Upload_20240311-130634[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Upload_20240311-130634.zip
Size

24.8MB
MD5

9d2c907ca5f7b8281fc986ff323e63d8
SHA1

e8d6909ee1579f1defe1410a77025736192db16a
SHA256

2776c052d11f52501871c4cb5a051a1970f002c3f099969040945fb94a158d9a
SHA512

fa13ea696c02042d1e37e6ac022eedc80578d1b406e093e613d4483d7fa1f163f33b731a8775e90f6abce24f9940ac310bffa17695751b6782a7b06392b5a221
SSDEEP

786432:v+VfZuLE2Rl1izt3PtWeeGrSEJ2y5n5zQ51lpl:v0fZSjRuR1TeASCn85X

Score

5^/10

pdf

Malware Config

Signatures

Malformed data in PDF
A PDF can contain malformed data to evade detection
pdf

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
unpack001/p2wcom.dll
unpack001/pdc32.dll
unpack001/ter22.dll
unpack001/txml2.dll
unpack001/wpcc.dll
unpack001/wps32.dll
unpack001/wrs6.dll

Files

Upload_20240311-130634.zip
.zip
OneDriveStandalone.exe
.exe windows:5 windows x86 arch:x86

1845765d627445c8cb8cdcfbe2807dda

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

57:7c:e5:9e:d9:bb:9a:4a:5c:69:36:13:2f:67:45:8f
Certificate

Issuer

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Not Before

11/09/2023, 00:00

Not After

10/09/2026, 23:59

Subject

SERIALNUMBER=HRB 24085,CN=ASCOMP Software GmbH,O=ASCOMP Software GmbH,ST=Baden-Württemberg,C=DE,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024445

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

23:a1:8f:55:21:5b:dd:80:69:d0:76:9e:50:36:13:7e:ae:41:94:fa:3f:ce:df:e6:3f:fa:71:f7:95:e1:ab:28
Signer

Actual PE Digest

23:a1:8f:55:21:5b:dd:80:69:d0:76:9e:50:36:13:7e:ae:41:94:fa:3f:ce:df:e6:3f:fa:71:f7:95:e1:ab:28

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
GetErrorInfo
GetActiveObject
VariantInit
SysFreeString
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopyInd
VariantCopy
VariantClear
VariantInit
VariantChangeTypeEx
VariantClear
SysFreeString

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
SetSecurityDescriptorDacl
RegUnLoadKeyW
RegSetValueExA
RegSetValueExW
RegSetValueW
RegSaveKeyW
RegRestoreKeyW
RegReplaceKeyW
RegQueryValueExA
RegQueryValueExW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegOpenKeyExA
RegOpenKeyExW
RegLoadKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyA
RegEnumKeyExW
RegDeleteValueA
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExA
RegCreateKeyExW
RegConnectRegistryW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
InitializeSecurityDescriptor
GetUserNameA
GetUserNameW
GetTokenInformation
FreeSid
AllocateAndInitializeSid
AdjustTokenPrivileges
CryptGetHashParam
CryptHashData
CryptDestroyHash
CryptCreateHash
CryptReleaseContext
CryptAcquireContextW

user32

LoadStringW
MessageBoxA
CharNextW
CreateWindowExA
CreateWindowExW
wvsprintfA
WindowFromPoint
WaitMessage
ValidateRect
UpdateWindow
UnregisterClassA
UnregisterClassW
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
TabbedTextOutW
SystemParametersInfoW
ShowWindow
ShowScrollBar
ShowOwnedPopups
ShowCaret
SetWindowRgn
SetWindowsHookExW
SetWindowTextA
SetWindowTextW
SetWindowPos
SetWindowPlacement
SetWindowLongA
SetWindowLongW
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRectEmpty
SetRect
SetPropW
SetParent
SetMenuItemInfoW
SetMenu
SetKeyboardState
SetForegroundWindow
SetFocus
SetCursorPos
SetCursor
SetClipboardData
SetClassLongW
SetCaretPos
SetCapture
SetActiveWindow
SendMessageTimeoutA
SendMessageA
SendMessageW
ScrollWindowEx
ScrollWindow
ScreenToClient
RemovePropW
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassA
RegisterClassW
RedrawWindow
PtInRect
PostThreadMessageA
PostThreadMessageW
PostQuitMessage
PostMessageA
PostMessageW
PeekMessageA
PeekMessageW
OpenClipboard
OffsetRect
NotifyWinEvent
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
MessageBoxA
MessageBoxW
MessageBeep
MapWindowPoints
MapVirtualKeyW
LoadStringW
LoadKeyboardLayoutW
LoadImageA
LoadImageW
LoadIconW
LoadCursorW
LoadBitmapW
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageA
IsDialogMessageW
IsClipboardFormatAvailable
IsChild
IsCharAlphaNumericW
IsCharAlphaW
InvalidateRect
InsertMenuItemW
InsertMenuW
InflateRect
HideCaret
GetWindowThreadProcessId
GetWindowTextLengthW
GetWindowTextA
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindowLongA
GetWindowLongW
GetWindowDC
GetTopWindow
GetTabbedTextExtentW
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropW
GetParent
GetWindow
GetMessageTime
GetMessagePos
GetMessageExtraInfo
GetMessageA
GetMessageW
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextW
GetIconInfo
GetForegroundWindow
GetFocus
GetDoubleClickTime
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardData
GetClientRect
GetClassNameA
GetClassNameW
GetClassLongW
GetClassInfoW
GetCaretPos
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowExW
FindWindowA
FindWindowW
FillRect
ExitWindowsEx
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EnumChildWindows
EndPaint
EndMenu
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextExW
DrawTextA
DrawTextW
DrawStateW
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageA
DispatchMessageW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DestroyCaret
DeleteMenu
DefWindowProcA
DefWindowProcW
DefMDIChildProcW
DefFrameProcW
CreatePopupMenu
CreateMenu
CreateIcon
CreateCaret
CreateAcceleratorTableW
CountClipboardFormats
CopyIcon
CloseClipboard
ClientToScreen
ChildWindowFromPoint
CheckMenuItem
CharUpperBuffW
CharUpperW
CharNextW
CharLowerBuffW
CharLowerW
CallWindowProcA
CallWindowProcW
CallNextHookEx
BringWindowToTop
BeginPaint
AttachThreadInput
AdjustWindowRectEx
ActivateKeyboardLayout
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromPoint
MonitorFromRect
MonitorFromWindow

