cc4e1d34ca67b18ed86edb8d1e6f9889

Sharing

Copy URL

Twitter E-mail

General

Target

cc4e1d34ca67b18ed86edb8d1e6f9889
Size

1.2MB
MD5

cc4e1d34ca67b18ed86edb8d1e6f9889
SHA1

7b44a616e213ac56a504075ac02cd963f0b76b31
SHA256

784dddd1bcf75a42e40d9af9642170b7f0d2ace371b3262dcd6fd8f21b5f32ce
SHA512

f2e04a5e82c861dda55bc92b899e062e77f15f4d85c67c8aa39da3fd2f78e547bcd9e0a6e23466e141e10e785cfa6f340d049330ec8a1aa987257ac4d1120e01
SSDEEP

24576:nMJ7l5662r2dymEqB/LD1vQ3P4etiPxJ/GyBPifNZxw4kz05KIBxBea6c0VPyJ54:MJ7l5662r2dymEqZLD1vQf7oPxJ/GyPd

Score

3^/10

Malware Config

Signatures

Unsigned PE 17 IoCs

Checks for missing Authenticode signature.

resource
cc4e1d34ca67b18ed86edb8d1e6f9889
unpack001/$PLUGINSDIR/BrandingURL.dll
unpack001/$PLUGINSDIR/GetVersion.dll
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/ASI130MM.ax
unpack001/ASI130MM.dll
unpack001/UNINST.exe
unpack002/$PLUGINSDIR/GetVersion.dll
unpack002/$PLUGINSDIR/LangDLL.dll
unpack002/$PLUGINSDIR/System.dll
unpack001/USB CAMERA EN.EXE
unpack001/USB CAMERA.exe
unpack001/driver/wlh/x86/ASI130MM.sys
unpack001/driver/wxp/x64/ASI130MM.sys
unpack001/driver/wxp/x86/ASI130MM.sys

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/UNINST.exe	nsis_installer_1
static1/unpack001/UNINST.exe	nsis_installer_2

Files

cc4e1d34ca67b18ed86edb8d1e6f9889
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/BrandingURL.dll
.dll windows:4 windows x86 arch:x86

135de77644e2add2fd9dd8176740e7e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GlobalFree

user32

GetWindowRect
SetCapture
InvalidateRect
SendMessageA
GetCapture
ClientToScreen
EnableWindow
LoadImageA
SetPropA
SetWindowLongA
GetWindowLongA
GetDlgItem
PtInRect
ReleaseCapture
SetCursor
GetPropA
CallWindowProcA
RedrawWindow

gdi32

GetObjectA
SetTextColor
CreateFontIndirectA

shell32

ShellExecuteA

Exports

Exports

Set
Unload

Sections

.text
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 839B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/GetVersion.dll
.dll windows:5 windows x86 arch:x86

fb1aa2bbc159c94cb45792330366bd5f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
GetModuleHandleA
lstrcpynA
GlobalAlloc
GetProcAddress
GetSystemInfo
GetVersionExA

user32

GetSystemMetrics
wsprintfA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Exports

Exports

WindowsName
WindowsPlatformArchitecture
WindowsPlatformId
WindowsServerName
WindowsServicePack
WindowsServicePackBuild
WindowsServicePackMajor
WindowsServicePackMinor
WindowsType
WindowsVersion

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 558B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

9b6b6a7858e17fb0b17e1c1428330343

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GetACP
lstrlenA
lstrcmpA
lstrcpynA
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc

user32

SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
LoadIconA
SendMessageA
ShowWindow
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
ASI130MM.ax
.dll regsvr32 windows:5 windows x86 arch:x86

88f1badc070792f06d5eee39a6c7f0e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

asi130mm

?SetGain@CCameraS130MM@@QAE_NH@Z
?GetGamma@CCameraS130MM@@QAEHXZ
?GetGain@CCameraS130MM@@QAEHXZ
?SetExp@CCameraS130MM@@QAE_NK@Z
?GetDroppedFrame@CCameraS130MM@@QAEKXZ
?GetExp@CCameraS130MM@@QAEKXZ
?GetCMOSClk@CCameraS130MM@@QAE_NPAH@Z
?SetCMOSClk@CCameraS130MM@@QAE_NH@Z
?GetStartPos@CCameraS130MM@@QAE_NPAH0@Z
?SetStartPos@CCameraS130MM@@QAE_NHH@Z
?GetRGBBalance@CCameraS130MM@@QAEXPAH0@Z
?SetRGBBalance@CCameraS130MM@@QAEXHH@Z
?GetMisc@CCameraS130MM@@QAEXPA_N0@Z
?SetMisc@CCameraS130MM@@QAE_N_N0@Z
?IsRawOutput@CCameraS130MM@@QAE_NXZ
?SetRawOutput@CCameraS130MM@@QAEX_N@Z
?IsUsingDark@CCameraS130MM@@QAE_NXZ
?UsingDark@CCameraS130MM@@QAEX_N@Z
?GettingDark@CCameraS130MM@@QAEXH@Z
?IsGetDarkOver@CCameraS130MM@@QAE_NXZ
?StopCapture@CCameraS130MM@@QAE_NXZ
?StartCapture@CCameraS130MM@@QAE_NXZ
?GetFWVer@CCameraS130MM@@QAEEXZ
?OpenCamera@CCameraS130MM@@QAE_NHHH@Z
??1CCameraS130MM@@QAE@XZ
?SetResolution@CCameraS130MM@@QAE_NHHHW4IMAGE_TYPE@@@Z
?GetImage@CCameraS130MM@@QAE_NPAEHK@Z
??0CCameraS130MM@@QAE@PAX@Z
?SetGamma@CCameraS130MM@@QAE_NH@Z

