VarDecFromI4
VarDecFromR4
VarDecFromR8
VarDecFromStr
VarDecFromUI1
VarDecFromUI2
VarDecFromUI4
VarDecInt
VarDecMul
VarDecNeg
VarDecRound
VarDecSub
VarDiv
VarEqv
VarFix
VarFormat
VarFormatCurrency
VarFormatDateTime
VarFormatFromTokens
VarFormatNumber
VarFormatPercent
VarI1FromBool
VarI1FromCy
VarI1FromDate
VarI1FromDec
VarI1FromDisp
VarI1FromI2
VarI1FromI4
VarI1FromR4
VarI1FromR8
VarI1FromStr
VarI1FromUI1
VarI1FromUI2
VarI1FromUI4
VarI2FromBool
VarI2FromCy
VarI2FromDate
VarI2FromDec
VarI2FromDisp
VarI2FromI1
VarI2FromI4
VarI2FromR4
VarI2FromR8
VarI2FromStr
VarI2FromUI1
VarI2FromUI2
VarI2FromUI4
VarI4FromBool
VarI4FromCy
VarI4FromDate
VarI4FromDec
VarI4FromDisp
VarI4FromI1
VarI4FromI2
VarI4FromR4
VarI4FromR8
VarI4FromStr
VarI4FromUI1
VarI4FromUI2
VarI4FromUI4
VarIdiv
VarImp
VarInt
VarMod
VarMonthName
VarMul
VarNeg
VarNot
VarNumFromParseNum
VarOr
VarParseNumFromStr
VarPow
VarR4CmpR8
VarR4FromBool
VarR4FromCy
VarR4FromDate
VarR4FromDec
VarR4FromDisp
VarR4FromI1
VarR4FromI2
VarR4FromI4
VarR4FromR8
VarR4FromStr
VarR4FromUI1
VarR4FromUI2
VarR4FromUI4
VarR8FromBool
VarR8FromCy
VarR8FromDate
VarR8FromDec
VarR8FromDisp
VarR8FromI1
VarR8FromI2
VarR8FromI4
VarR8FromR4
VarR8FromStr
VarR8FromUI1
VarR8FromUI2
VarR8FromUI4
VarR8Pow
VarR8Round
VarRound
VarSub
VarTokenizeFormatString
VarUI1FromBool
VarUI1FromCy
VarUI1FromDate
VarUI1FromDec
VarUI1FromDisp
VarUI1FromI1
VarUI1FromI2
VarUI1FromI4
VarUI1FromR4
VarUI1FromR8
VarUI1FromStr
VarUI1FromUI2
VarUI1FromUI4
VarUI2FromBool
VarUI2FromCy
VarUI2FromDate
VarUI2FromDec
VarUI2FromDisp
VarUI2FromI1
VarUI2FromI2
VarUI2FromI4
VarUI2FromR4
VarUI2FromR8
VarUI2FromStr
VarUI2FromUI1
VarUI2FromUI4
VarUI4FromBool
VarUI4FromCy
VarUI4FromDate
VarUI4FromDec
VarUI4FromDisp
VarUI4FromI1
VarUI4FromI2
VarUI4FromI4
VarUI4FromR4
VarUI4FromR8
VarUI4FromStr
VarUI4FromUI1
VarUI4FromUI2
VarUdateFromDate
VarWeekdayName
VarXor
VariantChangeType
VariantChangeTypeEx
VariantClear
VariantCopy
VariantCopyInd
VariantInit
VariantTimeToDosDateTime
VariantTimeToSystemTime
VectorFromBstr

Sections

.text
Size: 520KB - Virtual size: 519KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000075
.dll regsvr32 windows:4 windows x86 arch:x86

