КОНТРОЛЬ-ПВР Менеджер[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

КОНТРОЛЬ-ПВР Менеджер.zip
Size

6.6MB
MD5

32169ef3b362e81e0e95769f0e4e2604
SHA1

bd9d7fd594f31b33db4b6fbb6a86c0002e180970
SHA256

9f35e2aff0da718c44498ba9199e3873768c4249d970e2c50d252a2d27ee54eb
SHA512

06a57b876a6b0b22d5e17cc4adebc33a299581ea8797e87b4a5d58ecfcf21b0debc304ccadd7dcb4af213f378bc7b87746d74d3a109b35c557fdd9fa328936c0
SSDEEP

196608:BjosIawZdKssBTYgO974lnEyGjtd2sPEQ:posIazNVhqD

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/КОНТРОЛЬ-ПВР Менеджер/h22_4g_pc.dll
unpack001/КОНТРОЛЬ-ПВР Менеджер/libusb0.dll
unpack001/КОНТРОЛЬ-ПВР Менеджер/ucrtbased.dll
unpack001/КОНТРОЛЬ-ПВР Менеджер/КОНТРОЛЬ-ПВР Менеджер.exe

Files

КОНТРОЛЬ-ПВР Менеджер.zip
.zip
КОНТРОЛЬ-ПВР Менеджер/Language.ini
КОНТРОЛЬ-ПВР Менеджер/h22_4g_pc.dll
.dll windows:6 windows x86 arch:x86

e5f025c9f994d13a5ee1c8be4662e268

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\camera manager sdk\eeyelog_dll\Eeyelog\Debug\h22_4g_pc.pdb

Imports

kernel32

GetLocalTime
FreeLibrary
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
GetLastError
GetModuleHandleW
GetStartupInfoW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WideCharToMultiByte
MultiByteToWideChar
RaiseException
IsDebuggerPresent
GetCurrentThreadId
GetProcAddress

libusb0

usb_find_busses
usb_init
usb_claim_interface
usb_control_msg
usb_close
usb_find_devices
usb_get_busses
usb_open

vcruntime140d

__vcrt_LoadLibraryExW
__vcrt_GetModuleHandleW
__vcrt_GetModuleFileNameW
_except_handler4_common
__current_exception_context
__current_exception
__std_type_info_destroy_list
memcpy
memset

ucrtbased

terminate
_wmakepath_s
_wsplitpath_s
_crt_at_quick_exit
_configure_narrow_argv
_errno
_invalid_parameter_noinfo
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
strtok_s
_seh_filter_dll
strcat_s
strcpy_s
_initterm_e
_cexit
_initterm
_CrtDbgReportW
_CrtDbgReport
atoi
__stdio_common_vsprintf_s
__stdio_common_vfprintf
__acrt_iob_func
wcscpy_s
strlen

Exports

Exports

Eylog_ApnPsw
Eylog_ApnUser
Eylog_ChangePsw
Eylog_Customized_Command
Eylog_Customized_GetInfo_FromCamera
Eylog_FactoryDefault
Eylog_FactoryDefault_ByIndex
Eylog_FormatTFCard
Eylog_FormatTFCard_ByIndex
Eylog_Get4GDevOrNot
Eylog_GetFwVersion
Eylog_GetMenuConfig
Eylog_GetMenuConfig_ByIndex
Eylog_GetNetConfig
Eylog_GetPsw
Eylog_GetTFVol
Eylog_Login
Eylog_SN_Info
Eylog_SN_Info_ByIndex
Eylog_SetDefault
Eylog_SetMenuConfig
Eylog_SetMenuConfig_ByIndex
Eylog_SetNetConfig
GetIDCode
GetZFYInfo
GetZFYInfo_ByIndex
Init_Device
Init_Device_UsbTotal
ReadDeviceBatteryDumpEnergy
ReadDeviceBatteryDumpEnergy_ByIndex
ReadDeviceResolution
SetMSDC
SetMSDC_ByIndex
SyncDevTime
UnInit_Device
WriteZFYInfo
WriteZFYInfo_ByIndex

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 512B - Virtual size: 401B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
КОНТРОЛЬ-ПВР Менеджер/h22_4g_pc.h
КОНТРОЛЬ-ПВР Менеджер/h22_4g_pc.lib
КОНТРОЛЬ-ПВР Менеджер/libusb0.dll
.dll windows:6 windows x86 arch:x86

2d730aa2a51fec98a36ee74ee789fbd6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

h:\backup\usb_driver_develop\mingw\libusb\libusb_gw\libusb-win32-src-1.2.6.0\ddk_make\output\i386\libusb0.pdb

Imports

msvcrt

memmove
_stricmp
_iob
fprintf
mbstowcs
_getch
_beginthread
_endthread
wcstombs
sscanf
_strlwr
strncmp
_wcsnicmp
_wcsicmp
printf
fopen
fgetws
wcsstr
fclose
fputws
fgets
fputs
_strdup
sprintf
_vsnprintf
strncpy
strerror
_XcptFilter
_initterm
_amsg_exit
realloc
getenv
atoi
strstr
_snprintf
memcpy
memset
malloc
free

setupapi

SetupGetStringFieldA
CM_Get_Device_IDA
SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller
SetupDiOpenDevRegKey
SetupOpenInfFileA
SetupDiGetDeviceRegistryPropertyA
SetupDiRemoveDevice
CM_Get_DevNode_Status
SetupDiSetDeviceRegistryPropertyA
SetupFindNextLine
SetupCloseInfFile
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstallParamsA
SetupDiDestroyDeviceInfoList
SetupFindFirstLineA

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlUnwind
InterlockedCompareExchange
InterlockedExchange
GetVersion
InterlockedIncrement
LocalFree
GetFullPathNameA
GetStdHandle
FindResourceA
SizeofResource
LoadResource
LockResource
WriteFile
GetModuleHandleA
GetCurrentProcess
SetEnvironmentVariableA
Sleep
LoadLibraryA
GetProcAddress
FreeLibrary
CreateSemaphoreA
GetVersionExA
OutputDebugStringA
FormatMessageA
WaitForSingleObject
CreateFileA
GetOverlappedResult
CloseHandle
ResetEvent
DeviceIoControl
GetLastError
CreateEventA

advapi32

RegEnumKeyExA
CheckTokenMembership
AllocateAndInitializeSid
RegCloseKey
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
FreeSid

user32

EnableWindow
GetSysColorBrush
FillRect
DrawEdge
SetTimer
GetParent
DestroyWindow
PostQuitMessage
DispatchMessageA
TranslateMessage
GetMessageA
UpdateWindow
RegisterClassExA
LoadCursorA
LoadIconA
GetClassInfoExA
SetWindowTextA
GetWindowLongA
SetWindowLongA
RedrawWindow
InvalidateRect
DefWindowProcA
PostMessageA
CreateWindowExA
GetSysColor
GetSystemMetrics
GetClientRect
OffsetRect
InflateRect
GetDlgItem
GetWindowTextLengthA
SendMessageA
GetDesktopWindow
GetWindowRect
SetWindowPos
MessageBoxA

gdi32

BitBlt
CreateSolidBrush
DeleteObject
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC

Exports

Exports

usb_bulk_read
usb_bulk_setup_async
usb_bulk_write
usb_cancel_async
usb_claim_interface
usb_clear_halt
usb_close
usb_control_msg
usb_destroy_configuration
usb_device
usb_fetch_and_parse_descriptors
usb_find_busses
usb_find_devices
usb_free_async
usb_free_bus
usb_free_dev
usb_get_busses
usb_get_descriptor
usb_get_descriptor_by_endpoint
usb_get_string
usb_get_string_simple
usb_get_version
usb_init
usb_install_driver_np
usb_install_driver_np_rundll
usb_install_needs_restart_np
usb_install_npA
usb_install_npW
usb_install_np_rundll
usb_install_service_np
usb_install_service_np_rundll
usb_interrupt_read
usb_interrupt_setup_async
usb_interrupt_write
usb_isochronous_setup_async
usb_open
usb_os_close
usb_os_determine_children
usb_os_find_busses
usb_os_find_devices
usb_os_init
usb_os_open
usb_parse_configuration
usb_parse_descriptor
usb_reap_async
usb_reap_async_nocancel
usb_registry_get_mz_value
usb_registry_mz_string_find
usb_registry_mz_string_insert
usb_registry_mz_string_remove
usb_registry_mz_string_size
usb_registry_restart_all_devices
usb_registry_set_mz_value
usb_registry_start_libusb_devices
usb_registry_stop_libusb_devices
usb_release_interface
usb_reset
usb_reset_ex
usb_resetep
usb_set_altinterface
usb_set_configuration
usb_set_debug
usb_strerror
usb_submit_async
usb_touch_inf_file_np
usb_touch_inf_file_np_rundll
usb_uninstall_service_np
usb_uninstall_service_np_rundll

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
КОНТРОЛЬ-ПВР Менеджер/mfc140u.dll
.dll windows:6 windows x86 arch:x86

ab78d2feb08224c12eb0e0e486ef230f

Code Sign

33:00:00:00:6f:65:2d:58:6d:07:11:46:28:00:00:00:00:00:6f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:38:8d:23:6d:16:27:a3:26:e0:00:00:00:00:00:38
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:11

Not After

01/01/2016, 18:11

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:89:f7:76:aa:51:ad:1f:8f:84:0b:e4:48:f2:a4:a4:d1:2b:c1:27:a4:f0:28:4c:c2:88:7f:ab:5e:41:33:67
Signer

Actual PE Digest

11:89:f7:76:aa:51:ad:1f:8f:84:0b:e4:48:f2:a4:a4:d1:2b:c1:27:a4:f0:28:4c:c2:88:7f:ab:5e:41:33:67

Digest Algorithm

sha256

PE Digest Matches

true

55:42:74:e0:89:44:3d:ce:09:7a:f7:a7:d0:a9:3c:42:4e:5f:18:d7
Signer

Actual PE Digest

55:42:74:e0:89:44:3d:ce:09:7a:f7:a7:d0:a9:3c:42:4e:5f:18:d7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\binaries.x86ret\bin\i386\mfc140u.i386.pdb

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumKeyW
RegQueryValueW
RegSetValueW
GetFileSecurityW
SetFileSecurityW
IsTextUnicode
RegOpenKeyExA
RegQueryValueExA

kernel32

IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
OutputDebugStringW
LoadLibraryExA
QueryPerformanceCounter
GetSystemTimeAsFileTime
UnhandledExceptionFilter
InitializeSListHead
GetLastError
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceW
SetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LoadLibraryA
LoadLibraryW
GetModuleFileNameW
OutputDebugStringA
MultiByteToWideChar
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentThreadId
InitializeCriticalSection
DeleteFileW
MulDiv
VerSetConditionMask
VerifyVersionInfoW
FreeLibrary
CloseHandle
GetTempPathW
GetTempFileNameW
CreateFileW
SetFilePointer
Sleep
GetCurrentDirectoryW
lstrcmpW
GetSystemDirectoryW
LoadLibraryExW
DecodePointer
EncodePointer
GlobalFree
GetTickCount
GetWindowsDirectoryW
lstrcmpiW
SetThreadPriority
LocalAlloc
LocalFree
TlsAlloc
TlsFree
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalReAlloc
TlsSetValue
GetFileSize
GetFileAttributesW
GlobalSize
SearchPathW
GetLocaleInfoW
GetUserDefaultUILanguage
ExpandEnvironmentStringsA
GetSystemInfo
VirtualQuery
FormatMessageA
GetEnvironmentVariableA
GetEnvironmentVariableW
GlobalFlags
GlobalFindAtomW
GetSystemTime
LocalUnlock
LocalLock
GlobalGetAtomNameW
GetAtomNameW
SuspendThread
ResumeThread
SetEvent
CopyFileW
WaitForMultipleObjects
CreateEventW
ReleaseMutex
CreateMutexW
ReleaseSemaphore
CreateSemaphoreW
WaitForSingleObject
FormatMessageW
SetFileAttributesW
LocalFileTimeToFileTime
GetFileAttributesExW
GetFileSizeEx
FindNextFileW
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameW
GetStringTypeExW
GetThreadLocale
FindClose
FindFirstFileW
GetVolumeInformationW
MoveFileW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
GetProfileIntW
SystemTimeToFileTime
ReplaceFileW
SetFileTime
GetFileTime
GetFullPathNameW
GetDiskFreeSpaceW
VirtualProtect
RaiseException
GetSystemDefaultUILanguage
CompareStringW
GetCurrentThread
GetVersionExW
WideCharToMultiByte
lstrcmpA
CompareStringA
GlobalDeleteAtom
SetErrorMode
GetCurrentProcessId
lstrcpyA
GlobalAddAtomW
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
FindResourceExW
GetUserDefaultLCID
IsDBCSLeadByte
InitializeCriticalSectionAndSpinCount

vcruntime140

wcsrchr
wcsstr
__vcrt_InitializeCriticalSectionEx
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
_except_handler4_common
__std_type_info_destroy_list
wcschr
_purecall
__std_terminate
memmove
memset
memcpy
_CxxThrowException
memcmp
__CxxFrameHandler3

api-ms-win-crt-runtime-l1-1-0

__doserrno
_beginthread
__p___argc
_initterm_e
_initterm
terminate
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_seh_filter_dll
abort
_invalid_parameter_noinfo
_errno
_resetstkoflw
_endthreadex
__p___wargv
_beginthreadex
_endthread

api-ms-win-crt-string-l1-1-0

iswspace
wcscmp
_wcsupr_s
_wcsicmp
wcsspn
wcscspn
wcspbrk
wmemcpy_s
wcsnlen
wcscoll
_wcsicoll
wcsncmp
wcscpy_s
iswdigit
iswalpha
iswalnum
iswprint
towupper
towlower
toupper
wcscat_s
_wcsrev
_wcslwr_s
wcslen
_wcsdup
strlen
_strnicmp
strnlen
_wcsnicmp
wcsncpy_s
strcpy_s

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
fclose
fflush
ftell
fseek
fgetws
fputws
fwrite
__stdio_common_vsprintf_s
__stdio_common_vswscanf
_get_osfhandle
_fileno
_open_osfhandle
__stdio_common_vswprintf_s
fread
feof
__stdio_common_vsnwprintf_s
__stdio_common_vswprintf
ferror
clearerr_s

api-ms-win-crt-heap-l1-1-0

realloc
_recalloc
_msize
_expand
calloc
malloc
free

api-ms-win-crt-utility-l1-1-0

ldiv
abs
labs

api-ms-win-crt-convert-l1-1-0

wcstol
_wtol
wcstoul
_ultow_s
wcstod
_itow_s
_wtoi
_ltow_s

api-ms-win-crt-math-l1-1-0

atan2
exp
ceil
fabs
sqrt
_fdopen
floor
cos
sin

api-ms-win-crt-time-l1-1-0

_mktime64
_localtime64_s
clock
_time64

api-ms-win-crt-filesystem-l1-1-0

_wsplitpath_s
_wmakepath_s
_wfullpath

api-ms-win-crt-multibyte-l1-1-0

_mbscoll
_mbsspn
_mbscmp
_mbsrev
_mbslwr_s
_mbscspn
_mbsupr_s
_mbsrchr
_mbsstr
_ismbcspace
_mbspbrk
_mbsicmp
_mbsicoll
_mbsinc
_mbschr

user32

LoadMenuW
GetSubMenu
PostThreadMessageW
GetClassInfoW
DefWindowProcW
GetWindow
GetMenuItemCount
GetMenuItemID
IsIconic
GetForegroundWindow
DrawIcon
SetTimer
MonitorFromPoint
SystemParametersInfoW
ValidateRect
SetLayeredWindowAttributes
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
GetUpdateRect
UnionRect
SetWindowPos
LockWindowUpdate
GetKeyState
BeginDeferWindowPos
EndDeferWindowPos
AppendMenuW
CreatePopupMenu
IntersectRect
SetScrollPos
EnableMenuItem
GetNextDlgTabItem
GetSystemMenu
IsMenu
IsZoomed
ModifyMenuW
DeleteMenu
SetWindowRgn
DestroyAcceleratorTable
GetTopWindow
DestroyWindow
EnumDisplayMonitors
GetSysColor
GetClassLongW
IsClipboardFormatAvailable
DestroyCursor
CreateAcceleratorTableW
CopyAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyW
CharUpperW
SetWindowTextW
GetMenuState
CheckMenuItem
SetFocus
GetMenuItemInfoW
DrawFrameControl
SubtractRect
GetLastActivePopup
GetMessageW
UpdateLayeredWindow
EnableScrollBar
GetScrollPos
GetMenuDefaultItem
SetMenuDefaultItem
HideCaret
InvertRect
EnumChildWindows
GetWindowTextW
GetDoubleClickTime
GetDC
ReleaseDC
GetWindowRgn
FrameRect
ShowScrollBar
IsWindowEnabled
InsertMenuW
GetActiveWindow
RegisterClipboardFormatW
GetComboBoxInfo
CharUpperBuffW
DrawEdge
PostQuitMessage
UnregisterClassW
ShowOwnedPopups
GetWindowThreadProcessId
MessageBoxW
SetWindowLongW
SetMenuItemBitmaps
DestroyMenu
GetMenuCheckMarkDimensions
CallWindowProcW
SetActiveWindow
CreateMenu
MoveWindow
InvalidateRgn
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
GetWindowTextLengthW
GetTabbedTextExtentW
GetDlgItem
CreateDialogIndirectParamW
EndDialog
GetPropW
RemovePropW
SetPropW
MapDialogRect
GetMessageTime
GetMessagePos
GetDialogBaseUnits
GetDCEx
RemoveMenu
MsgWaitForMultipleObjectsEx
CharNextW
SetWindowContextHelpId
IsDialogMessageW
ClipCursor
SendNotifyMessageW
InSendMessage
GetMenuStringW
WindowFromDC
SetScrollRange
AdjustWindowRectEx
CountClipboardFormats
GetMenu
SetMenu
GetClassInfoExW
CreateWindowExW
SetWindowPlacement
TrackPopupMenuEx
RegisterClassW
WinHelpW
GetScrollRange
SetScrollInfo
GetScrollInfo
ScrollWindow
MonitorFromWindow
BeginPaint
EndPaint
SendDlgItemMessageA
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
GetMenuBarInfo
GetWindowDC
DefFrameProcW
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SendDlgItemMessageW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
ScrollWindowEx
RealChildWindowFromPoint
CharToOemBuffA
OemToCharBuffA
TrackMouseEvent
ScreenToClient
GetCursorPos
IsWindowVisible
GetClientRect
KillTimer
SetRectEmpty
SendMessageW
InvalidateRect
RedrawWindow
IsWindow
SetRect
EnableWindow
IsCharLowerW
GetKeyNameTextW
GetKeyboardLayout
MapVirtualKeyExW
GetSystemMetrics
TranslateAcceleratorW
LoadAcceleratorsW
GetCapture
DrawStateW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetAsyncKeyState
GetDesktopWindow
WaitMessage
DispatchMessageW
TranslateMessage
PeekMessageW
SetForegroundWindow
LoadCursorW
GetFocus
IsChild
TrackPopupMenu
LoadIconW
GetNextDlgGroupItem
DrawFocusRect
SetCursor
GetWindowLongW
CopyImage
GetIconInfo
FillRect
LoadImageW
NotifyWinEvent
CopyRect
LoadBitmapW
MapWindowPoints
MessageBeep
SetCursorPos
WindowFromPoint
ClientToScreen
SetCapture
ReleaseCapture
CopyIcon
BringWindowToTop
RegisterWindowMessageW
DestroyIcon
GetClassNameW
SetParent
ShowWindow
GetWindowPlacement
IsRectEmpty
GetDlgCtrlID
PostMessageW
DeferWindowPos
EqualRect
GetSysColorBrush
SetClassLongW
GetParent
DrawIconEx
InflateRect
OffsetRect
PtInRect
SetMenuItemInfoW
UpdateWindow
GetMonitorInfoW
GetWindowRect

gdi32

GetClipBox
Escape
TextOutW
RectVisible
PtVisible
GetViewportOrgEx
DeleteMetaFile
CloseMetaFile
CreateMetaFileW
LPtoDP
GetCharWidthW
CreateFontW
StretchDIBits
RoundRect
CreateEllipticRgn
CreateHatchBrush
ExtTextOutW
Polyline
GetDIBits
SelectPalette
SetBkColor
CreateBitmap
SetDIBColorTable
StretchBlt
EnumFontFamiliesExW
CreateRoundRectRgn
SetRectRgn
FillRgn
GetBoundsRect
CombineRgn
CreateRectRgn
PatBlt
GetCurrentObject
EndDoc
EndPage
StartPage
ExtFloodFill
SetPaletteEntries
CreateDIBitmap
CreatePatternBrush
CreatePen
EnumFontFamiliesW
GetTextCharsetInfo
GetDeviceCaps
CreateFontIndirectW
GetBkColor
Ellipse
SetPixel
CreateDIBSection
OffsetRgn
CreateRectRgnIndirect
GetRgnBox
BitBlt
SetPixelV
CreateCompatibleBitmap
FrameRgn
PtInRegion
CreatePolygonRgn
GetPixel
GetSystemPaletteEntries
GetNearestPaletteIndex
RealizePalette
CreatePalette
GetTextAlign
GetStockObject
Rectangle
Polygon
GetTextColor
GetObjectType
SelectObject
DeleteObject
CreateCompatibleDC
CreateSolidBrush
GetObjectW
GetTextExtentPoint32W
GetTextMetricsW
DeleteDC
MoveToEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SaveDC
RestoreDC
GetROP2
GetBkMode
GetPolyFillMode
GetStretchBltMode
GetNearestColor
GetTextFaceW
GetWindowExtEx
GetViewportExtEx
SetTextColor
SetMapMode
SetWindowExtEx
ScaleWindowExtEx
GetWindowOrgEx
SetWindowOrgEx
IntersectClipRect
CreateDCW
SetBrushOrgEx
SetAbortProc
StartDocW
DPtoLP
AbortDoc
CopyMetaFileW
UnrealizeObject
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
OffsetWindowOrgEx
SelectClipRgn
ExcludeClipRect
OffsetClipRgn
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetLayout
SetLayout
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
SelectClipPath
GetClipRgn
ExtSelectClipRgn
PlayMetaFileRecord
PlayMetaFile
EnumMetaFile
ExtCreatePen
CreateDIBPatternBrushPt
GetMapMode
GetCurrentPositionEx
GetPaletteEntries

ole32

CreateDataCache
OleDraw
OleRegGetMiscStatus
OleRegEnumVerbs
CoDisconnectObject
CoRegisterMessageFilter
CoTreatAsClass
CreateStreamOnHGlobal
CoUninitialize
SetConvertStg
WriteFmtUserTypeStg
OleDuplicateData
WriteClassStg
GetRunningObjectTable
OleTranslateAccelerator
OleCreateMenuDescriptor
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoInitialize
PropVariantClear
CoCreateGuid
CoTaskMemFree
CoCreateInstance
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemAlloc
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
DoDragDrop
CoGetMalloc
OleDestroyMenuDescriptor
StgIsStorageFile
ReleaseStgMedium
IsAccelerator
StgCreateDocfile
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
OleGetClipboard
OleRegGetUserType
GetClassFile
CreateBindCtx
CreateFileMoniker
OleRun
OleIsRunning
OleQueryLinkFromData
OleQueryCreateFromData
OleSetMenuDescriptor
CreateGenericComposite
CreateItemMoniker
WriteClassStm
OleGetIconOfClass
GetHGlobalFromILockBytes
ReadClassStg
OleLoad
OleSave
OleCreate
OleCreateLinkToFile
OleCreateFromFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSetContainedObject
StringFromCLSID
OleLockRunning
StgOpenStorageOnILockBytes
CLSIDFromString
CLSIDFromProgID
PropVariantCopy
CoInitializeEx
CoGetClassObject
StringFromGUID2
ReadFmtUserTypeStg
OleLoadFromStream
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
ReadClassStm
OleSaveToStream
CreateDataAdviseHolder
CreateOleAdviseHolder
StgOpenStorage

oleaut32

SafeArrayCreate
SysAllocString
SysStringLen
SysFreeString
VariantChangeType
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
VarParseNumFromStr
SafeArrayCreateVector
VarBstrFromDec
VarDecFromStr
VarDateFromStr
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
SysAllocStringByteLen
SafeArrayRedim
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SysStringByteLen
SafeArrayDestroy
VariantCopy
VarBstrCmp
DispCallFunc
VariantInit
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
OleLoadPicture
OleCreatePictureIndirect
OleCreateFontIndirect
OleTranslateColor
OleCreatePropertyFrame

shlwapi

SHStrDupW
StrFormatKBSizeW
PathFindExtensionW
PathFindFileNameW
PathRemoveExtensionW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
UrlUnescapeW

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

uxtheme

DrawThemeText
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
CloseThemeData
IsAppThemed
GetThemeColor
GetThemePartSize
OpenThemeData
DrawThemeBackground

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
КОНТРОЛЬ-ПВР Менеджер/mfc140ud.dll
.dll windows:6 windows x86 arch:x86

b6950007833f642f23771480c434c678

Code Sign

33:00:00:00:9d:42:68:ee:31:1c:d7:56:bd:00:00:00:00:00:9d
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

30/03/2016, 19:21

Not After

30/06/2017, 19:21

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:148C-C4B9-2066,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:64:47:84:94:86:db:41:19:38:00:00:00:00:00:64
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

28/10/2015, 20:31

Not After

28/01/2017, 20:31

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b0:fb:8f:b8:1f:ce:a2:50:b7:69:dd:7e:e1:ab:99:4b:c0:6f:ac:48:78:9d:7f:4e:ad:27:d1:59:54:d5:55:5f
Signer

Actual PE Digest

b0:fb:8f:b8:1f:ce:a2:50:b7:69:dd:7e:e1:ab:99:4b:c0:6f:ac:48:78:9d:7f:4e:ad:27:d1:59:54:d5:55:5f

Digest Algorithm

sha256

PE Digest Matches

true

0c:bb:ff:34:a5:a9:8b:91:18:22:81:d5:97:db:c3:9c:cb:cb:92:a4
Signer

Actual PE Digest

0c:bb:ff:34:a5:a9:8b:91:18:22:81:d5:97:db:c3:9c:cb:cb:92:a4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

mfc140ud.i386.pdb

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegEnumKeyExW
RegEnumKeyW
RegQueryValueW
RegSetValueW
GetFileSecurityW
SetFileSecurityW
IsTextUnicode
RegQueryValueExA
RegOpenKeyExA

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
VirtualQuery
OutputDebugStringW
LoadLibraryExA
ExpandEnvironmentStringsA
FormatMessageA
GetProcessHeap
HeapFree
HeapAlloc
GetEnvironmentVariableW
GetEnvironmentVariableA
GlobalFlags
GlobalFindAtomW
GetSystemTime
LocalUnlock
LocalLock
GetAtomNameW
CopyFileW
CreateSemaphoreW
WaitForMultipleObjects
CreateEventW
CreateMutexW
ReleaseMutex
ReleaseSemaphore
PulseEvent
WaitForSingleObject
ResetEvent
SetEvent
FormatMessageW
SetFileAttributesW
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileW
FileTimeToLocalFileTime
GetThreadLocale
GetStringTypeExW
MoveFileW
GetCurrentProcess
GetHandleInformation
DuplicateHandle
WriteFile
UnlockFile
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
GetProfileIntW
SystemTimeToFileTime
ReplaceFileW
SetFileTime
GetFullPathNameW
GetFileTime
GetDiskFreeSpaceW
VirtualProtect
RaiseException
lstrcpyA
IsDBCSLeadByte
GetUserDefaultLCID
WaitForSingleObjectEx
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalAddAtomW
GetCurrentProcessId
SetErrorMode
CompareStringA
WideCharToMultiByte
lstrcmpA
GlobalDeleteAtom
GetVersionExW
GetCurrentThread
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
SearchPathW
GlobalGetAtomNameW
GlobalSize
GetFileSize
GetFileAttributesW
LocalFree
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
lstrcmpiW
GetWindowsDirectoryW
GetTickCount
FreeResource
GlobalFree
LoadLibraryExW
GetSystemDirectoryW
DecodePointer
EncodePointer
lstrcmpW
GetCurrentDirectoryW
Sleep
CloseHandle
GetTempPathW
SetFilePointer
GetTempFileNameW
CreateFileW
ResumeThread
SuspendThread
GetThreadPriority
SetThreadPriority
LoadLibraryW
LoadLibraryA
GetModuleHandleA
GetModuleFileNameW
OutputDebugStringA
VerifyVersionInfoW
FreeLibrary
VerSetConditionMask
MulDiv
GetProcAddress
GetModuleHandleW
DeleteFileW
InitializeCriticalSection
GetCurrentThreadId
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcpyW
FindResourceW
SizeofResource
LockResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
SetLastError
GetLastError
FindResourceExW
GetSystemInfo

vcruntime140d

__vcrt_GetModuleFileNameW
__std_type_info_destroy_list
__vcrt_LoadLibraryExW
_except_handler4_common
__vcrt_InitializeCriticalSectionEx
memcmp
_CxxThrowException
wcsrchr
wcsstr
wcschr
_purecall
memmove
memcpy
memset
__vcrt_GetModuleHandleW
__CxxFrameHandler3

ucrtbased

__stdio_common_vsnprintf_s
abort
_free_dbg
_malloc_dbg
_CrtDbgReportW
_invalid_parameter_noinfo
toupper
_errno
wcscpy_s
wcsnlen
_wcslwr_s
__stdio_common_vswprintf
__stdio_common_vsnwprintf_s
_CrtDbgReport
wcscspn
wcsspn
_wcsicmp
wmemcpy_s
wcscmp
iswspace
labs
ldiv
_wcsupr_s
_wtoi
_calloc_dbg
sqrt
abs
atan2
wcspbrk
clock
cos
exp
fabs
sin
ceil
floor
_wsplitpath_s
wcscoll
wcsncmp
_wcsicoll
iswalnum
iswalpha
iswdigit
iswprint
towupper
towlower
_CrtSetAllocHook
_CrtCheckMemory
_CrtDoForAllClientObjects
_CrtDumpMemoryLeaks
_CrtIsMemoryBlock
_mbscmp
wcstol
free
_recalloc
_realloc_dbg
_gcvt_s
_CrtSetDumpClient
_CrtReportBlockType
_CrtSetReportMode
_CrtSetReportHook2
_wfullpath_dbg
__doserrno
fgetws
fputws
clearerr_s
fclose
_fdopen
feof
ferror
fflush
_fileno
fread
fseek
ftell
fwrite
_get_osfhandle
_open_osfhandle
_ultow_s
strcpy_s
_beginthreadex
_endthreadex
_ctime64_s
_msize_dbg
_expand_dbg
_wcsrev
_mbschr
_mbscoll
_mbscspn
_mbsicmp
_mbsicoll
_mbslwr_s
_mbspbrk
_mbsrchr
_mbsrev
_mbsspn
_mbsstr
_mbsupr_s
_ismbcspace
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
terminate
_initterm
_initterm_e
__stdio_common_vsprintf
__stdio_common_vswprintf_s
wcslen
_CrtMemCheckpoint
_CrtMemDifference
_CrtMemDumpAllObjectsSince
_CrtMemDumpStatistics
_CrtSetBreakAlloc
_CrtSetDbgFlag
_wtol
__stdio_common_vswscanf
wcstoul
wcscat_s
_localtime64_s
_beginthread
_endthread
_wcsdup_dbg
strlen
_wmakepath_s
_time64
wcstod
_resetstkoflw
_recalloc_dbg
__stdio_common_vsprintf_s
_strnicmp
__p___argc
__p___wargv
wcsncpy_s
_itow_s
_ltow_s
_wcsnicmp
strnlen
_mktime64
_mbsinc

user32

CheckMenuRadioItem
DrawCaption
DrawAnimatedRects
SendNotifyMessageW
FlashWindow
ShowOwnedPopups
OpenIcon
CloseWindow
IsIconic
IsZoomed
GetNextDlgGroupItem
GetNextDlgTabItem
OpenClipboard
GetClipboardOwner
SetClipboardViewer
GetClipboardViewer
ChangeClipboardChain
GetOpenClipboardWindow
GetActiveWindow
GetCapture
SetCapture
HiliteMenuItem
DrawMenuBar
GetSystemMenu
DragDetect
UpdateWindow
SetActiveWindow
GetForegroundWindow
SetForegroundWindow
GetDC
GetDCEx
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
GetUpdateRgn
SetWindowRgn
GetWindowRgn
InvalidateRect
ValidateRect
InvalidateRgn
ValidateRgn
UnhookWindowsHookEx
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
EnableScrollBar
GetClientRect
SetWindowContextHelpId
GetWindowContextHelpId
CreateCaret
HideCaret
ShowCaret
SetCaretPos
GetCaretPos
ClientToScreen
ScreenToClient
MapWindowPoints
WindowFromPoint
ChildWindowFromPoint
ChildWindowFromPointEx
SetParent
FindWindowW
FindWindowExW
GetTopWindow
GetLastActivePopup
DlgDirListW
DlgDirSelectExW
DlgDirListComboBoxW
DlgDirSelectComboBoxExW
ArrangeIconicWindows
ToUnicodeEx
CharUpperW
GetKeyboardState
MapVirtualKeyW
CreateAcceleratorTableW
CopyAcceleratorTableW
SetWindowTextW
SetFocus
SubtractRect
GetMessageW
UpdateLayeredWindow
EnumChildWindows
GetWindowTextW
GetDoubleClickTime
IsWindowEnabled
RegisterClipboardFormatW
GetComboBoxInfo
CharUpperBuffW
GetClipboardFormatNameA
GetClipboardFormatNameW
UnpackDDElParam
UnregisterClassW
MessageBoxW
GetWindowThreadProcessId
SetWindowLongW
GetMenuCheckMarkDimensions
CallWindowProcW
MoveWindow
GetWindowTextLengthW
CreateDialogIndirectParamW
EndDialog
GetDlgItem
SetPropW
GetPropW
RemovePropW
InvertRect
DrawStateW
GetDialogBaseUnits
MsgWaitForMultipleObjectsEx
CharNextW
IsDialogMessageW
ClipCursor
InSendMessage
AdjustWindowRectEx
CountClipboardFormats
RegisterClassW
GetClassInfoExW
CreateWindowExW
SetWindowPlacement
GetMenu
SetMenu
TrackPopupMenuEx
ScrollWindow
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
SendDlgItemMessageA
GetMenuBarInfo
ReuseDDElParam
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SetDlgItemInt
GetDlgItemInt
SetDlgItemTextW
GetDlgItemTextW
CheckDlgButton
CheckRadioButton
IsDlgButtonChecked
SendDlgItemMessageW
ScrollWindowEx
RealChildWindowFromPoint
CharToOemBuffA
OemToCharBuffA
SetWindowsHookExW
LoadBitmapW
LoadCursorW
SetLayeredWindowAttributes
GetMonitorInfoW
MonitorFromPoint
SystemParametersInfoW
KillTimer
SetTimer
GetClassInfoW
DefWindowProcW
GetDesktopWindow
GetMenuItemInfoW
GetSubMenu
DestroyMenu
PostThreadMessageW
GetSystemMetrics
TranslateAcceleratorW
LoadAcceleratorsW
GetAsyncKeyState
EmptyClipboard
SetClipboardData
CloseClipboard
WaitMessage
DispatchMessageW
TranslateMessage
EnableWindow
GetFocus
IsChild
TrackPopupMenu
GetIconInfo
CopyImage
LoadImageW
LoadIconW
GetWindowLongW
SetCursor
NotifyWinEvent
CopyIcon
DestroyIcon
GetClassNameW
CopyRect
SetCursorPos
MessageBeep
ReleaseCapture
RegisterWindowMessageW
IsRectEmpty
GetWindowPlacement
ShowWindow
PostMessageW
SendMessageW
SetClassLongW
EqualRect
GetSysColorBrush
GetDlgCtrlID
DeferWindowPos
DrawIconEx
OffsetRect
InflateRect
PtInRect
SetRectEmpty
GetCursorPos
TrackMouseEvent
SetRect
IsWindow
MapVirtualKeyExW
GetKeyNameTextW
IsCharLowerW
PostQuitMessage
PeekMessageW
GetKeyboardLayout
FrameRect
FillRect
DrawFocusRect
GetMenuContextHelpId
SetMenuContextHelpId
ScrollDC
ExcludeUpdateRgn
WindowFromDC
GetMessagePos
GetTabbedTextExtentW
GrayStringW
DrawTextExW
DrawTextW
DrawIcon
SetMenuDefaultItem
GetMenuDefaultItem
SetMenuItemInfoW
InsertMenuItemW
SetMenuItemBitmaps
DeleteMenu
RemoveMenu
LockWindowUpdate
ModifyMenuW
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
EnableMenuItem
CheckMenuItem
CreatePopupMenu
CreateMenu
GetMenuState
GetMenuStringW
LoadMenuIndirectW
LoadMenuW
DrawFrameControl
DrawEdge
MapDialogRect
TabbedTextOutW
DestroyCursor
IsClipboardFormatAvailable
GetClassLongW
EnumDisplayMonitors
GetSysColor
MonitorFromRect
GetParent
DestroyAcceleratorTable
DestroyWindow
IsMenu
IntersectRect
GetWindow
GetKeyState
IsWindowVisible
EndDeferWindowPos
BeginDeferWindowPos
UnionRect
GetWindowRect
RedrawWindow
BringWindowToTop
SetWindowPos
GetMessageTime
CallNextHookEx

gdi32

GetObjectW
GetStockObject
GetSystemPaletteEntries
CreateDIBSection
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CloseMetaFile
CreateMetaFileW
CloseEnhMetaFile
CreateEnhMetaFileW
ExtTextOutW
AnimatePalette
Arc
BitBlt
Chord
CombineRgn
CreateBitmap
CreateBitmapIndirect
CreateBrushIndirect
CreateCompatibleBitmap
CreateDiscardableBitmap
CreateCompatibleDC
CreateDCW
CreateDIBPatternBrushPt
CreateEllipticRgn
CreateEllipticRgnIndirect
CreateFontIndirectW
CreateFontW
CreateHatchBrush
CreateICW
CreatePalette
CreatePen
CreatePenIndirect
CreatePolyPolygonRgn
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
DrawEscape
Ellipse
EnumObjects
EqualRgn
Escape
ExtEscape
ExtCreateRegion
ExtFloodFill
FillRgn
FloodFill
FrameRgn
GetROP2
GetAspectRatioFilterEx
GetBkColor
GetBkMode
GetBitmapBits
GetBitmapDimensionEx
GetBoundsRect
GetBrushOrgEx
GetCharWidthW
GetCharWidthFloatW
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetCurrentObject
GetCurrentPositionEx
GetDeviceCaps
GetFontData
GetGlyphOutlineW
GetGraphicsMode
GetMapMode
GetObjectType
GetNearestPaletteIndex
GetOutlineTextMetricsW
GetPaletteEntries
GetPixel
GetPolyFillMode
GetRegionData
GetRgnBox
GetStretchBltMode
GetTextCharacterExtra
GetTextAlign
GetTextColor
GetTextExtentPoint32W
GetFontLanguageInfo
GetCharacterPlacementW
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
InvertRgn
MaskBlt
PlgBlt
OffsetRgn
PatBlt
Pie
PaintRgn
PolyPolygon
PtInRegion
PtVisible
RectInRegion
RectVisible
Rectangle
ResetDCW
RealizePalette
RoundRect
ResizePalette
SelectObject
SetBitmapBits
SetBoundsRect
SetPaletteEntries
SetPixel
SetPixelV
StretchBlt
SetRectRgn
UpdateColors
PlayEnhMetaFile
GdiComment
GetTextMetricsW
AngleArc
PolyPolyline
GetWorldTransform
GetColorAdjustment
CreateHalftonePalette
StartDocW
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetPath
PathToRegion
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
ExtCreatePen
GetMiterLimit
GetArcDirection
TextOutW
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
PolyBezier
SetBitmapDimensionEx
SetBrushOrgEx
GetTextFaceW
GetKerningPairsW
UnrealizeObject
EnumFontFamiliesExW
DeleteObject
GetNearestColor
GetDIBits
SelectPalette
SetBkColor
SetDIBColorTable
OffsetWindowOrgEx
PolylineTo
PolyBezierTo
SetArcDirection
SelectClipPath
PolyDraw
ArcTo
SetColorAdjustment
ModifyWorldTransform
SetWorldTransform
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
SetTextAlign
SetTextCharacterExtra
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetGraphicsMode
SetMapperFlags
SetBkMode
ExtSelectClipRgn
SelectClipRgn
PlayMetaFile
OffsetClipRgn
LineTo
GetClipRgn
ExcludeClipRect
CopyMetaFileW
ScaleWindowExtEx
SetWindowOrgEx
SetWindowExtEx
SetTextColor
SetMapMode
SaveDC
RestoreDC
IntersectClipRect
GetTextExtentPointW
ScaleViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetViewportExtEx
MoveToEx
GetClipBox
DeleteMetaFile
StretchDIBits
DeleteDC

ole32

OleDraw
OleRegEnumVerbs
OleRegGetMiscStatus
CoDisconnectObject
CoRegisterMessageFilter
SetConvertStg
OleDuplicateData
WriteFmtUserTypeStg
CoTreatAsClass
WriteClassStg
GetRunningObjectTable
IsAccelerator
OleTranslateAccelerator
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoRevokeClassObject
CoRegisterClassObject
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
DoDragDrop
OleLoad
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
CoGetMalloc
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
OleGetClipboard
OleRegGetUserType
ReadClassStg
CreateFileMoniker
GetClassFile
CreateBindCtx
OleRun
OleQueryCreateFromData
OleQueryLinkFromData
OleSetMenuDescriptor
GetHGlobalFromILockBytes
OleGetIconOfClass
OleLockRunning
OleIsRunning
OleSetContainedObject
OleSave
OleCreateFromFile
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateLinkFromData
CoCreateInstance
CoCreateGuid
CoTaskMemFree
PropVariantClear
CoUninitialize
CoInitialize
CreateStreamOnHGlobal
StringFromGUID2
CoTaskMemAlloc
CreateDataCache
CreateDataAdviseHolder
ReleaseStgMedium
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CreateOleAdviseHolder
OleSaveToStream
ReadClassStm
StgCreateDocfileOnILockBytes
OleLoadFromStream
CreateILockBytesOnHGlobal
ReadFmtUserTypeStg
CoGetClassObject
CoInitializeEx
PropVariantCopy
CLSIDFromString
CLSIDFromProgID
StgOpenStorageOnILockBytes
StringFromCLSID
StgIsStorageILockBytes
CreateGenericComposite
CreateItemMoniker
WriteClassStm
OleCreate
OleCreateFromData

oleaut32

SysAllocString
SysFreeString
SysStringLen
VariantClear
VariantChangeType
SystemTimeToVariantTime
VariantTimeToSystemTime
VarBstrFromDate
OleCreatePropertyFrame
OleTranslateColor
OleCreateFontIndirect
OleCreatePictureIndirect
OleLoadPicture
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
VariantInit
VariantCopy
VarBstrCmp
DispCallFunc
SafeArrayDestroy
SysStringByteLen
SafeArrayGetDim
SafeArrayGetElemsize
SysReAllocStringLen
SysAllocStringByteLen
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayRedim
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
SafeArrayCreateVector
VarParseNumFromStr
SysAllocStringLen

shlwapi

SHStrDupW
PathFindExtensionW
PathFindFileNameW
PathRemoveExtensionW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
UrlUnescapeW
StrFormatKBSizeW

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

uxtheme

IsAppThemed
GetWindowTheme
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
DrawThemeText
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground

Sections

.text
Size: 6.5MB - Virtual size: 6.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 306KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
КОНТРОЛЬ-ПВР Менеджер/ucrtbased.dll
.dll windows:10 windows x86 arch:x86

cd42ec775c91efd2367fa09fef65a372

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

ucrtbased.pdb

Imports

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
GetStringTypeW
WideCharToMultiByte
CompareStringW

api-ms-win-core-errorhandling-l1-1-0

SetErrorMode
RaiseException
UnhandledExceptionFilter
GetLastError
SetLastError
SetUnhandledExceptionFilter

api-ms-win-core-file-l1-1-0

GetFullPathNameA
FlushFileBuffers
CreateFileW
GetDriveTypeW
DeleteFileW
RemoveDirectoryW
GetFullPathNameW
LockFileEx
FindFirstFileExA
ReadFile
CreateDirectoryW
SetFileAttributesW
GetDiskFreeSpaceW
GetLogicalDrives
WriteFile
FindNextFileA
FindNextFileW
FindFirstFileExW
FindClose
GetFileAttributesExW
UnlockFileEx
GetFileType
SetFileTime
SetFilePointerEx
SetEndOfFile

api-ms-win-core-timezone-l1-1-0

GetTimeZoneInformation
SystemTimeToFileTime
FileTimeToSystemTime
TzSpecificLocalTimeToSystemTime
SystemTimeToTzSpecificLocalTime

api-ms-win-core-handle-l1-1-0

CloseHandle
DuplicateHandle

api-ms-win-core-namedpipe-l1-1-0

PeekNamedPipe
CreatePipe

api-ms-win-core-file-l2-1-0

MoveFileExW

api-ms-win-core-heap-l1-1-0

HeapFree
GetProcessHeap
HeapSize
HeapReAlloc
HeapCompact
HeapWalk
HeapValidate
HeapAlloc
HeapQueryInformation

api-ms-win-core-sysinfo-l1-1-0

GetSystemInfo
SetLocalTime
GetTickCount
GetLocalTime
GetSystemTimeAsFileTime

api-ms-win-core-libraryloader-l1-1-0

LoadLibraryExA
LoadLibraryExW
FreeLibrary
GetModuleFileNameW
GetProcAddress
GetModuleHandleW
FreeLibraryAndExitThread
GetModuleHandleExW
GetModuleFileNameA

api-ms-win-core-synch-l1-1-0

LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
TlsAlloc
CreateProcessW
CreateProcessA
TlsGetValue
TlsSetValue
TlsFree
TerminateProcess
GetCurrentThread
GetCurrentProcessId
GetExitCodeProcess
GetCurrentThreadId
CreateThread
GetStartupInfoW
ExitProcess
ResumeThread
ExitThread

api-ms-win-core-processenvironment-l1-1-0

GetStdHandle
GetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryA
GetCommandLineA
SetStdHandle
SetEnvironmentVariableA
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW

api-ms-win-core-datetime-l1-1-0

GetTimeFormatW
GetDateFormatW

api-ms-win-core-localization-l1-2-0

GetLocaleInfoW
GetCPInfo
EnumSystemLocalesW
IsValidCodePage
GetUserDefaultLCID
IsValidLocale
GetACP
GetOEMCP
LCMapStringW

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-console-l1-1-0

WriteConsoleW
ReadConsoleW
SetConsoleMode
GetNumberOfConsoleInputEvents
ReadConsoleInputA
PeekConsoleInputA
ReadConsoleInputW
GetConsoleCP
SetConsoleCtrlHandler
GetConsoleMode

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW
OutputDebugStringA

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-memory-l1-1-0

VirtualQuery
VirtualProtect
VirtualAlloc

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer
Beep

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlUnwind

api-ms-win-core-interlocked-l1-1-0

InterlockedFlushSList
InterlockedPushEntrySList

Exports

Exports

_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_Cbuild
_Cmulcc
_Cmulcr
_CreateFrameInfo
_CrtCheckMemory
_CrtDbgReport
_CrtDbgReportW
_CrtDoForAllClientObjects
_CrtDumpMemoryLeaks
_CrtGetAllocHook
_CrtGetDebugFillThreshold
_CrtGetDumpClient
_CrtGetReportHook
_CrtIsMemoryBlock
_CrtIsValidHeapPointer
_CrtIsValidPointer
_CrtMemCheckpoint
_CrtMemDifference
_CrtMemDumpAllObjectsSince
_CrtMemDumpStatistics
_CrtReportBlockType
_CrtSetAllocHook
_CrtSetBreakAlloc
_CrtSetDbgBlockType
_CrtSetDbgFlag
_CrtSetDebugFillThreshold
_CrtSetDumpClient
_CrtSetReportFile
_CrtSetReportHook
_CrtSetReportHook2
_CrtSetReportHookW2
_CrtSetReportMode
_CxxThrowException
_EH_prolog
_Exit
_FCbuild
_FCmulcc
_FCmulcr
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_IsExceptionObjectToBeDestroyed
_LCbuild
_LCmulcc
_LCmulcr
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_SetWinRTOutOfMemoryExceptionCallback
_Strftime
_VCrtDbgReportA
_VCrtDbgReportW
_W_Getdays
_W_Getmonths
_W_Gettnames
_Wcsftime
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
___lc_codepage_func
___lc_collate_cp_func
___lc_locale_name_func
___mb_cur_max_func
___mb_cur_max_l_func
__acrt_iob_func
__conio_common_vcprintf
__conio_common_vcprintf_p
__conio_common_vcprintf_s
__conio_common_vcscanf
__conio_common_vcwprintf
__conio_common_vcwprintf_p
__conio_common_vcwprintf_s
__conio_common_vcwscanf
__control87_2
__current_exception
__current_exception_context
__daylight
__dcrt_get_wide_environment_from_os
__dcrt_initial_narrow_environment
__doserrno
__dstbias
__fpe_flt_rounds
__fpecode
__initialize_lconv_for_unsigned_char
__intrinsic_abnormal_termination
__intrinsic_setjmp
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__p___argc
__p___argv
__p___wargv
__p__acmdln
__p__commode
__p__crtBreakAlloc
__p__crtDbgFlag
__p__environ
__p__fmode
__p__mbcasemap
__p__mbctype
__p__pgmptr
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__processing_throw
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__setusermatherr
__std_exception_copy
__std_exception_destroy
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__stdio_common_vfprintf
__stdio_common_vfprintf_p
__stdio_common_vfprintf_s
__stdio_common_vfscanf
__stdio_common_vfwprintf
__stdio_common_vfwprintf_p
__stdio_common_vfwprintf_s
__stdio_common_vfwscanf
__stdio_common_vsnprintf_s
__stdio_common_vsnwprintf_s
__stdio_common_vsprintf
__stdio_common_vsprintf_p
__stdio_common_vsprintf_s
__stdio_common_vsscanf
__stdio_common_vswprintf
__stdio_common_vswprintf_p
__stdio_common_vswprintf_s
__stdio_common_vswscanf
__strncnt
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__uncaught_exception
__wcserror
__wcserror_s
__wcsncnt
_abs64
_access
_access_s
_aligned_free
_aligned_free_dbg
_aligned_malloc
_aligned_malloc_dbg
_aligned_msize
_aligned_msize_dbg
_aligned_offset_malloc
_aligned_offset_malloc_dbg
_aligned_offset_realloc
_aligned_offset_realloc_dbg
_aligned_offset_recalloc
_aligned_offset_recalloc_dbg
_aligned_realloc
_aligned_realloc_dbg
_aligned_recalloc
_aligned_recalloc_dbg
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_atoll_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_base
_calloc_dbg
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chgsignf
_chkesp
_chmod
_chsize
_chsize_s
_chvalidator
_chvalidator_l
_clearfp
_close
_commit
_configthreadlocale
_configure_narrow_argv
_configure_wide_argv
_control87
_controlfp
_controlfp_s
_copysign
_copysignf
_cputs
_cputws
_creat
_create_locale
_crt_at_quick_exit
_crt_atexit
_crt_debugger_hook
_ctime32
_ctime32_s
_ctime64
_ctime64_s
_cwait
_d_int
_dclass
_dexp
_difftime32
_difftime64
_dlog
_dnorm
_dpcomp
_dpoly
_dscale
_dsign
_dsin
_dtest
_dunscale
_dup
_dup2
_dupenv_s
_dupenv_s_dbg
_ecvt
_ecvt_s
_endthread
_endthreadex
_eof
_errno
_except1
_except_handler2
_except_handler3
_except_handler4_common
_execl
_execle
_execlp
_execlpe
_execute_onexit_table
_execv
_execve
_execvp
_execvpe
_exit
_expand
_expand_dbg
_fclose_nolock
_fcloseall
_fcvt
_fcvt_s
_fd_int
_fdclass
_fdexp
_fdlog
_fdnorm
_fdopen
_fdpcomp
_fdpoly
_fdscale
_fdsign
_fdsin
_fdtest
_fdunscale
_fflush_nolock
_fgetc_nolock
_fgetchar
_fgetwc_nolock
_fgetwchar
_filelength
_filelengthi64
_fileno
_findclose
_findfirst32
_findfirst32i64
_findfirst64
_findfirst64i32
_findnext32
_findnext32i64
_findnext64
_findnext64i32
_finite
_flushall
_fpclass
_fpieee_flt
_fpreset
_fputc_nolock
_fputchar
_fputwc_nolock
_fputwchar
_fread_nolock
_fread_nolock_s
_free_base
_free_dbg
_free_locale
_fseek_nolock
_fseeki64
_fseeki64_nolock
_fsopen
_fstat32
_fstat32i64
_fstat64
_fstat64i32
_ftell_nolock
_ftelli64
_ftelli64_nolock
_ftime32
_ftime32_s
_ftime64
_ftime64_s
_ftol
_fullpath
_fullpath_dbg
_futime32
_futime64
_fwrite_nolock
_gcvt
_gcvt_s
_get_current_locale
_get_daylight
_get_doserrno
_get_dstbias
_get_errno
_get_fmode
_get_heap_handle
_get_initial_narrow_environment
_get_initial_wide_environment
_get_invalid_parameter_handler
_get_narrow_winmain_command_line
_get_osfhandle
_get_pgmptr
_get_printf_count_output
_get_purecall_handler
_get_stream_buffer_pointers
_get_terminate
_get_thread_local_invalid_parameter_handler
_get_timezone
_get_tzname
_get_unexpected
_get_wide_winmain_command_line
_get_wpgmptr
_getc_nolock
_getch
_getch_nolock
_getche
_getche_nolock
_getcwd
_getcwd_dbg
_getdcwd
_getdcwd_dbg
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getwc_nolock
_getwch
_getwch_nolock
_getwche
_getwche_nolock
_getws
_getws_s
_global_unwind2
_gmtime32
_gmtime32_s
_gmtime64
_gmtime64_s
_heapchk
_heapmin
_heapwalk
_hypot
_hypotf
_i64toa
_i64toa_s
_i64tow
_i64tow_s
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_initterm_e
_invalid_parameter
_invalid_parameter_noinfo
_invalid_parameter_noinfo_noreturn
_invoke_watson
_is_exception_typeof
_isalnum_l
_isalpha_l
_isatty
_isblank_l
_iscntrl_l
_isctype
_isctype_l
_isdigit_l
_isgraph_l
_isleadbyte_l
_islower_l
_ismbbalnum
_ismbbalnum_l
_ismbbalpha
_ismbbalpha_l
_ismbbblank
_ismbbblank_l
_ismbbgraph
_ismbbgraph_l
_ismbbkalnum
_ismbbkalnum_l
_ismbbkana
_ismbbkana_l
_ismbbkprint
_ismbbkprint_l
_ismbbkpunct
_ismbbkpunct_l
_ismbblead
_ismbblead_l
_ismbbprint
_ismbbprint_l
_ismbbpunct

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
КОНТРОЛЬ-ПВР Менеджер/vcruntime140.dll
.dll windows:6 windows x86 arch:x86

b1497ec17e3cfac16846155a7a629324

Code Sign

33:00:00:00:98:04:58:cb:7f:23:09:b0:9e:00:00:00:00:00:98
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

30/03/2016, 19:21

Not After

30/06/2017, 19:21

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7AFA-E41C-E142,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:40:96:a9:ee:70:56:fe:cc:07:00:01:00:00:01:40
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/08/2016, 20:17

Not After

02/11/2017, 20:17

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:64:47:84:94:86:db:41:19:38:00:00:00:00:00:64
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

28/10/2015, 20:31

Not After

28/01/2017, 20:31

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d8:63:b3:02:d4:08:3a:c4:13:00:6b:ac:a4:71:49:c8:4e:fe:98:40:25:23:e2:76:18:7a:39:b7:ac:22:c7:90
Signer

Actual PE Digest

d8:63:b3:02:d4:08:3a:c4:13:00:6b:ac:a4:71:49:c8:4e:fe:98:40:25:23:e2:76:18:7a:39:b7:ac:22:c7:90

Digest Algorithm

sha256

PE Digest Matches

true

7b:5f:ac:63:18:76:b7:8e:01:d6:2e:ae:c4:66:6e:e4:8d:52:1a:b5
Signer

Actual PE Digest

7b:5f:ac:63:18:76:b7:8e:01:d6:2e:ae:c4:66:6e:e4:8d:52:1a:b5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

vcruntime140.i386.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-string-l1-1-0

strcpy_s

api-ms-win-crt-heap-l1-1-0

malloc
_free_base
free
_malloc_base
_calloc_base

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s

api-ms-win-crt-convert-l1-1-0

atol

kernel32

DeleteCriticalSection
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
GetModuleHandleW
GetModuleFileNameW
LoadLibraryExW
TlsFree
TlsGetValue
RtlUnwind
VirtualQuery
EncodePointer
InterlockedFlushSList
InterlockedPushEntrySList
RaiseException
EnterCriticalSection
LeaveCriticalSection
SetLastError
GetLastError
TlsSetValue
InitializeCriticalSectionAndSpinCount
TlsAlloc
GetProcAddress
FreeLibrary

Exports

Exports

_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__intrinsic_setjmp
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_InitializeCriticalSectionEx
__vcrt_LoadLibraryExW
_chkesp
_except_handler2
_except_handler3
_except_handler4_common
_get_purecall_handler
_get_unexpected
_global_unwind2
_is_exception_typeof
_local_unwind2
_local_unwind4
_longjmpex
_purecall
_seh_longjmp_unwind
_seh_longjmp_unwind4
_set_purecall_handler
_set_se_translator
_setjmp3
longjmp
memchr
memcmp
memcpy
memmove
memset
set_unexpected
strchr
strrchr
strstr
unexpected
wcschr
wcsrchr
wcsstr

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
КОНТРОЛЬ-ПВР Менеджер/vcruntime140d.dll
.dll windows:6 windows x86 arch:x86

b1497ec17e3cfac16846155a7a629324

Code Sign

33:00:00:00:98:04:58:cb:7f:23:09:b0:9e:00:00:00:00:00:98
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

30/03/2016, 19:21

Not After

30/06/2017, 19:21

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7AFA-E41C-E142,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:40:96:a9:ee:70:56:fe:cc:07:00:01:00:00:01:40
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/08/2016, 20:17

Not After

02/11/2017, 20:17

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:64:47:84:94:86:db:41:19:38:00:00:00:00:00:64
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

28/10/2015, 20:31

Not After

28/01/2017, 20:31

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d8:63:b3:02:d4:08:3a:c4:13:00:6b:ac:a4:71:49:c8:4e:fe:98:40:25:23:e2:76:18:7a:39:b7:ac:22:c7:90
Signer

Actual PE Digest

d8:63:b3:02:d4:08:3a:c4:13:00:6b:ac:a4:71:49:c8:4e:fe:98:40:25:23:e2:76:18:7a:39:b7:ac:22:c7:90

Digest Algorithm

sha256

PE Digest Matches

true

7b:5f:ac:63:18:76:b7:8e:01:d6:2e:ae:c4:66:6e:e4:8d:52:1a:b5
Signer

Actual PE Digest

7b:5f:ac:63:18:76:b7:8e:01:d6:2e:ae:c4:66:6e:e4:8d:52:1a:b5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

vcruntime140.i386.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-string-l1-1-0

strcpy_s

api-ms-win-crt-heap-l1-1-0

malloc
_free_base
free
_malloc_base
_calloc_base

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s

api-ms-win-crt-convert-l1-1-0

atol

kernel32

DeleteCriticalSection
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
GetModuleHandleW
GetModuleFileNameW
LoadLibraryExW
TlsFree
TlsGetValue
RtlUnwind
VirtualQuery
EncodePointer
InterlockedFlushSList
InterlockedPushEntrySList
RaiseException
EnterCriticalSection
LeaveCriticalSection
SetLastError
GetLastError
TlsSetValue
InitializeCriticalSectionAndSpinCount
TlsAlloc
GetProcAddress
FreeLibrary

Exports

Exports

_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__intrinsic_setjmp
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_InitializeCriticalSectionEx
__vcrt_LoadLibraryExW
_chkesp
_except_handler2
_except_handler3
_except_handler4_common
_get_purecall_handler
_get_unexpected
_global_unwind2
_is_exception_typeof
_local_unwind2
_local_unwind4
_longjmpex
_purecall
_seh_longjmp_unwind
_seh_longjmp_unwind4
_set_purecall_handler
_set_se_translator
_setjmp3
longjmp
memchr
memcmp
memcpy
memmove
memset
set_unexpected
strchr
strrchr
strstr
unexpected
wcschr
wcsrchr
wcsstr

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
КОНТРОЛЬ-ПВР Менеджер/КОНТРОЛЬ-ПВР Менеджер.exe
.exe windows:6 windows x86 arch:x86

a7bddc681a7341443c35d983bf89069f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\camera manager sdk\eeyelog_pc\eylog_pro\Release\eylog_pro.pdb

Imports

mfc140u

ord3852
ord6349
ord14668
ord6350
ord14669
ord6348
ord14667
ord8000
ord12531
ord14466
ord11983
ord11982
ord2034
ord7941
ord12947
ord4090
ord4152
ord9398
ord14595
ord4948
ord14589
ord12542
ord12541
ord2486
ord5357
ord8324
ord12865
ord8386
ord8470
ord2409
ord4966
ord4960
ord4954
ord5013
ord4997
ord4942
ord5019
ord4974
ord4912
ord4927
ord4988
ord4502
ord5918
ord4494
ord3055
ord14590
ord12262
ord14596
ord6877
ord12131
ord13703
ord5935
ord2682
ord12124
ord3941
ord3372
ord3371
ord3265
ord12168
ord5249
ord5549
ord5760
ord9350
ord5525
ord5790
ord5252
ord5411
ord5228
ord7722
ord7723
ord7712
ord5409
ord8219
ord10255
ord9210
ord4092
ord12559
ord5427
ord11015
ord3833
ord14137
ord5422
ord13473
ord5109
ord8464
ord4885
ord10472
ord7495
ord1113
ord6489
ord6566
ord3882
ord12239
ord12247
ord4589
ord8217
ord10433
ord12251
ord12219
ord12928
ord5763
ord10250
ord9209
ord6860
ord13911
ord7313
ord13442
ord952
ord1511
ord2205
ord7997
ord1472
ord995
ord7653
ord10379
ord286
ord9693
ord4477
ord296
ord1045
ord4815
ord2304
ord1111
ord462
ord12258
ord9040
ord11396
ord3404
ord3403
ord1722
ord3164
ord6218
ord1744
ord13752
ord3305
ord3302
ord8210
ord2760
ord14785
ord10285
ord10287
ord10286
ord10284
ord10288
ord1770
ord1756
ord5652
ord11725
ord11726
ord9139
ord12089
ord3838
ord11936
ord14588
ord8965
ord12173
ord6978
ord11002
ord9235
ord1777
ord3266
ord11717
ord4936
ord13878
ord7923
ord5003
ord7109
ord7922
ord2246
ord1513

kernel32

GetCurrentThreadId
MultiByteToWideChar
WritePrivateProfileStringW
WideCharToMultiByte
OutputDebugStringW
InitializeCriticalSectionEx
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
CreateEventW
CloseHandle
GetProcAddress
GetModuleHandleW
GetLastError

user32

SetWindowsHookExW
SetDlgItemTextW
UnhookWindowsHookEx
SendMessageW
GetSystemMenu
EnableWindow
MessageBoxExW
AppendMenuW

comctl32

InitCommonControlsEx

h22_4g_pc

Init_Device
Eylog_Login
Eylog_Get4GDevOrNot
Eylog_Customized_Command
Eylog_SN_Info
ReadDeviceBatteryDumpEnergy
Eylog_FormatTFCard
Eylog_ChangePsw
Eylog_GetPsw
Eylog_SetMenuConfig
Eylog_SetDefault
SetMSDC
SyncDevTime
Eylog_SetNetConfig
Eylog_ApnPsw
Eylog_ApnUser
WriteZFYInfo
ReadDeviceResolution
Eylog_GetMenuConfig
Eylog_GetTFVol
Eylog_GetNetConfig
Eylog_GetFwVersion
GetZFYInfo

libusb0

usb_find_busses
usb_find_devices
usb_get_busses
usb_init

vcruntime140

memset
__current_exception
__CxxFrameHandler3
_except_handler4_common
__current_exception_context
memcpy

api-ms-win-crt-stdio-l1-1-0

__p__commode
__stdio_common_vfprintf
__acrt_iob_func
_set_fmode

api-ms-win-crt-string-l1-1-0

strcpy_s

api-ms-win-crt-heap-l1-1-0

_set_new_mode
free

api-ms-win-crt-runtime-l1-1-0

_c_exit
_seh_filter_exe
_controlfp_s
terminate
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_set_app_type
_register_thread_local_exe_atexit_callback
_get_wide_winmain_command_line
_cexit
_configure_wide_argv
_exit
exit
_initterm_e
_initterm
_initialize_wide_environment

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5f025c9f994d13a5ee1c8be4662e268

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

libusb0

vcruntime140d

ucrtbased

Exports

Exports

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 34KB - Virtual size: 34KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 512B - Virtual size: 2KB

.idata Size: 3KB - Virtual size: 2KB

.msvcjmc Size: 512B - Virtual size: 401B

.00cfg Size: 512B - Virtual size: 270B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

2d730aa2a51fec98a36ee74ee789fbd6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

setupapi

kernel32

advapi32

user32

gdi32

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 50KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 904B

.reloc Size: 4KB - Virtual size: 3KB

ab78d2feb08224c12eb0e0e486ef230f

Code Sign

33:00:00:00:6f:65:2d:58:6d:07:11:46:28:00:00:00:00:00:6fCertificate

Extended Key Usages

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0aCertificate

Extended Key Usages

61:33:26:1a:00:00:00:00:00:31Certificate

Key Usages

61:16:68:34:00:00:00:00:00:1cCertificate

Extended Key Usages

Key Usages

33:00:00:00:38:8d:23:6d:16:27:a3:26:e0:00:00:00:00:00:38Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

11:89:f7:76:aa:51:ad:1f:8f:84:0b:e4:48:f2:a4:a4:d1:2b:c1:27:a4:f0:28:4c:c2:88:7f:ab:5e:41:33:67Signer

55:42:74:e0:89:44:3d:ce:09:7a:f7:a7:d0:a9:3c:42:4e:5f:18:d7Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

.textbss
Size: - Virtual size: 64KB

.text
Size: 34KB - Virtual size: 34KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 2KB

.idata
Size: 3KB - Virtual size: 2KB

.msvcjmc
Size: 512B - Virtual size: 401B

.00cfg
Size: 512B - Virtual size: 270B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 51KB - Virtual size: 50KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 4KB - Virtual size: 3KB

33:00:00:00:6f:65:2d:58:6d:07:11:46:28:00:00:00:00:00:6f
Certificate

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

61:33:26:1a:00:00:00:00:00:31
Certificate

61:16:68:34:00:00:00:00:00:1c
Certificate

33:00:00:00:38:8d:23:6d:16:27:a3:26:e0:00:00:00:00:00:38
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

11:89:f7:76:aa:51:ad:1f:8f:84:0b:e4:48:f2:a4:a4:d1:2b:c1:27:a4:f0:28:4c:c2:88:7f:ab:5e:41:33:67
Signer

55:42:74:e0:89:44:3d:ce:09:7a:f7:a7:d0:a9:3c:42:4e:5f:18:d7
Signer

.text
Size: 2.6MB - Virtual size: 2.6MB

.data
Size: 55KB - Virtual size: 57KB

.idata
Size: 21KB - Virtual size: 20KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 195KB - Virtual size: 195KB

33:00:00:00:9d:42:68:ee:31:1c:d7:56:bd:00:00:00:00:00:9d
Certificate

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

61:33:26:1a:00:00:00:00:00:31
Certificate

61:16:68:34:00:00:00:00:00:1c
Certificate

33:00:00:00:64:47:84:94:86:db:41:19:38:00:00:00:00:00:64
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

b0:fb:8f:b8:1f:ce:a2:50:b7:69:dd:7e:e1:ab:99:4b:c0:6f:ac:48:78:9d:7f:4e:ad:27:d1:59:54:d5:55:5f
Signer

0c:bb:ff:34:a5:a9:8b:91:18:22:81:d5:97:db:c3:9c:cb:cb:92:a4
Signer

.text
Size: 6.5MB - Virtual size: 6.5MB

.data
Size: 40KB - Virtual size: 74KB

.idata
Size: 24KB - Virtual size: 23KB

.didat
Size: 1024B - Virtual size: 712B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 306KB - Virtual size: 306KB