b51138a0fa32f239409b0f12d873d89f

Sharing

Copy URL Twitter E-mail

General

Target

b51138a0fa32f239409b0f12d873d89f
Size

1.4MB
MD5

b51138a0fa32f239409b0f12d873d89f
SHA1

634054565317e5fe0526279d8b47bd67be6320ed
SHA256

cc3c72c52a313a02a2e5467eb73ae38a629258d1fdbbb105dafbb8e9282ca3b6
SHA512

e713067f686d491a3d82773d61518e4fca1fbedabec8d5b9521b2222522d712fc19038e62b8ad1e4dea491c78dd1a0e242f26a2f6f5dd9f301d852d6f786a364
SSDEEP

24576:doOFijYejhIDy1PlVCVhjxU5Sj0etvvssbJteHmDpAIQ+DK5cDXZDwu2GI2a8Cr:doORDOchj257uJBsQ6u20a

Score

3^/10

Malware Config

Signatures

Unsigned PE 21 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ACTXPRXY.DLL
unpack001/ADVPACK.DLL
unpack001/ASCTRLS.OCX
unpack001/ATL.DLL
unpack001/BROWSELC.DLL
unpack001/BROWSEUI.DLL
unpack001/COMCTL32.DLL
unpack001/CORPOL.DLL
unpack001/CRYPTDLG.DLL
unpack001/DHTMLED.OCX
unpack001/DIGEST.DLL
unpack001/DISPEX.DLL
unpack001/DXTMSFT.DLL
unpack001/DXTRANS.DLL
unpack001/HLINK.DLL
unpack001/HMMAPI.DLL
unpack001/IE4.DLL
unpack001/IE4UINIT.EXE
unpack001/IEDETECT.DLL
unpack001/IEDKCS32.DLL
unpack001/IEINFO5.OCX

Files

b51138a0fa32f239409b0f12d873d89f
.cab
ACCESSIB.CHM
.chm
ACTXPRXY.DLL
.dll regsvr32 windows:5 windows x86 arch:x86

93fcd40ed5f58809c21cc3c1949a5496

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
malloc
_initterm
free

kernel32

LoadLibraryA
GetLastError
InterlockedExchange
FreeLibrary
GetProcAddress
DisableThreadLibraryCalls
RaiseException
LocalAlloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ADVPACK.DLL
.dll windows:5 windows x86 arch:x86

dce0ad7ab2c2d08091580dec5ccce297

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

RtlUnwind

user32

CreateDialogParamA
UpdateWindow
DestroyWindow
ShowWindow
IsWindow
OemToCharA
DialogBoxParamA
SetDlgItemTextA
GetDlgItemTextA
GetDesktopWindow
SetWindowTextA
GetDlgItem
EnableWindow
EndDialog
ExitWindowsEx
CharToOemA
MessageBeep
MessageBoxA
SendDlgItemMessageA
GetSystemMetrics
CharUpperA
PeekMessageA
MsgWaitForMultipleObjects
DispatchMessageA
CharPrevA
GetWindowRect
GetDC
ReleaseDC
SetWindowPos
SendMessageA
LoadStringA
wsprintfA
CharNextA

gdi32

GetStockObject
GetObjectA
CreateFontIndirectA
GetDeviceCaps
DeleteObject

kernel32

ReadFile
WritePrivateProfileSectionA
GetProfileStringA
GetFileTime
GetFullPathNameA
GetSystemInfo
SearchPathA
GetPrivateProfileIntA
SetFileTime
EnumResourceLanguagesA
MulDiv
GetDiskFreeSpaceA
GetLocalTime
GetProcAddress
GetLastError
lstrcpyA
GetDriveTypeA
lstrcpynA
lstrlenA
GetEnvironmentVariableA
CloseHandle
WriteFile
CreateFileA
WritePrivateProfileStringA
LockResource
LoadResource
SizeofResource
FindResourceA
GetTempFileNameA
GetWindowsDirectoryA
GetTempPathA
SetFilePointer
LocalFree
LocalAlloc
lstrcatA
GetModuleFileNameA
IsBadReadPtr
DeleteFileA
LocalReAlloc
lstrcmpA
GetPrivateProfileStringA
FreeLibrary
GetFileAttributesA
MultiByteToWideChar
GetVersionExA
_llseek
_lopen
GetFileSize
SetFileAttributesA
CreateDirectoryA
CreateProcessA
GetPrivateProfileSectionA
CopyFileA
LoadLibraryA
LoadLibraryExA
UnmapViewOfFile
SetLastError
MapViewOfFileEx
CreateFileMappingA
RemoveDirectoryA
GetShortPathNameA
GetSystemDirectoryA
lstrcmpiA
FormatMessageA
IsDBCSLeadByte
ExpandEnvironmentStringsA
GetVolumeInformationA
MoveFileExA
MoveFileA
FindClose
FindNextFileA
FindFirstFileA
GetCurrentProcess
_lclose

advapi32

RegEnumKeyA
RegUnLoadKeyA
RegLoadKeyA
RegSaveKeyA
RegFlushKey
RegDeleteKeyA
RegDeleteValueA
GetTokenInformation
EqualSid
AllocateAndInitializeSid
FreeSid
RegEnumValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegSetValueA
RegSetValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey

ole32

OleUninitialize
OleInitialize
CoTaskMemFree

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Exports

Exports

AddDelBackupEntry
AdvInstallFile
CloseINFEngine
DelNode
DelNodeRunDLL32
DllMain
DoInfInstall
ExecuteCab
ExtractFiles
FileSaveMarkNotExist
FileSaveRestore
FileSaveRestoreOnINF
GetVersionFromFile
GetVersionFromFileEx
IsNTAdmin
LaunchINFSection
LaunchINFSectionEx
NeedReboot
NeedRebootInit
OpenINFEngine
RebootCheckOnInstall
RegInstall
RegRestoreAll
RegSaveRestore
RegSaveRestoreOnINF
RegisterOCX
RunSetupCommand
SetPerUserSecValues
TranslateInfString
TranslateInfStringEx
UserInstStubWrapper
UserUnInstStubWrapper

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ASCTRLS.OCX
.dll regsvr32 windows:5 windows x86 arch:x86

c010dbe410f30234e90ad9eeddf11dc2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

LHashValOfNameSys
VariantCopy
SetErrorInfo
OleCreatePropertyFrame
LoadRegTypeLi
VariantChangeType
SysAllocString
SysAllocStringLen
LoadTypeLi
RegisterTypeLi
SysFreeString
VariantInit
VariantClear

ole32

CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CreateOleAdviseHolder

user32

CharPrevA
GetKeyState
PtInRect
IntersectRect
OffsetRect
SetWindowRgn
IsWindowVisible
CreateWindowExA
SetFocus
DefWindowProcA
BeginPaint
GetClientRect
EndPaint
SetParent
CharNextA
GetDC
ReleaseDC
UnregisterClassA
SendDlgItemMessageA
PeekMessageA
MsgWaitForMultipleObjects
IsDialogMessageA
TranslateMessage
DispatchMessageA
MapWindowPoints
LoadStringA
ExitWindowsEx
CreateDialogParamA
GetWindowRect
SetWindowPos
EnableWindow
ShowWindow
GetParent
DestroyWindow
RegisterWindowMessageA
GetActiveWindow
GetSystemMetrics
SetWindowTextA
SetCursor
PostMessageA
SetDlgItemTextA
DialogBoxParamA
GetWindowLongA
EndDialog
SetWindowLongA
GetWindowTextA
GetDlgItem
MessageBeep
MessageBoxA
wsprintfA
SendMessageA
LoadIconA
DrawEdge
DrawIcon
LoadCursorA
RegisterClassA
EqualRect

gdi32

CreateDCA
LPtoDP
SetMapMode
SetViewportOrgEx
CreateRectRgnIndirect
GetDeviceCaps
GetStockObject
GetObjectA
CreateFontIndirectA
OffsetWindowOrgEx
SetWindowOrgEx
DeleteDC
DeleteObject

advapi32

RegDeleteValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegFlushKey
RegCloseKey
RegEnumKeyExA

kernel32

DisableThreadLibraryCalls
GetSystemDirectoryA
lstrcmpiA
CreateProcessA
GetCurrentProcess
CreateThread
CreateEventA
DeleteCriticalSection
Sleep
GetDriveTypeA
lstrcmpiW
SetEvent
FormatMessageA
GetFileAttributesA
GetTickCount
OpenEventA
WaitForSingleObject
CloseHandle
lstrcpynA
lstrlenW
WideCharToMultiByte
LoadLibraryA
GetProcAddress
FreeLibrary
HeapFree
HeapReAlloc
HeapAlloc
lstrlenA
lstrcpyA
GetProcessHeap
InitializeCriticalSection
GetVersion
MultiByteToWideChar
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoA
InterlockedDecrement
InterlockedIncrement
MulDiv
GetDiskFreeSpaceA
IsDBCSLeadByte
lstrcatA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ATL.DLL
.dll regsvr32 windows:4 windows x86 arch:x86