kernel32

lstrcmpiA
LoadLibraryA
LocalFree
LocalAlloc
Sleep
VirtualFree
VirtualAlloc
SwitchToThread
GetACP
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
IsValidLocale
GetSystemDefaultUILanguage
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetUserDefaultUILanguage
GetLocaleInfoW
GetLastError
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
ExitThread
CreateThread
CompareStringW
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CreateFileW
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleW
lstrlenW
lstrcmpiW
lstrcmpA
lstrcmpW
WritePrivateProfileStringW
WriteFile
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQueryEx
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
UnmapViewOfFile
TryEnterCriticalSection
TerminateThread
TerminateProcess
SystemTimeToFileTime
SwitchToThread
SuspendThread
Sleep
SizeofResource
SetUnhandledExceptionFilter
SetThreadPriority
SetThreadLocale
SetLastError
SetFilePointer
SetFileAttributesA
SetFileAttributesW
SetEvent
SetErrorMode
SetEndOfFile
ResumeThread
ResetEvent
RemoveDirectoryA
RemoveDirectoryW
ReleaseMutex
ReadProcessMemory
ReadFile
RaiseException
QueryPerformanceFrequency
QueryPerformanceCounter
IsDebuggerPresent
OpenProcess
OpenFileMappingA
OpenFileMappingW
MultiByteToWideChar
MulDiv
MoveFileW
MapViewOfFile
LockResource
LocalSize
LocalFree
LocalFileTimeToFileTime
LocalAlloc
LoadResource
LoadLibraryExA
LoadLibraryA
LoadLibraryW
LeaveCriticalSection
IsValidLocale
IsBadReadPtr
InitializeCriticalSection
GlobalUnlock
GlobalSize
GlobalMemoryStatus
GlobalLock
GlobalFree
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetWindowsDirectoryA
GetWindowsDirectoryW
GetVersionExA
GetVersionExW
GetVersion
GetTimeZoneInformation
GetTickCount
GetThreadPriority
GetThreadLocale
GetThreadContext
GetTempPathA
GetTempPathW
GetTempFileNameW
GetSystemTimeAsFileTime
GetSystemTime
GetSystemDirectoryW
GetSystemDefaultLangID
GetStdHandle
GetProcAddress
GetPrivateProfileStringW
GetPriorityClass
GetModuleHandleA
GetModuleHandleW
GetModuleFileNameA
GetModuleFileNameW
GetLocaleInfoA
GetLocaleInfoW
GetLocalTime
GetLastError
GetFullPathNameW
GetFileTime
GetFileSize
GetFileAttributesA
GetFileAttributesW
GetExitCodeThread
GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryA
GetCurrentDirectoryW
GetComputerNameA
GetComputerNameW
GetCommandLineA
GetCommandLineW
GetCPInfoExW
GetCPInfo
GetACP
FreeResource
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
FreeLibrary
FormatMessageA
FormatMessageW
FlushInstructionCache
FlushFileBuffers
FindResourceA
FindResourceW
FindNextFileA
FindNextFileW
FindFirstFileA
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
ExitThread
ExitProcess
EnumSystemLocalesW
EnumCalendarInfoW
EnterCriticalSection
DuplicateHandle
DeleteFileA
DeleteFileW
DeleteCriticalSection
CreateThread
CreateProcessA
CreateProcessW
CreatePipe
CreateMutexA
CreateMutexW
CreateFileMappingA
CreateFileMappingW
CreateFileA
CreateFileW
CreateEventA
CreateEventW
CreateDirectoryA
CreateDirectoryW
CopyFileA
CopyFileW
CompareStringA
CompareStringW
CloseHandle
Beep
RtlUnwind
Sleep
MulDiv

msimg32

AlphaBlend

gdi32

UnrealizeObject
TextOutA
TextOutW
StrokePath
StrokeAndFillPath
StretchDIBits
StretchBlt
StartPage
StartDocA
StartDocW
SetWindowOrgEx
SetWindowExtEx
SetWinMetaFileBits
SetViewportOrgEx
SetViewportExtEx
SetTextColor
SetTextAlign
SetStretchBltMode
SetROP2
SetPixel
SetPaletteEntries
SetMapMode
SetICMMode
SetEnhMetaFileBits
SetDIBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SetAbortProc
SelectPalette
SelectObject
SelectClipRgn
SaveDC
RoundRect
RestoreDC
ResizePalette
RemoveFontResourceW
Rectangle
RectVisible
RealizePalette
Polyline
Polygon
PolyPolyline
PolyBezierTo
PolyBezier
PlayEnhMetaFile
Pie
PatBlt
MoveToEx
MaskBlt
LineTo
IntersectClipRect
GetWindowOrgEx
GetWinMetaFileBits
GetViewportOrgEx
GetTextMetricsA
GetTextMetricsW
GetTextFaceA
GetTextFaceW
GetTextExtentPointW
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextColor
GetTextAlign
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetOutlineTextMetricsA
GetOutlineTextMetricsW
GetObjectW
GetNearestPaletteIndex
GetNearestColor
GetMapMode
GetKerningPairs
GetGlyphOutlineW
GetGlyphIndicesA
GetGlyphIndicesW
GetFontLanguageInfo
GetFontData
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileDescriptionW
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetCurrentPositionEx
GetClipBox
GetCharWidthW
GetCharWidth32W
GetBrushOrgEx
GetBkColor
GetBitmapBits
GdiFlush
FrameRgn
FillPath
ExtTextOutW
ExtFloodFill
ExtEscape
ExtCreatePen
ExcludeClipRect
EnumFontsW
EnumFontFamiliesExA
EnumFontFamiliesExW
EnumEnhMetaFile
EndPath
EndPage
EndDoc
Ellipse
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreateScalableFontResourceW
CreateRectRgnIndirect
CreateRectRgn
CreatePenIndirect
CreatePen
CreatePalette
CreateICW
CreateHalftonePalette
CreateFontIndirectW
CreateFontA
CreateFontW
CreateEnhMetaFileW
CreateDIBitmap
CreateDIBSection
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileW
CombineTransform
CombineRgn
CloseFigure
CloseEnhMetaFile
Chord
BitBlt
BeginPath
ArcTo
Arc
AngleArc
AddFontResourceW
AbortDoc

version

VerQueryValueA
VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoA
GetFileVersionInfoW