8f50e2228a97d0224410529663a78a82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
GlobalAddAtomA
GlobalDeleteAtom
GlobalReAlloc
GlobalHandle
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
LockResource
FreeLibrary
MulDiv
IsDBCSLeadByte
LoadLibraryA
InterlockedDecrement
HeapDestroy
SetFilePointer
SetStdHandle
CloseHandle
FlushFileBuffers
RaiseException
GetLocaleInfoW
InterlockedIncrement
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetProcAddress
WideCharToMultiByte
VirtualAlloc
LCMapStringW
LCMapStringA
WriteFile
VirtualFree
HeapCreate
GetCommandLineA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
ExitProcess
HeapFree
HeapAlloc
GetVersion
GetLastError
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
RtlUnwind

user32

GetMessageA
SendMessageA
EnableWindow
CopyIcon
GetIconInfo
CopyImage
DrawIcon
CreateCursor
GetSystemMetrics
DestroyIcon
wsprintfA
GetSysColor
SetWindowLongA
GetWindowLongA
DestroyWindow
SetFocus
IsWindow
SetActiveWindow
GetActiveWindow
PostQuitMessage
PostMessageA
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageW
RegisterClipboardFormatA
GetDlgItem
CreateIcon
GetParent
GetFocus
CharNextA
GetWindowTextA
CharLowerA
SendMessageW
GetDC
GetKeyState
ReleaseDC
GetDialogBaseUnits
GetClientRect
IsWindowUnicode
GetTopWindow
WinHelpA

gdi32

SetViewportExtEx
SetMapMode
SetTextColor
DeleteDC
CreateCompatibleBitmap
PatBlt
DeleteEnhMetaFile
DeleteMetaFile
GetTextExtentPointA
GetPaletteEntries
DeleteObject
CreateFontIndirectA
EnumFontFamiliesExA
GetTextFaceA
GetTextFaceW
GetTextMetricsA
GetTextMetricsW
SelectObject
GetDeviceCaps
CreateBitmap
SetMetaFileBitsEx
GetEnhMetaFileHeader
GetBitmapDimensionEx
GetObjectA
StretchDIBits
GetDIBits
StretchBlt
RealizePalette
SelectPalette
GetStockObject
GetObjectType
GetCurrentObject
CreateHalftonePalette
CreateDIBitmap
CreateDIBSection
Escape
SetBitmapBits
SetDIBits
PlayMetaFileRecord
CreatePalette
GetEnhMetaFileBits
GetMetaFileBitsEx
CreateCompatibleDC
BitBlt
SetViewportOrgEx
GetWinMetaFileBits
GetBitmapBits
SetEnhMetaFileBits
SaveDC
IntersectClipRect
GetWindowOrgEx
OffsetViewportOrgEx
PlayEnhMetaFile
EnumMetaFile
RestoreDC
SetStretchBltMode
SetBkColor
SetWindowOrgEx
SetWindowExtEx

ole32

ReleaseStgMedium
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
StgCreateDocfile
CoCreateInstance
StringFromGUID2
CoGetMalloc

advapi32

RegFlushKey
RegQueryValueA
RegSetValueA
RegCreateKeyA
RegOpenKeyA
RegCloseKey

oleaut32

SysAllocString
VariantClear
VariantChangeType
SysFreeString
VariantInit
LoadTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
OleCreateFontIndirect
OleCreatePictureIndirect
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPicture
OleTranslateColor

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000076
.exe windows:5 windows x86 arch:x86

cfb8ad251fa98c8c891304e231aa1ebf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetOEMCP
lstrcpyA
lstrcpyW
MultiByteToWideChar
FreeLibrary
GetProcAddress
GetLastError
LoadLibraryExA
SetErrorMode
LocalAlloc
lstrcatA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
lstrlenA
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
WriteFile
HeapFree
HeapAlloc
VirtualAlloc
LoadLibraryA
SetFilePointer
LCMapStringA
LCMapStringW
FlushFileBuffers
SetStdHandle
GetStringTypeA
GetStringTypeW
CloseHandle

user32

LoadStringA
wsprintfA
MessageBoxA

ole32

OleInitialize
OleUninitialize

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
f0000077
.exe windows:4 windows x86 arch:x86

a3cd138f09c17f81fb64526d63cb2df6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
ExitProcess
DeleteFileA
FreeLibrary
lstrcpyA
GetProcAddress
LoadLibraryA
VirtualFree
CloseHandle
WriteFile
GetWindowsDirectoryA
CreateFileA
lstrcatA
CompareStringA
GetCurrentDirectoryA
lstrlenA
ReadFile
SetFilePointer
VirtualAlloc
GetModuleFileNameA
InterlockedIncrement
GetModuleHandleA