8ef95172470b9f552734e3fd0e068e7e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalLock
MultiByteToWideChar
lstrlenA
lstrcpyA
GetACP
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
DeleteCriticalSection
lstrlenW
GetShortPathNameA
GetModuleHandleA
GetModuleFileNameA
lstrcatA
WideCharToMultiByte
FreeLibrary
GetProcAddress
LoadLibraryA
GetCurrentThreadId
FreeResource
GlobalFree
GlobalHandle
LockResource
LoadResource
FindResourceW
GlobalAlloc
FindResourceA
GlobalUnlock
WaitForSingleObject
DisableThreadLibraryCalls
OutputDebugStringA
GetVersionExA
HeapAlloc
GetSystemInfo
HeapCreate
InterlockedDecrement
InterlockedIncrement
lstrcmpA
FlushInstructionCache
GetCurrentProcess
SizeofResource
GetLastError
LoadLibraryExA
CloseHandle
ReadFile
GetFileSize
CreateFileA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
DebugBreak
HeapReAlloc
HeapFree
LocalAlloc
InterlockedExchange
RaiseException
LocalFree

Exports

Exports

AtlAdvise
AtlAxAttachControl
AtlAxCreateControl
AtlAxCreateControlEx
AtlAxCreateDialogA
AtlAxCreateDialogW
AtlAxDialogBoxA
AtlAxDialogBoxW
AtlAxGetControl
AtlAxGetHost
AtlAxWinInit
AtlComPtrAssign
AtlComQIPtrAssign
AtlCreateTargetDC
AtlDevModeW2A
AtlFreeMarshalStream
AtlGetObjectSourceInterface
AtlGetVersion
AtlHiMetricToPixel
AtlIPersistPropertyBag_Load
AtlIPersistPropertyBag_Save
AtlIPersistStreamInit_Load
AtlIPersistStreamInit_Save
AtlInternalQueryInterface
AtlMarshalPtrInProc
AtlModuleAddCreateWndData
AtlModuleAddTermFunc
AtlModuleExtractCreateWndData
AtlModuleGetClassObject
AtlModuleInit
AtlModuleLoadTypeLib
AtlModuleRegisterClassObjects
AtlModuleRegisterServer
AtlModuleRegisterTypeLib
AtlModuleRegisterWndClassInfoA
AtlModuleRegisterWndClassInfoW
AtlModuleRevokeClassObjects
AtlModuleTerm
AtlModuleUnRegisterTypeLib
AtlModuleUnregisterServer
AtlModuleUnregisterServerEx
AtlModuleUpdateRegistryFromResourceD
AtlPixelToHiMetric
AtlRegisterClassCategoriesHelper
AtlSetErrorInfo
AtlUnadvise
AtlUnmarshalPtr
AtlWaitWithMessageLoop
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BROWSELC.DLL
.dll .js windows:5 windows x86 arch:x86 polyglot

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BROWSEUI.DLL
.dll regsvr32 windows:5 windows x86 arch:x86

2a1c16837c2054dcb9cfc4ae9ec75e40

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegOpenKeyA
RegSetValueExA
RegOpenKeyExW
RegCloseKey

gdi32

TextOutA
SaveDC
RestoreDC
SetBkMode
GetClipBox
GetDCOrgEx
OffsetWindowOrgEx
SetMapMode
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
GetTextAlign
SetTextAlign
GetTextExtentPointW
CreatePolygonRgn
CreatePen
MoveToEx
LineTo
GetStockObject
SelectPalette
RealizePalette
GetPaletteEntries
CreateDIBSection
SetStretchBltMode
CreateSolidBrush
StretchBlt
PatBlt
CreateCompatibleBitmap
EqualRgn
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateRectRgn
GetDeviceCaps
CreateCompatibleDC
CreateBitmap
GetPixel
BitBlt
DeleteDC
CreateFontIndirectA
SelectObject
SetTextColor
SetBkColor
DeleteObject
GetTextExtentPoint32A

kernel32

GetCurrentThread
UnhandledExceptionFilter
ResumeThread
CreateThread
WinExec
OpenMutexA
FormatMessageA
lstrcmpiA
LocalReAlloc
ReleaseSemaphore
FindClose
DuplicateHandle
GetCurrentProcess
GetSystemTime
LocalSize
InterlockedCompareExchange
HeapDestroy
GetVersionExA
Sleep
GetThreadPriority
ResetEvent
ReleaseMutex
SystemTimeToFileTime
MulDiv
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
QueryPerformanceCounter
QueryPerformanceFrequency
GetVersionExW
CreateEventA
IsBadWritePtr
GetLocaleInfoW
LoadLibraryW
GetModuleHandleW
LocalAlloc
LocalFree
GetProcAddress
GetModuleHandleA
DeleteCriticalSection
LeaveCriticalSection
CloseHandle
EnterCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
GetSystemInfo
GlobalMemoryStatus
lstrcatA
FreeLibrary
lstrcpyA
LoadLibraryA
lstrcpynA
GlobalLock
GlobalUnlock
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
lstrlenW
GlobalFree
GlobalAlloc
GetCurrentProcessId
CompareFileTime
GetSystemTimeAsFileTime
GetLastError
SetEvent
OpenEventA
InterlockedExchange
GetCurrentThreadId
lstrcmpA
GetStartupInfoW
OpenProcess
IsBadReadPtr
GetCommandLineW
GetTickCount
WaitForSingleObject
RaiseException
SetThreadPriority

msvcrt

wcslen
_ftol
_HUGE
_except_handler3
free
_initterm
malloc
_adjust_fdiv
memmove

ole32

CoGetInterfaceAndReleaseStream
StringFromGUID2
CoFileTimeNow
CoInitializeEx
CreateBindCtx
CoTaskMemAlloc
OleLoadFromStream
OleInitialize
OleUninitialize
CreateStreamOnHGlobal
CoFreeUnusedLibraries
CoMarshalInterface
OleSaveToStream
CoTaskMemFree
ReleaseStgMedium
CoCreateInstance
CoUninitialize

shlwapi

PathCreateFromUrlA
ord217
StrChrW
StrStrW
ord175
ord136
ord141
ord94
ord132
ord516
ord223
ord222
StrDupW
ord439
ord276
ord496
SHSetValueW
StrCmpW
ord517
ord128
ord125
ord186
wnsprintfW
ord124
ord334
ord335
ord384
StrCpyW
ord404
StrCmpNIW
SHQueryValueExW
ord302
SHRegGetUSValueW
ord130
ord309
SHQueryValueExA
ord102
ord67
ord71
ord484
ord299
ord61
ord91
PathIsURLW
ord312
PathCombineW
ord75
UrlCreateFromPathW
ord219
UrlEscapeW
PathCreateFromUrlW
ord68
ord104
ord84
ord43
ord340
ord95
ord318
ord117
ord434
ord174
StrRChrW
ord40
ord164
ord118
ord12
ord168
ord200
ord201
ord204
ord509
ord441
ord494
ord172
ord303
ord366
ord460
UrlCanonicalizeW
GetMenuPosFromID
ord427
ord9
ord8
ord10
ord7
ord317
ord206
ord41
ord56
ord237
ord79
StrToIntW
ord73
PathStripToRootW
ord97
PathGetArgsW
ord179
ord181
ord192
ord425
ord106
ord36
ord391
UrlUnescapeA
ord163
ord535
ord506
ord499
ord508
SHOpenRegStream2W
ord184
ord171
ord198
ord199
ord139
StrCatW
ord88
ord446
ord332
ord116
ord479
ord165
ord245
ord251
ord290
PathIsUNCW
ord426
ord123
ord476
ord51
ord505
ord507
ord319
ord98
ord182
ord177
ord383
ord286
ord491
ord478
ord278
SHGetThreadRef
ord187
ord100
ord545
ord131
ord103
ord252
ord359
ord246
SHSetThreadRef
ord247
ord255
SHDeleteKeyA
ord467
PathIsDirectoryW
ord78
ord244
ord250
PathIsContentTypeW
PathMakePrettyW
ord6
PathAddExtensionW
PathRemoveArgsW
PathIsUNCServerW
PathIsRootW
StrCmpNW
PathIsUNCServerShareW
ord462
PathRemoveBlanksW
SHStrDupW
ord119
PathCompactPathW
ord138
ord99
ord355
ord143
ord16
ord280
ord538
ord269
SHIsLowMemoryMachine
ord428
ord101
ord344
ord409
ord120
SHCopyKeyW
AssocCreate
PathAddBackslashW
StrStrIW
AssocQueryKeyW
ord37
ord87
ord193
ord140
ord134
ord2
ord197
ord23
SHDeleteValueW
ord194
ord260
ord307
ord65
ord333
UrlUnescapeW
PathStripPathW
ord167
ord487
SHRegQueryUSValueW
ord337
ord537
SHRegCloseUSKey
SHRegEnumUSKeyW
SHRegOpenUSKeyW
StrRStrIW
SHRegOpenUSKeyA
ord208
ord267
ord146
ord166
ord210
ord481
PathUnquoteSpacesW
ord209
ord268
SHEnumValueW
ord96
ord142
StrChrIW
ord190
ord191
ord202
ord207
ord514
ord236
PathParseIconLocationW
AssocQueryStringW
ord108
ord240
PathIsRelativeW
PathCommonPrefixW
ord305
SHRegDuplicateHKey
PathFileExistsW
ord50
ord173
ord256
PathRemoveFileSpecW
PathRemoveBackslashW
ColorHLSToRGB
ColorRGBToHLS
ord300
ord93
ord145
ord211
ord212
ord308
ord225
ord221
ord220
ord74
ord279
ord195
ord314
ord315
ord158
ord157
ord289
ord534
ord521
ord523
ord533
ord522
ord524
SHRegCreateUSKeyW
SHRegWriteUSValueW
ord418
ord218
PathFindFileNameA
PathRemoveExtensionA
ord313
PathRemoveExtensionW
ord346
SHGetValueW
StrCatBuffW
ord270
ord60
StrRetToBufW
PathFindExtensionW
ord176
ord83
SHRegGetBoolUSValueW
ord406
ord416
ord414
ord107
ord378
ord431
StrCpyNW
ord215
ord542
SHRegSetUSValueW
ord24
SHDeleteKeyW
ord549
ord133
ord376
ord437
ord241
SHCreateShellPalette
ord239
ord80
PathFindFileNameW
StrCmpIW
ord515
ord55
ord49
ord59
ord178
ord394
AssocQueryStringByKeyW

