eb0a8fe057dc37399a17b95c17b2bfa4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eb0a8fe057dc37399a17b95c17b2bfa4_JaffaCakes118
Size

6.6MB
MD5

eb0a8fe057dc37399a17b95c17b2bfa4
SHA1

ff87017c915aa54ac248f50f38f90f929598b99c
SHA256

33d4427f3379c0132258f094d81b1776e4f6318f2abf68cdd58ea8bfd7821389
SHA512

40eddbc43a0b5b58ffe5bd13fbf18cb54be68e3e2bd4572f8bbce1571f5c10747b510a5f3572dbe3e3401fa97f82cc42d0882eb37aa152e88a642bc25931cf16
SSDEEP

196608:QZD6S/bkSHJ4ehIhWZsI6jeKyclJDuhGL:EDDbkeM4ZsnCKybGL

Score

3^/10

Malware Config

Signatures

Unsigned PE 13 IoCs

Checks for missing Authenticode signature.

resource
unpack002/$PLUGINSDIR/AdvSplash.dll
unpack002/$PLUGINSDIR/AlwaysOnTop.dll
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/NSISAutoSetupPlugin.dll
unpack002/$PLUGINSDIR/UserInfo.dll
unpack002/$TEMP/NSISPromotionEx.dll
unpack002/GomWiz.exe
unpack002/GomX.dll
unpack002/GomX2.dll
unpack002/GomX3.dll
unpack002/GrLauncher.exe
unpack002/KillGom.exe
unpack002/libavcodec.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
static1/unpack001/GOMPLAYERCN.2.1.33.5071.EXE	nsis_installer_1
static1/unpack001/GOMPLAYERCN.2.1.33.5071.EXE	nsis_installer_2

Files

eb0a8fe057dc37399a17b95c17b2bfa4_JaffaCakes118
.rar
GOMPLAYERCN.2.1.33.5071.EXE
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Code Sign

3c:91:31:cb:1f:f6:d0:1b:0e:9a:b8:d0:44:bf:12:be
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

02/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

14:72:bf:53:17:e0:96:5c:87:9e:f9:89:eb:68:64:ad
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

01/04/2011, 00:00

Not After

31/03/2012, 23:59

Subject

CN=GRETECH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=GRETECH,L=Gangnam-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/AdvSplash.dll
.dll windows:4 windows x86 arch:x86

d347bd7fee30a85a5438127ef69a20d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

PlaySoundA
timeSetEvent
timeKillEvent

kernel32

GetVersion
lstrcpynA
GlobalAlloc
GetProcAddress
GetModuleHandleA
lstrcatA
GlobalFree
lstrcpyA

user32

GetClientRect
EndPaint
DefWindowProcA
DestroyWindow
SetWindowRgn
wsprintfA
SystemParametersInfoA
DispatchMessageA
GetMessageA
IsWindow
CreateWindowExA
LoadImageA
RegisterClassA
LoadCursorA
EnumDisplaySettingsA
SetWindowLongA
SetWindowPos
InvalidateRect
PostMessageA
UnregisterClassA
BeginPaint

gdi32

GetObjectA
GetDIBits
CreateRectRgn
DeleteObject
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
CombineRgn

Exports

Exports

show

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 442B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/AlwaysOnTop.dll
.dll windows:4 windows x86 arch:x86

c56daabd0b59e7a0804d633593e01907

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SetWindowPos

Exports

Exports

SetAlwaysOnTop
SetNoAlwaysOnTop

Sections

.text
Size: 512B - Virtual size: 102B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/NSISAutoSetupPlugin.dll
.dll windows:4 windows x86 arch:x86

d0d278fb6cea268ff7b5e239775d5bc7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

RegisterClassExA
SetTimer
CreateWindowExA
PostQuitMessage
PostMessageA
IsWindowEnabled
GetDlgItem
DefWindowProcA

Exports

Exports

StartAutoSetup

Sections

.text
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 361B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

afa8e526425f3585465337467d0b5909

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetCurrentThread
lstrcpynA
GetCurrentProcess
GetModuleHandleA
GetProcAddress
GetLastError
GlobalFree
CloseHandle
GlobalAlloc

advapi32

OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetUserNameA
OpenThreadToken

Exports

Exports

GetAccountType
GetName
GetOriginalAccountType

Sections

.text
Size: 1024B - Virtual size: 741B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 673B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 190B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$TEMP/ExPromo.exe
.exe windows:5 windows x86 arch:x86

34bcee7de0ea3ab697bc4ae16c385cba

Code Sign

3c:91:31:cb:1f:f6:d0:1b:0e:9a:b8:d0:44:bf:12:be
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

02/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

14:72:bf:53:17:e0:96:5c:87:9e:f9:89:eb:68:64:ad
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

01/04/2011, 00:00

Not After

31/03/2012, 23:59

Subject

CN=GRETECH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=GRETECH,L=Gangnam-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\새 폴더\ExPromo-Ex\URelease\ExPromo.pdb

Imports

kernel32

SetErrorMode
GetStartupInfoW
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
HeapReAlloc
ExitThread
CreateThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
RaiseException
ExitProcess
HeapSize
SetStdHandle
GetFileType
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalReAlloc
TlsGetValue
GlobalFlags
lstrlenA
LocalAlloc
GetModuleHandleA
GetCurrentProcessId
ResumeThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
InterlockedExchange
FormatMessageW
LocalFree
MulDiv
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryA
lstrcmpW
GetModuleHandleW
GetVersionExA
FreeResource
InterlockedDecrement
InterlockedIncrement
WriteFile
SetThreadPriority
Sleep
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcess
GetCurrentThread
lstrcpynW
CreateProcessW
CompareStringW
FreeLibrary
GetProcAddress
LoadLibraryW
SetLastError
GetVersionExW
GlobalHandle
GlobalUnlock
GlobalAlloc
GlobalLock
GetCommandLineW
GetModuleFileNameW
WritePrivateProfileStringW
GetTickCount
GetTempPathW
CreateDirectoryW
GlobalFree
GetFileAttributesW
GetLastError
GetFileSize
CloseHandle
ReadFile
SetFilePointer
CreateFileW
WideCharToMultiByte
lstrlenW
TerminateProcess
WaitForSingleObject
MultiByteToWideChar
lstrcatW
GetCurrentThreadId
DeleteFileW
FindResourceW
LoadResource
LockResource
SizeofResource

user32

GetSysColorBrush
EndPaint
BeginPaint
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetCursor
GetMessageW
ValidateRect
DestroyMenu
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
EnableMenuItem
CheckMenuItem
ShowWindow
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
GetFocus
SetFocus
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
SetMenu
IsWindowVisible
UpdateWindow
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
PtInRect
GetDlgCtrlID
DefWindowProcW
GetMenu
SystemParametersInfoA
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
CallWindowProcW
RemovePropW
GetPropW
SetPropW
GetParent
SetWindowLongW
GetWindowTextW
ClientToScreen
UnregisterClassW
GetWindowPlacement
SetWindowPos
GetWindowLongW
MoveWindow
GetWindowRect
CopyRect
DestroyIcon
GetCursorPos
DispatchMessageW
TranslateMessage
PeekMessageW
PostMessageW
DrawMenuBar
ModifyMenuW
GetSubMenu
LoadMenuW
SetForegroundWindow
BringWindowToTop
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
LoadCursorW
FindWindowW
DrawIcon
GetClientRect
GetSystemMetrics
SendMessageW
IsIconic
LoadIconW
RegisterWindowMessageW
EnableWindow
TrackPopupMenu

gdi32

DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutW
RectVisible
PtVisible
GetStockObject
SetMapMode
RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
GetObjectW
SetTextColor
GetClipBox
DeleteObject
SelectObject
ExtTextOutW
SetBkColor

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegSetValueExW
RegCloseKey
RegQueryValueExW

shell32

SHGetSpecialFolderPathW
ShellExecuteW
Shell_NotifyIconW
ShellExecuteExW

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
UrlUnescapeW
PathFindExtensionW

ole32

CoUninitialize
CoInitialize
CoTaskMemFree
OleCreate
OleSetContainedObject

oleaut32

SysAllocString
SysFreeString
VariantInit
VariantClear
VariantChangeType

wininet

InternetCrackUrlW
InternetCanonicalizeUrlW
InternetOpenW
InternetSetOptionW
InternetOpenUrlW
HttpQueryInfoW
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/NSISPromotionEx.dll
.dll windows:5 windows x86 arch:x86

7128711d4282bd92b72b2955c09982c4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\VersionManagement\SVN_Root\GOMDev\NSIS\NSISPromotionEx\Release\NSISPromotionEx.pdb