user32

SetCursor
LoadCursorA
wsprintfA
ShowWindow
FindWindowA
MessageBoxA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 766B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Shared
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 434B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000078
f0000079
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000080
.exe windows:4 windows x86 arch:x86

a3cd138f09c17f81fb64526d63cb2df6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
ExitProcess
DeleteFileA
FreeLibrary
lstrcpyA
GetProcAddress
LoadLibraryA
VirtualFree
CloseHandle
WriteFile
GetWindowsDirectoryA
CreateFileA
lstrcatA
CompareStringA
GetCurrentDirectoryA
lstrlenA
ReadFile
SetFilePointer
VirtualAlloc
GetModuleFileNameA
InterlockedIncrement
GetModuleHandleA

user32

SetCursor
LoadCursorA
wsprintfA
ShowWindow
FindWindowA
MessageBoxA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 766B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Shared
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 434B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000081
f0000082
f0000083
.doc windows office2003
f0000084
.doc windows office2003
f0000085
.doc windows office2003
f0000086
.dll regsvr32 windows:4 windows x86 arch:x86

56be22ee3373324697a5084dd5e24fc6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetShortPathNameA
GetStringTypeExA
SizeofResource
InterlockedExchange
GetComputerNameA
CreateProcessA
GetUserDefaultLangID
GlobalFlags
GetSystemInfo
GlobalReAlloc
GetSystemDirectoryA
IsBadCodePtr
HeapCreate
GlobalMemoryStatus
VirtualAlloc
VirtualFree
SetProcessWorkingSetSize
HeapReAlloc
HeapFree
HeapAlloc
HeapSize
GetDateFormatA
GetTimeFormatA
GetProfileIntA
lstrcatA
HeapDestroy
WaitForSingleObject
lstrcmpiA
GlobalCompact
FindResourceA
LoadResource
LockResource
lstrlenA
_lopen
_lread
_lclose
FormatMessageA
WideCharToMultiByte
LCMapStringA
GetSystemDefaultLCID
IsDBCSLeadByte
GlobalAlloc
GetSystemDefaultLangID
GlobalFree
GetFileSize
MoveFileA
DeleteFileA
SetCurrentDirectoryA
GetCurrentDirectoryA
FindNextFileA
GetLogicalDrives
GetVolumeInformationA
GetDiskFreeSpaceA
SystemTimeToFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
FileTimeToDosDateTime
EnterCriticalSection
FindFirstFileA
UnlockFile
GetFileTime
SetErrorMode
LocalFree
Sleep
WinExec
GetModuleFileNameA
MulDiv
LockFile
GetCurrentProcess
DuplicateHandle
SetEndOfFile
SetFilePointer
WriteFile
ReadFile
CloseHandle
GetFileAttributesA
CreateFileA
GetLastError
GetDriveTypeA
RaiseException
IsValidLocale
GetProfileStringA
GetOEMCP
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTickCount
GetFullPathNameA
GlobalSize
GlobalLock
GlobalUnlock
SearchPathA
GetModuleHandleA
InterlockedIncrement
GetLocaleInfoA
GetCurrentProcessId
MultiByteToWideChar
GetCurrentThreadId
InitializeCriticalSection
lstrlenW
lstrcpyA
DeleteCriticalSection
LeaveCriticalSection
FindClose
CopyFileA
SetFileAttributesA
LoadLibraryA
GetProcAddress
FreeLibrary
GetCPInfo
GetSystemTime
QueryPerformanceFrequency
GetACP
GetVersionExA
GetLocalTime
IsBadReadPtr
InterlockedDecrement