user32

RemoveMenu
GetSubMenu
ReleaseDC
GetClientRect
GetDC
GetDlgItem
GetSysColor
GetParent
CharNextA
GetMenuItemCount
SetCursor
IsWindow
FillRect
GetSysColorBrush
SystemParametersInfoA
GetWindowRect
SetRect
CopyRect
SendMessageTimeoutA
EnumWindows
GetMenuItemID
CheckMenuItem
CreatePopupMenu
GetShellWindow
GetWindowLongA
SetWindowLongA
DestroyWindow
WaitForInputIdle
GetWindowThreadProcessId
GetWindowPlacement
ShowWindow
IntersectRect
OffsetRect
EqualRect
GetMenuState
DestroyIcon
IsWindowVisible
GetAsyncKeyState
ReleaseCapture
GetCapture
PtInRect
SetCapture
MapWindowPoints
SetTimer
KillTimer
GetDoubleClickTime
SetWindowPos
InflateRect
GetClassWord
EnableMenuItem
SetFocus
IsChild
GetFocus
IsMenu
SetWindowPlacement
SetForegroundWindow
MessageBeep
WaitMessage
CreateMenu
IsIconic
LockWindowUpdate
GetDesktopWindow
GetForegroundWindow
EnableWindow
IsWindowEnabled
InvalidateRect
RedrawWindow
GetCursorPos
CreateIconIndirect
DrawIconEx
GetIconInfo
MsgWaitForMultipleObjects
UpdateWindow
EndDialog
MoveWindow
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
CheckMenuRadioItem
GetDlgCtrlID
SetParent
SetWindowRgn
IsRectEmpty
SetRectEmpty
GetActiveWindow
GetMessagePos
GetSystemMenu
GetWindow
AdjustWindowRectEx
CopyIcon
DestroyAcceleratorTable
SetKeyboardState
GetKeyboardState
GetCaretPos
ShowScrollBar
SetScrollInfo
GetScrollInfo
CallNextHookEx
EndPaint
BeginPaint
UnhookWindowsHookEx
SetScrollPos
IsWindowUnicode
RegisterWindowMessageA
WindowFromPoint
ScreenToClient
CloseClipboard
GetClipboardData
OpenClipboard
EnumChildWindows
GetProcessWindowStation
GetUpdateRect
GetSystemMetrics
LoadCursorA
SendMessageA
GetCursor
ClientToScreen
HideCaret
ShowCaret
SetMenuDefaultItem
DrawEdge
GetWindowDC
SetMenu
SetActiveWindow
ChildWindowFromPoint
CharNextW
InsertMenuA
LoadMenuW
LoadMenuA
GetKeyState
TranslateMessage
LoadStringA
InSendMessage
InsertMenuW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllGetVersion
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 534KB - Virtual size: 533KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 429KB - Virtual size: 432KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
COMCTL32.DLL
.dll windows:5 windows x86 arch:x86

ef0c97f997d1f234f517f5a25fb9b448

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

gdi32

CreateDIBSection
GetStockObject
StretchDIBits
CreateRectRgn
SetWindowOrgEx
OffsetWindowOrgEx
GetDeviceCaps
PatBlt
SetBkMode
RealizePalette
SelectPalette
CreatePatternBrush
CreateBitmap
RestoreDC
SelectClipRgn
SaveDC
CombineRgn
CreateRectRgnIndirect
GetTextColor
SetObjectOwner
GetPaletteEntries
CreateHalftonePalette
SetPixelV
SetPixel
CreateSolidBrush
SetDIBColorTable
GetDIBColorTable
GetBitmapBits
SetBrushOrgEx
GetDIBits
SetDIBits
OffsetRgn
GetCurrentObject
ExcludeClipRect
RectVisible
IntersectClipRect
GetClipRgn
GetDCOrgEx
BitBlt
MoveToEx
CreatePen
Arc
Rectangle
Ellipse
CreatePalette
UnrealizeObject
StretchBlt
TranslateCharsetInfo
Polyline
CreateBitmapIndirect
CreatePolygonRgn
CreateRoundRectRgn
FrameRgn
FillRgn
GetCharWidthW
GetTextCharsetInfo
GetCharWidthA
GetTextExtentPoint32W
GetTextExtentPointA
ExtTextOutW
ExtTextOutA
GetWindowExtEx
GetViewportExtEx
ExtSelectClipRgn
CreateFontA
CreateFontIndirectA
EnumFontFamiliesExA
GetObjectA
GetTextMetricsA
GetTextAlign
SetTextAlign
SetBkColor
SetTextColor
GetClipBox
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
LineTo
GetNearestColor
DeleteDC
GetPixel
DeleteObject
GetBkColor

kernel32

Sleep
SetEvent
EnterCriticalSection
MultiByteToWideChar
DeleteCriticalSection
lstrlenW
LeaveCriticalSection
CreateThread
InitializeCriticalSection
GetProcAddress
GetACP
ReinitializeCriticalSection
DisableThreadLibraryCalls
GetCurrentProcessId
GetVersionExA
FreeResource
GlobalFree
GlobalAlloc
LockResource
LoadResource
GetTickCount
LocalReAlloc
lstrcpyA
FreeLibrary
MulDiv
HeapAlloc
HeapFree
HeapReAlloc
IsBadCodePtr
IsBadWritePtr
InterlockedExchange
lstrcpynA
GetThreadLocale
GetProcessHeap
IsDBCSLeadByteEx
HeapDestroy
HeapCreate
HeapSize
GetUserDefaultLangID
lstrcmpiA
GetLocalTime
GlobalUnlock
GlobalHandle
EnumCalendarInfoA
GetUserDefaultLCID
lstrcmpA
ord18
EnumResourceLanguagesW
SizeofResource
FindResourceExA
UnMapSLFixArray
MapSLFix
InterlockedDecrement
ord36
UnhandledExceptionFilter
FindResourceA
InterlockedIncrement
WaitForSingleObject
IsDBCSLeadByte
GetSystemDefaultLCID
CompareStringA
GetCurrentThreadId
GetLastError
IsBadReadPtr
MapViewOfFile
GetFileSize
UnmapViewOfFile
IsValidCodePage
CreateEventA
CreateFileA
CreateFileMappingA
GetDateFormatA
GetLocaleInfoA
GetNumberFormatA
GetModuleHandleA
GetStringTypeExA
GetProfileIntA
GetTimeFormatA
GlobalAddAtomA
LoadLibraryA
GlobalReAlloc
RtlUnwind
GetLocaleInfoW
LocalSize
CloseHandle
LocalFree
LocalAlloc
ThunkConnect32
SUnMapLS_IP_EBP_12
SMapLS_IP_EBP_12
SUnMapLS
SMapLS
FT_Exit24
FT_Exit20
FT_Thunk
WideCharToMultiByte
lstrlenA