Imports

kernel32

FreeResource
SizeofResource
WriteFile
GetFileAttributesW
CreateDirectoryW
GetTickCount
GetFileSize
GetPrivateProfileStringA
WritePrivateProfileStringW
GetVersionExW
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetThreadPriority
GetCurrentThread
InterlockedIncrement
InterlockedDecrement
GetModuleHandleW
IsBadStringPtrW
IsBadReadPtr
IsBadWritePtr
GlobalUnlock
GlobalLock
CreateFileA
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringA
LoadLibraryA
LockResource
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
GetModuleHandleA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
IsValidCodePage
GetOEMCP
GetCPInfo
GetModuleFileNameA
HeapDestroy
HeapCreate
HeapReAlloc
VirtualAlloc
VirtualFree
ExitProcess
HeapSize
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
RtlUnwind
LoadResource
FindResourceW
GetTempFileNameW
GetTempPathW
RaiseException
GetCommandLineA
GetCurrentThreadId
CreateThread
ResumeThread
ExitThread
HeapFree
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
lstrcatW
GetPrivateProfileIntW
GetExitCodeProcess
GetLastError
GetSystemDefaultUILanguage
MulDiv
Sleep
ReadFile
SetFilePointer
CreateFileW
FreeLibrary
GetProcAddress
LoadLibraryW
WideCharToMultiByte
lstrlenW
DeleteFileW
GetPrivateProfileStringW
GetModuleFileNameW
WaitForSingleObject
CloseHandle
CreateProcessW
GetACP
GetVersion
MultiByteToWideChar
lstrlenA
lstrcpyA
GlobalFree
GlobalAlloc
FlushFileBuffers
lstrcpynA

user32

SetWindowTextW
GetDlgItem
MoveWindow
ScreenToClient
EndDialog
ShowWindow
SendMessageW
GetDC
InvalidateRect
GetSysColor
GetSysColorBrush
SetTimer
GetParent
PostMessageW
GetWindowRect
DialogBoxParamW
SetWindowPos
GetClientRect
MessageBoxW
PeekMessageW
DispatchMessageW
SetWindowLongW
LoadBitmapW
PostQuitMessage
BeginPaint
ReleaseDC
CallWindowProcW
RemovePropW
GetPropW
SetPropW
EnableWindow
LoadStringW
RegisterWindowMessageW
ClientToScreen
GetWindowTextW
GetWindowTextLengthW
IsWindow
GetWindowLongW
OffsetRect
CopyRect
SystemParametersInfoW
GetMonitorInfoW
MonitorFromRect
FindWindowW
DefWindowProcW
KillTimer
EndPaint
PtInRect
GetCursorPos

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

ole32

CreateStreamOnHGlobal
OleSetContainedObject
OleCreate
CoUninitialize
CoInitialize

shell32

ShellExecuteExW
ShellExecuteW

oleaut32

VariantClear
OleLoadPicture
SysAllocString
SysFreeString
VariantInit

gdi32

LineTo
MoveToEx
TextOutW
CreatePen
SetBkMode
SelectObject
SetBkColor
GetBkColor
CreateSolidBrush
SetTextColor
CreateFontIndirectW
GetObjectW
CreateCompatibleDC
DeleteDC
CreateDIBSection
BitBlt
DeleteObject

wintrust

WinVerifyTrust

comctl32

ImageList_Destroy
ImageList_AddMasked
ImageList_Create
ord17
ImageList_Draw

wininet

InternetCloseHandle
InternetReadFile
InternetGetCookieW
InternetSetCookieW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetOpenW
InternetSetOptionW
InternetOpenUrlW
HttpQueryInfoW
InternetQueryDataAvailable

ws2_32

gethostname
gethostbyname
WSACleanup
WSAStartup

Exports

Exports

AucTrigger
Check11Uninstall
CheckAskToolBarCanInstall
CheckBaiDuIMEInstall
CheckGSearch
CheckGoogleChromeInstall
CheckGoogleToolbarInstall
CheckNetCodec_KOR
CheckPromotionInstall
CheckYahooToolbarInstall
CheckYandexToolBarCanInstall
DaumShowTrigger
DaumShowTriggerAudio
DaumShowTriggerRecorder
DaumTrigger
DaumTriggerAudio
DaumTriggerRecorder
Explorer11stTrigger
Favorite11stTrigger
GetBaiDuIME_Path
GetCountryCode
GetSectionPromotionPath
GomAYhoToolbarInstallTrigger
GomAYhoToolbarShowTrigger
HttpTrigger
InstBaiDuIME
InstGChrome
InstGSearch
InstGToolbar
InstYHToolbar
ReadCookie
RequestPromotionInstall
SetupNetCodec_KOR
ShopIcon11stTrigger
Shorcut11stTrigger
Verify
Verify2
WriteCookie
YhoShowTrigger
YhoToolbarAgreeTrigger
YhoToolbarInstallTrigger
YhoToolbarShowTrigger
YhoTrigger

Sections

.text
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 339KB - Virtual size: 339KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/NSISPromotionEx.ini
$TEMP/spltmp.bmp
GOM.exe
.exe windows:4 windows x86 arch:x86

218196716e960f06b26b1c9f523bc275

Code Sign

3c:91:31:cb:1f:f6:d0:1b:0e:9a:b8:d0:44:bf:12:be
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

02/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

14:72:bf:53:17:e0:96:5c:87:9e:f9:89:eb:68:64:ad
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

01/04/2011, 00:00

Not After

31/03/2012, 23:59

Subject

CN=GRETECH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=GRETECH,L=Gangnam-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutGetNumDevs
mixerClose
mixerGetNumDevs
mixerGetLineControlsW
mixerOpen
mixerGetID
mixerGetLineInfoW
mixerGetDevCapsW
mixerSetControlDetails
mixerGetControlDetailsW

kernel32

VirtualFree
GetModuleFileNameA
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
CompareStringA
SetUnhandledExceptionFilter
GetCPInfo
GetOEMCP
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetDriveTypeA
SetEnvironmentVariableA
FindResourceA
GlobalAddAtomA
GetProfileStringA
ReleaseSemaphore
CreateSemaphoreW
InterlockedExchange
CreateFileA
IsDBCSLeadByteEx
GetModuleHandleW
GetCommandLineW
CloseHandle
ReadFile
CreateFileW
LockResource
LoadResource
FindResourceW
GetFullPathNameW
MultiByteToWideChar
WideCharToMultiByte
OutputDebugStringW
GetCurrentProcessId
lstrcpyW
GetProcAddress
CompareStringW
GetPrivateProfileIntW
WaitForSingleObject
SetEvent
ResetEvent
GetLastError
CreateThread
WaitForMultipleObjects
GlobalFree
DeleteFileW
SetFilePointer
GlobalAlloc
DeviceIoControl
GetVersion
GetFileSize
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
GetFileType
SetStdHandle
ExitThread
RaiseException
HeapReAlloc
GetLocalTime
GetSystemTime
GetTimeZoneInformation
IsBadReadPtr
HeapAlloc
RtlUnwind
ExitProcess
GetStartupInfoW
GetCurrentDirectoryW
lstrcatW
lstrlenW
WriteFile
GetStartupInfoA
WritePrivateProfileStringW
GetPrivateProfileStringW
GlobalSize
SetErrorMode
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
TlsAlloc
GlobalFlags
lstrcmpiA
GetCurrentThread
GetProfileIntW
GlobalGetAtomNameW
SystemTimeToFileTime
LocalFileTimeToFileTime
GetDiskFreeSpaceW
GetFileTime
SetFileTime
GetTempFileNameW
lstrcmpiW
GetThreadLocale
MoveFileW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
FindNextFileW
FindFirstFileW
FindClose
CreateEventW
SuspendThread
SetThreadPriority
ResumeThread
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcmpA
GlobalAddAtomW
GlobalDeleteAtom
GetModuleHandleA
GetStdHandle
SetHandleCount
GetEnvironmentStrings
GetCommandLineA
GetSystemInfo
GetFileInformationByHandle
VirtualProtect
SetLastError
CreateDirectoryW
GetSystemDefaultLCID
GetSystemWindowsDirectoryW
GetVolumeInformationW
GetSystemDirectoryA
GetACP
GetShortPathNameW
HeapDestroy
InterlockedDecrement
InterlockedIncrement
GlobalFindAtomW
SetPriorityClass
CreateToolhelp32Snapshot
Process32FirstW
TerminateProcess
OpenProcess
Process32NextW
LoadLibraryA
LocalFree
SizeofResource
GetExitCodeProcess
CreateProcessW
GetWindowsDirectoryW
GetLocaleInfoW
GetProcessHeap
HeapFree
TerminateThread
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
GetDriveTypeW
GetUserDefaultLangID
CopyFileW
lstrcpynW
GetFileAttributesW
GetLogicalDrives
WinExec
MulDiv
SetCurrentDirectoryW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FormatMessageW
GetUserDefaultLCID
GetVersionExW
GetTempPathW
lstrlenA
lstrcmpW
GetTickCount
Sleep
LoadLibraryW
GetModuleFileNameW
GlobalLock
GlobalHandle
GlobalUnlock
FreeLibrary
LocalAlloc