ole32

CreateStreamOnHGlobal
OleUninitialize
OleInitialize
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
StringFromGUID2
CLSIDFromProgID
ProgIDFromCLSID
CLSIDFromString
StringFromCLSID
CoCreateInstance
CoUninitialize
CoInitialize
IsEqualGUID
OleUninitialize
OleInitialize
CoTaskMemFree
CLSIDFromProgID
CLSIDFromString
StringFromCLSID
CoCreateInstance
CoRevokeClassObject
CoRegisterClassObject
IsEqualGUID
CoCreateGuid

comctl32

InitializeFlatSB
FlatSB_SetScrollProp
FlatSB_SetScrollPos
FlatSB_SetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
_TrackMouseEvent
ImageList_GetImageInfo
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Copy
ImageList_LoadImageW
ImageList_GetIcon
ImageList_Remove
ImageList_DrawEx
ImageList_Replace
ImageList_Draw
ImageList_SetOverlayImage
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
InitCommonControls

shell32

ShellExecuteExA
ShellExecuteA
ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc

wininet

InternetGetConnectedState
InternetReadFile
InternetOpenA
InternetConnectA
InternetCloseHandle
HttpSendRequestW
HttpQueryInfoW
HttpOpenRequestA

comdlg32

PrintDlgW
GetSaveFileNameA
GetSaveFileNameW
GetOpenFileNameW

wsock32

WSACleanup
WSAStartup
WSAGetLastError
gethostbyname
socket
setsockopt
sendto
send
select
recvfrom
recv
ioctlsocket
inet_addr
htons
connect
closesocket
bind

winspool.drv

SetJobA
OpenPrinterA
OpenPrinterW
GetJobA
EnumPrintersW
DocumentPropertiesW
DeviceCapabilitiesA
DeviceCapabilitiesW
ClosePrinter
GetDefaultPrinterW
GetDefaultPrinterW

winmm

timeSetEvent
timeKillEvent
timeGetTime
sndPlaySoundW
PlaySoundW

crypt32

CryptSignMessage
CertGetCertificateContextProperty
CertFreeCertificateContext
CertEnumCertificatesInStore
CertCloseStore
PFXImportCertStore
PFXIsPFXBlob

fontsub

CreateFontPackage

oleacc

LresultFromObject

gdiplus

GdiplusShutdown
GdiplusStartup

wps32

WpsSetBoolProp
WpsSetNumProp
WpsSetTextProp
WpsSetLicenseInfo
WpsConvertFile
WpsSetFlags
WpsEndSession
WpsNewSession

Exports

Exports

madTraceProcess

Sections

.text
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 34KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 78B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 604B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ar.ini
bg.ini
de.ini
de.pdf
.pdf
en.ini
en.pdf
.pdf
es.ini
fr.ini
gr.ini
hu.ini
it.ini
ko.ini
nl.ini
p2wcom.dll
.dll regsvr32 windows:5 windows x86 arch:x86

ba25d4161b1a852b3ebee45b99adb732

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadResource
FindResourceExA
EnterCriticalSection
LeaveCriticalSection
SetThreadLocale
GetThreadLocale
GetProcAddress
GetModuleHandleW
FreeLibrary
LoadLibraryExA
GetCurrentDirectoryA
GetFullPathNameA
GetFileAttributesA
FindFirstFileA
FindClose
FindNextFileA
LoadLibraryA
GetLocalTime
Sleep
lstrcpyA
GetVersionExA
LockResource
CreateFileA
GetTempFileNameA
GetTempPathA
FormatMessageA
WaitForSingleObject
CreateFileW
CreateProcessA
GetExitCodeProcess
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
IsValidLocale
SizeofResource
FindResourceA
DeleteCriticalSection
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
MultiByteToWideChar
RaiseException
DeleteFileA
lstrcmpiA
IsDBCSLeadByte
GetLastError
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
lstrlenA
CloseHandle
lstrlenW
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
SetStdHandle
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetEndOfFile
FlushFileBuffers
SetFilePointer
ReadFile
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
GetModuleFileNameW
GetStartupInfoA
SetHandleCount
IsValidCodePage
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
IsDebuggerPresent
DebugBreak
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
ExitProcess
GetCurrentThreadId
GetCommandLineA
GetSystemTimeAsFileTime
SetEnvironmentVariableA
GetFileType
LCMapStringA
LCMapStringW
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
VirtualFree
HeapCreate
WriteFile
GetStdHandle
GetACP
GetOEMCP

user32

GetDC
ReleaseDC
LoadStringA
CharNextW
CharNextA

gdi32

SelectObject
SetMapMode
SetTextCharacterExtra
GetTextExtentPoint32A
GetDeviceCaps
DeleteObject
CreateFontIndirectA

advapi32

RegDeleteValueA
RegQueryInfoKeyA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHGetFileInfoA

ole32

CoTaskMemFree
StringFromCLSID
ProgIDFromCLSID
StringFromGUID2
CoCreateInstance
CoTaskMemRealloc
CoInitialize
CoUninitialize
CoTaskMemAlloc

oleaut32

UnRegisterTypeLi
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
GetErrorInfo
VariantChangeType
VariantCopy
VariantClear
VariantInit
CreateErrorInfo
SysAllocString
SysStringLen
VarUI4FromStr
SysFreeString
SetErrorInfo

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 242KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 121KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
pdc32.dll
.dll windows:4 windows x86 arch:x86

56a2590352b9a444d350829f59cb69ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

K:\pdc\PDC32.pdb

Imports

kernel32

GetCurrentProcessId
SetStdHandle
SetConsoleCtrlHandler
RaiseException
VirtualProtect
GetSystemInfo
FlushFileBuffers
GetLocaleInfoW
CompareStringA
CompareStringW
IsBadReadPtr
_hread
SetErrorMode
GetModuleFileNameA
ReadFile
GetLastError
SetFilePointer
lstrlenW
GetLocalTime
LoadLibraryA
GetProcAddress
FreeLibrary
WriteFile
CreateFileA
GetCPInfo
lstrlenA
GetVersion
GlobalFree
QueryPerformanceCounter
LCMapStringW
LCMapStringA
HeapSize
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcatA
lstrcmpiA
lstrcpyA
CloseHandle
MulDiv
GetTickCount
GetCurrentThreadId
GetCommandLineA
GetVersionExA
DeleteFileA
HeapReAlloc
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
ExitProcess
GetModuleHandleA
TerminateProcess
GetCurrentProcess
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
VirtualAlloc
IsBadWritePtr
GetTimeZoneInformation
GetACP
GetOEMCP
InitializeCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
SetEnvironmentVariableA

