XMouseButtonControlSetup[.]2[.]20[.]2[.]exe

Resubmissions

06/03/2024, 13:17

240306-qjhk1scg38 7

06/03/2024, 13:12

240306-qfqgfsbe8s 7

Sharing

Copy URL Twitter E-mail

General

Target

XMouseButtonControlSetup.2.20.2.exe
Size

2.9MB
MD5

ddf79d7a588328468ae2835e6af48dad
SHA1

0f3d5131cd879e7f6758d99c4ea8adaa108fe5d9
SHA256

b3f1b087a2617c1af305c8f9bb275f169edc46f4b4687f69db37dea0fe0cebeb
SHA512

f9bb715b95387146b1cbd9303355d56e771da9812ed2eb38144bbb00f36ce6633103ef5325a8535d430cd86acadbc20970b421a1d61fdf612c7c4d210f99a583
SSDEEP

49152:B087fgoYA9Lyix4uaujNX+9GGvR/iKz49YuJsDnGDQq9/kEIDEPSF:ZjgorLTHcGNKUNJsDGsq9fRa

Score

3^/10

Malware Config

Signatures

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/ExecCmd.dll
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/ShellExecAsUser.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/BugTrapU-x64.dll
unpack002/$PLUGINSDIR/ExecCmd.dll
unpack002/$PLUGINSDIR/System.dll

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/uninstaller.exe	nsis_installer_1
static1/unpack001/uninstaller.exe	nsis_installer_2

Files

XMouseButtonControlSetup.2.20.2.exe
.exe windows:4 windows x86 arch:x86

b1a57b635b23ffd553b3fd1e0960b2bd

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31/05/2021, 06:43

Not After

17/09/2029, 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:d4:ae:70:b9:d0:63:5b:2a:e9:84:c8:d6:74:aa:30
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

28/07/2022, 08:56

Not After

27/07/2033, 08:56

Subject

CN=Certum Timestamp 2022,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:ce:cf:c8:de:5e:5f:86:d9:87:91:b6:cf:86:a7:ce
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

04/04/2022, 12:22

Not After

04/04/2023, 12:22

Subject

CN=Open Source Developer\, Phillip Gibbons,O=Open Source Developer,ST=Berkshire,C=GB,1.2.840.113549.1.9.1=#0c127068696c406869676872657a2e636f2e756b

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

a1:ff:22:5f:13:9e:d9:e9:f6:ed:3d:82:27:63:24:76:a2:3d:2c:a9
Signer

Actual PE Digest

a1:ff:22:5f:13:9e:d9:e9:f6:ed:3d:82:27:63:24:76:a2:3d:2c:a9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
SetFileAttributesA
CompareFileTime
SearchPathA
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
Sleep
lstrcmpiA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrcatA
GetSystemDirectoryA
WaitForSingleObject
SetFileTime
CloseHandle
GlobalFree
lstrcmpA
ExpandEnvironmentStringsA
GetExitCodeProcess
GlobalAlloc
GetCommandLineA
GetTempPathA
GetProcAddress
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
ReadFile
FindClose
GetPrivateProfileStringA
WritePrivateProfileStringA
WriteFile
MulDiv
MultiByteToWideChar
LoadLibraryExA
GetModuleHandleA
FreeLibrary

user32

SetCursor
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
EndDialog
ScreenToClient
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetForegroundWindow
GetWindowLongA
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
SetTimer
PostQuitMessage
SetWindowLongA
SendMessageTimeoutA
LoadImageA
wsprintfA
GetDlgItem
FindWindowExA
IsWindow
SetClipboardData
EmptyClipboard
OpenClipboard
EndPaint
CreateDialogParamA
DestroyWindow
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA
ShellExecuteA

advapi32

RegDeleteValueA
SetFileSecurityA
RegOpenKeyExA
RegDeleteKeyA
RegEnumValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ExecCmd.dll
.dll windows:4 windows x86 arch:x86

bf44c9fb48bb8c36b3e2527e7252350d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
OpenProcess
CloseHandle
GetProcAddress
LoadLibraryA
GetVersionExA
GlobalFree
TerminateProcess
GetExitCodeProcess
WaitForSingleObject
Sleep
CreateProcessA
GlobalAlloc
GetExitCodeThread
lstrcpyA
lstrcpynA
CreateThread
lstrcatA
GetEnvironmentVariableA
lstrcmpiA

user32

SendMessageA
EnumWindows
WaitForInputIdle
wsprintfA
GetWindowThreadProcessId

Exports

Exports

exec
wait

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 802B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 142B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

738dc9bb91549f627cf1953c2000e1d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentDirectoryA
MultiByteToWideChar
SetCurrentDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleA
lstrcmpiA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalAlloc
GlobalUnlock
GlobalLock

user32

GetDlgCtrlID
CloseClipboard
GetClipboardData
MapWindowPoints
LoadCursorA
GetClientRect
SetWindowRgn
LoadIconA
GetWindowLongA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
SetCursor
PtInRect
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
EnableMenuItem
DrawTextA
GetSystemMenu
OpenClipboard
LoadImageA

gdi32

SetTextColor
DeleteObject
CombineRgn
CreateRectRgn
GetDIBits
SelectObject
CreateCompatibleDC
GetObjectA

shell32

SHGetPathFromIDListA
ShellExecuteA
SHBrowseForFolderA
SHGetDesktopFolder

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ShellExecAsUser.dll
.dll windows:4 windows x86 arch:x86

fb89301642ac2a39aefdd3cc2610ed81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
CloseHandle
WaitForSingleObject
OutputDebugStringA
MultiByteToWideChar
lstrlenA
GetModuleHandleA
lstrcmpA
SetEvent
GlobalFree
lstrcpyA
GetProcAddress
CreateEventA
GetVersionExA

user32

CreateWindowExA
PostMessageA
GetMessageA
SetWindowLongA
RegisterClassExA
TranslateMessage
DispatchMessageA
DefWindowProcA
DestroyWindow
GetWindowLongA
PostQuitMessage
wsprintfA

advapi32

GetTokenInformation
OpenProcessToken

shell32

ShellExecuteA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysAllocString
VariantClear
SysAllocStringLen
SysFreeString

shlwapi

ord176

msvcrt

malloc
_initterm
free
_beginthreadex
??2@YAPAXI@Z
??3@YAXPAX@Z
memset
_adjust_fdiv

Exports

Exports

ShellExecAsUser

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 426B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

f2ac1ab587d5531d5f1bf76c094aef4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
GlobalAlloc
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 510B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

f03b2bab186574d8892d3d73fa9fd3fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
lstrcpyA
GetCurrentDirectoryA
HeapFree
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
SetCurrentDirectoryA
GetProcessHeap

user32

DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
GetPropA
CharPrevA
MapWindowPoints
GetWindowLongA
DrawTextA
GetClientRect
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapDialogRect
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
CharNextA
SendMessageA
RemovePropA
DrawFocusRect
GetWindowTextA

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BugTrapU-x64.dll
.dll windows:6 windows x64 arch:x64

bce0ab64d2b0769ad1d26a0d18fc1cdd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\projects\bugtrap\bin\BugTrapU-x64.pdb

Imports

ws2_32

gethostbyname
inet_ntoa
WSASocketW
WSASend
WSAGetOverlappedResult
WSAEventSelect
WSAEnumNetworkEvents
WSAGetLastError
shutdown
setsockopt
inet_addr
htons
connect
closesocket
WSACleanup
WSAStartup
gethostname

comctl32

InitCommonControlsEx
ImageList_LoadImageW
ImageList_Destroy

shlwapi

PathRemoveBackslashW
PathRemoveExtensionW
PathSkipRootW
PathFindNextComponentW
PathIsURLW
PathAddExtensionW
PathIsRootW
PathRemoveFileSpecW
UrlIsW
PathCreateFromUrlW
PathAppendW
StrTrimW
StrTrimA
PathIsRelativeW
PathCombineW
PathFindFileNameW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

wininet

HttpEndRequestW
HttpSendRequestExW
HttpOpenRequestW
InternetSetStatusCallbackW
InternetAttemptConnect
InternetWriteFile
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetCrackUrlW
InternetGetLastResponseInfoW

kernel32

GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
Sleep
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
SetLastError
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
HeapSize
GetModuleFileNameW
CreateFileW
WriteFile
CloseHandle
CopyFileW
FindClose
FindFirstFileW
FindNextFileW
RaiseException
SetEvent
WaitForSingleObject
MultiByteToWideChar
GetFileSize
ReadFile
SetFilePointer
GetStringTypeA
MulDiv
FreeLibrary
GetProcAddress
LoadLibraryW
GetProfileIntW
WideCharToMultiByte
GetLastError
GetCurrentProcessId
OpenProcess
GetVersionExW
GetModuleHandleW
DeleteCriticalSection
GetStdHandle
IsProcessorFeaturePresent
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
WriteConsoleW
SetEndOfFile
GetLocalTime
VirtualProtect
VirtualQuery
GetModuleHandleA
RtlCaptureContext
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCommandLineW
GetCurrentDirectoryW
DeleteFileW
GetFileAttributesW
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
SuspendThread
ResumeThread
GetThreadContext
GlobalMemoryStatusEx
GetSystemInfo
ReadProcessMemory
LocalAlloc
LocalFree
FormatMessageW
GetComputerNameW
SystemTimeToFileTime
GetDateFormatW
GetTimeFormatW
SetUnhandledExceptionFilter
CreateEventW
TerminateProcess
CreateProcessW
DisableThreadLibraryCalls
GetUserDefaultLangID
GetTempPathW
ResetEvent
GetExitCodeThread
LocalReAlloc
WaitForMultipleObjects
CreateDirectoryW
RemoveDirectoryW
GetTickCount
GetStringTypeW
GetWindowsDirectoryW
IsDBCSLeadByte
IsDebuggerPresent
HeapAlloc
EncodePointer
DecodePointer
HeapFree
CreateThread
ExitThread
LoadLibraryExW
RtlUnwindEx
GetCommandLineA
GetSystemTimeAsFileTime
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetProcessHeap
GetFileType
GetModuleFileNameA
QueryPerformanceCounter
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleCP
LCMapStringW
HeapReAlloc
SetStdHandle
OutputDebugStringW
FlushFileBuffers

user32

GetCapture
SetCapture
ReleaseCapture
DrawFocusRect
PtInRect
GetDialogBaseUnits
SetScrollPos
IsWindowVisible
IsZoomed
DrawEdge
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
MapWindowPoints
TabbedTextOutW
GetTabbedTextExtentW
EnumDisplayDevicesW
SendMessageTimeoutW
GetActiveWindow
GetSystemMenu
AppendMenuW
GetForegroundWindow
GetWindowThreadProcessId
DrawTextW
GetWindow
GetClassLongPtrW
LoadCursorW
DestroyIcon
DrawIconEx
CopyIcon
GetMessageW
GetFocus
ScreenToClient
GetWindowRect
CreateDialogParamW
SetWindowPos
MessageBoxW
SetForegroundWindow
LoadImageW
SetWindowLongW
GetWindowLongW
CheckRadioButton
ShowWindow
UpdateWindow
IsWindowEnabled
EnableWindow
DialogBoxParamW
DestroyWindow
CreateWindowExW
GetClientRect
InvalidateRect
GetSystemMetrics
LoadStringW
GetSysColor
SetWindowTextW
GetDlgCtrlID
GetWindowTextLengthW
SendMessageW
GetParent
GetWindowTextW
SetFocus
SetDlgItemTextW
GetDlgItem
EndDialog
IsChild
GetMessagePos
SystemParametersInfoW
GetScrollInfo
SetScrollInfo
GetScrollPos
ScrollWindowEx
ReleaseDC
GetDC
GetKeyState
GetWindowLongPtrW
IsRectEmpty
FillRect
GetSysColorBrush
RedrawWindow
EndPaint
BeginPaint
KillTimer
SetTimer
DefWindowProcW
SetWindowLongPtrW
PostQuitMessage
PostMessageW
LoadIconW
DispatchMessageW
SetCursor

gdi32

CreateDCW
GetDeviceCaps
GetTextExtentPoint32W
TextOutW
MoveToEx
GetObjectW
GetDIBits
CreateFontIndirectW
PatBlt
StretchBlt
GetTextMetricsW
SetTextColor
LineTo
SetViewportOrgEx
SelectObject
GetClipBox
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteObject
SetBkColor