user32

BringWindowToTop
UnpackDDElParam
ReuseDDElParam
WindowFromPoint
wvsprintfW
MapDialogRect
GetAsyncKeyState
GetMessageW
ValidateRect
EndDialog
CreateDialogIndirectParamW
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
SetMenuItemBitmaps
IsDialogMessageW
SetDlgItemTextW
GetDlgItemTextW
SendDlgItemMessageW
SendDlgItemMessageA
MapWindowPoints
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
WinHelpW
GetClassInfoW
GetMenuItemID
GetWindowTextLengthW
GetDlgCtrlID
SetWindowsHookExW
CallNextHookEx
SetPropW
UnhookWindowsHookEx
GetPropW
GetMessageTime
GetMessagePos
GetLastActivePopup
IsIconic
GetWindowPlacement
GrayStringW
TabbedTextOutW
EndPaint
BeginPaint
LoadStringW
CharNextW
EnumWindows
GetWindowTextW
SendMessageTimeoutW
SetWindowTextW
MapVirtualKeyW
GetKeyNameTextW
GetDesktopWindow
SubtractRect
SetParent
TrackPopupMenu
DestroyMenu
ExitWindowsEx
EqualRect
ChangeDisplaySettingsW
ShowCursor
SetClassLongW
IsZoomed
LoadCursorFromFileW
GetActiveWindow
IsChild
GetClassNameW
CreatePopupMenu
SetMenuItemInfoW
EnableMenuItem
GetMenuStringW
CheckMenuRadioItem
AppendMenuW
GetMenuItemCount
CheckMenuItem
DeleteMenu
RemoveMenu
InsertMenuW
GetDoubleClickTime
LoadAcceleratorsW
SetForegroundWindow
PostThreadMessageW
PostQuitMessage
GetClassInfoExW
SetActiveWindow
IsWindowVisible
DestroyIcon
AnimateWindow
SetLastErrorEx
MonitorFromRect
GetMonitorInfoW
RegisterClassExW
CreateWindowExW
DestroyWindow
DrawIcon
RemovePropW
CallWindowProcW
UnregisterHotKey
RegisterClipboardFormatW
IsClipboardFormatAvailable
ShowOwnedPopups
SetWindowContextHelpId
GetSysColorBrush
CopyAcceleratorTableW
GetWindowThreadProcessId
GetNextDlgGroupItem
GetDCEx
LockWindowUpdate
DrawTextW
GetCursorPos
ScreenToClient
IntersectRect
SetMenu
ModifyMenuW
FindWindowW
SetCursor
RedrawWindow
IsWindowEnabled
SetFocus
MessageBeep
OpenClipboard
GetClipboardData
CloseClipboard
AttachThreadInput
DialogBoxIndirectParamW
GetPropA
SetPropA
SetWindowLongA
GetClassNameA
IsWindowUnicode
SendMessageA
GetWindowLongA
SetWindowsHookExA
RemovePropA
CallWindowProcA
CharNextA
DefWindowProcA
DefDlgProcA
GetClassInfoA
DrawTextA
GetWindowTextA
GetFocus
GetWindow
GetCapture
UpdateWindow
GetKeyState
GetClassLongW
GetNextDlgTabItem
PtInRect
SetCapture
ReleaseCapture
SetRectEmpty
DrawFrameControl
DrawEdge
DrawFocusRect
GetSysColor
GetWindowDC
ShowWindow
LoadMenuW
GetSubMenu
wsprintfA
MoveWindow
IsWindow
GetDlgItem
LoadIconW
UnregisterClassW
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
PeekMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
FindWindowExW
SetWindowRgn
RegisterWindowMessageA
PostMessageW
MessageBoxW
GetParent
SendMessageW
KillTimer
CopyRect
FillRect
IsRectEmpty
SetTimer
EnumDisplaySettingsW
InvalidateRect
DefWindowProcW
LoadCursorW
RegisterClassW
EnableWindow
OffsetRect
InflateRect
UnionRect
RegisterWindowMessageW
CharUpperW
wsprintfW
GetClientRect
ClientToScreen
GetSystemMetrics
GetDC
ReleaseDC
LoadImageW
GetWindowLongW
SetWindowLongW
SetRect
GetMenu
AdjustWindowRectEx
SetWindowPos
SystemParametersInfoW
GetWindowRect
CreateAcceleratorTableW
InvalidateRgn
GetForegroundWindow
DestroyCursor

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
SaveDC
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
PtVisible
RectVisible
Escape
CreateBitmap
PatBlt
SetRectRgn
DPtoLP
GetTextColor
GetTextMetricsW
GetCharWidthW
LPtoDP
CopyMetaFileW
CreatePen
RestoreDC
ExtTextOutW
GetCurrentObject
CreateFontIndirectW
PtInRegion
CreatePolygonRgn
FrameRgn
Polygon
EnumFontFamiliesExW
CreateSolidBrush
GetBkColor
StretchDIBits
CreateCompatibleBitmap
Rectangle
CreateRectRgn
BitBlt
GetStockObject
CreateRectRgnIndirect
DeleteObject
GetObjectW
GetTextExtentPoint32W
SelectObject
DeleteDC
StretchBlt
CreateCompatibleDC
TextOutW
SetBkColor
CreateFontW
SetMapMode
MoveToEx
LineTo
GetTextExtentPointW
CloseFigure
EndPath
GetPath
AbortPath
BeginPath
TextOutA
GetTextExtentPoint32A
CreateFontA
GetMapMode
GetClipBox
SetBkMode
SetTextCharacterExtra
GetDeviceCaps
FillRgn
SetTextColor
CreateDIBitmap
GetTextExtentPointA
ExtTextOutA
GetDIBColorTable
CreateDIBSection
GetDIBits
OffsetRgn
ExtCreateRegion
CreateEllipticRgn
CreateRoundRectRgn
CombineRgn

comdlg32

GetSaveFileNameW
ChooseColorW
GetFileTitleW
GetOpenFileNameW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

FreeSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
GetFileSecurityW
SetFileSecurityW
RegSetValueExA
RegSetValueW
RegSetValueA
RegQueryValueExA
RegQueryValueW
RegQueryValueA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyA
RegEnumValueW
RegEnumValueA
RegEnumKeyExA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW
RegCreateKeyExA
RegCreateKeyW
RegCreateKeyA
RegFlushKey
RegEnumKeyExW
RegOpenKeyW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
EqualSid

shell32

DragAcceptFiles
DragQueryPoint
SHChangeNotify
SHFileOperationW
DragQueryFileW
DragFinish
SHAppBarMessage
ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW
Shell_NotifyIconW

comctl32

_TrackMouseEvent
ImageList_LoadImageW
ImageList_Create
ImageList_Destroy
CreatePropertySheetPageW
DestroyPropertySheetPage
PropertySheetW
ord17
ImageList_Draw
ImageList_AddMasked

oledlg

OleUIBusyW

ole32

OleGetClipboard
ReleaseStgMedium
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoRegisterMessageFilter
CoRevokeClassObject
OleSetContainedObject
OleCreate
OleLockRunning
OleInitialize
CoRegisterClassObject
CoGetObject
CoCreateGuid
CoUninitialize
CLSIDFromProgID
OleLoadFromStream
StgCreateDocfile
OleSaveToStream
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc
CLSIDFromString
StringFromCLSID
CoTaskMemFree
CoLoadLibrary
CoFreeLibrary
CreateBindCtx
MkParseDisplayName
CoInitialize
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
OleDuplicateData
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
StgOpenStorage
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries

olepro32

ord253
ord251

oleaut32

VariantTimeToSystemTime
SysFreeString
VariantClear
SysAllocString
SysAllocStringLen
SysStringLen
SafeArrayUnaccessData
SafeArrayAccessData
VariantCopy
OleLoadPicturePath
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
VariantChangeType

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wininet

InternetCrackUrlW
InternetSetCookieW
InternetSetCookieA
InternetSetOptionW
InternetCrackUrlA
InternetAttemptConnect
InternetConnectA
InternetOpenA
InternetCloseHandle
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
HttpEndRequestW
InternetWriteFile
HttpSendRequestExA
InternetReadFile
HttpQueryInfoW
InternetCanonicalizeUrlW
InternetQueryDataAvailable
InternetOpenUrlW
InternetOpenW
InternetConnectW
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetCreateUrlW

ws2_32

send
recv
closesocket
WSAStartup
gethostname
gethostbyname
WSACleanup
connect
ntohs
gethostbyaddr
htons
getservbyname
inet_addr
WSAGetLastError
htonl
WSAAsyncSelect
socket
getservbyport
WSASetLastError
inet_ntoa

imm32

ImmGetConversionStatus
ImmSetConversionStatus
ImmGetDefaultIMEWnd
ImmGetContext

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 356KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 248KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GOMSH
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
GomWeb3.dll
.dll regsvr32 windows:4 windows x86 arch:x86

2d1d7e4db4332a03645bc7b7c3aec746

Code Sign

3c:91:31:cb:1f:f6:d0:1b:0e:9a:b8:d0:44:bf:12:be
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

02/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

14:72:bf:53:17:e0:96:5c:87:9e:f9:89:eb:68:64:ad
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

01/04/2011, 00:00

Not After

31/03/2012, 23:59

Subject

CN=GRETECH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=GRETECH,L=Gangnam-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesA
GlobalFree
GetTempPathA
GetTickCount
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
CreateProcessA
GetUserDefaultLangID
GetCurrentThread
WriteFile
SetThreadPriority
DeleteFileA
MoveFileA
FreeResource
LockResource
MulDiv
WaitForSingleObject
CreateFileA
CloseHandle
IsBadReadPtr
IsBadWritePtr
IsBadStringPtrA
LoadLibraryA
MapViewOfFile
GetProcAddress
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
HeapCreate
GetVersionExA
GetSystemInfo
HeapAlloc
DisableThreadLibraryCalls
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
lstrcmpA
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpyA
lstrcatA
Sleep
OpenFileMappingA
GlobalHandle

user32

DispatchMessageA
TranslateMessage
PeekMessageA
ClientToScreen
MoveWindow
CopyRect
SystemParametersInfoA
GetWindowRect
GetSystemMetrics
LoadStringA
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
UnionRect
PtInRect
GetNextDlgTabItem
IsDialogMessageA
GetKeyState
GetForegroundWindow
PostMessageA
SetDlgItemTextA
SetPropA
RemovePropA
GetPropA
DialogBoxIndirectParamA
LoadIconA
EnableWindow
DrawTextA
EndDialog
MapWindowPoints
ShowWindow
CharNextA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
GetDlgItem
InvalidateRgn
InvalidateRect
SetCapture
ReleaseCapture
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
CreateWindowExA
DestroyWindow
CreateAcceleratorTableA
GetDesktopWindow
GetParent
GetClassNameA
RedrawWindow
SetWindowPos
BeginPaint
GetClientRect
FillRect
EndPaint
GetDC
ReleaseDC
GetFocus
IsChild
GetWindow
SetFocus
GetSysColor
CallWindowProcA
GetWindowLongA
SetWindowLongA
DefWindowProcA
IsWindow
FindWindowA
SetTimer
KillTimer
SendMessageA
RegisterWindowMessageA
ScreenToClient

gdi32

SetTextColor
SetBkMode
GetDeviceCaps
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
CreateSolidBrush
GetObjectA
GetStockObject
RestoreDC
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
LPtoDP
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileA
CreateDCA
GetTextExtentPoint32A
GetTextMetricsA
ExtTextOutA
SetBkColor

