ammyyadmin | bb63f8372394ec1a4a9a51985d14326e

Sharing

Copy URL

Twitter E-mail

General

Target

bb63f8372394ec1a4a9a51985d14326e
Size

23.6MB
MD5

bb63f8372394ec1a4a9a51985d14326e
SHA1

3fb6883687d99d87f6ec190e1e7965e47dbf4950
SHA256

04df4d095a36105942be8be5c147948a99581b6f09c4d17c3e69345a4f2905f7
SHA512

a935d8b1dcc3f689f72c80109efe45b7dc784e21e46fc291bf880cd17388c45501c4099ad84a40cba41afc5afb7e34633a2d44ffd17aac168e9937d8b7a69f4e
SSDEEP

393216:14OnYNAwDDyMTtOQxxuDm4puKT+MWAk4BDmJONvlo3ofrzRUt3f9SNu8q8i:+OYAwjtOVDHTBk4BKi6YTzRfNxTi

Score

10^/10

ammyyadmin

Malware Config

Signatures

AmmyyAdmin payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/dll/UzakYardim.exe	family_ammyyadmin

Ammyyadmin family
ammyyadmin

Unsigned PE 20 IoCs

Checks for missing Authenticode signature.

Processes:

resource
bb63f8372394ec1a4a9a51985d14326e
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/$PLUGINSDIR/advsplash.dll
unpack001/PBWS32.DLL
unpack001/baro.exe
unpack001/dll/FreeImage.dll
unpack001/dll/Interop.WIA.dll
unpack001/dll/MarkupConverter.dll
unpack001/dll/PdfSharp.dll
unpack001/dll/RegAsm.exe
unpack001/dll/SDD_TWAIN_SCANNER.dll
unpack001/dll/Saraff.Twain.dll
unpack001/dll/System.Drawing.dll
unpack001/dll/UzakYardim.exe
unpack001/dll/cl32.dll
unpack001/dll/sdd_regasm.exe
unpack001/gxps.exe
unpack001/gxpsdll32.dll
unpack001/gxpswin32.exe

NSIS installer 2 IoCs

installer

Processes:

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

bb63f8372394ec1a4a9a51985d14326e
.exe windows:4 windows x86 arch:x86

3abe302b6d9a1256e6a915429af4ffd2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetEnvironmentVariableA
Sleep
GetTickCount
GetCommandLineA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GetWindowsDirectoryA
SetCurrentDirectoryA
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
ReadFile
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
GetExitCodeProcess
WaitForSingleObject
CompareFileTime
SetFileAttributesA
GetFileAttributesA
GetShortPathNameA
MoveFileA
GetFullPathNameA
SetFileTime
SearchPathA
CloseHandle
lstrcmpiA
CreateThread
GlobalLock
lstrcmpA
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
GetPrivateProfileStringA
FindClose
MultiByteToWideChar
FreeLibrary
MulDiv
WritePrivateProfileStringA
LoadLibraryExA
GetModuleHandleA
GlobalAlloc
GlobalFree
ExpandEnvironmentStringsA

user32

ScreenToClient
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
PostQuitMessage
GetWindowRect
EnableMenuItem
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
GetDC
CreateDialogParamA
SetTimer
GetDlgItem
SetWindowLongA
SetForegroundWindow
LoadImageA
IsWindow
SendMessageTimeoutA
FindWindowExA
OpenClipboard
TrackPopupMenu
AppendMenuA
EndPaint
DestroyWindow
wsprintfA
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA

advapi32

AdjustTokenPrivileges
RegCreateKeyExA
RegOpenKeyExA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

610235b90207a63ccf481f0d4375d329

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileIntA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileStringA
SetCurrentDirectoryA
GetModuleHandleA
lstrcmpiA
WritePrivateProfileStringA
lstrcatA
lstrcpynA
GlobalFree
lstrlenA
lstrcpyA
GlobalUnlock
GlobalAlloc
GlobalLock

user32

MapWindowPoints
PtInRect
CloseClipboard
LoadCursorA
GetDlgCtrlID
OpenClipboard
GetClientRect
SetWindowRgn
DrawFocusRect
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
DrawTextA
SetCursor
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
CallWindowProcA
PostMessageA
MessageBoxA
GetSysColor
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetWindowLongA
EnableMenuItem
GetSystemMenu
GetClipboardData
LoadIconA

gdi32

DeleteObject
CombineRgn
SetTextColor
GetDIBits
SelectObject
CreateRectRgn
GetObjectA
CreateCompatibleDC

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
SHGetDesktopFolder

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

274b99a815ba574d8c9e1712916d8b30

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GlobalAlloc
lstrcmpA
GetModuleHandleA
lstrlenA
MulDiv
lstrcpynA
GetACP
lstrcpyA

user32

SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
SetWindowTextA
LoadIconA
GetDC
ShowWindow
SendMessageA

gdi32

DeleteObject
CreateFontIndirectA
GetDeviceCaps

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 362B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/advsplash.dll
.dll windows:4 windows x86 arch:x86

c0d4e5fadc92d88e6603d2d1c1d8421c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
LoadLibraryA
lstrcpyA
lstrcatA
GetProcAddress
GlobalAlloc
GlobalFree

user32

EnumDisplaySettingsA
LoadImageA
BeginPaint
SetWindowLongA
SystemParametersInfoA
EndPaint
GetClientRect
CreateWindowExA
DefWindowProcA
DestroyWindow
IsWindow
GetMessageA
DispatchMessageA
UnregisterClassA
wsprintfA
PostMessageA
SetWindowRgn
RegisterClassA
LoadCursorA
SetWindowPos

gdi32

BitBlt
DeleteDC
DeleteObject
CombineRgn
GetObjectA
GetDIBits
SelectObject
CreateCompatibleDC
CreateRectRgn

winmm

timeSetEvent
PlaySoundA
timeKillEvent

Exports

Exports

show

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 460B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/splash.bmp
PBWS32.DLL
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GetHost
GetService

Sections

CODE
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Scan.ini
baro.exe
.exe windows:5 windows x86 arch:x86

ae86390549f5fe4a8cd8eb0b541a9234

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
GetCurrentThread
WriteFile
ReadFile
GetModuleHandleA
CloseHandle
LoadLibraryW
GetProcAddress
GetCurrentProcess
GetModuleHandleW
GetModuleFileNameW
CreateFileA
VirtualQuery
SetLastError
VirtualProtect
VirtualAlloc
InterlockedCompareExchange
GetCurrentThreadId
ResumeThread
FlushInstructionCache
GetThreadContext
SetThreadContext
SuspendThread
GetLastError
MultiByteToWideChar
WideCharToMultiByte
LoadLibraryA
FormatMessageA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetCommandLineA
GetStartupInfoA
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
Sleep
ExitProcess
GetConsoleCP
GetConsoleMode
FlushFileBuffers
RtlUnwind
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
HeapAlloc
RaiseException
HeapCreate
VirtualFree
HeapReAlloc
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
InitializeCriticalSectionAndSpinCount
InterlockedExchange
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileW
GetLocaleInfoW
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringA
SetEndOfFile
GetProcessHeap

user32

MessageBoxW

Exports

Exports

AddEncryptedLibrary

Sections

.text
Size: 185KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 258KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
butce.pbd
cmuk_d.pbd
cmuk_m.pbd
cmuk_r.pbd
cmuk_w.pbd
cmuk_wr.pbd
demirbas.pbd
disiplin.pbd
disiplin_r.pbd
disiplin_yeni.pbd
dll/FreeImage.dll
.dll windows:5 windows x86 arch:x86

f3db81844469ba23e814e3c02eedcc15

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
SetCurrentDirectoryA
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetCurrentDirectoryA
IsBadReadPtr
OutputDebugStringA
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetTempFileNameW
GetTempPathW
DeleteFileA
CloseHandle
CreateFileW
InterlockedExchangeAdd
ExitProcess
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
GetLastError
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
FindClose
RtlUnwind
MoveFileA
GetCurrentThreadId
GetCommandLineA
RaiseException
ReadFile
GetModuleHandleW
LCMapStringA
LCMapStringW
GetCPInfo
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
WriteFile
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleA
FlushFileBuffers
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetProcessHeap

ws2_32

htonl
ntohs
htons
ntohl

Exports

Exports

FreeImage_OutputMessageProc
_FreeImage_AcquireMemory@12
_FreeImage_AdjustBrightness@12
_FreeImage_AdjustColors@32
_FreeImage_AdjustContrast@12
_FreeImage_AdjustCurve@12
_FreeImage_AdjustGamma@12
_FreeImage_Allocate@24
_FreeImage_AllocateEx@36
_FreeImage_AllocateExT@40
_FreeImage_AllocateHeader@28
_FreeImage_AllocateHeaderT@32
_FreeImage_AllocateT@28
_FreeImage_AppendPage@8
_FreeImage_ApplyColorMapping@24
_FreeImage_ApplyPaletteIndexMapping@20
_FreeImage_Clone@4
_FreeImage_CloneMetadata@8
_FreeImage_CloneTag@4
_FreeImage_CloseMemory@4
_FreeImage_CloseMultiBitmap@8
_FreeImage_ColorQuantize@8
_FreeImage_ColorQuantizeEx@20
_FreeImage_Composite@16
_FreeImage_ConvertFromRawBits@36
_FreeImage_ConvertLine16To24_555@12
_FreeImage_ConvertLine16To24_565@12
_FreeImage_ConvertLine16To32_555@12
_FreeImage_ConvertLine16To32_565@12
_FreeImage_ConvertLine16To4_555@12
_FreeImage_ConvertLine16To4_565@12
_FreeImage_ConvertLine16To8_555@12
_FreeImage_ConvertLine16To8_565@12
_FreeImage_ConvertLine16_555_To16_565@12
_FreeImage_ConvertLine16_565_To16_555@12
_FreeImage_ConvertLine1To16_555@16
_FreeImage_ConvertLine1To16_565@16
_FreeImage_ConvertLine1To24@16
_FreeImage_ConvertLine1To32@16
_FreeImage_ConvertLine1To4@12
_FreeImage_ConvertLine1To8@12
_FreeImage_ConvertLine24To16_555@12
_FreeImage_ConvertLine24To16_565@12
_FreeImage_ConvertLine24To32@12
_FreeImage_ConvertLine24To4@12
_FreeImage_ConvertLine24To8@12
_FreeImage_ConvertLine32To16_555@12
_FreeImage_ConvertLine32To16_565@12
_FreeImage_ConvertLine32To24@12
_FreeImage_ConvertLine32To4@12
_FreeImage_ConvertLine32To8@12
_FreeImage_ConvertLine4To16_555@16
_FreeImage_ConvertLine4To16_565@16
_FreeImage_ConvertLine4To24@16
_FreeImage_ConvertLine4To32@16
_FreeImage_ConvertLine4To8@12
_FreeImage_ConvertLine8To16_555@16
_FreeImage_ConvertLine8To16_565@16
_FreeImage_ConvertLine8To24@16
_FreeImage_ConvertLine8To32@16
_FreeImage_ConvertLine8To4@16
_FreeImage_ConvertTo16Bits555@4
_FreeImage_ConvertTo16Bits565@4
_FreeImage_ConvertTo24Bits@4
_FreeImage_ConvertTo32Bits@4
_FreeImage_ConvertTo4Bits@4
_FreeImage_ConvertTo8Bits@4
_FreeImage_ConvertToFloat@4
_FreeImage_ConvertToGreyscale@4
_FreeImage_ConvertToRGB16@4
_FreeImage_ConvertToRGBF@4
_FreeImage_ConvertToRawBits@32
_FreeImage_ConvertToStandardType@8
_FreeImage_ConvertToType@12
_FreeImage_ConvertToUINT16@4
_FreeImage_Copy@20
_FreeImage_CreateICCProfile@12
_FreeImage_CreateTag@0
_FreeImage_DeInitialise@0
_FreeImage_DeletePage@8
_FreeImage_DeleteTag@4
_FreeImage_DestroyICCProfile@4
_FreeImage_Dither@8
_FreeImage_EnlargeCanvas@28
_FreeImage_FIFSupportsExportBPP@8
_FreeImage_FIFSupportsExportType@8
_FreeImage_FIFSupportsICCProfiles@4
_FreeImage_FIFSupportsNoPixels@4
_FreeImage_FIFSupportsReading@4
_FreeImage_FIFSupportsWriting@4
_FreeImage_FillBackground@12
_FreeImage_FindCloseMetadata@4
_FreeImage_FindFirstMetadata@12
_FreeImage_FindNextMetadata@8
_FreeImage_FlipHorizontal@4
_FreeImage_FlipVertical@4
_FreeImage_GetAdjustColorsLookupTable@32
_FreeImage_GetBPP@4
_FreeImage_GetBackgroundColor@8
_FreeImage_GetBits@4
_FreeImage_GetBlueMask@4
_FreeImage_GetChannel@8
_FreeImage_GetColorType@4
_FreeImage_GetColorsUsed@4
_FreeImage_GetComplexChannel@8
_FreeImage_GetCopyrightMessage@0
_FreeImage_GetDIBSize@4
_FreeImage_GetDotsPerMeterX@4
_FreeImage_GetDotsPerMeterY@4
_FreeImage_GetFIFCount@0
_FreeImage_GetFIFDescription@4
_FreeImage_GetFIFExtensionList@4
_FreeImage_GetFIFFromFilename@4
_FreeImage_GetFIFFromFilenameU@4
_FreeImage_GetFIFFromFormat@4
_FreeImage_GetFIFFromMime@4
_FreeImage_GetFIFMimeType@4
_FreeImage_GetFIFRegExpr@4
_FreeImage_GetFileType@8
_FreeImage_GetFileTypeFromHandle@12
_FreeImage_GetFileTypeFromMemory@8
_FreeImage_GetFileTypeU@8
_FreeImage_GetFormatFromFIF@4
_FreeImage_GetGreenMask@4
_FreeImage_GetHeight@4
_FreeImage_GetHistogram@12
_FreeImage_GetICCProfile@4
_FreeImage_GetImageType@4
_FreeImage_GetInfo@4
_FreeImage_GetInfoHeader@4
_FreeImage_GetLine@4
_FreeImage_GetLockedPageNumbers@12
_FreeImage_GetMetadata@16
_FreeImage_GetMetadataCount@8
_FreeImage_GetPageCount@4
_FreeImage_GetPalette@4
_FreeImage_GetPitch@4
_FreeImage_GetPixelColor@16
_FreeImage_GetPixelIndex@16
_FreeImage_GetRedMask@4
_FreeImage_GetScanLine@8
_FreeImage_GetTagCount@4
_FreeImage_GetTagDescription@4
_FreeImage_GetTagID@4
_FreeImage_GetTagKey@4
_FreeImage_GetTagLength@4
_FreeImage_GetTagType@4
_FreeImage_GetTagValue@4
_FreeImage_GetThumbnail@4
_FreeImage_GetTransparencyCount@4
_FreeImage_GetTransparencyTable@4
_FreeImage_GetTransparentIndex@4
_FreeImage_GetVersion@0
_FreeImage_GetWidth@4
_FreeImage_HasBackgroundColor@4
_FreeImage_HasPixels@4
_FreeImage_HasRGBMasks@4
_FreeImage_Initialise@4
_FreeImage_InsertPage@12
_FreeImage_Invert@4
_FreeImage_IsLittleEndian@0
_FreeImage_IsPluginEnabled@4
_FreeImage_IsTransparent@4
_FreeImage_JPEGCrop@24
_FreeImage_JPEGCropU@24
_FreeImage_JPEGTransform@16
_FreeImage_JPEGTransformCombined@32
_FreeImage_JPEGTransformCombinedFromMemory@32
_FreeImage_JPEGTransformCombinedU@32
_FreeImage_JPEGTransformFromHandle@40
_FreeImage_JPEGTransformU@16
_FreeImage_Load@12
_FreeImage_LoadFromHandle@16
_FreeImage_LoadFromMemory@12
_FreeImage_LoadMultiBitmapFromMemory@12
_FreeImage_LoadU@12
_FreeImage_LockPage@8
_FreeImage_LookupSVGColor@16
_FreeImage_LookupX11Color@16
_FreeImage_MakeThumbnail@12
_FreeImage_MovePage@12
_FreeImage_MultigridPoissonSolver@8
_FreeImage_OpenMemory@8
_FreeImage_OpenMultiBitmap@24
_FreeImage_OpenMultiBitmapFromHandle@16
_FreeImage_Paste@20
_FreeImage_PreMultiplyWithAlpha@4
_FreeImage_ReadMemory@16
_FreeImage_RegisterExternalPlugin@20
_FreeImage_RegisterLocalPlugin@20
_FreeImage_Rescale@16
_FreeImage_Rotate@16
_FreeImage_RotateClassic@12
_FreeImage_RotateEx@48
_FreeImage_Save@16
_FreeImage_SaveMultiBitmapToHandle@20
_FreeImage_SaveMultiBitmapToMemory@16
_FreeImage_SaveToHandle@20
_FreeImage_SaveToMemory@16
_FreeImage_SaveU@16
_FreeImage_SeekMemory@12
_FreeImage_SetBackgroundColor@8
_FreeImage_SetChannel@12
_FreeImage_SetComplexChannel@12
_FreeImage_SetDotsPerMeterX@8
_FreeImage_SetDotsPerMeterY@8
_FreeImage_SetMetadata@16
_FreeImage_SetOutputMessage@4
_FreeImage_SetOutputMessageStdCall@4
_FreeImage_SetPixelColor@16
_FreeImage_SetPixelIndex@16
_FreeImage_SetPluginEnabled@8
_FreeImage_SetTagCount@8
_FreeImage_SetTagDescription@8
_FreeImage_SetTagID@8
_FreeImage_SetTagKey@8
_FreeImage_SetTagLength@8
_FreeImage_SetTagType@8
_FreeImage_SetTagValue@8
_FreeImage_SetThumbnail@8
_FreeImage_SetTransparencyTable@12
_FreeImage_SetTransparent@8
_FreeImage_SetTransparentIndex@8
_FreeImage_SwapColors@16
_FreeImage_SwapPaletteIndices@12
_FreeImage_TagToString@12
_FreeImage_TellMemory@4
_FreeImage_Threshold@8
_FreeImage_TmoDrago03@20
_FreeImage_TmoFattal02@20
_FreeImage_TmoReinhard05@20
_FreeImage_TmoReinhard05Ex@36
_FreeImage_ToneMapping@24
_FreeImage_Unload@4
_FreeImage_UnlockPage@12
_FreeImage_WriteMemory@16
_FreeImage_ZLibCRC32@12
_FreeImage_ZLibCompress@16
_FreeImage_ZLibGUnzip@16
_FreeImage_ZLibGZip@16
_FreeImage_ZLibUncompress@16

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 925KB - Virtual size: 924KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 309KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dll/Interop.WIA.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dll/MarkupConverter.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\mkony\Downloads\Converting between RTF and HTML\C#\MarkupConverter\obj\Debug\MarkupConverter.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dll/PdfSharp.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\@thho\TfsTest\PDFsharp_v-1.32\PDFsharp\Publish\PDFsharp\code\PdfSharp\obj\Release\PdfSharp.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 556KB - Virtual size: 555KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dll/RegAsm.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

RegAsm.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dll/SDD_TWAIN_SCANNER.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

v:\SDD_TWAIN_SCANNER\SDD_TWAIN_SCANNER\obj\Debug\SDD_TWAIN_SCANNER.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dll/Saraff.Twain.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\EVREN\Documents\Visual Studio 2012\Projects\Saraff.Twain\Sources\Saraff.Twain\obj\Debug\Saraff.Twain.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dll/System.Drawing.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

System.Drawing.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 544KB - Virtual size: 540KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dll/UzakYardim.exe
.exe windows:4 windows x86 arch:x86

59bc1054f3fb6d52d677cef7c12118a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAGetLastError
send
recv
select
WSAStartup
getpeername
getservbyport
ntohs
gethostbyaddr
gethostbyname
getservbyname
htonl
inet_ntoa
inet_addr
WSAIoctl
connect
accept
htons
bind
listen
socket
__WSAFDIsSet
shutdown
setsockopt
ioctlsocket
WSACleanup
closesocket

gdi32

GetDIBits
CreateCompatibleBitmap
RealizePalette
SelectPalette
CreatePalette
GetSystemPaletteEntries
GdiFlush
CombineRgn
GetRegionData
SetStretchBltMode
CreateDIBitmap
GetBitmapBits
GetObjectA
DeleteDC
SelectObject
CreateCompatibleDC
BitBlt
SetBkMode
CreateFontIndirectA
DPtoLP
StretchBlt
CreateRectRgn
ExtTextOutA
CreateDIBSection
SetBitmapBits
CreateRectRgnIndirect
SelectClipRgn
TextOutW
CreatePatternBrush
SetTextAlign
SetBrushOrgEx
ExtTextOutW
SetTextColor
SetBkColor
GetTextExtentPoint32W
GetStockObject
CreateSolidBrush
GetDeviceCaps
DeleteObject
CreateFontA

user32

FindWindowA
OpenDesktopA
VkKeyScanExA
SendMessageTimeoutA
LoadIconA
IntersectRect
IsWindowVisible
GetIconInfo
GetCursorInfo
EqualRect
OpenInputDesktop
CloseDesktop
GetUserObjectInformationA
LoadKeyboardLayoutA
EmptyClipboard
SetClipboardData
RegisterClassExA
GetDesktopWindow
PeekMessageA
MsgWaitForMultipleObjects
mouse_event
MapVirtualKeyA
LockWorkStation
SetThreadDesktop
keybd_event
SetDlgItemTextA
SetDlgItemInt
GetKeyboardState
ToAsciiEx
DestroyAcceleratorTable
TranslateAcceleratorA
CreateAcceleratorTableA
SetWindowTextA
ReleaseCapture
SetCapture
GetAsyncKeyState
GetThreadDesktop
SystemParametersInfoW
LoadBitmapA
ReleaseDC
GetDC
SwitchToThisWindow
SendMessageA
FindWindowW
RegisterClassExW
DestroyCursor
MessageBeep
wsprintfW
SetCursorPos
GetClipboardOwner
OpenClipboard
GetClipboardData
CloseClipboard
ShowWindowAsync
SetScrollInfo
GetWindow
WindowFromPoint
MessageBoxA
ShowWindow
wsprintfA
DestroyIcon
DrawIconEx
LoadImageA
EnableWindow
SetDlgItemTextW
DestroyWindow
SetClassLongW
InsertMenuItemW
ChangeClipboardChain
MapWindowPoints
InsertMenuItemA
EnumWindows
GetClassNameA
GetWindowTextA
KillTimer
GetWindowLongW
PostMessageA
SetRect
ShowScrollBar
IsIconic
ScrollWindowEx
AdjustWindowRectEx
GetMenuState
GetWindowPlacement
SetWindowPlacement
GetSysColorBrush
AppendMenuW
SetClipboardViewer
SetWindowsHookExA
UnhookWindowsHookEx
DrawTextA
EndDialog
CreateDialogParamW
DialogBoxParamA
CallWindowProcW
CallWindowProcA
DefWindowProcA
IsWindowUnicode
GetSystemMenu
RedrawWindow
InvalidateRect
DrawStateA
DrawEdge
GetClientRect
CreateWindowExA
IsWindow
GetParent
GetWindowLongA
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetActiveWindow
SetCursor
SetTimer
PostThreadMessageA
MoveWindow
BeginPaint
EndPaint
GetDlgItemInt
SendDlgItemMessageA
MapDialogRect
SetWindowLongA
ClientToScreen
LoadCursorA
RegisterClassW
CreateWindowExW
SetWindowLongW
UpdateWindow
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
ScreenToClient
SetWindowTextW
SetMenu
LoadMenuA
GetMenuItemInfoA
SetMenuItemInfoA
GetSubMenu
SetMenuItemInfoW
GetMenuItemID
EnableMenuItem
GetMenuItemCount
CheckMenuItem
GetKeyState
SetForegroundWindow
SetFocus
GetFocus
PostQuitMessage
DefWindowProcW
CreatePopupMenu
GetCursorPos
TrackPopupMenu
GetSysColor
GetSystemMetrics
GetMenuItemInfoW
DrawMenuBar
AppendMenuA
DestroyMenu
MessageBoxW
GetDlgItem
SendMessageW
GetWindowRect
SystemParametersInfoA
SetWindowPos