user32

MoveWindow
SetFocus
IsWindow
PtInRect
GetFocus
GetSysColor
RedrawWindow
DrawFocusRect
IsWindowEnabled
EqualRect
MapWindowPoints
GetParent
GetWindowRect
EnableWindow
SendMessageA
GetSystemMetrics
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
ClientToScreen
ReleaseCapture
GetCapture
WaitMessage
TranslateMessage
SetCapture
GetSysColorBrush
GetMessageTime
MessageBeep
UnionRect
ScrollWindowEx
GetDoubleClickTime
SetRectEmpty
ScreenToClient
GetMessagePos
GetDlgItem
CopyRect
SetCursor
DrawIcon
EnableScrollBar
SetScrollInfo
GetScrollInfo
GetWindowDC
GetCursorPos
GetKeyState
DrawFrameControl
InvertRect
IsRectEmpty
GetScrollPos
GetScrollRange
ShowScrollBar
IsWindowVisible
SetScrollPos
SetScrollRange
IsZoomed
GetDesktopWindow
GetAsyncKeyState
DrawEdge
DestroyWindow
ShowCaret
SetCaretPos
HideCaret
DestroyCaret
CreateCaret
CreateIconIndirect
DestroyIcon
DrawIconEx
CopyImage
CopyIcon
GetDCEx
wsprintfA
ShowWindow
SetWindowRgn
IsChild
GetShellWindow
GetKeyboardLayout
SetKeyboardState
GetKeyboardState
DestroyCursor
GetUpdateRgn
GetUpdateRect
GetWindowRgn
ValidateRect
SetCursorPos
LockWindowUpdate
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetSystemMenu
CheckMenuItem
SetMenu
GetMenuState
SubtractRect
CreatePopupMenu
DestroyMenu
AdjustWindowRect
TrackPopupMenu
GetDlgCtrlID
GetWindowThreadProcessId
GetWindow
MapDialogRect
SetForegroundWindow
GetNextDlgTabItem
DeferWindowPos
EndDeferWindowPos
BeginDeferWindowPos
SetWindowTextA
SetActiveWindow
GetActiveWindow
PostQuitMessage
CreateDialogIndirectParamA
SetParent
GetIconInfo
CreateWindowExA
CharNextA
FrameRect
ChildWindowFromPoint
EndDialog
EnumChildWindows
GetWindowLongA
GetCursor
GetForegroundWindow
GetMenu
InvalidateRgn
WindowFromPoint
DrawTextExA
AppendMenuA
CallMsgFilterA
CallWindowProcA
DefWindowProcA
DispatchMessageA
FindWindowA
GetClassInfoA
GetClassNameA
GetKeyNameTextA
GetMenuItemInfoA
GetMessageA
GetPropA
GetWindowTextA
GrayStringA
IsDialogMessageA
LoadCursorA
LoadIconA
LoadImageA
MapVirtualKeyA
PeekMessageA
PostMessageA
RegisterClassA
RegisterWindowMessageA
RemovePropA
GetWindowTextLengthA
SendNotifyMessageA
SetDlgItemTextA
SetPropA
SetWindowLongA
WinHelpA
DialogBoxIndirectParamA
InflateRect
BeginPaint
EndPaint
FillRect
UpdateWindow
SetTimer
KillTimer
SetRect
GetDC
ReleaseDC
GetClientRect
OffsetRect
AdjustWindowRectEx
SetWindowPos
InvalidateRect
CharNextW

advapi32

RegCreateKeyA
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegQueryValueA
RegOpenKeyExA
RegOpenKeyA

Exports

Exports

Cctl1632_ThunkData32
CreateMappedBitmap
CreatePropertySheetPage
CreatePropertySheetPageA
CreatePropertySheetPageW
CreateStatusWindow
CreateStatusWindowA
CreateStatusWindowW
CreateToolbar
CreateToolbarEx
CreateUpDownControl
DestroyPropertySheetPage
DllGetVersion
DllInstall
DrawInsert
DrawStatusText
DrawStatusTextA
DrawStatusTextW
FlatSB_EnableScrollBar
FlatSB_GetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollProp
FlatSB_GetScrollRange
FlatSB_SetScrollInfo
FlatSB_SetScrollPos
FlatSB_SetScrollProp
FlatSB_SetScrollRange
FlatSB_ShowScrollBar
GetEffectiveClientRect
GetMUILanguage
ImageList_Add
ImageList_AddIcon
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawEx
ImageList_DrawIndirect
ImageList_Duplicate
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetFlags
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_GetImageRect
ImageList_LoadImage
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_Merge
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetFilter
ImageList_SetFlags
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_SetOverlayImage
ImageList_Write
InitCommonControls
InitCommonControlsEx
InitMUILanguage
InitializeFlatSB
LBItemFromPt
MakeDragList
MenuHelp
PropertySheet
PropertySheetA
PropertySheetW
ShowHideMenuCtl
UninitializeFlatSB
_TrackMouseEvent

Sections

.text
Size: 418KB - Virtual size: 417KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CORPOL.DLL
.dll regsvr32 windows:5 windows x86 arch:x86

4b6276fbc3934e18d10f8e5b46018252

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

InterlockedExchange
EnterCriticalSection
GetProcAddress
LoadLibraryA
FreeLibrary
InitializeCriticalSection
DeleteCriticalSection
GetLastError
GetVersionExA
DisableThreadLibraryCalls
LeaveCriticalSection
LocalAlloc
LocalFree

ole32

CoInitialize
CoUninitialize
CoTaskMemAlloc

msvcrt

wcslen

Exports

Exports

CORLockDownProvider
CORPolicyProvider
DllCanUnloadNow
DllRegisterServer
DllUnregisterServer
GetUnsignedPermissions

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 226B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CRYPTDLG.DLL
.dll regsvr32 windows:5 windows x86 arch:x86

60fa2c8c29d653d01cbdf114cd1215fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetLastError
lstrlenW
GetSystemTimeAsFileTime
SystemTimeToFileTime
GetCurrentProcess
GetComputerNameA
InitializeCriticalSection
DeleteCriticalSection
WinExec
SetProcessWorkingSetSize
GetProcAddress
GetCommandLineA
EnterCriticalSection
HeapAlloc
HeapFree
HeapReAlloc
ExitProcess
TerminateProcess
SetHandleCount
GetStdHandle
LeaveCriticalSection
GetVersion
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
GetCPInfo
lstrlenA
lstrcpyW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
VirtualAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetFilePointer
SetStdHandle
FlushFileBuffers
LoadLibraryW
GetDateFormatA
GetTimeFormatA
GetDateFormatW
GetTimeFormatW
lstrcatA
lstrcatW
FormatMessageA
LocalAlloc
WideCharToMultiByte
GetVersionExA
SetLastError
MultiByteToWideChar
LocalFree
DisableThreadLibraryCalls
FreeLibrary
LoadLibraryA
lstrcmpiA
GetACP
FileTimeToSystemTime
GetOEMCP
GetFileType
GetStartupInfoA
CloseHandle

user32

GetWindowLongA
GetParent
SetFocus
CreateWindowExW
LoadBitmapA
MessageBoxA
wsprintfA
MessageBeep
GetWindowRect
LoadStringA
GetDlgItemTextA
SetDlgItemTextA
DialogBoxIndirectParamW
LoadCursorA
LoadImageA
EnableWindow
WinHelpA
SendMessageW
SetCursor
GetDC
SendMessageA
SendDlgItemMessageA
ReleaseDC
DialogBoxParamA
DialogBoxParamW
EndDialog
GetDlgItem
GetSysColor
SetWindowLongA
DialogBoxIndirectParamA
ShowWindow

gdi32

GetTextExtentPointA
SelectObject
DeleteObject
GetTextMetricsA
GetTextExtentPointW
GetTextMetricsW

comctl32

PropertySheetW
PropertySheetA
InitCommonControlsEx
ImageList_Create
ImageList_Add

advapi32

RegCloseKey
RegQueryValueExA
CryptGenKey
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextA
RegOpenKeyExA
CryptGetUserKey
GetUserNameA

shell32

ShellExecuteA

wintrust

WintrustRemoveActionID
WinVerifyTrust
WTHelperCertIsSelfSigned
WTHelperGetProvCertFromChain
WTHelperGetProvSignerFromChain
WTHelperGetProvPrivateDataFromChain
WintrustAddActionID

Exports

Exports

CertConfigureTrustA
CertConfigureTrustW
CertModifyCertificatesToTrust
CertSelectCertificateA
CertSelectCertificateW
CertTrustCertPolicy
CertTrustCleanup
CertTrustFinalPolicy
CertTrustInit
CertViewPropertiesA
CertViewPropertiesW
DecodeAttrSequence
DecodeRecipientID
DllRegisterServer
DllUnregisterServer
EncodeAttrSequence
EncodeRecipientID
FormatPKIXEmailProtection
FormatVerisignExtension
GetFriendlyNameOfCertA
GetFriendlyNameOfCertW

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DHTMLED.OCX
.dll regsvr32 windows:5 windows x86 arch:x86

be4799fbff678b16a75936a2fcc2d4ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_wcsnicmp
wcscpy
wcschr
wcscmp
malloc
_itow
_wcsicmp
vswprintf
_itoa
wcslen
wcsncpy
_wcslwr
wcsncmp
free
_purecall
??2@YAPAXI@Z
??3@YAXPAX@Z
wcscat
wcstok
_wcsrev
realloc
_initterm
_adjust_fdiv

urlmon

URLOpenBlockingStreamW
URLOpenBlockingStreamA
CoInternetCreateSecurityManager
CreateURLMoniker
CoInternetCombineUrl
CoInternetParseUrl
CoInternetGetSession

wininet

InternetOpenA
InternetReadFile
InternetOpenW
InternetOpenUrlA
InternetOpenUrlW
InternetCreateUrlA
InternetCreateUrlW
InternetCrackUrlA
InternetCrackUrlW
DeleteUrlCacheEntryA
DeleteUrlCacheEntryW
InternetCloseHandle

oleaut32

VariantInit
SysAllocString
SysFreeString
SafeArrayCopy
VariantClear
SafeArrayDestroy
SafeArrayPutElement
VariantChangeType
SafeArrayRedim
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreateVector
SysStringLen
SysReAllocString
DispGetParam
SysAllocStringLen
VariantCopy
SysAllocStringByteLen
SysStringByteLen
LoadRegTypeLi
SetErrorInfo
RegisterTypeLi
LoadTypeLi
VarI4FromStr
SafeArrayGetElement
SafeArrayCreate
VariantCopyInd
OleCreatePropertyFrame

ole32

OleSaveToStream
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
CoCreateInstance
CoTaskMemFree
GetHGlobalFromStream
OleRun
CreateBindCtx
ReleaseStgMedium
CreateOleAdviseHolder
OleRegEnumVerbs
WriteClassStm
CreateStreamOnHGlobal
OleLoadFromStream
CoTaskMemRealloc
CoTaskMemAlloc