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

ole32

StringFromCLSID
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
OleLockRunning
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoTaskMemRealloc
OleRegEnumVerbs
OleRegGetUserType
CreateOleAdviseHolder
OleRegGetMiscStatus
WriteClassStm
CreateDataAdviseHolder
OleSaveToStream
OleLoadFromStream
CoCreateInstance

oleaut32

VarUI4FromStr
DispCallFunc
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
OleCreatePropertyFrame
RegisterTypeLi
LoadTypeLi
OleCreateFontIndirect
SysAllocStringLen
SysStringLen
LoadRegTypeLi
VariantClear
SysAllocString
SysFreeString

msvcrt

sscanf
__dllonexit
_onexit
_initterm
_adjust_fdiv
_strdup
_endthread
_beginthread
rand
_mbsncmp
_mbstok
_mkdir
_purecall
free
strcat
strcpy
malloc
??2@YAPAXI@Z
??3@YAXPAX@Z
memcpy
memset
realloc
memcmp
wcslen
_mbschr
_mbscmp
_mbsicmp
_mbsinc
memmove
_mbsstr
_mbsrchr
vsprintf
_mbclen
sprintf
_mbsnbcmp
_ismbcdigit
atoi
time
_vsnprintf
strlen

wininet

InternetSetOptionA
InternetOpenUrlA
HttpQueryInfoA
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle
InternetCanonicalizeUrlA
InternetOpenA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GomWiz.exe
.exe windows:4 windows x86 arch:x86

a6ff04e5c9d4fc3dd47e894533483b29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
iswspace
iswdigit
vswprintf
wcsstr
_wcslwr
wcschr
memcpy
memmove
_wcsdup
calloc
_wcsicmp
wcsncmp
_except_handler3
wcstok
wcsrchr
malloc
swprintf
_wtoi
memcmp
free
wcscpy
wcsncpy
swscanf
strlen
_waccess
wcscmp
wcslen
strcmp
_EH_prolog
__CxxFrameHandler
_vsnwprintf
memset
??3@YAXPAX@Z
??2@YAPAXI@Z
_controlfp

kernel32

GetModuleHandleA
IsBadReadPtr
IsBadWritePtr
IsBadStringPtrW
GetModuleHandleW
lstrlenA
DeleteCriticalSection
InitializeCriticalSection
GetProcAddress
GetFileInformationByHandle
SetLastError
GetVersionExW
GlobalAlloc
GlobalLock
GetModuleFileNameW
GetPrivateProfileIntW
WritePrivateProfileStringW
GlobalDeleteAtom
FreeLibrary
LoadLibraryW
GlobalAddAtomW
GlobalFindAtomW
WideCharToMultiByte
lstrlenW
GetTempPathW
Sleep
DeleteFileW
GetUserDefaultLangID
SetPriorityClass
GetCurrentProcess
lstrcpyW
CompareStringW
CloseHandle
CreateFileW
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
ReadFile
GetFileSize
GetFileAttributesW
GlobalFree
CreateDirectoryW
FindClose
FindNextFileW
FindFirstFileW
GetPrivateProfileStringW
GetPrivateProfileStringA
GetStartupInfoA

user32

ReleaseDC
SetWindowTextW
GetDC
DrawTextW
GetSysColor
EndPaint
BeginPaint
GetSystemMetrics
PeekMessageW
DispatchMessageW
MoveWindow
GetClientRect
SetPropW
GetWindowLongW
InvalidateRect
ClientToScreen
GetPropW
CreateWindowExW
EndDialog
SetDlgItemTextW
PtInRect
CallWindowProcW
ScreenToClient
EnableWindow
GetDlgItem
SendMessageW
SetWindowLongW
GetParent
PostMessageW
KillTimer
GetWindowRect
SystemParametersInfoW
SetWindowPos
SendDlgItemMessageW
ShowWindow
SetTimer
FindWindowW
SetFocus
LoadIconW
DialogBoxIndirectParamW
RemovePropW
LoadStringW
RegisterWindowMessageW
IsWindow
OffsetRect
wsprintfW
CopyRect

gdi32

DeleteDC
GetStockObject
CreateCompatibleBitmap
CreateCompatibleDC
SetBkMode
SetBkColor
ExtTextOutW
GetTextMetricsW
GetTextExtentPoint32W
SelectObject
SetTextColor
CreateFontW
CreateSolidBrush
BitBlt
DeleteObject

advapi32

RegDeleteValueW
RegCloseKey
RegCreateKeyW
RegSetValueExA
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegQueryInfoKeyW
RegEnumKeyExW

shell32

SHChangeNotify
ShellExecuteW

ole32

CoGetObject
StringFromGUID2
CoUninitialize
CoInitialize
CoCreateInstance
CLSIDFromString
OleSetContainedObject
OleCreate

oleaut32

SysAllocStringLen
SysFreeString
SysStringLen
VariantClear
SysAllocString

comctl32

PropertySheetW

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
GomX.dll
.dll regsvr32 windows:4 windows x86 arch:x86

475777240e4fc617ea8f5552b02bca50

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
CompareStringW
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
SetConsoleCtrlHandler
GetLocaleInfoW
SetEnvironmentVariableA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
FatalAppExitA
ReleaseSemaphore
GetThreadPriority
CreateSemaphoreA
HeapSize
GetFileType
SetStdHandle
ExitProcess
ExitThread
SetFilePointer
WideCharToMultiByte
CloseHandle
CreateFileA
DeleteFileA
GetLastError
GetFileSize
CreateProcessA
CopyFileA
SizeofResource
LockResource
LoadResource
FindResourceA
GetExitCodeProcess
WaitForSingleObject
GetProcAddress
GetModuleHandleA
FreeLibrary
LoadLibraryA
GetVersionExA
Process32Next
GetCurrentProcessId
OpenProcess
TerminateProcess
Process32First
CreateToolhelp32Snapshot
MultiByteToWideChar
lstrlenA
GetUserDefaultLangID
SetPriorityClass
GetCurrentProcess
lstrcpyA
CompareStringA
GetACP
lstrlenW
HeapDestroy
DeleteCriticalSection
RaiseException
HeapReAlloc
IsBadReadPtr
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapAlloc
RtlUnwind
HeapFree
SetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetProfileIntA
GlobalSize
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalAlloc
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
SuspendThread
ResumeThread
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FormatMessageA
VirtualQuery
FlushInstructionCache
VirtualProtect
GlobalUnlock
CreateFileW
FormatMessageW
LocalFree
GlobalLock
GetTempFileNameA
GetCurrentThread
lstrcpynA
IsDBCSLeadByteEx
GetSystemDirectoryA
IsDBCSLeadByte
GetFileInformationByHandle
SetLastError
GetSystemInfo
GetDiskFreeSpaceA
GetCommandLineA
GetCurrentDirectoryA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetWindowsDirectoryA
GetDriveTypeA
FindFirstFileA
FindNextFileA
FindClose
GetVolumeInformationA
GetFileTime
CreateDirectoryA
GetFileAttributesA
DebugBreak
SetThreadPriority
InterlockedExchange
CreateEventA
InterlockedDecrement
InterlockedIncrement
GetUserDefaultLCID
MulDiv
lstrcmpA
WriteFile
GetTickCount
OutputDebugStringA
QueryPerformanceFrequency
QueryPerformanceCounter
GetFullPathNameA
GetVersion
DeviceIoControl
GlobalAlloc
GlobalFree
WaitForMultipleObjects
CreateThread
ResetEvent
SetEvent
Sleep
GetTempPathA
SetCurrentDirectoryA
GetModuleFileNameA
lstrcatA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
ReadFile