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

VirtualAlloc
VirtualFree
lstrcmpiA
GetProcAddress
CreateThread
WideCharToMultiByte
GetACP
GetTickCount
GetConsoleOutputCP
GetSystemDefaultUILanguage
SetStdHandle
GetLocaleInfoA
HeapSize
HeapReAlloc
IsValidCodePage
GetOEMCP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
SetEvent
GetCurrentProcessId
QueryPerformanceCounter
HeapDestroy
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
ExitProcess
GetStdHandle
WriteFile
WriteConsoleW
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
RaiseException
HeapAlloc
HeapFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCommandLineA
RtlUnwind
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCurrentThreadId
GetCurrentProcess
ResetEvent
CreateEventA
InterlockedExchange
WaitForSingleObject
CloseHandle
DisableThreadLibraryCalls
GetVersionExA
GetLastError
MultiByteToWideChar
lstrlenA
LoadLibraryA
InterlockedDecrement
FreeLibrary
InterlockedIncrement
Sleep
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
GetSystemTimeAsFileTime
GetModuleFileNameA
CreateFileA
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
WriteConsoleA

user32

GetDesktopWindow
LoadStringW
LoadStringA
GetWindowRect
DefWindowProcA
DestroyWindow
ShowWindow
InvalidateRect
MoveWindow
CreateDialogParamA
SetWindowLongA
GetWindowLongA
SetWindowPos
CheckDlgButton
SendMessageA
MessageBoxA
SetCapture
GetCursorPos
ScreenToClient
LoadCursorA
SetCursor
ReleaseCapture
CheckRadioButton
IsDlgButtonChecked
SendDlgItemMessageA
SetRectEmpty
wsprintfA
GetDlgItem
SetWindowTextA

gdi32

GetDIBits
CreateDCA
DeleteObject
DeleteDC
CreateCompatibleBitmap

advapi32

RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA
RegCreateKeyA

shell32

ShellExecuteA

ole32

StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries
CoInitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc

Exports

Exports

??4CCameraS130MM@@QAEAAV0@ABV0@@Z
??_FCCameraS130MM@@QAEXXZ
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ASI130MM.dll
.dll windows:5 windows x86 arch:x86

997653a8a7430eed18dec820679901f3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces

kernel32

Sleep
CloseHandle
InitializeCriticalSection
CreateSemaphoreW
DeleteCriticalSection
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
GetLastError
CreateEventW
DeviceIoControl
CreateEventA
GetOverlappedResult
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LCMapStringW
FlushFileBuffers
CreateFileA
ExitProcess
ExitThread
ResumeThread
CreateThread
GetCurrentThreadId
GetCommandLineA
RaiseException
HeapFree
HeapAlloc
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetModuleHandleA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
WriteFile
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA

user32

DispatchMessageW
UnregisterDeviceNotification
RegisterDeviceNotificationA
MsgWaitForMultipleObjects
PeekMessageW

advapi32

RegCreateKeyW
RegCloseKey
RegQueryValueExW
RegOpenKeyW
RegSetValueExW

Exports

Exports

??0CCameraS130MM@@QAE@PAX@Z
??1CCameraS130MM@@QAE@XZ
??4CCameraS130MM@@QAEAAV0@ABV0@@Z
??_FCCameraS130MM@@QAEXXZ
?Cam_SetResolution@CCameraS130MM@@AAE_NXZ
?CameraInit@CCameraS130MM@@AAE_NXZ
?CloseCamera@CCameraS130MM@@QAE_NXZ
?GetBLOffset@CCameraS130MM@@QAE_NPA_NPAC111@Z
?GetCMOSClk@CCameraS130MM@@QAE_NPAH@Z
?GetDroppedFrame@CCameraS130MM@@QAEKXZ
?GetExp@CCameraS130MM@@QAEKXZ
?GetFWVer@CCameraS130MM@@QAEEXZ
?GetFirmwareVer@CCameraS130MM@@AAE_NPAE@Z
?GetGain@CCameraS130MM@@QAEHXZ
?GetGamma@CCameraS130MM@@QAEHXZ
?GetImage@CCameraS130MM@@QAE_NPAEHK@Z
?GetMisc@CCameraS130MM@@QAEXPA_N0@Z
?GetRGBBalance@CCameraS130MM@@QAEXPAH0@Z
?GetStartPos@CCameraS130MM@@QAE_NPAH0@Z
?GettingDark@CCameraS130MM@@QAEXH@Z
?IsGetDarkOver@CCameraS130MM@@QAE_NXZ
?IsRawOutput@CCameraS130MM@@QAE_NXZ
?IsUsingDark@CCameraS130MM@@QAE_NXZ
?LoadSetting@CCameraS130MM@@AAEXXZ
?OpenCamera@CCameraS130MM@@QAE_NHHH@Z
?ReadCameraRegister@CCameraS130MM@@QAE_NGPAG@Z
?SaveSetting@CCameraS130MM@@AAEXXZ
?SendCMD@CCameraS130MM@@QAE_NE@Z
?SetBLOffset@CCameraS130MM@@QAE_N_NCCCC@Z
?SetCMOSClk@CCameraS130MM@@QAE_NH@Z
?SetExp@CCameraS130MM@@QAE_NK@Z
?SetGain@CCameraS130MM@@QAE_NH@Z
?SetGamma@CCameraS130MM@@QAE_NH@Z
?SetMisc@CCameraS130MM@@QAE_N_N0@Z
?SetOutput16Bits@CCameraS130MM@@AAEX_N@Z
?SetRGBBalance@CCameraS130MM@@QAEXHH@Z
?SetRawOutput@CCameraS130MM@@QAEX_N@Z
?SetResolution@CCameraS130MM@@QAE_NHHHW4IMAGE_TYPE@@@Z
?SetStartPos@CCameraS130MM@@QAE_NHH@Z
?StartCapture@CCameraS130MM@@QAE_NXZ
?StopCapture@CCameraS130MM@@QAE_NXZ
?UsingDark@CCameraS130MM@@QAEX_N@Z
?WriteCameraRegister@CCameraS130MM@@QAE_NGG@Z

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UNINST.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/GetVersion.dll
.dll windows:5 windows x86 arch:x86

fb1aa2bbc159c94cb45792330366bd5f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
GetModuleHandleA
lstrcpynA
GlobalAlloc
GetProcAddress
GetSystemInfo
GetVersionExA

user32

GetSystemMetrics
wsprintfA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Exports