kernel32

DisableThreadLibraryCalls
HeapFree
GetProcessHeap
GetLastError
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
HeapAlloc
CloseHandle
HeapDestroy
GlobalUnlock
GlobalLock
GlobalAlloc
FreeLibrary
SizeofResource
LoadResource
GetFileSize
WriteFile
GlobalFree
ReadFile
GetVersionExA
lstrcmpiA
CreateFileA
CreateFileW
FindResourceA
FindResourceW
GetModuleFileNameA
GetModuleFileNameW
LoadLibraryExA
LoadLibraryExW
lstrcmpiW
lstrcpynW
IsBadWritePtr
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection

gdi32

CreateMetaFileW
CreateMetaFileA
CreateDCW
CreateDCA
LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
GetDeviceCaps
CreateRectRgnIndirect
GetStockObject
Rectangle

user32

SetWindowLongW
wvsprintfW
CharNextW
PtInRect
UnionRect
ShowWindow
DestroyWindow
FillRect
DestroyMenu
TrackPopupMenu
CreatePopupMenu
ScreenToClient
IsWindow
GetClientRect
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
EndPaint
BeginPaint
ReleaseDC
GetDC
GetParent
GetClassInfoExW
SetFocus
InvalidateRect
SetParent
GetKeyState
GetFocus
AppendMenuA
AppendMenuW
CallWindowProcA
CallWindowProcW
CreateWindowExA
CreateWindowExW
DefWindowProcA
DefWindowProcW
GetWindowLongA
GetWindowLongW
LoadCursorA
LoadCursorW
PostMessageA
PostMessageW
RegisterClassExA
RegisterClassExW
SetWindowLongA

comdlg32

GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetSaveFileNameW

advapi32

RegEnumKeyExW
RegEnumKeyExA
RegQueryValueExW
RegQueryValueExA
RegSetValueExW
RegSetValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyExA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW
RegCreateKeyExA
RegCloseKey

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DIGEST.DLL
.dll windows:5 windows x86 arch:x86

84a14b4faafd4d7c95436ed224979185

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

RtlUnwind

advapi32

RegCreateKeyExA
RegCreateKeyA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
GetUserNameA

kernel32

FreeEnvironmentStringsW
InterlockedExchange
lstrcmpiA
GetProcAddress
LoadLibraryA
lstrcpyA
GetVersionExA
LeaveCriticalSection
EnterCriticalSection
CloseHandle
DeleteCriticalSection
CreateMutexA
InitializeCriticalSection
LocalAlloc
LocalFree
GetLastError
UnmapViewOfFile
VirtualAlloc
MapViewOfFileEx
CreateFileMappingA
GetTickCount
WaitForSingleObject
ReleaseMutex
MultiByteToWideChar
GetCurrentThreadId
TlsSetValue
GetCommandLineA
ExitProcess
GetModuleHandleA
TlsFree
SetLastError
TlsGetValue
TlsAlloc
HeapFree
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
RaiseException
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
GetACP
GetOEMCP
GetCPInfo
HeapReAlloc
LCMapStringA
LCMapStringW
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
VirtualProtect
GetSystemInfo
VirtualQuery
FreeLibrary

user32

wsprintfA
SetFocus
ShowWindow
LoadStringA
SetForegroundWindow
SetWindowLongA
CheckDlgButton
SetWindowTextA
SendMessageA
EndDialog
IsDlgButtonChecked
GetWindowTextA
GetDlgItem
GetWindowLongA
DialogBoxParamA
GetActiveWindow

Exports

Exports

AcceptSecurityContext
AcquireCredentialsHandleA
AcquireCredentialsHandleW
ApplyControlToken
CompleteAuthToken
DeleteSecurityContext
DllInstall
EnumerateSecurityPackagesA
EnumerateSecurityPackagesW
FreeContextBuffer
FreeCredentialsHandle
ImpersonateSecurityContext
InitSecurityInterfaceA
InitSecurityInterfaceW
InitializeSecurityContextA
InitializeSecurityContextW
MakeSignature
QueryContextAttributesA
QueryContextAttributesW
QuerySecurityPackageInfoA
QuerySecurityPackageInfoW
RevertSecurityContext
VerifySignature

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DISPEX.DLL
.dll regsvr32 windows:4 windows x86 arch:x86

b43e4b02c89109bf6db3263caaf3a406

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

rpcrt4

NdrClearOutParameters
NdrProxyErrorHandler
IUnknown_QueryInterface_Proxy
NdrProxyFreeBuffer
NdrProxySendReceive
NdrUserMarshalMarshall
NdrProxyGetBuffer
NdrConvert
NdrUserMarshalBufferSize
NdrProxyInitialize
NdrUserMarshalFree
NdrStubGetBuffer
NdrUserMarshalUnmarshall
NdrStubInitialize
NdrComplexArrayUnmarshall
NdrComplexStructUnmarshall
CStdStubBuffer_Invoke
RpcRaiseException
NdrStubForwardingFunction
NdrComplexStructMarshall
NdrComplexArrayBufferSize
NdrConformantArrayBufferSize
NdrInterfacePointerBufferSize
NdrComplexStructBufferSize
NdrInterfacePointerFree
NdrPointerFree
NdrConformantArrayUnmarshall
NdrInterfacePointerUnmarshall
NdrPointerUnmarshall
NdrPointerMarshall
NdrPointerBufferSize
NdrSimpleStructMarshall
NdrSimpleStructBufferSize
NdrSimpleStructUnmarshall
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
IUnknown_AddRef_Proxy
IUnknown_Release_Proxy
CStdStubBuffer_Connect
CStdStubBuffer_QueryInterface
CStdStubBuffer_AddRef
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Disconnect
CStdStubBuffer_CountRefs
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_DebugServerRelease
NdrOleAllocate
NdrOleFree
NdrDllUnregisterProxy
NdrDllRegisterProxy
NdrCStdStubBuffer2_Release
NdrInterfacePointerMarshall
NdrComplexArrayMarshall
NdrDllGetClassObject
NdrConformantArrayMarshall

kernel32

DisableThreadLibraryCalls

oleaut32

BSTR_UserMarshal
BSTR_UserUnmarshal
BSTR_UserSize
VARIANT_UserSize
VARIANT_UserMarshal
BSTR_UserFree
VARIANT_UserFree
VARIANT_UserUnmarshal

msvcrt

_adjust_fdiv
malloc
_initterm
free
??3@YAXPAX@Z
??2@YAPAXI@Z
_except_handler3

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DXTMSFT.DLL
.dll regsvr32 windows:5 windows x86 arch:x86

1e0589dd7c7d962d6f4073720776962a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

malloc
free
_except_handler3
_initterm
_adjust_fdiv
wcsncat
time
srand
wcsncpy
rand
wcslen
_CIpow
_wcsicmp
_ftol
_purecall
wcscpy

atl

ord30
ord32
ord23
ord15
ord22
ord18
ord21
ord16

kernel32

GetVersionExW
VirtualFree
VirtualAlloc
HeapFree
CloseHandle
WideCharToMultiByte
GetProcessHeap
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
IsBadReadPtr
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
IsBadWritePtr
IsBadCodePtr

user32

IntersectRect
OffsetRect
GetDC
ReleaseDC
GetSysColor
CopyRect
wsprintfW

ole32

CoCreateFreeThreadedMarshaler
CoCreateInstance
CoTaskMemAlloc

oleaut32

SysAllocString
VariantCopy
VariantChangeType
LoadRegTypeLi
SetErrorInfo
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SysAllocStringLen
SysStringLen
VariantClear
VariantInit
SysFreeString
UnRegisterTypeLi
SysStringByteLen

gdi32

DeleteColorSpace
SetDIBitsToDevice
SetColorSpace
SetICMMode
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetDIBits
DeleteObject
SetViewportOrgEx
DeleteDC

dxtrans

?DXOverArray@@YGXPAVDXPMSAMPLE@@PBV1@K@Z
?DXDitherArray@@YGXPBUDXDITHERDESC@@@Z
?DXOverArrayMMX@@YGXPAVDXPMSAMPLE@@PBV1@K@Z

shlwapi

ord81
ord543
ord51
UrlCombineW

Exports

Exports

DllCanUnloadNow
DllEnumClassObjects
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DXTRANS.DLL
.dll regsvr32 windows:5 windows x86 arch:x86

10d28f18e248d77ee1f4b6c413b76e1f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_purecall
realloc
malloc
free
wcslen
_ftol
atol
floor
wcsncpy
wcschr
isspace
ceil
iswspace
_except_handler3
_adjust_fdiv
_initterm
_onexit
__dllonexit

atl

ord32
ord15
ord23
ord22
ord16
ord21
ord18
ord30

kernel32

GetSystemInfo
GetVersionExW
FreeLibrary
GetProcessHeap
CreateIoCompletionPort
CreateThread
InitializeCriticalSection
ResetEvent
GetQueuedCompletionStatus
ExitThread
QueueUserAPC
PostQueuedCompletionStatus
WaitForMultipleObjects
GetProcAddress
VirtualFree
VirtualAlloc
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
DisableThreadLibraryCalls
IsBadReadPtr
IsBadWritePtr
GetLastError
LeaveCriticalSection
EnterCriticalSection
SetEvent
HeapFree
HeapAlloc
ReleaseSemaphore
WaitForSingleObject
GetCurrentThread
IsBadCodePtr
CloseHandle