user32

GetClassNameA
InvalidateRgn
ReleaseCapture
SetCapture
RegisterClipboardFormatA
CreateMenu
DestroyMenu
GetDesktopWindow
DrawEdge
SetCursor
ShowOwnedPopups
PostQuitMessage
GetMessageA
ValidateRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
EnableMenuItem
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
UpdateWindow
SendDlgItemMessageA
GetFocus
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
GetClassInfoA
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetDlgCtrlID
GetKeyState
SetWindowsHookExA
GetWindowDC
GetClassLongA
UnhookWindowsHookEx
CallWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
IsIconic
GetNextDlgTabItem
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
OemToCharA
RegisterWindowMessageA
PostMessageA
EnableWindow
SetWindowTextA
GetDlgItem
EnumWindows
GetQueueStatus
PostThreadMessageA
CharToOemA
MsgWaitForMultipleObjects
GrayStringA
GetMenuStringA
LoadStringW
EndDialog
BeginPaint
EndPaint
GetSysColor
DrawTextA
ShowWindow
CreateWindowExA
DialogBoxIndirectParamA
GetPropA
RemovePropA
SetPropA
SetDlgItemTextA
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
BringWindowToTop
GetWindowTextLengthA
GetWindowTextA
GetWindowPlacement
DestroyIcon
CharPrevA
EqualRect
SetRectEmpty
MapWindowPoints
IsWindow
LoadIconA
GetWindow
IntersectRect
FindWindowA
PeekMessageA
EnumChildWindows
LockWindowUpdate
GetAsyncKeyState
MapDialogRect
wvsprintfA
UnregisterClassA
GetDialogBaseUnits
GetSysColorBrush
CallNextHookEx
DeleteMenu
TranslateMessage
DispatchMessageA
FindWindowExA
SetWindowRgn
CharUpperA
CreateAcceleratorTableA
RedrawWindow
CreatePopupMenu
GetClassInfoExA
RegisterClassExA
LoadCursorFromFileA
SetClassLongA
DestroyCursor
SendMessageA
GetSystemMetrics
CharNextA
SetTimer
LoadAcceleratorsA
KillTimer
MoveWindow
CheckMenuItem
InsertMenuA
GetSubMenu
LoadMenuA
SystemParametersInfoA
GetActiveWindow
TranslateAcceleratorA
PtInRect
ScreenToClient
GetCursorPos
InvalidateRect
ShowCursor
SetFocus
GetWindowRect
SetParent
GetParent
LoadStringA
UnionRect
InflateRect
OffsetRect
ReleaseDC
GetDC
RegisterClassA
LoadCursorA
DefWindowProcA
GetClientRect
EnumDisplaySettingsA
IsRectEmpty
FillRect
CopyRect
AppendMenuA
RemoveMenu
GetTabbedTextExtentA
GetDCEx
TabbedTextOutA
wsprintfA
ClientToScreen
LoadImageA
GetWindowLongA
SetWindowLongA
SetRect
GetMenu
AdjustWindowRectEx
SetWindowPos

gdi32

RectVisible
Escape
CreateDIBSection
SetDIBColorTable
GetDIBColorTable
GetDCOrgEx
GetClipBox
CreateBitmap
LPtoDP
DeleteMetaFile
CloseMetaFile
CreateMetaFileA
GetViewportOrgEx
OffsetRgn
StartDocA
SaveDC
RestoreDC
SelectPalette
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
PtVisible
OffsetClipRgn
SetTextAlign
SetTextJustification
SetMapperFlags
GetCurrentPositionEx
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
GetClipRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetViewportExtEx
GetWindowExtEx
ExtCreatePen
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
GetMapMode
PatBlt
SetRectRgn
CreateFontIndirectA
DPtoLP
CopyMetaFileA
CreateDCA
GetTextAlign
UnrealizeObject
Rectangle
CreateCompatibleBitmap
SetArcDirection
MoveToEx
ArcTo
LineTo
CreateSolidBrush
CreatePen
RoundRect
ExtTextOutA
GetTextMetricsA
CloseFigure
EndPath
GetPath
AbortPath
BeginPath
TextOutW
GetTextExtentPoint32W
CreateFontW
GetRegionData
DeleteObject
CreateFontA
SetBkMode
SetTextCharacterExtra
GetTextExtentPoint32A
SelectObject
SetTextColor
TextOutA
GetDeviceCaps
FillRgn
CombineRgn
CreateRectRgnIndirect
GetStockObject
BitBlt
GetObjectA
DeleteDC
StretchBlt
CreateCompatibleDC
SetBkColor
GetPixel
SetPixel
IntersectClipRect
GetDIBits
ExtCreateRegion
CreateEllipticRgn
CreateRoundRectRgn
CreateRectRgn

comdlg32

GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExW
RegCloseKey
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumKeyA
OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegSetValueExW
RegSetValueW
RegSetValueA
RegQueryValueExW
RegQueryValueW
RegQueryValueA
RegQueryInfoKeyW
RegQueryValueExA
RegOpenKeyW
RegOpenKeyA
RegEnumValueW
RegEnumValueA
RegEnumKeyExW
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW
RegCreateKeyExA
RegCreateKeyW
RegCreateKeyA
RegFlushKey
RegSetValueExA

shell32

SHGetFileInfoA
DragAcceptFiles
SHGetMalloc
Shell_NotifyIconA
ShellExecuteA
SHGetSpecialFolderPathA
SHBrowseForFolderA
SHGetPathFromIDListA
ExtractIconA

comctl32

PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
_TrackMouseEvent
ord17

ole32

ReadClassStm
StringFromCLSID
ReadFmtUserTypeStg
CLSIDFromProgID
OleRun
OleDuplicateData
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadClassStg
CoTreatAsClass
OleSetClipboard
OleFlushClipboard
CreateOleAdviseHolder
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleLoadFromStream
OleSaveToStream
ReleaseStgMedium
CreateDataAdviseHolder
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoDisconnectObject
CreateDataCache
CoRevokeClassObject
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
GetRunningObjectTable
CreateItemMoniker
CreateBindCtx
MkParseDisplayName
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CLSIDFromString
StringFromGUID2
CoGetObject
CoCreateGuid
OleLockRunning
OleCreate
CreateStreamOnHGlobal
CoUninitialize
CoTaskMemFree
CoLoadLibrary
OleIsCurrentClipboard
CoFreeLibrary
OleSetContainedObject
CoRegisterClassObject

olepro32

ord253
ord254
ord250
ord251
ord252

oleaut32

SysAllocStringLen
SysStringLen
SysAllocString
LoadTypeLi
RegisterTypeLi
LoadRegTypeLi
VariantClear
SafeArrayUnaccessData
SafeArrayCreateVector
SafeArrayAccessData
SysStringByteLen
VariantChangeType
VariantCopy
SysReAllocStringLen
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
SysAllocStringByteLen
VarCyFromStr
VarBstrFromCy
VarDateFromStr
VarBstrFromDate
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysFreeString

urlmon

CreateAsyncBindCtx
CreateURLMoniker
IsAsyncMoniker
RegisterBindStatusCallback

imm32

ImmGetConversionStatus
ImmSetConversionStatus
ImmGetDefaultIMEWnd
ImmGetContext

wininet

InternetWriteFile
InternetGetLastResponseInfoA
GopherFindFirstFileA
InternetFindNextFileA
FtpFindFirstFileA
HttpSendRequestExA
HttpEndRequestA
InternetErrorDlg
GopherOpenFileA
GopherGetAttributeA
GopherCreateLocatorA
FtpGetFileA
FtpPutFileA
FtpOpenFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpRenameFileA
FtpDeleteFileA
InternetSetFilePointer
InternetGetCookieA
InternetSetStatusCallback
InternetSetOptionExA
InternetQueryOptionA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetConnectA
InternetOpenA
InternetOpenUrlA
HttpQueryInfoA
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle
InternetCanonicalizeUrlA
InternetCreateUrlA
InternetSetCookieA
InternetCrackUrlA
InternetSetOptionA

winmm

timeGetTime
mixerGetNumDevs
mixerGetLineControlsA
mixerOpen
mixerGetID
mixerGetLineInfoA
mixerGetDevCapsA
timeSetEvent
mixerClose
mixerGetControlDetailsA
mixerSetControlDetails

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 400KB - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GomX2.dll
.dll regsvr32 windows:4 windows x86 arch:x86

475777240e4fc617ea8f5552b02bca50

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
CompareStringW
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
SetConsoleCtrlHandler
GetLocaleInfoW
SetEnvironmentVariableA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
FatalAppExitA
ReleaseSemaphore
GetThreadPriority
CreateSemaphoreA
HeapSize
GetFileType
SetStdHandle
ExitProcess
ExitThread
SetFilePointer
WideCharToMultiByte
CloseHandle
CreateFileA
DeleteFileA
GetLastError
GetFileSize
CreateProcessA
CopyFileA
SizeofResource
LockResource
LoadResource
FindResourceA
GetExitCodeProcess
WaitForSingleObject
GetProcAddress
GetModuleHandleA
FreeLibrary
LoadLibraryA
GetVersionExA
Process32Next
GetCurrentProcessId
OpenProcess
TerminateProcess
Process32First
CreateToolhelp32Snapshot
MultiByteToWideChar
lstrlenA
GetUserDefaultLangID
SetPriorityClass
GetCurrentProcess
lstrcpyA
CompareStringA
GetACP
lstrlenW
HeapDestroy
DeleteCriticalSection
RaiseException
HeapReAlloc
IsBadReadPtr
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapAlloc
RtlUnwind
HeapFree
SetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetProfileIntA
GlobalSize
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalAlloc
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
SuspendThread
ResumeThread
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FormatMessageA
VirtualQuery
FlushInstructionCache
VirtualProtect
GlobalUnlock
CreateFileW
FormatMessageW
LocalFree
GlobalLock
GetTempFileNameA
GetCurrentThread
lstrcpynA
IsDBCSLeadByteEx
GetSystemDirectoryA
IsDBCSLeadByte
GetFileInformationByHandle
SetLastError
GetSystemInfo
GetDiskFreeSpaceA
GetCommandLineA
GetCurrentDirectoryA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetWindowsDirectoryA
GetDriveTypeA
FindFirstFileA
FindNextFileA
FindClose
GetVolumeInformationA
GetFileTime
CreateDirectoryA
GetFileAttributesA
DebugBreak
SetThreadPriority
InterlockedExchange
CreateEventA
InterlockedDecrement
InterlockedIncrement
GetUserDefaultLCID
MulDiv
lstrcmpA
WriteFile
GetTickCount
OutputDebugStringA
QueryPerformanceFrequency
QueryPerformanceCounter
GetFullPathNameA
GetVersion
DeviceIoControl
GlobalAlloc
GlobalFree
WaitForMultipleObjects
CreateThread
ResetEvent
SetEvent
Sleep
GetTempPathA
SetCurrentDirectoryA
GetModuleFileNameA
lstrcatA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
ReadFile

user32

GetClassNameA
InvalidateRgn
ReleaseCapture
SetCapture
RegisterClipboardFormatA
CreateMenu
DestroyMenu
GetDesktopWindow
DrawEdge
SetCursor
ShowOwnedPopups
PostQuitMessage
GetMessageA
ValidateRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
EnableMenuItem
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
UpdateWindow
SendDlgItemMessageA
GetFocus
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
GetClassInfoA
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetDlgCtrlID
GetKeyState
SetWindowsHookExA
GetWindowDC
GetClassLongA
UnhookWindowsHookEx
CallWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
IsIconic
GetNextDlgTabItem
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
OemToCharA
RegisterWindowMessageA
PostMessageA
EnableWindow
SetWindowTextA
GetDlgItem
EnumWindows
GetQueueStatus
PostThreadMessageA
CharToOemA
MsgWaitForMultipleObjects
GrayStringA
GetMenuStringA
LoadStringW
EndDialog
BeginPaint
EndPaint
GetSysColor
DrawTextA
ShowWindow
CreateWindowExA
DialogBoxIndirectParamA
GetPropA
RemovePropA
SetPropA
SetDlgItemTextA
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
BringWindowToTop
GetWindowTextLengthA
GetWindowTextA
GetWindowPlacement
DestroyIcon
CharPrevA
EqualRect
SetRectEmpty
MapWindowPoints
IsWindow
LoadIconA
GetWindow
IntersectRect
FindWindowA
PeekMessageA
EnumChildWindows
LockWindowUpdate
GetAsyncKeyState
MapDialogRect
wvsprintfA
UnregisterClassA
GetDialogBaseUnits
GetSysColorBrush
CallNextHookEx
DeleteMenu
TranslateMessage
DispatchMessageA
FindWindowExA
SetWindowRgn
CharUpperA
CreateAcceleratorTableA
RedrawWindow
CreatePopupMenu
GetClassInfoExA
RegisterClassExA
LoadCursorFromFileA
SetClassLongA
DestroyCursor
SendMessageA
GetSystemMetrics
CharNextA
SetTimer
LoadAcceleratorsA
KillTimer
MoveWindow
CheckMenuItem
InsertMenuA
GetSubMenu
LoadMenuA
SystemParametersInfoA
GetActiveWindow
TranslateAcceleratorA
PtInRect
ScreenToClient
GetCursorPos
InvalidateRect
ShowCursor
SetFocus
GetWindowRect
SetParent
GetParent
LoadStringA
UnionRect
InflateRect
OffsetRect
ReleaseDC
GetDC
RegisterClassA
LoadCursorA
DefWindowProcA
GetClientRect
EnumDisplaySettingsA
IsRectEmpty
FillRect
CopyRect
AppendMenuA
RemoveMenu
GetTabbedTextExtentA
GetDCEx
TabbedTextOutA
wsprintfA
ClientToScreen
LoadImageA
GetWindowLongA
SetWindowLongA
SetRect
GetMenu
AdjustWindowRectEx
SetWindowPos

gdi32

RectVisible
Escape
CreateDIBSection
SetDIBColorTable
GetDIBColorTable
GetDCOrgEx
GetClipBox
CreateBitmap
LPtoDP
DeleteMetaFile
CloseMetaFile
CreateMetaFileA
GetViewportOrgEx
OffsetRgn
StartDocA
SaveDC
RestoreDC
SelectPalette
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
PtVisible
OffsetClipRgn
SetTextAlign
SetTextJustification
SetMapperFlags
GetCurrentPositionEx
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
GetClipRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetViewportExtEx
GetWindowExtEx
ExtCreatePen
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
GetMapMode
PatBlt
SetRectRgn
CreateFontIndirectA
DPtoLP
CopyMetaFileA
CreateDCA
GetTextAlign
UnrealizeObject
Rectangle
CreateCompatibleBitmap
SetArcDirection
MoveToEx
ArcTo
LineTo
CreateSolidBrush
CreatePen
RoundRect
ExtTextOutA
GetTextMetricsA
CloseFigure
EndPath
GetPath
AbortPath
BeginPath
TextOutW
GetTextExtentPoint32W
CreateFontW
GetRegionData
DeleteObject
CreateFontA
SetBkMode
SetTextCharacterExtra
GetTextExtentPoint32A
SelectObject
SetTextColor
TextOutA
GetDeviceCaps
FillRgn
CombineRgn
CreateRectRgnIndirect
GetStockObject
BitBlt
GetObjectA
DeleteDC
StretchBlt
CreateCompatibleDC
SetBkColor
GetPixel
SetPixel
IntersectClipRect
GetDIBits
ExtCreateRegion
CreateEllipticRgn
CreateRoundRectRgn
CreateRectRgn

comdlg32

GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExW
RegCloseKey
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumKeyA
OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegSetValueExW
RegSetValueW
RegSetValueA
RegQueryValueExW
RegQueryValueW
RegQueryValueA
RegQueryInfoKeyW
RegQueryValueExA
RegOpenKeyW
RegOpenKeyA
RegEnumValueW
RegEnumValueA
RegEnumKeyExW
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW
RegCreateKeyExA
RegCreateKeyW
RegCreateKeyA
RegFlushKey
RegSetValueExA

shell32

SHGetFileInfoA
DragAcceptFiles
SHGetMalloc
Shell_NotifyIconA
ShellExecuteA
SHGetSpecialFolderPathA
SHBrowseForFolderA
SHGetPathFromIDListA
ExtractIconA

comctl32

PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
_TrackMouseEvent
ord17

ole32

ReadClassStm
StringFromCLSID
ReadFmtUserTypeStg
CLSIDFromProgID
OleRun
OleDuplicateData
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadClassStg
CoTreatAsClass
OleSetClipboard
OleFlushClipboard
CreateOleAdviseHolder
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleLoadFromStream
OleSaveToStream
ReleaseStgMedium
CreateDataAdviseHolder
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoDisconnectObject
CreateDataCache
CoRevokeClassObject
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
GetRunningObjectTable
CreateItemMoniker
CreateBindCtx
MkParseDisplayName
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CLSIDFromString
StringFromGUID2
CoGetObject
CoCreateGuid
OleLockRunning
OleCreate
CreateStreamOnHGlobal
CoUninitialize
CoTaskMemFree
CoLoadLibrary
OleIsCurrentClipboard
CoFreeLibrary
OleSetContainedObject
CoRegisterClassObject

olepro32

ord253
ord254
ord250
ord251
ord252

oleaut32

SysAllocStringLen
SysStringLen
SysAllocString
LoadTypeLi
RegisterTypeLi
LoadRegTypeLi
VariantClear
SafeArrayUnaccessData
SafeArrayCreateVector
SafeArrayAccessData
SysStringByteLen
VariantChangeType
VariantCopy
SysReAllocStringLen
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
SysAllocStringByteLen
VarCyFromStr
VarBstrFromCy
VarDateFromStr
VarBstrFromDate
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysFreeString

urlmon

CreateAsyncBindCtx
CreateURLMoniker
IsAsyncMoniker
RegisterBindStatusCallback

imm32

ImmGetConversionStatus
ImmSetConversionStatus
ImmGetDefaultIMEWnd
ImmGetContext

wininet

InternetWriteFile
InternetGetLastResponseInfoA
GopherFindFirstFileA
InternetFindNextFileA
FtpFindFirstFileA
HttpSendRequestExA
HttpEndRequestA
InternetErrorDlg
GopherOpenFileA
GopherGetAttributeA
GopherCreateLocatorA
FtpGetFileA
FtpPutFileA
FtpOpenFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpRenameFileA
FtpDeleteFileA
InternetSetFilePointer
InternetGetCookieA
InternetSetStatusCallback
InternetSetOptionExA
InternetQueryOptionA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetConnectA
InternetOpenA
InternetOpenUrlA
HttpQueryInfoA
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle
InternetCanonicalizeUrlA
InternetCreateUrlA
InternetSetCookieA
InternetCrackUrlA
InternetSetOptionA

winmm

timeGetTime
mixerGetNumDevs
mixerGetLineControlsA
mixerOpen
mixerGetID
mixerGetLineInfoA
mixerGetDevCapsA
timeSetEvent
mixerClose
mixerGetControlDetailsA
mixerSetControlDetails

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 400KB - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GomX3.dll
.dll regsvr32 windows:4 windows x86 arch:x86