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteA
SHGetMalloc
ShellExecuteExW
SHGetFolderPathA
SHGetFolderPathW
SHGetFileInfoW
ShellExecuteW
SHGetSpecialFolderPathW
Shell_NotifyIconA

msvcp60

??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

msvcrt

_strnicmp
_strupr
_strlwr
_controlfp
_iob
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_wcsicmp
wcschr
__CxxFrameHandler
strlen
isspace
memchr
_errno
strtol
isdigit
strstr
memcpy
??2@YAPAXI@Z
_purecall
free
memset
malloc
sprintf
printf
fwrite
srand
time
_CxxThrowException
rand
atol
_stricmp
isprint
tolower
strncpy
atoi
abs
wcscpy
strcmp
strcpy
wcslen
memcmp
iswspace
wcsncmp
_wtoi
_ultow
_stat
strchr
_ftol
swprintf
strcat
strtoul
calloc
_rotl
_rotr
fopen
fread
fclose
fseek
ftell
fflush
wcsncpy
wcsrchr
vsprintf
vswprintf
memmove
strrchr
strncmp
mbstowcs
wcscmp
wcsstr
iswdigit
_beginthreadex
_endthreadex
atof
_i64tow
wcscat
realloc
exit
fprintf
sscanf
getenv
floor
fputc
_CIpow
_CIacos
??1type_info@@UAE@XZ
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
_exit
_XcptFilter
_acmdln

secur32

FreeCredentialsHandle
InitializeSecurityContextA
FreeContextBuffer
AcquireCredentialsHandleA
CompleteAuthToken
QuerySecurityPackageInfoA

setupapi

SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiClassGuidsFromNameA
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList

iphlpapi

GetAdaptersInfo

advapi32

RegOpenKeyExA
FreeSid
SetFileSecurityW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
ConvertSidToStringSidA
GetTokenInformation
OpenProcessToken
RegCloseKey
RegQueryValueExA
ImpersonateLoggedOnUser
RevertToSelf
GetUserNameA
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerExA
SetServiceStatus
SetTokenInformation
DuplicateTokenEx
CreateProcessAsUserW
QueryServiceStatus
CloseServiceHandle
OpenServiceA
OpenSCManagerA
CreateServiceW
DeleteService
ControlService
StartServiceA
StartServiceW
RegCreateKeyExA
RegQueryValueExW
RegSetValueExW
RegSetValueExA
RegDeleteKeyA
RegDeleteValueW
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExW
SetEntriesInAclA
AllocateAndInitializeSid

shlwapi

PathGetDriveNumberA

comdlg32

GetOpenFileNameW
GetSaveFileNameW

userenv

LoadUserProfileA
UnloadUserProfile

comctl32

CreateToolbarEx
ImageList_Add
ImageList_Create
ImageList_Draw
ord17
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Duplicate
_TrackMouseEvent
CreatePropertySheetPageW
PropertySheetW

wininet

HttpSendRequestA
HttpQueryInfoA
InternetConnectA
InternetSetOptionA
InternetCloseHandle
InternetReadFile
InternetOpenA
HttpOpenRequestA

dsound

ord7
ord6
ord2
ord1

kernel32

SizeofResource
LoadResource
LockResource
GetLocalTime
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetFileTime
GetFileTime
OpenMutexA
CreateMutexA
ResetEvent
FindResourceExA
OpenEventA
CreateEventA
ExitProcess
SetUnhandledExceptionFilter
GetSystemDirectoryA
CompareFileTime
GetSystemTimeAsFileTime
GetSystemDirectoryW
lstrcatW
LoadLibraryW
QueryPerformanceFrequency
ReadFile
QueryPerformanceCounter
GetExitCodeProcess
BeginUpdateResourceW
EndUpdateResourceW
UpdateResourceA
OpenProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
LoadLibraryA
FreeLibrary
GetFileSize
SetFilePointer
WriteFile
WaitForSingleObject
CreateThread
GetFileAttributesW
GetStartupInfoW
CreateProcessW
lstrcmpiW
lstrcmpW
MulDiv
FormatMessageW
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameW
GetComputerNameA
LocalAlloc
GetExitCodeThread
SystemTimeToFileTime
MoveFileW
DeleteFileW
GetTempPathW
CreateFileW
FindFirstFileW
FindClose
CreateFileA
DeviceIoControl
GetUserDefaultUILanguage
GetModuleHandleA
GetProcAddress
GetLocaleInfoA
CreateDirectoryW
SetCurrentDirectoryW
SetProcessShutdownParameters
GetVersionExA
GetCurrentProcess
GetLastError
CloseHandle
LocalFree
GetCurrentThreadId
GetCurrentProcessId
Sleep
GetTickCount
InterlockedIncrement
InterlockedDecrement
lstrlenA
lstrlenW
TerminateProcess
GlobalUnlock
GlobalLock
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFileSizeEx
SetEndOfFile
SetFilePointerEx
GlobalAlloc
GetDriveTypeW
RemoveDirectoryW
FindNextFileW
SetFileAttributesW
GetLogicalDrives
ProcessIdToSessionId
SleepEx
CreateDirectoryA
DeleteFileA
GlobalFree
IsBadReadPtr
lstrcmpA
LocalFileTimeToFileTime
WaitNamedPipeW
lstrcpyA
GetCurrentDirectoryA
FindResourceA
DuplicateHandle
CreateSemaphoreA
SetThreadPriority
TlsSetValue
GetCurrentThread
TlsAlloc
ResumeThread
TlsGetValue
InterlockedExchange
GetStartupInfoA
SetEvent
SetLastError

Sections

.text
Size: 520KB - Virtual size: 519KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dll/UzakYardim.log
dll/WinSCP.com
.exe windows:4 windows x86 arch:x86

4930629d52bba909dc99b790c62376e0

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:5d:6a:f1:1b:63:32:70:3e:bf:82:9d:be:76:05:bf
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17-11-2016 00:00

Not After

23-01-2020 12:00

Subject

CN=Martin Prikryl,O=Martin Prikryl,L=Prague,ST=Hlavni mesto Praha,C=CZ

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2014 00:00

Not After

22-10-2024 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2021 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:5d:6a:f1:1b:63:32:70:3e:bf:82:9d:be:76:05:bf
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17-11-2016 00:00

Not After

23-01-2020 12:00

Subject

CN=Martin Prikryl,O=Martin Prikryl,L=Prague,ST=Hlavni mesto Praha,C=CZ

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04-01-2017 00:00

Not After

18-01-2028 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

19:1f:2d:44:29:4b:65:2e:f2:7c:6b:33:09:c4:dc:f7:2d:d8:39:da:e7:ab:8c:13:f4:86:e5:a1:db:56:e9:cb
Signer

Actual PE Digest

19:1f:2d:44:29:4b:65:2e:f2:7c:6b:33:09:c4:dc:f7:2d:d8:39:da:e7:ab:8c:13:f4:86:e5:a1:db:56:e9:cb

Digest Algorithm

sha256

PE Digest Matches

true

b2:59:0d:cc:a6:4d:5e:bd:89:7c:72:ed:6c:1f:e6:1e:8e:81:e4:96
Signer

Actual PE Digest

b2:59:0d:cc:a6:4d:5e:bd:89:7c:72:ed:6c:1f:e6:1e:8e:81:e4:96

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateEventW
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateJobObjectW
CreateProcessW
CreateThread
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
ExitProcess
FlushConsoleInputBuffer
FormatMessageW
GetACP
GetCPInfo
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetConsoleTitleW
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStrings
GetEnvironmentStringsW
GetExitCodeProcess
GetFileAttributesA
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GetVersionExW
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
IsDebuggerPresent
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LocalFree
MapViewOfFile
MultiByteToWideChar
OpenEventW
OpenFileMappingA
PeekConsoleInputW
RaiseException
ReadConsoleInputW
ReadConsoleW
ReadFile
RtlUnwind
SetConsoleCP
SetConsoleCtrlHandler
SetConsoleMode
SetConsoleOutputCP
SetConsoleTitleW
SetEvent
SetFilePointer
SetHandleCount
SetInformationJobObject
SetLastError
SetThreadLocale
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleInputW
WriteConsoleW
WriteFile

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

user32

CharUpperBuffW
EnumThreadWindows
GetAsyncKeyState
MessageBoxA
wsprintfA
wsprintfW

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 182KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dll/WinSCP.exe
.exe windows:4 windows x86 arch:x86

c536302487d5cbf417a6126897c88a3e

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:5d:6a:f1:1b:63:32:70:3e:bf:82:9d:be:76:05:bf
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17-11-2016 00:00

Not After

23-01-2020 12:00

Subject

CN=Martin Prikryl,O=Martin Prikryl,L=Prague,ST=Hlavni mesto Praha,C=CZ

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2014 00:00

Not After

22-10-2024 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2021 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:5d:6a:f1:1b:63:32:70:3e:bf:82:9d:be:76:05:bf
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17-11-2016 00:00

Not After

23-01-2020 12:00

Subject

CN=Martin Prikryl,O=Martin Prikryl,L=Prague,ST=Hlavni mesto Praha,C=CZ

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04-01-2017 00:00

Not After

18-01-2028 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

97:91:1a:88:8a:27:eb:d2:3c:9d:c6:0f:f9:8e:12:b6:87:41:06:d7:2a:2f:75:45:ae:fb:a3:92:8e:6c:ff:f8
Signer

Actual PE Digest

97:91:1a:88:8a:27:eb:d2:3c:9d:c6:0f:f9:8e:12:b6:87:41:06:d7:2a:2f:75:45:ae:fb:a3:92:8e:6c:ff:f8

Digest Algorithm

sha256

PE Digest Matches

true

ec:79:72:95:2f:1a:bb:dc:17:c8:04:ea:ba:e7:e5:fc:18:d6:a9:e8
Signer

Actual PE Digest

ec:79:72:95:2f:1a:bb:dc:17:c8:04:ea:ba:e7:e5:fc:18:d6:a9:e8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ws2_32

socket
shutdown
setsockopt
send
select
recv
ntohs
ntohl
listen
ioctlsocket
inet_ntoa
inet_addr
htons
htonl
getsockopt
getsockname
getservbyport
getservbyname
getpeername
gethostbyname
gethostbyaddr
getaddrinfo
freeaddrinfo
connect
closesocket
bind
accept
WSAStartup
WSASetLastError
WSASend
WSAIoctl
WSAGetLastError
WSAEventSelect
WSAEnumNetworkEvents
WSACleanup
WSACancelAsyncRequest
WSAAsyncSelect
WSAAsyncGetHostByName

secur32

GetUserNameExW

crypt32

CertCreateCertificateChainEngine
CertCreateCertificateContext
CertFreeCertificateChain
CertFreeCertificateChainEngine
CertFreeCertificateContext
CertGetCertificateChain
CertVerifyCertificateChainPolicy

winhttp

WinHttpGetDefaultProxyConfiguration
WinHttpGetIEProxyConfigForCurrentUser

urlmon

CreateURLMoniker
FindMimeFromData

shlwapi

PathIsRelativeW
PathSkipRootW
StrCmpLogicalW

powrprof

SetSuspendState

advapi32

AdjustTokenPrivileges
AllocateAndInitializeSid
CopySid
DeregisterEventSource
GetLengthSid
GetUserNameA
InitializeSecurityDescriptor
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegConnectRegistryW
RegCreateKeyExA
RegCreateKeyExW
RegDeleteKeyA
RegDeleteKeyW
RegDeleteValueA
RegDeleteValueW
RegEnumKeyA
RegEnumKeyExW
RegEnumValueW
RegFlushKey
RegLoadKeyW
RegOpenKeyA
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
RegReplaceKeyW
RegRestoreKeyW
RegSaveKeyW
RegSetValueExW
RegUnLoadKeyW
RegisterEventSourceA
ReportEventA
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner

kernel32

AllocConsole
AssignProcessToJobObject
CloseHandle
CompareStringW
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateMutexA
CreateMutexW
CreatePipe
CreateProcessA
CreateProcessW
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
DeleteFileA
DeleteFileW
DuplicateHandle
EnterCriticalSection
EnumCalendarInfoW
EnumResourceNamesW
EnumSystemLocalesW
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationW
FindFirstFileA
FindFirstFileW
FindNextChangeNotification
FindNextFileA
FindNextFileW
FindResourceExW
FindResourceW
FlushConsoleInputBuffer
FlushFileBuffers
FlushInstructionCache
FormatMessageA
FormatMessageW
FreeConsole
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCPInfoExW
GetCommandLineW
GetComputerNameW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetConsoleWindow
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDateFormatW
GetDiskFreeSpaceW
GetDriveTypeA
GetDriveTypeW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLargestConsoleWindowSize
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDriveStringsW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetNumberOfConsoleInputEvents
GetOEMCP
GetOverlappedResult
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetProcessTimes
GetQueuedCompletionStatus
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeExW
GetStringTypeW
GetSystemDefaultLangID
GetSystemDefaultUILanguage
GetSystemDirectoryA
GetSystemInfo
GetSystemTime
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetSystemTimes
GetTempPathW
GetThreadContext
GetThreadLocale
GetThreadPriority
GetThreadTimes
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultUILanguage
GetVersion
GetVersionExA
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFree
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapSize
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadReadPtr
IsBadWritePtr
IsDBCSLeadByteEx
IsDebuggerPresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LocalReAlloc
LockFile
LockResource
MapViewOfFile
MoveFileW
MulDiv
MultiByteToWideChar
OpenEventW
OpenFileMappingW
OpenJobObjectW
OpenMutexW
OpenProcess
PeekConsoleInputW
PeekNamedPipe
PostQueuedCompletionStatus
Process32FirstW
Process32NextW
QueryDosDeviceW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleInputA
ReadConsoleInputW
ReadConsoleW
ReadDirectoryChangesW
ReadFile
ReleaseMutex
RemoveDirectoryW
ResetEvent
ResumeThread
RtlUnwind
SearchPathW
SetConsoleCtrlHandler
SetConsoleCursorPosition
SetConsoleMode
SetConsoleScreenBufferSize
SetConsoleTitleW
SetConsoleWindowInfo
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointer
SetFileTime
SetHandleCount
SetHandleInformation
SetLastError
SetThreadExecutionState
SetThreadLocale
SetThreadPriority
SizeofResource
Sleep
SleepEx
SuspendThread
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnlockFile
UnmapViewOfFile
VerLanguageNameW
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
VirtualQueryEx
WaitForMultipleObjects
WaitForMultipleObjectsEx
WaitForSingleObject
WideCharToMultiByte
WriteConsoleInputA
WriteConsoleInputW
WriteConsoleW
WriteFile
WritePrivateProfileStringW
lstrcmpA
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenA
lstrlenW