Exports

WindowsName
WindowsPlatformArchitecture
WindowsPlatformId
WindowsServerName
WindowsServicePack
WindowsServicePackBuild
WindowsServicePackMajor
WindowsServicePackMinor
WindowsType
WindowsVersion

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 558B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

9b6b6a7858e17fb0b17e1c1428330343

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GetACP
lstrlenA
lstrcmpA
lstrcpynA
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc

user32

SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
LoadIconA
SendMessageA
ShowWindow
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
USB CAMERA EN.EXE
.exe windows:4 windows x86 arch:x86

d510f4eaee22f45286da3fb135cde849

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceW
FreeLibrary
GetFullPathNameW
GetWindowsDirectoryW
CreateProcessW
CloseHandle
GetFileSize
WriteProfileStringW
GetCurrentProcessId
GetVersionExW
CreateProcessA
GetWindowsDirectoryA
DebugBreak
InitializeCriticalSection
DeleteCriticalSection
OutputDebugStringW
WriteFile
SetFilePointer
SetConsoleTitleW
AllocConsole
GetStdHandle
lstrcmpiW
GetModuleFileNameW
WaitForSingleObject
CreateThread
FatalAppExitW
MultiByteToWideChar
lstrcatA
lstrlenA
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
WaitForMultipleObjects
InterlockedIncrement
InterlockedDecrement
IsBadWritePtr
IsBadReadPtr
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
GetVersionExA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
MulDiv
FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
Sleep
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
SetUnhandledExceptionFilter
VirtualAlloc
HeapReAlloc
HeapAlloc
VirtualFree
HeapFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetConsoleCtrlHandler
GetCurrentProcess
TerminateProcess
GetCurrentThread
GetLastError
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
HeapValidate
FatalAppExitA
ExitProcess
GetVersion
SetEnvironmentVariableA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA
OutputDebugStringA
RtlUnwind
GetSystemDirectoryW
LoadLibraryW
WideCharToMultiByte
OpenFile
lstrlenW
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
lstrcpyW
GlobalFree
CreateFileW
GetProfileStringW
GetProfileIntW
GetModuleHandleW
GetProcAddress
lstrcpynW
IsValidLocale
lstrcatW

user32

CreateWindowExW
ShowWindow
ReleaseDC
RegisterClassW
GetDC
SetWindowTextW
MessageBoxW
LoadIconW
LoadCursorW
LoadAcceleratorsW
WaitMessage
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
PeekMessageW
wvsprintfA
GetWindowTextW
GetWindowLongW
GetSysColor
CheckDlgButton
IsDlgButtonChecked
GetDlgItem
EnableWindow
GetDlgItemInt
SetFocus
MessageBeep
GetDlgItemTextW
IsCharAlphaW
IsCharAlphaNumericW
SetDlgItemTextW
UpdateWindow
EndDialog
SetDlgItemInt
DialogBoxParamW
PostMessageW
GetMenuItemCount
RemoveMenu
AppendMenuW
CreatePopupMenu
KillTimer
SetTimer
InvalidateRect
GetWindowRect
SetWindowPos
EnableMenuItem
CheckMenuItem
GetMenu
GetSubMenu
PostQuitMessage
GetAsyncKeyState
BeginPaint
EndPaint
GetClientRect
GetSystemMetrics
MoveWindow
wsprintfW
DefWindowProcW

gdi32

SetTextColor
ExtTextOutW
PatBlt
DeleteObject
CreateSolidBrush
CreateFontW
GetStockObject
SelectObject
GetTextMetricsW
SetBkColor

comdlg32

GetOpenFileNameW

ole32

CoUninitialize
MkParseDisplayName
CreateBindCtx
CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
StringFromGUID2
GetRunningObjectTable
CreateItemMoniker

winmm

timeGetTime

msacm32

acmMetrics
acmFormatChooseW

olepro32

ord250

oleaut32

SysFreeString

advapi32

RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey

Sections

.text
Size: 236KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
USB CAMERA.exe
.exe windows:4 windows x86 arch:x86

4160b4fc624e437bdae2bc907b0fabf6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Sources\Personal\AMCap\Release\amcap.pdb

Imports

winmm

timeGetTime
timeSetEvent

msacm32

acmFormatChooseA
acmMetrics

olepro32

ord250

rpcrt4

RpcStringFreeA
UuidFromStringA
UuidToStringA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

comctl32

CreateToolbarEx

kernel32

RaiseException
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
MulDiv
GetDiskFreeSpaceA
FreeLibrary
LoadLibraryA
GetFullPathNameA
GetFileSize
lstrcmpiA
lstrlenW
lstrlenA
InterlockedIncrement
InterlockedDecrement
GetVolumeInformationA
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
GetModuleFileNameA
LoadLibraryExA
IsDBCSLeadByte
GetCurrentProcessId
Sleep
GetCommandLineA
LeaveCriticalSection
EnterCriticalSection
GetFileAttributesA
GetLocalTime
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetSystemDefaultLCID
WriteFile
CreateEventA
WideCharToMultiByte
WaitForSingleObject
ResetEvent
GetCurrentThreadId
SetThreadPriority
GetThreadPriority
GetCurrentThread
WaitForMultipleObjects
GetTickCount
CreateThread
CreateSemaphoreA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
ExitProcess
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
LocalAlloc
SetUnhandledExceptionFilter
GetOEMCP
GetCPInfo
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
IsBadReadPtr
IsBadCodePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
MultiByteToWideChar
CreateFileA
ReadFile
SetFilePointer
GetLastError
CloseHandle
GetThreadLocale
GetLocaleInfoA
GetACP
GetCurrentProcess
InterlockedExchange
lstrcpynA
GetModuleHandleA
GetProcAddress
GetVersionExA
SetStdHandle
RtlUnwind
GetStartupInfoA
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapCreate
VirtualFree
IsBadWritePtr
TerminateProcess
FlushFileBuffers
SetEvent