475777240e4fc617ea8f5552b02bca50

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
CompareStringW
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
SetConsoleCtrlHandler
GetLocaleInfoW
SetEnvironmentVariableA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
FatalAppExitA
ReleaseSemaphore
GetThreadPriority
CreateSemaphoreA
HeapSize
GetFileType
SetStdHandle
ExitProcess
ExitThread
SetFilePointer
WideCharToMultiByte
CloseHandle
CreateFileA
DeleteFileA
GetLastError
GetFileSize
CreateProcessA
CopyFileA
SizeofResource
LockResource
LoadResource
FindResourceA
GetExitCodeProcess
WaitForSingleObject
GetProcAddress
GetModuleHandleA
FreeLibrary
LoadLibraryA
GetVersionExA
Process32Next
GetCurrentProcessId
OpenProcess
TerminateProcess
Process32First
CreateToolhelp32Snapshot
MultiByteToWideChar
lstrlenA
GetUserDefaultLangID
SetPriorityClass
GetCurrentProcess
lstrcpyA
CompareStringA
GetACP
lstrlenW
HeapDestroy
DeleteCriticalSection
RaiseException
HeapReAlloc
IsBadReadPtr
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapAlloc
RtlUnwind
HeapFree
SetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetProfileIntA
GlobalSize
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalAlloc
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
SuspendThread
ResumeThread
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FormatMessageA
VirtualQuery
FlushInstructionCache
VirtualProtect
GlobalUnlock
CreateFileW
FormatMessageW
LocalFree
GlobalLock
GetTempFileNameA
GetCurrentThread
lstrcpynA
IsDBCSLeadByteEx
GetSystemDirectoryA
IsDBCSLeadByte
GetFileInformationByHandle
SetLastError
GetSystemInfo
GetDiskFreeSpaceA
GetCommandLineA
GetCurrentDirectoryA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetWindowsDirectoryA
GetDriveTypeA
FindFirstFileA
FindNextFileA
FindClose
GetVolumeInformationA
GetFileTime
CreateDirectoryA
GetFileAttributesA
DebugBreak
SetThreadPriority
InterlockedExchange
CreateEventA
InterlockedDecrement
InterlockedIncrement
GetUserDefaultLCID
MulDiv
lstrcmpA
WriteFile
GetTickCount
OutputDebugStringA
QueryPerformanceFrequency
QueryPerformanceCounter
GetFullPathNameA
GetVersion
DeviceIoControl
GlobalAlloc
GlobalFree
WaitForMultipleObjects
CreateThread
ResetEvent
SetEvent
Sleep
GetTempPathA
SetCurrentDirectoryA
GetModuleFileNameA
lstrcatA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
ReadFile

user32

GetClassNameA
InvalidateRgn
ReleaseCapture
SetCapture
RegisterClipboardFormatA
CreateMenu
DestroyMenu
GetDesktopWindow
DrawEdge
SetCursor
ShowOwnedPopups
PostQuitMessage
GetMessageA
ValidateRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
EnableMenuItem
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
UpdateWindow
SendDlgItemMessageA
GetFocus
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
GetClassInfoA
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetDlgCtrlID
GetKeyState
SetWindowsHookExA
GetWindowDC
GetClassLongA
UnhookWindowsHookEx
CallWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
IsIconic
GetNextDlgTabItem
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
OemToCharA
RegisterWindowMessageA
PostMessageA
EnableWindow
SetWindowTextA
GetDlgItem
EnumWindows
GetQueueStatus
PostThreadMessageA
CharToOemA
MsgWaitForMultipleObjects
GrayStringA
GetMenuStringA
LoadStringW
EndDialog
BeginPaint
EndPaint
GetSysColor
DrawTextA
ShowWindow
CreateWindowExA
DialogBoxIndirectParamA
GetPropA
RemovePropA
SetPropA
SetDlgItemTextA
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
BringWindowToTop
GetWindowTextLengthA
GetWindowTextA
GetWindowPlacement
DestroyIcon
CharPrevA
EqualRect
SetRectEmpty
MapWindowPoints
IsWindow
LoadIconA
GetWindow
IntersectRect
FindWindowA
PeekMessageA
EnumChildWindows
LockWindowUpdate
GetAsyncKeyState
MapDialogRect
wvsprintfA
UnregisterClassA
GetDialogBaseUnits
GetSysColorBrush
CallNextHookEx
DeleteMenu
TranslateMessage
DispatchMessageA
FindWindowExA
SetWindowRgn
CharUpperA
CreateAcceleratorTableA
RedrawWindow
CreatePopupMenu
GetClassInfoExA
RegisterClassExA
LoadCursorFromFileA
SetClassLongA
DestroyCursor
SendMessageA
GetSystemMetrics
CharNextA
SetTimer
LoadAcceleratorsA
KillTimer
MoveWindow
CheckMenuItem
InsertMenuA
GetSubMenu
LoadMenuA
SystemParametersInfoA
GetActiveWindow
TranslateAcceleratorA
PtInRect
ScreenToClient
GetCursorPos
InvalidateRect
ShowCursor
SetFocus
GetWindowRect
SetParent
GetParent
LoadStringA
UnionRect
InflateRect
OffsetRect
ReleaseDC
GetDC
RegisterClassA
LoadCursorA
DefWindowProcA
GetClientRect
EnumDisplaySettingsA
IsRectEmpty
FillRect
CopyRect
AppendMenuA
RemoveMenu
GetTabbedTextExtentA
GetDCEx
TabbedTextOutA
wsprintfA
ClientToScreen
LoadImageA
GetWindowLongA
SetWindowLongA
SetRect
GetMenu
AdjustWindowRectEx
SetWindowPos

gdi32

RectVisible
Escape
CreateDIBSection
SetDIBColorTable
GetDIBColorTable
GetDCOrgEx
GetClipBox
CreateBitmap
LPtoDP
DeleteMetaFile
CloseMetaFile
CreateMetaFileA
GetViewportOrgEx
OffsetRgn
StartDocA
SaveDC
RestoreDC
SelectPalette
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
PtVisible
OffsetClipRgn
SetTextAlign
SetTextJustification
SetMapperFlags
GetCurrentPositionEx
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
GetClipRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetViewportExtEx
GetWindowExtEx
ExtCreatePen
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
GetMapMode
PatBlt
SetRectRgn
CreateFontIndirectA
DPtoLP
CopyMetaFileA
CreateDCA
GetTextAlign
UnrealizeObject
Rectangle
CreateCompatibleBitmap
SetArcDirection
MoveToEx
ArcTo
LineTo
CreateSolidBrush
CreatePen
RoundRect
ExtTextOutA
GetTextMetricsA
CloseFigure
EndPath
GetPath
AbortPath
BeginPath
TextOutW
GetTextExtentPoint32W
CreateFontW
GetRegionData
DeleteObject
CreateFontA
SetBkMode
SetTextCharacterExtra
GetTextExtentPoint32A
SelectObject
SetTextColor
TextOutA
GetDeviceCaps
FillRgn
CombineRgn
CreateRectRgnIndirect
GetStockObject
BitBlt
GetObjectA
DeleteDC
StretchBlt
CreateCompatibleDC
SetBkColor
GetPixel
SetPixel
IntersectClipRect
GetDIBits
ExtCreateRegion
CreateEllipticRgn
CreateRoundRectRgn
CreateRectRgn

comdlg32

GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExW
RegCloseKey
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumKeyA
OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegSetValueExW
RegSetValueW
RegSetValueA
RegQueryValueExW
RegQueryValueW
RegQueryValueA
RegQueryInfoKeyW
RegQueryValueExA
RegOpenKeyW
RegOpenKeyA
RegEnumValueW
RegEnumValueA
RegEnumKeyExW
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW
RegCreateKeyExA
RegCreateKeyW
RegCreateKeyA
RegFlushKey
RegSetValueExA

shell32

SHGetFileInfoA
DragAcceptFiles
SHGetMalloc
Shell_NotifyIconA
ShellExecuteA
SHGetSpecialFolderPathA
SHBrowseForFolderA
SHGetPathFromIDListA
ExtractIconA

comctl32

PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
_TrackMouseEvent
ord17

ole32

ReadClassStm
StringFromCLSID
ReadFmtUserTypeStg
CLSIDFromProgID
OleRun
OleDuplicateData
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadClassStg
CoTreatAsClass
OleSetClipboard
OleFlushClipboard
CreateOleAdviseHolder
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleLoadFromStream
OleSaveToStream
ReleaseStgMedium
CreateDataAdviseHolder
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoDisconnectObject
CreateDataCache
CoRevokeClassObject
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
GetRunningObjectTable
CreateItemMoniker
CreateBindCtx
MkParseDisplayName
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CLSIDFromString
StringFromGUID2
CoGetObject
CoCreateGuid
OleLockRunning
OleCreate
CreateStreamOnHGlobal
CoUninitialize
CoTaskMemFree
CoLoadLibrary
OleIsCurrentClipboard
CoFreeLibrary
OleSetContainedObject
CoRegisterClassObject

olepro32

ord253
ord254
ord250
ord251
ord252

oleaut32

SysAllocStringLen
SysStringLen
SysAllocString
LoadTypeLi
RegisterTypeLi
LoadRegTypeLi
VariantClear
SafeArrayUnaccessData
SafeArrayCreateVector
SafeArrayAccessData
SysStringByteLen
VariantChangeType
VariantCopy
SysReAllocStringLen
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
SysAllocStringByteLen
VarCyFromStr
VarBstrFromCy
VarDateFromStr
VarBstrFromDate
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysFreeString

urlmon

CreateAsyncBindCtx
CreateURLMoniker
IsAsyncMoniker
RegisterBindStatusCallback

imm32

ImmGetConversionStatus
ImmSetConversionStatus
ImmGetDefaultIMEWnd
ImmGetContext

wininet

InternetWriteFile
InternetGetLastResponseInfoA
GopherFindFirstFileA
InternetFindNextFileA
FtpFindFirstFileA
HttpSendRequestExA
HttpEndRequestA
InternetErrorDlg
GopherOpenFileA
GopherGetAttributeA
GopherCreateLocatorA
FtpGetFileA
FtpPutFileA
FtpOpenFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpRenameFileA
FtpDeleteFileA
InternetSetFilePointer
InternetGetCookieA
InternetSetStatusCallback
InternetSetOptionExA
InternetQueryOptionA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetConnectA
InternetOpenA
InternetOpenUrlA
HttpQueryInfoA
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle
InternetCanonicalizeUrlA
InternetCreateUrlA
InternetSetCookieA
InternetCrackUrlA
InternetSetOptionA

winmm

timeGetTime
mixerGetNumDevs
mixerGetLineControlsA
mixerOpen
mixerGetID
mixerGetLineInfoA
mixerGetDevCapsA
timeSetEvent
mixerClose
mixerGetControlDetailsA
mixerSetControlDetails