mpr

WNetCloseEnum
WNetEnumResourceW
WNetGetConnectionW
WNetGetUniversalNameW
WNetOpenEnumW

netapi32

NetApiBufferFree
NetUseGetInfo

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

winspool.drv

ClosePrinter
DocumentPropertiesW
EnumPrintersW
ord203
OpenPrinterW

comctl32

FlatSB_GetScrollInfo
FlatSB_GetScrollPos
FlatSB_SetScrollInfo
FlatSB_SetScrollPos
FlatSB_SetScrollProp
ImageList_Add
ImageList_BeginDrag
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_SetOverlayImage
ImageList_Write
ord17
InitializeFlatSB
_TrackMouseEvent

comdlg32

ChooseColorW
ChooseFontW
FindTextW
GetFileTitleW
GetSaveFileNameW
ReplaceTextW
GetOpenFileNameW

gdi32

AbortDoc
AngleArc
Arc
ArcTo
BitBlt
Chord
CloseEnhMetaFile
CombineRgn
CopyEnhMetaFileW
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateDIBitmap
CreateEnhMetaFileW
CreateFontIndirectW
CreateHalftonePalette
CreateICW
CreatePalette
CreatePatternBrush
CreatePen
CreatePenIndirect
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
Ellipse
EndDoc
EndPage
EnumFontFamiliesExW
EnumFontsW
ExcludeClipRect
ExtCreatePen
ExtCreateRegion
ExtFloodFill
ExtTextOutW
FrameRgn
GdiFlush
GetBitmapBits
GetBrushOrgEx
GetClipBox
GetCurrentObject
GetCurrentPositionEx
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetEnhMetaFileBits
GetEnhMetaFileDescriptionW
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetNearestColor
GetNearestPaletteIndex
GetObjectA
GetObjectW
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextColor
GetTextExtentPoint32W
GetTextExtentPointW
GetTextMetricsW
GetViewportOrgEx
GetWinMetaFileBits
GetWindowOrgEx
IntersectClipRect
LPtoDP
LineTo
MaskBlt
MoveToEx
OffsetClipRgn
OffsetWindowOrgEx
PatBlt
Pie
PlayEnhMetaFile
PolyBezier
PolyBezierTo
PolyPolyline
Polygon
Polyline
RealizePalette
RectVisible
Rectangle
ResizePalette
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetAbortProc
SetBkColor
SetBkMode
SetBrushOrgEx
SetDCPenColor
SetDIBColorTable
SetDIBits
SetEnhMetaFileBits
SetGraphicsMode
SetMapMode
SetPaletteEntries
SetPixel
SetPixelV
SetROP2
SetRectRgn
SetStretchBltMode
SetTextAlign
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWinMetaFileBits
SetWindowExtEx
SetWindowOrgEx
SetWorldTransform
StartDocW
StartPage
StretchBlt
StretchDIBits
TextOutW
UnrealizeObject

shell32

DragAcceptFiles
DragFinish
DragQueryFileW
FindExecutableW
SHBrowseForFolderW
SHChangeNotify
SHFileOperationW
SHFreeNameMappings
SHGetDesktopFolder
SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
ShellExecuteW
Shell_NotifyIconW
SHOpenFolderAndSelectItems
ord190

shfolder

SHGetFolderPathW

user32

ActivateKeyboardLayout
AdjustWindowRectEx
AppendMenuW
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcW
CharLowerBuffW
CharLowerW
CharNextW
CharUpperBuffW
CharUpperW
CheckMenuItem
ChildWindowFromPoint
ChildWindowFromPointEx
ClientToScreen
ClipCursor
CloseClipboard
CopyIcon
CopyImage
CountClipboardFormats
CreateAcceleratorTableW
CreateCaret
CreateIcon
CreateIconIndirect
CreateMenu
CreatePopupMenu
CreateWindowExW
DefFrameProcW
DefMDIChildProcW
DefWindowProcW
DeleteMenu
DestroyCaret
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageA
DispatchMessageW
DrawCaption
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawTextExW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndMenu
EndPaint
EnumChildWindows
EnumClipboardFormats
EnumDisplayMonitors
EnumThreadWindows
EnumWindows
EqualRect
ExitWindowsEx
FillRect
FindWindowA
FindWindowExW
FindWindowW
FlashWindow
FrameRect
GetActiveWindow
GetAncestor
GetAsyncKeyState
GetCapture
GetCaretPos
GetClassInfoExW
GetClassInfoW
GetClassLongW
GetClassNameW
GetClientRect
GetClipboardData
GetClipboardOwner
GetCursor
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyNameTextW
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardLayoutNameW
GetKeyboardState
GetLastActivePopup
GetMenu
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuItemRect
GetMenuState
GetMenuStringW
GetMessageExtraInfo
GetMessagePos
GetMessageTime
GetMessageW
GetMonitorInfoW
GetParent
GetProcessWindowStation
GetPropW
GetQueueStatus
GetScrollBarInfo
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetUpdateRect
GetUserObjectInformationW
GetWindow
GetWindowDC
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
HideCaret
InflateRect
InsertMenuItemW
InsertMenuW
InvalidateRect
IsCharAlphaNumericW
IsCharAlphaW
IsChild
IsClipboardFormatAvailable
IsDialogMessageA
IsDialogMessageW
IsIconic
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapW
LoadCursorW
LoadIconW
LoadImageW
LoadKeyboardLayoutW
LoadStringW
LockWindowUpdate
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxA
MessageBoxW
MonitorFromPoint
MonitorFromRect
MonitorFromWindow
MoveWindow
MsgWaitForMultipleObjects
MsgWaitForMultipleObjectsEx
NotifyWinEvent
OffsetRect
OpenClipboard
PeekMessageA
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RedrawWindow
RegisterClassExW
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropW
ScreenToClient
ScrollWindow
ScrollWindowEx
SendDlgItemMessageW
SendMessageA
SendMessageTimeoutW
SendMessageW
SendNotifyMessageW
SetActiveWindow
SetCapture
SetCaretPos
SetClassLongW
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetKeyboardState
SetMenu
SetMenuDefaultItem
SetMenuItemInfoW
SetParent
SetPropW
SetRect
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowCaret
ShowCursor
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoW
TrackMouseEvent
TrackPopupMenu
TrackPopupMenuEx
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnregisterClassW
UpdateLayeredWindow
UpdateWindow
ValidateRect
WaitMessage
WinHelpW
WindowFromPoint
wsprintfA

winmm

PlaySoundA
PlaySoundW

ole32

CLSIDFromString
CoCreateGuid
CoCreateInstance
CoDisconnectObject
CoFreeUnusedLibraries
CoGetClassObject
CoInitialize
CoLockObjectExternal
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateBindCtx
CreateStreamOnHGlobal
DoDragDrop
IsAccelerator
IsEqualGUID
OleDraw
OleGetClipboard
OleInitialize
OleRegEnumVerbs
OleSetClipboard
OleSetMenuDescriptor
OleUninitialize
ProgIDFromCLSID
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
StringFromCLSID
StringFromGUID2

oleaut32

CreateErrorInfo
GetActiveObject
GetErrorInfo
SafeArrayCreate
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SetErrorInfo
SysAllocString
SysAllocStringLen
SysFreeString
SysReAllocStringLen
VariantChangeType
VariantClear
VariantCopy
VariantCopyInd
VariantInit