user32

GetSystemMetrics
InsertMenuItemA
BringWindowToTop
DefWindowProcA
SendMessageA
EndPaint
SetFocus
EnableWindow
MessageBoxA
DestroyMenu
DestroyWindow
ShowWindow
SetClassLongA
GetClassLongA
UpdateWindow
GetWindowLongA
MoveWindow
PostMessageA
GetMenuItemInfoA
GetMenuItemCount
RemoveMenu
ReleaseDC
GetDC
TranslateMessage
GetQueueStatus
SetTimer
PeekMessageA
KillTimer
OffsetRect
GetDesktopWindow
DrawFocusRect
SetClipboardViewer
ChangeClipboardChain
CreateWindowExA
AdjustWindowRect
LoadImageA
ReleaseCapture
SetCapture
GetClassInfoA
RedrawWindow
UnregisterClassA
SetWindowLongA
LoadStringA
FillRect
FrameRect
InflateRect
DrawTextA
SetRectEmpty
CopyRect
PostQuitMessage
GetMenu
ClipCursor
GetClipboardFormatNameA
GetKeyboardLayout
RegisterClipboardFormatA
GetCapture
GetAsyncKeyState
ValidateRect
OemToCharBuffA
InSendMessage
CharPrevA
CharNextA
GetKeyboardType
CharToOemBuffA
ShowCursor
GetActiveWindow
GetFocus
GetCursorPos
GetKeyState
CharUpperBuffA
CharLowerBuffA
DialogBoxParamA
CheckRadioButton
CreateIcon
DestroyCursor
ClientToScreen
RegisterClassA
LoadCursorA
IsWindowVisible
IsIconic
GetSubMenu
IsWindow
SetParent
IsDlgButtonChecked
CheckDlgButton
InvalidateRect
GetWindow
DestroyIcon
DrawIcon
LoadAcceleratorsA
CopyAcceleratorTableA
CreateAcceleratorTableA
DestroyAcceleratorTable
IsChild
SetClipboardData
GetClipboardData
OpenClipboard
EmptyClipboard
CloseClipboard
FindWindowA
GetWindowThreadProcessId
SetCursorPos
GetCursor
keybd_event
MessageBeep
MapVirtualKeyA
GetKeyboardState
SetKeyboardState
CharToOemA
WinHelpA
SetCursor
SetRect
EndDialog
CallWindowProcA
GetClassInfoExA
RegisterClassExA
GetWindowTextA
GetDlgItem
SendDlgItemMessageA
SetWindowTextA
SetForegroundWindow
SetActiveWindow
GetSysColorBrush
DrawIconEx
AppendMenuA
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetScrollInfo
SetScrollInfo
ShowScrollBar
IsZoomed
AdjustWindowRectEx
GetMenuStringA
GetMenuItemID
CreateMDIWindowA
LoadIconA
ShowCaret
SetCaretPos
HideCaret
DestroyCaret
ScrollDC
InvalidateRgn
RegisterWindowMessageA
DrawFrameControl
EnableMenuItem
InsertMenuA
ModifyMenuA
SetMenu
SetMenuItemInfoA
SystemParametersInfoA
GetSystemMenu
DeleteMenu
LoadMenuIndirectA
CreatePopupMenu
DrawMenuBar
GrayStringA
GetWindowDC
SubtractRect
GetDCEx
WindowFromPoint
GetClassNameA
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
DispatchMessageA
GetMessageA
DdeAbandonTransaction
DdeUninitialize
DdeInitializeA
DdePostAdvise
DdeClientTransaction
DdeDisconnect
DdeConnect
DdeAccessData
DdeUnaccessData
DdeFreeDataHandle
DdeEnableCallback
DdeGetLastError
UnionRect
LoadCursorFromFileA
CreateCursor
SetWindowPos
DdeNameService
DdeFreeStringHandle
DdeCreateDataHandle
DdeCreateStringHandleA
DdeQueryStringA
GetSysColor
IsClipboardFormatAvailable
CreateCaret
GetClientRect
ScreenToClient
GetWindowRect
GetParent
SetWindowRgn
EqualRect
IntersectRect
wsprintfA
CreateMenu
PtInRect
SetDlgItemTextA
LoadBitmapA
GetUpdateRect
BeginPaint
ActivateKeyboardLayout