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 400KB - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GrLauncher.exe
.exe windows:4 windows x86 arch:x86

8781ca8d8288e3880e88f6f860cd6579

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetPrivateProfileStringW
GetPrivateProfileStringA
GetPrivateProfileIntW
GetModuleFileNameW
GetCurrentDirectoryW
GlobalAlloc
FreeLibrary
GetProcAddress
GetUserDefaultLangID
GetCurrentThread
WriteFile
SetThreadPriority
GetModuleHandleW
IsBadStringPtrW
IsBadWritePtr
IsBadReadPtr
GetStartupInfoW
lstrcpyW
FindResourceW
LoadResource
LockResource
GlobalHandle
GlobalFree
FreeResource
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
CreateProcessW
CloseHandle
DeleteFileW
WritePrivateProfileStringW
MoveFileW
GetTempPathW
GetFileAttributesW
GetFileSize
CreateFileW
ReadFile
WideCharToMultiByte
WaitForSingleObject
Sleep
MulDiv
GetTickCount
HeapDestroy
SetCurrentDirectoryW
InitializeCriticalSection
DeleteCriticalSection
lstrcmpW
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalUnlock
lstrlenA
lstrlenW
lstrcpynW

user32

GetClassInfoExW
DefWindowProcW
PostMessageW
SetWindowTextW
RegisterWindowMessageW
RegisterClassExW
DialogBoxIndirectParamW
SetWindowLongW
GetWindow
IsWindow
LoadCursorW
GetWindowTextW
GetWindowTextLengthW
GetWindowLongW
CallWindowProcW
GetSysColor
SetFocus
IsChild
GetFocus
ReleaseDC
GetDC
EndPaint
FillRect
GetClientRect
BeginPaint
SetWindowPos
GetSystemMetrics
PtInRect
DrawTextW
ShowWindow
LoadIconW
GetPropW
RemovePropW
SetPropW
GetForegroundWindow
ClientToScreen
ScreenToClient
TranslateMessage
MoveWindow
OffsetRect
CopyRect
FindWindowW
LoadStringW
GetWindowRect
SystemParametersInfoW
MapWindowPoints
PeekMessageW
DispatchMessageW
SetDlgItemTextW
KillTimer
EnableWindow
EndDialog
SetTimer
GetDlgItem
SendMessageW
InvalidateRgn
InvalidateRect
SetCapture
ReleaseCapture
wsprintfW
CreateWindowExW
DestroyWindow
CreateAcceleratorTableW
GetDesktopWindow
GetParent
GetClassNameW
RedrawWindow

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
CreateSolidBrush
GetObjectW
GetStockObject
GetTextExtentPoint32W
GetTextMetricsW
ExtTextOutW
SetBkColor
SelectObject
SetBkMode
SetTextColor
BitBlt
GetDeviceCaps
DeleteDC

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

ole32

CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
OleLockRunning

oleaut32

VariantClear
SysStringLen
LoadRegTypeLi
SysAllocString
SysAllocStringLen
SysFreeString
OleCreateFontIndirect

wininet

InternetOpenW
InternetSetOptionW
InternetOpenUrlW
HttpQueryInfoW
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle
InternetCanonicalizeUrlW

msvcrt

calloc
_wcsicmp
wcsncmp
_except_handler3
wcstok
wcsrchr
malloc
wcscmp
wcscat
_wmkdir
rand
wcscpy
wcslen
memset
strlen
strstr
free
memcmp
??2@YAPAXI@Z
memcpy
??3@YAXPAX@Z
time
__CxxFrameHandler
_beginthread
_endthread
_wcsdup
_wtoi
swscanf
memmove
wcschr
wcsstr
vswprintf
swprintf
iswdigit
iswspace
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__dllonexit
_onexit
?terminate@@YAXXZ
_controlfp
_exit

comctl32

InitCommonControlsEx
ord17

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
KillGom.exe
.exe windows:4 windows x86 arch:x86

022335ba51d5d3c088f1c0ea43d44ea3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32Next
GetCurrentProcessId
OpenProcess
TerminateProcess
CloseHandle
Process32First
CreateToolhelp32Snapshot
GetModuleHandleA
GetStartupInfoA

user32

MessageBoxA

msvcrt

_mbsicmp
_exit
_XcptFilter
exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_acmdln

Sections

.text
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
libavcodec.dll
.dll windows:4 windows x86 arch:x86

52d2d4d39ca9fa7c3dcbc069ea591199

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DisableThreadLibraryCalls
DuplicateHandle
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetSystemInfo
GetThreadContext
GetThreadPriority
GetVersionExA
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
OpenProcess
ReleaseSemaphore
ResetEvent
ResumeThread
SetEvent
SetLastError
SetThreadContext
SetThreadPriority
Sleep
SuspendThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte

msvcrt

_close
_lseek
_open
_read
_write
__dllonexit
__lc_codepage
__mb_cur_max
_assert
_beginthreadex
_endthreadex
_errno
_ftime
_iob
_isctype
_pctype
_setjmp
_snprintf
_vsnprintf
_winmajor
abort
acos
asin
atan
calloc
ceil
cos
cosh
exit
exp
fflush
floor
fputc
fputs
free
frexp
fwrite
getenv
ldexp
localeconv
log
longjmp
malloc
memchr
memcmp
memcpy
memmove
memset
pow
qsort
realloc
sin
sinh
sqrt
sscanf
strcat
strchr
strcmp
strcpy
strerror
strlen
strncmp
strtol
tan
tanh
toupper
vfprintf
wcslen

ws2_32

WSAGetLastError
WSASetLastError

Exports

Exports

av_dxva
av_free
av_h264_decode_frame
av_init_packet
av_log_get_callback
av_log_get_level
av_log_set_callback
av_log_set_level
av_mallocz
avcodec_alloc_context
avcodec_alloc_frame
avcodec_close
avcodec_decode_video2
avcodec_encode_video
avcodec_find_decoder
avcodec_find_encoder
avcodec_flush_buffers
avcodec_init
avcodec_open
avcodec_register_all
avcodec_thread_free
avcodec_thread_init
avpicture_deinterlace
dsputil_init
img_resample
img_resample_close
img_resample_init
palette8tobgr15
palette8tobgr16
palette8tobgr24
palette8tobgr32
palette8torgb15
palette8torgb16
palette8torgb24
palette8torgb32
sws_convertPalette8ToPacked24
sws_convertPalette8ToPacked32
sws_freeContext
sws_freeFilter
sws_freeVec
sws_getConstVec
sws_getContext
sws_getDefaultFilter
sws_getGaussianVec
sws_normalizeVec
sws_scale

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 327KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 3.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Code Sign

3c:91:31:cb:1f:f6:d0:1b:0e:9a:b8:d0:44:bf:12:beCertificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fdCertificate

Extended Key Usages

Key Usages

14:72:bf:53:17:e0:96:5c:87:9e:f9:89:eb:68:64:adCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 40KB

.rsrc Size: 72KB - Virtual size: 72KB

d347bd7fee30a85a5438127ef69a20d9

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: - Virtual size: 132B

.reloc Size: 512B - Virtual size: 442B

c56daabd0b59e7a0804d633593e01907

Headers

File Characteristics

Imports

user32

Exports

Exports

Sections

.text Size: 512B - Virtual size: 102B

.rdata Size: 512B - Virtual size: 204B

.data Size: - Virtual size: 12B

.reloc Size: 512B - Virtual size: 48B

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

3c:91:31:cb:1f:f6:d0:1b:0e:9a:b8:d0:44:bf:12:be
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

14:72:bf:53:17:e0:96:5c:87:9e:f9:89:eb:68:64:ad
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 40KB

.rsrc
Size: 72KB - Virtual size: 72KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: - Virtual size: 132B

.reloc
Size: 512B - Virtual size: 442B

.text
Size: 512B - Virtual size: 102B

.rdata
Size: 512B - Virtual size: 204B

.data
Size: - Virtual size: 12B

.reloc
Size: 512B - Virtual size: 48B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 512B - Virtual size: 368B

.rdata
Size: 512B - Virtual size: 361B

.data
Size: 512B - Virtual size: 53B

.reloc
Size: 512B - Virtual size: 88B

.text
Size: 1024B - Virtual size: 741B

.rdata
Size: 1024B - Virtual size: 673B

.data
Size: 512B - Virtual size: 88B

.reloc
Size: 512B - Virtual size: 190B

3c:91:31:cb:1f:f6:d0:1b:0e:9a:b8:d0:44:bf:12:be
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

14:72:bf:53:17:e0:96:5c:87:9e:f9:89:eb:68:64:ad
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

.text
Size: 183KB - Virtual size: 182KB