oleacc

AccessibleObjectFromWindow
LresultFromObject

uxtheme

CloseThemeData
DrawThemeBackground
GetThemeColor
GetThemeFont
OpenThemeData

Exports

Exports

@$xp$102System@Generics@Collections@%TList__1$61System@Generics@Collections@%TPair__2$ip18Vcl@Graphics@TFont%%
@$xp$103System@Generics@Defaults@%IComparer__1$61System@Generics@Collections@%TPair__2$ip18Vcl@Graphics@TFont%%
@$xp$103System@Generics@Defaults@%TComparer__1$61System@Generics@Collections@%TPair__2$ip18Vcl@Graphics@TFont%%
@$xp$105System@Generics@Defaults@%TComparison__1$61System@Generics@Collections@%TPair__2$ip18Vcl@Graphics@TFont%%
@$xp$108System@Generics@Collections@%TEnumerable__1$61System@Generics@Collections@%TPair__2$ip18Vcl@Graphics@TFont%%
@$xp$108System@Generics@Collections@%TEnumerator__1$61System@Generics@Collections@%TPair__2$ip18Vcl@Graphics@TFont%%
@$xp$110System@Generics@Collections@%TArrayManager__1$61System@Generics@Collections@%TPair__2$ip18Vcl@Graphics@TFont%%
@$xp$112System@Generics@Defaults@%TDelegatedComparer__1$61System@Generics@Collections@%TPair__2$ip18Vcl@Graphics@TFont%%
@$xp$114System@Generics@Collections@%TList__1$61System@Generics@Collections@%TPair__2$ip18Vcl@Graphics@TFont%%@%arrayofT$%
@$xp$114System@Generics@Collections@%TMoveArrayManager__1$61System@Generics@Collections@%TPair__2$ip18Vcl@Graphics@TFont%%
@$xp$116System@Generics@Collections@%TList__1$61System@Generics@Collections@%TPair__2$ip18Vcl@Graphics@TFont%%@%TEmptyFunc$%
@$xp$117System@Generics@Collections@%TList__1$61System@Generics@Collections@%TPair__2$ip18Vcl@Graphics@TFont%%@%TEnumerator$%
@$xp$119System@Generics@Collections@%@TList__1_Pack$823$ActRec$61System@Generics@Collections@%TPair__2$ip18Vcl@Graphics@TFont%%
@$xp$119System@Generics@Collections@%TCollectionNotifyEvent__1$61System@Generics@Collections@%TPair__2$ip18Vcl@Graphics@TFont%%
@$xp$119System@Generics@Collections@%_TList__1_Pack$823$0$Intf$61System@Generics@Collections@%TPair__2$ip18Vcl@Graphics@TFont%%
@$xp$12TUnixDirView
@$xp$12Tbx@TTBXDock
@$xp$12Tbx@TTBXItem
@$xp$13Tbx@TFontSize
@$xp$13Tbx@TTriState
@$xp$15Tb2dock@TTBDock
@$xp$15Tb2item@TTBItem
@$xp$15Tb2item@TTBView
@$xp$15Tbx@TTBXToolbar
@$xp$16Tb2item@ITBItems
@$xp$16Tbx@TTBXRootItem
@$xp$16Tbxlists@TSBZone
@$xp$16Tbxutils@TShadow
@$xp$17Tb2hook@THookProc
@$xp$17Tbx@TFontSettings
@$xp$17Tbx@TTBXPopupMenu
@$xp$17Tbx@TTBXPopupView
@$xp$17Tbx@TTextWrapping
@$xp$17Tbxutils@TShadows
@$xp$18Tb2anim@Tb2anim__1
@$xp$18Tb2dock@Tb2dock__3
@$xp$18Tb2item@Tb2item__1
@$xp$18Tb2item@Tb2item__8
@$xp$18Tb2item@Tb2item__9
@$xp$18Tbx@TAnimationMode
@$xp$18Tbx@TMenuAnimation
@$xp$18Tbx@TTBXCustomItem
@$xp$18Tbx@TTBXItemViewer
@$xp$18Tbx@TTBXThemeClass
@$xp$19Tb2dock@TTBDockMode
@$xp$19Tb2dock@TTBDockType
@$xp$19Tb2item@TTBItemData
@$xp$19Tb2item@TTBRootItem
@$xp$19Tb2item@Tb2item__01
@$xp$19Tbx@TAnimationModes
@$xp$19Tbx@TDrawImageEvent
@$xp$19Tbx@TTBXChevronItem
@$xp$19Tbx@TTBXPopupWindow
@$xp$19Tbx@TTBXSubmenuItem
@$xp$19Tbx@TTBXToolbarView
@$xp$19Tbx@TTextTruncation
@$xp$19Tbxthemes@TTBXTheme
@$xp$20Tb2acc@ITBAccessible
@$xp$20Tb2item@ETBItemError
@$xp$20Tb2item@TTBGroupItem
@$xp$20Tb2item@TTBImageList
@$xp$20Tb2item@TTBItemStyle
@$xp$20Tb2item@TTBPopupMenu
@$xp$20Tb2item@TTBPopupView
@$xp$20Tb2item@TTBViewClass
@$xp$20Tb2item@TTBViewState
@$xp$20Tb2item@TTBViewStyle
@$xp$20Tbx@TAdjustFontEvent
@$xp$20Tbxutils@THorzShadow
@$xp$20Tbxutils@TVertShadow
@$xp$20Tbxutils@Tbxutils__1
@$xp$21Tb2dock@TTBDockableTo
@$xp$21Tb2dock@TTBShrinkMode
@$xp$21Tb2dock@TTBSizeHandle
@$xp$21Tb2hook@THookProcCode
@$xp$21Tb2item@TTBCustomItem
@$xp$21Tb2item@TTBDoneAction
@$xp$21Tb2item@TTBItemOption
@$xp$21Tb2item@TTBItemViewer
@$xp$21Tb2item@TTBPopupEvent
@$xp$21Tb2toolbar@TTBToolbar
@$xp$21Tbx@TTBXMenuAnimation
@$xp$21Tbx@TTBXSeparatorItem
@$xp$21Tbxlists@TSBIncrement
@$xp$21Tbxthemes@TTBXMargins
@$xp$21Tbxutils@TShadowEdges
@$xp$21Tbxutils@TShadowStyle
@$xp$22Tb2extitems@TEditClass
@$xp$22Tb2hook@THookProcCodes
@$xp$22Tb2item@ITBPopupWindow
@$xp$22Tb2item@TTBControlItem
@$xp$22Tb2item@TTBItemOptions
@$xp$22Tb2item@TTBPopupWindow
@$xp$22Tb2item@TTBSelectEvent
@$xp$22Tb2item@TTBSubmenuItem
@$xp$22Tb2item@TTBViewTimerID
@$xp$22Tbxlists@TTBXScrollBar
@$xp$22Tbxstatusbars@TPercent
@$xp$22Tbxthemes@TTBXEditInfo
@$xp$22Tbxthemes@TTBXItemInfo
@$xp$23Tb2acc@TTBViewAccObject
@$xp$23Tb2dock@TTBDockPosition
@$xp$23Tb2dock@TTBFloatingMode
@$xp$23Tb2extitems@TTBEditItem
@$xp$23Tb2item@TTBModalHandler
@$xp$23Tbxlists@TTBXCustomList
@$xp$23Tbxlists@TTBXStringList
@$xp$23Tbxthemes@TTBXComboPart
@$xp$23Tbxthemes@TTBXHoverKind
@$xp$23Tbxthemes@TTBXPopupInfo
@$xp$23Tbxtoolpals@TTPCalcSize
@$xp$24Tb2item@PTBItemDataArray
@$xp$24Tb2item@TTBBaseAccObject
@$xp$24Tb2item@TTBItemContainer
@$xp$24Tb2item@TTBItemDataArray
@$xp$24Tb2item@TTBRootItemClass
@$xp$24Tb2item@TTBSeparatorItem
@$xp$24Tbx@TTBXItemTransparency
@$xp$24Tbxextitems@TTBXEditItem
@$xp$24Tbxlists@TTBXLPaintEvent
@$xp$24Tbxthemes@TTBXItemLayout
@$xp$24Tbxthemes@TTBXThemeClass
@$xp$24Tbxthemes@TTBXWindowInfo
@$xp$24Tbxtoolpals@TRowColCount
@$xp$24Tbxtoolpals@TTBXColorSet
@$xp$24Tbxtoolpals@TTPCellClick
@$xp$25Tb2acc@TTBCustomAccObject
@$xp$25Tb2dock@TTBDockBoundLines
@$xp$25Tb2extitems@TTBEditAction
@$xp$25Tb2item@PTBDoneActionData
@$xp$25Tb2item@TTBDoneActionData
@$xp$25Tb2item@TTBInsertItemProc
@$xp$25Tb2item@TTBPopupAlignment
@$xp$25Tb2item@_TTBItemViewer@_1
@$xp$25Tb2toolbar@TTBChevronItem
@$xp$25Tb2toolbar@TTBToolbarView
@$xp$25Tbx@TTBXChevronItemViewer
@$xp$25Tbx@TTBXPopupPositionInfo
@$xp$25Tbxextitems@TTBXColorItem
@$xp$25Tbxextitems@TTBXLabelItem
@$xp$25Tbxthemes@TTBXEditBtnInfo
@$xp$25Tbxthemes@TTBXToolbarInfo
@$xp$26Shdocvw_tlb@TCppWebBrowser
@$xp$26Tb2dock@TTBDragHandleStyle
@$xp$26Tb2item@PTBItemViewerArray
@$xp$26Tb2item@TTBCustomImageList
@$xp$26Tb2item@TTBCustomItemClass
@$xp$26Tb2item@TTBImageChangeLink
@$xp$26Tb2item@TTBItemChangedProc
@$xp$26Tb2item@TTBItemDisplayMode
@$xp$26Tb2item@TTBItemViewerArray
@$xp$26Tb2item@TTBItemViewerClass
@$xp$26Tb2item@TTBViewOrientation
@$xp$26Tbx@TTBXChevronPopupWindow
@$xp$26Tbxextitems@TTBXEditChange
@$xp$26Tbxlists@TTBXLMeasureWidth
@$xp$26Tbxofficexptheme@TItemPart
@$xp$26Tbxtoolpals@TTBXToolViewer
@$xp$26Tbxtoolpals@TTPGetCellHint
@$xp$26Tbxtoolpals@Tbxtoolpals__1
@$xp$27Tb2dock@TTBReadPositionData
@$xp$27Tb2dock@TTBRequestDockEvent
@$xp$27Tb2item@TTBPopupPositionRec
@$xp$27Tb2item@TTBPopupWindowClass
@$xp$27Tb2toolbar@TTBCustomToolbar
@$xp$27Tbx@TTBXSeparatorItemViewer
@$xp$27Tbxextitems@TNonNegativeInt
@$xp$27Tbxlists@TSBAutoScrollEvent
@$xp$27Tbxlists@TTBXLMeasureHeight
@$xp$27Tbxstatusbars@TSBAdjustFont
@$xp$27Tbxstatusbars@TSBPanelEvent
@$xp$27Tbxstatusbars@TTBXStatusBar
@$xp$27Tbxthemes@TTBXDockPanelInfo
@$xp$27Tbxtoolpals@TCSGetColorInfo
@$xp$27Tbxtoolpals@TTBXToolPalette
@$xp$28Shdocvw_tlb@TCppShellWindows
@$xp$28Tb2common@TListSortExCompare
@$xp$28Tb2dock@TTBDockChangingEvent
@$xp$28Tb2dock@TTBInsertRemoveEvent
@$xp$28Tb2dock@TTBWritePositionData
@$xp$28Tb2item@TTBItemChangedAction
@$xp$28Tbx@TTBXFloatingWindowParent
@$xp$28Tbxextitems@TTBXComboBoxItem
@$xp$28Tbxextitems@TTBXDropDownItem
@$xp$28Tbxlists@TTBXStringListClass
@$xp$28Tbxtoolpals@TTBXColorPalette
@$xp$28Tbxtoolpals@TTPDrawCellImage
@$xp$29Shdocvw_tlb@TCppShellUIHelper
@$xp$29Tb2acc@TTBItemViewerAccObject
@$xp$29Tb2anim@TTBAnimationDirection
@$xp$29Tb2extitems@TTBBeginEditEvent
@$xp$29Tb2extitems@TTBEditItemOption
@$xp$29Tb2extitems@TTBEditItemViewer
@$xp$29Tbxlists@TTBXCustomListViewer
@$xp$29Tbxstatusbars@TTBXStatusPanel
@$xp$29Tbxtoolpals@TTPGetCellVisible
@$xp$30Tb2dock@TTBPositionReadIntProc
@$xp$30Tb2extitems@TTBAcceptTextEvent
@$xp$30Tb2extitems@TTBEditItemOptions
@$xp$30Tb2item@TTBSeparatorItemViewer
@$xp$30Tb2toolbar@TTBChevronItemClass
@$xp$30Tb2toolbar@TTBToolbarViewClass
@$xp$30Tb2version@TToolbar2000Version
@$xp$30Tbxextitems@TTBXEditItemViewer
@$xp$30Tbxlists@TTBXLAdjustImageIndex
@$xp$30Tbxofficexptheme@TBtnItemState
@$xp$30Tbxofficexptheme@TWinFramePart
@$xp$30Tbxstatusbars@TTBXStatusPanels
@$xp$30Tbxtoolpals@TTBXCustomColorSet
@$xp$31Tb2dock@TTBCustomDockableWindow
@$xp$31Tb2dock@TTBDockBoundLinesValues
@$xp$31Tb2dock@TTBDockableWindowStyles
@$xp$31Tb2dock@TTBFloatingWindowParent
@$xp$31Tb2dock@TTBPositionWriteIntProc
@$xp$31Tb2item@TTBCustomItemActionLink
@$xp$31Tb2toolbar@TTBChevronItemViewer
@$xp$31Tbxextitems@TTBXColorItemViewer
@$xp$31Tbxextitems@TTBXLabelItemViewer
@$xp$31Tbxofficexptheme@TMenuItemState
@$xp$31Tbxofficexptheme@TWinFrameState
@$xp$32Shdocvw_tlb@TCppInternetExplorer
@$xp$32Tbxextitems@TTBXLabelOrientation
@$xp$33Tb2dock@TTBPositionReadStringProc
@$xp$33Tb2dock@TTBToolWindowNCRedrawWhat
@$xp$33Tb2extitems@TTBEditItemActionLink
@$xp$33Tb2extitems@_TTBEditItemViewer@_1
@$xp$33Tbxextitems@TTBXCAdjustImageIndex
@$xp$33Tbxstatusbars@TTBXCustomStatusBar
@$xp$33Tbxtoolpals@TTBXCustomToolPalette
@$xp$34Tb2dock@TTBPositionWriteStringProc
@$xp$34Tb2item@TTBEnterToolbarLoopOptions
@$xp$34Tbxextitems@TTBXComboBoxItemViewer
@$xp$34Tbxextitems@TTBXCustomDropDownItem
@$xp$34Tbxextitems@TTBXDropDownItemViewer
@$xp$34Tbxofficexptheme@TTBXOfficeXPTheme
@$xp$34Tbxstatusbars@TSBAdjustContentRect
@$xp$34Tbxtoolpals@TTBXToolPaletteOptions
@$xp$35Shdocvw_tlb@TInternetExplorerMedium
@$xp$35Tb2common@THandleWMPrintNCPaintProc
@$xp$35Tb2toolbar@TToolbarGetBaseSizeEvent
@$xp$36Shdocvw_tlb@TShellFavoritesNameSpace
@$xp$36Tb2dock@TTBFloatingWindowParentClass
@$xp$36Tb2item@TTBCustomItemActionLinkClass
@$xp$40System@%TArray__1$p18Vcl@Graphics@TFont%
@$xp$40Tb2dock@TTBToolWindowNCRedrawWhatElement
@$xp$40Tb2toolbar@TTBChevronPriorityForNewItems