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CreateFileMoniker
CreateBindCtx
CoCreateFreeThreadedMarshaler
CoUninitialize
CoInitialize

oleaut32

VariantChangeTypeEx
SetErrorInfo
LoadRegTypeLi
VariantChangeType
SysAllocString
VariantCopy
VariantClear
VariantInit
SysAllocStringLen
SysStringLen
SysFreeString
UnRegisterTypeLi

user32

SetRect
FrameRect
GetDesktopWindow
GetDC
ReleaseDC
IntersectRect
LoadStringA

gdi32

DeleteDC
SetMapMode
BitBlt
DeleteObject
GetGlyphOutlineW
GetKerningPairsW
CreateCompatibleDC
EndPath
PolyBezierTo
MoveToEx
LineTo
BeginPath
FillPath
StrokePath
StrokeAndFillPath
SetPolyFillMode
CreateBrushIndirect
ExtCreatePen
GetPaletteEntries
StretchBlt
SelectObject

shlwapi

ord25
StrCmpIW
StrCpyNW
StrCmpNIW
ord107
ord51
ord307
ord309
ord73
ord53
ord84
ord93
ord436
ord435
ord33

Exports

Exports

?DXConstOverArray@@YGXPAVDXPMSAMPLE@@ABV1@K@Z
?DXConstUnderArray@@YGXPAVDXPMSAMPLE@@ABV1@K@Z
?DXDitherArray@@YGXPBUDXDITHERDESC@@@Z
?DXLinearInterpolateArray@@YGXPBVDXBASESAMPLE@@PAUDXLIMAPINFO@@PAV1@K@Z
?DXOverArray@@YGXPAVDXPMSAMPLE@@PBV1@K@Z
?DXOverArrayMMX@@YGXPAVDXPMSAMPLE@@PBV1@K@Z
DllCanUnloadNow
DllEnumClassObjects
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FIXIE.INF
HLINK.DLL
.dll regsvr32 windows:4 windows x86 arch:x86

9c26fb68f1ff9e26862686aa563f7cdb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

CreateBindCtx
CreateGenericComposite
CreateItemMoniker
StgCreateDocfile
CoLockObjectExternal
CoCreateInstance
CreateStreamOnHGlobal
GetHGlobalFromStream
OleSaveToStream
CreateFileMoniker
OleLoadFromStream
ProgIDFromCLSID
GetRunningObjectTable
ReleaseStgMedium
CreateAntiMoniker
CoGetMarshalSizeMax
MkParseDisplayName
CoGetMalloc
CoUnmarshalInterface
CoMarshalInterface

user32

LoadStringA
wsprintfW
CharUpperW
CharUpperA
CharPrevA
CharNextA
GetActiveWindow
MessageBoxA
wsprintfA
RegisterClipboardFormatA

kernel32

CreateMutexA
OpenFileMappingA
OpenMutexA
RtlUnwind
GlobalUnlock
GetSystemDirectoryA
WinExec
GetFileAttributesW
GetFileAttributesA
CreateFileW
CreateFileA
GetFileSize
lstrcpyA
GetModuleFileNameA
LoadLibraryA
GetProcAddress
WritePrivateProfileStringW
WritePrivateProfileStringA
GetPrivateProfileStringW
IsBadCodePtr
IsBadReadPtr
InterlockedIncrement
InterlockedDecrement
DisableThreadLibraryCalls
GetVersionExA
IsBadWritePtr
GlobalFree
GlobalLock
GlobalAlloc
lstrlenA
GetTickCount
lstrcmpiA
lstrcatA
CloseHandle
UnmapViewOfFile
GetPrivateProfileStringA
MapViewOfFile
GetLastError
CreateFileMappingA
ReleaseMutex
WaitForSingleObject
GetCurrentThreadId
IsValidCodePage
lstrcmpiW
GetStringTypeExA
GetStringTypeExW
MultiByteToWideChar
WideCharToMultiByte

advapi32

RegQueryValueExW
RegDeleteKeyA
RegCreateKeyA
RegQueryValueA
RegOpenKeyA
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteW
ShellExecuteA
DragQueryFileW
DragQueryFileA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
HlinkClone
HlinkCreateBrowseContext
HlinkCreateExtensionServices
HlinkCreateFromData
HlinkCreateFromMoniker
HlinkCreateFromString
HlinkCreateShortcut
HlinkCreateShortcutFromMoniker
HlinkCreateShortcutFromString
HlinkGetSpecialReference
HlinkGetValueFromParams
HlinkIsShortcut
HlinkNavigate
HlinkNavigateToStringReference
HlinkOnNavigate
HlinkOnRenameDocument
HlinkParseDisplayName
HlinkPreprocessMoniker
HlinkQueryCreateFromData
HlinkResolveMonikerForData
HlinkResolveShortcut
HlinkResolveShortcutToMoniker
HlinkResolveShortcutToString
HlinkResolveStringForData
HlinkSetSpecialReference
HlinkTranslateURL
HlinkUpdateStackItem
OleSaveToStreamEx

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HMMAPI.DLL
.dll regsvr32 windows:5 windows x86 arch:x86

d2fa691db84fc7144033608b5c618c96

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
HeapAlloc
GetProcessHeap
SetFileAttributesA
MoveFileA
GetSystemTimeAsFileTime
GetFileTime
GetTempPathA
CloseHandle
GetFileSize
LocalFree
FormatMessageA
CreateFileA
GetModuleFileNameA
lstrcmpA
GetVersionExA
GetLastError
GetShortPathNameA
lstrlenA
CompareStringA
lstrcpyA
lstrcatA
lstrcpynA

advapi32

RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA

user32

MessageBoxA
wsprintfA
LoadStringA

shlwapi

ord459
ord215
StrCatBuffA
wnsprintfA
StrChrA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysAllocString
SysFreeString
VariantClear

Exports

Exports

AddService
BMAPIAddress
BMAPIDetails
BMAPIFindNext
BMAPIGetAddress
BMAPIGetReadMail
BMAPIReadMail
BMAPIResolveName
BMAPISaveMail
BMAPISendMail
DllRegisterServer
DllUnregisterServer
MAPIAddress
MAPIDeleteMail
MAPIDetails
MAPIFindNext
MAPIFreeBuffer
MAPILogoff
MAPILogon
MAPIReadMail
MAPIResolveName
MAPISaveMail
MAPISendDocuments
MAPISendMail
MailToProtocolHandler
OpenInboxHandler
RemoveService

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IE.CAT
IE4.DLL
.dll windows:5 windows x86 arch:x86

a0b42a963c745e87dd899299fd331665

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mssetup

DoMsgBox
FLogOpen
ForceRestartOff
ForceRestartOn
GetProcessorType
GetSilentMode
HwndFrame
FWriteToLogFile

user32

UpdateWindow
DestroyWindow
DialogBoxParamA
GetDesktopWindow
wsprintfA
MessageBoxA
EndDialog
GetWindowRect
GetSystemMetrics
SetWindowPos
PeekMessageA
MsgWaitForMultipleObjects
DispatchMessageA
ShowWindow
FindWindowA
SendMessageA
GetClassInfoA
RegisterClassA
CreateWindowExA
DefWindowProcA
LoadStringA
GetWindowLongA
SetWindowLongA
EnumThreadWindows
DestroyIcon
LoadIconA
SetWindowTextA
GetDlgItem
CreateDialogParamA
TranslateMessage
SendDlgItemMessageA
CharNextA
CallWindowProcA
GetWindow
IsWindowEnabled
SetForegroundWindow
GetKeyboardType
CharPrevA
PostQuitMessage

advapi32

RegEnumKeyA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
CloseServiceHandle
EnumServicesStatusA
OpenSCManagerA
RegFlushKey
RegEnumKeyExA
RegUnLoadKeyA
RegLoadKeyA
RegSaveKeyA
OpenServiceA
QueryServiceConfigA
ChangeServiceConfigA
RegQueryInfoKeyA
RegEnumValueA
RegCloseKey

kernel32

FreeEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsA
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetModuleHandleA
MultiByteToWideChar
GetCommandLineA
GlobalAlloc
LoadLibraryExA
GetEnvironmentStringsW
VirtualAlloc
HeapReAlloc
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetACP
GetOEMCP
GetCPInfo
SetStdHandle
FlushFileBuffers
GetLocaleInfoA
VirtualProtect
VirtualQuery
SetEndOfFile
RtlUnwind
IsDBCSLeadByte
GetDiskFreeSpaceA
GetEnvironmentStrings
ExitProcess
MoveFileExA
SetFileAttributesA
WritePrivateProfileSectionA
lstrcatA
DeleteFileA
GetShortPathNameA
CloseHandle
CreateFileA
GetFileAttributesA
lstrcmpiA
LocalFree
lstrlenA
GetPrivateProfileSectionA
LocalAlloc
lstrcpyA
lstrcmpA
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
GetWindowsDirectoryA
CreateProcessA
FormatMessageA
WriteFile
SetFilePointer
ReadFile
GetFileSize
FindClose
FindFirstFileA
GetLastError
GlobalMemoryStatus
GetVersionExA
GetModuleFileNameA
GetEnvironmentVariableA
CopyFileA
MoveFileA
GetSystemInfo
WritePrivateProfileStringA
CreateDirectoryA
GetTempFileNameA
GetTempPathA
GetLocalTime
lstrcpynA
ReleaseMutex
SetEvent
OpenEventA
OpenMutexA
SetEnvironmentVariableA
RemoveDirectoryA
GetExitCodeThread
SetLastError
HeapFree
HeapAlloc
GetProcessHeap
MulDiv
CreateThread
CreateMutexA
GetPrivateProfileStringA
CompareFileTime
GetSystemTimeAsFileTime
_llseek
_lwrite
_lread
GetTickCount
_lclose
GlobalUnlock
GlobalLock
GlobalFree
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceExA
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

advpack

GetVersionFromFile
GetVersionFromFileEx
DelNode
LaunchINFSectionEx
SetPerUserSecValues
AddDelBackupEntry
FileSaveMarkNotExist
FileSaveRestore
NeedReboot
RegSaveRestore
RegSaveRestoreOnINF
IsNTAdmin

Exports

Exports

AddRegAtFinalPhase
AddRegistryData
AddTo
AdminCheck
AutorunController
BIP
Backup_File
BootWin95
CheckLangID
CheckWinVer
CleanIE4Cache
CleanOldIECache
CreateNewBackup
DelBackupEntry
DelayedCopy
DetectReg
EffectNoReboot
FileRestore
FileSave
Install128Schannel
InstallShellIfNeed
IsBiDiSystem
IsFX32Running
IsMemphisOrHigher
IsNECComputer
IsNT5orHigher
IsOSR2Only
IsPrevIE4orHigher
IsPrevIEorHigher
IsSP4LevelCryptoInstalled
IsWebViewShell
IsWin9XAndNotNT
IsX86
ListIE4Files
LocalizedPath
LocalizedProgramFilesPath
LogAndUpdatePhases
MinHW
OnRemoveAddReg
OnRemoveDelReg
PatchLoadBalancingForNetware
PostUninstallWizExec
PreWizExec
ProcessPerUserSection
QuitSage
RegBackRemove
RegRestore
RegSave
RegistryRestore
RegistrySave
ReinstallCheck
RemoveBackupEntry
RemoveIEUninstallInfo
RemoveWizExec
SaveChannelFolder
SetDependencyOnPstore
SetFWDO
ShortPath
SzGetDatadefVer
TempFileNameHackOnNT
UninstallChecking
UpdateVersionOnFile
VerifySTF
WinCntUpd
WizExec

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IE4UINIT.EXE
.exe windows:5 windows x86 arch:x86

747d1b3651f3a670f3535d8cc0c73833

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegEnumValueA
RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA

kernel32

GetFileAttributesA
lstrcpyA
MultiByteToWideChar
CopyFileA
SetFileAttributesA
CreateDirectoryA
GetDriveTypeA
lstrcmpiA
GetWindowsDirectoryA
GetLastError
GetModuleFileNameA
LoadLibraryExA
GlobalMemoryStatus
ExpandEnvironmentStringsA
lstrcatA
GetStartupInfoA
SetErrorMode
GetVersionExA
GetModuleHandleA
GetCommandLineA
LocalFree
lstrcpynA
LocalAlloc
IsDBCSLeadByte
CloseHandle
WriteFile
CreateFileA
SetCurrentDirectoryA
SetFilePointer
lstrcmpA
ReadFile
GetFileSize
GetPrivateProfileStringA
FindFirstFileA
FindClose
lstrlenA
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
ExitProcess

user32

wsprintfA
MessageBoxA
CharNextA
LoadStringA
CharPrevA
CharUpperA
CharLowerA

shell32

SHFileOperationA
SHChangeNotify
ord179

ole32

OleUninitialize
CoCreateInstance
OleInitialize

advpack

RunSetupCommand
ExecuteCab
RegRestoreAll
DelNode
GetVersionFromFile

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IEDETECT.DLL
.dll windows:5 windows x86 arch:x86

774b9ff92b7f3d68abd38d54e28116c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CharLowerA
CharPrevA
CharNextA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

GetSystemDirectoryA
GetFileAttributesA
GetSystemDefaultLCID
lstrcpyA
DisableThreadLibraryCalls
GetProcessHeap
GetACP
lstrcmpiA
GetVersionExA
IsDBCSLeadByte
lstrlenA
GetPrivateProfileSectionA
LocalAlloc
FindClose
FindFirstFileA
LocalFree
GetShortPathNameA
GetWindowsDirectoryA
lstrcpynA

advpack

GetVersionFromFile

Exports

Exports

DetectAOLSupport
DetectDCOM
DetectDirectDraw
DetectDirectShow
DetectDirectX
DetectGenSetup
DetectHTMLHelp
DetectICW
DetectInternetExplorer
DetectJapaneseFontPatch
DetectJapaneseIME
DetectJapaneseLangPack
DetectJavaVM
DetectKoreanIME
DetectKoreanLangPack
DetectMDAC
DetectMFC
DetectMsn_Auth
DetectOLEAutomation
DetectOfflinePkg
DetectSimpChineseLangPack
DetectSimplifiedChineseIME
DetectTdc
DetectTradChineseLangPack
DetectTraditionalChineseIME

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 818B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IEDKCS32.DLL
.dll regsvr32 windows:5 windows x86 arch:x86

18087bfc7f52c4df92500accee0c9d5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_except_handler3
wcscat
wcscpy
swprintf
_CxxThrowException
??2@YAPAXI@Z
wcslen
??3@YAXPAX@Z
memmove
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_onexit
__dllonexit
_adjust_fdiv
_initterm
toupper
malloc
free

kernel32

CreateThread
lstrcpyA
ReadFile
GetVersion
GetFileTime
IsDBCSLeadByte
FlushFileBuffers
WriteFile
GetTickCount
GetCurrentProcess
GetLastError
GetLocalTime
InterlockedDecrement
GetFileSize
LocalAlloc
SetLastError
MultiByteToWideChar
FileTimeToSystemTime
lstrcatW
FindClose
GetFileAttributesExW
GetComputerNameW
GlobalFree
lstrcatA
MoveFileExW
IsBadStringPtrA
GetProcAddress
TerminateProcess
lstrlenA
ResumeThread
lstrlenW
SetFilePointer
CloseHandle
DisableThreadLibraryCalls
FreeLibrary
lstrcmpiA
WideCharToMultiByte
GetPrivateProfileStringA
GetPrivateProfileSectionA
GetPrivateProfileSectionW
lstrcmpA
InterlockedExchange
LoadLibraryA
RaiseException
LocalFree

user32

TranslateMessage
MsgWaitForMultipleObjects
wsprintfA
DestroyIcon
SetCursor
wsprintfW
KillTimer
EndDialog
GetShellWindow
SendMessageTimeoutA
GetTopWindow
GetClassNameA
GetWindow
GetDesktopWindow
SetTimer

advapi32

EqualSid
GetLengthSid
CopySid
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
SetFileSecurityW
OpenProcessToken
GetTokenInformation
LookupPrivilegeNameW
AdjustTokenPrivileges
RegSaveKeyA
FreeSid
ImpersonateLoggedOnUser
RevertToSelf
RegCloseKey
AllocateAndInitializeSid
LookupPrivilegeValueW
LookupPrivilegeValueA
RegSaveKeyW

shlwapi

SHGetValueW
ChrCmpIA
StrCmpIW
ord123
PathAddBackslashW
StrChrW
StrStrIW
PathIsPrefixW
StrCmpNIW
PathFindFileNameW
ord276
ord128
PathFindExtensionW
SHDeleteEmptyKeyW
StrPBrkW
PathIsUNCW
SHQueryValueExW
PathIsURLW
StrRChrW
PathAddExtensionW
StrTrimW
ord40
StrCpyNW
ord394
ord360
StrRetToStrW
StrSpnW
ord434
ord117
ord81
ord75
PathRemoveBackslashW
ord113
PathRemoveExtensionW
PathIsDirectoryW
ord135
wvnsprintfW
ord79
ord59
ord104
ord102
StrChrIW
PathRemoveBlanksW
PathUnquoteSpacesW
StrStrW
ord45
ord306
ord341
ord65
StrCmpW
SHDeleteValueW
ord271
SHDeleteKeyW
ord120
ord130
ord125
ord347
StrCmpNW
ord366
ord298
SHSetValueW
ord107
StrCatW
ord309
ord60
ord116
ord50
ord338
StrCpyW
ord80
PathRemoveFileSpecW
PathAppendW
PathIsFileSpecW
PathCombineW
ord97
StrToIntExW
ord85
wnsprintfW
PathRenameExtensionW
PathFileExistsW
ord57
ord112
ord52
ord437
ord38
ord83
ord115
ord294
ord295
PathGetDriveNumberW
PathGetCharTypeW
PathFindNextComponentW
PathSkipRootW
PathIsRootW
PathIsUNCServerW
ord215
ord217
StrCSpnW
ord312
StrToIntW
ord122
ord335

ole32

CoCreateGuid
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoUninitialize
CoInitializeEx
StringFromGUID2
CoGetMalloc
CoTaskMemFree

oleaut32

VariantClear
SysFreeString
SysStringLen
SafeArrayPutElement
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayCreate
SysStringByteLen
SysAllocStringByteLen
VariantChangeType
VariantInit
VariantCopy
SysAllocString

wininet

InternetSetOptionW
InternetCrackUrlW
InternetQueryOptionW
InternetCreateUrlW
InternetSetOptionA
InternetCloseHandle
InternetReadFile
HttpQueryInfoW
InternetGetLastResponseInfoW
InternetOpenUrlW
InternetOpenW
InternetGetConnectedStateExW

shell32

SHGetSpecialFolderLocation
SHGetDesktopFolder

setupapi

SetupGetIntField
SetupGetLineTextW
SetupFindNextLine
SetupGetStringFieldW
SetupCloseInfFile
SetupFindFirstLineW
SetupOpenInfFileW
SetupGetBinaryField

comctl32

ord334
ord328
ord332

Exports

Exports

BrandCleanInstallStubs
BrandExternal
BrandICW
BrandICW2
BrandIE4
BrandInfAndOutlookExpress
BrandInternetExplorer
BrandIntra
BrandMe
Clear
CloseRASConnections
DllRegisterServer
DllUnregisterServer
GenerateGroupPolicy
InternetInitializeAutoProxyDll
ProcessGroupPolicy
ProcessGroupPolicyEx

