cadelspy | c1b56c25ce21330dbe2794692c1d5cc4

Sharing

Copy URL Twitter E-mail

General

Target

c1b56c25ce21330dbe2794692c1d5cc4
Size

28.6MB
MD5

c1b56c25ce21330dbe2794692c1d5cc4
SHA1

dd326b5e82401886a041b98ddaf3ab65a1471bc7
SHA256

53b4bb77726d8f6074d984dbc2a07e2b74bc12fbd2d067515d84941ae13a9cab
SHA512

8e7d80dcd9d635761a077e5e90ad43174a973f4b9000819b294e454afe06f10ed4c2f1fd2a3ea0ed2367948aa736dea46505e30ea368bfc91609637966e4edd3
SSDEEP

196608:cL46+Aw+2R70McD5sGhjEON/2QLOxQv46MZ/:gwL0cGhP2IvTMZ/

Score

10^/10

cadelspy

Malware Config

Signatures

CadelSpy module (Chafer APT) 1 IoCs

resource	yara_rule
sample	family_cadelspy_4

Cadelspy family
cadelspy

Unsigned PE 102 IoCs

Checks for missing Authenticode signature.

resource
unpack001/00000128.dll
unpack001/00005728.dll
unpack001/00008576.dll
unpack001/00013936.dll
unpack001/00019904.dll
unpack001/00024528.dll
unpack001/00026008.dll
unpack001/00026720.dll
unpack001/00029056.dll
unpack001/00031192.dll
unpack001/00031400.dll
unpack001/00031592.dll
unpack001/00031840.dll
unpack001/00042984.dll
unpack001/00050760.dll
unpack001/00056096.dll
unpack001/00057504.dll
unpack001/00058272.dll
unpack001/00059664.dll
unpack001/00063288.dll
unpack001/00063824.dll
unpack001/00066216.dll
unpack001/00068952.dll
unpack001/00075624.dll
unpack001/00077312.dll
unpack001/00081112.dll
unpack001/00083224.dll
unpack001/00084800.dll
unpack001/00085984.dll
unpack001/00086232.dll
unpack001/00089600.dll
unpack001/00092320.dll
unpack001/00094808.dll
unpack001/00095872.dll
unpack001/00096592.dll
unpack001/00102264.dll
unpack001/00107656.dll
unpack001/00108688.dll
unpack001/00112520.dll
unpack001/00113808.dll
unpack001/00115200.dll
unpack001/00118024.dll
unpack001/00118992.dll
unpack001/00122376.dll
unpack001/00124128.dll
unpack001/00125320.dll
unpack001/00127448.dll
unpack001/00128712.dll
unpack001/00129560.dll
unpack001/00129960.dll
unpack001/00130184.dll
unpack001/00132888.dll
unpack001/00137232.dll
unpack001/00138992.dll
unpack001/00141312.dll
unpack001/00144488.dll
unpack001/00146176.dll
unpack001/00146704.dll
unpack001/00147168.dll
unpack001/00148624.dll
unpack001/00150376.dll
unpack001/00151648.dll
unpack001/00152424.dll
unpack001/00157160.dll
unpack001/00159152.dll
unpack001/00161984.dll
unpack001/00166832.dll
unpack001/00168256.dll
unpack001/00169216.dll
unpack001/00170888.dll
unpack001/00172032.dll
unpack001/00174120.dll
unpack001/00175288.dll
unpack001/00177680.dll
unpack001/00179008.dll
unpack001/00179376.dll
unpack001/00183768.dll
unpack001/00184152.dll
unpack001/00184400.dll
unpack001/00185424.dll
unpack001/00189832.dll
unpack001/00190280.dll
unpack001/00197560.dll
unpack001/00197768.dll
unpack001/00198048.dll
unpack001/00198360.dll
unpack001/00199832.dll
unpack001/00200744.dll
unpack001/00203192.dll
unpack001/00204448.dll
unpack001/00204968.dll
unpack001/00207272.dll
unpack001/00207400.dll
unpack001/00209968.dll
unpack001/00214736.dll
unpack001/00218064.dll
unpack001/00218960.dll
unpack001/00240720.dll
unpack001/00245136.dll
unpack001/00252472.dll
unpack001/00254128.dll
unpack001/00260112.dll

Files

c1b56c25ce21330dbe2794692c1d5cc4
.tar
00000128.dll
.dll windows:5 windows x86 arch:x86

11b27065c8dcd63aed72a600840a6984

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntoskrnl.exe

WRITE_REGISTER_USHORT
READ_REGISTER_UCHAR
WRITE_REGISTER_UCHAR
HalPrivateDispatchTable
MmMapIoSpace
WRITE_REGISTER_ULONG
MmUnmapIoSpace

hal

WRITE_PORT_UCHAR
WRITE_PORT_USHORT
WRITE_PORT_BUFFER_USHORT
READ_PORT_USHORT
HalInitSystem
READ_PORT_UCHAR

Exports

Exports

VidBitBlt
VidBufferToScreenBlt
VidCleanUp
VidDisplayString
VidDisplayStringXY
VidInitialize
VidResetDisplay
VidScreenToBufferBlt
VidSetScrollRegion
VidSetTextColor
VidSolidColorFill