@$xp$45System@%IEnumerable__1$p18Vcl@Graphics@TFont%
@$xp$45System@%IEnumerator__1$p18Vcl@Graphics@TFont%
@$xp$59System@Generics@Defaults@%THasher__1$p18Vcl@Graphics@TFont%
@$xp$60System@Generics@Collections@%TList__1$p18Vcl@Graphics@TFont%
@$xp$61System@Generics@Collections@%TPair__2$ip18Vcl@Graphics@TFont%
@$xp$61System@Generics@Defaults@%IComparer__1$p18Vcl@Graphics@TFont%
@$xp$61System@Generics@Defaults@%TComparer__1$p18Vcl@Graphics@TFont%
@$xp$63System@Generics@Defaults@%TComparison__1$p18Vcl@Graphics@TFont%
@$xp$66System@Generics@Collections@%TEnumerable__1$p18Vcl@Graphics@TFont%
@$xp$66System@Generics@Collections@%TEnumerator__1$p18Vcl@Graphics@TFont%
@$xp$67System@Generics@Collections@%TDictionary__2$ip18Vcl@Graphics@TFont%
@$xp$68System@Generics@Collections@%TArrayManager__1$p18Vcl@Graphics@TFont%
@$xp$69System@Generics@Defaults@%IEqualityComparer__1$p18Vcl@Graphics@TFont%
@$xp$69System@Generics@Defaults@%TEqualityComparer__1$p18Vcl@Graphics@TFont%
@$xp$70System@Generics@Defaults@%TDelegatedComparer__1$p18Vcl@Graphics@TFont%
@$xp$71System@Generics@Defaults@%TEqualityComparison__1$p18Vcl@Graphics@TFont%
@$xp$72System@Generics@Collections@%TList__1$p18Vcl@Graphics@TFont%@%arrayofT$%
@$xp$72System@Generics@Collections@%TMoveArrayManager__1$p18Vcl@Graphics@TFont%
@$xp$74System@Generics@Collections@%TList__1$p18Vcl@Graphics@TFont%@%TEmptyFunc$%
@$xp$75System@Generics@Collections@%TList__1$p18Vcl@Graphics@TFont%@%TEnumerator$%
@$xp$76System@Generics@Collections@%TDictionary__2$ip18Vcl@Graphics@TFont%@%TItem$%
@$xp$77System@Generics@Collections@%@TList__1_Pack$823$ActRec$p18Vcl@Graphics@TFont%
@$xp$77System@Generics@Collections@%TCollectionNotifyEvent__1$p18Vcl@Graphics@TFont%
@$xp$77System@Generics@Collections@%_TList__1_Pack$823$0$Intf$p18Vcl@Graphics@TFont%
@$xp$78System@Generics@Defaults@%TDelegatedEqualityComparer__1$p18Vcl@Graphics@TFont%
@$xp$81System@Generics@Collections@%TDictionary__2$ip18Vcl@Graphics@TFont%@%TItemArray$%
@$xp$82System@%TArray__1$61System@Generics@Collections@%TPair__2$ip18Vcl@Graphics@TFont%%
@$xp$85System@Generics@Collections@%TDictionary__2$ip18Vcl@Graphics@TFont%@%TKeyCollection$%
@$xp$85System@Generics@Collections@%TDictionary__2$ip18Vcl@Graphics@TFont%@%TKeyEnumerator$%
@$xp$86System@Generics@Collections@%TDictionary__2$ip18Vcl@Graphics@TFont%@%TPairEnumerator$%
@$xp$87System@%IEnumerable__1$61System@Generics@Collections@%TPair__2$ip18Vcl@Graphics@TFont%%
@$xp$87System@%IEnumerator__1$61System@Generics@Collections@%TPair__2$ip18Vcl@Graphics@TFont%%
@$xp$87System@Generics@Collections@%TDictionary__2$ip18Vcl@Graphics@TFont%@%TValueCollection$%
@$xp$87System@Generics@Collections@%TDictionary__2$ip18Vcl@Graphics@TFont%@%TValueEnumerator$%
@@Animations120@Finalize
@@Animations120@Initialize
@@Animations144@Finalize
@@Animations144@Initialize
@@Animations192@Finalize
@@Animations192@Initialize
@@Animations96@Finalize
@@Animations96@Initialize
@@Authenticate@Finalize
@@Authenticate@Initialize
@@Bookmarks@Finalize
@@Bookmarks@Initialize
@@Common@Finalize
@@Common@Initialize
@@Configuration@Finalize
@@Configuration@Initialize
@@Consolerunner@Finalize
@@Consolerunner@Initialize
@@Copy@Finalize
@@Copy@Initialize
@@Copyparamcustom@Finalize
@@Copyparamcustom@Initialize
@@Copyparampreset@Finalize
@@Copyparampreset@Initialize
@@Copyparams@Finalize
@@Copyparams@Initialize
@@Coremain@Finalize
@@Coremain@Initialize
@@Customcommand@Finalize
@@Customcommand@Initialize
@@Customscpexplorer@Finalize
@@Customscpexplorer@Initialize
@@Customwinconfiguration@Finalize
@@Customwinconfiguration@Initialize
@@Editmask@Finalize
@@Editmask@Initialize
@@Editor@Finalize
@@Editor@Initialize
@@Editormanager@Finalize
@@Editormanager@Initialize
@@Editorpreferences@Finalize
@@Editorpreferences@Initialize
@@Exceptions@Finalize
@@Exceptions@Initialize
@@Filebuffer@Finalize
@@Filebuffer@Initialize
@@Filefind@Finalize
@@Filefind@Initialize
@@Fileinfo@Finalize
@@Fileinfo@Initialize
@@Filesystems@Finalize
@@Filesystems@Initialize
@@Filezillaintern@Finalize
@@Filezillaintern@Initialize
@@Filezillaintf@Finalize
@@Filezillaintf@Initialize
@@Ftpfilesystem@Finalize
@@Ftpfilesystem@Initialize
@@Fullsynchronize@Finalize
@@Fullsynchronize@Initialize
@@Generateurl@Finalize
@@Generateurl@Initialize
@@Global@Finalize
@@Global@Initialize
@@Glyphs120@Finalize
@@Glyphs120@Initialize
@@Glyphs144@Finalize
@@Glyphs144@Initialize
@@Glyphs192@Finalize
@@Glyphs192@Initialize
@@Glyphs@Finalize
@@Glyphs@Initialize
@@Guiconfiguration@Finalize
@@Guiconfiguration@Initialize
@@Guitools@Finalize
@@Guitools@Initialize
@@Hierarchicalstorage@Finalize
@@Hierarchicalstorage@Initialize
@@Inputdlg@Finalize
@@Inputdlg@Initialize
@@License@Finalize
@@License@Initialize
@@Namedobjs@Finalize
@@Namedobjs@Initialize
@@Nonvisual@Finalize
@@Nonvisual@Initialize
@@Option@Finalize
@@Option@Initialize
@@Progparams@Finalize
@@Progparams@Initialize
@@Queue@Finalize
@@Queue@Initialize
@@Queuecontroller@Finalize
@@Queuecontroller@Initialize
@@Remotetransfer@Finalize
@@Remotetransfer@Initialize
@@Rights@Finalize
@@Rights@Initialize
@@Rightsext@Finalize
@@Rightsext@Initialize
@@S3filesystem@Finalize
@@S3filesystem@Initialize
@@Scpcommander@Finalize
@@Scpcommander@Initialize
@@Scpexplorer@Finalize
@@Scpexplorer@Initialize
@@Scpfilesystem@Finalize
@@Scpfilesystem@Initialize
@@Script@Finalize
@@Script@Initialize
@@Secureshell@Finalize
@@Secureshell@Initialize
@@Security@Finalize
@@Security@Initialize
@@Selectmask@Finalize
@@Selectmask@Initialize
@@Sessiondata@Finalize
@@Sessiondata@Initialize
@@Sessioninfo@Finalize
@@Sessioninfo@Initialize
@@Sftpfilesystem@Finalize
@@Sftpfilesystem@Initialize
@@Shdocvw_ocx@Finalize
@@Shdocvw_ocx@Initialize
@@Shdocvw_tlb@Finalize
@@Shdocvw_tlb@Initialize
@@Symlink@Finalize
@@Symlink@Initialize
@@Synchronize@Finalize
@@Synchronize@Initialize
@@Synchronizecontroller@Finalize
@@Synchronizecontroller@Initialize
@@Synchronizeprogress@Finalize
@@Synchronizeprogress@Initialize
@@Terminal@Finalize
@@Terminal@Initialize
@@Terminalmanager@Finalize
@@Terminalmanager@Initialize
@@Themepagecontrol@Finalize
@@Themepagecontrol@Initialize
@@Tools@Finalize
@@Tools@Initialize
@@Unixdirview@Finalize
@@Unixdirview@Initialize
@@Unixdriveview@Finalize
@@Unixdriveview@Initialize
@@Usage@Finalize
@@Usage@Initialize
@@Userinterface@Finalize
@@Userinterface@Initialize
@@Vclcommon@Finalize
@@Vclcommon@Initialize
@@Webdavfilesystem@Finalize
@@Webdavfilesystem@Initialize
@@Winconfiguration@Finalize
@@Winconfiguration@Initialize
@@Winhelp@Finalize
@@Winhelp@Initialize
@@Wininterface@Finalize
@@Wininterface@Initialize
@@Winmain@Finalize
@@Winmain@Initialize
@Shdocvw_ocx@Register$qqrv
@Shdocvw_tlb@CLSID_CppCScriptErrorList
@Shdocvw_tlb@CLSID_CppInternetExplorer
@Shdocvw_tlb@CLSID_CppShellBrowserWindow
@Shdocvw_tlb@CLSID_CppShellUIHelper
@Shdocvw_tlb@CLSID_CppShellWindows
@Shdocvw_tlb@CLSID_CppWebBrowser
@Shdocvw_tlb@CLSID_CppWebBrowser_V1
@Shdocvw_tlb@CLSID_InternetExplorerMedium
@Shdocvw_tlb@CLSID_ShellFavoritesNameSpace
@Shdocvw_tlb@DIID_DShellNameSpaceEvents
@Shdocvw_tlb@DIID_DShellWindowsEvents
@Shdocvw_tlb@DIID_DWebBrowserEvents
@Shdocvw_tlb@DIID_DWebBrowserEvents2
@Shdocvw_tlb@IID_IScriptErrorList
@Shdocvw_tlb@IID_IShellFavoritesNameSpace
@Shdocvw_tlb@IID_IShellNameSpace
@Shdocvw_tlb@IID_IShellUIHelper
@Shdocvw_tlb@IID_IShellUIHelper2
@Shdocvw_tlb@IID_IShellUIHelper3
@Shdocvw_tlb@IID_IShellWindows
@Shdocvw_tlb@IID_IWebBrowser
@Shdocvw_tlb@IID_IWebBrowser2
@Shdocvw_tlb@IID_IWebBrowserApp
@Shdocvw_tlb@LIBID_SHDocVw
@Shdocvw_tlb@TCppInternetExplorer@
@Shdocvw_tlb@TCppInternetExplorer@$bctr$qqrp25System@Classes@TComponent
@Shdocvw_tlb@TCppInternetExplorer@BeforeDestruction$qqrv
@Shdocvw_tlb@TCppInternetExplorer@ClientToWindow$qqrpit1
@Shdocvw_tlb@TCppInternetExplorer@Connect$qqrv
@Shdocvw_tlb@TCppInternetExplorer@ConnectTo$qqr69%TComInterface$24Shdocvw_tlb@IWebBrowser2px5_GUID$gIID_IWebBrowser2$%
@Shdocvw_tlb@TCppInternetExplorer@Disconnect$qqrv
@Shdocvw_tlb@TCppInternetExplorer@ExecWB$qqr20Shdocvw_tlb@OLECMDID25Shdocvw_tlb@OLECMDEXECOPTp10tagVARIANTt3
@Shdocvw_tlb@TCppInternetExplorer@GetDefaultInterface$qv
@Shdocvw_tlb@TCppInternetExplorer@GetDunk$qqrv
@Shdocvw_tlb@TCppInternetExplorer@GetProperty$qqrpb
@Shdocvw_tlb@TCppInternetExplorer@GoBack$qqrv
@Shdocvw_tlb@TCppInternetExplorer@GoForward$qqrv
@Shdocvw_tlb@TCppInternetExplorer@GoHome$qqrv
@Shdocvw_tlb@TCppInternetExplorer@GoSearch$qqrv
@Shdocvw_tlb@TCppInternetExplorer@InitServerData$qqrv
@Shdocvw_tlb@TCppInternetExplorer@InvokeEvent$qqrir42System@%DynamicArray$t17System@OleVariant%
@Shdocvw_tlb@TCppInternetExplorer@Navigate$qqrpbp10tagVARIANTt2t2t2
@Shdocvw_tlb@TCppInternetExplorer@Navigate2$qqrp10tagVARIANTt1t1t1t1
@Shdocvw_tlb@TCppInternetExplorer@PutProperty$qqrpb10tagVARIANT
@Shdocvw_tlb@TCppInternetExplorer@QueryStatusWB$qqr20Shdocvw_tlb@OLECMDID
@Shdocvw_tlb@TCppInternetExplorer@Quit$qqrv
@Shdocvw_tlb@TCppInternetExplorer@Refresh$qqrv
@Shdocvw_tlb@TCppInternetExplorer@Refresh2$qqrp10tagVARIANT
@Shdocvw_tlb@TCppInternetExplorer@ShowBrowserBar$qqrp10tagVARIANTt1t1
@Shdocvw_tlb@TCppInternetExplorer@Stop$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_AddressBar$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Application$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Busy$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Container$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_Document$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_FullName$qqrv
@Shdocvw_tlb@TCppInternetExplorer@get_FullScreen$qqrv