gdi32

SetBrushOrgEx
DeleteMetaFile
CloseMetaFile
GetDIBits
StretchDIBits
GetClipBox
CreateRectRgnIndirect
EnumFontsA
GetDeviceCaps
SetBkColor
SetTextColor
Rectangle
GetBkColor
GetTextColor
GetStockObject
SelectObject
PatBlt
DeleteObject
GetObjectA
CreateHalftonePalette
DeleteDC
CreatePalette
GetDIBColorTable
CreateCompatibleDC
RealizePalette
SelectPalette
SetBkMode
GetBkMode
CreateFontIndirectA
BitBlt
RoundRect
Ellipse
CreateRoundRectRgn
CreateEllipticRgnIndirect
FillRgn
CombineRgn
LineTo
MoveToEx
CreatePen
CreateSolidBrush
SetROP2
GetROP2
GetDCOrgEx
LPtoDP
UnrealizeObject
PaintRgn
CreateRectRgn
CreatePatternBrush
CreateBitmap
GetRgnBox
RectInRegion
FrameRgn
Polyline
GetPixel
EnumFontFamiliesExA
AddFontResourceA
GetTextMetricsA
RemoveFontResourceA
SetTextAlign
GetTextAlign
CopyMetaFileA
CreateHatchBrush
SelectClipRgn
SetRectRgn
ExtTextOutA
GetTextExtentPointA
GdiFlush
OffsetRgn
SetBitmapBits
AbortDoc
EndDoc
StartDocA
EndPage
StartPage
CreateICA
Escape
EnumFontFamiliesA
GetBitmapBits
CreateCompatibleBitmap
CreateBrushIndirect
SetDIBits
CreateDIBitmap
SetViewportExtEx
CreateDCA
SetMapMode
SetViewportOrgEx
CreateMetaFileA
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
SetStretchBltMode
StretchBlt

winspool.drv

ClosePrinter
WritePrinter
DocumentPropertiesA
GetPrinterA
EnumPrintersA
EndDocPrinter
StartDocPrinterA
OpenPrinterA

comdlg32

ChooseColorA
ChooseFontA
CommDlgExtendedError
PrintDlgA
GetOpenFileNameA
GetSaveFileNameA

comctl32

ImageList_Add
ImageList_DragMove
ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_EndDrag

advapi32

RegQueryInfoKeyA
RegEnumValueA
RegDeleteValueA
RegEnumKeyA
RegSetValueA
RegOpenKeyW
RegQueryValueA
RegCreateKeyA
RegQueryValueExA
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegOpenKeyA

shell32

ShellExecuteA
SHFileOperationA
SHAppBarMessage
DragQueryFileA

msvcrt

_mbschr
_mbsrchr
_mbsstr
_mbscspn
_mbsnbcpy
_mbsnbicmp
_mbsnbcat
_stricmp
_strnicmp
strchr
strrchr
strstr
strncpy
strncat
strcspn
_winmajor
_winminor
strtok
atoi
atof
_HUGE
toupper
ceil
floor
sqrt
_itoa
__mb_cur_max
_isctype
_pctype
memcmp
abs
memmove
strcmp
_ftol
strcat
memset
wcslen
wcsncpy
_wcsicmp
_purecall
strcpy
exit
longjmp
_seh_longjmp_unwind
_except_handler3
strlen
_control87
_setjmp3
memchr
atol
strncmp
_mbsicmp
_makepath
_splitpath
sin
cos
acos
asin
atan
tan
atan2
pow
exp
log10
log
getenv
_rmdir
_mkdir
_setmode
_isatty
fabs
modf
ldexp
sscanf
_ultoa
iswctype
strtoul
div
isspace
wcschr
wcscat
wcscpy
_strupr
strspn
ldiv
_strrev
_access
__CxxFrameHandler
_CxxThrowException
isalnum
sprintf
fprintf
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
_iob
__dllonexit
_onexit
free
malloc

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

mpr

WNetOpenEnumA
WNetCloseEnum
WNetEnumResourceA
WNetAddConnection2A
WNetGetUserA
WNetCancelConnection2A
WNetGetConnectionA

oleaut32

SafeArrayCreate
SafeArrayUnaccessData
VariantCopy
LoadRegTypeLi
CreateErrorInfo
SysAllocString
SetErrorInfo
SysStringLen
SysAllocStringLen
SysFreeString
LoadTypeLi
VariantInit
VariantClear
VariantCopyInd
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayGetUBound
GetActiveObject
SafeArrayGetLBound
SafeArrayDestroy
SafeArrayPutElement
OleCreatePropertyFrame
SafeArrayAccessData
DispCallFunc
GetErrorInfo
OleCreatePictureIndirect
OleLoadPicture
RevokeActiveObject
VariantChangeType