advapi32

RegQueryValueExA
RegOpenKeyExA
CryptReleaseContext
CryptDestroyKey
CryptEncrypt
CryptGetKeyParam
CryptImportKey
CryptAcquireContextA
RegCreateKeyExA
RegSetValueExA
CryptHashData
CryptSignHashA
CryptDestroyHash
RegCloseKey

user32

ReleaseDC
GetDC
wsprintfA
FillRect
MessageBoxA
wvsprintfA
SendMessageA
GetWindow
FindWindowA
wvsprintfW

gdi32

GetObjectA
GetCharWidthW
CreateFontIndirectA
GetTextMetricsA
GetTextAlign
GetArcDirection
GetDIBits
BitBlt
SetDIBits
CreateBitmap
GetPixel
GetPolyFillMode
GetFontData
EnumFontFamiliesExA
GetCharWidthA
CreateCompatibleBitmap
DPtoLP
GetTextExtentPointW
GetCharacterPlacementW
GetTextFaceA
LPtoDP
GetBkColor
GetBkMode
GetTextColor
GetWindowExtEx
GetViewportExtEx
GetWorldTransform
CreateRectRgn
GetDeviceCaps
CreateEnhMetaFileA
DeleteObject
DeleteEnhMetaFile
EnumEnhMetaFile
GetStockObject
SelectObject
CreateCompatibleDC
CloseEnhMetaFile
PlayEnhMetaFileRecord
GetPath
GetRegionData
GetClipRgn
CreateDIBSection

usp10

ScriptStringFree
ScriptFreeCache
ScriptString_pSize
ScriptPlace
ScriptShape
ScriptItemize
ScriptStringCPtoX
ScriptStringGetOrder
ScriptStringGetLogicalWidths
ScriptStringAnalyse

crypt32

CertFreeCertificateContext
CryptAcquireCertificatePrivateKey
CertFindCertificateInStore
CertOpenStore
CertFreeCertificateChain
CryptSignMessage
CertGetCertificateChain
CertCloseStore

Exports

Exports

EnhMetaFileProc
PdcAbortDoc
PdcAbortPage
PdcEmbedFile
PdcEndDoc
PdcEndDoc2
PdcEndPage
PdcEnumFontFamiliesEx
PdcGetData
PdcGetLastMessage
PdcHandleToStr
PdcHandleToStrInChunks
PdcNewTEDoc
PdcResetLastMessage
PdcSaveFile
PdcSetFlags
PdcSetHlinkBase
PdcSetPictQuality
PdcStartDoc
PdcStartDoc2
PdcStartDoc3
PdcStartPage
PdcStrToHandle
PdcStrToHandleInChunks
WEP

Sections

.text
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
pl.ini
pt.ini
ru.ini
sl.ini
ter22.dll
.dll windows:4 windows x86 arch:x86

76ffdde0a8a19f6623e1be1c9cd25ce0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

StgCreateDocfileOnILockBytes
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
OleBuildVersion
OleInitialize
OleGetClipboard
OleCreateLinkFromData
OleCreateFromData
CoCreateInstance
CLSIDFromString
OleCreate
CreateFileMoniker
CreateItemMoniker
OleCreateLink
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
WriteClassStg
WriteFmtUserTypeStg
CLSIDFromProgID
OleConvertOLESTREAMToIStorage
OleLoad
OleCreateFromFile
OleCreateLinkToFile
StgCreateDocfile
ProgIDFromCLSID
OleSetContainedObject
ReleaseStgMedium
OleConvertIStorageToOLESTREAM
StringFromCLSID
CoTaskMemFree
OleSave
OleUninitialize
DoDragDrop
OleDraw
RevokeDragDrop
RegisterDragDrop

shell32

DragQueryPoint
DragQueryFileW
DragFinish
ShellExecuteW
DragAcceptFiles
ShellExecuteA

kernel32

GetStartupInfoA
DeleteCriticalSection
GetFileType
GetEnvironmentStrings
FreeEnvironmentStringsW
GetCurrentProcess
GetStdHandle
SetHandleCount
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
FreeEnvironmentStringsA
SetLastError
IsBadReadPtr
GetCurrentThreadId
GetModuleFileNameA
FindResourceA
LoadResource
LockResource
FreeResource
GetStringTypeW
Sleep
GetFullPathNameA
SystemTimeToFileTime
FileTimeToDosDateTime
lstrcpynW
DosDateTimeToFileTime
FileTimeToSystemTime
GlobalReAlloc
GlobalHandle
GlobalSize
lstrcmpiW
lstrcmpW
GetFileAttributesW
DeleteFileW
MoveFileW
CreateFileW
CreateFileA
CloseHandle
SetErrorMode
LoadLibraryA
WriteFile
ReadFile
SetFilePointer
GetUserDefaultLangID
WideCharToMultiByte
lstrcmpA
GetDateFormatA
GetLastError
GetTimeFormatA
GetProcAddress
GetLocalTime
lstrcatA
GetACP
IsDBCSLeadByteEx
IsDBCSLeadByte
GetCPInfo
GetVersion
GetVersionExA
GetUserDefaultLCID
GetLocaleInfoA
lstrcatW
MultiByteToWideChar
FreeLibrary
lstrcmpiA
MulDiv
GetCommandLineA
lstrlenW
GlobalUnlock
GlobalAlloc
GlobalLock
GlobalFree
lstrlenA
lstrcpyA
lstrcpyW
TerminateProcess
GetModuleHandleA
ExitProcess
HeapFree
HeapReAlloc
HeapAlloc
GetSystemTimeAsFileTime
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
GetOEMCP
InitializeCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
GetStringTypeA
VirtualProtect
GetSystemInfo
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapSize
RaiseException
SetStdHandle
FlushFileBuffers
DeleteFileA
GetFileAttributesA

advapi32

RegQueryValueExA
RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
GetUserNameA
RegEnumKeyA
RegQueryValueA
GetUserNameW
RegOpenKeyExA