Sections

.text
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IEFILES5.INF
IEINFO5.OCX
.dll regsvr32 windows:5 windows x86 arch:x86

d2da0fb3e405ad0170b935340058e984

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

mfc40

ord810
ord483
ord729
ord1035
ord486
ord362
ord762
ord1097
ord3626
ord5031
ord4931
ord2557
ord836
ord835
ord481
ord2471
ord5630
ord1075
ord1085
ord1359
ord267
ord1633
ord265
ord3738
ord2176
ord3511
ord2358
ord5637
ord2894
ord5638
ord3952
ord2860
ord2916
ord3202
ord403
ord651
ord1043
ord1084
ord1071
ord3229
ord2262
ord3885
ord2931
ord3163
ord2255
ord3879
ord3113
ord2135
ord1464
ord4973
ord881
ord3827
ord4154
ord4113
ord5023
ord1873
ord4314
ord4375
ord5001
ord3611
ord4133
ord4132
ord4230
ord4124
ord4360
ord4024
ord3997
ord4070
ord4441
ord4380
ord4385
ord4390
ord4122
ord4156
ord4473
ord4127
ord4117
ord3838
ord4241
ord4123
ord4111
ord4110
ord4505
ord4060
ord3854
ord3844
ord3840
ord4202
ord4204
ord4201
ord3892
ord4079
ord4459
ord3898
ord4444
ord4432
ord2177
ord2963
ord4015
ord5643
ord2618
ord2755
ord2844
ord3946
ord2621
ord2695
ord3581
ord4098
ord5363
ord3578
ord1540
ord3890
ord4657
ord2086
ord4608
ord5647
ord3837
ord4704
ord3314
ord4296
ord3922
ord2323
ord1785
ord5649
ord3268
ord4510
ord1494
ord4677
ord2140
ord1850
ord4691
ord2961
ord4101
ord760
ord3684
ord688
ord542
ord4715
ord4719
ord604
ord607
ord632
ord279
ord2312
ord3452
ord450
ord353
ord509
ord381
ord3158
ord3185
ord2115
ord5440
ord2223
ord2378
ord4403
ord5260
ord1837
ord1806
ord1842
ord1828
ord2081
ord721
ord3112
ord3630
ord3784
ord2510
ord2426
ord5192
ord485
ord2470
ord763
ord2317
ord5506
ord3530
ord2883
ord5319
ord5434
ord5432
ord5492
ord3786
ord4817
ord5656
ord2456
ord2403
ord5296
ord834
ord3290
ord5570
ord2293
ord3959
ord2392
ord2395
ord2394
ord752
ord1387
ord2467
ord742
ord755
ord1025
ord2466
ord739
ord1364
ord3222
ord708
ord759
ord5256
ord2905
ord756
ord754
ord3307
ord961
ord2428
ord3697
ord488
ord704
ord1733
ord2094
ord751
ord4637
ord2427
ord817
ord5049
ord4839
ord4623
ord479
ord1647
ord5748
ord1073
ord4046
ord4141
ord4302
ord4462
ord4681
ord3859
ord4312
ord4450
ord4176
ord2199
ord5360
ord1539
ord5644
ord4700
ord3919
ord2861
ord4099
ord3907
ord406
ord654
ord1986
ord2561
ord492
ord1627
ord1000
ord999
ord1105
ord1369
ord1042
ord328
ord1046
ord1367
ord5681
ord988
ord1370
ord269
ord733
ord671
ord711
ord3656
ord821
ord819
ord706
ord2995
ord615
ord532
ord2389
ord3458
ord731
ord504
ord3192
ord3906
ord4096
ord3580
ord2694
ord3340
ord3346
ord3345
ord2960
ord2696
ord2620
ord2845
ord2744
ord3945
ord2843
ord2754
ord2617
ord5053
ord4703
ord2909
ord5648
ord4165
ord2097
ord4627
ord965
ord3431
ord5070
ord2197
ord2234
ord3963
ord3579
ord701
ord4713
ord679
ord3242
ord3153
ord1426

msvcrt40

_onexit
__dllonexit
malloc
wcslen
__CxxFrameHandler
_EH_prolog
_stricmp
free
realloc
strrchr
_fullpath
_splitpath
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ

oleaut32

VariantTimeToSystemTime
VariantClear
LoadRegTypeLi

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoImpersonateClient

user32

EnableWindow
SystemParametersInfoA
ReleaseDC
EmptyClipboard
RedrawWindow
EqualRect
IsWindowVisible
InvalidateRect
CloseClipboard
SetClipboardData
FillRect
GetDC
SendMessageA
GetClientRect
OpenClipboard

gdi32

GetBkColor
CreateSolidBrush
GetTextExtentPointA
CreateFontIndirectA

advapi32

RegCloseKey
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA

kernel32

GetVersionExA
MultiByteToWideChar
LockResource
LoadResource
FindResourceA
GetModuleFileNameA
lstrlenA
GetWindowsDirectoryA
ExpandEnvironmentStringsA
GetTimeFormatA
GetDateFormatA
lstrcpynA
GlobalUnlock
GlobalLock
GlobalAlloc
FreeLibrary
GetProcAddress
LoadLibraryA
GlobalFree
GetSystemDirectoryA
GetEnvironmentVariableA
SearchPathA
GetProfileStringA
FindClose
SetLastError
GetLastError
FindFirstFileA
FindNextFileA
LocalFree
LocalAlloc
GetVersion
Sleep

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetDesktopFolder

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

setupapi

SetupOpenInfFileA
SetupGetLineTextA
SetupCloseInfFile
SetupGetLineByIndexA
SetupGetLineCountA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetTemplate

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IEJIT.HTM
.js
IEMILLEN.INF
IESETUP.CIF
IEUINIT.INF

Sharing

General

Malware Config

Signatures

Files

93fcd40ed5f58809c21cc3c1949a5496

Headers

File Characteristics

Imports

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 71KB - Virtual size: 71KB

.orpc Size: 3KB - Virtual size: 2KB

.data Size: 10KB - Virtual size: 10KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 10KB - Virtual size: 10KB

dce0ad7ab2c2d08091580dec5ccce297

Headers

File Characteristics

Imports

ntdll

user32

gdi32

kernel32

advapi32

ole32

version

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 72KB

.data Size: 1KB - Virtual size: 52KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 5KB - Virtual size: 5KB

c010dbe410f30234e90ad9eeddf11dc2

Headers

File Characteristics

Imports

oleaut32

ole32

user32

gdi32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 45KB - Virtual size: 44KB

.data Size: 1024B - Virtual size: 636B

.rsrc Size: 36KB - Virtual size: 35KB

.reloc Size: 4KB - Virtual size: 3KB

8ef95172470b9f552734e3fd0e068e7e

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 3KB

Headers

File Characteristics

Sections

.rsrc Size: 60KB - Virtual size: 60KB

.reloc Size: 512B - Virtual size: 8B

2a1c16837c2054dcb9cfc4ae9ec75e40

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

msvcrt

.text
Size: 71KB - Virtual size: 71KB

.orpc
Size: 3KB - Virtual size: 2KB

.data
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 10KB - Virtual size: 10KB

.text
Size: 72KB - Virtual size: 72KB

.data
Size: 1KB - Virtual size: 52KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 5KB - Virtual size: 5KB

.text
Size: 45KB - Virtual size: 44KB

.data
Size: 1024B - Virtual size: 636B

.rsrc
Size: 36KB - Virtual size: 35KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 60KB - Virtual size: 60KB

.reloc
Size: 512B - Virtual size: 8B

.text
Size: 534KB - Virtual size: 533KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 429KB - Virtual size: 432KB

.reloc
Size: 31KB - Virtual size: 31KB

.text
Size: 418KB - Virtual size: 417KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 122KB - Virtual size: 122KB

.reloc
Size: 13KB - Virtual size: 12KB

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 428B

.edata
Size: 512B - Virtual size: 226B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 520B

.text
Size: 58KB - Virtual size: 57KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 10KB - Virtual size: 10KB

.reloc
Size: 4KB - Virtual size: 4KB