comdlg32

GetSaveFileNameW

advapi32

RegEnumValueW
RegEnumKeyExW
GetTokenInformation
AdjustTokenPrivileges
OpenProcessToken
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
GetUserNameW

shell32

ExtractIconExW
SHGetSpecialFolderPathW
SHGetFileInfoW
ShellExecuteW

ole32

StringFromGUID2

oleaut32

GetErrorInfo
SysFreeString

Exports

Exports

BT_AddLogFile
BT_AddRegFile
BT_AppLogEntry
BT_AppLogEntryF
BT_AppLogEntryV
BT_CallCppFilter
BT_CallNetFilter
BT_CallSehFilter
BT_ClearLog
BT_ClearLogFiles
BT_CloseLogFile
BT_CppFilter
BT_DeleteLogFile
BT_ExportRegistryKey
BT_FlushLogFile
BT_GetActivityType
BT_GetAppName
BT_GetAppVersion
BT_GetCustomActivityHandler
BT_GetDialogMessage
BT_GetDumpType
BT_GetExitMode
BT_GetFlags
BT_GetLogEchoMode
BT_GetLogFileEntry
BT_GetLogFileName
BT_GetLogFilesCount
BT_GetLogFlags
BT_GetLogLevel
BT_GetLogSizeInBytes
BT_GetLogSizeInEntries
BT_GetMailProfile
BT_GetModule
BT_GetNotificationEMail
BT_GetPostErrHandler
BT_GetPreErrHandler
BT_GetReportFilePath
BT_GetReportFormat
BT_GetSupportEMail
BT_GetSupportHost
BT_GetSupportPort
BT_GetSupportURL
BT_GetUserMessage
BT_InsLogEntry
BT_InsLogEntryF
BT_InsLogEntryV
BT_InstallSehFilter
BT_InterceptSUEF
BT_MailSnapshot
BT_MailSnapshotEx
BT_NetFilter
BT_OpenLogFile
BT_ReadVersionInfo
BT_SaveSnapshot
BT_SaveSnapshotEx
BT_SehFilter
BT_SendSnapshot
BT_SendSnapshotEx
BT_SetActivityType
BT_SetAppName
BT_SetAppVersion
BT_SetCustomActivityHandler
BT_SetDialogMessage
BT_SetDumpType
BT_SetExitMode
BT_SetFlags
BT_SetLogEchoMode
BT_SetLogFlags
BT_SetLogLevel
BT_SetLogSizeInBytes
BT_SetLogSizeInEntries
BT_SetMailProfile
BT_SetModule
BT_SetNotificationEMail
BT_SetPostErrHandler
BT_SetPreErrHandler
BT_SetReportFilePath
BT_SetReportFormat
BT_SetSupportEMail
BT_SetSupportHost
BT_SetSupportPort
BT_SetSupportServer
BT_SetSupportURL
BT_SetUserMessage
BT_SetUserMessageFromCode
BT_UninstallSehFilter

Sections

.text
Size: 230KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XMouseButtonControl.exe
.exe windows:5 windows x64 arch:x64

1ff485a1e92aeaf30998f1df88f0bbac

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31/05/2021, 06:43

Not After

17/09/2029, 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:d4:ae:70:b9:d0:63:5b:2a:e9:84:c8:d6:74:aa:30
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

28/07/2022, 08:56

Not After

27/07/2033, 08:56

Subject

CN=Certum Timestamp 2022,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:ce:cf:c8:de:5e:5f:86:d9:87:91:b6:cf:86:a7:ce
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

04/04/2022, 12:22

Not After

04/04/2023, 12:22

Subject

CN=Open Source Developer\, Phillip Gibbons,O=Open Source Developer,ST=Berkshire,C=GB,1.2.840.113549.1.9.1=#0c127068696c406869676872657a2e636f2e756b

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d1:03:33:0d:e0:51:01:b3:1b:f4:94:7b:69:de:9c:34:f3:85:90:99
Signer

Actual PE Digest

d1:03:33:0d:e0:51:01:b3:1b:f4:94:7b:69:de:9c:34:f3:85:90:99

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\My Documents\Visual Studio 2015\Projects\XMBC\XMouseButtonControl.root\XMBC\Bin\x64\Release\XMouseButtonControlFull.pdb

Imports

psapi

EnumProcessModules
GetModuleFileNameExW
EnumProcesses

dnsapi

DnsQuery_W
DnsFree

wininet

InternetOpenW
InternetOpenUrlW
InternetCloseHandle
DeleteUrlCacheEntryW
InternetReadFile