user32

CharLowerBuffW
CharUpperBuffW
IsCharUpperW
CharLowerW
SetForegroundWindow
TrackPopupMenuEx
EnableMenuItem
CheckMenuItem
CreatePopupMenu
AppendMenuA
TrackPopupMenu
GetWindowThreadProcessId
SetDlgItemTextW
IsWindowEnabled
GetDlgItemInt
EndDialog
CreateWindowExW
GetWindowLongW
SetWindowLongW
CallWindowProcW
SendDlgItemMessageW
GetSysColor
GetCursorPos
GetWindow
DialogBoxParamA
CharUpperBuffA
CharLowerBuffA
SendDlgItemMessageA
CallWindowProcA
IsClipboardFormatAvailable
GetClipboardData
OpenClipboard
EmptyClipboard
CloseClipboard
GetWindowTextLengthA
GetDlgItemTextA
GetDlgItem
SetClipboardData
UpdateWindow
SetDlgItemTextA
CreateDialogParamA
GetWindowTextA
SetDlgItemInt
TranslateMessage
DispatchMessageA
GetWindowLongA
MessageBoxW
GetDC
LoadBitmapA
LoadAcceleratorsA
SetScrollPos
RegisterClipboardFormatA
GetParent
ShowScrollBar
SetScrollRange
TrackMouseEvent
wsprintfW
SetScrollInfo
FillRect
SetCaretPos
ScreenToClient
ClientToScreen
PtInRect
wsprintfA
FindWindowA
BeginPaint
EndPaint
ShowCaret
HideCaret
ValidateRect
SetRect
GetClientRect
MoveWindow
IsCharLowerA
LoadMenuA
GetClassInfoExA
LoadIconA
LoadCursorA
RegisterClassExA
GetClassInfoExW
RegisterClassExW
MapVirtualKeyA
GetKeyboardState
ToUnicodeEx
InSendMessage
ReplyMessage
MessageBeep
GetMenu
SetCapture
ReleaseCapture
SystemParametersInfoA
GetSystemMetrics
SetWindowLongA
SetMenu
KillTimer
ReleaseDC
DestroyWindow
DestroyCursor
TranslateAcceleratorA
IsWindow
PeekMessageA
SetTimer
SetWindowsHookExA
UnhookWindowsHookEx
SetWindowTextW
SetCursor
SetWindowTextA
DestroyMenu
DestroyAcceleratorTable
UnregisterClassA
UnregisterClassW
GetKeyboardLayout
GetDlgCtrlID
GetFocus
GetKeyState
CallNextHookEx
GetClassNameA
DefWindowProcA
SendMessageA
MessageBoxA
PostMessageA
EnableWindow
InvalidateRect
CreateWindowExA
ShowWindow
BringWindowToTop
SetFocus
GetWindowRect
SetWindowPos
wvsprintfA
DestroyCaret
CreateCaret
IsWindowVisible
CharUpperW
IsCharLowerW
DialogBoxParamW
IsCharAlphaA
IsDialogMessageA

gdi32

SaveDC
RestoreDC
CreatePen
GetTextColor
SetTextColor
SetBkMode
GetBkMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
PlayEnhMetaFileRecord
BitBlt
PlayMetaFileRecord
CreatePalette
SetWindowOrgEx
SetViewportOrgEx
RealizePalette
EnumMetaFile
SetViewportExtEx
SetWindowExtEx
SetMapMode
Rectangle
EnumEnhMetaFile
SetStretchBltMode
GetWorldTransform
PtInRegion
CreatePolygonRgn
CreateDIBSection
GetDeviceCaps
CreateCompatibleBitmap
StretchDIBits
StretchBlt
StrokePath
FillPath
StrokeAndFillPath
EndPath
CloseFigure
PolyBezierTo
LineTo
MoveToEx
BeginPath
ExtTextOutA
GetTextExtentPointA
SetPixel
GetTextExtentPointW
Ellipse
ExtTextOutW
GdiComment
Polygon
GetPaletteEntries
TextOutA
Arc
RoundRect
SetTextAlign
ExtCreatePen
TranslateCharsetInfo
GetObjectA
GetTextMetricsA
Escape
GetObjectType
PlayEnhMetaFile
StartDocA
CreateDCA
EndDoc
EndPage
DPtoLP
GetMapMode
GetViewportExtEx
GetWindowExtEx
GetWindowOrgEx
GetViewportOrgEx
StartPage
ResetDCA
CloseEnhMetaFile
CreateEnhMetaFileA
CloseMetaFile
CreateMetaFileA
AbortDoc
SetAbortProc
CreateBitmap
CreateBitmapIndirect
DeleteMetaFile
CopyMetaFileA
GetEnhMetaFileHeader
CopyEnhMetaFileA
GetDIBits
CreateFontIndirectA
GetFontLanguageInfo
EnumFontsA
GetCharWidthA
GetCharWidthW
DeleteEnhMetaFile
GetPixel
EnumFontFamiliesExA
SetROP2
Polyline
LPtoDP
CreateRectRgn
SelectClipRgn
CreateCompatibleDC
SetBkColor
SelectPalette
DeleteObject
CreateSolidBrush
GetStockObject
SetTextCharacterExtra
DeleteDC
GetCharacterPlacementA
GetCharacterPlacementW
SetDIBits
SetEnhMetaFileBits
GetEnhMetaFileBits
SetMetaFileBitsEx
GetMetaFileBitsEx
UnrealizeObject
SelectObject

comdlg32

ChooseFontA
ChooseColorA
PrintDlgExA
PrintDlgA
GetOpenFileNameW
GetSaveFileNameW
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

ord201
DeviceCapabilitiesA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

imm32

ImmSetCandidateWindow
ImmGetCompositionStringA
ImmNotifyIME
ImmGetContext
ImmGetCompositionStringW
ImmReleaseContext
ImmIsUIMessageA

oleaut32

SysAllocString
SysFreeString

usp10

ScriptStringAnalyse
ScriptStringGetLogicalWidths
ScriptStringGetOrder
ScriptStringCPtoX
ScriptString_pSize
ScriptStringFree

