D:\workspace\MemuHyperv-5.1.34\out\win.amd64\release\obj\MEmuDrv\MEmuDrv.pdb
Behavioral task
behavioral1
Sample
VALO STRIKE/VALO STRIKE.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
VALO STRIKE/VALO STRIKE.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
VALO STRIKE/lib/loader.exe
Resource
win7-20240319-en
Behavioral task
behavioral4
Sample
VALO STRIKE/lib/loader.exe
Resource
win10v2004-20240226-en
General
-
Target
VALO STRIKE.zip
-
Size
22.0MB
-
MD5
b55ee083562c956c422362615afa6683
-
SHA1
8a78bd455c1ea1fcc26c79d02798ecd9de3899cd
-
SHA256
9697fe5f8925bf14d3148b34c6334b4faa071117c0dd5a8009a05d7c80c72f25
-
SHA512
2bcdb4fd2d0ac7c32294ae123533a3afa4d1ed43ab5a78684bf8e2beea70e24d711a00ba9fbe8dbd3a069179cfa1c7f061ae1fc399efe97768f1590753fb8188
-
SSDEEP
393216:TdUDP69wP/ERn/011vcWr+GPimzKuQOIMuWeJw4gKW2DAnjnhMbsjgd:Bc69y/ERni1vLFPiPqI84fXDAnjn5jQ
Malware Config
Signatures
-
Detects Pyinstaller 1 IoCs
resource yara_rule static1/unpack001/VALO STRIKE/lib/loader.exe pyinstaller -
Unsigned PE 23 IoCs
Checks for missing Authenticode signature.
resource unpack001/VALO STRIKE/App/MEmuDrv_4C26FE707B8538A984DDA52017FA77FDC0515737/MEmuDrv.sys unpack001/VALO STRIKE/App/hcmon_1E804F260BFD7A2F39698591B5E6FF49B1EB033B/hcmon.sys unpack001/VALO STRIKE/App/netuserif_596465B37F6C686158B3D1591036405ECBCF0C38/vmnet.sys unpack001/VALO STRIKE/App/netuserif_596465B37F6C686158B3D1591036405ECBCF0C38/vmnetuserif.sys unpack001/VALO STRIKE/App/netuserif_596465B37F6C686158B3D1591036405ECBCF0C38/vnetinst.dll unpack001/VALO STRIKE/App/vmx86_4E627043F59CB6E52D70B734584C24BE75C48D21/vmx86.sys unpack001/VALO STRIKE/VALO STRIKE.exe unpack001/VALO STRIKE/dll/DMPushRouterCore.dll unpack001/VALO STRIKE/dll/DMRCDecoder.dll unpack001/VALO STRIKE/dll/DmNotificationBroker.exe unpack001/VALO STRIKE/dll/DmOmaCpMo.exe unpack001/VALO STRIKE/dll/dmocx.dll unpack001/VALO STRIKE/dll/dmoleaututils.dll unpack001/VALO STRIKE/dll/dmprocessxmlfiltered.dll unpack001/VALO STRIKE/dll/dmpushproxy.dll unpack001/VALO STRIKE/dll/dmsynth.dll unpack001/VALO STRIKE/dll/dmusic.dll unpack001/VALO STRIKE/dll/dmutil.dll unpack001/VALO STRIKE/dll/dmvdsitf.dll unpack001/VALO STRIKE/dll/dmview.ocx unpack001/VALO STRIKE/dll/dmwappushsvc.dll unpack001/VALO STRIKE/dll/dmwmicsp.dll unpack001/VALO STRIKE/lib/loader.exe
Files
-
VALO STRIKE.zip.zip
Password: 2024
-
VALO STRIKE/App/MEmuDrv_4C26FE707B8538A984DDA52017FA77FDC0515737/MEmuDrv.cat
-
VALO STRIKE/App/MEmuDrv_4C26FE707B8538A984DDA52017FA77FDC0515737/MEmuDrv.inf
-
VALO STRIKE/App/MEmuDrv_4C26FE707B8538A984DDA52017FA77FDC0515737/MEmuDrv.sys.sys windows:5 windows x64 arch:x64
9470f56376e665fb981a35b303436041
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
ntoskrnl.exe
strchr
IoDeleteDevice
IoCreateDevice
RtlInitUnicodeString
ObfDereferenceObject
ExUnregisterCallback
IofCompleteRequest
__C_specific_handler
ExFreePoolWithTag
ExAllocatePoolWithTag
IoIs32bitProcess
ZwSetSystemInformation
ExRegisterCallback
ExCreateCallback
MmGetSystemRoutineAddress
RtlQueryRegistryValues
DbgPrint
KeSetTimerEx
KeInsertQueueDpc
KeRemoveQueueDpc
KeCancelTimer
KeSetImportanceDpc
KeInitializeDpc
KeInitializeTimerEx
KeQueryTimeIncrement
KeDelayExecutionThread
ZwYieldExecution
KeSetPriorityThread
KeWaitForSingleObject
ZwClose
ObReferenceObjectByHandle
PsCreateSystemThread
KeAcquireSpinLockRaiseToDpc
KeReleaseSpinLock
KeInitializeMutex
KeReleaseMutex
KeReadStateMutex
KeInitializeEvent
ExAcquireFastMutex
ExReleaseFastMutex
KeSetEvent
KeResetEvent
PsGetCurrentProcessId
IoGetCurrentProcess
ProbeForRead
ProbeForWrite
MmHighestUserAddress
MmSystemRangeStart
KeSetTargetProcessorDpc
KeNumberProcessors
PsGetVersion
MmIsAddressValid
MmUnmapIoSpace
MmUnlockPages
MmFreeContiguousMemory
IoFreeMdl
MmFreePagesFromMdl
MmUnsecureVirtualMemory
MmUnmapLockedPages
MmProtectMdlSystemAddress
MmBuildMdlForNonPagedPool
IoAllocateMdl
MmAllocateContiguousMemorySpecifyCache
MmAllocatePagesForMdl
MmSecureVirtualMemory
MmProbeAndLockPages
MmMapIoSpace
MmMapLockedPagesSpecifyCache
MmGetPhysicalAddress
MmAllocateContiguousMemory
Exports
Exports
ASMAtomicBitClear
ASMAtomicXchgU16
ASMAtomicXchgU8
ASMGetCS
ASMGetDS
ASMGetES
ASMGetFS
ASMGetGS
ASMGetIDTR
ASMGetSS
ASMMultU64ByU32DivByU32
ASMNopPause
RTAssertAreQuiet
RTAssertMayPanic
RTAssertMsg1
RTAssertMsg1Weak
RTAssertMsg2AddV
RTAssertMsg2V
RTAssertMsg2Weak
RTAssertMsg2WeakV
RTAssertSetMayPanic
RTAssertSetQuiet
RTAssertShouldPanic
RTAvlPVDestroy
RTAvlPVDoWithAll
RTAvlPVGet
RTAvlPVGetBestFit
RTAvlPVInsert
RTAvlPVRemove
RTAvlPVRemoveBestFit
RTCrc32
RTCrc32Finish
RTCrc32Process
RTCrc32Start
RTErrConvertFromErrno
RTErrConvertFromNtStatus
RTErrConvertToErrno
RTErrVarsAreEqual
RTErrVarsHaveChanged
RTErrVarsRestore
RTErrVarsSave
RTHandleTableAllocWithCtx
RTHandleTableCreate
RTHandleTableCreateEx
RTHandleTableDestroy
RTHandleTableFreeWithCtx
RTHandleTableLookupWithCtx
RTLatin1CalcUtf8Len
RTLatin1CalcUtf8LenEx
RTLatin1ToUtf8ExTag
RTLatin1ToUtf8Tag
RTLogCloneRC
RTLogComPrintf
RTLogComPrintfV
RTLogCreate
RTLogCreateEx
RTLogCreateExV
RTLogDefaultInit
RTLogDefaultInstance
RTLogDefaultInstanceEx
RTLogDestinations
RTLogDestroy
RTLogDumpPrintfV
RTLogFlags
RTLogFlush
RTLogFlushRC
RTLogFlushToLogger
RTLogFormatV
RTLogGetDefaultInstance
RTLogGetDefaultInstanceEx
RTLogGetDestinations
RTLogGetFlags
RTLogGetGroupSettings
RTLogGroupSettings
RTLogLogger
RTLogLoggerEx
RTLogLoggerExV
RTLogLoggerV
RTLogPrintf
RTLogPrintfV
RTLogRelGetDefaultInstance
RTLogRelGetDefaultInstanceEx
RTLogRelLoggerV
RTLogRelPrintfV
RTLogRelSetBuffering
RTLogRelSetDefaultInstance
RTLogSetBuffering
RTLogSetCustomPrefixCallback
RTLogSetDefaultInstance
RTLogSetDefaultInstanceThread
RTLogWriteCom
RTLogWriteDebugger
RTLogWriteStdErr
RTLogWriteStdOut
RTLogWriteUser
RTMemAllocExTag
RTMemAllocTag
RTMemAllocVarTag
RTMemAllocZTag
RTMemAllocZVarTag
RTMemContAlloc
RTMemContFree
RTMemDupExTag
RTMemDupTag
RTMemExecAllocTag
RTMemExecFree
RTMemFree
RTMemFreeEx
RTMemReallocTag
RTMemTmpAllocTag
RTMemTmpAllocZTag
RTMemTmpFree
RTMpCpuId
RTMpCpuIdFromSetIndex
RTMpCpuIdToSetIndex
RTMpCurSetIndex
RTMpCurSetIndexAndId
RTMpGetArraySize
RTMpGetCount
RTMpGetCpuGroupCounts
RTMpGetMaxCpuGroupCount
RTMpGetMaxCpuId
RTMpGetOnlineCoreCount
RTMpGetOnlineCount
RTMpGetOnlineSet
RTMpGetPresentCoreCount
RTMpGetPresentCount
RTMpGetPresentSet
RTMpGetSet
RTMpIsCpuOnline
RTMpIsCpuPossible
RTMpIsCpuPresent
RTMpIsCpuWorkPending
RTMpNotificationDeregister
RTMpNotificationRegister
RTMpOnAll
RTMpOnAllIsConcurrentSafe
RTMpOnOthers
RTMpOnPair
RTMpOnPairIsConcurrentExecSupported
RTMpOnSpecific
RTMpPokeCpu
RTMpSetIndexFromCpuGroupMember
RTNetIPv4AddDataChecksum
RTNetIPv4AddTCPChecksum
RTNetIPv4AddUDPChecksum
RTNetIPv4FinalizeChecksum
RTNetIPv4HdrChecksum
RTNetIPv4IsDHCPValid
RTNetIPv4IsHdrValid
RTNetIPv4IsTCPSizeValid
RTNetIPv4IsTCPValid
RTNetIPv4IsUDPSizeValid
RTNetIPv4IsUDPValid
RTNetIPv4PseudoChecksum
RTNetIPv4PseudoChecksumBits
RTNetIPv4TCPChecksum
RTNetIPv4UDPChecksum
RTNetIPv6PseudoChecksum
RTNetIPv6PseudoChecksumBits
RTNetIPv6PseudoChecksumEx
RTNetTCPChecksum
RTNetUDPChecksum
RTOnceReset
RTOnceSlow
RTPowerNotificationDeregister
RTPowerNotificationRegister
RTPowerSignalEvent
RTProcSelf
RTR0AssertPanicSystem
RTR0Init
RTR0MemAreKrnlAndUsrDifferent
RTR0MemKernelCopyFrom
RTR0MemKernelCopyTo
RTR0MemKernelIsValidAddr
RTR0MemObjAddress
RTR0MemObjAddressR3
RTR0MemObjAllocContTag
RTR0MemObjAllocLowTag
RTR0MemObjAllocPageTag
RTR0MemObjAllocPhysExTag
RTR0MemObjAllocPhysNCTag
RTR0MemObjAllocPhysTag
RTR0MemObjEnterPhysTag
RTR0MemObjFree
RTR0MemObjGetPagePhysAddr
RTR0MemObjIsMapping
RTR0MemObjLockKernelTag
RTR0MemObjLockUserTag
RTR0MemObjMapKernelExTag
RTR0MemObjMapKernelTag
RTR0MemObjMapUserTag
RTR0MemObjProtect
RTR0MemObjReserveKernelTag
RTR0MemObjReserveUserTag
RTR0MemObjSize
RTR0MemUserCopyFrom
RTR0MemUserCopyTo
RTR0MemUserIsValidAddr
RTR0ProcHandleSelf
RTR0Term
RTR0TermForced
RTSemEventCreate
RTSemEventCreateEx
RTSemEventDestroy
RTSemEventGetResolution
RTSemEventMultiCreate
RTSemEventMultiCreateEx
RTSemEventMultiDestroy
RTSemEventMultiGetResolution
RTSemEventMultiReset
RTSemEventMultiSignal
RTSemEventMultiWait
RTSemEventMultiWaitEx
RTSemEventMultiWaitExDebug
RTSemEventMultiWaitNoResume
RTSemEventSignal
RTSemEventWait
RTSemEventWaitEx
RTSemEventWaitExDebug
RTSemEventWaitNoResume
RTSemFastMutexCreate
RTSemFastMutexDestroy
RTSemFastMutexRelease
RTSemFastMutexRequest
RTSemMutexCreate
RTSemMutexCreateEx
RTSemMutexDestroy
RTSemMutexIsOwned
RTSemMutexRelease
RTSemMutexRequest
RTSemMutexRequestDebug
RTSemMutexRequestNoResume
RTSemMutexRequestNoResumeDebug
RTSemSpinMutexCreate
RTSemSpinMutexDestroy
RTSemSpinMutexRelease
RTSemSpinMutexRequest
RTSemSpinMutexTryRequest
RTSpinlockAcquire
RTSpinlockCreate
RTSpinlockDestroy
RTSpinlockRelease
RTStrAAppendNTag
RTStrAAppendTag
RTStrATruncateTag
RTStrAllocExTag
RTStrAllocTag
RTStrCalcLatin1Len
RTStrCalcLatin1LenEx
RTStrCalcUtf16Len
RTStrCalcUtf16LenEx
RTStrConvertHexBytes
RTStrCopy
RTStrCopyEx
RTStrCopyP
RTStrDupExTag
RTStrDupNTag
RTStrDupTag
RTStrFormat
RTStrFormatNumber
RTStrFormatTypeDeregister
RTStrFormatTypeRegister
RTStrFormatTypeSetUser
RTStrFormatV
RTStrFree
RTStrGetCpExInternal
RTStrGetCpInternal
RTStrGetCpNExInternal
RTStrIsValidEncoding
RTStrNCmp
RTStrPrevCp
RTStrPrintf
RTStrPrintfEx
RTStrPrintfExV
RTStrPrintfV
RTStrPurgeComplementSet
RTStrPurgeEncoding
RTStrPutCpInternal
RTStrReallocTag
RTStrToInt16
RTStrToInt16Ex
RTStrToInt16Full
RTStrToInt32
RTStrToInt32Ex
RTStrToInt32Full
RTStrToInt64
RTStrToInt64Ex
RTStrToInt64Full
RTStrToInt8
RTStrToInt8Ex
RTStrToInt8Full
RTStrToLatin1ExTag
RTStrToLatin1Tag
RTStrToUInt16
RTStrToUInt16Ex
RTStrToUInt16Full
RTStrToUInt32
RTStrToUInt32Ex
RTStrToUInt32Full
RTStrToUInt64
RTStrToUInt64Ex
RTStrToUInt64Full
RTStrToUInt8
RTStrToUInt8Ex
RTStrToUInt8Full
RTStrToUni
RTStrToUniEx
RTStrToUtf16ExTag
RTStrToUtf16Tag
RTStrUniLen
RTStrUniLenEx
RTStrValidateEncoding
RTStrValidateEncodingEx
RTTermDeregisterCallback
RTTermRegisterCallback
RTTermRunCallbacks
RTThreadCreate
RTThreadCreateF
RTThreadCreateV
RTThreadCtxHookCreate
RTThreadCtxHookDestroy
RTThreadCtxHookDisable
RTThreadCtxHookEnable
RTThreadCtxHookIsEnabled
RTThreadFromNative
RTThreadGetName
RTThreadGetNative
RTThreadGetType
RTThreadIsInInterrupt
RTThreadIsInitialized
RTThreadIsMain
RTThreadIsSelfAlive
RTThreadIsSelfKnown
RTThreadNativeSelf
RTThreadPreemptDisable
RTThreadPreemptIsEnabled
RTThreadPreemptIsPending
RTThreadPreemptIsPendingTrusty
RTThreadPreemptIsPossible
RTThreadPreemptRestore
RTThreadSelf
RTThreadSelfName
RTThreadSetName
RTThreadSetType
RTThreadSleep
RTThreadUserReset
RTThreadUserSignal
RTThreadUserWait
RTThreadUserWaitNoResume
RTThreadWait
RTThreadWaitNoResume
RTThreadYield
RTTimeCompare
RTTimeExplode
RTTimeFromString
RTTimeImplode
RTTimeIsLeapYear
RTTimeMilliTS
RTTimeNanoTS
RTTimeNormalize
RTTimeNow
RTTimeSpecFromString
RTTimeSpecToString
RTTimeSystemMilliTS
RTTimeSystemNanoTS
RTTimeToString
RTTimerCanDoHighResolution
RTTimerChangeInterval
RTTimerCreate
RTTimerCreateEx
RTTimerDestroy
RTTimerGetSystemGranularity
RTTimerReleaseSystemGranularity
RTTimerRequestSystemGranularity
RTTimerStart
RTTimerStop
RTUuidClear
RTUuidCompare
RTUuidCompare2Strs
RTUuidCompareStr
RTUuidFromStr
RTUuidFromUtf16
RTUuidIsNull
RTUuidToStr
RTUuidToUtf16
SUPGetCpuHzFromGipForAsyncMode
SUPGetGIP
SUPGetTscDeltaSlow
SUPIsTscFreqCompatible
SUPIsTscFreqCompatibleEx
SUPR0BadContext
SUPR0ChangeCR4
SUPR0ComponentDeregisterFactory
SUPR0ComponentQueryFactory
SUPR0ComponentRegisterFactory
SUPR0ContAlloc
SUPR0ContFree
SUPR0EnableVTx
SUPR0GetCurrentGdtRw
SUPR0GetKernelFeatures
SUPR0GetPagingMode
SUPR0GetSessionGVM
SUPR0GetSessionVM
SUPR0GetSvmUsability
SUPR0GetVmxUsability
SUPR0GipMap
SUPR0GipUnmap
SUPR0LockMem
SUPR0LowAlloc
SUPR0LowFree
SUPR0MemAlloc
SUPR0MemFree
SUPR0MemGetPhys
SUPR0ObjAddRef
SUPR0ObjAddRefEx
SUPR0ObjRegister
SUPR0ObjRelease
SUPR0ObjVerifyAccess
SUPR0PageAllocEx
SUPR0PageFree
SUPR0PageMapKernel
SUPR0PageProtect
SUPR0Printf
SUPR0QueryUcodeRev
SUPR0QueryVTCaps
SUPR0ResumeVTxOnCpu
SUPR0SetSessionVM
SUPR0SuspendVTxOnCpu
SUPR0TracerDeregisterDrv
SUPR0TracerDeregisterImpl
SUPR0TracerFireProbe
SUPR0TracerRegisterDrv
SUPR0TracerRegisterImpl
SUPR0TracerRegisterModule
SUPR0TracerUmodProbeFire
SUPR0TscDeltaMeasureBySetIndex
SUPR0UnlockMem
SUPReadTscWithDelta
SUPSemEventClose
SUPSemEventCreate
SUPSemEventGetResolution
SUPSemEventMultiClose
SUPSemEventMultiCreate
SUPSemEventMultiGetResolution
SUPSemEventMultiReset
SUPSemEventMultiSignal
SUPSemEventMultiWait
SUPSemEventMultiWaitNoResume
SUPSemEventMultiWaitNsAbsIntr
SUPSemEventMultiWaitNsRelIntr
SUPSemEventSignal
SUPSemEventWait
SUPSemEventWaitNoResume
SUPSemEventWaitNsAbsIntr
SUPSemEventWaitNsRelIntr
g_pSUPGlobalInfoPage
g_pszRTAssertExpr
g_pszRTAssertFile
g_pszRTAssertFunction
g_szRTAssertMsg1
g_szRTAssertMsg2
g_u32RTAssertLine
Sections
.text Size: 171KB - Virtual size: 170KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 61KB - Virtual size: 60KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 15KB - Virtual size: 74KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.edata Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1000B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/App/hcmon_1E804F260BFD7A2F39698591B5E6FF49B1EB033B/hcmon.cat
-
VALO STRIKE/App/hcmon_1E804F260BFD7A2F39698591B5E6FF49B1EB033B/hcmon.inf
-
VALO STRIKE/App/hcmon_1E804F260BFD7A2F39698591B5E6FF49B1EB033B/hcmon.sys.sys windows:10 windows x64 arch:x64
a80c1b82d455074777c3c9780a4f5f43
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
D:\build\ob\bora-17853515\bora\build\build\hcmon\release\win-kernel\hcmon\Win7Release\x64\bin\hcmon.pdb
Imports
ntoskrnl.exe
wcschr
_wcsicmp
_wcsupr
RtlUnicodeStringToInteger
RtlInitUnicodeString
RtlCompareUnicodeString
RtlEqualUnicodeString
RtlCopyUnicodeString
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
RtlGetVersion
RtlCompareMemory
KeInitializeDpc
KeFlushQueuedDpcs
KeInitializeEvent
KeClearEvent
KeSetEvent
KeDelayExecutionThread
KeInitializeTimer
KeCancelTimer
KeSetTimer
KeWaitForMultipleObjects
KeWaitForSingleObject
KeAcquireSpinLockAtDpcLevel
KeAcquireSpinLockRaiseToDpc
KeReleaseSpinLock
KeReleaseSpinLockFromDpcLevel
KeBugCheckEx
ExAllocatePoolWithTag
ExFreePoolWithTag
MmGetSystemRoutineAddress
PsCreateSystemThread
IoAllocateErrorLogEntry
IoAllocateIrp
IoBuildDeviceIoControlRequest
IofCallDriver
IoCancelIrp
IofCompleteRequest
IoCreateDevice
IoCreateSymbolicLink
IoDeleteDevice
IoDeleteSymbolicLink
IoFreeIrp
IoGetAttachedDeviceReference
IoGetDeviceObjectPointer
IoSetCompletionRoutineEx
IoWriteErrorLogEntry
IoWMIRegistrationControl
IoCsqInitialize
IoCsqInsertIrp
IoCsqRemoveNextIrp
IoCsqRemoveIrp
IoInvalidateDeviceRelations
IoGetDeviceProperty
IoRegisterPlugPlayNotification
IoUnregisterPlugPlayNotification
ObReferenceObjectByHandle
ObfReferenceObject
ObfDereferenceObject
ZwClose
ZwOpenKey
ZwQueryValueKey
IoGetAttachedDevice
IoEnumerateDeviceObjectList
IoGetLowerDeviceObject
ObQueryNameString
_vsnwprintf
_vsnprintf
IoFileObjectType
ExEventObjectType
RtlQueryRegistryValues
RtlCreateSecurityDescriptor
RtlLengthSecurityDescriptor
RtlSetDaclSecurityDescriptor
SeAccessCheck
SeValidSecurityDescriptor
IoGetFileObjectGenericMapping
RtlCreateAcl
RtlSetOwnerSecurityDescriptor
RtlSetGroupSecurityDescriptor
RtlAbsoluteToSelfRelativeSD
RtlAddAccessAllowedAce
RtlInitializeSid
RtlSubAuthoritySid
RtlLengthRequiredSid
Sections
.text Size: 40KB - Virtual size: 40KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PAGE Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
INIT Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 228B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/App/netuserif_596465B37F6C686158B3D1591036405ECBCF0C38/netuserif.inf
-
VALO STRIKE/App/netuserif_596465B37F6C686158B3D1591036405ECBCF0C38/vmnet.sys.dll windows:10 windows x64 arch:x64
Password: 2024
75a0b28bcdef0ac18a938cf231bb1996
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
D:\build\ob\bora-17734799\bora\build\build\vmnet\release\win-kernel\vnet\Win7Release\x64\bin\vmnet.pdb
Imports
ntoskrnl.exe
RtlGetVersion
KeAcquireSpinLockAtDpcLevel
KeAcquireSpinLockRaiseToDpc
KeReleaseSpinLock
KeReleaseSpinLockFromDpcLevel
ExAllocatePoolWithTag
ExFreePoolWithTag
IoAllocateErrorLogEntry
IoWriteErrorLogEntry
_vsnprintf
KeBugCheckEx
Exports
Exports
DllInitialize
DllUnload
Log_Error
Log_Event
Log_EventMsg
VNetEvent_DestroyListener
VNetEvent_DestroySender
VNetEvent_GetSenderId
VNetEvent_Send
VNet_ActiveConnections
VNet_AllocateMemoryWithTag
VNet_CallBridge
VNet_CheckMACAddress
VNet_Cleanup
VNet_ConnectHostAdapters
VNet_ConnectToPvn
VNet_ConnectToVnet
VNet_ConnectVNets
VNet_CreateListener
VNet_CreateSender
VNet_DeRegisterReader
VNet_DeRegisterWriter
VNet_Disconnect
VNet_DisconnectHostAdapters
VNet_DisconnectVNets
VNet_FreeMemory
VNet_GetBridge
VNet_GetBridgeStatus
VNet_GetStats
VNet_HasFilterFlags
VNet_HasHOAdapter
VNet_Init
VNet_InitReaderWriter
VNet_PacketAllocate
VNet_PacketAttach
VNet_PacketRelease
VNet_RegisterReader
VNet_RegisterWriter
VNet_Send
VNet_SetFilterFlags
VNet_SetIFFlags
VNet_SetMacAddr
VNet_SetStats
VNet_SpinRegisterReader
VNet_SpinRegisterWriter
VNet_Version
Sections
.text Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1024B - Virtual size: 672B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.edata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 1024B - Virtual size: 546B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 968B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 20B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/App/netuserif_596465B37F6C686158B3D1591036405ECBCF0C38/vmnetuserif.cat
-
VALO STRIKE/App/netuserif_596465B37F6C686158B3D1591036405ECBCF0C38/vmnetuserif.sys.sys windows:10 windows x64 arch:x64
32ac3357add9a76de708a1785e370328
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
D:\build\ob\bora-17734799\bora\build\build\vmnet\release\win-kernel\userif\Win7Release\x64\bin\vmnetUserif.pdb
Imports
ntoskrnl.exe
RtlAddAccessAllowedAce
RtlInitializeSid
RtlSubAuthoritySid
RtlLengthRequiredSid
RtlIsNtDdiVersionAvailable
KeClearEvent
KeSetEvent
MmProbeAndLockPages
RtlAbsoluteToSelfRelativeSD
MmMapLockedPagesSpecifyCache
IoAllocateMdl
IoFreeMdl
KeInitializeMutex
KeReleaseMutex
KeWaitForSingleObject
KeBugCheckEx
RtlSetGroupSecurityDescriptor
RtlSetOwnerSecurityDescriptor
RtlCreateAcl
IoGetFileObjectGenericMapping
SeValidSecurityDescriptor
SeAccessCheck
ExFreePoolWithTag
ExAllocatePoolWithTag
RtlSetDaclSecurityDescriptor
RtlLengthSecurityDescriptor
RtlCreateSecurityDescriptor
RtlQueryRegistryValues
ExEventObjectType
__C_specific_handler
ObfDereferenceObject
ObReferenceObjectByHandle
IoIs32bitProcess
IoDeleteSymbolicLink
IoDeleteDevice
IoCreateSymbolicLink
IoCreateDevice
IofCompleteRequest
ProbeForWrite
ProbeForRead
KeReleaseSpinLockFromDpcLevel
KeReleaseSpinLock
KeAcquireSpinLockRaiseToDpc
KeAcquireSpinLockAtDpcLevel
RtlGetVersion
MmUnlockPages
RtlInitUnicodeString
vmnet.sys
VNetEvent_DestroyListener
Log_Event
Log_Error
VNet_PacketRelease
VNet_PacketAttach
VNet_PacketAllocate
VNet_CreateSender
VNet_ConnectVNets
VNet_DisconnectVNets
VNet_ConnectHostAdapters
VNet_DisconnectHostAdapters
VNet_SetStats
VNet_GetStats
VNet_CallBridge
VNet_GetBridgeStatus
VNet_SetMacAddr
VNet_SetIFFlags
VNet_Send
VNet_Disconnect
VNet_ConnectToPvn
VNet_ConnectToVnet
VNet_FreeMemory
VNet_AllocateMemoryWithTag
VNet_Cleanup
VNet_Init
VNet_Version
VNetEvent_GetSenderId
VNetEvent_Send
VNetEvent_DestroySender
VNet_CreateListener
Sections
.text Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 296B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 384B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 20B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/App/netuserif_596465B37F6C686158B3D1591036405ECBCF0C38/vnetinst.dll.dll windows:6 windows x64 arch:x64
Password: 2024
333d031929d7549b3d7b558bfd14faeb
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
D:\build\ob\bora-17734799\bora\build\build\LIBRARIES\vnetlibcoinst\win64\release\vnetinst.pdb
Imports
kernel32
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
ExitProcess
TerminateProcess
FreeLibrary
GetModuleHandleExW
GetProcAddress
GetModuleFileNameW
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
CreateFileW
CloseHandle
WriteConsoleW
RtlUnwindEx
InterlockedFlushSList
RaiseException
vnetlib64
VNL_AdapterCoinstaller
Exports
Exports
VNL_AdapterCoinstaller
Sections
.text Size: 44KB - Virtual size: 44KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 36KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gehcont Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 384B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/App/vmx86_4E627043F59CB6E52D70B734584C24BE75C48D21/vmx86.cat
-
VALO STRIKE/App/vmx86_4E627043F59CB6E52D70B734584C24BE75C48D21/vmx86.inf
-
VALO STRIKE/App/vmx86_4E627043F59CB6E52D70B734584C24BE75C48D21/vmx86.sys.sys windows:10 windows x64 arch:x64
dec291ba2df0cb61cfde540720dfb011
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
D:\build\ob\bora-18451320\bora\build\build\vmx86\release\win-kernel\vmx86\Win8Release\x64\bin\vmx86.pdb
Imports
ntoskrnl.exe
RtlCopyUnicodeString
RtlGetVersion
RtlIsNtDdiVersionAvailable
KeInitializeDpc
KeInitializeEvent
KeSetEvent
KeInitializeTimer
KeCancelTimer
KeSetTimer
KeWaitForSingleObject
KeBugCheckEx
KeQueryGroupAffinity
KeGetCurrentProcessorNumberEx
ExFreePoolWithTag
ExCreateCallback
ExRegisterCallback
ExUnregisterCallback
PsCreateSystemThread
PsTerminateSystemThread
IofCompleteRequest
IoCreateDevice
IoCreateSymbolicLink
IoDeleteDevice
IoDeleteSymbolicLink
IoGetCurrentProcess
ObReferenceObjectByHandle
ObfDereferenceObject
ZwClose
ZwCreateKey
ZwOpenKey
ZwQueryValueKey
ZwSetValueKey
PsGetCurrentProcessId
PsGetCurrentThreadId
_vsnprintf
ZwOpenThread
KeNumberProcessors
DbgPrint
KeLowerIrql
KfRaiseIrql
KeInsertQueueDpc
KeSetImportanceDpc
KeFlushQueuedDpcs
KeClearEvent
KeDelayExecutionThread
KeSetTargetProcessorDpcEx
KeSetTimerEx
KeIpiGenericCall
KeQueryTimeIncrement
MmGetSystemRoutineAddress
KeGetProcessorNumberFromIndex
ExAllocatePoolWithTag
ExAcquireFastMutex
ExReleaseFastMutex
ProbeForRead
ProbeForWrite
ExSetTimerResolution
MmProbeAndLockSelectedPages
MmProbeAndLockPages
MmUnlockPages
MmBuildMdlForNonPagedPool
MmMapLockedPagesSpecifyCache
MmUnmapLockedPages
MmAllocatePagesForMdlEx
MmFreePagesFromMdl
MmMapIoSpace
MmUnmapIoSpace
MmAllocateContiguousMemorySpecifyCache
MmFreeContiguousMemory
IoAllocateMdl
IoFreeMdl
ZwOpenSection
ZwMapViewOfSection
ZwUnmapViewOfSection
MmGetPhysicalMemoryRanges
MmGetPhysicalAddress
MmIsAddressValid
qsort
ZwAlertThread
ZwQuerySystemInformation
__C_specific_handler
strcmp
RtlQueryRegistryValues
RtlCreateSecurityDescriptor
RtlLengthSecurityDescriptor
RtlSetDaclSecurityDescriptor
SeAccessCheck
SeValidSecurityDescriptor
IoGetFileObjectGenericMapping
RtlCreateAcl
RtlSetOwnerSecurityDescriptor
RtlSetGroupSecurityDescriptor
RtlAbsoluteToSelfRelativeSD
RtlAddAccessAllowedAce
RtlInitializeSid
RtlSubAuthoritySid
RtlLengthRequiredSid
IoAllocateErrorLogEntry
IoWriteErrorLogEntry
KeQueryUnbiasedInterruptTime
RtlInitUnicodeString
hal
KeQueryPerformanceCounter
Sections
.text Size: 65KB - Virtual size: 65KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 896B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 32B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/DirectX.log
-
VALO STRIKE/Professional.xml.xml
-
VALO STRIKE/README!!!.txt
-
VALO STRIKE/VALO STRIKE.exe.exe windows:6 windows x86 arch:x86
Password: 2024
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 175KB - Virtual size: 174KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 719KB - Virtual size: 719KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
VALO STRIKE/bootstat.dat
-
VALO STRIKE/data/dberr.txt
-
VALO STRIKE/data/{127D0A1D-4EF2-11D1-8608-00C04FC295EE}/catdb
-
VALO STRIKE/data/{127D0A1D-4EF2-11D1-8608-00C04FC295EE}/catdb.jfm
-
VALO STRIKE/dll/DMPushRouterCore.dll.dll windows:10 windows x64 arch:x64
Password: 2024
82be31c1ac87863f12472231c769705c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
DMPushRouterCore.pdb
Imports
msvcp110_win
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Winerror_map@std@@YAPEBDH@Z
msvcrt
memmove
memcpy
memcmp
_CxxThrowException
memset
__CxxFrameHandler3
wcstol
wcsncmp
printf
ldiv
rand
srand
_wcsnicmp
strrchr
??1exception@@UEAA@XZ
??3@YAXPEAX@Z
memcpy_s
memmove_s
??_V@YAXPEAX@Z
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@XZ
_vsnwprintf
_vsnprintf_s
_purecall
malloc
strchr
wcscmp
strtol
_errno
_set_errno
strncpy_s
_wcsicmp
sprintf_s
_itow_s
qsort
wcsstr
_callnewh
_ltow_s
_ultow_s
_XcptFilter
_amsg_exit
_onexit
__dllonexit
_unlock
_lock
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
__C_specific_handler
_initterm
free
rpcrt4
UuidFromStringW
UuidCreate
RpcBindingFree
UuidCreateSequential
RpcServerInqCallAttributesW
I_RpcBindingInqLocalClientPID
NdrServerCallAll
RpcRevertToSelfEx
RpcImpersonateClient
RpcServerInterfaceGroupCreateW
RpcServerInterfaceGroupActivate
NdrServerCall2
RpcServerInterfaceGroupDeactivate
RpcServerInterfaceGroupClose
api-ms-win-core-registry-l1-1-0
RegEnumKeyExW
RegGetValueW
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegEnumValueW
RegOpenCurrentUser
RegQueryInfoKeyW
RegDeleteTreeW
api-ms-win-core-heap-l2-1-0
LocalAlloc
LocalFree
LocalReAlloc
api-ms-win-core-handle-l1-1-0
DuplicateHandle
CloseHandle
api-ms-win-core-synch-l1-1-0
LeaveCriticalSection
ReleaseMutex
ReleaseSemaphore
ReleaseSRWLockShared
ReleaseSRWLockExclusive
InitializeCriticalSectionEx
DeleteCriticalSection
EnterCriticalSection
WaitForSingleObjectEx
AcquireSRWLockExclusive
AcquireSRWLockShared
OpenEventW
CreateMutexW
SetEvent
CreateSemaphoreExW
WaitForSingleObject
InitializeCriticalSection
OpenSemaphoreW
CreateMutexExW
CreateEventW
api-ms-win-core-errorhandling-l1-1-0
GetLastError
RaiseException
SetUnhandledExceptionFilter
SetLastError
UnhandledExceptionFilter
api-ms-win-eventing-provider-l1-1-0
EventWriteTransfer
EventActivityIdControl
EventUnregister
EventRegister
EventSetInformation
api-ms-win-core-localization-l1-2-0
FormatMessageW
api-ms-win-core-processthreads-l1-1-0
OpenThreadToken
GetCurrentThread
GetStartupInfoW
CreateProcessW
GetExitCodeThread
TerminateThread
TerminateProcess
GetCurrentProcess
GetExitCodeProcess
GetCurrentProcessId
CreateThread
GetCurrentThreadId
OpenProcessToken
api-ms-win-core-heap-l1-1-0
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
api-ms-win-core-libraryloader-l1-2-0
GetProcAddress
GetModuleHandleW
GetModuleFileNameA
LoadLibraryExW
GetModuleHandleExW
FindStringOrdinal
DisableThreadLibraryCalls
api-ms-win-core-debug-l1-1-0
OutputDebugStringW
IsDebuggerPresent
DebugBreak
api-ms-win-core-threadpool-l1-2-0
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolTimer
api-ms-win-core-synch-l1-2-0
InitOnceBeginInitialize
Sleep
WakeAllConditionVariable
SleepConditionVariableSRW
InitOnceComplete
api-ms-win-core-rtlsupport-l1-1-0
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCompareMemory
RtlCaptureContext
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetTickCount
GetSystemTimeAsFileTime
GetSystemTime
ntdll
RtlInitUnicodeString
NtSetInformationToken
RtlFreeHeap
RtlNtStatusToDosError
NtQuerySecurityAttributesToken
RtlIsStateSeparationEnabled
RtlAllocateHeap
api-ms-win-security-accesshlpr-l1-1-0
FreeTransientObjectSecurityDescriptor
QueryTransientObjectSecurityDescriptor
BuildSecurityDescriptorForSharingAccess
omadmapi
ord34
api-ms-win-shcore-stream-l1-1-0
SHCreateStreamOnFileW
api-ms-win-core-winrt-l1-1-0
RoInitialize
RoActivateInstance
api-ms-win-core-winrt-string-l1-1-0
WindowsCreateStringReference
WindowsGetStringRawBuffer
api-ms-win-core-com-l1-1-0
CoCreateInstance
CoTaskMemAlloc
CoInitializeSecurity
CLSIDFromProgID
CoUninitialize
CoTaskMemFree
CreateStreamOnHGlobal
CLSIDFromString
CoInitializeEx
CoCreateGuid
StringFromGUID2
CoRevertToSelf
api-ms-win-core-file-l1-1-0
DeleteFileW
FindFirstFileW
SetEndOfFile
GetFileSize
CreateDirectoryW
CreateFileW
SetFilePointer
ReadFile
GetFullPathNameW
GetFileAttributesW
RemoveDirectoryW
FindNextFileW
WriteFile
FindClose
FileTimeToLocalFileTime
api-ms-win-core-processthreads-l1-1-1
OpenProcess
api-ms-win-core-synch-l1-2-1
WaitForMultipleObjects
api-ms-win-core-processenvironment-l1-1-0
ExpandEnvironmentStringsW
api-ms-win-service-management-l1-1-0
CloseServiceHandle
OpenSCManagerW
OpenServiceW
api-ms-win-service-management-l2-1-0
ChangeServiceConfigW
ChangeServiceConfig2W
api-ms-win-security-base-l1-1-0
MakeSelfRelativeSD
SetSecurityDescriptorDacl
EqualSid
MakeAbsoluteSD
AllocateAndInitializeSid
FreeSid
RevertToSelf
CheckTokenMembership
GetLengthSid
GetTokenInformation
ImpersonateLoggedOnUser
CopySid
GetSecurityDescriptorDacl
oleaut32
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayDestroy
VariantInit
SafeArrayGetUBound
SysStringByteLen
SafeArrayUnlock
SafeArrayGetLBound
SysFreeString
VariantClear
SysAllocString
SafeArrayCreate
SafeArrayLock
sspicli
GetUserNameExW
api-ms-win-security-sddl-l1-1-0
ConvertSidToStringSidW
api-ms-win-core-timezone-l1-1-0
FileTimeToSystemTime
SystemTimeToFileTime
api-ms-win-core-path-l1-1-0
PathCchAppend
PathCchCombine
PathAllocCombine
PathCchSkipRoot
api-ms-win-core-registry-l1-1-1
RegSetKeyValueW
crypt32
CertFreeCertificateContext
CertOpenStore
CertFindCertificateInStore
CertCloseStore
bcrypt
BCryptDestroyHash
BCryptFinishHash
BCryptHashData
BCryptCreateHash
BCryptOpenAlgorithmProvider
BCryptCloseAlgorithmProvider
api-ms-win-core-file-l2-1-0
MoveFileExW
GetFileInformationByHandleEx
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
api-ms-win-core-string-l1-1-0
MultiByteToWideChar
api-ms-win-core-shlwapi-legacy-l1-1-0
PathFindExtensionW
api-ms-win-core-registry-l2-1-0
RegDeleteKeyW
api-ms-win-security-provider-l1-1-0
SetEntriesInAclW
GetExplicitEntriesFromAclW
api-ms-win-core-string-obsolete-l1-1-0
lstrlenA
xmllite
CreateXmlReader
CreateXmlWriterOutputWithEncodingName
CreateXmlReaderInputWithEncodingName
CreateXmlWriter
dmcmnutils
DmCreateTask
DmIsTaskScheduled
EncodeBase64W
SafeStringToDword
DecodeBase64W
UnicodeToMB
HexStringToBinary
OmaDmRegistryGetString
DmDisableTask
InvStrCmpNIW
CopyString
InvStrCmpIW
BigStrcat
OmaDmRegistryGetDWORD
InvStrCmpW
Exports
Exports
InitializePushRouter
PrAreAllClientsHandled
PrSvcDecMessageCount
PrSvcGetMessageCount
PrSvcIncMessageCount
PrSvcSetMessageCount
PushRouter_SubmitPushLocal
RegisterRPCInterface
ShutDownPushRouter
ShutDownPushRouterSynchronously
UnregisterRPCInterface
Sections
.text Size: 367KB - Virtual size: 367KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 132KB - Virtual size: 131KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 112B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/dll/DMRCDecoder.dll.dll windows:10 windows x64 arch:x64
Password: 2024
5a65ad780e5baf92c7b3cfbee0ea567e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
DMRCDecoder.pdb
Imports
msvcp_win
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Xout_of_range@std@@YAXPEBD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Xbad_alloc@std@@YAXXZ
?_Throw_C_error@std@@YAXH@Z
_Mtx_unlock
_Mtx_init_in_situ
_Mtx_lock
_Mtx_destroy_in_situ
?_Xlength_error@std@@YAXPEBD@Z
api-ms-win-crt-runtime-l1-1-0
_initterm_e
_initterm
api-ms-win-crt-private-l1-1-0
_o___stdio_common_vsprintf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsscanf
_o__callnewh
_o__cexit
_o__configure_narrow_argv
_o__crt_atexit
_o__errno
_o__execute_onexit_table
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo_noreturn
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o___stdio_common_vsnprintf_s
_o__set_errno
memmove
_o_fflush
_o_floor
_o_free
_o_isprint
_o_malloc
_o_roundf
_o_strcpy_s
_o_strncat_s
_o_strncpy_s
_o_terminate
__C_specific_handler
_CxxThrowException
__CxxFrameHandler3
_o___stdio_common_vfprintf
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o___acrt_iob_func
__std_terminate
__CxxFrameHandler4
memcmp
memcpy
api-ms-win-crt-string-l1-1-0
memset
strncmp
strcmp
api-ms-win-core-debug-l1-1-0
IsDebuggerPresent
OutputDebugStringA
api-ms-win-core-timezone-l1-1-0
SystemTimeToFileTime
api-ms-win-core-sysinfo-l1-1-0
GetSystemTimeAsFileTime
GetSystemTime
api-ms-win-core-com-l1-1-0
CoCreateGuid
api-ms-win-core-rtlsupport-l1-1-0
RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
UnhandledExceptionFilter
api-ms-win-core-processthreads-l1-1-0
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
GetCurrentProcessId
api-ms-win-core-processthreads-l1-1-1
IsProcessorFeaturePresent
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
QueryPerformanceFrequency
api-ms-win-core-interlocked-l1-1-0
InitializeSListHead
api-ms-win-crt-math-l1-1-0
logf
log10f
floorf
sqrtf
atan2f
ceilf
cosf
sinf
acosf
_isnan
Exports
Exports
CreateDecoder
DeleteDecoder
Detect
EnableExtendedReadingDistance
EnableFalsePositiveMitigation
EnableInvertedReads
GetActiveBarcodeTypes
GetBarcodeAttributesSupport
GetExceptions
GetMillisecsPerFrameBarcode
GetMillisecsPerFrameDWCode
GetPayloadBarcodeType
GetPayloadCount
GetPayloadData
GetPayloadRawData
GetRebarNV12BufferPtr
GetStatus
GetSupportedBarcodeTypes
SetActiveBarcodeTypes
SetBarcodeCheckDigitAttribute
SetBarcodeDecodeLengthAttribute
SetBarcodeTransmitCheckDigitAttribute
Sections
.text Size: 583KB - Virtual size: 583KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 856B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/dll/DMRServer.dll.dll windows:10 windows x64 arch:x64
Password: 2024
d534437731576705f3a464375b090b82
Code Sign
33:00:00:03:8d:b0:bf:e1:b0:ca:33:b3:d4:00:00:00:00:03:8dCertificate
IssuerCN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before05/05/2022, 19:23Not After04/05/2023, 19:23SubjectCN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:07:76:56:00:00:00:00:00:08Certificate
IssuerCN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before19/10/2011, 18:41Not After19/10/2026, 18:51SubjectCN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
57:03:60:00:c7:66:a8:5a:f1:aa:61:a8:43:42:0d:2f:5e:45:e7:ee:2b:38:89:21:f0:26:de:49:52:04:80:6dSigner
Actual PE Digest57:03:60:00:c7:66:a8:5a:f1:aa:61:a8:43:42:0d:2f:5e:45:e7:ee:2b:38:89:21:f0:26:de:49:52:04:80:6dDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
DMRServer.pdb
Imports
msvcrt
qsort
towupper
iswalpha
memset
iswdigit
realloc
_errno
__CxxFrameHandler3
_onexit
__dllonexit
_wcsnicmp
strnlen
qsort_s
wcstok_s
_unlock
_wtof
_wtoi
_wtoi64
_ultow_s
_ltow_s
_lock
wcspbrk
_wcsicmp
_initterm
_amsg_exit
_vsnwprintf
memcpy_s
memmove_s
wcsrchr
wcschr
strncpy_s
wcsncmp
_XcptFilter
malloc
free
_callnewh
wcsstr
_purecall
__C_specific_handler
memcmp
memcpy
memmove
wcscmp
api-ms-win-core-synch-l1-1-0
WaitForSingleObjectEx
EnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
AcquireSRWLockShared
SetEvent
CreateEventW
InitializeCriticalSectionEx
CreateEventExW
CreateMutexExW
ReleaseSRWLockShared
DeleteCriticalSection
CreateSemaphoreExW
InitializeSRWLock
ReleaseSemaphore
WaitForSingleObject
ReleaseMutex
LeaveCriticalSection
ResetEvent
OpenSemaphoreW
InitializeCriticalSection
api-ms-win-core-util-l1-1-0
DecodePointer
EncodePointer
api-ms-win-core-errorhandling-l1-1-0
UnhandledExceptionFilter
RaiseException
SetUnhandledExceptionFilter
SetLastError
GetLastError
api-ms-win-core-debug-l1-1-0
OutputDebugStringA
OutputDebugStringW
IsDebuggerPresent
DebugBreak
api-ms-win-core-libraryloader-l1-2-0
GetModuleHandleW
SizeofResource
GetModuleHandleExW
GetModuleFileNameA
GetProcAddress
FindStringOrdinal
GetModuleFileNameW
LoadResource
DisableThreadLibraryCalls
FreeLibraryAndExitThread
LockResource
FreeLibrary
FindResourceExW
api-ms-win-eventing-classicprovider-l1-1-0
UnregisterTraceGuids
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
TraceMessage
RegisterTraceGuidsW
api-ms-win-core-processthreads-l1-1-1
SetProcessMitigationPolicy
OpenProcess
api-ms-win-eventing-provider-l1-1-0
EventRegister
EventWriteTransfer
EventUnregister
api-ms-win-core-synch-l1-2-0
Sleep
WakeAllConditionVariable
SleepConditionVariableSRW
InitOnceExecuteOnce
InitOnceBeginInitialize
InitOnceComplete
api-ms-win-core-string-l1-1-0
MultiByteToWideChar
CompareStringOrdinal
api-ms-win-core-string-l2-1-0
CharLowerW
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-processthreads-l1-1-0
GetThreadPriority
CreateThread
GetCurrentThreadId
GetCurrentProcessId
TlsAlloc
GetCurrentProcess
OpenThreadToken
OpenProcessToken
TlsGetValue
GetCurrentThread
TerminateProcess
TlsSetValue
ResumeThread
SetThreadPriority
api-ms-win-core-sysinfo-l1-1-0
GetSystemTimeAsFileTime
GetComputerNameExW
GetTickCount64
GetTickCount
api-ms-win-core-rtlsupport-l1-1-0
RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry
api-ms-win-core-handle-l1-1-0
DuplicateHandle
CloseHandle
api-ms-win-core-threadpool-l1-2-0
WaitForThreadpoolWaitCallbacks
WaitForThreadpoolTimerCallbacks
SetThreadpoolWait
CloseThreadpoolTimer
CreateThreadpoolTimer
CreateThreadpoolWait
CallbackMayRunLong
TrySubmitThreadpoolCallback
FreeLibraryWhenCallbackReturns
CloseThreadpoolWait
SetThreadpoolTimer
api-ms-win-core-registry-l1-1-0
RegQueryInfoKeyW
RegEnumValueW
RegCloseKey
RegGetValueW
RegNotifyChangeKeyValue
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyExW
api-ms-win-core-heap-l1-1-0
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
HeapReAlloc
HeapDestroy
api-ms-win-core-file-l1-1-0
CreateDirectoryW
GetFileAttributesW
CreateFileW
WriteFile
api-ms-win-core-heap-l2-1-0
LocalFree
api-ms-win-core-registry-l1-1-1
RegSetKeyValueW
api-ms-win-core-synch-l1-2-1
WaitForMultipleObjects
api-ms-win-core-kernel32-legacy-l1-1-0
GetComputerNameW
api-ms-win-core-localization-l1-2-0
FormatMessageW
api-ms-win-core-apiquery-l1-1-0
ApiSetQueryApiSetPresence
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
api-ms-win-core-featurestaging-l1-1-0
UnsubscribeFeatureStateChangeNotification
SubscribeFeatureStateChangeNotification
RecordFeatureUsage
Exports
Exports
DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject
Sections
.text Size: 384KB - Virtual size: 383KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 107KB - Virtual size: 107KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 1024B - Virtual size: 976B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/dll/DmNotificationBroker.exe.exe windows:10 windows x64 arch:x64
Password: 2024
289708b41323fcb3d276bcfb9f56b2e7
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
DmNotificationBroker.pdb
Imports
msvcrt
_purecall
__CxxFrameHandler3
??3@YAXPEAX@Z
free
malloc
??1type_info@@UEAA@XZ
_onexit
__dllonexit
_unlock
_lock
?terminate@@YAXXZ
_commode
_fmode
_wcmdln
__C_specific_handler
_initterm
__setusermatherr
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
_XcptFilter
_wcsicmp
_callnewh
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBV0@@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
_CxxThrowException
memcpy
memmove
memset
api-ms-win-core-processenvironment-l1-1-0
GetCommandLineW
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
api-ms-win-core-com-l1-1-0
CoCreateInstance
CoTaskMemAlloc
CoUninitialize
CoInitializeEx
api-ms-win-core-heap-l2-1-0
LocalFree
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-processthreads-l1-1-0
GetCurrentProcessId
CreateThread
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
GetStartupInfoW
api-ms-win-core-libraryloader-l1-2-0
GetModuleHandleW
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetTickCount
GetSystemTimeAsFileTime
api-ms-win-core-rtlsupport-l1-1-0
RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry
api-ms-win-shcore-obsolete-l1-1-0
CommandLineToArgvW
dmcmnutils
CopyString
api-ms-win-core-synch-l1-1-0
WaitForSingleObject
api-ms-win-core-handle-l1-1-0
CloseHandle
rpcrt4
RpcBindingBind
RpcBindingCreateW
I_RpcExceptionFilter
NdrClientCall3
RpcBindingFree
user32
TranslateMessage
GetMessageW
DispatchMessageW
dui70
?CreateElement@DUIXmlParser@DirectUI@@QEAAJPEBGPEAVElement@2@1PEAKPEAPEAV32@@Z
StrToID
?GetClassInfoPtr@RichText@DirectUI@@SAPEAUIClassInfo@2@XZ
?GetClassInfoPtr@TouchEdit2@DirectUI@@SAPEAUIClassInfo@2@XZ
UnInitProcessPriv
UnInitThread
InitThread
InitProcessPriv
?CreateBool@Value@DirectUI@@SAPEAV12@_N@Z
?VisibleProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?CreateString@Value@DirectUI@@SAPEAV12@PEBGPEAUHINSTANCE__@@@Z
?SetValue@Element@DirectUI@@QEAAJP6APEBUPropertyInfo@2@XZHPEAVValue@2@@Z
?ContentProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?_ZeroRelease@Value@DirectUI@@AEAAXXZ
?Destroy@DUIXmlParser@DirectUI@@QEAAXXZ
?GetEncodedContentString@Element@DirectUI@@QEAAJPEAG_K@Z
?SetXMLFromResource@DUIXmlParser@DirectUI@@QEAAJPEBGPEAUHINSTANCE__@@1@Z
?Create@DUIXmlParser@DirectUI@@SAJPEAPEAV12@P6APEAVValue@2@PEBGPEAX@Z2P6AX11H2@Z2@Z
?FindDescendent@Element@DirectUI@@QEAAPEAV12@G@Z
windows.ui.immersive
ord101
ord100
Sections
.text Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.imrsiv Size: - Virtual size: 4B
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1024B - Virtual size: 900B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 528B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/dll/DmOmaCpMo.exe.exe windows:10 windows x64 arch:x64
Password: 2024
6d878b9880dc6b64da87bd11bbccf315
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
DmOmaCpMo.pdb
Imports
msvcrt
sprintf_s
_vsnprintf_s
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
memcpy_s
_vsnwprintf
memset
_callnewh
_CxxThrowException
_onexit
__dllonexit
_unlock
_lock
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
_commode
_fmode
_acmdln
__C_specific_handler
malloc
_initterm
__setusermatherr
_ismbblead
_cexit
_exit
exit
__set_app_type
__getmainargs
_amsg_exit
_XcptFilter
__CxxFrameHandler3
??3@YAXPEAX@Z
api-ms-win-eventing-provider-l1-1-0
EventSetInformation
EventActivityIdControl
EventUnregister
EventWriteTransfer
EventRegister
api-ms-win-core-file-l1-1-0
GetFileSize
ReadFile
api-ms-win-core-processenvironment-l1-1-0
GetCommandLineW
api-ms-win-core-com-l1-1-0
CoUninitialize
CLSIDFromString
CoInitializeEx
StringFromGUID2
api-ms-win-core-heap-l2-1-0
LocalAlloc
LocalFree
api-ms-win-core-errorhandling-l1-1-0
RaiseException
SetUnhandledExceptionFilter
GetLastError
UnhandledExceptionFilter
SetLastError
api-ms-win-core-handle-l1-1-0
CloseHandle
oleaut32
SysFreeString
api-ms-win-core-synch-l1-2-0
SleepConditionVariableSRW
Sleep
WakeAllConditionVariable
api-ms-win-core-processthreads-l1-1-0
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetStartupInfoW
GetCurrentProcess
api-ms-win-core-libraryloader-l1-2-0
GetProcAddress
GetModuleHandleExW
GetModuleHandleW
GetModuleFileNameA
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetSystemTimeAsFileTime
GetTickCount
api-ms-win-core-rtlsupport-l1-1-0
RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind
omadmapi
ord64
ord44
dmcmnutils
CopyString
dmprocessxmlfiltered
MdmProcessConfigXmlWithAttributes
dsclient
DSOpenSharedFile
rpcrt4
UuidCreate
UuidFromStringW
api-ms-win-core-heap-l1-1-0
HeapFree
GetProcessHeap
HeapAlloc
api-ms-win-core-winrt-string-l1-1-0
WindowsCreateStringReference
api-ms-win-core-localization-l1-2-0
FormatMessageW
api-ms-win-core-winrt-l1-1-0
RoActivateInstance
RoUninitialize
RoInitialize
api-ms-win-core-debug-l1-1-0
DebugBreak
IsDebuggerPresent
OutputDebugStringW
api-ms-win-core-synch-l1-1-0
OpenSemaphoreW
ReleaseMutex
WaitForSingleObject
AcquireSRWLockExclusive
CreateMutexExW
ReleaseSRWLockExclusive
ReleaseSemaphore
CreateSemaphoreExW
WaitForSingleObjectEx
dmenrollengine
GetEnrollmentType
msvcp110_win
?_Xbad_alloc@std@@YAXXZ
Sections
.text Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 84B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/dll/dmocx.dll.dll regsvr32 windows:10 windows x64 arch:x64
6020c9f354c981442f997752d2d0a233
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
dmocx.pdb
Imports
mfc42u
ord4082
ord3534
ord3046
ord3166
ord3052
ord3366
ord3231
ord4815
ord3362
ord3243
ord3049
ord6053
ord5711
ord5730
ord5065
ord4368
ord5724
ord5722
ord3468
ord2412
ord5615
ord1388
ord4191
ord6071
ord2515
ord2559
ord4836
ord6813
ord6440
ord4365
ord1778
ord5663
ord5586
ord4694
ord5712
ord4017
ord5229
ord4789
ord2670
ord2060
ord6814
ord3933
ord5484
ord1736
ord5683
ord2457
ord2140
ord5699
ord493
ord971
ord6886
ord1875
ord4276
ord2754
ord2757
ord2756
ord4573
ord2488
ord2712
ord1473
ord1510
ord1527
ord455
ord949
ord4209
ord2550
ord2546
ord5353
ord4609
ord4853
ord4808
ord5106
ord5473
ord2393
ord4752
ord6175
ord4985
ord4372
ord3165
ord3053
ord4816
ord3363
ord3244
ord3050
ord6807
ord2398
ord3020
ord4895
ord3537
ord2491
ord4077
ord5399
ord4761
ord5416
ord4962
ord4754
ord5110
ord5113
ord5111
ord4697
ord4702
ord4713
ord4941
ord5475
ord4997
ord4998
ord5011
ord5157
ord4695
ord5004
ord5017
ord5434
ord5056
ord5010
ord5031
ord5032
ord5033
ord5307
ord5308
ord5024
ord5339
ord5334
ord5329
ord5395
ord4951
ord4874
ord4904
ord5302
ord5012
ord5143
ord5025
ord5026
ord5978
ord3069
ord2917
ord5074
ord5072
ord5572
ord4121
ord3019
ord5629
ord1964
ord2159
ord6380
ord5322
ord5248
ord2181
ord6011
ord5000
ord5054
ord4683
ord1345
ord5946
ord1701
ord2450
ord3692
ord3850
ord3484
ord3384
ord5868
ord4822
ord6800
ord3447
ord6799
ord1427
ord1426
ord1082
ord288
ord812
ord1544
ord1586
ord1555
ord1583
ord1585
ord355
ord1477
ord1553
ord1416
ord1491
ord1577
ord4083
ord3164
ord4371
ord4983
ord4770
ord3837
ord1530
ord6787
ord2408
ord1463
ord1517
ord1574
ord286
ord287
ord2751
ord4213
ord1063
ord659
ord5385
ord6887
msvcrt
_XcptFilter
__dllonexit
_amsg_exit
free
malloc
_initterm
__C_specific_handler
_lock
__CxxFrameHandler3
_unlock
_onexit
?terminate@@YAXXZ
??1type_info@@UEAA@XZ
kernel32
DeactivateActCtx
ReleaseActCtx
CreateActCtxW
LocalAlloc
LocalFree
Sleep
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ActivateActCtx
user32
ClientToScreen
GetKeyState
GetMessagePos
InvalidateRect
ScreenToClient
SendMessageW
SetProcessDPIAware
EnableWindow
oleaut32
LoadRegTypeLi
oleacc
CreateStdAccessibleProxyW
LresultFromObject
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 588B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/dll/dmoleaututils.dll.dll windows:10 windows x64 arch:x64
8f6cbfe9da173db2f3d97f5179a7c018
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
dmoleaututils.pdb
Imports
msvcrt
??1type_info@@UEAA@XZ
_initterm
__C_specific_handler
__dllonexit
_XcptFilter
_lock
_onexit
toupper
??3@YAXPEAX@Z
malloc
_unlock
free
_amsg_exit
__CxxFrameHandler3
_callnewh
_purecall
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBV0@@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
_CxxThrowException
memcpy
memmove
api-ms-win-core-libraryloader-l1-2-0
DisableThreadLibraryCalls
GetModuleFileNameA
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-processthreads-l1-1-0
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
api-ms-win-core-sysinfo-l1-1-0
GetSystemTimeAsFileTime
GetTickCount
api-ms-win-core-rtlsupport-l1-1-0
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
api-ms-win-core-errorhandling-l1-1-0
UnhandledExceptionFilter
SetUnhandledExceptionFilter
oleaut32
VariantInit
SysStringByteLen
SysAllocStringByteLen
VariantChangeType
VariantClear
SafeArrayDestroy
SafeArrayGetUBound
SysFreeString
SafeArrayCreate
SysAllocStringLen
SafeArrayAccessData
SafeArrayUnaccessData
api-ms-win-core-heap-l2-1-0
LocalFree
LocalAlloc
api-ms-win-eventing-provider-l1-1-0
EventProviderEnabled
EventWriteTransfer
EventRegister
EventSetInformation
EventUnregister
api-ms-win-core-synch-l1-1-0
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
dmcmnutils
DecodeBase64W
EncodeBase64W
Exports
Exports
Base64StrToSafeArray
ByteArrayToSafeArray
MultiStringToSafeArray
ReadBSTRFromStream
ReadBSTRFromStreamEx
ReadStringFromStream
ReadVariantFromStream
ReadVariantFromStreamEx
SafeArrayToBase64Str
SafeArrayToByteArray
SafeArrayToMultiString
WriteBSTRToStream
WriteBSTRToStreamEx
WriteStringToStream
WriteVariantToStream
WriteVariantToStreamEx
Sections
.text Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1024B - Virtual size: 900B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 1016B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 424B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/dll/dmprocessxmlfiltered.dll.dll windows:10 windows x64 arch:x64
fd9f7d8bb74210666c9b77cc1c130bb3
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
dmprocessxmlfiltered.pdb
Imports
msvcrt
memcpy_s
_onexit
__dllonexit
??3@YAXPEAX@Z
_wcsicmp
??0exception@@QEAA@XZ
_XcptFilter
__CxxFrameHandler3
_amsg_exit
memcpy
??1exception@@UEAA@XZ
??0exception@@QEAA@AEBV0@@Z
_lock
__C_specific_handler
_vsnprintf_s
_unlock
_initterm
??1type_info@@UEAA@XZ
malloc
_vsnwprintf
free
_CxxThrowException
memset
api-ms-win-core-libraryloader-l1-2-0
GetModuleFileNameA
GetProcAddress
GetModuleHandleW
DisableThreadLibraryCalls
GetModuleHandleExW
api-ms-win-core-heap-l2-1-0
LocalFree
LocalAlloc
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-processthreads-l1-1-0
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
api-ms-win-core-sysinfo-l1-1-0
GetSystemTimeAsFileTime
GetTickCount
api-ms-win-core-rtlsupport-l1-1-0
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext
api-ms-win-core-errorhandling-l1-1-0
GetLastError
SetUnhandledExceptionFilter
SetLastError
UnhandledExceptionFilter
dmcmnutils
DmGetCurrentUserSid
xmllite
CreateXmlReader
api-ms-win-core-synch-l1-1-0
ReleaseMutex
ReleaseSemaphore
WaitForSingleObjectEx
CreateSemaphoreExW
OpenSemaphoreW
CreateMutexExW
WaitForSingleObject
api-ms-win-core-heap-l1-1-0
HeapAlloc
HeapFree
GetProcessHeap
api-ms-win-core-com-l1-1-0
CoCreateInstance
CoInitializeEx
CoUninitialize
api-ms-win-core-localization-l1-2-0
FormatMessageW
api-ms-win-core-debug-l1-1-0
DebugBreak
OutputDebugStringW
IsDebuggerPresent
api-ms-win-core-handle-l1-1-0
CloseHandle
oleaut32
SysFreeString
Exports
Exports
DMProcessConfigXML
DMProcessConfigXMLFiltered
MdmProcessConfigXmlWithAttributes
Sections
.text Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 88B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/dll/dmpushproxy.dll.dll windows:10 windows x64 arch:x64
512ebcd99912835fc8e6fae01a0f2a80
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
dmpushproxy.pdb
Imports
msvcrt
??1type_info@@UEAA@XZ
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@XZ
_CxxThrowException
_vsnprintf_s
free
malloc
_XcptFilter
_amsg_exit
??1exception@@UEAA@XZ
??3@YAXPEAX@Z
memcpy_s
_initterm
_onexit
__dllonexit
_vsnwprintf
__C_specific_handler
_lock
_unlock
memset
rpcrt4
NdrClientCall3
I_RpcExceptionFilter
RpcBindingCreateW
RpcBindingBind
RpcBindingFree
api-ms-win-core-libraryloader-l1-2-0
GetModuleFileNameA
GetModuleHandleExW
GetProcAddress
GetModuleHandleW
api-ms-win-core-heap-l1-1-0
GetProcessHeap
HeapFree
HeapAlloc
api-ms-win-eventing-provider-l1-1-0
EventSetInformation
EventRegister
EventUnregister
EventWriteTransfer
api-ms-win-core-processthreads-l1-1-0
GetCurrentProcessId
GetCurrentProcess
GetCurrentThreadId
TerminateProcess
api-ms-win-core-localization-l1-2-0
FormatMessageW
api-ms-win-core-debug-l1-1-0
DebugBreak
IsDebuggerPresent
OutputDebugStringW
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-rtlsupport-l1-1-0
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
GetLastError
UnhandledExceptionFilter
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetTickCount
GetSystemTimeAsFileTime
api-ms-win-security-accesshlpr-l1-1-0
FreeTransientObjectSecurityDescriptor
QueryTransientObjectSecurityDescriptor
api-ms-win-service-management-l1-1-0
CloseServiceHandle
OpenServiceW
OpenSCManagerW
api-ms-win-service-management-l2-1-0
QueryServiceConfigW
api-ms-win-core-heap-l2-1-0
LocalAlloc
LocalFree
Exports
Exports
PushRouter_Close
PushRouter_FreeGetMessageEventName
PushRouter_FreeMessage
PushRouter_FreeMessageEx
PushRouter_GetMessage
PushRouter_GetMessageEx
PushRouter_Open
PushRouter_SubmitPush
Sections
.text Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1024B - Virtual size: 864B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 1008B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 200B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/dll/dmsynth.dll.dll regsvr32 windows:10 windows x64 arch:x64
bf59a68585ca8ff637ed0473b00136a2
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
dmsynth.pdb
Imports
msvcrt
sin
__C_specific_handler
_initterm
_amsg_exit
_XcptFilter
wcstombs
malloc
free
__CxxFrameHandler3
log
log10
memcpy
memset
pow
sqrt
api-ms-win-core-synch-l1-1-0
InitializeCriticalSection
CreateEventA
SetEvent
DeleteCriticalSection
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
api-ms-win-core-largeinteger-l1-1-0
MulDiv
api-ms-win-core-registry-l1-1-0
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
api-ms-win-core-libraryloader-l1-2-0
GetModuleFileNameA
DisableThreadLibraryCalls
api-ms-win-core-registry-l2-1-0
RegCreateKeyA
RegDeleteKeyA
RegEnumKeyA
api-ms-win-core-processthreads-l1-1-0
GetCurrentProcess
GetCurrentThreadId
TerminateProcess
CreateThread
SetThreadPriority
GetCurrentProcessId
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-com-l1-1-0
CoTaskMemFree
StringFromCLSID
api-ms-win-mm-time-l1-1-0
timeGetTime
api-ms-win-core-profile-l1-1-0
QueryPerformanceFrequency
QueryPerformanceCounter
api-ms-win-core-rtlsupport-l1-1-0
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
api-ms-win-core-errorhandling-l1-1-0
UnhandledExceptionFilter
SetUnhandledExceptionFilter
api-ms-win-core-sysinfo-l1-1-0
GetSystemTimeAsFileTime
GetTickCount
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 85KB - Virtual size: 84KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 30KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 252B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/dll/dmusic.dll.dll regsvr32 windows:10 windows x64 arch:x64
3771aff650ac1437cca9acb5631fddfe
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
dmusic.pdb
Imports
msvcrt
__CxxFrameHandler3
memmove
_initterm
_purecall
_amsg_exit
_XcptFilter
_stricmp
__C_specific_handler
malloc
free
mbstowcs
wcstombs
_vsnprintf
_wcsicmp
_vsnwprintf
memcpy
memset
api-ms-win-core-synch-l1-1-0
CreateEventA
ResetEvent
EnterCriticalSection
LeaveCriticalSection
ReleaseMutex
WaitForSingleObject
DeleteCriticalSection
CreateMutexA
InitializeCriticalSection
SetEvent
api-ms-win-core-memory-l1-1-0
MapViewOfFile
UnmapViewOfFile
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
SetLastError
GetLastError
UnhandledExceptionFilter
api-ms-win-core-handle-l1-1-0
CloseHandle
DuplicateHandle
api-ms-win-core-kernel32-legacy-l1-1-0
CreateFileMappingA
api-ms-win-core-string-l1-1-0
MultiByteToWideChar
api-ms-win-core-libraryloader-l1-2-0
DisableThreadLibraryCalls
GetModuleFileNameA
LoadStringA
GetProcAddress
LoadLibraryExA
FreeLibrary
api-ms-win-core-sysinfo-l1-1-0
GetTickCount
GetSystemTimeAsFileTime
GetVersionExA
api-ms-win-core-com-l1-1-0
CoCreateInstance
CLSIDFromString
StringFromCLSID
CoTaskMemFree
PropVariantClear
api-ms-win-mm-time-l1-1-0
timeEndPeriod
timeBeginPeriod
timeGetTime
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
QueryPerformanceFrequency
api-ms-win-core-registry-l2-1-0
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyA
RegCreateKeyW
api-ms-win-core-registry-l1-1-0
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
rpcrt4
UuidCreate
api-ms-win-core-processthreads-l1-1-0
GetCurrentProcess
CreateThread
TerminateProcess
GetCurrentThreadId
GetCurrentProcessId
api-ms-win-core-processthreads-l1-1-1
OpenProcess
api-ms-win-core-file-l1-1-0
CreateFileW
CreateFileA
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-io-l1-1-0
DeviceIoControl
GetOverlappedResult
api-ms-win-core-synch-l1-2-1
WaitForMultipleObjects
api-ms-win-core-heap-l2-1-0
LocalFree
LocalAlloc
api-ms-win-core-rtlsupport-l1-1-0
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
api-ms-win-eventing-classicprovider-l1-1-0
TraceMessage
api-ms-win-mm-mme-l1-1-0
midiInPrepareHeader
midiInStart
midiInClose
midiInOpen
midiInAddBuffer
midiInUnprepareHeader
midiOutClose
waveOutMessage
midiInReset
midiOutLongMsg
midiInGetNumDevs
midiOutGetNumDevs
midiInGetDevCapsA
midiOutGetDevCapsA
midiOutPrepareHeader
midiOutOpen
midiOutUnprepareHeader
midiOutShortMsg
dsound
ord11
ksuser
KsCreatePin
msacm32
acmStreamOpen
acmFormatSuggest
acmStreamPrepareHeader
acmStreamClose
acmStreamSize
acmStreamConvert
acmStreamUnprepareHeader
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 103KB - Virtual size: 102KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 56B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/dll/dmutil.dll.dll windows:10 windows x64 arch:x64
24071240120dbc007b40a31bd28ae0f4
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
dmutil.pdb
Imports
msvcrt
_vsnwprintf
__C_specific_handler
memcpy
_amsg_exit
_XcptFilter
_callnewh
mbstowcs
free
malloc
_wgetenv
wcstok
_vsnprintf
_initterm
memset
ntdll
RtlLookupFunctionEntry
RtlCaptureContext
VerSetConditionMask
NtClose
NtDeviceIoControlFile
NtReadFile
NtWriteFile
RtlVirtualUnwind
NtSetInformationFile
NtQueryInformationFile
NtSetBootEntryOrder
NtQueryBootEntryOrder
NtAddBootEntry
RtlFreeUnicodeString
NtOpenFile
RtlCreateUnicodeString
RtlAdjustPrivilege
api-ms-win-core-registry-l1-1-0
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
kernel32
GetCurrentProcess
lstrlenW
GetCurrentDirectoryW
Sleep
HeapFree
HeapAlloc
GetProcessHeap
CreateThread
LocalFree
FormatMessageW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
DisableThreadLibraryCalls
lstrcmpW
VerifyVersionInfoW
DelayLoadFailureHook
ResolveDelayLoadedAPI
LoadLibraryW
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
lstrlenA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeLibrary
GetProcAddress
Exports
Exports
AddEntryBootFileGpt
AddEntryBootFileMbr
CoDisableDynamicVolumes
DisplayError
DisplayErrorRgszw
DllMain
DmCommonNtOpenFile
DynamicSupport
FTrace
FTraceValist
FreeRgszw
GetErrorData
GetInstallDirectoryPath
GetSystemVolume
IsPersonalSKU
LowAcquirePrivilege
LowGetPartitionInfo
LowNtAddBootEntry
LowNtReadFile
LowNtReadOnlyAttributeOff
LowNtWriteFile
RgszwDupRgszw
RgszwFromArgs
RgszwFromValist
SafeLoadVdsService
ShowMessage
ShowMessageValist
SzwDupSzw
SzwFromSza
TranslateError
Sections
.text Size: 15KB - Virtual size: 14KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1024B - Virtual size: 732B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 72B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 48B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/dll/dmvdsitf.dll.dll windows:10 windows x64 arch:x64
44fbdb2f53be4df22c28fd54aea4fcff
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
dmvdsitf.pdb
Imports
mfc42u
ord1126
ord1463
ord4473
ord1124
ord3073
ord311
ord827
ord2639
ord2121
ord1506
ord3484
ord4273
ord287
ord2754
ord2757
ord2756
ord3830
ord6832
ord5815
ord5804
ord6821
ord624
ord1524
ord3748
ord2876
ord2665
ord1771
ord6632
ord2094
ord852
ord339
ord6886
ord1122
ord626
ord622
ord4770
ord4371
ord3164
ord4077
ord4083
ord4082
ord3046
ord3166
ord3052
ord3366
ord3231
ord2846
ord1259
ord4815
ord3362
ord3243
ord3049
ord6887
ord620
ord1040
ord4983
msvcrt
memcpy
_initterm
memcmp
__CxxFrameHandler3
_onexit
__dllonexit
_unlock
_lock
??1type_info@@UEAA@XZ
__C_specific_handler
memset
_amsg_exit
_XcptFilter
_CxxThrowException
_callnewh
??0exception@@QEAA@AEBQEBDH@Z
wcschr
malloc
wcscpy_s
free
iswalpha
?_set_se_translator@@YAP6AXIPEAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
_vsnprintf
_wcsicmp
_vsnwprintf
_wtol
wcsncmp
swscanf
_wtoi
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@XZ
??0exception@@QEAA@AEBV0@@Z
??1exception@@UEAA@XZ
??0exception@@QEAA@AEBQEBD@Z
memmove_s
memcpy_s
atl
ord30
kernel32
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
QueryPerformanceCounter
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
RtlVirtualUnwind
RtlLookupFunctionEntry
GetWindowsDirectoryW
DeviceIoControl
CreateFileW
lstrlenW
GetDriveTypeW
lstrcmpiW
FreeLibrary
HeapAlloc
GetProcessHeap
HeapFree
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleW
GetThreadId
WaitForSingleObject
CloseHandle
Sleep
GetLastError
GetCurrentThreadId
SetEvent
LoadLibraryW
CreateEventW
CreateThread
WaitForMultipleObjects
IsDebuggerPresent
GetCurrentProcessId
OutputDebugStringA
GetCurrentThread
RtlCaptureContext
user32
PostThreadMessageW
UpdateWindow
GetMessageW
DispatchMessageW
TranslateMessage
RegisterWindowMessageW
BringWindowToTop
LoadImageW
PostMessageW
PeekMessageW
LoadStringW
MessageBeep
ole32
CoMarshalInterThreadInterfaceInStream
CoTaskMemFree
CoGetInterfaceAndReleaseStream
CoInitialize
CoUninitialize
CoCreateInstance
CoSetProxyBlanket
CoTaskMemAlloc
gdi32
DeleteObject
advapi32
EventSetInformation
EventRegister
EventUnregister
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
TraceMessage
EventWriteTransfer
setupapi
SetupDiGetDeviceInterfaceDetailW
SetupDiCreateDeviceInfoList
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsExW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInstanceIdW
SetupDiOpenDeviceInterfaceW
comctl32
ImageList_Create
ImageList_AddMasked
dmdskmgr
?GetObjectId@CDMNodeObj@@QEAAXAEA_J@Z
?DeleteLists@CDataCache@@QEAAXXZ
?EmptyOcxViewData@CDMComponentData@@QEAAXPEAVCDMScopeNode@@@Z
?ReloadData@CDMComponentData@@QEAAXPEAVCDMScopeNode@@@Z
?IsPreLonghornVdsVersion@CDataCache@@QEAAHXZ
??1CDataCache@@UEAA@XZ
??0CDataCache@@QEAA@XZ
?RefreshDiskView@CDMComponentData@@QEAAXPEAVCDMScopeNode@@@Z
?DeleteRow@CDMComponentData@@QEAAXPEAVCDMScopeNode@@_J@Z
?RecalculateSpace@CDMNodeObj@@QEAAXXZ
?ChangeRow@CDMComponentData@@QEAAXPEAVCDMScopeNode@@_J@Z
?FindRegionPtrFromRegionId@CDataCache@@QEAAH_JPEAPEAVCDMNodeObj@@@Z
?AdjustRegionCountInLegendList@CDataCache@@QEAAXW4_REGIONTYPE@@HPEAVCTaskData@@@Z
?AdjustVolumeCountInLegendList@CDataCache@@QEAAXW4_VOLUMELAYOUT@@HPEAVCTaskData@@@Z
?GetVolumeInfo@CDMNodeObj@@QEAAHAEAUvolumeinfo@@@Z
?SetDriveLetterInUse@CDataCache@@QEAAXGH@Z
?AddRow@CDMComponentData@@QEAAXPEAVCDMScopeNode@@_J@Z
?GetComponentData@CDataCache@@QEAAPEAVCDMComponentData@@XZ
?GetSizeMB@CDMNodeObj@@QEAAXAEA_J@Z
?FindDiskPtrFromDiskId@CDataCache@@QEAAH_JPEAPEAVCDMNodeObj@@@Z
?GetPartitionStyle@CDMNodeObj@@QEAA?AW4_PARTITIONSTYLE@@XZ
?GetParentDiskPtr@CDMNodeObj@@QEAAPEAV1@XZ
?GetRegionInfo@CDMNodeObj@@QEAAHAEAUregioninfoex@@@Z
?GetParentVolumePtr@CDMNodeObj@@QEAAPEAV1@XZ
?EnumDiskRegions@CDMNodeObj@@QEAAXPEAPEA_JAEAJ@Z
?AddFileSystemInfoToCache@CDataCache@@QEAAXKPEAUfilesysteminfo@@@Z
?IsDiskEmpty@CDMNodeObj@@QEAAHXZ
?CreateRegionNodeObj@CDataCache@@QEAAPEAVCDMNodeObj@@PEAV2@PEAUregioninfoex@@@Z
?GetDeviceType@CDMNodeObj@@QEAAKXZ
?DoRevertToNT4@CContextMenu@@QEAAX_JH@Z
?FindDriveLetter@CDataCache@@QEAAH_JAEAG@Z
?GetMMCWindow@CDMComponentData@@QEAAPEAUHWND__@@XZ
?LoadData@CDMComponentData@@QEAAXPEAVCDMScopeNode@@J@Z
?CreateNodeObjAndAddToMap@CDataCache@@QEAAPEAVCDMNodeObj@@HW4_NODEOBJ_TYPES@@PEAV1@PEAX_J@Z
?SetUIState@CTaskData@@QEAAXK@Z
?GetDriveLetter@CDMNodeObj@@QEAAXAEAG@Z
?IsConvertSuccess@CDMNodeObj@@QEAAJH@Z
?IsVolumeSimple@CDMNodeObj@@QEAAHXZ
?GetStartOffset@CDMNodeObj@@QEAA_JXZ
?IsVolumeArrived@CDMNodeObj@@QEAAJ_JW4_LAYOUT_TYPES@@@Z
?EnumFirstVolumeMember@CDMNodeObj@@QEAAXAEA_JAEAJ@Z
?GetUnallocSpace@CDMNodeObj@@QEAA_JH@Z
?DeleteEncapsulateData@CDataCache@@QEAAXPEAUENCAPSULATE_DATA@@@Z
?GetDiskSpec@CDMNodeObj@@QEAAHAEAUdiskspec@@@Z
?OnlyContiguousExtendAllowed@CDMNodeObj@@QEAAHXZ
?GetUsableContiguousSpaceInMB@CDMNodeObj@@QEAA_JXZ
?GetDiskInfo@CDMNodeObj@@QEAAHAEAUdiskinfoex@@@Z
?IsCurrSystemVolume@CDMNodeObj@@QEAAHXZ
?IsCurrBootVolume@CDMNodeObj@@QEAAHXZ
?GetFlags@CDMNodeObj@@QEAAJXZ
?GetRegionByOffset@CDMNodeObj@@QEAAPEAV1@_J@Z
dmutil
SafeLoadVdsService
DisplayErrorRgszw
ShowMessage
rpcrt4
UuidCreate
Exports
Exports
?AddLDMObjMapEntry@CDataCache@@QEAAXPEAU_LDM_OBJ_MAP_ENTRY@@@Z
?GetDiskCount@CDataCache@@QEAAKXZ
?GetLdmObjectId@CDMNodeObj@@QEAA_JXZ
?GetNumMembers@CDMNodeObj@@QEAAKXZ
?GetOcxFrameCWndPtr@CTaskData@@QEAAPEAVCWnd@@XZ
?GetRegionColorStructPtr@CTaskData@@QEAAXPEAPEAU_REGION_COLORS@@AEAH@Z
?GetServerName@CDataCache@@QEAA?AVCString@@XZ
?GetVolumeCount@CDataCache@@QEAAKXZ
CreateDataCacheZ
CreateServerRequestsZ
LoadPropertyPageData
Sections
.text Size: 127KB - Virtual size: 126KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 43KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 432B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/dll/dmview.ocx.dll regsvr32 windows:10 windows x64 arch:x64
9bd60cc45a3a76546ffcc1aae3cca5c3
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
dmview.pdb
Imports
mfc42u
ord1043
ord493
ord971
ord1875
ord4573
ord4953
ord2488
ord2712
ord287
ord1473
ord1510
ord1527
ord455
ord949
ord408
ord904
ord3742
ord599
ord4209
ord2546
ord5353
ord4808
ord2111
ord3137
ord5890
ord3020
ord2394
ord6257
ord5889
ord4301
ord3310
ord4623
ord5388
ord2992
ord5166
ord1441
ord3396
ord2105
ord2783
ord4436
ord4257
ord4601
ord1561
ord1566
ord5445
ord525
ord984
ord3283
ord3754
ord6175
ord4985
ord4372
ord3165
ord3053
ord3374
ord4816
ord3363
ord3244
ord3050
ord6807
ord2398
ord4895
ord3537
ord2491
ord5385
ord5399
ord4761
ord5416
ord4962
ord4754
ord5110
ord5113
ord5111
ord4697
ord4702
ord4713
ord4941
ord5475
ord4997
ord4998
ord5011
ord5157
ord4695
ord5004
ord5017
ord5434
ord5056
ord5010
ord5031
ord5032
ord5033
ord5307
ord5308
ord5024
ord5339
ord5334
ord5329
ord5395
ord4951
ord4874
ord4904
ord5302
ord5012
ord5143
ord5025
ord5026
ord4412
ord5978
ord3069
ord2917
ord5074
ord5072
ord5572
ord4121
ord3019
ord5629
ord1964
ord2159
ord6380
ord5322
ord5248
ord2181
ord6011
ord5000
ord2902
ord4683
ord1345
ord5946
ord1701
ord2450
ord3850
ord4983
ord3484
ord3384
ord5868
ord4822
ord6800
ord3447
ord6799
ord1891
ord4576
ord1512
ord496
ord974
ord2300
ord4771
ord4986
ord3385
ord4786
ord5708
ord6808
ord1777
ord6437
ord2517
ord5080
ord5406
ord5245
ord4721
ord5687
ord5419
ord5235
ord5038
ord4926
ord6133
ord2574
ord6577
ord6238
ord2846
ord659
ord1063
ord4213
ord2751
ord1517
ord6787
ord1530
ord3837
ord3534
ord6053
ord5711
ord5730
ord5065
ord4368
ord5724
ord5722
ord3468
ord2412
ord5615
ord1388
ord4191
ord6071
ord2515
ord2559
ord4836
ord6813
ord1126
ord2463
ord912
ord6385
ord4262
ord3417
ord4567
ord627
ord1041
ord6395
ord6544
ord6349
ord6393
ord3407
ord3806
ord4747
ord2593
ord2629
ord1287
ord1284
ord2845
ord4187
ord1966
ord2461
ord650
ord1055
ord4594
ord3910
ord311
ord827
ord2639
ord1506
ord1524
ord4550
ord4273
ord2754
ord2757
ord2756
ord3748
ord1427
ord1426
ord1082
ord288
ord812
ord1544
ord1586
ord1555
ord1583
ord1585
ord355
ord1477
ord1553
ord1416
ord1491
ord1577
ord3920
ord4752
ord6880
ord5804
ord6821
ord2121
ord2876
ord5815
ord6832
ord6351
ord6632
ord6522
ord5061
ord2178
ord2138
ord6520
ord2776
ord1646
ord1647
ord629
ord2898
ord3346
ord2857
ord4481
ord4599
ord3783
ord3790
ord3830
ord286
ord1574
ord2427
ord2408
ord3740
ord851
ord336
ord622
ord620
ord4473
ord1463
ord2393
ord624
ord1040
ord626
ord1122
ord6734
ord2906
ord665
ord1067
ord4770
ord4988
ord4371
ord3164
ord4077
ord4083
ord4082
ord3046
ord3166
ord3052
ord3366
ord3231
ord4815
ord3362
ord3243
ord3049
ord5699
ord2140
ord2457
ord5683
ord1736
ord5484
ord3933
ord6814
ord2060
ord2670
ord4789
ord5229
ord4017
ord5712
ord4694
ord6812
ord5586
ord2399
ord5663
ord1778
ord4365
ord5054
ord6440
msvcrt
_initterm
_amsg_exit
_XcptFilter
_callnewh
malloc
free
_purecall
wcsncmp
localeconv
__C_specific_handler
_wtoi
iswdigit
__CxxFrameHandler3
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
_lock
_unlock
__dllonexit
_onexit
memset
wcsstr
_CxxThrowException
log10
dmdskmgr
?GetParentDiskPtr@CDMNodeObj@@QEAAPEAV1@XZ
?GetUIState@CTaskData@@QEAAKXZ
?EnumDisks@CTaskData@@QEAAXAEAKPEAPEA_J@Z
?EnumVolumes@CTaskData@@QEAAXAEAKPEAPEA_J@Z
?UpDateConsoleView@CDMSnapin@@QEAAX_J@Z
?DoDelete@CContextMenu@@QEAAX_J@Z
?GetDeviceType@CDMNodeObj@@QEAAKXZ
?EnumFirstVolumeMember@CDMNodeObj@@QEAAXAEA_JAEAJ@Z
namecmp
?ShowContextMenu@CContextMenu@@QEAAJPEAVCWnd@@JJ_J@Z
?GetResultStringArray@CDMNodeObj@@QEAAHAEAVCStringArray@@@Z
?GetScopeNode@CDMScopeNodeCollection@@QEAAH_JPEAPEAVCDMScopeNode@@@Z
?PopUpInit@CContextMenu@@QEAAXPEAVCDMNodeObj@@AEAH1H@Z
?GetResultPane@CDMSnapin@@QEAAH_JPEAPEAVCDMResultPane@@@Z
?GetSizeString@CDMNodeObj@@QEAAXAEAVCString@@@Z
?GetObjectId@CDMNodeObj@@QEAAXAEA_J@Z
?GetImageNum@CDMNodeObj@@QEAAHXZ
?GetSizeMB@CDMNodeObj@@QEAAXAEA_J@Z
?Command@CContextMenu@@QEAAJJPEAUIDataObject@@_J@Z
?EnumVolumeMembers@CDMNodeObj@@QEAAXPEAPEA_JAEAJ@Z
?GetExtendedRegionColor@CDMNodeObj@@QEAAKXZ
?IsHiddenRegion@CDMNodeObj@@QEAAHXZ
?GetSize@CDMNodeObj@@QEAAXAEA_JH@Z
?GetDiskInfo@CDMNodeObj@@QEAAHAEAUdiskinfoex@@@Z
?EnumDiskRegions@CDMNodeObj@@QEAAXPEAPEA_JAEAJ@Z
?GetStorageType@CDMNodeObj@@QEAA?AW4_STORAGE_TYPES@@XZ
?GetPatternRef@CDMNodeObj@@QEAAHXZ
?GetColorRef@CDMNodeObj@@QEAAKXZ
?GetVolumeStatus@CDMNodeObj@@QEAAHAEAVCString@@@Z
?GetFileSystemLabel@CDMNodeObj@@QEAAXAEAVCString@@@Z
?GetFileSystemName@CDMNodeObj@@QEAAXAEAVCString@@@Z
?GetFlags@CDMNodeObj@@QEAAJXZ
?GetParentVolumePtr@CDMNodeObj@@QEAAPEAV1@XZ
?GetDriveLetter@CDMNodeObj@@QEAAXAEAG@Z
?GetName@CDMNodeObj@@QEAAXAEAVCString@@@Z
?GetOfflineReasonText@CDMNodeObj@@QEAAHAEAVCString@@@Z
?IsDiskOffline@CDMNodeObj@@QEAAHXZ
?GetDiskStatus@CDMNodeObj@@QEAAHAEAVCString@@@Z
?GetDiskTypeName@CDMNodeObj@@QEAAXAEAVCString@@@Z
?GetStorageType@CDMNodeObj@@QEAAXAEAVCString@@H@Z
kernel32
GetModuleHandleW
GetProcAddress
GetCurrentProcess
TerminateProcess
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LoadLibraryW
FreeLibrary
GetLastError
LocalAlloc
LocalFree
Sleep
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
UnhandledExceptionFilter
comctl32
ImageList_GetIcon
ImageList_Draw
ImageList_AddMasked
user32
GetWindowRect
EnableWindow
SendMessageW
RegisterWindowMessageW
NotifyWinEvent
BeginPaint
GetClientRect
EndPaint
GetDC
ShowScrollBar
GetSysColor
IsWindow
GetFocus
InvalidateRect
ScreenToClient
SystemParametersInfoW
GetCursorPos
PtInRect
GetKeyState
DrawFrameControl
LoadCursorW
SetCursor
LoadBitmapW
ReleaseDC
GetParent
PostThreadMessageW
ClientToScreen
FillRect
DrawTextExW
DrawIconEx
LoadImageW
DestroyIcon
SetRect
PostMessageW
oleaut32
SysAllocString
LoadRegTypeLi
gdi32
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetTextMetricsW
CreateFontIndirectW
CreateSolidBrush
PatBlt
GetBkColor
ExtTextOutW
CreateHatchBrush
GetTextExtentPoint32W
shlwapi
StrCmpLogicalW
oleacc
AccessibleObjectFromWindow
LresultFromObject
dmutil
ShowMessage
Exports
Exports
?AddLDMObjMapEntry@CDataCache@@QEAAXPEAU_LDM_OBJ_MAP_ENTRY@@@Z
?GetDiskCount@CDataCache@@QEAAKXZ
?GetLdmObjectId@CDMNodeObj@@QEAA_JXZ
?GetNumMembers@CDMNodeObj@@QEAAKXZ
?GetOcxFrameCWndPtr@CTaskData@@QEAAPEAVCWnd@@XZ
?GetRegionColorStructPtr@CTaskData@@QEAAXPEAPEAU_REGION_COLORS@@AEAH@Z
?GetServerName@CDataCache@@QEAA?AVCString@@XZ
?GetVolumeCount@CDataCache@@QEAAKXZ
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 72KB - Virtual size: 71KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 41KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/dll/dmwappushsvc.dll.dll windows:10 windows x64 arch:x64
3aee446462d63357b34b5903f853763f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
dmwappushsvc.pdb
Imports
msvcrt
abort
__uncaught_exception
??0exception@@QEAA@AEBQEBDH@Z
_callnewh
memset
_wcsdup
__CxxFrameHandler3
_onexit
__dllonexit
??1type_info@@UEAA@XZ
_errno
__C_specific_handler
_initterm
___mb_cur_max_func
calloc
___lc_codepage_func
_amsg_exit
_XcptFilter
___lc_handle_func
__pctype_func
memmove
memcpy
_CxxThrowException
setlocale
_unlock
_lock
malloc
_wcsicmp
_purecall
??1bad_cast@@UEAA@XZ
??0bad_cast@@QEAA@AEBV0@@Z
??0bad_cast@@QEAA@PEBD@Z
memcpy_s
wcscpy_s
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBQEBD@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
free
_wsetlocale
__crtLCMapStringW
_ismbblead
??_V@YAXPEAX@Z
??3@YAXPEAX@Z
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-synch-l1-1-0
InitializeCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionEx
SetEvent
LeaveCriticalSection
CreateEventW
api-ms-win-core-errorhandling-l1-1-0
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
api-ms-win-core-winrt-string-l1-1-0
WindowsDeleteString
WindowsGetStringRawBuffer
api-ms-win-eventing-provider-l1-1-0
EventWriteTransfer
EventSetInformation
EventRegister
EventUnregister
api-ms-win-core-com-l1-1-0
CoGetClassObject
api-ms-win-core-processthreads-l1-1-0
GetCurrentProcess
OpenProcessToken
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
api-ms-win-security-base-l1-1-0
IsValidSid
GetLengthSid
CopySid
GetTokenInformation
api-ms-win-core-registry-l1-1-0
RegOpenKeyExW
RegGetValueW
RegCloseKey
api-ms-win-core-threadpool-l1-2-0
CloseThreadpoolTimer
SetThreadpoolTimer
CreateThreadpoolTimer
WaitForThreadpoolTimerCallbacks
api-ms-win-service-core-l1-1-0
SetServiceStatus
RegisterServiceCtrlHandlerExW
api-ms-win-core-string-l1-1-0
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-util-l1-1-0
EncodePointer
DecodePointer
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetTickCount
GetSystemTimeAsFileTime
api-ms-win-core-rtlsupport-l1-1-0
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
api-ms-win-core-threadpool-legacy-l1-1-0
UnregisterWaitEx
dmcmnutils
QueryPolicy
dmpushroutercore
PrSvcSetMessageCount
PrAreAllClientsHandled
PrSvcGetMessageCount
PushRouter_SubmitPushLocal
RegisterRPCInterface
InitializePushRouter
ShutDownPushRouterSynchronously
PrSvcDecMessageCount
PrSvcIncMessageCount
UnregisterRPCInterface
eventaggregation
EaDeleteAggregation
EaCreateAggregatedEvent
Exports
Exports
ServiceMain
SvchostPushServiceGlobals
Sections
.text Size: 30KB - Virtual size: 30KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 600B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/dll/dmwmicsp.dll.dll windows:10 windows x64 arch:x64
fd53eb2129cd66b8b16eef9b0867805a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
dmwmicsp.pdb
Imports
msvcrt
??3@YAXPEAX@Z
malloc
localeconv
ldexp
free
_callnewh
??0bad_cast@@QEAA@PEBD@Z
??1bad_cast@@UEAA@XZ
??0bad_cast@@QEAA@AEBV0@@Z
??1type_info@@UEAA@XZ
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBV0@@Z
_wtoi
_snwprintf_s
_wcsicmp
_onexit
__dllonexit
__C_specific_handler
_initterm
_amsg_exit
_XcptFilter
wcschr
wcsncmp
wcsrchr
isdigit
isalnum
_wsetlocale
__crtLCMapStringW
_wcsdup
memset
abort
memchr
??_V@YAXPEAX@Z
exit
tolower
isspace
__uncaught_exception
calloc
__pctype_func
_ismbblead
___lc_codepage_func
___lc_handle_func
_errno
___mb_cur_max_func
_unlock
_lock
setlocale
memmove
memcpy
_wcsnicmp
_purecall
_CxxThrowException
??0exception@@QEAA@AEBQEBD@Z
__CxxFrameHandler3
??0exception@@QEAA@AEBQEBDH@Z
wcscmp
api-ms-win-eventing-provider-l1-1-0
EventUnregister
EventRegister
EventWriteTransfer
EventSetInformation
api-ms-win-core-debug-l1-1-0
DebugBreak
oleaut32
VariantCopy
SysFreeString
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
VariantInit
VariantChangeType
SafeArrayGetLBound
VariantClear
api-ms-win-core-com-l1-1-0
CoSetProxyBlanket
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
api-ms-win-core-libraryloader-l1-2-0
DisableThreadLibraryCalls
api-ms-win-core-registry-l1-1-0
RegOpenCurrentUser
RegCreateKeyExW
RegSetValueExW
RegCloseKey
api-ms-win-core-registry-l1-1-1
RegDeleteKeyValueW
api-ms-win-core-heap-l2-1-0
LocalFree
api-ms-win-core-string-l1-1-0
WideCharToMultiByte
GetStringTypeW
MultiByteToWideChar
api-ms-win-core-util-l1-1-0
DecodePointer
EncodePointer
api-ms-win-core-synch-l1-1-0
AcquireSRWLockExclusive
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
ReleaseSRWLockExclusive
DeleteCriticalSection
api-ms-win-core-synch-l1-2-0
Sleep
SleepConditionVariableSRW
WakeAllConditionVariable
api-ms-win-core-rtlsupport-l1-1-0
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
api-ms-win-core-errorhandling-l1-1-0
UnhandledExceptionFilter
SetUnhandledExceptionFilter
api-ms-win-core-processthreads-l1-1-0
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
GetCurrentProcess
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetTickCount
GetSystemTimeAsFileTime
api-ms-win-core-shlwapi-obsolete-l1-1-0
StrDupW
shlwapi
UrlUnescapeW
mi
MI_Application_InitializeV1
dmcmnutils
OmaDmRegistryGetString
OmaDmRegistryGetDWORD
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllMain
Sections
.text Size: 106KB - Virtual size: 105KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 872B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/lib/asm-all.jar.jar
-
VALO STRIKE/lib/dn-compiled-module.jar.jar
-
VALO STRIKE/lib/dn-php-sdk.jar.jar
-
VALO STRIKE/lib/gson.jar.jar
-
VALO STRIKE/lib/jphp-app-framework.jar.jar
-
VALO STRIKE/lib/jphp-core.jar.jar
-
VALO STRIKE/lib/jphp-desktop-ext.jar.jar
-
VALO STRIKE/lib/jphp-gui-ext.jar.jar
-
VALO STRIKE/lib/jphp-json-ext.jar.jar
-
VALO STRIKE/lib/jphp-runtime.jar.jar
-
VALO STRIKE/lib/jphp-xml-ext.jar.jar
-
VALO STRIKE/lib/jphp-zend-ext.jar.jar
-
VALO STRIKE/lib/loader.exe.exe windows:5 windows x64 arch:x64
bae3d3e8262d7ce7e9ee69cc1b630d3a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
user32
GetWindowThreadProcessId
ShowWindow
kernel32
GetModuleFileNameW
CreateSymbolicLinkW
GetProcAddress
GetCommandLineW
GetEnvironmentVariableW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
CreateDirectoryW
GetTempPathW
WaitForSingleObject
Sleep
GetExitCodeProcess
CreateProcessW
SetDllDirectoryW
FreeLibrary
LoadLibraryExW
SetConsoleCtrlHandler
FindClose
FindFirstFileExW
CloseHandle
GetCurrentProcess
GetCurrentProcessId
LocalFree
FormatMessageW
MultiByteToWideChar
WideCharToMultiByte
GetConsoleWindow
HeapSize
GetLastError
WriteConsoleW
SetEndOfFile
GetStartupInfoW
TlsSetValue
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW
RtlUnwindEx
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsFree
EncodePointer
RaiseException
RtlPcToFileHeader
GetCommandLineA
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFullPathNameW
RemoveDirectoryW
FindNextFileW
SetStdHandle
DeleteFileW
ReadFile
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
HeapFree
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleOutputCP
GetFileSizeEx
HeapAlloc
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
GetCurrentDirectoryW
FlushFileBuffers
HeapReAlloc
GetFileAttributesExW
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetTimeZoneInformation
advapi32
ConvertSidToStringSidW
GetTokenInformation
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorW
Sections
.text Size: 168KB - Virtual size: 167KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 74KB - Virtual size: 74KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 60KB - Virtual size: 59KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
VALO STRIKE/libGLESv2.dll
-
VALO STRIKE/skipsavetoini
-
VALO STRIKE/updater.ini