Sections

.text
Size: 8.8MB - Virtual size: 8.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.6MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 174KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7.3MB - Virtual size: 7.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 586KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dll/WinSCPnet.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:5d:6a:f1:1b:63:32:70:3e:bf:82:9d:be:76:05:bf
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17-11-2016 00:00

Not After

23-01-2020 12:00

Subject

CN=Martin Prikryl,O=Martin Prikryl,L=Prague,ST=Hlavni mesto Praha,C=CZ

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2014 00:00

Not After

22-10-2024 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2021 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:5d:6a:f1:1b:63:32:70:3e:bf:82:9d:be:76:05:bf
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17-11-2016 00:00

Not After

23-01-2020 12:00

Subject

CN=Martin Prikryl,O=Martin Prikryl,L=Prague,ST=Hlavni mesto Praha,C=CZ

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04-01-2017 00:00

Not After

18-01-2028 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d8:3f:39:88:4e:84:6f:5f:51:1e:50:f2:16:f1:c9:61:50:c2:5e:00:2e:91:96:56:7e:05:01:10:61:fb:d1:d5
Signer

Actual PE Digest

d8:3f:39:88:4e:84:6f:5f:51:1e:50:f2:16:f1:c9:61:50:c2:5e:00:2e:91:96:56:7e:05:01:10:61:fb:d1:d5

Digest Algorithm

sha256

PE Digest Matches

true

93:5f:43:c3:d8:0b:7f:a3:75:ea:eb:e2:41:13:f9:cd:f5:49:f0:84
Signer

Actual PE Digest

93:5f:43:c3:d8:0b:7f:a3:75:ea:eb:e2:41:13:f9:cd:f5:49:f0:84

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\misto\wscpblda\build\dotnet\win32\Release\WinSCPnet.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dll/cl32.dll
.dll regsvr32 windows:5 windows x86 arch:x86

36600284ee7106703504347a91112909

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Work\cryptlib\binaries32_vs10\cl32.pdb

Imports

kernel32

GetFileAttributesA
ReadFile
FlushFileBuffers
CreateDirectoryA
GetLastError
GetFileType
CloseHandle
DeleteFileA
GlobalFree
GetCurrentThreadId
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
VirtualUnlock
VirtualLock
WaitForSingleObject
Sleep
GetSystemDirectoryA
DisableThreadLibraryCalls
LoadLibraryA
GetSystemInfo
GetVersionExA
GetDriveTypeA
MapViewOfFile
UnmapViewOfFile
QueryPerformanceCounter
GetTickCount
GetProcessHeap
GetProcessTimes
GetStartupInfoA
GetProcessWorkingSetSize
DeviceIoControl
GetModuleHandleA
GetCurrentProcessId
GetThreadTimes
OpenFileMappingA
WriteFile
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
GetWindowsDirectoryA
SetFileTime
GetCurrentThread
GetCurrentProcess
SetErrorMode
SetEndOfFile
SetFilePointer
GetFileSize
CreateFileA
GetFullPathNameA
GetProcAddress
FreeLibrary
IsBadReadPtr
GlobalMemoryStatus
IsBadWritePtr

user32

GetProcessWindowStation
GetCapture
GetInputState
GetDesktopWindow
GetCursorPos
GetCaretPos
GetActiveWindow
GetClipboardViewer
GetClipboardOwner
GetMessageTime
GetMessagePos
GetOpenClipboardWindow
MessageBoxA
GetFocus

advapi32

InitializeSecurityDescriptor
InitializeSid
LookupAccountSidA
EqualSid
GetTokenInformation
OpenThreadToken
GetSidSubAuthority
OpenProcessToken
InitializeAcl
SetSecurityDescriptorOwner
AddAccessAllowedAce
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
SetSecurityDescriptorDacl

msvcr100

_lock
_onexit
_except_handler4_common
memcpy
memset
__dllonexit
free
malloc
sprintf_s
toupper
isalnum
isprint
isdigit
_strnicmp
memmove
strncpy_s
_mktime64
_gmtime64_s
strncat_s
isalpha
_stricmp
wcstombs_s
mbstowcs_s
_endthreadex
_beginthreadex
tolower
vsprintf_s
isxdigit
_time64
realloc
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock

Exports

Exports

DllRegisterServer
cryptAddCertExtension
cryptAddPrivateKey
cryptAddPublicKey
cryptAddRandom
cryptCAAddItem
cryptCACertManagement
cryptCADeleteItem
cryptCAGetItem
cryptCheckCert
cryptCheckSignature
cryptCheckSignatureEx
cryptCreateCert
cryptCreateContext
cryptCreateEnvelope
cryptCreateSession
cryptCreateSignature
cryptCreateSignatureEx
cryptDecrypt
cryptDeleteAttribute
cryptDeleteCertExtension
cryptDeleteKey
cryptDestroyCert
cryptDestroyContext
cryptDestroyEnvelope
cryptDestroyObject
cryptDestroySession
cryptDeviceClose
cryptDeviceCreateContext
cryptDeviceOpen
cryptDeviceQueryCapability
cryptEncrypt
cryptEnd
cryptExportCert
cryptExportKey
cryptExportKeyEx
cryptFlushData
cryptGenerateKey
cryptGetAttribute
cryptGetAttributeString
cryptGetCertExtension
cryptGetKey
cryptGetPrivateKey
cryptGetPublicKey
cryptImportCert
cryptImportKey
cryptImportKeyEx
cryptInit
cryptKeysetClose
cryptKeysetOpen
cryptLogin
cryptLogout
cryptPopData
cryptPushData
cryptQueryCapability
cryptQueryObject
cryptSetAttribute
cryptSetAttributeString
cryptSignCert

Sections

.text
Size: 995KB - Virtual size: 995KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dll/sdd_regasm.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\EVREN\Documents\Visual Studio 2012\Projects\SDD_REGASM\sdd_regasm\obj\Debug\sdd_regasm.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 384KB - Virtual size: 383KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
doorbell1.wav
emubasir.pbd
evrak.pbd
fatura.pbd
gundem.pbd
gxps.exe
.exe windows:4 windows x86 arch:x86

30c57c50884b31ccd9b068732d733ff6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragQueryFileA
DragAcceptFiles
DragFinish

gdi32

SetDIBitsToDevice
RealizePalette
SelectPalette
SetBkMode
SetMapMode
DeleteObject
CreateBrushIndirect
GetDeviceCaps
CreatePalette

user32

DispatchMessageA
TranslateMessage
GetMessageA
PostThreadMessageA
wsprintfW
DialogBoxParamA
PostMessageA
EndDialog
SendDlgItemMessageA
LoadIconA
LoadCursorA
RegisterClassA
SetWindowLongA
GetWindowLongA
GetWindowRect
GetParent
BeginPaint
FillRect
EndPaint
VkKeyScanA
GetKeyState
MessageBoxA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
ScrollWindow
DefWindowProcA
SetScrollInfo
IsZoomed
GetClientRect
SendMessageA
BringWindowToTop
KillTimer
IsWindow
IsIconic
SetTimer
GetSysColor
CreateWindowExA
MoveWindow
ShowWindow
CheckMenuItem
InvalidateRect
UpdateWindow
GetSystemMenu
RemoveMenu
AppendMenuA
GetMenuStringA
EnableMenuItem
DestroyWindow
GetDC
ReleaseDC
GetForegroundWindow
SetForegroundWindow

winspool.drv

OpenPrinterW
ClosePrinter
EndDocPrinter
WritePrinter
AbortPrinter
StartDocPrinterA
EnumPrintersA

advapi32

RegQueryValueExW
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExW

kernel32

GetStringTypeW
GetStringTypeA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
WriteConsoleA
GetCurrentDirectoryA
GetFullPathNameA
SetEndOfFile
GetTimeZoneInformation
HeapSize
LoadLibraryW
FlushFileBuffers
RaiseException
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
SetFilePointer
GetStartupInfoA
SetHandleCount
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsDebuggerPresent
TerminateProcess
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetProcessHeap
GetVersionExA
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
WriteFile
FindFirstFileA
GetDriveTypeA
LCMapStringA
SetEnvironmentVariableW
FreeEnvironmentStringsA
GetCurrentProcess
CloseHandle
GetCurrentThread
GetCurrentThreadId
CreateMutexA
WaitForSingleObject
ReleaseMutex
Sleep
SetConsoleOutputCP
GetConsoleOutputCP
GetModuleHandleA
GetPrivateProfileStringA
GetModuleFileNameA
GetSystemTime
GlobalUnlock
GlobalLock
GlobalAlloc
WriteConsoleInputA
GenerateConsoleCtrlEvent
GetStdHandle
lstrlenA
GetLastError
CreateProcessW
DuplicateHandle
CreatePipe
CreateDirectoryA
CreateFileW
GetTempFileNameW
GetTempPathW
GetProfileStringW
GetVersion
GetLocaleInfoA
FindClose
FindNextFileW
FindFirstFileW
MultiByteToWideChar
IsDBCSLeadByte
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CreateSemaphoreA
ReleaseSemaphore
HeapFree
HeapAlloc
ExitThread
ResumeThread
CreateThread
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFileType
GetProcAddress
SetStdHandle
ReadFile
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
DeleteFileA
WriteConsoleW
GetModuleFileNameW
HeapReAlloc
GetSystemTimeAsFileTime
CreateFileA
MoveFileA

Exports

Exports

jxr_create_container
jxr_create_image
jxr_create_input
jxr_destroy
jxr_destroy_container
jxr_flag_SKIP_FLEX_DATA
jxr_flag_SKIP_HP_DATA
jxr_get_ALPHACHANNEL_FLAG
jxr_get_EXTENDED_IMAGE_HEIGHT
jxr_get_EXTENDED_IMAGE_WIDTH
jxr_get_IMAGE_CHANNELS
jxr_get_IMAGE_HEIGHT
jxr_get_IMAGE_WIDTH
jxr_get_OUTPUT_BITDEPTH
jxr_get_OUTPUT_CLR_FMT
jxr_get_TILE_COLUMNS
jxr_get_TILE_HEIGHT
jxr_get_TILE_ROWS
jxr_get_TILE_WIDTH
jxr_get_TILING_FLAG
jxr_get_pixel_format
jxr_get_user_data
jxr_read_image_bitstream
jxr_read_image_container
jxr_set_ALPHA_IMAGE_PLANE_FLAG
jxr_set_BANDS_PRESENT
jxr_set_DISABLE_TILE_OVERLAP
jxr_set_FLOAT
jxr_set_FREQUENCY_MODE_CODESTREAM_FLAG
jxr_set_INDEX_TABLE_PRESENT_FLAG
jxr_set_INTERNAL_CLR_FMT
jxr_set_LEVEL_IDC
jxr_set_LONG_WORD_FLAG
jxr_set_NUM_HOR_TILES_MINUS1
jxr_set_NUM_VER_TILES_MINUS1
jxr_set_OUTPUT_BITDEPTH
jxr_set_OUTPUT_CLR_FMT
jxr_set_OVERLAP_FILTER
jxr_set_PROFILE_IDC
jxr_set_QP_DISTRIBUTED
jxr_set_QP_INDEPENDENT
jxr_set_QP_LOSSLESS
jxr_set_QP_SEPARATE
jxr_set_QP_UNIFORM
jxr_set_SHIFT_BITS
jxr_set_TILE_HEIGHT_IN_MB
jxr_set_TILE_WIDTH_IN_MB
jxr_set_TILING_FLAG
jxr_set_TRIM_FLEXBITS
jxr_set_block_input
jxr_set_block_output
jxr_set_container_parameters
jxr_set_pixel_format
jxr_set_user_data
jxr_test_LEVEL_IDC
jxr_test_LONG_WORD_FLAG
jxr_test_PROFILE_IDC
jxr_write_image_bitstream
jxrc_alpha_band_presence
jxrc_alpha_bytecount
jxrc_alpha_offset
jxrc_artist_name
jxrc_begin_ifd_entry
jxrc_begin_image_data
jxrc_color_space
jxrc_copyright_notice
jxrc_date_time
jxrc_document_name
jxrc_equipment_make
jxrc_equipment_model
jxrc_get_pixel_format
jxrc_height_resolution
jxrc_host_computer
jxrc_image_band_presence
jxrc_image_bytecount
jxrc_image_count
jxrc_image_description
jxrc_image_height
jxrc_image_offset
jxrc_image_pixelformat
jxrc_image_type
jxrc_image_width
jxrc_padding_data
jxrc_page_name
jxrc_page_number
jxrc_profile_level_container
jxrc_ptm_color_info
jxrc_set_image_band_presence
jxrc_set_image_shape
jxrc_set_pixel_format
jxrc_set_separate_alpha_image_plane
jxrc_software_name_version
jxrc_spatial_xfrm_primary
jxrc_start_file
jxrc_width_resolution
jxrc_write_container_post
jxrc_write_container_post_alpha