user32

IsZoomed
DefWindowProcA
PostMessageA
GetMenuItemInfoA
UpdateWindow
IsCharAlphaA
IsCharAlphaNumericA
SetFocus
MessageBeep
GetDlgItemTextA
IsDlgButtonChecked
SetDlgItemTextA
CheckDlgButton
GetDlgCtrlID
SetDlgItemInt
EnableWindow
EndDialog
CharNextA
EnableMenuItem
InvalidateRect
GetAsyncKeyState
SetWindowPlacement
GetMenuItemCount
MoveWindow
EndPaint
BeginPaint
PostQuitMessage
CreateWindowExA
SetMenuItemInfoA
GetKeyState
MessageBoxA
GetMenu
GetQueueStatus
RemoveMenu
AppendMenuA
CreatePopupMenu
GetDC
ReleaseDC
SetTimer
GetWindowTextA
GetSysColor
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
RegisterClassA
LoadIconA
LoadCursorA
LoadAcceleratorsA
WaitMessage
SetWindowTextA
CheckMenuItem
DialogBoxParamA
GetDlgItem
SendMessageA
GetClientRect
IsWindowVisible
GetDesktopWindow
GetWindowLongA
SetWindowLongA
ShowWindow
SetWindowPos
KillTimer
IsRectEmpty
SetRect
OffsetRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSystemMetrics
RegisterWindowMessageA
PostThreadMessageA
GetSubMenu
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
PeekMessageA
SetRectEmpty
TranslateAcceleratorA
GetDlgItemInt

gdi32

CreateCompatibleDC
GetTextMetricsA
GetStockObject
GetObjectA
CreateDIBitmap
GetDeviceCaps
CreateFontIndirectA
CreateFontA
CreateSolidBrush
PatBlt
ExtTextOutA
DeleteDC
SelectObject
GetTextExtentPoint32A
CreateCompatibleBitmap
SetTextColor
SetBkColor
TextOutA
DeleteObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegCloseKey
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetMalloc
SHGetPathFromIDListA

ole32

CoTaskMemFree
CoCreateInstance
GetRunningObjectTable
CoTaskMemAlloc
CoTaskMemRealloc
CreateItemMoniker
CreateBindCtx
CoInitializeEx
CoUninitialize
CoInitialize
MkParseDisplayName

oleaut32

SysAllocString
SysFreeString
VarUI4FromStr
VariantClear
VariantInit

shlwapi

PathFindExtensionA
PathAddExtensionA
PathAppendA
PathFileExistsA
PathFindExtensionW
PathRenameExtensionA

gdiplus

GdipSaveImageToFile
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdiplusShutdown
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage

Sections

.text
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
USB CAMERA.ini
driver/DrvInst.exe
.exe windows:6 windows x86 arch:x86

3ab7cc62e4963955ad408cd420cd8ef1

Code Sign

61:03:dc:f6:00:00:00:00:00:0c
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25-07-2008 19:12

Not After

25-07-2011 19:22

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:159C-A3F7-2570,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:15:23:0f:00:00:00:00:00:0a
Certificate

Issuer

CN=Microsoft Windows Verification PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-12-2009 21:57

Not After

07-03-2011 21:57

Subject

CN=Microsoft Windows,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:07:02:dc:00:00:00:00:00:0b
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

15-09-2005 21:55

Not After

15-03-2016 22:05

Subject

CN=Microsoft Windows Verification PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

71:85:11:e5:d1:4c:f1:de:16:92:e6:78:64:21:75:0c:36:76:a6:9e
Signer

Actual PE Digest

71:85:11:e5:d1:4c:f1:de:16:92:e6:78:64:21:75:0c:36:76:a6:9e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

DpInst.pdb

Imports

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
IsTextUnicode
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAce
InitializeAcl
GetLengthSid
SetEntriesInAclW
DeleteService
StartServiceW
ControlService
OpenSCManagerW
CloseServiceHandle
OpenServiceW
QueryServiceStatus
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
CheckTokenMembership
ConvertStringSecurityDescriptorToSecurityDescriptorW

kernel32

GetFileAttributesW
DeleteFileW
ReleaseMutex
SetFilePointer
HeapFree
GetProcessHeap
HeapAlloc
CreateMutexW
FreeConsole
SetConsoleMode
SetConsoleCursorPosition
GetConsoleScreenBufferInfo
FreeLibrary
FillConsoleOutputCharacterW
ReadConsoleOutputW
GetConsoleMode
GetStdHandle
GetProcAddress
LoadLibraryW
WriteConsoleW
IsValidLocale
lstrlenW
lstrcmpW
CompareStringW
GetTempFileNameW
FindFirstFileW
FindNextFileW
FindClose
CopyFileW
SetFileAttributesW
FormatMessageW
RaiseException
GetFileSize
CreateFileMappingW
MapViewOfFile
WriteConsoleOutputW
UnmapViewOfFile
InterlockedDecrement
InterlockedIncrement
CreateFileW
WriteFile
CreateThread
WaitForMultipleObjectsEx
InterlockedCompareExchange
WaitForSingleObjectEx
SetEvent
CreateEventW
GetExitCodeProcess
DeviceIoControl
VerSetConditionMask
VerifyVersionInfoW
CreateDirectoryW
RemoveDirectoryW
GetCurrentDirectoryW
GetShortPathNameW
GetFullPathNameW
GetSystemDirectoryW
GetSystemWindowsDirectoryW
MoveFileExW
SearchPathW
GetSystemDefaultUILanguage
LoadLibraryExW
CreateFileA
SetEndOfFile
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
GetConsoleCP
GetLocaleInfoA
Sleep
LoadLibraryExA
ReadFile
LCMapStringW
LCMapStringA
GetThreadLocale
SetThreadLocale
GetUserDefaultUILanguage
GetVersionExW
GetLocalTime
GetWindowsDirectoryW
GetModuleFileNameW
SetCurrentDirectoryW
WaitForSingleObject
GetOEMCP
GetACP
GetCPInfo
UnhandledExceptionFilter
TerminateProcess
OutputDebugStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
ExitProcess
GetModuleHandleA
SetUnhandledExceptionFilter
VirtualQuery
GetSystemInfo
GetModuleHandleW
VirtualAlloc
VirtualProtect
GetStartupInfoW
GetEnvironmentVariableW
lstrcmpiW
WideCharToMultiByte
InterlockedExchange
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
GetCommandLineW
LocalAlloc
GlobalFree
LocalFree
MultiByteToWideChar
GetCurrentProcess
GetLastError
CloseHandle
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
EnumResourceLanguagesW
LocalReAlloc
EnterCriticalSection