ole32

OleRegGetUserType
OleRegGetMiscStatus
CoCreateInstance
StringFromGUID2
OleRegEnumVerbs
CreateDataAdviseHolder
CLSIDFromProgID
CoLockObjectExternal
CLSIDFromString
CoRegisterClassObject
CoUninitialize
CoInitialize
ReleaseStgMedium
CoRevokeClassObject
CoGetMalloc
OleCreateMenuDescriptor
DoDragDrop
RegisterDragDrop
RevokeDragDrop
OleDuplicateData
OleGetClipboard
CoTaskMemFree
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleBuildVersion
OleUninitialize
WriteClassStm
OleSaveToStream
CoDisconnectObject
StgCreateDocfile
OleInitialize
StgIsStorageFile
ProgIDFromCLSID
CreateOleAdviseHolder
OleDestroyMenuDescriptor
StgOpenStorage
OleFlushClipboard
OleIsCurrentClipboard
OleIsRunning
BindMoniker
MkParseDisplayName
CreateBindCtx
OleSave
WriteClassStg
OleDraw
OleLoad
CreateFileMoniker
ReadClassStg
OleConvertOLESTREAMToIStorage
OleCreate
OleCreateFromFile
OleCreateLinkToFile
CoIsOle1Class
OleCreateLinkFromData
OleCreateFromData
OleCreateStaticFromData
OleSetContainedObject
OleConvertIStorageToOLESTREAM
OleQueryLinkFromData
OleRun
IsAccelerator
OleSetMenuDescriptor
CreateGenericComposite
CreateItemMoniker
OleSetClipboard
CoGetClassObject
OleDoAutoConvert
ReadClassStm
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleGetIconOfClass
StgOpenStorageOnILockBytes
GetHGlobalFromILockBytes
GetClassFile
OleQueryCreateFromData
StringFromCLSID

winmm

PlaySoundA
timeGetTime

Exports

Exports

@OCXAPIInit@4
DllCanUnloadNow
DllGetClassObject
DllOleInit
DllRegisterServer
DllUnregisterServer
DllWinMain
VFPDllCanUnloadNow
VFPDllGetClassObject

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000087
.dll windows:4 windows x86 arch:x86

105a34c3b3ecaf6803be201e74c83cf4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

LoadStringA
MessageBoxA

kernel32

DisableThreadLibraryCalls

Exports

Exports

DllVersion

Sections

.text
Size: 512B - Virtual size: 125B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 266B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 853KB - Virtual size: 852KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000088
.exe windows:4 windows x86 arch:x86

21b0be9e9c79dd1b598e3cb319374dd2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__setusermatherr
__p__commode
__p__fmode
_initterm
_adjust_fdiv
_controlfp
__dllonexit
??3@YAXPAX@Z
exit
__getmainargs
_acmdln
strlen
_XcptFilter
_exit
??2@YAPAXI@Z
_stricmp
strcpy
__set_app_type
_except_handler3
_onexit

kernel32

GetStartupInfoA
GetModuleHandleA
WideCharToMultiByte
GetCommandLineA
GetModuleFileNameA

user32

LoadStringA
MessageBoxA
wsprintfA

advapi32

RegDeleteKeyA
RegOpenKeyA
RegCreateKeyA
RegSetValueExA
RegCloseKey

ole32

OleInitialize
StringFromGUID2
CoCreateInstance

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 865B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 685B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000089
.sys windows:5 windows x86 arch:x86

be1689dcdad44eba0f89fa767a0a215b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoCreateDevice
KeSetEvent
KeWaitForSingleObject
KeInitializeEvent
IofCompleteRequest
PoCallDriver
PoStartNextPowerIrp
ExFreePool
ExAllocatePoolWithTag
IoDeleteDevice
IoDetachDevice
IoDeleteSymbolicLink
RtlInitUnicodeString
IoAttachDeviceToDeviceStack
IoCreateSymbolicLink
IofCallDriver
RtlFreeAnsiString
RtlUnicodeStringToAnsiString
IoBuildDeviceIoControlRequest
rand
KeDelayExecutionThread
sprintf
InterlockedDecrement
InterlockedIncrement

usbd.sys

_USBD_ParseConfigurationDescriptorEx@28
USBD_GetUSBDIVersion
_USBD_CreateConfigurationRequestEx@8