Exports

Exports

BookmarkParam
CellBorderColorParam
CellBorderParam
CellColorParam
CellRotationParam
CellShadingParam
CellVertAlignParam
CellWidthFlagParam
CellWidthParam
CharScaleXParam
CharSpaceParam
CheckBoxFieldParam
ClearAllTabs
ClearTab
CloseTer
CreateTerWindow
CtlDlgFn
CtlFlags
CtlInfo
CtlStyle
CustomControlInfoA
CustomControlSizeToText
CustomControlStyle
DataFieldParam
DateParam
DeleteCellsParam
DeselectTerText
DrawObjectParam
EditInputFieldParam
EditPictureParam
EditStyleParam
FontParam
FootnoteParam
FormFieldSubclass
GetFontInfo
GetFontInfo2
GetTerBuffer
GetTerCursorPos
GetTerFields
GetTerFieldsAlt
GetTerLine
HandleToIntArray
HandleToStr
HandleToStrInChunks
HandleToStrU
HookGetMsgProc
HyperlinkParam
InputFieldParam
InsertObjectParam
InsertRtfBuf
InsertRtfBufU
InsertTerText
InsertTerTextU
JumpParam
ListLevelParam
ListOrPropParam
ListOrSelectParam
ListParaParam
ListPropParam
ListSelectParam
LoadTerControl
MergeEnumMetafile
ObjectAttribParam
ObjectPosParam
OleEnumMetafile
OleFromFileParam
OverrideBinParam
PageParam
ParaBoxParam
ParaHangingIndent
ParaIndentTwips
ParaLeftIndent
ParaNormal
ParaRightIndent
ParaSpaceParam
ParaTextFlowParam
PasteSpecialParam
PrintAbortParam
PrintPreviewProc
PrintProc
PrtEnumMetafile
RangeParam
ReadTerFile
ReadTerFileU
ReplaceParam
RowHeightParam
RowPositionParam
RowTextFlowParam
SaveTerFile
SaveTerFileU
ScrEnhMetaFileProc
SearchParam
SectionParam
SelectStyleParam
SelectTerText
SetTab
SetTabParam
SetTerBkColor
SetTerBuffer
SetTerCharStyle
SetTerColor
SetTerCursorPos
SetTerDefaultFont
SetTerFields
SetTerFont
SetTerLine
SetTerParaFmt
SetTerPointSize
StrToHandle
StrToHandleInChunks
StrToHandleU
TerAbsToRowCol
TerAcceptChanges
TerAddAnimPict
TerAddAutoCompWord
TerAddImageMapRect
TerAddToolbarIcon
TerAddToolbarItem
TerAdjustHtmlTable
TerAdjustUserColor
TerAnd
TerAppendText
TerAppendTextEx
TerAppendTextEx2
TerAppendTextU
TerAppendTextU2
TerApplyComment
TerApplyCommentU
TerApplyHyperlink
TerApplyHyperlinkU
TerBmp2Png
TerBulletToText
TerCancelEditStyle
TerCellBorder
TerCellBorder2
TerCellBorderColor
TerCellColor
TerCellRotateText
TerCellShading
TerCellVertAlign
TerCellWidth
TerChangeField
TerChangeFieldPicture
TerChangeFieldRtf
TerChangeFieldRtfU
TerChangeFieldU
TerChangeToolbarIcon
TerClearAutoCompList
TerClosePrinter
TerColBreak
TerCommand
TerCommand2
TerConnectTextBoxes
TerCopyHeadersFooters
TerCreateBulletId
TerCreateBulletId2
TerCreateBulletId3
TerCreateCellId
TerCreateFirstHdrFtr
TerCreateFont
TerCreateFont2
TerCreateFont3
TerCreateFont4
TerCreateHtmlRule
TerCreateHtmlRule2
TerCreateImageMap
TerCreateLeftRightHdrFtr
TerCreateListBulletId
TerCreateListBulletId2
TerCreateOcxObject
TerCreateOcxObject2
TerCreateParaFrameId
TerCreateParaId
TerCreateParaIdEx
TerCreateShape
TerCreateTabId
TerCreateTable
TerCreateTable2
TerCreateWindowAlt
TerDataVersion
TerDeleteBlock
TerDeleteBookmark
TerDeleteCellText
TerDeleteCells
TerDeleteField
TerDeleteFirstHdrFtr
TerDeleteHdrFtr
TerDeleteHypertext
TerDeleteIDispatch
TerDeleteMenuItem
TerDeleteObject
TerDeleteParaFrame
TerDeleteReviewer
TerDeleteStyle
TerDeleteStyleU
TerDeleteTag
TerDifTableRows
TerDisableDragDrop
TerDocName
TerDocNameU
TerDrawImage
TerDrawImage2
TerEditComment
TerEditCommentU
TerEditList
TerEditListLevel
TerEditListOr
TerEditStyle
TerEditStyleU
TerEditTooltip
TerEnableDashes
TerEnableDragDrop
TerEnableHScrollBar
TerEnableMbcs
TerEnableRefresh
TerEnableScrollBar
TerEnableSpeedKey
TerEnableTracking
TerEngageCaret
TerEnumFontFamiliesEx
TerEnumFonts
TerEquateHtmlTable
TerExit
TerExpandWidthToFit
TerFieldToText
TerFileToMem
TerFileToMem2
TerFileToMem2U
TerFindHlinkField
TerFindNextChange
TerFlushUndo
TerGetAppMemory
TerGetBaseLineY
TerGetBkPictId
TerGetBookmark
TerGetBufferDC
TerGetBulletInfo
TerGetBulletInfo2
TerGetBulletInfo3
TerGetCaretPos
TerGetCellBorderColor
TerGetCellBorderWidth
TerGetCellInfo
TerGetCellInfo2
TerGetCellParam
TerGetCellParam2
TerGetCharDim
TerGetCheckboxInfo
TerGetComboboxInfo
TerGetControlId
TerGetControlPos
TerGetCurFont
TerGetCurParaNum
TerGetDeviceRes
TerGetDevmode
TerGetDispPageNo
TerGetDrawObjectInfo
TerGetDropDataObject
TerGetEffectiveFont
TerGetField
TerGetFieldFont
TerGetFieldFontU
TerGetFieldU
TerGetFlowFont
TerGetFontAux1Id
TerGetFontFieldCode
TerGetFontFieldCodeU
TerGetFontFieldId
TerGetFontLang
TerGetFontParam
TerGetFontSpace
TerGetFontStyleId
TerGetFrameParam
TerGetFrameSize
TerGetHdrFtrPos
TerGetHtmlDocTitle
TerGetHypertext
TerGetHypertext2
TerGetHypertextEx
TerGetHypertextU
TerGetHypertextU2
TerGetIDispatch
TerGetImageMapInfo
TerGetImageMapRectInfo
TerGetInputFieldId
TerGetInputFieldInfo
TerGetLastMessage
TerGetLastMessage2
TerGetLevelCell
TerGetLine
TerGetLineCol
TerGetLineEx
TerGetLineInfo
TerGetLineParam
TerGetLineParamStr
TerGetLineU
TerGetLineWidth
TerGetLineWidth2
TerGetListId
TerGetListInfo
TerGetListInfo2
TerGetListLevelInfo
TerGetListLevelInfoU
TerGetListLine
TerGetListOrInfo
TerGetMarginEx
TerGetMsgCallback
TerGetNextControlPos
TerGetNextTagId
TerGetOleClass
TerGetOlePtr
TerGetOrigPictSize
TerGetOverrideBin
TerGetPageBorderDim
TerGetPageCount
TerGetPageFirstLine
TerGetPageNumFmt
TerGetPageOffset
TerGetPageOrient
TerGetPageOrient2
TerGetPageOrientEx
TerGetPageParam
TerGetPagePos
TerGetPageSect
TerGetPageSize
TerGetParaAux1Id
TerGetParaCount
TerGetParaInfo
TerGetParaInfo2
TerGetParaInfo3
TerGetParaInfo4
TerGetParaParam
TerGetParam
TerGetParentPtr
TerGetPdfPageCount
TerGetPictCropping
TerGetPictFrame
TerGetPictInfo
TerGetPictMapId
TerGetPictOffset
TerGetPlaceHolderPict
TerGetPrevControlPos
TerGetPrinter
TerGetReadOnly
TerGetRefParam
TerGetRefParamStr
TerGetReviewerInfo
TerGetRowCellCount
TerGetRowInfo
TerGetRowParam
TerGetRtfDocInfo
TerGetRtfDocInfoU
TerGetRtfSel
TerGetSectAuxId
TerGetSectBins
TerGetSectColWidth
TerGetSectInfo
TerGetSectParam
TerGetSelection
TerGetSeqSect
TerGetStyleId
TerGetStyleIdU
TerGetStyleInfo
TerGetStyleInfoU
TerGetStyleParam
TerGetTabStop
TerGetTabStop2
TerGetTableId
TerGetTableLevel
TerGetTablePos
TerGetTablePos2
TerGetTag
TerGetTagEx
TerGetTagName
TerGetTagPos
TerGetTagPos2
TerGetTextColor
TerGetTextFieldInfo
TerGetTextHeight
TerGetTextSel
TerGetTextSelNR
TerGetTextSelU
TerGetTextSelUNR
TerGetVbxCallback
TerGetVersion
TerGetVisibleCol
TerGetWordCount
TerHdrFtrExists
TerHideToolbarIcon
TerHideWindow
TerHigh16Bits
TerHtmlCellWidthFlag
TerHtmlCharSet
TerHtmlGetBasePictFile
TerHtmlNegativeIndent
TerHtmlSetBasePictFile
TerHtsGetInitAlign
TerHtsSetInitAlign
TerIgnoreCommand
TerImageMapNameToId
TerInServer
TerInit
TerInputFieldToTextBox
TerInsertArrowLineObject
TerInsertBookmark
TerInsertCheckBoxField
TerInsertComboBoxField
TerInsertControl
TerInsertDateTime
TerInsertDrawObject
TerInsertDrawObject2
TerInsertDrawObject3
TerInsertDynamicField
TerInsertField
TerInsertFieldU
TerInsertFootnote
TerInsertFootnote2
TerInsertHyperlink
TerInsertHyperlinkU
TerInsertHyperlinkU2
TerInsertLine
TerInsertLineObject
TerInsertLineU
TerInsertObjectId
TerInsertOleFile
TerInsertOleFileDlgU
TerInsertOleFileU
TerInsertOleObject
TerInsertPageRef
TerInsertParaFrame
TerInsertPictureFile
TerInsertPictureFileU
TerInsertPictureFileXY
TerInsertPictureFileXY2
TerInsertPictureFromMemory
TerInsertRtfFile
TerInsertRtfFileU
TerInsertTableCol
TerInsertTableRow
TerInsertText
TerInsertTextInputField
TerInsertTextU
TerInsertToc
TerInsertToc2
TerInsertUserField
TerInternetClose
TerInternetGet
TerInternetOpen
TerInternetPut
TerInvokeOcx
TerInvokeOcx2
TerIsAvailableFont
TerIsBlankPage
TerIsDeletedLine
TerIsInIE
TerIsMixPara
TerIsModified
TerIsPrinting
TerIsSspAvail
TerIsTableSelected
TerIsTableWider
TerLineInfoFlags
TerLineSelected
TerLineSpaceAfter
TerLoadExtFont
TerLocateAuxIdChar
TerLocateChangedChar
TerLocateChangedChar2
TerLocateChangedChar3
TerLocateField
TerLocateFieldChar
TerLocateFieldChar2
TerLocateFontFlags
TerLocateFontId
TerLocateInputField
TerLocateStyle
TerLocateStyleChar
TerLow16Bits
TerLparam2String
TerMakeMbcs
TerMarkCells
TerMbcsChar
TerMbcsDir
TerMbcsExt
TerMbcsLen
TerMenuEnable
TerMenuEnable2
TerMenuSelect
TerMenuSelect2
TerMergeFields
TerMergeFieldsU
TerMergePrint
TerMergePrintMeta
TerMergePrintMeta2
TerMergePrintRE
TerMergePrintRep
TerMergePrintRep2
TerMergePrintRep3
TerMergePrintVB
TerMoveParaFrame