gdi32

SetLayout
DeleteDC
GetObjectW
CreateCompatibleBitmap
CreateBitmap
SelectObject
StartPage
EndPage
StartDocW
EndDoc
GetTextMetricsW
GetDeviceCaps
CreateFontIndirectW
DeleteObject
CreateCompatibleDC

user32

AllowSetForegroundWindow
DefWindowProcW
PostQuitMessage
GetUserObjectInformationW
GetProcessWindowStation
GetIconInfo
DrawIconEx
CreateIconIndirect
LoadIconW
LoadBitmapW
DrawTextExW
LoadImageW
GetSystemMetrics
GetSysColor
DestroyWindow
GetWindowLongW
SendDlgItemMessageW
InvalidateRect
SystemParametersInfoW
GetDC
ReleaseDC
SetWindowLongW
SetWindowTextW
GetParent
PostMessageW
IsDlgButtonChecked
CheckDlgButton
SetFocus
CallWindowProcW
DestroyIcon
DialogBoxParamW
SetDlgItemTextW
CharLowerW
GetDlgItem
SendMessageW
MessageBoxW
RegisterClassExW
CreateWindowExW
ShowWindow
UnregisterClassA
EndDialog

ntdll

RtlNtStatusToDosError
NtOpenThreadToken
NtQueryInformationToken
NtOpenProcessToken
RtlUnwind
NtClose

shell32

SHGetFolderPathW
ShellExecuteExW
ord59
CommandLineToArgvW

setupapi

SetupDiClassNameFromGuidW
SetupDiOpenClassRegKey
SetupInstallFilesFromInfSectionW
SetupPromptReboot
SetupInstallFromInfSectionW
SetupInstallServicesFromInfSectionW
SetupDiGetActualSectionToInstallW
SetupFindNextLine
SetupFindNextMatchLineW
SetupOpenInfFileW
SetupGetLineCountW
SetupCloseInfFile
SetupFindFirstLineW
SetupGetStringFieldW
pSetupSetGlobalFlags
pSetupGetGlobalFlags
SetupGetFieldCount
SetupGetIntField
SetupOpenAppendInfFileW
SetupDiSetClassInstallParamsW
SetupDiGetClassDevsW
SetupDiGetSelectedDriverW
SetupDiGetDriverInfoDetailW
CM_Enumerate_Classes
CM_Get_DevNode_Status
SetupDiCreateDeviceInfoList
SetupDiSetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdW
SetupDiOpenDevRegKey
SetupDiOpenDeviceInfoW
SetupDiSetSelectedDevice
SetupDiGetDeviceInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiBuildDriverInfoList
SetupDiCallClassInstaller
SetupDiGetDeviceRegistryPropertyW
SetupGetTargetPathW
SetupQueueCopyIndirectW
SetupQueueCopyW
SetupOpenFileQueue
SetupInitDefaultQueueCallbackEx
SetupDefaultQueueCallbackW
SetupCommitFileQueueW
SetupTermDefaultQueueCallback
SetupCloseFileQueue
SetupCopyOEMInfW
CM_Locate_DevNodeW
CM_Get_Device_ID_List_SizeW
CM_Get_Device_ID_ListW
CM_Get_Device_IDW
CM_Setup_DevNode
SetupDiEnumDeviceInfo
CMP_WaitNoPendingInstallEvents
CM_Query_And_Remove_SubTreeW

wintrust

WinVerifyTrust
CryptCATAdminCalcHashFromFileHandle

ole32

CoTaskMemFree
StringFromCLSID
CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

VariantInit
VariantClear
VariantChangeType
SysAllocString
SysFreeString

comctl32

CreatePropertySheetPageW
ImageList_ReplaceIcon
ImageList_SetBkColor
PropertySheetW
ImageList_Create

comdlg32

PrintDlgExW
GetSaveFileNameW

crypt32

CertFreeCertificateContext
CertFreeCTLContext
CertGetCTLContextProperty
CryptQueryObject

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 392KB - Virtual size: 391KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 470KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
driver/DrvInstX64.exe
.exe windows:6 windows x64 arch:x64

3eacb9638877275335da4b58e52824f8

Code Sign

61:15:23:0f:00:00:00:00:00:0a
Certificate

Issuer

CN=Microsoft Windows Verification PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-12-2009 21:57

Not After

07-03-2011 21:57

Subject

CN=Microsoft Windows,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:16:b5:29:00:00:00:00:00:10
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-01-2010 21:12

Not After

04-01-2013 21:22

Subject

CN=Microsoft Time-Stamp Service,OU=nCipher+OU=nCipher DSE ESN:ACD3-AE66-E0B5,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:16:b5:29:00:00:00:00:00:10
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-01-2010 21:12

Not After

04-01-2013 21:22

Subject

CN=Microsoft Time-Stamp Service,OU=nCipher+OU=nCipher DSE ESN:ACD3-AE66-E0B5,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

79:ad:16:a1:4a:a0:a5:ad:4c:73:58:f4:07:13:2e:65
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

09-05-2001 23:19

Not After

09-05-2021 23:28

Subject

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:07:02:dc:00:00:00:00:00:0b
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

15-09-2005 21:55

Not After

15-03-2016 22:05

Subject

CN=Microsoft Windows Verification PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

bf:2c:50:54:a4:3a:a3:54:81:e2:9a:d4:b6:4d:5c:bc:8e:cd:ae:c6
Signer

Actual PE Digest

bf:2c:50:54:a4:3a:a3:54:81:e2:9a:d4:b6:4d:5c:bc:8e:cd:ae:c6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