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 384B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 512B - Virtual size: 418B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 384B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00005728.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00008576.dll
.dll windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 396KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00013936.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

halaacpi.pdb

Exports

Exports

ExAcquireFastMutex
ExReleaseFastMutex
ExTryToAcquireFastMutex
HalAcquireDisplayOwnership
HalAdjustResourceList
HalAllProcessorsStarted
HalAllocateAdapterChannel
HalAllocateCommonBuffer
HalAllocateCrashDumpRegisters
HalAssignSlotResources
HalBeginSystemInterrupt
HalCalibratePerformanceCounter
HalClearSoftwareInterrupt
HalDisableSystemInterrupt
HalDisplayString
HalEnableSystemInterrupt
HalEndSystemInterrupt
HalFlushCommonBuffer
HalFreeCommonBuffer
HalGetAdapter
HalGetBusData
HalGetBusDataByOffset
HalGetEnvironmentVariable
HalGetInterruptVector
HalHandleNMI
HalInitSystem
HalInitializeProcessor
HalMakeBeep
HalProcessorIdle
HalQueryDisplayParameters
HalQueryRealTimeClock
HalReadDmaCounter
HalReportResourceUsage
HalRequestIpi
HalRequestSoftwareInterrupt
HalReturnToFirmware
HalSetBusData
HalSetBusDataByOffset
HalSetDisplayParameters
HalSetEnvironmentVariable
HalSetProfileInterval
HalSetRealTimeClock
HalSetTimeIncrement
HalStartNextProcessor
HalStartProfileInterrupt
HalStopProfileInterrupt
HalSystemVectorDispatchEntry
HalTranslateBusAddress
IoAssignDriveLetters
IoFlushAdapterBuffers
IoFreeAdapterChannel
IoFreeMapRegisters
IoMapTransfer
IoReadPartitionTable
IoSetPartitionInformation
IoWritePartitionTable
KdComPortInUse
KeAcquireInStackQueuedSpinLock
KeAcquireInStackQueuedSpinLockRaiseToSynch
KeAcquireQueuedSpinLock
KeAcquireQueuedSpinLockRaiseToSynch
KeAcquireSpinLock
KeAcquireSpinLockRaiseToSynch
KeFlushWriteBuffer
KeGetCurrentIrql
KeLowerIrql
KeQueryPerformanceCounter
KeRaiseIrql
KeRaiseIrqlToDpcLevel
KeRaiseIrqlToSynchLevel
KeReleaseInStackQueuedSpinLock
KeReleaseQueuedSpinLock
KeReleaseSpinLock
KeStallExecutionProcessor
KeTryToAcquireQueuedSpinLock
KeTryToAcquireQueuedSpinLockRaiseToSynch
KfAcquireSpinLock
KfLowerIrql
KfRaiseIrql
KfReleaseSpinLock
READ_PORT_BUFFER_UCHAR
READ_PORT_BUFFER_ULONG
READ_PORT_BUFFER_USHORT
READ_PORT_UCHAR
READ_PORT_ULONG
READ_PORT_USHORT
WRITE_PORT_BUFFER_UCHAR
WRITE_PORT_BUFFER_ULONG
WRITE_PORT_BUFFER_USHORT
WRITE_PORT_UCHAR
WRITE_PORT_ULONG
WRITE_PORT_USHORT

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INITCONS
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGELK
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGELK16
Size: 256B - Virtual size: 134B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGE
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGEKD
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00019904.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00024528.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00026008.dll
.dll regsvr32 windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00026720.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 760KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00029056.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00031192.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00031400.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

WahCloseApcHelper
WahCloseHandleHelper
WahCloseNotificationHandleHelper
WahCloseSocketHandle
WahCloseThread
WahCompleteRequest
WahCreateHandleContextTable
WahCreateNotificationHandle
WahCreateSocketHandle
WahDestroyHandleContextTable
WahDisableNonIFSHandleSupport
WahEnableNonIFSHandleSupport
WahEnumerateHandleContexts
WahInsertHandleContext
WahNotifyAllProcesses
WahOpenApcHelper
WahOpenCurrentThread
WahOpenHandleHelper
WahOpenNotificationHandleHelper
WahQueueUserApc
WahReferenceContextByHandle
WahRemoveHandleContext
WahWaitForNotification

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00031592.dll
.dll regsvr32 windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00031840.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00042984.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGEMSG
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00050760.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 519KB - Virtual size: 518KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00056096.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00057504.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00058272.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 318KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 297KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00059664.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00063288.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