bugtrapu-x64

BT_CppFilter
BT_SehFilter
BT_SetUserMessage

xmousebuttonhook

?AdvScrollVertical@CApplicationSettings@@QEAAHXZ
?AdvScrollHorizontal@CApplicationSettings@@QEAAHXZ
?SetAdvScrollMethod@CApplicationSettings@@QEAAXH@Z
?SetAdvScrollVertical@CApplicationSettings@@QEAAXH@Z
?SetAdvScrollHorizontal@CApplicationSettings@@QEAAXH@Z
?SetInvertScrolling@CApplicationSettings@@QEAAX_N@Z
?SetInvertHorzScrolling@CApplicationSettings@@QEAAX_N@Z
?SetScrollPages@CApplicationSettings@@QEAAX_N@Z
?SetScrollLines@CApplicationSettings@@QEAAXH@Z
?SetForceSPIMessage@CApplicationSettings@@QEAAX_N@Z
??0CSettings@@QEAA@_NVCMouseInfo@@@Z
?GetStartupMouseInfo@@YAAEBVCMouseInfo@@XZ
??1CSettings@@UEAA@XZ
?SetSetupWindow@@YAXPEAUHWND__@@@Z
?GetShortName@CApplicationSettings@@QEAAHPEA_WH@Z
?IsEnabled@CApplicationSettings@@QEAA_NXZ
?GetSettingsFile@@YAHPEA_W_K_NAEA_N@Z
?CreateFolder@@YA_NPEB_W@Z
?Load@CSettings@@QEAA_NPEB_WAEA_N_N@Z
?GetCaption@CApplicationSettings@@QEAAPEB_WXZ
?GetClass@CApplicationSettings@@QEAAPEB_WXZ
?GetParentClass@CApplicationSettings@@QEAAPEB_WXZ
?IsCustomWindow@CApplicationSettings@@QEAA_NXZ
?GetMatchType@CApplicationSettings@@QEAAHXZ
?GetUseWindowArea@CApplicationSettings@@QEAA_NXZ
?GetWindowMask@CApplicationSettings@@QEAA?AW4WINDOWMASK@@XZ
?GetFullName@CApplicationSettings@@QEAAPEB_WXZ
?SetApplication@CApplicationSettings@@QEAAXPEB_W@Z
?SetDescription@CApplicationSettings@@QEAAXPEB_W@Z
?SetNoParentFlag@CApplicationSettings@@QEAAX_N@Z
?SetRegExMatching@CApplicationSettings@@QEAAX_N@Z
?SetMatchType@CApplicationSettings@@QEAAXH@Z
?SetWindowMask@CApplicationSettings@@QEAAXW4WINDOWMASK@@@Z
?SetUseWindowArea@CApplicationSettings@@QEAAX_N@Z
?SetWindowArea@CApplicationSettings@@QEAAXUtagRECT@@@Z
?AddApplication@CSettings@@QEAA_NPEAVCApplicationSettings@@@Z
?NoParent@CApplicationSettings@@QEAA_NXZ
?RegExMatching@CApplicationSettings@@QEAA_NXZ
?GetWindowArea@CApplicationSettings@@QEAA?AUtagRECT@@XZ
?Copy@CApplicationSettings@@QEAAXPEAV1@@Z
?RemoveApplication@CSettings@@QEAA_NPEAVCApplicationSettings@@@Z
?SetDebug@@YAX_NPEB_W@Z
?UpdateSettings@@YA_NXZ
?SetDefaultApp@CSettings@@QEAAXPEAVCApplicationSettings@@@Z
?ClearApplications@CSettings@@QEAAXXZ
?Save@CSettings@@QEAA_NPEB_W@Z
?SavePersistantSettings@@YA_NXZ
?SetEnableFlag@CApplicationSettings@@QEAAX_N@Z
?FlushLog@CLogger@@SAXXZ
?Import@CSettings@@QEAAHPEB_WPEAUHWND__@@0PEAPEAVCApplicationSettings@@@Z
?Export@CSettings@@QEAA_NPEAVCApplicationSettings@@PEB_W@Z
?GetFilename@CSettings@@QEAAPEB_WXZ
?SetSettingsFile@@YAHPEB_W@Z
?GetDefaultSettingsFile@@YAHPEA_W_K@Z
?LoadIcons@CIconSettings@@QEAAHPEB_W@Z
?SaveIcons@CIconSettings@@QEAAHPEB_W@Z
??0CVolumeManager@@QEAA@_N@Z
??1CVolumeManager@@UEAA@XZ
?SetParent@CVolumeManager@@QEAAXPEAUHWND__@@@Z
?ReInitialise@CVolumeManager@@QEAAXXZ
?SetVolume@CVolumeManager@@QEAA_NM@Z
?Notifiction@CVolumeManager@@UEAAXW4VolumeAction@@@Z
??0InvalidParameterInstaller@@QEAA@XZ
??1InvalidParameterInstaller@@QEAA@XZ
?DebugOutput@CLogger@@SAXPEB_WZZ
?DisableLogging@CLogger@@SAX_N@Z
?SetPortable@@YAX_N@Z
?AddFiles@ExceptionHandlerInstaller@@SAXXZ
?DisableBanner@CLogger@@SAXXZ
?GetProcessIntegrityLevel@@YAHKPEAX@Z
?GetHooktimeoutValue@@YAKXZ
?GetOfficeMouse@@YA_NXZ
?SetOfficeMouse@@YAX_N@Z
?GetShowIcon@@YA_NXZ
?IsDesktopLocked@@YA_NXZ
?SetMouseHook@@YA_NXZ
?RemoveMouseHook@@YA_N_N@Z
?GetLanguageFile@@YA_NPEA_WH@Z
?SetHookVolumeOSDWindow@@YAXPEAUHWND__@@@Z
?SetHookBrightnessOSDWindow@@YAXPEAUHWND__@@@Z
?RandomiseDelay@CApplicationSettings@@QEAA_NHH@Z
?GetAutoSwitchTime@CApplicationSettings@@QEAANH@Z
?GetActionData@CApplicationSettings@@QEAAPEAVCActionData@@HH@Z
?GetLayerName@CApplicationSettings@@QEAAPEA_WH@Z
?SetLayerDisabled@CApplicationSettings@@QEAAXH_N@Z
?SetLayerDisabledNextPrev@CApplicationSettings@@QEAAXH_N@Z
?SetRevertLayer1@CApplicationSettings@@QEAAXH_N@Z
?SetAutoSwitchTime@CApplicationSettings@@QEAAXHN@Z
?SetAutoSwitchLayer@CApplicationSettings@@QEAAXHH@Z
?SetTimedClicks@CApplicationSettings@@QEAAXHHPEAVCXMBCTimedClicks@@@Z
?SetChords@CApplicationSettings@@QEAAXHHPEAVCXMBCChords@@@Z
?SetMovement2Scroll@CApplicationSettings@@QEAAXHHPEAVCMovement2Scroll@@@Z
?SetLaunchApp@CApplicationSettings@@QEAAXHHPEB_W@Z
?SetKeystrokes@CApplicationSettings@@QEAAXHHPEB_WHH_N111@Z
?AdvScrollMethod@CApplicationSettings@@QEAAHXZ
?SetLayerName@CApplicationSettings@@QEAAXPEB_WH@Z
?SetActions@CApplicationSettings@@QEAAXHHW4_ACTIONS@@@Z
?GetRevertLayer1@CApplicationSettings@@QEAA_NH@Z
?GetAutoSwitchLayer@CApplicationSettings@@QEAAHH@Z
?GetLayerDisabledNextPrev@CApplicationSettings@@QEAA_NH_N@Z
?GetLayerDisabled@CApplicationSettings@@QEAA_NH@Z
?GetActions@CApplicationSettings@@QEAA?AW4_ACTIONS@@HH_N@Z
?GetLayerModifierKeys@CSettings@@QEAAPEAVCLayerModifierKeys@@XZ
??1CThreadLock@@QEAA@XZ
??0CThreadLock@@QEAA@PEAU_RTL_CRITICAL_SECTION@@PEB_W@Z
?SaveIcons@CIconSettings@@QEAAHXZ
?WindowHandle@CIcon@@QEAAPEAUHWND__@@XZ
?IsGadget@CIcon@@QEAA_NXZ
?GetPosition@CIcon@@QEAA?AUtagPOINT@@XZ
?GetName@CIcon@@QEAAPEB_WXZ
?Index@CIcon@@QEAAIXZ
?GetIcon@CIconSettings@@QEAAPEAVCIcon@@H@Z
?GetCount@CIconSettings@@QEAAHXZ
?LoadIcons@CIconSettings@@QEAAHXZ
??1CIcon@@UEAA@XZ
?RemoveListedIcons@CIconSettings@@QEAAHXZ
?AddIcon@CIconSettings@@QEAAHPEAVCIcon@@@Z
??0CIcon@@QEAA@IPEB_WUtagPOINT@@PEAUHWND__@@_N@Z
?ClearIcons@CIconSettings@@QEAAHXZ
?GetDebug@@YA_NXZ
?InvertedScrolling@CApplicationSettings@@QEAA_NXZ
??0CIconSettings@@QEAA@XZ
?GetHotKeys@CSettings@@QEAAPEAVCHotKeys@@XZ
?SetThreadName@@YAXKPEBD@Z
?SetMaxLayers@CSettings@@QEAA_NH@Z
?RealWindowFromPoint@@YAPEAUHWND__@@AEBUtagPOINT@@@Z
?SetFindHook@@YA_NPEAUHWND__@@@Z
?RemoveFindHook@@YA_NXZ
?GetProfileWindow@@YAPEAUHWND__@@XZ
?WindowFromPointEx@@YAPEAUHWND__@@UtagPOINT@@H@Z
?GetPhysCursorPos@@YAHPEAUtagPOINT@@@Z
?MaxLayers@@YAHXZ
?GetLogFile@@YAHPEA_W_K_N@Z
?SetDefaultLogFolder@@YA_NPEB_W@Z
?GetDefaultLogFolder@@YA_NPEA_WK@Z
?SetDisableLayerModifier@CApplicationSettings@@QEAAX_N@Z
?SetDisableMouseOver@CApplicationSettings@@QEAAX_N@Z
?SetClipMouse@CApplicationSettings@@QEAAX_N@Z
?SetIgnoreHScroll@CApplicationSettings@@QEAAX_N@Z
?SetIgnoreVScroll@CApplicationSettings@@QEAAX_N@Z
?SetAxisLocking@CApplicationSettings@@QEAAX_N@Z
?SetProfileChangeScript@CApplicationSettings@@QEAAXPEB_W@Z
?EnableProfileScript@CApplicationSettings@@QEAAX_N@Z
?ChangeCursor@CApplicationSettings@@QEAAX_N@Z
?SetMouseSpeed@CApplicationSettings@@QEAAXH@Z
?ActivateOnHover@CApplicationSettings@@QEAAX_N@Z
?EnhancePointerPrecision@CApplicationSettings@@QEAAX_N@Z
?OverrideMouseSpeed@CApplicationSettings@@QEAAX_N@Z
?SetDisableScrollUnderCursor@CApplicationSettings@@QEAAX_N@Z
?SetSwapButtons@CApplicationSettings@@QEAAXW4swapbuttons@@@Z
?SetIgnoreHScrollTime@CApplicationSettings@@QEAAXH@Z
?SetIgnoreVScrollTime@CApplicationSettings@@QEAAXH@Z
?GetProfileChangeScript@CApplicationSettings@@QEAAPEB_WXZ
?IsProfileScriptEnabled@CApplicationSettings@@QEAA_NXZ
?ChangeCursor@CApplicationSettings@@QEAA_NXZ
?GetMouseSpeed@CApplicationSettings@@QEAAHXZ
?ActivateOnHover@CApplicationSettings@@QEAA_NXZ
?GetDisableLayerModifier@CApplicationSettings@@QEAA_NXZ
?AxisLocking@CApplicationSettings@@QEAA_NXZ
?GetDisableMouseOver@CApplicationSettings@@QEAA_NXZ
?IsDefault@CApplicationSettings@@QEAA_NXZ
?GetIgnoreHScrollTime@CApplicationSettings@@QEAAHXZ
?GetIgnoreVScrollTime@CApplicationSettings@@QEAAHXZ
?GetIgnoreHScroll@CApplicationSettings@@QEAA_NXZ
?GetIgnoreVScroll@CApplicationSettings@@QEAA_NXZ
?GetDisableScrollUnderCursor@CApplicationSettings@@QEAA_NXZ
?EnhancePointerPrecision@CApplicationSettings@@QEAA_NXZ
?OverrideMouseSpeed@CApplicationSettings@@QEAA_NXZ
?ClipMouse@CApplicationSettings@@QEAA_NXZ
?SetCursor@CApplicationSettings@@QEAAXPEB_W@Z
?GetCursor@CApplicationSettings@@QEAAPEB_WXZ
?SwapButtons@CApplicationSettings@@QEAA?AW4swapbuttons@@XZ
?SetActionData@CMovement2Scroll@@QEAAXPEAVCActionData@@@Z
?SetSensitivityX@CMovement2Scroll@@QEAAXH@Z
?SetSensitivityY@CMovement2Scroll@@QEAAXH@Z
?SetAxisLock@CMovement2Scroll@@QEAAXH@Z
?SetStickyBlock@CMovement2Scroll@@QEAAX_N@Z
?SetSticky@CMovement2Scroll@@QEAAX_N@Z
?SetInvertHorizontal@CMovement2Scroll@@QEAAX_N@Z
?SetInvertVertical@CMovement2Scroll@@QEAAX_N@Z
?SetBlockMouse@CMovement2Scroll@@QEAAX_N@Z
?GetActionData@CMovement2Scroll@@QEAAPEAVCActionData@@XZ
?getSensitivityX@CMovement2Scroll@@QEAAHXZ
?getSensitivityY@CMovement2Scroll@@QEAAHXZ
?InvertHorizontal@CMovement2Scroll@@QEAA_NXZ
?InvertVertical@CMovement2Scroll@@QEAA_NXZ
?GetAxisLocked@CMovement2Scroll@@QEAAHXZ
?IsStickyBlock@CMovement2Scroll@@QEAA_NXZ
?IsSticky@CMovement2Scroll@@QEAA_NXZ
?IsButtonBlocked@CMovement2Scroll@@QEAA_NXZ
?ScrollLines@CApplicationSettings@@QEAAHXZ
?ScrollPages@CApplicationSettings@@QEAA_NXZ
?SetActionDescription@CApplicationSettings@@QEAAXHHPEB_W@Z
?InvertedHorzScrolling@CApplicationSettings@@QEAA_NXZ
?SetModifier@CHotkey@@QEAAHG@Z
?SetVirtualKey@CHotkey@@QEAAHG@Z
?IsExtended@CHotkey@@QEAA_NXZ
?GetHotkey@CLayerModifierKeys@@QEAAPEAVCHotkey@@W4ModifierKeys@@@Z
?SetLanguage@CSettings@@QEAAXPEB_W@Z
?GetLanguage@CSettings@@QEAAPEB_WXZ
?SetHotkey@CHotkey@@QEAAHK@Z
?GetVirtualKey@CHotkey@@QEAAGXZ
?GetModifier@CHotkey@@QEAAGXZ
?GetHotkey@CHotKeys@@QEAAPEAVCHotkey@@W4GlobalHotkeys@@@Z
?MaxLayers@CSettings@@QEAA?BHXZ
?GetDescription@CApplicationSettings@@QEAAPEB_WXZ
?GetApplication@CApplicationSettings@@QEAAPEB_WXZ
?GetApplication@CSettings@@QEAAPEAVCApplicationSettings@@H@Z
?GetApplicationCount@CSettings@@QEAAHXZ
?GetDefaultApp@CSettings@@QEAAPEAVCApplicationSettings@@XZ
?NewAction@CActionData@@SAPEAV1@H@Z
?Clear@CActionData@@QEAAXXZ
?GetLock@CLogger@@SA_NXZ
?ReleaseLock@CLogger@@SAXXZ
?SetHookMainWindow@@YAXPEAUHWND__@@@Z
?GetHooked@@YA_NXZ
?NotificatcionsEnabled@@YA_NXZ
?IsXMBCDisabled@@YA_N_N@Z
?GetEnableOSD@@YA_NXZ
?GetLayername@@YAPEB_WH@Z
?SetCurrentLayer@@YAXH_N00@Z
?GetReinstallOnResume@@YA_NXZ
?GetCurrentLayer@@YAHXZ
?LeftClickCycleLayer@@YA_NXZ
?NextLayer@@YAXXZ
?PreviousLayer@@YAXXZ
?HookToggleXAxisLock@@YAXXZ
?GetTimedClicks@CActionData@@QEAAPEAVCXMBCTimedClicks@@XZ
?GetLaunchApp@CXMBCChord@@QEAAPEB_WXZ
?SendKeyAction@CXMBCChord@@QEAAHXZ
?GetKeys@CXMBCChord@@QEAAPEB_WXZ
?GetChords@CActionData@@QEAAPEAVCXMBCChords@@XZ
?GetApplication@CActionData@@QEAAPEA_WXZ
?SetActionData@CXMBCTimedClick@@QEAAXPEAVCActionData@@@Z
?SetEnabled@CXMBCTimedClicks@@QEAAXH_N@Z
?SetReleaseOnUp@CXMBCTimedClicks@@QEAAX_N@Z
?HookToggleYAxisLock@@YAXXZ
?HookToggleXAxisInvert@@YAXXZ
?HookToggleYAxisInvert@@YAXXZ
?CycleCursorSpeed@@YAXXZ
?GetCycleCursorSpeed@@YAHXZ
?GetHotkeys@@YAPEAVCHotKeys@@XZ
?GetUseWhenDisabled@CHotkey@@QEAAHXZ
?UpdateSPIThread@@YAXXZ
?UpdateCursors@@YAXXZ
?DisplayChanged@@YAXXZ
?ForceSPIMessage@CApplicationSettings@@QEAA_NXZ
?LogOSError@CLogger@@SAXKPEB_WZZ
?TimedClicksAction@CActionData@@SAPEAV1@AEAVCXMBCTimedClicks@@@Z
?ChordedAction@CActionData@@SAPEAV1@AEAVCXMBCChords@@@Z
??1CApplicationSettings@@UEAA@XZ
??0CApplicationSettings@@QEAA@PEAVCSettings@@_NH@Z
?GetTimedClicks@CApplicationSettings@@QEAAPEAVCXMBCTimedClicks@@HH@Z
?CopyTimedClicks@CApplicationSettings@@QEAAXHHPEAVCXMBCTimedClicks@@@Z
?GetChords@CApplicationSettings@@QEAAPEAVCXMBCChords@@HH@Z
?CopyChords@CApplicationSettings@@QEAAXHHPEAVCXMBCChords@@@Z
?GetLaunchApp@CApplicationSettings@@QEAAPEA_WHH@Z
?GetKeystrokes@CApplicationSettings@@QEAAPEA_WHH@Z
?SendKeyAction@CApplicationSettings@@QEAAHHH@Z
?SendKeyRepeat@CApplicationSettings@@QEAAHHH@Z
?SendKeyWhenActive@CApplicationSettings@@QEAA_NHH@Z
?BlockMouse@CApplicationSettings@@QEAA_NHH@Z
??1CIconSettings@@UEAA@XZ
?BlockMouseActive@CApplicationSettings@@QEAA_NHH@Z
?CheckVersionEnabled@@YA_NXZ
?CheckVersionDays@@YAHXZ
?GetLastUpdateCheck@@YAHXZ
?LogDebug@CLogger@@SAXPEB_WZZ
??0ExceptionHandlerInstaller@@QEAA@XZ
??1ExceptionHandlerInstaller@@UEAA@XZ
?LogMessage@CLogger@@SAXPEB_WZZ
?CheckBetaVersionEnabled@@YA_NXZ
?SetLastUpdateCheck@@YAXH@Z
?GetSettingsFolder@@YAHPEA_W_K@Z
?GetEXEFolder@@YAHPEA_W_K@Z
?get_ResetStickyOnAnyButton@CSettings@@QEAA_NXZ
?get_ResetStickyOnAnyKey@CSettings@@QEAA_NXZ
?get_ResetStickyOnLayerChange@CSettings@@QEAA_NXZ
?get_EnableDebounce@CSettings@@QEAA_NXZ
?get_DebounceTime@CSettings@@QEAAHXZ
?get_DebounceFromUp@CSettings@@QEAA_NXZ
?put_ResetStickyOnAnyButton@CSettings@@QEAAX_N@Z
?put_ResetStickyOnAnyKey@CSettings@@QEAAX_N@Z
?put_ResetStickyOnLayerChange@CSettings@@QEAAX_N@Z
?put_EnableDebounce@CSettings@@QEAAX_N@Z
?put_DebounceTime@CSettings@@QEAAXH@Z
?put_DebounceFromUp@CSettings@@QEAAX_N@Z
?LogOSMessage@CLogger@@SAXKPEB_WZZ
?GetOSVersion@@YA?AW4_ActionOSVersion@@XZ
??1CBrightness@@QEAA@XZ
??0CBrightness@@QEAA@PEAUHWND__@@@Z
?GetAlwaysShowOSD@@YA_NXZ
?SetBrightness@CBrightness@@QEAA_NH@Z
?Action@CActionData@@QEAA?AW4_ACTIONS@@XZ
?LogThreadDebug@CLogger@@SAXPEB_WZZ
??0CXMBCChords@@QEAA@XZ
??1CXMBCChords@@UEAA@XZ
??4CXMBCChords@@QEAAXPEAV0@@Z
?SetAbort2OnMouseMove@CXMBCTimedClicks@@QEAAX_N@Z
?SetAbortOnMouseMove@CXMBCTimedClicks@@QEAAX_N@Z
?SetTime@CXMBCTimedClicks@@QEAAXHH@Z
?SetDescription@CXMBCTimedClicks@@QEAAXPEB_W@Z
?GetTime@CXMBCTimedClicks@@QEAAHH@Z
?GetDescription@CXMBCTimedClicks@@QEAAPEA_WXZ
?GetActionData@CXMBCTimedClick@@QEAAPEAVCActionData@@XZ
?GetTimedClick@CXMBCTimedClicks@@QEAAPEAVCXMBCTimedClick@@H@Z
?GetAction@CXMBCTimedClick@@QEAA?AW4_ACTIONS@@XZ
?GetEnabled@CXMBCTimedClicks@@QEAA_NH@Z
?GetReleaseOnUp@CXMBCTimedClicks@@QEAA_NXZ
?GetAbort2OnMouseMove@CXMBCTimedClicks@@QEAA_NXZ
?GetAbortOnMouseMove@CXMBCTimedClicks@@QEAA_NXZ
?Initialise@CXMBCTimedClicks@@QEAAXW4MouseButtons@@_N@Z
??4CXMBCTimedClicks@@QEAAXPEAV0@@Z
??1CXMBCTimedClicks@@UEAA@XZ
??0CXMBCTimedClicks@@QEAA@XZ
??1CMovement2Scroll@@QEAA@XZ
?SetMovement2Scroll@CActionData@@QEAAXPEAVCMovement2Scroll@@@Z
?GetMovement2Scroll@CActionData@@QEAAPEAVCMovement2Scroll@@XZ
?Copy@CMovement2Scroll@@QEAAXPEAV1@@Z
??0CMovement2Scroll@@QEAA@XZ
?OpenFolderAction@CActionData@@SAPEAV1@PEB_W@Z
?AppAction@CActionData@@SAPEAV1@PEB_W@Z
?KeyAction@CActionData@@SAPEAV1@PEB_WHHH_N1110@Z
?GetDescription@CActionData@@QEAAPEA_WXZ
?RandomiseDelay@CActionData@@QEAA_NXZ
?BlockMouseActive@CActionData@@QEAA_NXZ
?BlockMouse@CActionData@@QEAA_NXZ
?Active@CActionData@@QEAA_NXZ
?KeyRepeat@CActionData@@QEAAHXZ
?KeyAction@CActionData@@QEAAHXZ
?GetKeys@CActionData@@QEAAPEA_WXZ
?SetUnblockTime@CXMBCChords@@QEAAXH@Z
?SetUnblockAfterMovement@CXMBCChords@@QEAAX_N@Z
?SetUnblockAfterDelay@CXMBCChords@@QEAAX_N@Z
?SetDelayUntilChordKnown@CXMBCChords@@QEAAX_N@Z
?SetDescription@CXMBCChords@@QEAAXPEB_W@Z
?SetActionData@CXMBCChord@@QEAAXPEAVCActionData@@@Z
?GetDescription@CXMBCChords@@QEAAPEA_WXZ
?GetActionData@CXMBCChord@@QEAAPEAVCActionData@@XZ
?GetChord@CXMBCChords@@QEAAPEAVCXMBCChord@@W4MouseButtons@@@Z
?GetAction@CXMBCChord@@QEAA?AW4_ACTIONS@@XZ
?DelayUntilChordKnown@CXMBCChords@@QEAA_NXZ
?UnblockAfterDelay@CXMBCChords@@QEAA_NXZ
?UnblockTime@CXMBCChords@@QEAAHXZ
?UnblockAfterMovement@CXMBCChords@@QEAA_NXZ