DpInst.pdb

Imports

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
IsTextUnicode
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetEntriesInAclW
DeleteService
CloseServiceHandle
ControlService
StartServiceW
OpenServiceW
ConvertStringSecurityDescriptorToSecurityDescriptorW
OpenSCManagerW
QueryServiceStatus
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
CheckTokenMembership

kernel32

CreateMutexW
ReleaseMutex
SetFilePointer
HeapAlloc
GetProcessHeap
HeapFree
LoadLibraryW
GetProcAddress
GetStdHandle
GetConsoleMode
SetConsoleMode
ReadConsoleOutputW
FillConsoleOutputCharacterW
SetConsoleCursorPosition
FreeConsole
FreeLibrary
WriteConsoleOutputW
WriteConsoleW
IsValidLocale
VirtualProtect
Sleep
GetFileAttributesW
DeleteFileW
FormatMessageW
RaiseException
CopyFileW
SetFileAttributesW
GetTempFileNameW
FindClose
FindNextFileW
CompareStringW
lstrcmpW
FindFirstFileW
lstrlenW
UnmapViewOfFile
GetConsoleScreenBufferInfo
CreateFileMappingW
LCMapStringW
WaitForMultipleObjectsEx
WaitForSingleObjectEx
SetEndOfFile
CreateEventW
SetEvent
LocalReAlloc
DeviceIoControl
VerifyVersionInfoW
VerSetConditionMask
GetSystemDirectoryW
GetCurrentDirectoryW
GetSystemWindowsDirectoryW
GetShortPathNameW
RemoveDirectoryW
MoveFileExW
CreateDirectoryW
GetFullPathNameW
SetLastError
GetLocaleInfoW
LoadLibraryExW
GetSystemDefaultUILanguage
SearchPathW
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleW
SetUnhandledExceptionFilter
OutputDebugStringA
GetStartupInfoW
GetEnvironmentVariableW
lstrcmpiW
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapSize
HeapReAlloc
HeapDestroy
GetFileSize
CreateThread
SetThreadLocale
GetThreadLocale
WriteFile
CreateFileW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
GetCurrentProcess
GetVersionExW
GetLocalTime
GetWindowsDirectoryW
SetCurrentDirectoryW
GetUserDefaultUILanguage
EnumResourceLanguagesW
GetModuleFileNameW
GetExitCodeProcess
WaitForSingleObject
LocalFree
GlobalFree
LocalAlloc
GetLastError
GetCommandLineW
CloseHandle
MapViewOfFile

gdi32

CreateBitmap
CreateCompatibleBitmap
GetObjectW
DeleteDC
SetLayout
CreateCompatibleDC
EndPage
StartPage
EndDoc
StartDocW
GetTextMetricsW
CreateFontIndirectW
GetDeviceCaps
DeleteObject
SelectObject

user32

DestroyIcon
CreateIconIndirect
DrawIconEx
GetIconInfo
LoadIconW
LoadBitmapW
CharLowerW
UnregisterClassA
PostQuitMessage
DefWindowProcW
RegisterClassExW
CreateWindowExW
ShowWindow
AllowSetForegroundWindow
DialogBoxParamW
SetDlgItemTextW
EndDialog
MessageBoxW
GetDlgItem
SendMessageW
GetProcessWindowStation
GetUserObjectInformationW
LoadImageW
SetWindowTextW
PostMessageW
GetParent
IsDlgButtonChecked
CheckDlgButton
SetFocus
CallWindowProcW
GetWindowLongPtrW
SetWindowLongPtrW
SendDlgItemMessageW
InvalidateRect
GetSystemMetrics
GetSysColor
DestroyWindow
SetWindowLongW
SystemParametersInfoW
GetDC
ReleaseDC
DrawTextExW

msvcrt

_wcmdln
exit
_cexit
_exit
_XcptFilter
__wgetmainargs
_resetstkoflw
__C_specific_handler
memset
_wcsupr
_wcslwr
_errno
__CxxFrameHandler
fread
_initterm
fclose
fwprintf
_wfopen
realloc
??2@YAPEAX_K@Z
wcsstr
_wcsicmp
_wtol
_vscwprintf
free
malloc
??_V@YAXPEAX@Z
??3@YAXPEAX@Z
_amsg_exit
__setusermatherr
_commode
_fmode
__set_app_type
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
??1type_info@@UEAA@XZ
memcpy
memmove
_CxxThrowException
mbtowc
__mb_cur_max
isleadbyte
_iob
_snprintf
_itoa
ferror
__badioinfo
__pioinfo
_fileno
_lseeki64
_write
_isatty
_wcsnicmp
_vsnwprintf
wcsncmp
bsearch
?_set_se_translator@@YAP6AXIPEAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
iswalpha
??_U@YAPEAX_K@Z
wcschr
wcspbrk
wcsrchr
iswdigit
feof
memcmp

ntdll

NtQueryInformationToken
RtlNtStatusToDosError
NtClose
NtOpenThreadToken
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
NtOpenProcessToken

shell32

ord59
CommandLineToArgvW
SHGetFolderPathW
ShellExecuteExW

setupapi

SetupDiSetDeviceRegistryPropertyW
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status
SetupDiOpenDevRegKey
SetupDiEnumDeviceInfo
pSetupSetGlobalFlags
SetupDefaultQueueCallbackW
pSetupGetGlobalFlags
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupGetFieldCount
SetupGetIntField
SetupGetStringFieldW
SetupFindNextMatchLineW
SetupFindNextLine
SetupInstallServicesFromInfSectionW
SetupInstallFromInfSectionW
SetupPromptReboot
SetupDiGetDeviceInstanceIdW
SetupFindFirstLineW
SetupOpenAppendInfFileW
SetupGetLineCountW
SetupDiGetActualSectionToInstallW
SetupCloseInfFile
SetupOpenInfFileW
SetupDiGetSelectedDriverW
SetupCommitFileQueueW
SetupTermDefaultQueueCallback
SetupInitDefaultQueueCallbackEx
SetupQueueCopyW
CMP_WaitNoPendingInstallEvents
SetupCloseFileQueue
SetupOpenFileQueue
SetupDiGetDriverInfoDetailW
SetupDiSetClassInstallParamsW
SetupDiOpenDeviceInfoW
SetupDiSetSelectedDevice
SetupDiCreateDeviceInfoList
SetupDiGetDeviceInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiBuildDriverInfoList
SetupInstallFilesFromInfSectionW
SetupDiCallClassInstaller
SetupDiClassNameFromGuidW
SetupDiOpenClassRegKey
CM_Enumerate_Classes
CM_Get_Device_ID_ListW
CM_Get_Device_ID_List_SizeW
CM_Locate_DevNodeW
CM_Query_And_Remove_SubTreeW
CM_Setup_DevNode
CM_Get_Device_IDW
SetupCopyOEMInfW
SetupGetTargetPathW

wintrust

CryptCATAdminCalcHashFromFileHandle
WinVerifyTrust

ole32

CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance
StringFromCLSID

oleaut32

VariantInit
VariantClear
SysAllocString
SysFreeString
VariantChangeType

comctl32

PropertySheetW
CreatePropertySheetPageW
ImageList_Create
ImageList_ReplaceIcon
ImageList_SetBkColor

comdlg32

PrintDlgExW
GetSaveFileNameW

crypt32

CertFreeCTLContext
CertFreeCertificateContext
CertGetCTLContextProperty
CryptQueryObject

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 510KB - Virtual size: 510KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 470KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
driver/wlh/x64/ASI130MM.inf
driver/wlh/x64/ASI130MM.sys
.sys windows:6 windows x64 arch:x64

c294c3f793300bd60d3e6a308fe01d1f

Code Sign

31:8c:d9:c2:93:13:1d:92:49:75:48:20:e9:4e:97:a4
Certificate

Issuer

CN=Cypress

Not Before

22-06-2011 04:59

Not After

31-12-2039 23:59

Subject

CN=Cypress

Extended Key Usages

ExtKeyUsageCodeSigning

91:44:d9:22:cc:54:6a:ed:3d:8d:53:3a:a0:1c:f0:01:58:35:32:a1
Signer

Actual PE Digest

91:44:d9:22:cc:54:6a:ed:3d:8d:53:3a:a0:1c:f0:01:58:35:32:a1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\views\antioch_nnpl_cysuiteusb_latest\software\products\hsusb\cysuiteusb\cyusb_sys\src\objfre_wlh_amd64\amd64\cyusb.pdb

Imports

ntoskrnl.exe

KeClearEvent
ExFreePoolWithTag
IoRegisterDeviceInterface
IoDeleteDevice
KeSetEvent
KeInitializeEvent
IoDetachDevice
PoSetPowerState
IofCompleteRequest
IoAttachDeviceToDeviceStack
IoIsWdmVersionAvailable
IoInitializeRemoveLockEx
IoCreateDevice
IoAllocateWorkItem
KeWaitForSingleObject
IoQueueWorkItem
PoStartNextPowerIrp
PoCallDriver
IofCallDriver
ZwReadFile
RtlInitUnicodeString
ZwCreateFile
ZwClose
ZwQueryInformationFile
IoAcquireRemoveLockEx
IoSetDeviceInterfaceState
RtlFreeUnicodeString
IoReleaseRemoveLockAndWaitEx
ObfReferenceObject
IoReleaseRemoveLockEx
KeAcquireSpinLockRaiseToDpc
IoCancelIrp
IoFreeWorkItem
IoGetDeviceProperty
IoFreeIrp
IoAllocateIrp
IoBuildDeviceIoControlRequest
KeSetImportanceDpc
IoFreeMdl
KeInsertQueueDpc
MmUnlockPages
MmUnmapLockedPages
IoBuildPartialMdl
KeInitializeDpc
IoAllocateMdl
RtlGUIDFromString
IoReportTargetDeviceChangeAsynchronous
ProbeForRead
ProbeForWrite
RtlUnicodeStringToAnsiString
MmMapLockedPagesSpecifyCache
MmProbeAndLockPages
RtlQueryRegistryValues
IoOpenDeviceRegistryKey
KeBugCheckEx
ExFreePool
KeReleaseSpinLock
PoRequestPowerIrp
ExAllocatePoolWithTag
__C_specific_handler

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseConfigurationDescriptorEx
USBD_GetUSBDIVersion

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 238B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
driver/wlh/x64/asi130mm.cat
driver/wlh/x86/ASI130MM.inf
driver/wlh/x86/ASI130MM.sys
.sys windows:6 windows x86 arch:x86

2958acda1f2ebd2100c0f8f7565488e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeClearEvent
InterlockedIncrement
KeSetEvent
InterlockedDecrement
IofCompleteRequest
IoDeleteDevice
IoDetachDevice
IoAttachDeviceToDeviceStack
IoCreateDevice
memset
IoIsWdmVersionAvailable
memcpy
IoQueueWorkItem
IoAllocateWorkItem
KeWaitForSingleObject
PoStartNextPowerIrp
PoCallDriver
IofCallDriver
ZwCreateFile
RtlInitUnicodeString
ZwClose
ZwQueryInformationFile
ZwReadFile
IoSetDeviceInterfaceState
ObfReferenceObject
IoReleaseRemoveLockAndWaitEx
IoAcquireRemoveLockEx
RtlFreeUnicodeString
IoReleaseRemoveLockEx
InterlockedExchange
ExFreePoolWithTag
IoCancelIrp
IoFreeWorkItem
IoGetDeviceProperty
IoFreeIrp
IoAllocateIrp
IoBuildDeviceIoControlRequest
IoFreeMdl
MmUnlockPages
KeInsertQueueDpc
KeSetImportanceDpc
IoBuildPartialMdl
MmUnmapLockedPages
KeInitializeDpc
IoAllocateMdl
RtlGUIDFromString
IoReportTargetDeviceChangeAsynchronous
RtlUnicodeStringToAnsiString
MmMapLockedPagesSpecifyCache
MmProbeAndLockPages
ProbeForWrite
ProbeForRead
RtlQueryRegistryValues
ZwOpenKey
IoOpenDeviceRegistryKey
KeTickCount
RtlUnwind
IoRegisterDeviceInterface
KeInitializeSpinLock
KeInitializeEvent
IoInitializeRemoveLockEx
PoSetPowerState
ExFreePool
PoRequestPowerIrp
ExAllocatePoolWithTag
KeBugCheckEx

hal

KfAcquireSpinLock
KeGetCurrentIrql
KfReleaseSpinLock

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseConfigurationDescriptorEx
USBD_GetUSBDIVersion