CloseDriver
DefDriverProc
DriverCallback
DrvGetModuleHandle
GetDrive��U��S�]�V3��W�C|$�Q��B�4�
�V3��W�C|$�Q��B�4�
��B�4�
�J�@��@��@�u�;�s��+֍�$
�+֍�$
��3��Cl|&�V��B�<�
�Cl|&�V��B�<�
B�<�
�J�@��@��@�u�;�s��+׍�$
+׍�$
��Ɂ�4
��M��t��]v �E�΋��_^[]�
��]v �E�΋��_^[]�
�΋��_^[]�
��̋�U��S��VWhKMIXj<j�Ӌu��>tBhKMIXh�
̋�U��S��VWhKMIXj<j�Ӌu��>tBhKMIXh�
VWhKMIXj<j�Ӌu��>tBhKMIXh�
��>tBhKMIXh�
�
��Ӌ��8��t�f
t�f
]�
�
��̋�U��QV�uW3�;�tw�;�S��tWP�Ӊ>��4�E�
;�S��tWP�Ӊ>��4�E�
�3��;�tWP�Ӊ>�F�;ǉ~�tWP�Ӊ~؋~Ѕ�t��tj
�~؋~Ѕ�t��tj
��F�
��H�E�u��Ej
j
��U��E�@
�@�
��̋�U��
��̋�U��
��
��
D�,vt�M��U�E�D�,�M��U�|�4
�D�,�M��U�|�4
j
R��hKMIX�E��M�T��E�L��Qj��U��M�D�4�U��E�|�4
M�T��E�L��Qj��U��M�D�4�U��E�|�4
Qj��U��M�D�4�U��E�|�4
U��M�D�4�U��E�|�4
M��U�D�,
�E�x8
�y4
�H4�U�D�(�E̋M�Q�U��E�H�MċU�B �E؋M؋U܍��EȋM؋U��E��M��ىMԋU܉U�� E؃��E؃}�
MċU�B �E؋M؋U܍��EȋM؋U��E��M��ىMԋU܉U�� E؃��E؃}�
܍��EȋM؋U��E��M��ىMԋU܉U�� E؃��E؃}�
E��M��ىMԋU܉U�� E؃��E؃}�
E؃��E؃}�
�U��E��H��U��J�E��M��P;s�E��M��Q�P�E��H��U��E��M��U��U�뢋E�H�M؋U؋E̍��MЋU؋Eč��MċU��ډU��Ẽ��E�� M؃��M؃}�
�J�E��M��P;s�E��M��Q�P�E��H��U��E��M��U��U�뢋E�H�M؋U؋E̍��MЋU؋Eč��MċU��ډU��Ẽ��E�� M؃��M؃}�
Q�P�E��H��U��E��M��U��U�뢋E�H�M؋U؋E̍��MЋU؋Eč��MċU��ډU��Ẽ��E�� M؃��M؃}�
�E��M��U��U�뢋E�H�M؋U؋E̍��MЋU؋Eč��MċU��ډU��Ẽ��E�� M؃��M؃}�
�뢋E�H�M؋U؋E̍��MЋU؋Eč��MċU��ډU��Ẽ��E�� M؃��M؃}�
�E̍��MЋU؋Eč��MċU��ډU��Ẽ��E�� M؃��M؃}�
��MċU��ډU��Ẽ��E�� M؃��M؃}�
��E�� M؃��M؃}�
؃}�
�E��M��Q��E��P�M��U��A;s�M��U��B�A�M��Q��E��M��U��E��E�뢋M�U��E�M�U��E�E��
�E��P�M��U��A;s�M��U��B�A�M��Q��E��M��U��E��E�뢋M�U��E�M�U��E�E��
;s�M��U��B�A�M��Q��E��M��U��E��E�뢋M�U��E�M�U��E�E��
�M��Q��E��M��U��E��E�뢋M�U��E�M�U��E�E��
M��U��E��E�뢋M�U��E�M�U��E�E��
�M�U��E�M�U��E�E��
��E�E��
��=��+��]ԅۍ |��t� /��M��ލ F��ى]��]��ލ ��ى]��u܋}̋]��U��O�M��,��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��t� /��M��ލ F��ى]��]��ލ ��ى]��u܋}̋]��U��O�M��,��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��ލ F��ى]��]��ލ ��ى]��u܋}̋]��U��O�M��,��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��]��ލ ��ى]��u܋}̋]��U��O�M��,��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��ى]��u܋}̋]��U��O�M��,��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
}̋]��U��O�M��,��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��,��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
�J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
�J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��A��J��A��J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
J��A��J��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��A��J��A��J��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��A��J��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��UЋ]�e��M��U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
�U��,��U��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��e��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
�J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
�J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
�J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
�A��J��A��J��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��A��J��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��A��J��A��J��A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
�A��J��A��J��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��U��@�K��u܉}̋M��ىM�� U؃��U؃}�
��u܉}̋M��ىM�� U؃��U؃}�
�U؃��U؃}�
�E؋M܋T��U��E�H�M��U��B�M��U��B��M��A�U��E��J;Hv�U��E��J릋U��ډU�� E؃��E؃}�
�E�H�M��U��B�M��U��B��M��A�U��E��J;Hv�U��E��J릋U��ډU�� E؃��E؃}�
U��B�M��U��B��M��A�U��E��J;Hv�U��E��J릋U��ډU�� E؃��E؃}�
A�U��E��J;Hv�U��E��J릋U��ډU�� E؃��E؃}�
v�U��E��J릋U��ډU�� E؃��E؃}�
U��ډU�� E؃��E؃}�
��E؃}�
M؋Ű��E��M�Q�U��E��H�U��E��H��U��J�E��M��P;Qv�E��M��P��
�Q�U��E��H�U��E��H��U��J�E��M��P;Qv�E��M��P��
�U��E��H��U��J�E��M��P;Qv�E��M��P��
��U��J�E��M��P;Qv�E��M��P��
��M��P;Qv�E��M��P��
v�E��M��P��
�
�E��E��M�;M��
�M�;M��
�U��E��M��U�B�E��M��Q�E��M��Q��E��P�M��U��A;Bv�M��U��A�E�
E��M��Q�E��M��Q��E��P�M��U��A;Bv�M��U��A�E�
��E��P�M��U��A;Bv�M��U��A�E�
M��U��A;Bv�M��U��A�E�
v�M��U��A�E�
��A�E�
�M�Q�U��E�
��E��M�U�;Qs[�E�H�M��U��B��M��A�U��E��J;s�U��E��H�J�U��B��M��U��U��E��E��E��]��M��M�둋U�B�E��M�y
[�E�H�M��U��B��M��A�U��E��J;s�U��E��H�J�U��B��M��U��U��E��E��E��]��M��M�둋U�B�E��M�y
B��M��A�U��E��J;s�U��E��H�J�U��B��M��U��U��E��E��E��]��M��M�둋U�B�E��M�y
U��E��J;s�U��E��H�J�U��B��M��U��U��E��E��E��]��M��M�둋U�B�E��M�y
�J�U��B��M��U��U��E��E��E��]��M��M�둋U�B�E��M�y
��E��E��E��]��M��M�둋U�B�E��M�y
E��]��M��M�둋U�B�E��M�y
�B�E��M�y
��
� �U��U��E�M�;H s[�U�B�E��M��Q��E��P�M��U��A;s�M��U��B�A�M��Q��E��M��M��U��E�� m��]��E��E�둋M�Q��|��|��H�U��|��H��|��J��|��|��P;Qv��|��|��P�E��M�U��(��_^[��]�
�M�;H s[�U�B�E��M��Q��E��P�M��U��A;s�M��U��B�A�M��Q��E��M��M��U��E�� m��]��E��E�둋M�Q��|��|��H�U��|��H��|��J��|��|��P;Qv��|��|��P�E��M�U��(��_^[��]�
�E��M��Q��E��P�M��U��A;s�M��U��B�A�M��Q��E��M��M��U��E�� m��]��E��E�둋M�Q��|��|��H�U��|��H��|��J��|��|��P;Qv��|��|��P�E��M�U��(��_^[��]�
E��P�M��U��A;s�M��U��B�A�M��Q��E��M��M��U��E�� m��]��E��E�둋M�Q��|��|��H�U��|��H��|��J��|��|��P;Qv��|��|��P�E��M�U��(��_^[��]�
s�M��U��B�A�M��Q��E��M��M��U��E�� m��]��E��E�둋M�Q��|��|��H�U��|��H��|��J��|��|��P;Qv��|��|��P�E��M�U��(��_^[��]�
�M��Q��E��M��M��U��E�� m��]��E��E�둋M�Q��|��|��H�U��|��H��|��J��|��|��P;Qv��|��|��P�E��M�U��(��_^[��]�
M��U��E�� m��]��E��E�둋M�Q��|��|��H�U��|��H��|��J��|��|��P;Qv��|��|��P�E��M�U��(��_^[��]�
��E�둋M�Q��|��|��H�U��|��H��|��J��|��|��P;Qv��|��|��P�E��M�U��(��_^[��]�
�Q��|��|��H�U��|��H��|��J��|��|��P;Qv��|��|��P�E��M�U��(��_^[��]�
��H�U��|��H��|��J��|��|��P;Qv��|��|��P�E��M�U��(��_^[��]�
��H��|��J��|��|��P;Qv��|��|��P�E��M�U��(��_^[��]�
��|��|��P;Qv��|��|��P�E��M�U��(��_^[��]�
��P;Qv��|��|��P�E��M�U��(��_^[��]�
��P�E��M�U��(��_^[��]�
��(��_^[��]�
��̋�U��E�U�MS�\��ۉ��
�MS�\��ۉ��
��
�t��}��}��
��
�
��
��y��;y�yv�9�y�^��L��y��;y�yv�9�y��L��y��;y�yv�9�y�^�L��y��;y�yv�9�y�M�^��I�Mu��M;�s;�}��k�񍼷�
�yv�9�y�^��L��y��;y�yv�9�y��L��y��;y�yv�9�y�^�L��y��;y�yv�9�y�M�^��I�Mu��M;�s;�}��k�񍼷�
^��L��y��;y�yv�9�y��L��y��;y�yv�9�y�^�L��y��;y�yv�9�y�M�^��I�Mu��M;�s;�}��k�񍼷�
��;y�yv�9�y��L��y��;y�yv�9�y�^�L��y��;y�yv�9�y�M�^��I�Mu��M;�s;�}��k�񍼷�
�y��;y�yv�9�y�^�L��y��;y�yv�9�y�M�^��I�Mu��M;�s;�}��k�񍼷�
9�y�^�L��y��;y�yv�9�y�M�^��I�Mu��M;�s;�}��k�񍼷�
��;y�yv�9�y�M�^��I�Mu��M;�s;�}��k�񍼷�
�M�^��I�Mu��M;�s;�}��k�񍼷�
�s;�}��k�񍼷�
ٍ�$
q�qv�1�q��Ku�_^[]�
��Ku�_^[]�
��̋�U��Q�ES�]V�
V�
VWPS��s$�L��ɋEt;�vc�L��tj
�Et;�vc�L��tj
j
hKMIX��
�E��D�
��v�E��
��t�D��M��|V�u�D��|��M��
|V�u�D��|��M��
��M��
�
_^[��]�
[��]�
��]�
��̋�U��ES�]V�uW�}jj
S�]V�uW�}jj