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 832B - Virtual size: 810B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 352B - Virtual size: 332B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000090
f0000091
.sys windows:5 windows x86 arch:x86

be1689dcdad44eba0f89fa767a0a215b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoCreateDevice
KeSetEvent
KeWaitForSingleObject
KeInitializeEvent
IofCompleteRequest
PoCallDriver
PoStartNextPowerIrp
ExFreePool
ExAllocatePoolWithTag
IoDeleteDevice
IoDetachDevice
IoDeleteSymbolicLink
RtlInitUnicodeString
IoAttachDeviceToDeviceStack
IoCreateSymbolicLink
IofCallDriver
RtlFreeAnsiString
RtlUnicodeStringToAnsiString
IoBuildDeviceIoControlRequest
rand
KeDelayExecutionThread
sprintf
InterlockedDecrement
InterlockedIncrement

usbd.sys

_USBD_ParseConfigurationDescriptorEx@28
USBD_GetUSBDIVersion
_USBD_CreateConfigurationRequestEx@8

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 832B - Virtual size: 810B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 352B - Virtual size: 332B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000092
f0000093
.exe windows:4 windows x86 arch:x86

208bd77ce42c2f2815c3279bdb7a44d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
__p__fmode
_adjust_fdiv
_controlfp
_access
__p__commode
__setusermatherr
_initterm
__getmainargs
__p__acmdln
exit
_XcptFilter
_exit
_mbschr
strtok
_mbsicmp
_mbsrchr
_mbsncpy
_pctype
_isctype
__mb_cur_max
_except_handler3

kernel32

GetStartupInfoA
GetModuleHandleA
_llseek
_lread
_lopen
_lclose
GetModuleFileNameA
LoadLibraryA
GetProcAddress
GetCurrentDirectoryA
GetSystemDirectoryA
lstrcatA
lstrcpyA

user32

wsprintfA
MessageBoxA
LoadStringA

advapi32

RegQueryValueA
RegOpenKeyA
RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
f0000094
.doc windows office2003
f0000095
.exe windows:4 windows x86 arch:x86

208bd77ce42c2f2815c3279bdb7a44d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
__p__fmode
_adjust_fdiv
_controlfp
_access
__p__commode
__setusermatherr
_initterm
__getmainargs
__p__acmdln
exit
_XcptFilter
_exit
_mbschr
strtok
_mbsicmp
_mbsrchr
_mbsncpy
_pctype
_isctype
__mb_cur_max
_except_handler3

kernel32

GetStartupInfoA
GetModuleHandleA
_llseek
_lread
_lopen
_lclose
GetModuleFileNameA
LoadLibraryA
GetProcAddress
GetCurrentDirectoryA
GetSystemDirectoryA
lstrcatA
lstrcpyA

user32

wsprintfA
MessageBoxA
LoadStringA

advapi32

RegQueryValueA
RegOpenKeyA
RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
f0000096
.xls windows office2003
数据王538/odbckey.inf
数据王538/odbcstf.dll
.dll windows:4 windows x86 arch:x86

5514db4b207087e90009b344ff1804b2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

strcpy
_stricmp
malloc
strlen
sprintf
sscanf
_close
_open
_access
memset
fflush
strchr
strstr
fclose
strtoul
memcmp
getenv
fopen
fprintf
free
_spawnlp
strcat

advapi32

OpenThreadToken
RegEnumValueA
RegOpenKeyA
RegQueryValueExA
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegCloseKey
RegQueryValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA

user32

LoadCursorA
SetCursor
ExitWindowsEx
wsprintfA
GetDesktopWindow
MessageBoxA

kernel32

GetFileSize
GetSystemDirectoryA
LocalAlloc
LocalLock
LocalUnlock
LocalFree
GetModuleFileNameA
GetModuleHandleW
lstrcmpiA
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentThread
GetVersionExA
GetWindowsDirectoryA
GetVersion
GetCurrentProcess
CreateProcessA
WaitForSingleObject
MoveFileExA
CloseHandle
GetPrivateProfileStringA
GetLastError
FormatMessageA
CreateFileA

mssetup

RestartListEmpty
ForceRestartOn
CbGetSymbolValue
GetSilentMode

Exports

Exports

AcmeComplianceCheck
AcmeConfigDataSource
AcmeDetectFileInUse
AcmeDetectOS
AcmeDllRegisterServer
AcmeFail
AcmeInstallDriver
AcmeInstallDriverManager
AcmeInstallTranslator
AcmeManageDataSources
AcmePrep
AcmeReboot
AcmeYesNo
AsyncEXECalloutCAH
CompareRegData
DetectAdminPrivileges
DetectRegData
LibMain
MdacVerCmp
NTVersion
NoAdminSyncEXECallout
SyncEXECalloutCAH
SyncEXECalloutCAH1
SzGetDatadefVer