kernel32

WritePrivateProfileStringW
GetPrivateProfileStringW
WriteProcessMemory
ReadProcessMemory
VirtualFreeEx
VirtualAllocEx
OpenProcess
GetCurrentProcess
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
OpenMutexW
MultiByteToWideChar
SizeofResource
LockResource
LoadResource
FindResourceW
GetLastError
GetTempPathW
GetFileAttributesW
DeleteFileW
Sleep
WideCharToMultiByte
lstrcpynW
GetCurrentThreadId
GetVersionExW
LoadLibraryW
GetProcAddress
FreeLibrary
FindNextFileW
FindClose
FindFirstFileW
WaitForSingleObject
GetTickCount
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateEventW
CloseHandle
GetExitCodeThread
ResumeThread
SetEvent
TerminateThread
ResetEvent
FileTimeToLocalFileTime
FileTimeToSystemTime
OutputDebugStringW
GetStringTypeW
LCMapStringW
GetCPInfo
RtlPcToFileHeader
RtlUnwindEx
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
WriteConsoleW
GetCommandLineW
HeapQueryInformation
VirtualAlloc
VirtualQuery
GetStdHandle
ExitProcess
GetFileType
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
GetDriveTypeW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
GetModuleHandleW
lstrcmpW
ReleaseMutex
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
GetUserDefaultLCID
SetErrorMode
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
GetCurrentDirectoryW
FindResourceExW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetThreadLocale
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFlags
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetPrivateProfileIntW
SystemTimeToTzSpecificLocalTime
lstrcmpA
VirtualProtect
LoadLibraryExW
GetSystemDirectoryW
EncodePointer
FormatMessageW
MulDiv
GetCurrentProcessId
GlobalUnlock
GlobalLock
FreeResource
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GetModuleHandleExW
SetLastError
OutputDebugStringA
GetACP
CopyFileW
MoveFileW
LocalFree
CreateNamedPipeW
LocalAlloc
ReadFile
ConnectNamedPipe
SetThreadPriority
GetCurrentThread
GetSystemInfo
GetProcessId
GetModuleFileNameW
WriteFile
WaitNamedPipeW
CreateFileW
DisconnectNamedPipe
GlobalFree
GlobalAlloc
CreateThread
GetProcessHeap
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
HeapFree
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
InitializeCriticalSectionAndSpinCount
CreateMutexW

user32

RealChildWindowFromPoint
CharUpperW
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
CharNextW
RegisterWindowMessageW
RegisterClipboardFormatW
PostQuitMessage
SetWindowContextHelpId
DestroyMenu
NotifyWinEvent
WindowFromPoint
MapDialogRect
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
IsDialogMessageW
SetDlgItemTextW
MonitorFromWindow
WinHelpW
GetClassLongPtrW
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
GetScrollPos
ValidateRect
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
IsIconic
IsChild
IsMenu
GetClassInfoW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
EndPaint
BeginPaint
TabbedTextOutW
GrayStringW
GetMenuStringW
GetLastActivePopup
GetActiveWindow
GetNextDlgTabItem
CreateDialogIndirectParamW
DestroyWindow
SendDlgItemMessageA
GetForegroundWindow
SetCursorPos
GetDoubleClickTime
CheckMenuItem
RemoveMenu
SetActiveWindow
DrawEdge
CreateIconIndirect
GetSystemMenu
GetWindowLongPtrW
EndDialog
GetDlgItem
SetWindowLongPtrW
EnableWindow
MessageBoxW
GetTopWindow
GetWindow
PostMessageW
SendMessageW
GetWindowThreadProcessId
IsWindowVisible
LoadIconW
GetClientRect
FindWindowExW
GetWindowTextW
EnumDesktopWindows
IsWindow
GetWindowRect
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetSystemMetrics
GetComboBoxInfo
MoveWindow
GetCapture
GetWindowLongW
SetWindowLongW
DrawStateW
InflateRect
OffsetRect
GetSysColor
GetFocus
FrameRect
GetCursorPos
ScreenToClient
RedrawWindow
InvalidateRect
UpdateWindow
GetParent
GetMonitorInfoW
MonitorFromPoint
CopyRect
SystemParametersInfoW
SetWindowRgn
DestroyIcon
FillRect
GetSysColorBrush
DrawTextExW
DrawIconEx
GetClassNameW
IsRectEmpty
PtInRect
SetRectEmpty
ReleaseCapture
SetFocus
SetCapture
GetDlgCtrlID
EqualRect
GetKeyState
IntersectRect
LoadImageW
SetCursor
LoadCursorW
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
AnimateWindow
GetIconInfo
KillTimer
SetTimer
GetDC
ReleaseDC
ClientToScreen
GetClassInfoExW
DefWindowProcW
RegisterClassExW
SetParent
GetDesktopWindow
SetRect
DrawFocusRect
GetWindowTextLengthW
SetWindowTextW
IsWindowEnabled
LoadMenuW
GetSubMenu
GetMenuItemCount
GetMenuItemID
ModifyMenuW
EnableMenuItem
GetAsyncKeyState
LoadBitmapW
GetCursor
CreatePopupMenu
AppendMenuW
ShowWindow
GetWindowDC
wsprintfW
RegisterHotKey
UnregisterHotKey
GetMessageW
TranslateMessage
DispatchMessageW
PostThreadMessageW
UnregisterClassW
CreateWindowExW
MessageBeep
SetWindowPos
GetThreadDesktop
FindWindowW
SetLayeredWindowAttributes
DrawTextW
GetAncestor
SetForegroundWindow
LockWindowUpdate
GetScrollBarInfo
ShowScrollBar
DialogBoxIndirectParamW
DialogBoxParamW

gdi32

EnumFontFamiliesExW
GetDIBits
SetDIBits
CreateDIBSection
PatBlt
Ellipse
DeleteDC
CreateBitmap
Escape
GetViewportExtEx
GetWindowExtEx
LineTo
PtVisible
RectVisible
BeginPath
SaveDC
ExtSelectClipRgn
SetMapMode
CreateFontW
GetLayout
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
SetTextColor
SetBkColor
GetClipBox
Rectangle
CreatePen
GetDeviceCaps
GetTextMetricsW
SelectObject
GetTextExtentPoint32W
CreateCompatibleBitmap
CreateCompatibleDC
SetPixel
SelectClipRgn
CreateSolidBrush
GetCurrentObject
GetStockObject
CreateFontIndirectW
DeleteObject
SetBkMode
SelectClipPath
SetLayout
EndPath
CreateRoundRectRgn
CreateRectRgnIndirect
GetObjectW
RestoreDC
ScaleViewportExtEx
ScaleWindowExtEx
GetMapMode
GetRgnBox
GetTextColor
GetBkColor
BitBlt

msimg32

GradientFill
TransparentBlt

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegCreateKeyExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
GetUserNameW

shell32

ExtractIconExW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
FindExecutableW
SHGetFolderPathW
ord680
Shell_NotifyIconW
ShellExecuteW

comctl32

ord17
ImageList_GetIconSize
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_GetIcon
InitCommonControlsEx

shlwapi

PathFileExistsW
PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW

uxtheme

EnableThemeDialogTexture
IsThemeActive
OpenThemeData
CloseThemeData
SetWindowTheme
GetThemePartSize
IsAppThemed
DrawThemeBackground

ole32

CoUninitialize
CoTaskMemFree
CoInitialize
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoInitializeEx
CoTaskMemAlloc
CoInitializeSecurity

oleaut32

VariantInit
VariantClear
VariantChangeType
SysAllocString
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysAllocStringLen
VariantCopy
OleCreateFontIndirect
SysFreeString

oledlg

OleUIBusyW

urlmon

URLDownloadToFileW

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 896KB - Virtual size: 896KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 525KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XMouseButtonHook.dll
.dll windows:5 windows x64 arch:x64

8baa8a2fe62c6a345409744c630dc736

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31/05/2021, 06:43

Not After

17/09/2029, 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:d4:ae:70:b9:d0:63:5b:2a:e9:84:c8:d6:74:aa:30
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

28/07/2022, 08:56

Not After

27/07/2033, 08:56

Subject

CN=Certum Timestamp 2022,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:ce:cf:c8:de:5e:5f:86:d9:87:91:b6:cf:86:a7:ce
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

04/04/2022, 12:22

Not After

04/04/2023, 12:22

Subject

CN=Open Source Developer\, Phillip Gibbons,O=Open Source Developer,ST=Berkshire,C=GB,1.2.840.113549.1.9.1=#0c127068696c406869676872657a2e636f2e756b

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:c7:77:e5:47:c1:b1:ed:ac:2d:f9:ed:fd:4d:05:5b:d2:2d:6f:d2
Signer

Actual PE Digest

04:c7:77:e5:47:c1:b1:ed:ac:2d:f9:ed:fd:4d:05:5b:d2:2d:6f:d2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\My Documents\Visual Studio 2015\Projects\XMBC\XMouseButtonControl.root\XMBC\Bin\x64\Release\XMouseButtonHookFull.pdb

Imports

psapi

EnumProcesses
EnumProcessModules
GetModuleFileNameExW
GetProcessImageFileNameW

bugtrapu-x64

BT_SetSupportServer
BT_SetSupportURL
BT_SetFlags
BT_SetPreErrHandler
BT_SetPostErrHandler
BT_UninstallSehFilter
BT_SetSupportEMail
BT_SetAppVersion
BT_SetAppName
BT_InstallSehFilter
BT_AddLogFile
BT_CallCppFilter
BT_SetNotificationEMail

msimg32

TransparentBlt

kernel32

Sleep
WaitForSingleObject
TerminateThread
GetExitCodeThread
SetLastError
GetCurrentThread
SetThreadPriority
GlobalAlloc
GlobalLock
GlobalUnlock
RaiseException
DecodePointer
GetModuleHandleW
GetProcAddress
GetVersionExW
GetCurrentProcess
GetProcessId
FreeLibrary
OpenProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CreateEventW
SetPriorityClass
ExitProcess
LoadLibraryW
GetTempPathW
FindFirstFileW
FindClose
GetModuleFileNameW
GetFileAttributesW
CreateDirectoryW
CreateTimerQueueTimer
DeleteTimerQueueTimer
LocalAlloc
SetEvent
TerminateProcess
GetSystemDirectoryW
QueryPerformanceCounter
QueryPerformanceFrequency
WideCharToMultiByte
CloseHandle
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
GetProcessHeap
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetConsoleMode
GetConsoleCP
HeapSize
GetFileType
GetStdHandle
GetACP
GetModuleFileNameA
HeapReAlloc
HeapAlloc
HeapFree
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
InterlockedFlushSList
LoadLibraryExW
RtlUnwindEx
RtlPcToFileHeader
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
ResetEvent
IsDebuggerPresent
GetSystemTimeAsFileTime
TlsFree
SetEndOfFile
TlsSetValue
TlsGetValue
TlsAlloc
GetLocaleInfoW
LCMapStringW
CompareStringW
GetCPInfo
EncodePointer
GetStringTypeW
MultiByteToWideChar
ReadFile
SetFilePointerEx
GetFileSizeEx
CreateFileW
LocalFree
FormatMessageW
WriteFile
SetFilePointer
GetTickCount
TryEnterCriticalSection
GetLocalTime
FlushFileBuffers
LeaveCriticalSection
DeleteCriticalSection
EnterCriticalSection
OutputDebugStringW
InitializeCriticalSection
GetComputerNameW
GetCurrentThreadId
GetLastError
InitializeCriticalSectionAndSpinCount

user32

FindWindowW
GetFocus
LoadKeyboardLayoutW
GetKeyboardLayoutList
SetCapture
ReleaseCapture
IsChild
GetScrollInfo
EnumDisplayMonitors
SwitchToThisWindow
MessageBeep
SystemParametersInfoW
GetAncestor
GetClassNameW
RegisterWindowMessageW
PostMessageW
DestroyCursor
GetMonitorInfoW
SetWindowsHookExW
UnhookWindowsHookEx
ClipCursor
UnionRect
GetClipboardData
GetWindowLongPtrW
LockWorkStation
ActivateKeyboardLayout
GetWindowTextW
GetWindow
GetGUIThreadInfo
GetWindowThreadProcessId
SendMessageTimeoutW
GetAsyncKeyState
CallNextHookEx
GetDoubleClickTime
SetWindowPos
EnumChildWindows
GetWindowLongW
GetParent
IsWindowVisible
PtInRect
IsWindow
MonitorFromPoint
GetDesktopWindow
WindowFromPoint
ChildWindowFromPointEx
ScreenToClient
DispatchMessageW
TranslateMessage
CopyImage
SetTimer
KillTimer
VkKeyScanW
OemKeyScan
VkKeyScanExW
GetKeyboardLayout
CharToOemW
GetKeyState
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
SendMessageW
ShowWindow
FindWindowExW
MessageBoxW
GetMessageW
MapVirtualKeyW
MapVirtualKeyExW
SendInput
GetWindowRect
ClientToScreen
GetForegroundWindow
SetCursorPos
GetCursorPos
PostThreadMessageW
LoadCursorW
SetSystemCursor
DestroyIcon
CreateIconIndirect
DrawIconEx
GetIconInfo
FillRect
ReleaseDC
GetSystemMetrics
GetDC
CopyIcon
LoadImageW
UnloadKeyboardLayout

gdi32

DeleteObject
CreateDIBSection
CreateCompatibleDC
GetTextExtentPointW
SetBkColor
RoundRect
GetObjectW
GetDIBits
CreateBitmap
GetDeviceCaps
CreateSolidBrush
SetBkMode
SetTextColor
CreateFontIndirectW
TextOutW
DeleteDC
SelectObject
CreatePen
Ellipse
Rectangle

advapi32

GetSidSubAuthorityCount
GetSidSubAuthority
GetTokenInformation
OpenProcessToken
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
GetUserNameW

shell32

ShellExecuteExW

ole32

CoUninitialize
CoInitializeEx
CoSetProxyBlanket
CoCreateInstance
CoCreateGuid

oleaut32

VariantClear
SysFreeString
SysAllocString
VariantInit

shlwapi

PathFileExistsW

Exports

Exports

??0CActionData@@AEAA@XZ
??0CActionData@@QEAA@AEBV0@@Z
??0CApplicationSettings@@QEAA@AEBV0@@Z
??0CApplicationSettings@@QEAA@PEAVCSettings@@_NH@Z
??0CAudioNotificationClient@@QEAA@AEBV0@@Z
??0CAudioNotificationClient@@QEAA@XZ
??0CBrightness@@QEAA@PEAUHWND__@@@Z
??0CHotKeys@@QEAA@AEBV0@@Z
??0CHotKeys@@QEAA@XZ
??0CHotkey@@QEAA@AEBV0@@Z
??0CHotkey@@QEAA@H@Z
??0CIcon@@QEAA@AEBV0@@Z
??0CIcon@@QEAA@IPEB_WHHPEAUHWND__@@_N@Z
??0CIcon@@QEAA@IPEB_WUtagPOINT@@PEAUHWND__@@_N@Z
??0CIconSettings@@QEAA@AEBV0@@Z
??0CIconSettings@@QEAA@XZ
??0CInternalVolumeNotification@@QEAA@$$QEAV0@@Z
??0CInternalVolumeNotification@@QEAA@AEBV0@@Z
??0CInternalVolumeNotification@@QEAA@XZ
??0CLayerModifierKeys@@QEAA@AEBV0@@Z
??0CLayerModifierKeys@@QEAA@XZ
??0CLockAxis@@QEAA@AEBV0@@Z
??0CLockAxis@@QEAA@XZ
??0CMouseInfo@@QEAA@QEAH@Z
??0CMouseInfo@@QEAA@XZ
??0CMovement2Scroll@@QEAA@PEAV0@@Z
??0CMovement2Scroll@@QEAA@W4_ACTIONS@@@Z
??0CMovement2Scroll@@QEAA@XZ
??0CMyRegKey@@QEAA@PEB_WPEAUHKEY__@@K@Z
??0CSettings@@QEAA@AEBV0@@Z
??0CSettings@@QEAA@_NVCMouseInfo@@@Z
??0CThreadLock@@QEAA@PEAU_RTL_CRITICAL_SECTION@@PEB_W@Z
??0CThreadLock@@QEAA@PEB_W@Z
??0CVolumeManager@@QEAA@AEBV0@@Z
??0CVolumeManager@@QEAA@_N@Z
??0CVolumeNotification@@QEAA@AEBV0@@Z
??0CVolumeNotification@@QEAA@PEAUHWND__@@@Z
??0CXMBCChord@@QEAA@AEBV0@@Z
??0CXMBCChord@@QEAA@XZ
??0CXMBCChords@@QEAA@AEAV0@@Z
??0CXMBCChords@@QEAA@XZ
??0CXMBCTimedClick@@QEAA@AEBV0@@Z
??0CXMBCTimedClick@@QEAA@XZ
??0CXMBCTimedClicks@@QEAA@AEAV0@@Z
??0CXMBCTimedClicks@@QEAA@XZ
??0ExceptionHandlerInstaller@@QEAA@AEBV0@@Z
??0ExceptionHandlerInstaller@@QEAA@XZ
??0InvalidParameterInstaller@@QEAA@XZ
??1CActionData@@UEAA@XZ
??1CApplicationSettings@@UEAA@XZ
??1CAudioNotificationClient@@AEAA@XZ
??1CBrightness@@QEAA@XZ
??1CHotKeys@@UEAA@XZ
??1CHotkey@@UEAA@XZ
??1CIcon@@UEAA@XZ
??1CIconSettings@@UEAA@XZ
??1CLayerModifierKeys@@UEAA@XZ
??1CLockAxis@@UEAA@XZ
??1CMovement2Scroll@@QEAA@XZ
??1CMyRegKey@@QEAA@XZ
??1CSettings@@UEAA@XZ
??1CThreadLock@@QEAA@XZ
??1CVolumeManager@@UEAA@XZ
??1CVolumeNotification@@EEAA@XZ
??1CXMBCChord@@UEAA@XZ
??1CXMBCChords@@UEAA@XZ
??1CXMBCTimedClick@@UEAA@XZ
??1CXMBCTimedClicks@@UEAA@XZ
??1ExceptionHandlerInstaller@@UEAA@XZ
??1InvalidParameterInstaller@@QEAA@XZ
??4CActionData@@QEAAAEAV0@AEBV0@@Z
??4CApplicationSettings@@QEAAAEAV0@AEBV0@@Z
??4CAudioNotificationClient@@QEAAAEAV0@AEBV0@@Z
??4CBrightness@@QEAAAEAV0@AEBV0@@Z
??4CHotKeys@@QEAAAEAV0@AEBV0@@Z
??4CHotkey@@QEAAAEAV0@AEBV0@@Z
??4CIcon@@QEAAAEAV0@AEBV0@@Z
??4CIconSettings@@QEAAAEAV0@AEBV0@@Z
??4CInternalVolumeNotification@@QEAAAEAV0@$$QEAV0@@Z
??4CInternalVolumeNotification@@QEAAAEAV0@AEBV0@@Z
??4CLayerModifierKeys@@QEAAAEAV0@AEBV0@@Z
??4CLockAxis@@QEAAAEAV0@AEBV0@@Z
??4CLogger@@QEAAAEAV0@$$QEAV0@@Z
??4CLogger@@QEAAAEAV0@AEBV0@@Z
??4CMouseInfo@@QEAAAEAV0@$$QEAV0@@Z
??4CMouseInfo@@QEAAAEAV0@AEBV0@@Z
??4CMovement2Scroll@@QEAAAEAV0@AEBV0@@Z
??4CMyRegKey@@QEAAAEAV0@AEBV0@@Z
??4CSettings@@QEAAAEAV0@AEBV0@@Z
??4CThreadLock@@QEAAAEAV0@AEBV0@@Z
??4CVolumeManager@@QEAAAEAV0@AEBV0@@Z
??4CVolumeNotification@@QEAAAEAV0@AEBV0@@Z
??4CXMBCChord@@QEAAXAEAV0@@Z
??4CXMBCChord@@QEAAXPEAV0@@Z
??4CXMBCChords@@QEAAAEAV0@AEAV0@@Z
??4CXMBCChords@@QEAAXPEAV0@@Z
??4CXMBCTimedClick@@QEAAXAEAV0@@Z
??4CXMBCTimedClick@@QEAAXPEAV0@@Z
??4CXMBCTimedClicks@@QEAAAEAV0@AEAV0@@Z
??4CXMBCTimedClicks@@QEAAXPEAV0@@Z
??4ExceptionHandlerInstaller@@QEAAAEAV0@AEBV0@@Z
??4InvalidParameterInstaller@@QEAAAEAV0@AEBV0@@Z
??_7CActionData@@6B@
??_7CApplicationSettings@@6B@
??_7CAudioNotificationClient@@6B@
??_7CHotKeys@@6B@
??_7CHotkey@@6B@
??_7CIcon@@6B@
??_7CIconSettings@@6B@
??_7CInternalVolumeNotification@@6B@
??_7CLayerModifierKeys@@6B@
??_7CLockAxis@@6B@
??_7CSettings@@6B@
??_7CVolumeManager@@6B@
??_7CVolumeNotification@@6B@
??_7CXMBCChord@@6B@
??_7CXMBCChords@@6B@
??_7CXMBCTimedClick@@6B@
??_7CXMBCTimedClicks@@6B@
??_7ExceptionHandlerInstaller@@6B@
?Abort@CXMBCTimedClicks@@QEAAXUtagPOINT@@_N@Z
?Action@CActionData@@QEAA?AW4_ACTIONS@@XZ
?ActivateOnHover@CApplicationSettings@@QEAAX_N@Z
?ActivateOnHover@CApplicationSettings@@QEAA_NXZ
?Active@CActionData@@QEAA_NXZ
?AddApplication@CSettings@@QEAA_NPEAVCApplicationSettings@@@Z
?AddCallback@CAudioNotificationClient@@QEAAXPEAVCInternalVolumeNotification@@@Z
?AddFiles@ExceptionHandlerInstaller@@SAXXZ
?AddIcon@CIconSettings@@QEAAHPEAVCIcon@@@Z
?AddRef@CAudioNotificationClient@@UEAAKXZ
?AddRef@CVolumeNotification@@UEAAKXZ
?AdvScrollHorizontal@CApplicationSettings@@QEAAHXZ
?AdvScrollMethod@CApplicationSettings@@QEAAHXZ
?AdvScrollVertical@CApplicationSettings@@QEAAHXZ
?AppAction@CActionData@@SAPEAV1@PEB_W@Z
?AxisLocking@CApplicationSettings@@QEAA_NXZ
?BlockMouse@CActionData@@QEAA_NXZ
?BlockMouse@CApplicationSettings@@QEAA_NHH@Z
?BlockMouse@CXMBCChord@@QEAA_NXZ
?BlockMouse@CXMBCTimedClick@@QEAA_NXZ
?BlockMouseActive@CActionData@@QEAA_NXZ
?BlockMouseActive@CApplicationSettings@@QEAA_NHH@Z
?BlockMouseActive@CXMBCChord@@QEAA_NXZ
?BlockMouseActive@CXMBCTimedClick@@QEAA_NXZ
?CalculateKeystrokesWaitHoldTime@CApplicationSettings@@SAHPEB_WH@Z
?CancelChord@CXMBCChord@@QEAAXXZ
?ChangeCursor@CApplicationSettings@@QEAAX_N@Z
?ChangeCursor@CApplicationSettings@@QEAA_NXZ
?ChangeCursor@CLockAxis@@QEAAXPEAVCSPIThread@@PEAUHICON__@@H@Z
?ChangeCursor@CLockAxis@@QEAAXPEAVCSPIThread@@PEAVCApplicationSettings@@H_N2@Z
?ChangeVolume@CVolumeManager@@QEAA_NM@Z
?CheckAbort@CXMBCTimedClicks@@QEAAXUtagPOINT@@@Z
?CheckBetaVersionEnabled@@YA_NXZ
?CheckVersionDays@@YAHXZ
?CheckVersionEnabled@@YA_NXZ
?ChordCancelled@CXMBCChord@@QEAA_NXZ
?ChordedAction@CActionData@@SAPEAV1@AEAVCXMBCChords@@@Z
?ChordingOccurred@CXMBCChord@@QEAA_NXZ
?Clear@CActionData@@QEAAXXZ
?ClearApplications@CSettings@@QEAAXXZ
?ClearChordedFlag@CXMBCChord@@QEAAXXZ
?ClearIcons@CIconSettings@@QEAAHXZ
?ClearString@CApplicationSettings@@SAPEA_WAEAPEA_W@Z
?ClipMouse@CApplicationSettings@@QEAA_NXZ
?CloseLogFile@CLogger@@SAX_N@Z
?Copy@CApplicationSettings@@QEAAXPEAV1@@Z
?Copy@CMovement2Scroll@@QEAAXPEAV1@@Z
?CopyChords@CApplicationSettings@@QEAAXHHPEAVCXMBCChords@@@Z
?CopyMovement2Scrolls@CApplicationSettings@@QEAAXHHPEAVCMovement2Scroll@@@Z
?CopyString@CApplicationSettings@@SAPEA_WAEAPEA_WPEB_W_N@Z
?CopyTimedClicks@CApplicationSettings@@QEAAXHHPEAVCXMBCTimedClicks@@@Z
?CreateFolder@@YA_NPEB_W@Z
?CreateKey@CMyRegKey@@QEAAHPEB_WPEAUHKEY__@@@Z
?CustomAction@CActionData@@SAPEAV1@HPEB_WHHH_N11100PEAVCXMBCChords@@PEAVCMovement2Scroll@@PEAVCXMBCTimedClicks@@@Z
?CycleCursorSpeed@@YAXXZ
?DebugEnabled@CLogger@@SA_NXZ
?DebugOutput@CLogger@@SAXPEB_WZZ
?DefaultRepeat@CApplicationSettings@@SAKXZ
?DelayUntilChordKnown@CXMBCChords@@QEAA_NXZ
?DeleteApplications@CSettings@@AEAAX_N@Z
?DeleteCS@CThreadLock@@SAXXZ
?DeleteValue@CMyRegKey@@QEAAHPEB_W@Z
?DestroyCursors@CLockAxis@@QEAAXXZ
?DisableBanner@CLogger@@SAXXZ
?DisableLogging@CLogger@@SAX_N@Z
?DisplayChanged@@YAXXZ
?Down@CBrightness@@QEAAXAEBUtagPOINT@@@Z
?EnableDebug@CLogger@@SAX_N@Z
?EnableProfileScript@CApplicationSettings@@QEAAX_N@Z
?EnhancePointerPrecision@CApplicationSettings@@QEAAX_N@Z
?EnhancePointerPrecision@CApplicationSettings@@QEAA_NXZ
?EnhancePointerPrecision@CMouseInfo@@QEAA_NXZ
?EnterCS@CThreadLock@@SA_NPEB_W@Z
?ExecuteTimer@CXMBCTimedClicks@@QEAAXXZ
?Export@CSettings@@QEAA_NPEAVCApplicationSettings@@PEB_W@Z
?FlushLog@CLogger@@SAXXZ
?ForceSPIMessage@CApplicationSettings@@QEAA_NXZ
?GetAbort2OnMouseMove@CXMBCTimedClicks@@QEAA_NXZ
?GetAbortOnMouseMove@CXMBCTimedClicks@@QEAA_NXZ
?GetAborted@CXMBCTimedClicks@@QEAA_NXZ
?GetAction@CXMBCChord@@QEAA?AW4_ACTIONS@@XZ
?GetAction@CXMBCTimedClick@@QEAA?AW4_ACTIONS@@XZ
?GetActionData@CApplicationSettings@@QEAAPEAVCActionData@@HH@Z
?GetActionData@CMovement2Scroll@@QEAAPEAVCActionData@@XZ
?GetActionData@CXMBCChord@@QEAAPEAVCActionData@@XZ
?GetActionData@CXMBCTimedClick@@QEAAPEAVCActionData@@XZ
?GetActionDescription@CApplicationSettings@@QEAAPEA_WHH@Z
?GetActionString@CApplicationSettings@@AEAA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@W4MouseButtons@@H@Z
?GetActions@CApplicationSettings@@QEAA?AW4_ACTIONS@@HH_N@Z
?GetAlwaysShowOSD@@YA_NXZ
?GetApplication@CActionData@@QEAAPEA_WXZ
?GetApplication@CApplicationSettings@@QEAAPEB_WXZ
?GetApplication@CSettings@@QEAAPEAVCApplicationSettings@@H@Z
?GetApplication@CSettings@@QEAAPEAVCApplicationSettings@@PEB_W@Z
?GetApplicationCount@CSettings@@QEAAHXZ
?GetApplications@CSettings@@QEAAPEAV?$list@PEAVCApplicationSettings@@V?$allocator@PEAVCApplicationSettings@@@std@@@std@@XZ
?GetAutoSwitchLayer@CApplicationSettings@@QEAAHH@Z
?GetAutoSwitchTime@CApplicationSettings@@QEAANH@Z
?GetAxisLocked@CMovement2Scroll@@QEAAHXZ
?GetBrightness@CBrightness@@AEAAHXZ
?GetButtonUpCount@CMovement2Scroll@@QEAAHXZ
?GetCaption@CApplicationSettings@@QEAAPEB_WXZ
?GetChord@CXMBCChords@@QEAAPEAVCXMBCChord@@W4MouseButtons@@@Z
?GetChordButton@CApplicationSettings@@QEAA?AW4MouseButtons@@H@Z
?GetChordSourceButton@CXMBCChord@@QEAA?AW4MouseButtons@@XZ
?GetChordUsed@CXMBCChord@@QEAA_NXZ
?GetChordedButton@CXMBCChord@@QEAA?AW4MouseButtons@@XZ
?GetChords@CActionData@@QEAAPEAVCXMBCChords@@XZ
?GetChords@CApplicationSettings@@QEAAPEAVCXMBCChords@@HH@Z
?GetClass@CApplicationSettings@@QEAAPEB_WXZ
?GetClickAction@CXMBCTimedClicks@@QEAAPEAVCXMBCTimedClick@@XZ
?GetCount@CIconSettings@@QEAAHXZ
?GetCurrentChords@CXMBCChord@@QEAAPEAVCXMBCChords@@XZ
?GetCurrentLayer@@YAHXZ
?GetCurrentProcessName@@YAHPEA_WAEAH@Z
?GetCursor@CApplicationSettings@@QEAAPEB_WXZ
?GetCustomApplications@CSettings@@QEAAPEAV?$list@PEAVCApplicationSettings@@V?$allocator@PEAVCApplicationSettings@@@std@@@std@@XZ
?GetCycleCursorSpeed@@YAHXZ
?GetDebug@@YA_NXZ
?GetDefaultApp@CSettings@@QEAAPEAVCApplicationSettings@@XZ
?GetDefaultLogFolder@@YA_NPEA_WK@Z
?GetDefaultSettingsFile@@YAHPEA_W_K@Z
?GetDescription@CActionData@@QEAAPEA_WXZ
?GetDescription@CApplicationSettings@@QEAAPEB_WXZ
?GetDescription@CXMBCChords@@QEAAPEA_WXZ
?GetDescription@CXMBCTimedClicks@@QEAAPEA_WXZ
?GetDisableLayerModifier@CApplicationSettings@@QEAA_NXZ
?GetDisableMouseOver@CApplicationSettings@@QEAA_NXZ
?GetDisableScrollUnderCursor@CApplicationSettings@@QEAA_NXZ
?GetEXEFolder@@YAHPEA_W_K@Z
?GetEnableOSD@@YA_NXZ
?GetEnabled@CXMBCTimedClicks@@QEAA_NH@Z
?GetFilename@CSettings@@QEAAPEB_WXZ
?GetFullName@CApplicationSettings@@QEAAPEB_WXZ
?GetHooked@@YA_NXZ
?GetHooktimeoutValue@@YAKXZ
?GetHotKeys@CSettings@@QEAAPEAVCHotKeys@@XZ
?GetHotkey@CHotKeys@@QEAAPEAVCHotkey@@W4GlobalHotkeys@@@Z
?GetHotkey@CHotkey@@QEAAKXZ
?GetHotkey@CLayerModifierKeys@@QEAAPEAVCHotkey@@W4ModifierKeys@@@Z
?GetHotkeys@@YAPEAVCHotKeys@@XZ
?GetIcon@CIconSettings@@QEAAPEAVCIcon@@H@Z
?GetIgnoreHScroll@CApplicationSettings@@QEAA_NXZ
?GetIgnoreHScrollTime@CApplicationSettings@@QEAAHXZ
?GetIgnoreVScroll@CApplicationSettings@@QEAA_NXZ
?GetIgnoreVScrollTime@CApplicationSettings@@QEAAHXZ
?GetIndex@CApplicationSettings@@QEAAHXZ
?GetKey@CApplicationSettings@@QEAA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
?GetKeys@CActionData@@QEAAPEA_WXZ
?GetKeys@CXMBCChord@@QEAAPEB_WXZ
?GetKeys@CXMBCTimedClick@@QEAAPEB_WXZ
?GetKeystrokes@CApplicationSettings@@QEAAPEA_WHH@Z
?GetKeystrokesWaitHoldTime@CActionData@@QEAAHH@Z
?GetKeystrokesWaitHoldTime@CApplicationSettings@@QEAAHHHH@Z
?GetLanguage@CSettings@@QEAAPEB_WXZ
?GetLanguageFile@@YA_NPEA_WH@Z
?GetLastUpdateCheck@@YAHXZ
?GetLaunchApp@CApplicationSettings@@QEAAPEA_WHH@Z
?GetLaunchApp@CXMBCChord@@QEAAPEB_WXZ
?GetLaunchApp@CXMBCTimedClick@@QEAAPEB_WXZ
?GetLayerDisabled@CApplicationSettings@@QEAA_NH@Z
?GetLayerDisabledNextPrev@CApplicationSettings@@QEAA_NH_N@Z
?GetLayerModifierKeys@CSettings@@QEAAPEAVCLayerModifierKeys@@XZ
?GetLayerName@CApplicationSettings@@QEAAPEA_WH@Z
?GetLayername@@YAPEB_WH@Z
?GetLock@CLogger@@SA_NXZ
?GetLogFile@@YAHPEA_W_K_N@Z
?GetLogFolder@@YAHPEA_W_K_N@Z
?GetLogicalCursorPos@@YAHPEAUHWND__@@PEAUtagPOINT@@@Z
?GetMatchType@CApplicationSettings@@QEAAHXZ
?GetModifier@CHotkey@@QEAAGXZ
?GetMouseButton@CMovement2Scroll@@QEAA?AW4MouseButtons@@XZ
?GetMouseInfo@CMouseInfo@@QEAAXAEAY02H@Z
?GetMouseSpeed@CApplicationSettings@@QEAAHXZ
?GetMouseSpeed@CMouseInfo@@QEAAHXZ
?GetMovement2Scroll@CActionData@@QEAAPEAVCMovement2Scroll@@XZ
?GetMovement2Scroll@CApplicationSettings@@QEAAPEAVCMovement2Scroll@@HH@Z
?GetName@CIcon@@QEAAPEB_WXZ
?GetOSVersion@@YA?AW4_ActionOSVersion@@XZ
?GetOfficeMouse@@YA_NXZ
?GetParentClass@CApplicationSettings@@QEAAPEB_WXZ
?GetPhysCursorPos@@YAHPEAUtagPOINT@@@Z
?GetPortable@@YA_NXZ
?GetPosition@CIcon@@QEAA?AUtagPOINT@@XZ
?GetProcessIntegrityLevel@@YAHKPEAX@Z
?GetProcessedDown@CXMBCTimedClick@@QEAA_NXZ
?GetProcessedUp@CXMBCTimedClick@@QEAA_NXZ
?GetProfileChangeScript@CApplicationSettings@@QEAAPEB_WXZ
?GetProfileWindow@@YAPEAUHWND__@@XZ
?GetReinstallOnResume@@YA_NXZ
?GetReleaseOnUp@CXMBCTimedClicks@@QEAA_NXZ
?GetResetKeys@CApplicationSettings@@QEAA_NHH@Z
?GetRevertLayer1@CApplicationSettings@@QEAA_NH@Z
?GetSettingsFile@@YAHPEA_W_K_NAEA_N@Z
?GetSettingsFolder@@YAHPEA_W_K@Z
?GetShortName@CApplicationSettings@@QEAAHPEA_WH@Z
?GetShowIcon@@YA_NXZ
?GetStartupMouseInfo@@YAAEBVCMouseInfo@@XZ
?GetStuckKeys@CApplicationSettings@@QEAAPEB_WHH@Z
?GetTime@CXMBCTimedClicks@@QEAAHH@Z
?GetTimedClick@CXMBCTimedClicks@@QEAAPEAVCXMBCTimedClick@@H@Z
?GetTimedClicks@CActionData@@QEAAPEAVCXMBCTimedClicks@@XZ
?GetTimedClicks@CApplicationSettings@@QEAAPEAVCXMBCTimedClicks@@HH@Z
?GetUseWhenDisabled@CHotkey@@QEAAHXZ
?GetUseWindowArea@CApplicationSettings@@QEAA_NXZ
?GetValue@CMyRegKey@@QEAAHPEB_WPEAK@Z
?GetValue@CMyRegKey@@QEAAHPEB_WPEAKPEAPEAE1@Z
?GetValue@CMyRegKey@@QEAAHPEB_WPEA_WK@Z
?GetVirtualKey@CHotkey@@QEAAGXZ
?GetVolume@CVolumeManager@@QEAAMXZ
?GetWin81CursorPos@@YAHPEAUtagPOINT@@@Z
?GetWindowArea@CApplicationSettings@@QEAA?AUtagRECT@@XZ
?GetWindowMask@CApplicationSettings@@QEAA?AW4WINDOWMASK@@XZ
?HookToggleXAxisInvert@@YAXXZ
?HookToggleXAxisLock@@YAXXZ
?HookToggleYAxisInvert@@YAXXZ
?HookToggleYAxisLock@@YAXXZ
?IPHandler@InvalidParameterInstaller@@CAXPEB_W00I_K@Z
?Import@CSettings@@QEAAHPEB_WPEAUHWND__@@0PEAPEAVCApplicationSettings@@@Z
?IncButtonUpCount@CMovement2Scroll@@QEAAXXZ
?Index@CIcon@@QEAAIXZ
?Init@CLockAxis@@QEAAXXZ
?InitCursors@CLockAxis@@QEAAXPEAUHINSTANCE__@@@Z
?InitGlobalCS@CThreadLock@@SAXXZ
?InitScalingFunctions@@YAXXZ
?Initialise@CLogger@@SAXXZ
?Initialise@CVolumeManager@@AEAAXXZ
?Initialise@CXMBCTimedClick@@QEAAXW4MouseButtons@@H_N@Z
?Initialise@CXMBCTimedClicks@@QEAAXW4MouseButtons@@_N@Z
?InternalLockXY@CLockAxis@@QEAAXXZ
?InternalUnlockXY@CLockAxis@@QEAAXXZ
?InvertHorizontal@CMovement2Scroll@@QEAA_NXZ
?InvertVertical@CMovement2Scroll@@QEAA_NXZ
?InvertX@CLockAxis@@QEAAXXZ
?InvertXY@CLockAxis@@QEAAXXZ
?InvertY@CLockAxis@@QEAAXXZ
?InvertedHorzScrolling@CApplicationSettings@@QEAA_NXZ
?InvertedScrolling@CApplicationSettings@@QEAA_NXZ
?IsButtonBlocked@CMovement2Scroll@@QEAA_NXZ
?IsCustomWindow@CApplicationSettings@@QEAA_NXZ
?IsDefault@CApplicationSettings@@QEAA_NXZ
?IsDesktopLocked@@YA_NXZ
?IsEnabled@CApplicationSettings@@QEAA_NXZ
?IsExtended@CHotkey@@QEAA_NXZ
?IsGadget@CIcon@@QEAA_NXZ
?IsInverted@CLockAxis@@QEAA_NXZ
?IsProfileScriptEnabled@CApplicationSettings@@QEAA_NXZ
?IsSticky@CMovement2Scroll@@QEAA_NXZ
?IsStickyBlock@CMovement2Scroll@@QEAA_NXZ
?IsValid@CMyRegKey@@QEAAHXZ
?IsXInverted@CLockAxis@@QEAA_NXZ
?IsXMBCDisabled@@YA_N_N@Z
?IsYInverted@CLockAxis@@QEAA_NXZ
?KeyAction@CActionData@@QEAAHXZ
?KeyAction@CActionData@@SAPEAV1@PEB_WHHH_N1110@Z
?KeyExists@CMyRegKey@@QEAAHPEB_W@Z
?KeyRepeat@CActionData@@QEAAHXZ
?KillTimerThreadTimers@@YAXXZ
?LastMTSMoved@CMovement2Scroll@@QEAA_NXZ
?LeaveCS@CThreadLock@@SAXXZ
?LeftClickCycleLayer@@YA_NXZ
?Load@CApplicationSettings@@QEAA_NAEAVxml_node@pugi@@HAEA_NAEAH@Z
?Load@CMovement2Scroll@@QEAA_NAEAVxml_node@pugi@@H@Z
?Load@CSettings@@QEAA_NPEB_WAEA_N_N@Z
?Load@CXMBCChord@@QEAA_NAEAVxml_node@pugi@@H@Z
?Load@CXMBCChords@@QEAA_N_NAEAVxml_node@pugi@@H@Z
?Load@CXMBCTimedClick@@QEAA_NW4MouseButtons@@H_NAEAVxml_node@pugi@@H@Z
?Load@CXMBCTimedClicks@@QEAA_NW4MouseButtons@@_NAEAVxml_node@pugi@@H@Z
?LoadDefault@CApplicationSettings@@QEAA_NAEAVxml_node@pugi@@HAEAH@Z
?LoadIcons@CIconSettings@@QEAAHPEB_W@Z
?LoadIcons@CIconSettings@@QEAAHXZ
?LockCycle@CLockAxis@@QEAAXPEAVCSPIThread@@HPEAVCSettings@@PEAVCApplicationSettings@@_N@Z
?LockToAxis@CLockAxis@@QEAAXPEAVCSPIThread@@H_N@Z
?LockX@CLockAxis@@QEAAXPEAVCSPIThread@@H_N1@Z
?LockXY@CLockAxis@@QEAAXPEAVCSPIThread@@H_N@Z
?LockY@CLockAxis@@QEAAXPEAVCSPIThread@@H_N1@Z
?Locked@CLockAxis@@QEAA_NXZ
?LockedToAxis@CLockAxis@@QEAA_NXZ
?LockedX@CLockAxis@@QEAA_NXZ
?LockedY@CLockAxis@@QEAA_NXZ
?Log@CApplicationSettings@@QEAAXPEB_W@Z
?LogDebug@CLogger@@SAXPEB_WZZ
?LogMessage@CLogger@@SAXPEB_WZZ
?LogOSError@CLogger@@SAXKPEB_WZZ
?LogOSMessage@CLogger@@SAXKPEB_WZZ
?LogThreadDebug@CLogger@@SAXPEB_WZZ
?LoggingDisabled@CLogger@@SA_NXZ
?MatchCaption@CApplicationSettings@@QEAA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?MatchClass@CApplicationSettings@@QEAA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?MatchParentClass@CApplicationSettings@@QEAA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?MatchProcess@CApplicationSettings@@QEAA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?MatchProcess@CApplicationSettings@@QEAA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PEAUHWND__@@@Z
?MaxLayers@@YAHXZ
?MaxLayers@CSettings@@QEAA?BHXZ
?NewAction@CActionData@@SAPEAV1@H@Z
?NextLayer@@YAXXZ
?NoParent@CApplicationSettings@@QEAA_NXZ
?NotificatcionsEnabled@@YA_NXZ
?Notifiction@CVolumeManager@@UEAAXW4VolumeAction@@@Z
?OSD_SHOW_WINDOW@CBrightness@@0IA
?OnDefaultDeviceChanged@CAudioNotificationClient@@UEAAJW4__MIDL___MIDL_itf_mmdeviceapi_0000_0000_0001@@W4__MIDL___MIDL_itf_mmdeviceapi_0000_0000_0002@@PEB_W@Z
?OnDeviceAdded@CAudioNotificationClient@@UEAAJPEB_W@Z
?OnDeviceRemoved@CAudioNotificationClient@@UEAAJPEB_W@Z
?OnDeviceStateChanged@CAudioNotificationClient@@UEAAJPEB_WK@Z
?OnNotify@CVolumeNotification@@UEAAJPEAUAUDIO_VOLUME_NOTIFICATION_DATA@@@Z
?OnPropertyValueChanged@CAudioNotificationClient@@UEAAJPEB_WU_tagpropertykey@@@Z
?OpenFolderAction@CActionData@@SAPEAV1@PEB_W@Z
?OpenLogFile@CLogger@@CA_NXZ
?OverrideMouseSpeed@CApplicationSettings@@QEAAX_N@Z
?OverrideMouseSpeed@CApplicationSettings@@QEAA_NXZ
?PreviousLayer@@YAXXZ
?QueryInterface@CAudioNotificationClient@@UEAAJAEBU_GUID@@PEAPEAX@Z
?QueryInterface@CVolumeNotification@@UEAAJAEBU_GUID@@PEAPEAX@Z
?RandomiseDelay@CActionData@@QEAA_NXZ
?RandomiseDelay@CApplicationSettings@@QEAA_NHH@Z
?RandomiseDelay@CXMBCChord@@QEAA_NXZ
?RandomiseDelay@CXMBCTimedClick@@QEAA_NXZ
?ReInitialise@CVolumeManager@@QEAAXXZ
?RealWindowFromPoint@@YAPEAUHWND__@@AEBUtagPOINT@@@Z
?RealWindowFromPoint_SkipLocked@@YAPEAUHWND__@@AEBUtagPOINT@@_N@Z
?RegExMatching@CApplicationSettings@@QEAA_NXZ
?Release@CAudioNotificationClient@@UEAAKXZ
?Release@CVolumeNotification@@UEAAKXZ
?ReleaseChord@CXMBCChord@@QEAAXXZ
?ReleaseLock@CLogger@@SAXXZ
?RemoveApplication@CSettings@@QEAA_NPEAVCApplicationSettings@@@Z
?RemoveCallback@CAudioNotificationClient@@QEAAXPEAVCInternalVolumeNotification@@@Z
?RemoveFindHook@@YA_NXZ
?RemoveHooks@@YAXXZ
?RemoveListedIcons@CIconSettings@@QEAAHXZ
?RemoveMouseHook@@YA_N_N@Z
?Reset@CXMBCTimedClicks@@QEAAXXZ
?ResetCursor@CLockAxis@@QEAAXPEAVCSPIThread@@@Z
?ResetGlobalCS@CThreadLock@@SAXXZ
?Save@CApplicationSettings@@QEAA_NAEAVxml_node@pugi@@@Z
?Save@CMovement2Scroll@@QEAAXAEAVxml_node@pugi@@@Z
?Save@CSettings@@QEAA_NPEB_W@Z
?Save@CXMBCChord@@QEAAXAEAVxml_node@pugi@@@Z
?Save@CXMBCChords@@QEAAX_NAEAVxml_node@pugi@@@Z
?Save@CXMBCTimedClick@@QEAAXAEAVxml_node@pugi@@@Z
?Save@CXMBCTimedClicks@@QEAAX_NAEAVxml_node@pugi@@@Z
?SaveDefault@CApplicationSettings@@QEAA_NAEAVxml_node@pugi@@@Z
?SaveIcons@CIconSettings@@QEAAHPEB_W@Z
?SaveIcons@CIconSettings@@QEAAHXZ
?SavePersistantSettings@@YA_NXZ
?ScaleWin81CursorPos@@YAHPEAUtagPOINT@@@Z
?ScrollLines@CApplicationSettings@@QEAAHXZ
?ScrollPages@CApplicationSettings@@QEAA_NXZ
?SendKeyAction@CApplicationSettings@@QEAAHHH@Z
?SendKeyAction@CXMBCChord@@QEAAHXZ
?SendKeyAction@CXMBCTimedClick@@QEAAHXZ
?SendKeyRepeat@CApplicationSettings@@QEAAHHH@Z
?SendKeyRepeat@CXMBCChord@@QEAAHXZ
?SendKeyRepeat@CXMBCTimedClick@@QEAAHXZ
?SendKeyWhenActive@CApplicationSettings@@QEAA_NHH@Z
?SendKeyWhenActive@CXMBCChord@@QEAA_NXZ
?SendKeyWhenActive@CXMBCTimedClick@@QEAA_NXZ
?SetAbort2OnMouseMove@CXMBCTimedClicks@@QEAAX_N@Z
?SetAbortOnMouseMove@CXMBCTimedClicks@@QEAAX_N@Z
?SetAction@CXMBCChord@@QEAAXW4_ACTIONS@@@Z
?SetAction@CXMBCTimedClick@@QEAAXW4_ACTIONS@@@Z
?SetActionData@CMovement2Scroll@@QEAAXPEAVCActionData@@@Z
?SetActionData@CXMBCChord@@QEAAXPEAVCActionData@@@Z
?SetActionData@CXMBCTimedClick@@QEAAXPEAVCActionData@@@Z
?SetActionDescription@CApplicationSettings@@QEAAXHHPEB_W@Z
?SetActions@CApplicationSettings@@QEAAXHHW4_ACTIONS@@@Z
?SetAdvScrollHorizontal@CApplicationSettings@@QEAAXH@Z
?SetAdvScrollMethod@CApplicationSettings@@QEAAXH@Z
?SetAdvScrollVertical@CApplicationSettings@@QEAAXH@Z
?SetApplication@CApplicationSettings@@QEAAXPEB_W@Z
?SetAutoSwitchLayer@CApplicationSettings@@QEAAXHH@Z
?SetAutoSwitchTime@CApplicationSettings@@QEAAXHN@Z
?SetAxisLock@CMovement2Scroll@@QEAAXH@Z
?SetAxisLocking@CApplicationSettings@@QEAAX_N@Z
?SetBlockMouse@CMovement2Scroll@@QEAAX_N@Z
?SetBlockMouse@CXMBCChord@@QEAAX_N@Z
?SetBlockMouse@CXMBCTimedClick@@QEAAX_N@Z
?SetBlockMouseActive@CXMBCChord@@QEAAX_N@Z
?SetBlockMouseActive@CXMBCTimedClick@@QEAAX_N@Z
?SetBrightness@CBrightness@@QEAA_NH@Z

Sections

.text
Size: 568KB - Virtual size: 567KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 354KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninstaller.exe
.exe windows:4 windows x86 arch:x86

b1a57b635b23ffd553b3fd1e0960b2bd

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31/05/2021, 06:43

Not After

17/09/2029, 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:d4:ae:70:b9:d0:63:5b:2a:e9:84:c8:d6:74:aa:30
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

28/07/2022, 08:56

Not After

27/07/2033, 08:56

Subject

CN=Certum Timestamp 2022,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:ce:cf:c8:de:5e:5f:86:d9:87:91:b6:cf:86:a7:ce
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

04/04/2022, 12:22

Not After

04/04/2023, 12:22

Subject

CN=Open Source Developer\, Phillip Gibbons,O=Open Source Developer,ST=Berkshire,C=GB,1.2.840.113549.1.9.1=#0c127068696c406869676872657a2e636f2e756b

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

12:3c:82:07:c1:da:f8:d9:5a:c8:28:16:57:a3:a9:d3:b2:dc:ac:72
Signer

Actual PE Digest

12:3c:82:07:c1:da:f8:d9:5a:c8:28:16:57:a3:a9:d3:b2:dc:ac:72

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
SetFileAttributesA
CompareFileTime
SearchPathA
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
Sleep
lstrcmpiA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrcatA
GetSystemDirectoryA
WaitForSingleObject
SetFileTime
CloseHandle
GlobalFree
lstrcmpA
ExpandEnvironmentStringsA
GetExitCodeProcess
GlobalAlloc
GetCommandLineA
GetTempPathA
GetProcAddress
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
ReadFile
FindClose
GetPrivateProfileStringA
WritePrivateProfileStringA
WriteFile
MulDiv
MultiByteToWideChar
LoadLibraryExA
GetModuleHandleA
FreeLibrary

user32

SetCursor
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
EndDialog
ScreenToClient
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetForegroundWindow
GetWindowLongA
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
SetTimer
PostQuitMessage
SetWindowLongA
SendMessageTimeoutA
LoadImageA
wsprintfA
GetDlgItem
FindWindowExA
IsWindow
SetClipboardData
EmptyClipboard
OpenClipboard
EndPaint
CreateDialogParamA
DestroyWindow
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA
ShellExecuteA

advapi32

RegDeleteValueA
SetFileSecurityA
RegOpenKeyExA
RegDeleteKeyA
RegEnumValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ExecCmd.dll
.dll windows:4 windows x86 arch:x86

bf44c9fb48bb8c36b3e2527e7252350d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
OpenProcess
CloseHandle
GetProcAddress
LoadLibraryA
GetVersionExA
GlobalFree
TerminateProcess
GetExitCodeProcess
WaitForSingleObject
Sleep
CreateProcessA
GlobalAlloc
GetExitCodeThread
lstrcpyA
lstrcpynA
CreateThread
lstrcatA
GetEnvironmentVariableA
lstrcmpiA

user32

SendMessageA
EnumWindows
WaitForInputIdle
wsprintfA
GetWindowThreadProcessId

Exports

Exports

exec
wait

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 802B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 142B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

f2ac1ab587d5531d5f1bf76c094aef4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
GlobalAlloc
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 510B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

b1a57b635b23ffd553b3fd1e0960b2bd

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27Certificate

Key Usages

2b:d4:ae:70:b9:d0:63:5b:2a:e9:84:c8:d6:74:aa:30Certificate

Extended Key Usages

Key Usages

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39Certificate

Extended Key Usages

Key Usages

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87Certificate

Extended Key Usages

Key Usages

78:ce:cf:c8:de:5e:5f:86:d9:87:91:b6:cf:86:a7:ceCertificate

Extended Key Usages

Key Usages

a1:ff:22:5f:13:9e:d9:e9:f6:ed:3d:82:27:63:24:76:a2:3d:2c:a9Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 108KB

.ndata Size: - Virtual size: 52KB

.rsrc Size: 24KB - Virtual size: 24KB

bf44c9fb48bb8c36b3e2527e7252350d

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 802B

.data Size: 512B - Virtual size: 142B

.reloc Size: 512B - Virtual size: 200B

738dc9bb91549f627cf1953c2000e1d6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

fb89301642ac2a39aefdd3cc2610ed81

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

2b:d4:ae:70:b9:d0:63:5b:2a:e9:84:c8:d6:74:aa:30
Certificate

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

78:ce:cf:c8:de:5e:5f:86:d9:87:91:b6:cf:86:a7:ce
Certificate

a1:ff:22:5f:13:9e:d9:e9:f6:ed:3d:82:27:63:24:76:a2:3d:2c:a9
Signer

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 108KB

.ndata
Size: - Virtual size: 52KB

.rsrc
Size: 24KB - Virtual size: 24KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 802B

.data
Size: 512B - Virtual size: 142B

.reloc
Size: 512B - Virtual size: 200B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 732B

.reloc
Size: 512B - Virtual size: 426B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 512B - Virtual size: 510B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 572B

.text
Size: 230KB - Virtual size: 230KB

.rdata
Size: 72KB - Virtual size: 72KB

.data
Size: 6KB - Virtual size: 25KB

.pdata
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 40KB - Virtual size: 39KB

.reloc
Size: 2KB - Virtual size: 1KB