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00063824.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 456KB - Virtual size: 455KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00066216.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00068952.dll
.dll windows:5 windows x86 arch:x86

6c8408bb5d7d5a5b75b9314f94e68763

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

COMRes.pdb

Imports

kernel32

DisableThreadLibraryCalls

Exports

Exports

COMResModuleInstance

Sections

.text
Size: 512B - Virtual size: 322B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 771KB - Virtual size: 771KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00075624.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00077312.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00081112.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_DLL

Sections

.text
Size: 498KB - Virtual size: 498KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 437KB - Virtual size: 437KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00083224.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 217KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00084800.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00085984.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00086232.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00089600.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 542KB - Virtual size: 542KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00092320.dll
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00094808.dll
.dll regsvr32 windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00095872.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 1024B - Virtual size: 869B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00096592.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00102264.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 490KB - Virtual size: 489KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00107656.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00108688.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00112520.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

NPAddConnection
NPAddConnection3
NPCancelConnection
NPCloseEnum
NPEnumResource
NPGetCaps
NPGetConnection
NPGetResourceInformation
NPGetResourceParent
NPGetUniversalName
NPOpenEnum

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00113808.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00115200.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 534KB - Virtual size: 533KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 430KB - Virtual size: 430KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00118024.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00118992.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00122376.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 445KB - Virtual size: 445KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00124128.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 307KB - Virtual size: 307KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00125320.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 420KB - Virtual size: 419KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 292KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00127448.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 378KB - Virtual size: 378KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00128712.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00129560.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

usbport.pdb

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 768B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 256B - Virtual size: 139B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGECONS
Size: 128B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00129960.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 929B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 384B - Virtual size: 369B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00130184.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

portcls.pdb

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00132888.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 107B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00137232.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 490KB - Virtual size: 489KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00138992.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 158B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00141312.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 228KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00144488.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 504KB - Virtual size: 504KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00146176.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00146704.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

mspatcha.pdb

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00147168.dll
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00148624.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW
VerLanguageNameA
VerLanguageNameW
VerQueryValueA
VerQueryValueIndexA
VerQueryValueIndexW
VerQueryValueW