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
driver/wxp/x64/ASI130MM.inf
driver/wxp/x64/ASI130MM.sys
.sys windows:6 windows x64 arch:x64

c294c3f793300bd60d3e6a308fe01d1f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\views\antioch_nnpl_cysuiteusb_latest\software\products\hsusb\cysuiteusb\cyusb_sys\src\objfre_wnet_amd64\amd64\cyusb.pdb

Imports

ntoskrnl.exe

KeClearEvent
ExFreePoolWithTag
IoRegisterDeviceInterface
IoDeleteDevice
KeSetEvent
KeInitializeEvent
IoDetachDevice
PoSetPowerState
IofCompleteRequest
IoAttachDeviceToDeviceStack
IoIsWdmVersionAvailable
IoInitializeRemoveLockEx
IoCreateDevice
IoAllocateWorkItem
KeWaitForSingleObject
IoQueueWorkItem
PoStartNextPowerIrp
PoCallDriver
IofCallDriver
ZwReadFile
RtlInitUnicodeString
ZwCreateFile
ZwClose
ZwQueryInformationFile
IoAcquireRemoveLockEx
IoSetDeviceInterfaceState
RtlFreeUnicodeString
IoReleaseRemoveLockAndWaitEx
ObfReferenceObject
IoReleaseRemoveLockEx
KeAcquireSpinLockRaiseToDpc
IoCancelIrp
IoFreeWorkItem
IoGetDeviceProperty
IoFreeIrp
IoAllocateIrp
IoBuildDeviceIoControlRequest
KeSetImportanceDpc
IoFreeMdl
KeInsertQueueDpc
MmUnlockPages
MmUnmapLockedPages
IoBuildPartialMdl
KeInitializeDpc
IoAllocateMdl
RtlGUIDFromString
IoReportTargetDeviceChangeAsynchronous
ProbeForRead
ProbeForWrite
RtlUnicodeStringToAnsiString
MmMapLockedPagesSpecifyCache
MmProbeAndLockPages
RtlQueryRegistryValues
IoOpenDeviceRegistryKey
KeBugCheckEx
ExFreePool
KeReleaseSpinLock
PoRequestPowerIrp
ExAllocatePoolWithTag
__C_specific_handler

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseConfigurationDescriptorEx
USBD_GetUSBDIVersion

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 238B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
driver/wxp/x86/ASI130MM.inf
driver/wxp/x86/ASI130MM.sys
.sys windows:6 windows x86 arch:x86

c5a204bebd710d8328709bf6b3b446a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeClearEvent
InterlockedIncrement
KeSetEvent
InterlockedDecrement
IofCompleteRequest
IoDeleteDevice
IoDetachDevice
IoAttachDeviceToDeviceStack
IoCreateDevice
memset
IoIsWdmVersionAvailable
memcpy
IoQueueWorkItem
IoAllocateWorkItem
KeWaitForSingleObject
PoStartNextPowerIrp
PoCallDriver
IofCallDriver
ZwCreateFile
RtlInitUnicodeString
ZwClose
ZwQueryInformationFile
ZwReadFile
IoSetDeviceInterfaceState
ObfReferenceObject
IoReleaseRemoveLockAndWaitEx
IoAcquireRemoveLockEx
RtlFreeUnicodeString
IoReleaseRemoveLockEx
InterlockedExchange
ExFreePoolWithTag
IoCancelIrp
IoFreeWorkItem
IoGetDeviceProperty
IoFreeIrp
IoAllocateIrp
IoBuildDeviceIoControlRequest
IoFreeMdl
MmUnlockPages
KeInsertQueueDpc
KeSetImportanceDpc
IoBuildPartialMdl
MmUnmapLockedPages
KeInitializeDpc
IoAllocateMdl
RtlGUIDFromString
IoReportTargetDeviceChangeAsynchronous
RtlUnicodeStringToAnsiString
MmMapLockedPagesSpecifyCache
MmProbeAndLockPages
ProbeForWrite
ProbeForRead
RtlQueryRegistryValues
ZwOpenKey
IoOpenDeviceRegistryKey
KeTickCount
IoRegisterDeviceInterface
KeInitializeSpinLock
KeInitializeEvent
IoInitializeRemoveLockEx
PoSetPowerState
ExFreePool
PoRequestPowerIrp
ExAllocatePoolWithTag
RtlUnwind
KeBugCheckEx

hal

KfAcquireSpinLock
KeGetCurrentIrql
KfReleaseSpinLock

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseConfigurationDescriptorEx
USBD_GetUSBDIVersion

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 256B - Virtual size: 232B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 155KB - Virtual size: 154KB

135de77644e2add2fd9dd8176740e7e0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 992B

.rdata Size: 1024B - Virtual size: 839B

.data Size: 512B - Virtual size: 336B

.reloc Size: 512B - Virtual size: 220B

fb1aa2bbc159c94cb45792330366bd5f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: - Virtual size: 16B

.rsrc Size: 1024B - Virtual size: 728B

.reloc Size: 1024B - Virtual size: 558B

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

9b6b6a7858e17fb0b17e1c1428330343

Headers

File Characteristics

Imports

kernel32

user32

gdi32

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 155KB - Virtual size: 154KB

.text
Size: 1024B - Virtual size: 992B

.rdata
Size: 1024B - Virtual size: 839B

.data
Size: 512B - Virtual size: 336B

.reloc
Size: 512B - Virtual size: 220B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 728B

.reloc
Size: 1024B - Virtual size: 558B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 697B

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 320B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 41KB - Virtual size: 41KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 55KB - Virtual size: 55KB

.reloc
Size: 13KB - Virtual size: 12KB

.text
Size: 78KB - Virtual size: 77KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 6KB - Virtual size: 21KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 6KB