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tr.ini
txml2.dll
.dll windows:4 windows x86 arch:x86

87134a600d6346a04fb26498c5ec13e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

L:\dev\tecf\TXML2.pdb

Imports

ole32

CoCreateInstance

kernel32

VirtualFree
CompareStringW
lstrlenA
CompareStringA
GetLocaleInfoW
GetSystemInfo
VirtualProtect
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
GetVersionExA
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
TlsAlloc
SetLastError
GetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
HeapFree
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
SetEnvironmentVariableA
UnhandledExceptionFilter
WriteFile
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
LoadLibraryA
HeapSize
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId

user32

wvsprintfA
FindWindowA
GetWindow
SendMessageA
MessageBoxA

Exports

Exports

TxmlCreateDOMDocument
TxmlCreateXmlReader
WEP

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
wpcc.dll
.dll regsvr32 windows:4 windows x86 arch:x86

a2d5ec9f5e3ebfa976c02f5005d55303

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaStrI4
__vbaFreeVar
__vbaLenBstr
__vbaStrVarMove
_adj_fdiv_m64
ord621
ord516
_adj_fprem1
__vbaResume
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaExitProc
ord301
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
ord307
__vbaBoolVarNull
_CIsin
ord525
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
DllFunctionCall
_adj_fpatan
__vbaRedim
__vbaStrR8
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaStrVarVal
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaR8Str
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord578
ord101
ord102
ord103
ord104
ord105
__vbaAryLock
__vbaStrToAnsi
__vbaVarDup
__vbaVarCopy
ord617
_CIatan
__vbaStrMove
ord619
_allmul
_CItan
__vbaAryUnlock
_CIexp
__vbaFreeStr
__vbaFreeObj