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
gxpsdll32.dll
.dll windows:4 windows x86 arch:x86

65d0d33be91322f0ad0f7e7c678d1401

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comdlg32

PrintDlgA

gdi32

StretchDIBits
StartPage
DeleteDC
GetDeviceCaps
CreateICA
EndDoc
AbortDoc
ResetDCA
CreateDCA
StartDocA
SetAbortProc
EndPage
SetDIBitsToDevice

user32

CreateDialogParamA
MessageBoxA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
wsprintfW
DispatchMessageA
TranslateMessage
IsDialogMessageA
PeekMessageA
ShowWindow
SetWindowTextA
GetDlgItem
DestroyWindow
PostMessageA

winspool.drv

OpenPrinterW
ClosePrinter
EndDocPrinter
WritePrinter
AbortPrinter
StartDocPrinterA
EndPagePrinter
StartPagePrinter
DeviceCapabilitiesA
DocumentPropertiesA
EnumPrintersA

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize

kernel32

CompareStringW
CompareStringA
SetEnvironmentVariableA
SetEnvironmentVariableW
GetStringTypeW
GetStringTypeA
GetTickCount
SetEndOfFile
GetTimeZoneInformation
GetConsoleOutputCP
WriteConsoleA
HeapSize
LoadLibraryW
FlushFileBuffers
RaiseException
GetExitCodeProcess
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
CreateProcessA
SetFilePointer
GetCurrentDirectoryA
GetFullPathNameW
lstrlenA
GetLastError
CreateProcessW
GetStdHandle
CloseHandle
DuplicateHandle
CreatePipe
GetCurrentProcess
CreateFileW
GetTempFileNameW
GetTempPathW
ReadFile
WriteFile
GetProfileStringW
GetVersion
GetLocaleInfoA
FindClose
FindNextFileW
FindFirstFileW
GetSystemTime
QueryPerformanceCounter
QueryPerformanceFrequency
MultiByteToWideChar
FreeLibrary
CreateEventA
WaitForSingleObject
GetProcAddress
LoadLibraryA
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
ReleaseMutex
InterlockedCompareExchange
CreateMutexA
CreateSemaphoreA
ReleaseSemaphore
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
CreateDirectoryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetSystemDirectoryA
GetModuleHandleA
HeapFree
HeapAlloc
SetStdHandle
GetFileType
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
GetFileInformationByHandle
PeekNamedPipe
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
DeleteFileA
WriteConsoleW
GetModuleFileNameW
HeapReAlloc
ExitThread
ResumeThread
CreateThread
GetCurrentThreadId
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
CreateFileA
MoveFileA
GetDriveTypeA
GetCommandLineA
GetVersionExA
GetProcessHeap
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetModuleFileNameA
TerminateProcess
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetStartupInfoA
Sleep

Exports

Exports

_plapi_delete_instance@4
_plapi_exit@4
_plapi_init_with_args@12
_plapi_new_instance@8
_plapi_run_file@8
_plapi_run_string_begin@4
_plapi_run_string_continue@12
_plapi_run_string_end@4
_plapi_set_display_callback@8
jxr_create_container
jxr_create_image
jxr_create_input
jxr_destroy
jxr_destroy_container
jxr_flag_SKIP_FLEX_DATA
jxr_flag_SKIP_HP_DATA
jxr_get_ALPHACHANNEL_FLAG
jxr_get_EXTENDED_IMAGE_HEIGHT
jxr_get_EXTENDED_IMAGE_WIDTH
jxr_get_IMAGE_CHANNELS
jxr_get_IMAGE_HEIGHT
jxr_get_IMAGE_WIDTH
jxr_get_OUTPUT_BITDEPTH
jxr_get_OUTPUT_CLR_FMT
jxr_get_TILE_COLUMNS
jxr_get_TILE_HEIGHT
jxr_get_TILE_ROWS
jxr_get_TILE_WIDTH
jxr_get_TILING_FLAG
jxr_get_pixel_format
jxr_get_user_data
jxr_read_image_bitstream
jxr_read_image_container
jxr_set_ALPHA_IMAGE_PLANE_FLAG
jxr_set_BANDS_PRESENT
jxr_set_DISABLE_TILE_OVERLAP
jxr_set_FLOAT
jxr_set_FREQUENCY_MODE_CODESTREAM_FLAG
jxr_set_INDEX_TABLE_PRESENT_FLAG
jxr_set_INTERNAL_CLR_FMT
jxr_set_LEVEL_IDC
jxr_set_LONG_WORD_FLAG
jxr_set_NUM_HOR_TILES_MINUS1
jxr_set_NUM_VER_TILES_MINUS1
jxr_set_OUTPUT_BITDEPTH
jxr_set_OUTPUT_CLR_FMT
jxr_set_OVERLAP_FILTER
jxr_set_PROFILE_IDC
jxr_set_QP_DISTRIBUTED
jxr_set_QP_INDEPENDENT
jxr_set_QP_LOSSLESS
jxr_set_QP_SEPARATE
jxr_set_QP_UNIFORM
jxr_set_SHIFT_BITS
jxr_set_TILE_HEIGHT_IN_MB
jxr_set_TILE_WIDTH_IN_MB
jxr_set_TILING_FLAG
jxr_set_TRIM_FLEXBITS
jxr_set_block_input
jxr_set_block_output
jxr_set_container_parameters
jxr_set_pixel_format
jxr_set_user_data
jxr_test_LEVEL_IDC
jxr_test_LONG_WORD_FLAG
jxr_test_PROFILE_IDC
jxr_write_image_bitstream
jxrc_alpha_band_presence
jxrc_alpha_bytecount
jxrc_alpha_offset
jxrc_artist_name
jxrc_begin_ifd_entry
jxrc_begin_image_data
jxrc_color_space
jxrc_copyright_notice
jxrc_date_time
jxrc_document_name
jxrc_equipment_make
jxrc_equipment_model
jxrc_get_pixel_format
jxrc_height_resolution
jxrc_host_computer
jxrc_image_band_presence
jxrc_image_bytecount
jxrc_image_count
jxrc_image_description
jxrc_image_height
jxrc_image_offset
jxrc_image_pixelformat
jxrc_image_type
jxrc_image_width
jxrc_padding_data
jxrc_page_name
jxrc_page_number
jxrc_profile_level_container
jxrc_ptm_color_info
jxrc_set_image_band_presence
jxrc_set_image_shape
jxrc_set_pixel_format
jxrc_set_separate_alpha_image_plane
jxrc_software_name_version
jxrc_spatial_xfrm_primary
jxrc_start_file
jxrc_width_resolution
jxrc_write_container_post
jxrc_write_container_post_alpha

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 620KB - Virtual size: 627KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
gxpswin32.exe
.exe windows:4 windows x86 arch:x86

5ddab959cb9a7d26f416532c3f052315

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gxpsdll32

_plapi_new_instance@8
_plapi_init_with_args@12
_plapi_exit@4
_plapi_set_display_callback@8
_plapi_delete_instance@4

shell32

DragQueryFileA
DragAcceptFiles
DragFinish

gdi32

RealizePalette
GetDeviceCaps
SetMapMode
CreateBrushIndirect
CreatePalette
SetDIBitsToDevice
DeleteObject
SelectPalette
SetBkMode

user32

SetWindowLongA
GetWindowLongA
GetWindowRect
GetParent
BeginPaint
FillRect
EndPaint
VkKeyScanA
GetKeyState
MessageBoxA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
ScrollWindow
DefWindowProcA
SetScrollInfo
IsZoomed
GetClientRect
SendMessageA
BringWindowToTop
KillTimer
RegisterClassA
IsIconic
SetTimer
GetSysColor
CreateWindowExA
MoveWindow
ShowWindow
CheckMenuItem
InvalidateRect
UpdateWindow
GetSystemMenu
RemoveMenu
AppendMenuA
GetMenuStringA
EnableMenuItem
DestroyWindow
GetDC
ReleaseDC
GetForegroundWindow
SetForegroundWindow
PostThreadMessageA
GetMessageA
TranslateMessage
DispatchMessageA
LoadCursorA
LoadIconA
IsWindow

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
WriteConsoleA
GetLocaleInfoA
HeapSize
FlushFileBuffers
IsValidCodePage
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
SetFilePointer
RtlUnwind
InitializeCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetModuleFileNameW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
MultiByteToWideChar
SetStdHandle
GetStartupInfoA
GetFileType
SetHandleCount
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
ReadFile
CreateFileA
GetOEMCP
CloseHandle
GetCurrentThread
GetCurrentThreadId
CreateMutexA
WaitForSingleObject
ReleaseMutex
FreeLibrary
GetProcAddress
LoadLibraryA
Sleep
SetConsoleOutputCP
GetConsoleOutputCP
GetModuleHandleA
GetPrivateProfileStringA
GetModuleFileNameA
GetSystemTime
GlobalUnlock
GlobalLock
GlobalAlloc
WriteConsoleInputA
GenerateConsoleCtrlEvent
GetStdHandle
GetLastError
HeapFree
HeapAlloc
ExitThread
ResumeThread
CreateThread
EnterCriticalSection
LeaveCriticalSection
GetVersionExA
GetProcessHeap
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
VirtualAlloc
HeapReAlloc
ExitProcess
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ihm.pbd
katip.pbd
khk.pbd
kimlik.pbd
kiraci.pbd
kolaylastirici.pbd
komisyon.pbd
magdur.pbd
mali.pbd
muhasebe.pbd
muhasebe_r.pbd
muzaharet.pbd
ortak_d.pbd
ortak_f.pbd
ortak_u.pbd
ortak_w.pbd
pbsoapclient105.pbd
pbsoapclient90.pbd
personel.pbd
sdd_d.pbd
sdd_degisen.pbd
sdd_f.pbd
sdd_inherit.pbd
sdd_m.pbd
sdd_n_cst.pbd
sdd_s.pbd
sdd_security.pbd
sdd_u.pbd
sdd_w.pbd
sddproxy.pbd
sem.pbd
seminer.pbd
sicil.pbd
sicil_r.pbd
sigorta.pbd
staj.pbd
staj_r.pbd
stok.pbd
sydf.pbd
tsk_ek2.pbd
uyecari.pbd
uzlasma.pbd
yardim.pbd
yardim_r.pbd
yardim_yk.pbd
yazisma.pbd
ys.pbd

Sharing

General

Malware Config

Signatures

Files

3abe302b6d9a1256e6a915429af4ffd2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 106KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 17KB - Virtual size: 17KB

610235b90207a63ccf481f0d4375d329

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

274b99a815ba574d8c9e1712916d8b30

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 697B

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 352B

.reloc Size: 512B - Virtual size: 362B

c0d4e5fadc92d88e6603d2d1c1d8421c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 188B

.reloc Size: 512B - Virtual size: 460B

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 14KB - Virtual size: 16KB

BSS Size: - Virtual size: 8KB

BSS Size: 5KB - Virtual size: 8KB

.idata Size: 1024B - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 106KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 17KB - Virtual size: 17KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 697B

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 362B

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 188B

.reloc
Size: 512B - Virtual size: 460B

CODE
Size: 14KB - Virtual size: 16KB

BSS
Size: - Virtual size: 8KB

BSS
Size: 5KB - Virtual size: 8KB

.idata
Size: 1024B - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB

.debug
Size: 14KB - Virtual size: 16KB

.text
Size: 185KB - Virtual size: 184KB

.rdata
Size: 33KB - Virtual size: 32KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 258KB - Virtual size: 258KB

.reloc
Size: 21KB - Virtual size: 20KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 925KB - Virtual size: 924KB

.data
Size: 309KB - Virtual size: 335KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 74KB - Virtual size: 74KB

.text
Size: 32KB - Virtual size: 31KB

.rsrc
Size: 4KB - Virtual size: 840B

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 77KB - Virtual size: 76KB

.rsrc
Size: 1024B - Virtual size: 704B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 556KB - Virtual size: 555KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 12B