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
数据王538/setup.exe
数据王538/setup.inf
数据王538/setup.ini
数据王538/setup.lst
数据王538/setup.stf
数据王538/setup.tdf
数据王538/下载说明.htm
.html .js polyglot
数据王538/双击“setup.exe”可安装《数据王》软件.txt

Sharing

General

Malware Config

Signatures

Files

d057661fa0c57da4e10eca58cdf1dc72

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

ole32

mpr

mssetup

version

shell32

Sections

.text Size: 207KB - Virtual size: 207KB

.bss Size: - Virtual size: 2KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 28KB - Virtual size: 28KB

.idata Size: 10KB - Virtual size: 9KB

.edata Size: 512B - Virtual size: 53B

.rsrc Size: 87KB - Virtual size: 88KB

.reloc Size: 17KB - Virtual size: 16KB

9f91a6d65da7fff6bdb420d66d40fac0

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

version

lz32

Exports

Exports

Sections

.text Size: 195KB - Virtual size: 194KB

.expo Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 21KB - Virtual size: 21KB

.idata Size: 7KB - Virtual size: 6KB

.edata Size: 9KB - Virtual size: 8KB

.rsrc Size: 28KB - Virtual size: 27KB

.reloc Size: 11KB - Virtual size: 11KB

8d26773106ed39fbb89a157d19d8aa89

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 190KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 28KB - Virtual size: 28KB

.rsrc Size: 4KB - Virtual size: 936B

.reloc Size: 12KB - Virtual size: 9KB

57259dcda30c27e977785c33a8441434

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 243KB - Virtual size: 243KB

.rdata Size: 44KB - Virtual size: 44KB

.data Size: 12KB - Virtual size: 19KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 916B

.reloc Size: 12KB - Virtual size: 12KB

a6ddee4715543289a7e54b780402c0c5

Headers

File Characteristics

Imports

.text
Size: 207KB - Virtual size: 207KB

.bss
Size: - Virtual size: 2KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 28KB - Virtual size: 28KB

.idata
Size: 10KB - Virtual size: 9KB

.edata
Size: 512B - Virtual size: 53B

.rsrc
Size: 87KB - Virtual size: 88KB

.reloc
Size: 17KB - Virtual size: 16KB

.text
Size: 195KB - Virtual size: 194KB

.expo
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 21KB - Virtual size: 21KB

.idata
Size: 7KB - Virtual size: 6KB

.edata
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 28KB - Virtual size: 27KB

.reloc
Size: 11KB - Virtual size: 11KB

.text
Size: 192KB - Virtual size: 190KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 28KB - Virtual size: 28KB

.rsrc
Size: 4KB - Virtual size: 936B

.reloc
Size: 12KB - Virtual size: 9KB

.text
Size: 243KB - Virtual size: 243KB

.rdata
Size: 44KB - Virtual size: 44KB

.data
Size: 12KB - Virtual size: 19KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 916B

.reloc
Size: 12KB - Virtual size: 12KB

.text
Size: 30KB - Virtual size: 30KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 15KB - Virtual size: 20KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 3KB

.text
Size: 104KB - Virtual size: 100KB

.data
Size: 20KB - Virtual size: 25KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 512B - Virtual size: 227B

.rsrc
Size: 4KB - Virtual size: 1004B

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 192B - Virtual size: 164B

.data
Size: 32B - Virtual size: 30B

INIT
Size: 544B - Virtual size: 536B

.rsrc
Size: 896B - Virtual size: 888B

.reloc
Size: 192B - Virtual size: 174B

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 9KB

.reloc
Size: 4KB - Virtual size: 3KB