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
wps32.dll
.dll windows:5 windows x86 arch:x86

4592f8a7d86b2fcc56bb5566ad7c2034

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SafeArrayPtrOfIndex
GetErrorInfo

advapi32

RegQueryValueExW
RegSetValueExW

user32

CharNextW
SetClassLongW
EnumDisplayMonitors

kernel32

GetVersion
GetProcAddress
GetVersionExW
GetVersion
Sleep

gdi32

UnrealizeObject

version

VerQueryValueA

wsock32

WSACleanup

ole32

OleUninitialize

comctl32

InitializeFlatSB

msvcrt

memset

shell32

ShellExecuteW

magnification

MagSetImageScalingCallback

winhttp

WinHttpWriteData

Exports

Exports

TMethodImplementationIntercept
WpsConvertFile
WpsEndSession
WpsNewSession
WpsSetBoolProp
WpsSetFlags
WpsSetLicenseInfo
WpsSetNumProp
WpsSetTextProp

Sections

.text
Size: - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 48KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 293B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 11.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 17.4MB - Virtual size: 17.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
wrs6.dll
.dll windows:4 windows x86 arch:x86

5c7206255c5b3a02c8f99eb06b4fc8c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

OleConvertIStorageToOLESTREAM
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgOpenStorage

kernel32

GlobalFree
GetACP
GetUserDefaultLangID
GetCPInfo
CloseHandle
CreateFileW
WriteFile
lstrcatA
ReadFile
MultiByteToWideChar
GetLocalTime
CreateFileA
GlobalReAlloc
lstrlenW
GetCurrentThreadId
SetFilePointer
MulDiv
lstrcmpiW
lstrcmpiA
lstrlenA
FileTimeToSystemTime
lstrcpyA
GetVersionExA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
SetStdHandle
RtlUnwind
Sleep
SetConsoleCtrlHandler
LCMapStringW
GlobalAlloc
GlobalLock
GlobalUnlock
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalHandle
HeapReAlloc
GetCommandLineA
GetVersion
GetLocaleInfoW
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
ExitProcess
TerminateProcess
GetCurrentProcess
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
GetProcAddress
GetModuleHandleA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
GetOEMCP
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
GetStringTypeA
GetStringTypeW
LCMapStringA

advapi32

RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA

user32

wvsprintfW
wvsprintfA
FindWindowA
GetWindow
SendMessageA
MessageBoxA
MessageBoxW
wsprintfA
GetDC
ReleaseDC

gdi32

GetDeviceCaps
CloseMetaFile
SetWindowExtEx
SetWindowOrgEx
CreateMetaFileA
DeleteMetaFile
GetMetaFileBitsEx
TranslateCharsetInfo

Exports

Exports

WEP
WrsConvertBuffer
WrsConvertFile
WrsConvertFileToBuffer
WrsConvertFileToBufferU
WrsConvertFileU
WrsEndSession
WrsGetLastMessage
WrsHandleToStr
WrsHandleToStrInChunks
WrsNewSession
WrsOleGet
WrsOlePut
WrsResetLastMessage
WrsSetFlags
WrsSetLicenseKey
WrsStrToHandle
WrsStrToHandleInChunks

Sections

.text
Size: 280KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1845765d627445c8cb8cdcfbe2807dda

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6eCertificate

Extended Key Usages

Key Usages

57:7c:e5:9e:d9:bb:9a:4a:5c:69:36:13:2f:67:45:8fCertificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

23:a1:8f:55:21:5b:dd:80:69:d0:76:9e:50:36:13:7e:ae:41:94:fa:3f:ce:df:e6:3f:fa:71:f7:95:e1:ab:28Signer

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

msimg32

gdi32

version

ole32

comctl32

shell32

wininet

comdlg32

wsock32

winspool.drv

winmm

crypt32

fontsub

oleacc

gdiplus

wps32

Exports

Exports

Sections

.text Size: 5.6MB - Virtual size: 5.6MB

.itext Size: 11KB - Virtual size: 11KB

.data Size: 195KB - Virtual size: 194KB

.bss Size: - Virtual size: 34KB

.idata Size: 22KB - Virtual size: 22KB

.didata Size: 1KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 78B

.tls Size: - Virtual size: 604B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 356KB - Virtual size: 356KB

.rsrc Size: 5.0MB - Virtual size: 5.0MB

ba25d4161b1a852b3ebee45b99adb732

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 242KB - Virtual size: 241KB

.data Size: 121KB - Virtual size: 130KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 56KB - Virtual size: 56KB

56a2590352b9a444d350829f59cb69ae

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

57:7c:e5:9e:d9:bb:9a:4a:5c:69:36:13:2f:67:45:8f
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

23:a1:8f:55:21:5b:dd:80:69:d0:76:9e:50:36:13:7e:ae:41:94:fa:3f:ce:df:e6:3f:fa:71:f7:95:e1:ab:28
Signer

.text
Size: 5.6MB - Virtual size: 5.6MB

.itext
Size: 11KB - Virtual size: 11KB

.data
Size: 195KB - Virtual size: 194KB

.bss
Size: - Virtual size: 34KB

.idata
Size: 22KB - Virtual size: 22KB

.didata
Size: 1KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 78B

.tls
Size: - Virtual size: 604B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 356KB - Virtual size: 356KB

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 242KB - Virtual size: 241KB

.data
Size: 121KB - Virtual size: 130KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 56KB - Virtual size: 56KB

.text
Size: 272KB - Virtual size: 271KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 32KB - Virtual size: 39KB

.idata
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 9KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 8KB - Virtual size: 41KB

.rsrc
Size: 112KB - Virtual size: 110KB

.reloc
Size: 48KB - Virtual size: 45KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 7KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 18KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 12KB - Virtual size: 9KB