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 764B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00150376.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00151648.dll
.dll .ps1 windows:5 windows x86 arch:x86 polyglot

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00152424.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00157160.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllMain
I_SystemFocusDialog
IsDfsPathEx
NPAddConnection
NPAddConnection3
NPAddConnection3ForCSCAgent
NPCancelConnection
NPCancelConnectionForCSCAgent
NPCloseEnum
NPDirectoryNotify
NPEnumResource
NPFormatNetworkName
NPGetCaps
NPGetConnection
NPGetConnection3
NPGetConnectionPerformance
NPGetDirectoryType
NPGetPropertyText
NPGetReconnectFlags
NPGetResourceInformation
NPGetResourceParent
NPGetUniversalName
NPGetUser
NPOpenEnum
NPPropertyDialog
ServerBrowseDialogA0
ShareAsDialogA0
ShareCreate
ShareManage
ShareStop
StopShareDialogA0

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00159152.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00161984.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00166832.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 611KB - Virtual size: 611KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00168256.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00169216.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 296KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00170888.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00172032.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 624KB - Virtual size: 624KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00174120.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00175288.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

wtsapi32.pdb

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00177680.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 541KB - Virtual size: 540KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00179008.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00179376.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

ChooseColorA
ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
GetFileTitleW
GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA
GetSaveFileNameW
LoadAlterBitmap
PageSetupDlgA
PageSetupDlgW
PrintDlgA
PrintDlgExA
PrintDlgExW
PrintDlgW
ReplaceTextA
ReplaceTextW
Ssync_ANSI_UNICODE_Struct_For_WOW
WantArrows
dwLBSubclass
dwOKSubclass

Sections

.text
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00183768.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00184152.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BatMeterCapabilities
CreateBatMeter
DestroyBatMeter
PowerCapabilities
UpdateBatMeter

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00184400.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00185424.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 576KB - Virtual size: 575KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 424KB - Virtual size: 423KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00189832.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00190280.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00197560.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

AcceptSecurityContext
AcquireCredentialsHandleA
AcquireCredentialsHandleW
AddCredentialsA
AddCredentialsW
AddSecurityPackageA
AddSecurityPackageW
ApplyControlToken
CompleteAuthToken
CredMarshalTargetInfo
CredUnmarshalTargetInfo
DecryptMessage
DeleteSecurityContext
DeleteSecurityPackageA
DeleteSecurityPackageW
EncryptMessage
EnumerateSecurityPackagesA
EnumerateSecurityPackagesW
ExportSecurityContext
FreeContextBuffer
FreeCredentialsHandle
GetComputerObjectNameA
GetComputerObjectNameW
GetSecurityUserInfo
GetUserNameExA
GetUserNameExW
ImpersonateSecurityContext
ImportSecurityContextA
ImportSecurityContextW
InitSecurityInterfaceA
InitSecurityInterfaceW
InitializeSecurityContextA
InitializeSecurityContextW
LsaCallAuthenticationPackage
LsaConnectUntrusted
LsaDeregisterLogonProcess
LsaEnumerateLogonSessions
LsaFreeReturnBuffer
LsaGetLogonSessionData
LsaLogonUser
LsaLookupAuthenticationPackage
LsaRegisterLogonProcess
LsaRegisterPolicyChangeNotification
LsaUnregisterPolicyChangeNotification
MakeSignature
QueryContextAttributesA
QueryContextAttributesW
QueryCredentialsAttributesA
QueryCredentialsAttributesW
QuerySecurityContextToken
QuerySecurityPackageInfoA
QuerySecurityPackageInfoW
RevertSecurityContext
SaslAcceptSecurityContext
SaslEnumerateProfilesA
SaslEnumerateProfilesW
SaslGetProfilePackageA
SaslGetProfilePackageW
SaslIdentifyPackageA
SaslIdentifyPackageW
SaslInitializeSecurityContextA
SaslInitializeSecurityContextW
SealMessage
SecCacheSspiPackages
SecDeleteUserModeContext
SecGetLocaleSpecificEncryptionRules
SecInitUserModeContext
SecpFreeMemory
SecpTranslateName
SecpTranslateNameEx
SetContextAttributesA
SetContextAttributesW
TranslateNameA
TranslateNameW
UnsealMessage
VerifySignature

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00197768.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00198048.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BreakConnections
CSCBeginSynchronizationW
CSCCheckShareOnlineA
CSCCheckShareOnlineExW
CSCCheckShareOnlineW
CSCCopyReplicaA
CSCCopyReplicaW
CSCDeleteA
CSCDeleteW
CSCDoEnableDisable
CSCDoLocalRenameA
CSCDoLocalRenameExW
CSCDoLocalRenameW
CSCEncryptDecryptDatabase
CSCEndSynchronizationW
CSCEnumForStatsA
CSCEnumForStatsExA
CSCEnumForStatsExW
CSCEnumForStatsW
CSCFillSparseFilesA
CSCFillSparseFilesW
CSCFindClose
CSCFindFirstFileA
CSCFindFirstFileForSidA
CSCFindFirstFileForSidW
CSCFindFirstFileW
CSCFindNextFileA
CSCFindNextFileW
CSCFreeSpace
CSCGetSpaceUsageA
CSCGetSpaceUsageW
CSCIsCSCEnabled
CSCIsServerOfflineA
CSCIsServerO

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGE
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00198360.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00199832.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

WSHAddressToString
WSHEnumProtocols
WSHGetBroadcastSockaddr
WSHGetProviderGuid
WSHGetSockaddrType
WSHGetSocketInformation
WSHGetWSAProtocolInfo
WSHGetWildcardSockaddr
WSHGetWinsockMapping
WSHIoctl
WSHJoinLeaf
WSHNotify
WSHOpenSocket
WSHOpenSocket2
WSHSetSocketInformation
WSHStringToAddress

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00200744.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00203192.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 378KB - Virtual size: 378KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00204448.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00204968.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00207272.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00207400.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00209968.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 379KB - Virtual size: 379KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00214736.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

ADVANCEDSETUPDIALOG
AbortPrinter
AddFormA
AddFormW
AddJob��Fv�Fv1�FvV-Dvm-Dv�-Dv�-Dv�-Dv�-Dv�-Dv
Fv�Fv1�FvV-Dvm-Dv�-Dv�-Dv�-Dv�-Dv�-Dv
FvV-Dvm-Dv�-Dv�-Dv�-Dv�-Dv�-Dv
Dv�-Dv�-Dv�-Dv�-Dv
Dv�-Dv
v/Dv�.Dv�.Dv�.Dv�.Dv�.Dvh.DvN.Dv4.Dv.Dv.-Dv
Dv�.Dv�.Dv�.Dvh.DvN.Dv4.Dv.Dv.-Dv
.Dvh.DvN.Dv4.Dv.Dv.-Dv
Dv4.Dv.Dv.-Dv
�Fv$�Fv��FvR�Fv
i�Fv
Fv
I�Fv
�Fv��FvǏFv��Fv��FvޏFv
Fv
]�FvՔ@v
Fv?�FvV�Fvm�Fv��Fv��Fv��FvՑFv��Fv��Fv
Fv��FvՑFv��Fv��Fv
v�Fv��Fv��Fv��FvےFv��Fv)�FvC�Fv�Fv]�Fv
��FvےFv��Fv)�FvC�Fv�Fv]�Fv
��Fv�Fv�Fv#�Fv2�FvP�FvA�Fv��Fv�Fv$�Fv0�Fv<�FvH�FvT�Fv`�Fvl�Fvx�Fv��Fv��Fv��Fv��Fv��FvϔFvޔFv��Fv��Fv�Fv��Fv~�Fv3�FvB�FvQ�Fv`�Fvo�Fv
P�FvA�Fv��Fv�Fv$�Fv0�Fv<�FvH�FvT�Fv`�Fvl�Fvx�Fv��Fv��Fv��Fv��Fv��FvϔFvޔFv��Fv��Fv�Fv��Fv~�Fv3�FvB�FvQ�Fv`�Fvo�Fv
�Fv$�Fv0�Fv<�FvH�FvT�Fv`�Fvl�Fvx�Fv��Fv��Fv��Fv��Fv��FvϔFvޔFv��Fv��Fv�Fv��Fv~�Fv3�FvB�FvQ�Fv`�Fvo�Fv
Fv`�Fvl�Fvx�Fv��Fv��Fv��Fv��Fv��FvϔFvޔFv��Fv��Fv�Fv��Fv~�Fv3�FvB�FvQ�Fv`�Fvo�Fv
Fv��Fv��Fv��Fv��FvϔFvޔFv��Fv��Fv�Fv��Fv~�Fv3�FvB�FvQ�Fv`�Fvo�Fv
�FvϔFvޔFv��Fv��Fv�Fv��Fv~�Fv3�FvB�FvQ�Fv`�Fvo�Fv
��Fv�Fv��Fv~�Fv3�FvB�FvQ�Fv`�Fvo�Fv
B�FvQ�Fv`�Fvo�Fv
v
@vtG@v�<@v5D@v��
��
��
vtG@v�<@v5D@v��L>@vD@vtG@v�<@v5D@v
��L>@vD@vtG@v�<@v5D@v
��L>@vD@vtG@v�<@v5D@v
v
5D@v��=@v�B@vtG@v�<@v5D@v��>@v�B@vtG@v�<@v5D@v��h>@v�B@vtG@v�<@v5D@v��>@vx'@vtG@v�<@v5D@v��=@v�B@vtG@v�<@v5D@v��@@vP*@vtG@v�<@v5D@v��
=@v�B@vtG@v�<@v5D@v��>@v�B@vtG@v�<@v5D@v��h>@v�B@vtG@v�<@v5D@v��>@vx'@vtG@v�<@v5D@v��=@v�B@vtG@v�<@v5D@v��@@vP*@vtG@v�<@v5D@v��
��>@v�B@vtG@v�<@v5D@v��h>@v�B@vtG@v�<@v5D@v��>@vx'@vtG@v�<@v5D@v��=@v�B@vtG@v�<@v5D@v��@@vP*@vtG@v�<@v5D@v��
v5D@v��h>@v�B@vtG@v�<@v5D@v��>@vx'@vtG@v�<@v5D@v��=@v�B@vtG@v�<@v5D@v��@@vP*@vtG@v�<@v5D@v��
�B@vtG@v�<@v5D@v��>@vx'@vtG@v�<@v5D@v��=@v�B@vtG@v�<@v5D@v��@@vP*@vtG@v�<@v5D@v��
��>@vx'@vtG@v�<@v5D@v��=@v�B@vtG@v�<@v5D@v��@@vP*@vtG@v�<@v5D@v��
@v�<@v5D@v��=@v�B@vtG@v�<@v5D@v��@@vP*@vtG@v�<@v5D@v��
�=@v�B@vtG@v�<@v5D@v��@@vP*@vtG@v�<@v5D@v��
@v5D@v��@@vP*@vtG@v�<@v5D@v��
@vP*@vtG@v�<@v5D@v��
��
A@vtG@v�<@v5D@v��>@v�B@vtG@v�<@v5D@v��
>@v�B@vtG@v�<@v5D@v��
�<@v5D@v��
��
��
v�<@v5D@v��
Gvl-@v�-@v�lGv.@vt.@v�&@v�aGv�.@v$/@v '@v|/@v�'@v�'@vX(@v�/@v�(@v,0@v()@v�0@v�)@v�)@v�lGv`*@v�0@v41@v�*@v�lGv0+@v�+@v(mGv`mGv�mGv
.@vt.@v�&@v�aGv�.@v$/@v '@v|/@v�'@v�'@vX(@v�/@v�(@v,0@v()@v�0@v�)@v�)@v�lGv`*@v�0@v41@v�*@v�lGv0+@v�+@v(mGv`mGv�mGv
�aGv�.@v$/@v '@v|/@v�'@v�'@vX(@v�/@v�(@v,0@v()@v�0@v�)@v�)@v�lGv`*@v�0@v41@v�*@v�lGv0+@v�+@v(mGv`mGv�mGv
v '@v|/@v�'@v�'@vX(@v�/@v�(@v,0@v()@v�0@v�)@v�)@v�lGv`*@v�0@v41@v�*@v�lGv0+@v�+@v(mGv`mGv�mGv
'@v�'@vX(@v�/@v�(@v,0@v()@v�0@v�)@v�)@v�lGv`*@v�0@v41@v�*@v�lGv0+@v�+@v(mGv`mGv�mGv
v�/@v�(@v,0@v()@v�0@v�)@v�)@v�lGv`*@v�0@v41@v�*@v�lGv0+@v�+@v(mGv`mGv�mGv
)@v�0@v�)@v�)@v�lGv`*@v�0@v41@v�*@v�lGv0+@v�+@v(mGv`mGv�mGv
v�lGv`*@v�0@v41@v�*@v�lGv0+@v�+@v(mGv`mGv�mGv
@v41@v�*@v�lGv0+@v�+@v(mGv`mGv�mGv
lGv0+@v�+@v(mGv`mGv�mGv
@v�mGvnGv
Av98@vbeAv
6Av�!@vK2Av98@v�eAv
1Av98@v$jAv
6AvP!@vm2Av98@v�eAv
2Av98@v�eAv
v98@v�eAv
v98@v%fAv
@v
v`@v�2Av98@v_�@v
_�@v
Av98@vsfAv
6Av�$@v�1Av98@v}m@v
6Av
�hGv�cGv�dGv
v`dGv�hGv
Gv�iGv�iGv�iGv$dGv�iGvlcGv�bGvHdGv jGvDjGvxjGv�jGv�jGvkGvTkGv�kGv�kGv�kGv
�iGvlcGv�bGvHdGv jGvDjGvxjGv�jGv�jGvkGvTkGv�kGv�kGv�kGv
HdGv jGvDjGvxjGv�jGv�jGvkGvTkGv�kGv�kGv�kGv
v�jGvkGvTkGv�kGv�kGv�kGv
v�kGv�kGv
�<@v5D@v
tG@v�<@v5D@v
tG@v�<@v5D@v��
��
G@v�<@v5D@v�� ?@vH(@vtG@v�<@v5D@v��<?@v�(@vtG@v�<@v5D@v��
vH(@vtG@v�<@v5D@v��<?@v�(@vtG@v�<@v5D@v��
��<?@v�(@vtG@v�<@v5D@v��
v�<@v5D@v��
��
B@vtG@v�<@v5D@v��t?@v)@vtG@v�<@v5D@v��?@v�,@vtG@v�<@v5D@v��?@v�)@vtG@v�<@v5D@v��?@v D@vtG@v�<@v5D@v��?@v�)@vtG@v�<@v5D@v��
v��t?@v)@vtG@v�<@v5D@v��?@v�,@vtG@v�<@v5D@v��?@v�)@vtG@v�<@v5D@v��?@v D@vtG@v�<@v5D@v��?@v�)@vtG@v�<@v5D@v��
v)@vtG@v�<@v5D@v��?@v�,@vtG@v�<@v5D@v��?@v�)@vtG@v�<@v5D@v��?@v D@vtG@v�<@v5D@v��?@v�)@vtG@v�<@v5D@v��
v5D@v��?@v�,@vtG@v�<@v5D@v��?@v�)@vtG@v�<@v5D@v��?@v D@vtG@v�<@v5D@v��?@v�)@vtG@v�<@v5D@v��
G@v�<@v5D@v��?@v�)@vtG@v�<@v5D@v��?@v D@vtG@v�<@v5D@v��?@v�)@vtG@v�<@v5D@v��
�?@v�)@vtG@v�<@v5D@v��?@v D@vtG@v�<@v5D@v��?@v�)@vtG@v�<@v5D@v��
v��?@v D@vtG@v�<@v5D@v��?@v�)@vtG@v�<@v5D@v��
D@vtG@v�<@v5D@v��?@v�)@vtG@v�<@v5D@v��
<@v5D@v��?@v�)@vtG@v�<@v5D@v��
��?@v�)@vtG@v�<@v5D@v��
)@vtG@v�<@v5D@v��
@v5D@v��
��
�
v�<@v5D@v
��
v�<@v5D@v��@@vB@vtG@v�<@v5D@v
��@@vB@vtG@v�<@v5D@v
@@v�+@vtG@v�<@v5D@v��@@v�+@vtG@v�<@v5D@v��A@v�A@vtG@v�<@v5D@v
@v5D@v��@@v�+@vtG@v�<@v5D@v��A@v�A@vtG@v�<@v5D@v
��@@v�+@vtG@v�<@v5D@v��A@v�A@vtG@v�<@v5D@v
tG@v�<@v5D@v��A@v�A@vtG@v�<@v5D@v
��A@v�A@vtG@v�<@v5D@v
@vtG@v�<@v5D@v
��

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00218064.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.orpc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00218960.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 860KB - Virtual size: 859KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 547KB - Virtual size: 546KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00240720.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00245136.dll
.dll windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\build\ob\bora-194976\bora-vmsoft\build\release\svga\2k\i386\vmx_fb\win2k\i386\vmx_fb.pdb

Sections

.text
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00252472.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

InstallNTDSProvider
NSPStartup
RemoveNTDSProvider

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00254128.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 211KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

FE_TEXT
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
00260112.dll
.dll windows:5 windows x86 arch:x86

11b27065c8dcd63aed72a600840a6984

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntoskrnl.exe

WRITE_REGISTER_USHORT
READ_REGISTER_UCHAR
WRITE_REGISTER_UCHAR
HalPrivateDispatchTable
MmMapIoSpace
WRITE_REGISTER_ULONG
MmUnmapIoSpace

hal

WRITE_PORT_UCHAR
WRITE_PORT_USHORT
WRITE_PORT_BUFFER_USHORT
READ_PORT_USHORT
HalInitSystem
READ_PORT_UCHAR

Exports

Exports

VidBitBlt
VidBufferToScreenBlt
VidCleanUp
VidDisplayString
VidDisplayStringXY
VidInitialize
VidResetDisplay
VidScreenToBufferBlt
VidSetScrollRegion
VidSetTextColor
VidSolidColorFill

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 384B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 512B - Virtual size: 418B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 384B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11b27065c8dcd63aed72a600840a6984

Headers

File Characteristics

Imports

ntoskrnl.exe

hal

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 3KB - Virtual size: 3KB

.edata Size: 384B - Virtual size: 344B

INIT Size: 512B - Virtual size: 418B

.rsrc Size: 1024B - Virtual size: 984B

.reloc Size: 384B - Virtual size: 364B

Headers

File Characteristics

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.orpc Size: 24KB - Virtual size: 23KB

.data Size: 25KB - Virtual size: 26KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 52KB - Virtual size: 52KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 396KB - Virtual size: 393KB

.rdata Size: 172KB - Virtual size: 171KB

.data Size: 20KB - Virtual size: 26KB

.rsrc Size: 4KB - Virtual size: 976B

.reloc Size: 16KB - Virtual size: 13KB

Headers

File Characteristics

PDB Paths

Exports

Exports

Sections

.text Size: 34KB - Virtual size: 34KB

.data Size: 41KB - Virtual size: 41KB

INITCONS Size: 512B - Virtual size: 512B

PAGELK Size: 12KB - Virtual size: 12KB

PAGELK16 Size: 256B - Virtual size: 134B

PAGE Size: 11KB - Virtual size: 11KB

PAGEKD Size: 4KB - Virtual size: 4KB

.edata Size: 3KB - Virtual size: 2KB

INIT Size: 14KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 66KB - Virtual size: 65KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 1016B

.reloc Size: 3KB - Virtual size: 2KB

Headers

File Characteristics

Sections

.text Size: 154KB - Virtual size: 153KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 69KB - Virtual size: 69KB

.reloc Size: 17KB - Virtual size: 16KB

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

.text Size: 70KB - Virtual size: 69KB

.orpc Size: 7KB - Virtual size: 7KB

.data Size: 9KB - Virtual size: 9KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 10KB - Virtual size: 9KB

Headers

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 3KB - Virtual size: 3KB

.edata
Size: 384B - Virtual size: 344B

INIT
Size: 512B - Virtual size: 418B

.rsrc
Size: 1024B - Virtual size: 984B

.reloc
Size: 384B - Virtual size: 364B

.text
Size: 1.1MB - Virtual size: 1.1MB

.orpc
Size: 24KB - Virtual size: 23KB

.data
Size: 25KB - Virtual size: 26KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 52KB - Virtual size: 52KB

.text
Size: 396KB - Virtual size: 393KB

.rdata
Size: 172KB - Virtual size: 171KB

.data
Size: 20KB - Virtual size: 26KB

.rsrc
Size: 4KB - Virtual size: 976B

.reloc
Size: 16KB - Virtual size: 13KB

.text
Size: 34KB - Virtual size: 34KB

.data
Size: 41KB - Virtual size: 41KB

INITCONS
Size: 512B - Virtual size: 512B

PAGELK
Size: 12KB - Virtual size: 12KB

PAGELK16
Size: 256B - Virtual size: 134B

PAGE
Size: 11KB - Virtual size: 11KB

PAGEKD
Size: 4KB - Virtual size: 4KB

.edata
Size: 3KB - Virtual size: 2KB

INIT
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 66KB - Virtual size: 65KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 154KB - Virtual size: 153KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 69KB - Virtual size: 69KB

.reloc
Size: 17KB - Virtual size: 16KB

.text
Size: 70KB - Virtual size: 69KB

.orpc
Size: 7KB - Virtual size: 7KB

.data
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 10KB - Virtual size: 9KB

.text
Size: 512B - Virtual size: 120B

.rsrc
Size: 760KB - Virtual size: 760KB

.reloc
Size: 512B - Virtual size: 24B

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 560B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 584B

.text
Size: 28KB - Virtual size: 27KB

.data
Size: 512B - Virtual size: 908B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 15KB

.data
Size: 512B - Virtual size: 236B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 804B

.text
Size: 30KB - Virtual size: 30KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 84KB - Virtual size: 84KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 215KB - Virtual size: 214KB

.data
Size: 9KB - Virtual size: 18KB

.rsrc
Size: 79KB - Virtual size: 79KB

.reloc
Size: 25KB - Virtual size: 24KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 6KB - Virtual size: 6KB

PAGE
Size: 20KB - Virtual size: 19KB

PAGEMSG
Size: 42KB - Virtual size: 42KB

.edata
Size: 1KB - Virtual size: 1KB

INIT
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB