f47e407b0f3de51470f45380d6bda796_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f47e407b0f3de51470f45380d6bda796_JaffaCakes118
Size

23.5MB
MD5

f47e407b0f3de51470f45380d6bda796
SHA1

7112dc016db553729a2cc1b1a7bfe180bf0b904a
SHA256

4e90cf924c0d2c0def40254b772e3be623a7f1aa0b5f23ed06f3f276ecb03972
SHA512

c67f8a819c948b1d9380b30329c86a7e4f06f2cabdf6b96f91b774aa3b5afe847353ecb0f237000c9ca3cfda47e1a2a768649cb0ce6ecf042698eec5564c30ff
SSDEEP

393216:IMKCLaX97uEPdF64FrzLZuMQXWqMvoVuphtILpbZcLU4963AwsJursD0fqYXCL1G:uOaX3dF6CZtMV+hGdmLU4BZJD0fqDOPX

Score

3^/10

Malware Config

Signatures

Unsigned PE 29 IoCs

Checks for missing Authenticode signature.

resource
f47e407b0f3de51470f45380d6bda796_JaffaCakes118
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/KillProcDLL.dll
unpack001/$PLUGINSDIR/ServiceBlock.dll
unpack001/$SYSDIR/ff_vfw.dll
unpack001/$SYSDIR/pthreadGC2.dll
unpack001/CFڵ/CFCodecUpdate.exe
unpack001/CFڵ/FilterSetup.exe
unpack001/CFڵ/cfup.exe
unpack001/CFڵ/video/ffdshow/TomsMoComp_ff.dll
unpack001/CFڵ/video/ffdshow/ff_kernelDeint.dll
unpack001/CFڵ/video/ffdshow/ff_liba52.dll
unpack001/CFڵ/video/ffdshow/ff_libdts.dll
unpack001/CFڵ/video/ffdshow/ff_libfaad2.dll
unpack001/CFڵ/video/ffdshow/ff_libmad.dll
unpack001/CFڵ/video/ffdshow/ff_realaac.dll
unpack001/CFڵ/video/ffdshow/ff_samplerate.dll
unpack001/CFڵ/video/ffdshow/ff_theora.dll
unpack001/CFڵ/video/ffdshow/ff_tremor.dll
unpack001/CFڵ/video/ffdshow/ff_unrar.dll
unpack001/CFڵ/video/ffdshow/ff_vfw.dll
unpack001/CFڵ/video/ffdshow/ff_wmv9.dll
unpack001/CFڵ/video/ffdshow/ff_x264.dll
unpack001/CFڵ/video/ffdshow/ffdshow.ax
unpack001/CFڵ/video/ffdshow/libavcodec.dll
unpack001/CFڵ/video/ffdshow/libmpeg2_ff.dll
unpack001/CFڵ/video/ffdshow/libmplayer.dll
unpack001/CFڵ/video/ffdshow/pthreadGC2.dll
unpack001/CFڵ/video/ffdshow/xvidcore.dll

NSIS installer 1 IoCs

installer

resource	yara_rule
sample	nsis_installer_1

Files

f47e407b0f3de51470f45380d6bda796_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55f3dfd13c0557d3e32bcbc604441dd3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CloseHandle
ExitProcess
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

922b855d216a21490e4bcbf6c29b7f7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GetModuleHandleA
GetPrivateProfileIntA
GlobalAlloc
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
lstrcmpiA

user32

GetDlgCtrlID
GetClientRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
MapWindowPoints
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
PtInRect
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
SendMessageA
SetWindowTextA
GetWindowTextA
wsprintfA
CharNextA
CreateWindowExA

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

comdlg32

GetOpenFileNameA
CommDlgExtendedError
GetSaveFileNameA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
ShellExecuteA

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 930B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
GlobalFree
lstrcpyA
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
RtlUnwind
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP

Exports

Exports

KillProc

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ServiceBlock.dll
.dll windows:4 windows x86 arch:x86

4df004908141990e14e24741df59afe8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_onexit
__dllonexit
??1type_info@@UAE@XZ
??3@YAXPAX@Z
_adjust_fdiv
malloc
_initterm
free
??2@YAPAXI@Z
_EH_prolog
__CxxFrameHandler

kernel32

LocalFree
LocalAlloc
DeleteFileA
lstrcpyA
MoveFileExA
GlobalFree
Sleep

advapi32

CloseServiceHandle
ChangeServiceConfigA
OpenSCManagerA
OpenServiceA
ControlService
DeleteService

mfc42

ord1182
ord1253
ord1570
ord1197
ord1243
ord1577
ord1168
ord1575
ord1176
ord1116
ord342
ord269
ord826
ord600
ord1578
ord6467
ord1255

Exports

Exports

ServiceBlock
ServiceDelete

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$SYSDIR/ff_vfw.dll
.dll windows:4 windows x86 arch:x86

d01523ec21c763fcdd3e9d781afd93ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
DisableThreadLibraryCalls

ole32

CoUninitialize
CoCreateInstance
CoInitialize

msvcr71

malloc
??2@YAPAXI@Z
??3@YAXPAX@Z
wcscpy
_onexit
free
_initterm
__dllonexit
_adjust_fdiv
__CppXcptFilter
_except_handler3

winmm

DefDriverProc

comctl32

ord17

Exports

Exports

DriverProc
configureVFW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 975B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 290B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/ff_vfw.dll.manifest
.xml
$SYSDIR/pthreadGC2.dll
.dll windows:4 windows x86 arch:x86

4ed4b97c004af0f3c95aeb69c247d60b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FindAtomA
FreeLibrary
GetAtomNameA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetLastError
GetProcAddress
GetProcessAffinityMask
GetThreadContext
GetThreadPriority
InitializeCriticalSection
InterlockedDecrement
InterlockedExchangeAdd
LeaveCriticalSection
LoadLibraryA
OpenProcess
ReleaseSemaphore
ResetEvent
ResumeThread
SetEvent
SetLastError
SetThreadContext
SetThreadPriority
Sleep
SuspendThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForMultipleObjects
WaitForSingleObject

msvcrt

__dllonexit
_beginthreadex
_endthreadex
_errno
_ftime
_setjmp
abort
calloc
exit
fflush
free
longjmp
malloc

wsock32

WSAGetLastError
WSASetLastError

Exports

Exports

pthreadCancelableTimedWait
pthreadCancelableWait
pthread_attr_destroy
pthread_attr_getdetachstate
pthread_attr_getinheritsched
pthread_attr_getschedparam
pthread_attr_getschedpolicy
pthread_attr_getscope
pthread_attr_getstackaddr
pthread_attr_getstacksize
pthread_attr_init
pthread_attr_setdetachstate
pthread_attr_setinheritsched
pthread_attr_setschedparam
pthread_attr_setschedpolicy
pthread_attr_setscope
pthread_attr_setstackaddr
pthread_attr_setstacksize
pthread_barrier_destroy
pthread_barrier_init
pthread_barrier_wait
pthread_barrierattr_destroy
pthread_barrierattr_getpshared
pthread_barrierattr_init
pthread_barrierattr_setpshared
pthread_cancel
pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_init
pthread_cond_signal
pthread_cond_timedwait
pthread_cond_wait
pthread_condattr_destroy
pthread_condattr_getpshared
pthread_condattr_init
pthread_condattr_setpshared
pthread_create
pthread_delay_np
pthread_detach
pthread_equal
pthread_exit
pthread_getconcurrency
pthread_getschedparam
pthread_getspecific
pthread_getw32threadhandle_np
pthread_join
pthread_key_create
pthread_key_delete
pthread_kill
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_timedlock
pthread_mutex_trylock
pthread_mutex_unlock
pthread_mutexattr_destroy
pthread_mutexattr_getkind_np
pthread_mutexattr_getpshared
pthread_mutexattr_gettype
pthread_mutexattr_init
pthread_mutexattr_setkind_np
pthread_mutexattr_setpshared
pthread_mutexattr_settype
pthread_num_processors_np
pthread_once
pthread_rwlock_destroy
pthread_rwlock_init
pthread_rwlock_rdlock
pthread_rwlock_timedrdlock
pthread_rwlock_timedwrlock
pthread_rwlock_tryrdlock
pthread_rwlock_trywrlock
pthread_rwlock_unlock
pthread_rwlock_wrlock
pthread_rwlockattr_destroy
pthread_rwlockattr_getpshared
pthread_rwlockattr_init
pthread_rwlockattr_setpshared
pthread_self
pthread_setcancelstate
pthread_setcanceltype
pthread_setconcurrency
pthread_setschedparam
pthread_setspecific
pthread_spin_destroy
pthread_spin_init
pthread_spin_lock
pthread_spin_trylock
pthread_spin_unlock
pthread_testcancel
pthread_timechange_handler_np
pthread_win32_process_attach_np
pthread_win32_process_detach_np
pthread_win32_test_features_np
pthread_win32_thread_attach_np
pthread_win32_thread_detach_np
ptw32_get_exception_services_code
ptw32_pop_cleanup
ptw32_push_cleanup
sched_get_priority_max
sched_get_priority_min
sched_getscheduler
sched_setscheduler
sched_yield
sem_close
sem_destroy
sem_getvalue
sem_init
sem_open
sem_post
sem_post_multiple
sem_timedwait
sem_trywait
sem_unlink
sem_wait

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 368B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 740B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
CFڵ/CFCodecUpdate.exe
.exe windows:4 windows x86 arch:x86

d87ae21b65b2c0df436703038223dc3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpQueryInfoA
InternetSetFilePointer
InternetOpenUrlA
InternetReadFile
InternetQueryDataAvailable
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetCloseHandle

mfc42

ord3597
ord1146
ord1168
ord324
ord2302
ord4234
ord1105
ord4299
ord6215
ord4287
ord4710
ord2379
ord755
ord470
ord823
ord2446
ord2864
ord535
ord1768
ord6130
ord860
ord6781
ord3988
ord5710
ord858
ord4129
ord2764
ord540
ord800
ord537
ord5683
ord2820
ord3811
ord5280
ord6055
ord1776
ord5290
ord3402
ord3698
ord3571
ord4425
ord2614
ord567
ord3663
ord3626
ord2414
ord4275
ord640
ord6172
ord2818
ord5789
ord2860
ord2754
ord1641
ord5785
ord1640
ord323
ord3742
ord3619
ord3573
ord801
ord818
ord541
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord5873
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord283
ord5875
ord6194
ord6021
ord2859
ord2847
ord6129
ord5148
ord3756
ord3754
ord6143
ord4627
ord5277
ord2124
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord4998
ord4853
ord4376
ord5265
ord1134
ord2621
ord2514
ord641
ord815
ord561
ord3738
ord4424
ord4622
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord825
ord4673
ord765
ord1576

msvcrt

atan2
strstr
_except_handler3
?terminate@@YAXXZ
__dllonexit
_onexit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
_controlfp
sqrt
log
exp
pow
memset
memcpy
strlen
strcpy
strtod
getenv
sscanf
exit
strtok
vfprintf
strchr
atof
_iob
memmove
fprintf
__mb_cur_max
_isctype
_pctype
abort
vsprintf
tmpnam
_CIfmod
_CIacos
div
isprint
strncpy
printf
__CxxLongjmpUnwind
_setjmp3
longjmp
ceil
_cabs
rand
qsort
_CIpow
_mbslen
calloc
_mbsnbcpy
_CxxThrowException
floor
realloc
malloc
free
_ftol
_open
_atoi64
strncmp
_write
sprintf
_close
_unlink
atoi
_mbscmp
_splitpath
__CxxFrameHandler
getc
fputc
fflush
ftell
fseek
fwrite
fread
fopen
fclose
_purecall
_itoa
_setmode
_read
_lseek
_strdup
_setmbcp
fabs

kernel32

GetStartupInfoA
GetModuleHandleA
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GetModuleFileNameA
GetSystemDirectoryA
CreateFileA
WriteFile
CloseHandle
lstrlenA
Sleep
GetVersionExA
FindResourceA
LoadResource
LockResource
SizeofResource

user32

TabbedTextOutA
FillRect
ReleaseDC
LoadBitmapA
InflateRect
GetSysColor
GetWindowRect
EnableWindow
ReleaseCapture
SetCapture
InvalidateRect
GrayStringA
GetCursorPos
ScreenToClient
PtInRect
GetAsyncKeyState
DrawTextA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SendMessageA
MoveWindow
SetRect
LoadIconA
GetIconInfo
GetDC

gdi32

Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
CreateDIBitmap
LPtoDP
GetMapMode
DPtoLP
GetBkColor
CreateCompatibleBitmap
BitBlt
GetTextExtentPoint32A
CreateCompatibleDC
CreateSolidBrush
SelectObject
DeleteDC
GetDIBits
RealizePalette
DeleteObject
SetDIBitsToDevice
SetStretchBltMode
ExtSelectClipRgn
GetViewportExtEx
CreateRectRgnIndirect
SetEnhMetaFileBits
GetEnhMetaFileHeader
SetWinMetaFileBits
GetDeviceCaps
DeleteEnhMetaFile
GetEnhMetaFilePaletteEntries
CreatePalette
SelectPalette
PlayEnhMetaFile
CreateRectRgn
CombineRgn
CreateFontIndirectA
GetStockObject
SetTextColor
SetBkMode
StretchDIBits
CreateBitmap
SetBkColor
StretchBlt
GetClipBox
GetObjectA
CreateFontA
CreateDIBSection

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
StartServiceA
ChangeServiceConfigA
QueryServiceStatus
OpenServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegSetValueExA

shell32

SHGetSpecialFolderPathA
ShellExecuteA

urlmon

URLDownloadToFileA

Exports

Exports

??0CxExifInfo@CxImageJPG@@QAE@PAUtag_ExifInfo@1@@Z
??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxImage@@QAE@ABV0@_N11@Z
??0CxImage@@QAE@K@Z
??0CxImage@@QAE@KKKK@Z
??0CxImage@@QAE@PAEKK@Z
??0CxImage@@QAE@PAU_iobuf@@K@Z
??0CxImage@@QAE@PAVCxFile@@K@Z
??0CxImage@@QAE@PBDK@Z
??0CxImageGIF@@QAE@ABV0@@Z
??0CxImageGIF@@QAE@XZ
??0CxImageJPG@@QAE@ABV0@@Z
??0CxImageJPG@@QAE@XZ
??0CxImageTIF@@QAE@ABV0@@Z
??0CxImageTIF@@QAE@XZ
??0CxMemFile@@QAE@ABV0@@Z
??0CxMemFile@@QAE@PAEK@Z
??0CxPoint2@@QAE@ABV0@@Z
??0CxPoint2@@QAE@MM@Z
??0CxPoint2@@QAE@XZ
??0CxRect2@@QAE@ABV0@@Z
??0CxRect2@@QAE@MMMM@Z
??0CxRect2@@QAE@XZ
??1CxExifInfo@CxImageJPG@@QAE@XZ
??1CxFile@@UAE@XZ
??1CxIOFile@@UAE@XZ
??1CxImage@@UAE@XZ
??1CxImageGIF@@UAE@XZ
??1CxImageJPG@@UAE@XZ
??1CxImageTIF@@UAE@XZ
??1CxMemFile@@UAE@XZ
??4CxExifInfo@CxImageJPG@@QAEAAV01@ABV01@@Z
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxIOFile@@QAEAAV0@ABV0@@Z
??4CxImage@@QAEAAV0@ABV0@@Z
??4CxImageGIF@@QAEAAV0@ABV0@@Z
??4CxImageJPG@@QAEAAV0@ABV0@@Z
??4CxImageTIF@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??4CxPoint2@@QAEAAV0@ABV0@@Z
??4CxRect2@@QAEAAV0@ABV0@@Z
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxImageGIF@@6B@
??_7CxImageJPG@@6B@
??_7CxImageTIF@@6B@
??_7CxMemFile@@6B@
??_FCxExifInfo@CxImageJPG@@QAEXXZ
??_FCxIOFile@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXABV0@@Z
?AddAveragingCont@CxImage@@IAEXABUtagRGBQUAD@@MAAM111@Z
?Alloc@CxMemFile@@IAEXK@Z
?AlphaClear@CxImage@@QAEXXZ
?AlphaCopy@CxImage@@QAE_NAAV1@@Z
?AlphaCreate@CxImage@@QAEXXZ
?AlphaDelete@CxImage@@QAEXXZ
?AlphaFlip@CxImage@@QAE_NXZ
?AlphaGet@CxImage@@QAEEJJ@Z
?AlphaGetMax@CxImage@@QBEEXZ
?AlphaGetPointer@CxImage@@QAEPAEJJ@Z
?AlphaInvert@CxImage@@QAEXXZ
?AlphaIsValid@CxImage@@QAE_NXZ
?AlphaMirror@CxImage@@QAE_NXZ
?AlphaPaletteClear@CxImage@@QAEXXZ
?AlphaPaletteEnable@CxImage@@QAEX_N@Z
?AlphaPaletteIsEnabled@CxImage@@QAE_NXZ
?AlphaPaletteIsValid@CxImage@@QAE_NXZ
?AlphaPaletteSplit@CxImage@@QAE_NPAV1@@Z
?AlphaSet@CxImage@@QAEXE@Z
?AlphaSet@CxImage@@QAEXJJE@Z
?AlphaSet@CxImage@@QAE_NAAV1@@Z
?AlphaSetMax@CxImage@@QAEXE@Z
?AlphaSplit@CxImage@@QAE_NPAV1@@Z
?AlphaStrip@CxImage@@QAEXXZ
?Bitfield2RGB@CxImage@@IAEXPAEGGGE@Z
?BlendPalette@CxImage@@QAEXKJ@Z
?BlendPixelColor@CxImage@@QAEXJJUtagRGBQUAD@@M_N@Z
?BlindAlphaGet@CxImage@@IAEEJJ@Z
?BlindGetPixelColor@CxImage@@IAE?AUtagRGBQUAD@@JJ@Z
?BlindGetPixelIndex@CxImage@@IAEEJJ@Z
?BlindGetPixelPointer@CxImage@@IAEPAXJJ@Z
?Center@CxRect2@@QBE?AVCxPoint2@@XZ
?CircleTransform@CxImage@@QAE_NHJM@Z
?Clear@CxImage@@QAEXE@Z
?Close@CxIOFile@@UAE_NXZ
?Close@CxMemFile@@UAE_NXZ
?Colorize@CxImage@@QAE_NEEM@Z
?Combine@CxImage@@QAE_NPAV1@000J@Z
?CompareColors@CxImage@@KAHPBX0@Z
?Contour@CxImage@@QAE_NXZ
?ConvertAnyFormat@CxExifInfo@CxImageJPG@@IAENPAXH@Z
?Copy@CxImage@@QAEXABV1@_N11@Z
?CopyInfo@CxImage@@IAEXABV1@@Z
?CopyToHandle@CxImage@@QAEPAXXZ
?Create@CxImage@@QAEPAXKKKK@Z
?CreateFromArray@CxImage@@QAE_NPAEKKKK_N@Z
?CreateFromHANDLE@CxImage@@QAE_NPAX@Z
?CreateFromHBITMAP@CxImage@@QAE_NPAUHBITMAP__@@PAUHPALETTE__@@@Z
?CreateFromHICON@CxImage@@QAE_NPAUHICON__@@@Z
?CreateFromMatrix@CxImage@@QAE_NPAPAEKKKK_N@Z
?Crop@CxImage@@QAE_NABUtagRECT@@PAV1@@Z
?Crop@CxImage@@QAE_NJJJJPAV1@@Z
?CropRotatedRectangle@CxImage@@QAE_NJJJJMPAV1@@Z
?CrossSection@CxRect2@@QBE?AV1@ABV1@@Z
?DFT@CxImage@@IAE_NHJPAN000@Z
?Decode@CxImage@@QAE_NPAEKK@Z
?Decode@CxImage@@QAE_NPAU_iobuf@@K@Z
?Decode@CxImage@@QAE_NPAVCxFile@@K@Z
?Decode@CxImageGIF@@QAE_NPAU_iobuf@@@Z
?Decode@CxImageGIF@@QAE_NPAVCxFile@@@Z
?Decode@CxImageJPG@@QAE_NPAU_iobuf@@@Z
?Decode@CxImageJPG@@QAE_NPAVCxFile@@@Z
?Decode@CxImageTIF@@QAE_NPAU_iobuf@@@Z
?Decode@CxImageTIF@@QAE_NPAVCxFile@@@Z
?DecodeExif@CxExifInfo@CxImageJPG@@QAE_NPAVCxFile@@H@Z
?DecodeExif@CxImageJPG@@QAE_NPAU_iobuf@@@Z
?DecodeExif@CxImageJPG@@QAE_NPAVCxFile@@@Z
?DecodeExtension@CxImageGIF@@IAE_NPAVCxFile@@@Z
?DecreaseBpp@CxImage@@QAE_NK_NPAUtagRGBQUAD@@K@Z
?Destroy@CxImage@@QAE_NXZ
?Dilate@CxImage@@QAE_NJ@Z
?DiscardAllButExif@CxExifInfo@CxImageJPG@@QAEXXZ
?Distance@CxPoint2@@QAEMMM@Z
?Distance@CxPoint2@@QAEMV1@@Z
?Dither@CxImage@@QAE_NJ@Z
?Draw2@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@@Z
?Draw2@CxImage@@QAEJPAUHDC__@@JJJJ@Z
?Draw@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@PAU3@_N@Z
?Draw@CxImage@@QAEJPAUHDC__@@JJJJPAUtagRECT@@_N@Z
?DrawLine@CxImage@@QAEXHHHHK@Z
?DrawLine@CxImage@@QAEXHHHHUtagRGBQUAD@@_N@Z
?DrawString@CxImage@@QAEJPAUHDC__@@JJPBDUtagRGBQUAD@@1JJEE_N@Z
?DrawStringEx@CxImage@@QAEJPAUHDC__@@JJPAUtagCxTextInfo@1@_N@Z
?Edge@CxImage@@QAE_NJ@Z
?Enable@CxImage@@QAEX_N@Z
?Encode2RGBA@CxImage@@QAE_NAAPAEAAJ@Z
?Encode2RGBA@CxImage@@QAE_NPAVCxFile@@@Z
?Encode@CxImage@@QAE_NAAPAEAAJK@Z
?Encode@CxImage@@QAE_NPAU_iobuf@@K@Z
?Encode@CxImage@@QAE_NPAU_iobuf@@PAPAV1@HK@Z
?Encode@CxImage@@QAE_NPAVCxFile@@K@Z
?Encode@CxImage@@QAE_NPAVCxFile@@PAPAV1@HK@Z
?Encode@CxImageGIF@@QAE_NPAU_iobuf@@@Z
?Encode@CxImageGIF@@QAE_NPAU_iobuf@@PAPAVCxImage@@H_N@Z
?Encode@CxImageGIF@@QAE_NPAVCxFile@@@Z
?Encode@CxImageGIF@@QAE_NPAVCxFile@@PAPAVCxImage@@H_N@Z
?Encode@CxImageJPG@@QAE_NPAU_iobuf@@@Z
?Encode@CxImageJPG@@QAE_NPAVCxFile@@@Z
?Encode@CxImageTIF@@QAE_NPAU_iobuf@@PAPAVCxImage@@H@Z
?Encode@CxImageTIF@@QAE_NPAU_iobuf@@_N@Z
?Encode@CxImageTIF@@QAE_NPAVCxFile@@PAPAVCxImage@@H@Z
?Encode@CxImageTIF@@QAE_NPAVCxFile@@_N@Z
?EncodeBody@CxImageGIF@@IAEXPAVCxFile@@_N@Z
?EncodeBody@CxImageTIF@@IAE_NPAUtiff@@_NHH@Z
?EncodeComment@CxImageGIF@@IAEXPAVCxFile@@@Z
?EncodeExif@CxExifInfo@CxImageJPG@@QAE_NPAVCxFile@@@Z
?EncodeExtension@CxImageGIF@@IAEXPAVCxFile@@@Z
?EncodeHeader@CxImageGIF@@IAEXPAVCxFile@@@Z
?EncodeLoopExtension@CxImageGIF@@IAEXPAVCxFile@@@Z
?EncodeRGB@CxImageGIF@@IAE_NPAVCxFile@@@Z
?EncodeSafeCheck@CxImage@@IAE_NPAVCxFile@@@Z
?Eof@CxIOFile@@UAE_NXZ
?Eof@CxMemFile@@UAE_NXZ
?Erode@CxImage@@QAE_NJ@Z
?Error@CxIOFile@@UAEJXZ
?Error@CxMemFile@@UAEJXZ
?Expand@CxImage@@QAE_NJJJJUtagRGBQUAD@@PAV1@@Z
?Expand@CxImage@@QAE_NJJUtagRGBQUAD@@PAV1@@Z
?FFT2@CxImage@@QAE_NPAV1@000J_N1@Z
?FFT@CxImage@@IAE_NHHPAN0@Z
?Filter@CxImage@@QAE_NPAJJJJ@Z
?FindSection@CxExifInfo@CxImageJPG@@IAEPAXH@Z
?Flip@CxImage@@QAE_NXZ
?Flush@CxIOFile@@UAE_NXZ
?Flush@CxMemFile@@UAE_NXZ
?Free@CxMemFile@@IAEXXZ
?FreeMemory@CxImage@@QAEXPAX@Z
?Gamma@CxImage@@QAE_NM@Z
?Get16m@CxExifInfo@CxImageJPG@@IAEHPAX@Z
?Get16u@CxExifInfo@CxImageJPG@@IAEHPAX@Z
?Get32s@CxExifInfo@CxImageJPG@@IAEJPAX@Z
?Get32u@CxExifInfo@CxImageJPG@@IAEKPAX@Z
?GetAreaColorInterpolated@CxImage@@QAE?AUtagRGBQUAD@@MMMMW4InterpolationMethod@1@W4OverflowMethod@1@QAU2@@Z
?GetBits@CxImage@@QAEPAEK@Z
?GetBpp@CxImage@@QBEGXZ
?GetBuffer@CxMemFile@@QAEPAE_N@Z
?GetC@CxIOFile@@UAEJXZ
?GetC@CxMemFile@@UAEJXZ
?GetClrImportant@CxImage@@QBEKXZ
?GetCodecOption@CxImage@@QAEKK@Z
?GetColorType@CxImage@@QAEEXZ
?GetComment@CxImageGIF@@QAEXPAD@Z
?GetDIB@CxImage@@QBEPAXXZ
?GetDisposalMethod@CxImageGIF@@QAEJXZ
?GetEffWidth@CxImage@@QBEKXZ
?GetEscape@CxImage@@QBEJXZ
?GetFlags@CxImage@@QBEKXZ
?GetFrame@CxImage@@QBEJXZ
?GetFrameDelay@CxImage@@QBEKXZ
?GetHeight@CxImage@@QBEKXZ
?GetJpegQuality@CxImage@@QBEEXZ
?GetJpegScale@CxImage@@QBEEXZ
?GetLastError@CxImage@@QAEPBDXZ
?GetLoops@CxImageGIF@@QAEJXZ
?GetNearestIndex@CxImage@@QAEEUtagRGBQUAD@@@Z
?GetNumColors@CxImage@@QBEKXZ
?GetNumFrames@CxImage@@QBEJXZ
?GetOffset@CxImage@@QAEXPAJ0@Z
?GetPalette@CxImage@@QBEPAUtagRGBQUAD@@XZ
?GetPaletteColor@CxImage@@QAE?AUtagRGBQUAD@@E@Z
?GetPaletteColor@CxImage@@QAE_NEPAE00@Z
?GetPaletteSize@CxImage@@QAEKXZ
?GetPixelColor@CxImage@@QAE?AUtagRGBQUAD@@JJ_N@Z
?GetPixelColorInterpolated@CxImage@@QAE?AUtagRGBQUAD@@MMW4InterpolationMethod@1@W4OverflowMethod@1@QAU2@@Z
?GetPixelColorWithOverflow@CxImage@@QAE?AUtagRGBQUAD@@JJW4OverflowMethod@1@QAU2@@Z
?GetPixelGray@CxImage@@QAEEJJ@Z
?GetPixelIndex@CxImage@@QAEEJJ@Z
?GetProgress@CxImage@@QBEJXZ
?GetSize@CxImage@@QAEJXZ
?GetTransColor@CxImage@@QAE?AUtagRGBQUAD@@XZ
?GetTransIndex@CxImage@@QBEJXZ
?GetType@CxImage@@QBEKXZ
?GetVersion@CxImage@@QAEPBDXZ
?GetVersionNumber@CxImage@@QAE?BMXZ
?GetWidth@CxImage@@QBEKXZ
?GetXDPI@CxImage@@QBEJXZ
?GetYDPI@CxImage@@QBEJXZ
?Ghost@CxImage@@IAEXPAV1@@Z
?GifMix@CxImageGIF@@IAEXAAVCxImage@@AAUtag_image@1@@Z
?GifNextPixel@CxImageGIF@@IAEHXZ
?GrayScale@CxImage@@QAE_NXZ
?HSLtoRGB@CxImage@@SA?AUtagRGBQUAD@@K@Z
?HSLtoRGB@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?Height@CxRect2@@QBEMXZ
?HuePalette@CxImage@@QAEXM@Z
?HueToRGB@CxImage@@KAMMMM@Z
?IncreaseBpp@CxImage@@QAE_NK@Z
?InitTextInfo@CxImage@@QAEXPAUtagCxTextInfo@1@@Z
?IsEnabled@CxImage@@QBE_NXZ
?IsGrayScale@CxImage@@QAE_NXZ
?IsIndexed@CxImage@@QBE_NXZ
?IsInside@CxImage@@QAE_NJJ@Z
?IsPowerof2@CxImage@@IAE_NJ@Z
?IsSamePalette@CxImage@@QAE_NAAV1@_N@Z
?IsTransparent@CxImage@@QAE_NJJ@Z
?IsTransparent@CxImage@@QBE_NXZ
?IsValid@CxImage@@QBE_NXZ
?Jitter@CxImage@@QAE_NJ@Z
?KernelBSpline@CxImage@@SAMM@Z
?KernelBessel@CxImage@@SAMM@Z
?KernelBessel_J1@CxImage@@SAMM@Z
?KernelBessel_Order1@CxImage@@SAMM@Z
?KernelBessel_P1@CxImage@@SAMM@Z
?KernelBessel_Q1@CxImage@@SAMM@Z
?KernelBlackman@CxImage@@SAMM@Z
?KernelBox@CxImage@@SAMM@Z
?KernelCatrom@CxImage@@SAMM@Z
?KernelCubic@CxImage@@SAMM@Z
?KernelGaussian@CxImage@@SAMM@Z
?KernelGeneralizedCubic@CxImage@@SAMMM@Z
?KernelHamming@CxImage@@SAMM@Z
?KernelHermite@CxImage@@SAMM@Z
?KernelLanczosSinc@CxImage@@SAMMM@Z
?KernelLinear@CxImage@@SAMM@Z
?KernelMitchell@CxImage@@SAMM@Z
?KernelQuadratic@CxImage@@SAMM@Z
?KernelSinc@CxImage@@SAMM@Z
?Light@CxImage@@QAE_NJJ@Z
?Load@CxImage@@QAE_NPBDK@Z
?LoadResource@CxImage@@QAE_NPAUHRSRC__@@KPAUHINSTANCE__@@@Z
?Lut@CxImage@@QAE_NPAE000@Z
?Lut@CxImage@@QAE_NPAE@Z
?MakeBitmap@CxImage@@QAEPAUHBITMAP__@@PAUHDC__@@@Z
?Mean@CxImage@@QAEMXZ
?Median@CxImage@@QAE_NJ@Z
?Mirror@CxImage@@QAE_NXZ
?Mix@CxImage@@QAEXAAV1@W4ImageOpType@1@JJ_N@Z
?MixFrom@CxImage@@QAEXAAV1@JJ@Z
?Negative@CxImage@@QAE_NXZ
?Noise@CxImage@@QAE_NJ@Z
?Open@CxIOFile@@QAE_NPBD0@Z
?Open@CxMemFile@@QAE_NXZ
?OverflowCoordinates@CxImage@@QAEXAAJ0W4OverflowMethod@1@@Z
?OverflowCoordinates@CxImage@@QAEXAAM0W4OverflowMethod@1@@Z
?ProcessExifDir@CxExifInfo@CxImageJPG@@IAE_NPAE0IQAUtag_ExifInfo@2@QAPAE@Z
?PutC@CxFile@@UAE_NE@Z
?PutC@CxIOFile@@UAE_NE@Z
?PutC@CxMemFile@@UAE_NE@Z
?Putword@CxImageGIF@@IAEXHPAVCxFile@@@Z
?QIShrink@CxImage@@QAE_NJJQAV1@@Z
?RGBQUADtoRGB@CxImage@@SAKUtagRGBQUAD@@@Z
?RGBtoBGR@CxImage@@IAEXPAEH@Z
?RGBtoHSL@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?RGBtoRGBQUAD@CxImage@@SA?AUtagRGBQUAD@@K@Z
?RGBtoXYZ@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?RGBtoYIQ@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?RGBtoYUV@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?Read@CxIOFile@@UAEIPAXII@Z
?Read@CxMemFile@@UAEIPAXII@Z
?RedEyeRemove@CxImage@@QAE_NXZ
?Repair@CxImage@@QAE_NMJJ@Z
?RepairChannel@CxImage@@IAE_NPAV1@M@Z
?Resample2@CxImage@@QAE_NJJW4InterpolationMethod@1@W4OverflowMethod@1@QAV1@_N@Z
?Resample@CxImage@@QAE_NJJHPAV1@@Z
?Rotate180@CxImage@@QAE_NPAV1@@Z
?Rotate2@CxImage@@QAE_NMPAV1@W4InterpolationMethod@1@W4OverflowMethod@1@PAUtagRGBQUAD@@_N4@Z
?Rotate@CxImage@@QAE_NMPAV1@@Z
?RotateLeft@CxImage@@QAE_NPAV1@@Z
?RotateRight@CxImage@@QAE_NPAV1@@Z
?Save@CxImage@@QAE_NPBDK@Z
?Seek@CxIOFile@@UAE_NJH@Z
?Seek@CxMemFile@@UAE_NJH@Z
?SelectionAddColor@CxImage@@QAE_NUtagRGBQUAD@@@Z
?SelectionAddEllipse@CxImage@@QAE_NUtagRECT@@@Z
?SelectionAddPixel@CxImage@@QAE_NHH@Z
?SelectionAddPolygon@CxImage@@QAE_NPAUtagPOINT@@J@Z
?SelectionAddRect@CxImage@@QAE_NUtagRECT@@@Z
?SelectionClear@CxImage@@QAE_NXZ
?SelectionCopy@CxImage@@QAE_NAAV1@@Z
?SelectionCreate@CxImage@@QAE_NXZ
?SelectionDelete@CxImage@@QAE_NXZ
?SelectionGetBox@CxImage@@QAEXAAUtagRECT@@@Z
?SelectionInvert@CxImage@@QAE_NXZ
?SelectionIsInside@CxImage@@QAE_NJJ@Z
?SelectionIsValid@CxImage@@QAE_NXZ
?SelectionSplit@CxImage@@QAE_NPAV1@@Z
?SelectionToHRGN@CxImage@@QAE_NAAPAUHRGN__@@@Z
?SetClrImportant@CxImage@@QAEXK@Z
?SetCodecOption@CxImage@@QAE_NKK@Z
?SetComment@CxImageGIF@@QAEXPBD@Z
?SetDisposalMethod@CxImageGIF@@QAEXH@Z
?SetEscape@CxImage@@QAEXJ@Z
?SetFlags@CxImage@@QAEXK_N@Z
?SetFrame@CxImage@@QAEXJ@Z
?SetFrameDelay@CxImage@@QAEXK@Z
?SetGrayPalette@CxImage@@QAEXXZ
?SetJpegQuality@CxImage@@QAEXE@Z
?SetJpegScale@CxImage@@QAEXE@Z
?SetLoops@CxImageGIF@@QAEXH@Z
?SetOffset@CxImage@@QAEXJJ@Z
?SetPalette@CxImage@@QAEXKPAE00@Z
?SetPalette@CxImage@@QAEXPAUrgb_color@1@K@Z
?SetPalette@CxImage@@QAEXPAUtagRGBQUAD@@K@Z
?SetPaletteColor@CxImage@@QAEXEEEEE@Z
?SetPaletteColor@CxImage@@QAEXEK@Z
?SetPaletteColor@CxImage@@QAEXEUtagRGBQUAD@@@Z
?SetPixelColor@CxImage@@QAEXJJK@Z
?SetPixelColor@CxImage@@QAEXJJUtagRGBQUAD@@_N@Z
?SetPixelIndex@CxImage@@QAEXJJE@Z
?SetProgress@CxImage@@QAEXJ@Z
?SetStdPalette@CxImage@@QAEXXZ
?SetTransColor@CxImage@@QAEXUtagRGBQUAD@@@Z
?SetTransIndex@CxImage@@QAEXJ@Z
?SetXDPI@CxImage@@QAEXJ@Z
?SetYDPI@CxImage@@QAEXJ@Z
?ShiftRGB@CxImage@@QAE_NJJJ@Z
?Size@CxIOFile@@UAEJXZ
?Size@CxMemFile@@UAEJXZ
?Skew@CxImage@@QAE_NMMJJ_N@Z
?SplitCMYK@CxImage@@QAE_NPAV1@000@Z
?SplitHSL@CxImage@@QAE_NPAV1@00@Z
?SplitRGB@CxImage@@QAE_NPAV1@00@Z
?SplitXYZ@CxImage@@QAE_NPAV1@00@Z
?SplitYIQ@CxImage@@QAE_NPAV1@00@Z
?SplitYUV@CxImage@@QAE_NPAV1@00@Z
?Startup@CxImage@@IAEXK@Z
?Stretch@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@K@Z
?Stretch@CxImage@@QAEJPAUHDC__@@JJJJK@Z
?Surface@CxRect2@@QBEMXZ
?SwapIndex@CxImage@@QAEXEE@Z
?TIFFCloseEx@CxImageTIF@@QAEXPAUtiff@@@Z
?TIFFOpenEx@CxImageTIF@@QAEPAUtiff@@PAVCxFile@@@Z
?Tell@CxIOFile@@UAEJXZ
?Tell@CxMemFile@@UAEJXZ
?Threshold@CxImage@@QAE_NE@Z
?Thumbnail@CxImage@@QAE_NJJUtagRGBQUAD@@PAV1@@Z
?Tile@CxImage@@QAEJPAUHDC__@@PAUtagRECT@@@Z
?TileToStrip@CxImageTIF@@IAEXPAE0KKHH@Z
?Transfer@CxImage@@QAE_NAAV1@@Z
?UnsharpMask@CxImage@@QAE_NMMH@Z
?Width@CxRect2@@QBEMXZ
?Write@CxIOFile@@UAEIPBXII@Z
?Write@CxMemFile@@UAEIPBXII@Z
?XYZtoRGB@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?YIQtoRGB@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?YUVtoRGB@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?blur_line@CxImage@@IAEXPAM0HPAE1HJ@Z
?char_out@CxImageGIF@@IAEXH@Z
?cl_hash@CxImageGIF@@IAEXJ@Z
?compressLZW@CxImageGIF@@IAEXHPAVCxFile@@@Z
?compressNONE@CxImageGIF@@IAEXHPAVCxFile@@@Z
?compressRLE@CxImageGIF@@IAEXHPAVCxFile@@@Z
?decoder@CxImageGIF@@IAEFPAVCxFile@@PAVCImageIterator@@FAAH@Z
?flush_char@CxImageGIF@@IAEXXZ
?gen_convolve_matrix@CxImage@@IAEHMPAPAM@Z
?gen_lookup_table@CxImage@@IAEPAMPAMH@Z
?get_byte@CxImageGIF@@IAEHPAVCxFile@@@Z
?get_next_code@CxImageGIF@@IAEFPAVCxFile@@@Z
?get_num_frames@CxImageGIF@@IAEHPAVCxFile@@PAUtag_TabCol@1@PAUtag_dscgif@1@@Z
?init_exp@CxImageGIF@@IAEFF@Z
?out_line@CxImageGIF@@IAEHPAVCImageIterator@@PAEH@Z
?output@CxImageGIF@@IAEXF@Z
?process_COM@CxExifInfo@CxImageJPG@@IAEXPBEH@Z
?process_EXIF@CxExifInfo@CxImageJPG@@IAE_NPAEI@Z
?process_SOFn@CxExifInfo@CxImageJPG@@IAEXPBEH@Z
?rle_block_flush@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_block_out@CxImageGIF@@IAEXEPAUtag_RLE@1@@Z
?rle_clear@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_compute_triangle_count@CxImageGIF@@IAEIII@Z
?rle_flush@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_flush_clearorrep@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_flush_fromclear@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_flush_withtable@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_isqrt@CxImageGIF@@IAEII@Z
?rle_output@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_output_flush@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_output_plain@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_reset_out_clear@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_write_block@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?seek_next_image@CxImageGIF@@IAEJPAVCxFile@@J@Z

Sections

.text
Size: 588KB - Virtual size: 586KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CFڵ/FilterSetup.exe
.exe windows:4 windows x86 arch:x86

141145ce247140aa43aca906061d683c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord641
ord616
ord793
ord656
ord609
ord2514
ord2621
ord1134
ord790
ord5265
ord4376
ord4853
ord4998
ord4710
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord4234
ord1146
ord1168
ord6215
ord4299
ord2086
ord800
ord4160
ord540
ord2863
ord2379
ord755
ord470
ord6111
ord537
ord2642
ord3092
ord6334
ord6199
ord3136
ord2818
ord3873
ord3716
ord3610
ord2575
ord6055
ord1776
ord4396
ord5290
ord3402
ord3831
ord567
ord2302
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord3719
ord4275
ord3742
ord3571
ord3619
ord3573
ord801
ord818
ord541
ord3663
ord3626
ord2414
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6172
ord5873
ord5789
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord640
ord5785
ord283
ord5875
ord2754
ord6194
ord6021
ord1640
ord323
ord2859
ord3988
ord2847
ord1641
ord6129
ord5148
ord3756
ord3754
ord2864
ord860
ord6143
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord3830
ord2976
ord3081
ord2985
ord3574
ord3262
ord6375
ord4274
ord535
ord4673
ord1576

msvcrt

_setmbcp
_ltoa
_itoa
__CxxFrameHandler
atof
atoi
_ftol
_mbscmp
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_except_handler3

kernel32

GetModuleHandleA
GetSystemDirectoryA
lstrlenA
WinExec
GetStartupInfoA

user32

SetRect
LoadBitmapA
GrayStringA
DrawTextA
TabbedTextOutA
GetParent
GetClientRect
FillRect
GetCursorPos
ScreenToClient
ReleaseDC
EnableWindow
IsIconic
GetSystemMetrics
DrawIcon
InvalidateRect
LoadIconA
GetDC
GetSystemMenu
AppendMenuA
SendMessageA

gdi32

LPtoDP
CreateSolidBrush
CreateFontA
CreateCompatibleBitmap
GetViewportExtEx
GetMapMode
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
DPtoLP
GetBkColor
CreateCompatibleDC
SelectObject
GetWindowExtEx
DeleteDC
BitBlt

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CFڵ/cfup.exe
.exe windows:4 windows x86 arch:x86

852675b624412e64eb7f1897a6d12098

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord6857
ord6823
ord6855
ord6832
ord6859
ord6867
ord6847
ord6814
ord6839
ord6846
ord6858
ord6816
ord6815
ord6812
ord6845
ord6856
ord6808
ord6835
ord4589
ord4588
ord4899
ord4370
ord4892
ord6817
ord5076
ord4340
ord4347
ord4720
ord4889
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4963
ord4960
ord4108
ord6054
ord4078
ord1776
ord4407
ord5240
ord2385
ord5163
ord6374
ord4353
ord5281
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3748
ord5065
ord1725
ord2446
ord6614
ord5277
ord2982
ord3147
ord3259
ord4465
ord6691
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord6591
ord3079
ord4080
ord4627
ord4432
ord6478
ord825
ord6514
ord6800
ord5260
ord1233
ord4284
ord2233
ord537
ord800
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3136
ord4622
ord4424
ord3738
ord561
ord815
ord641
ord2514
ord860
ord1134
ord5265
ord4376
ord4853
ord4998
ord6052
ord1775
ord5241
ord5280
ord3749
ord1727
ord5261
ord2124
ord4425
ord3597
ord1146
ord1168
ord324
ord4234
ord6805
ord6215
ord4299
ord4287
ord4710
ord2379
ord755
ord470
ord6597
ord3825
ord823
ord1576

msvcrt

_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_onexit
__dllonexit
__CxxFrameHandler
_setmbcp
_exit

kernel32

GetModuleHandleA
GetStartupInfoA

user32

LoadIconA
SetTimer
GetClientRect
DrawIcon
GetSystemMetrics
IsIconic
PostQuitMessage
KillTimer
SendMessageA
EnableWindow

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CFڵ/video/ffdshow/TomsMoComp_ff.dll
.dll windows:4 windows x86 arch:x86

465bae6f81d069a0b3a30d2464761039

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr71

_adjust_fdiv
__CppXcptFilter
_except_handler3
__dllonexit
_onexit
_initterm
??3@YAXPAX@Z
memcpy
memset
free
??2@YAPAXI@Z
malloc

kernel32

DisableThreadLibraryCalls

Exports

Exports

createI
getVersion

Sections

.text
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CFڵ/video/ffdshow/custom matrices/Bulletproof's Heavy Compression Matrix.xcm
CFڵ/video/ffdshow/custom matrices/Bulletproof's High Quality Matrix.xcm
CFڵ/video/ffdshow/custom matrices/CG-Animation Matrix.xcm
CFڵ/video/ffdshow/custom matrices/Low Bitrate Matrix.xcm
CFڵ/video/ffdshow/custom matrices/MPEG.xcm
CFڵ/video/ffdshow/custom matrices/Soulhunters V3.xcm
CFڵ/video/ffdshow/custom matrices/Soulhunters V5.xcm
CFڵ/video/ffdshow/custom matrices/Standard.xcm
CFڵ/video/ffdshow/custom matrices/Ultimate Matrix.xcm
CFڵ/video/ffdshow/custom matrices/Ultra Low Bitrate Matrix.xcm
CFڵ/video/ffdshow/custom matrices/Very Low Bitrate Matrix.xcm
CFڵ/video/ffdshow/custom matrices/andreas_78er.matrix.xcm
CFڵ/video/ffdshow/custom matrices/andreas_doppelte_99er.matrix.xcm
CFڵ/video/ffdshow/custom matrices/andreas_einfache_99er.matrix.xcm
CFڵ/video/ffdshow/custom matrices/hvs-best-picture.xcm
CFڵ/video/ffdshow/custom matrices/hvs-better-picture.xcm
CFڵ/video/ffdshow/custom matrices/hvs-good-picture.xcm
CFڵ/video/ffdshow/custom matrices/pvcd.xcm
CFڵ/video/ffdshow/custom matrices/q_matrix.cfg
CFڵ/video/ffdshow/custom matrices/q_matrix2.cfg
CFڵ/video/ffdshow/custom matrices/q_matrix_def.cfg
CFڵ/video/ffdshow/ff_kernelDeint.dll
.dll windows:4 windows x86 arch:x86

ebca70f21ec37a1b10b427b9b7a74b87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr71

free
_initterm
malloc
_adjust_fdiv
__CppXcptFilter
_except_handler3
__dllonexit
??3@YAXPAX@Z
_aligned_free
memset
memcpy
??2@YAPAXI@Z
_onexit
_aligned_malloc

kernel32

DisableThreadLibraryCalls

Exports

Exports

createI
getVersion

Sections

.text
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CFڵ/video/ffdshow/ff_liba52.dll
.dll windows:4 windows x86 arch:x86

c48b7bc3c257d550f40b8527ae4b08b2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr71

_initterm
malloc
_adjust_fdiv
__CppXcptFilter
free
__dllonexit
_onexit
_aligned_free
cos
_aligned_malloc
pow
_except_handler3
memcpy
memset

kernel32

DisableThreadLibraryCalls

Exports

Exports

a52_block
a52_dynrng
a52_frame
a52_free
a52_init
a52_samples
a52_syncinfo
getVersion

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CFڵ/video/ffdshow/ff_libdts.dll
.dll windows:4 windows x86 arch:x86

e11aa062bcf20e658b94fe8fe5d35dc1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr71

sin
_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3
__dllonexit
_onexit
cos
malloc
memcpy
memset
_iob
fprintf
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

dts_block
dts_blocks_num
dts_dynrng
dts_frame
dts_free
dts_init
dts_samples
dts_syncinfo
getVersion

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CFڵ/video/ffdshow/ff_libfaad2.dll
.dll windows:4 windows x86 arch:x86

af57224215769c6e6689011faffa9d8b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr71

__CppXcptFilter
_except_handler3
__dllonexit
_onexit
_initterm
memmove
memset
memcpy
_snprintf
pow
qsort
free
_adjust_fdiv
malloc

kernel32

GetModuleHandleA
GetThreadLocale
LoadLibraryA
FormatMessageA
DisableThreadLibraryCalls
GetProcAddress

Exports

Exports

NeAACDecAudioSpecificConfig
NeAACDecClose
NeAACDecDecode
NeAACDecGetCurrentConfiguration
NeAACDecGetErrorMessage
NeAACDecInit
NeAACDecInit2
NeAACDecOpen
NeAACDecPostSeekReset
NeAACDecSetConfiguration
getVersion

Sections

.text
Size: 188KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CFڵ/video/ffdshow/ff_libmad.dll
.dll windows:4 windows x86 arch:x86

3c978e454c72400dfa84777b991e2450

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr71

_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3
__dllonexit
_onexit
calloc
memset
memcpy
memmove
malloc
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

getVersion
mad_frame_decode
mad_frame_finish
mad_frame_init
mad_stream_buffer
mad_stream_finish
mad_stream_init
mad_synth_frame
mad_synth_init

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CFڵ/video/ffdshow/ff_realaac.dll
.dll windows:4 windows x86 arch:x86

5e2e0932c8c5f7c84c50aefe4ee2eced

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr71

_except_handler3
__CppXcptFilter
_onexit
_adjust_fdiv
_initterm
free
malloc
__dllonexit
memcpy
memset

kernel32

DisableThreadLibraryCalls

Exports

Exports

AACDecode
AACFlushCodec
AACFreeDecoder
AACGetLastFrameInfo
AACInitDecoder
AACSetRawBlockParams
getVersion

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CFڵ/video/ffdshow/ff_samplerate.dll
.dll windows:4 windows x86 arch:x86

04ade03d48eecf004a4e7da7437646a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr71

malloc
_adjust_fdiv
__CppXcptFilter
_except_handler3
__dllonexit
_onexit
_initterm
memmove
memset
memcpy
floor
free
calloc

kernel32

DisableThreadLibraryCalls

Exports

Exports

getVersion
src_delete
src_new
src_process
src_reset

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CFڵ/video/ffdshow/ff_theora.dll
.dll windows:4 windows x86 arch:x86

1e63bd41db6ae2059c6f1ddb13c831ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr71

_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3
__dllonexit
calloc
realloc
malloc
memset
memcpy
_onexit
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

getVersion
set_cpu_flags
theora_clear
theora_comment_clear
theora_comment_init
theora_decode_YUVout
theora_decode_header
theora_decode_init
theora_decode_packetin
theora_encode_YUVin
theora_encode_comment
theora_encode_header
theora_encode_init
theora_encode_packetout
theora_encode_tables
theora_granule_frame
theora_granule_time
theora_info_clear
theora_info_init
theora_version_number
theora_version_string

Sections

.text
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CFڵ/video/ffdshow/ff_tremor.dll
.dll windows:4 windows x86 arch:x86

09f58e233bdf7f8477806abbd6199da5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr71

qsort
toupper
_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3
calloc
_onexit
malloc
realloc
memcpy
memset
__dllonexit
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

getVersion
vorbis_block_clear
vorbis_block_init
vorbis_comment_clear
vorbis_comment_init
vorbis_comment_query
vorbis_comment_query_count
vorbis_dsp_clear
vorbis_info_clear
vorbis_info_init
vorbis_synthesis
vorbis_synthesis_blockin
vorbis_synthesis_headerin
vorbis_synthesis_init
vorbis_synthesis_pcmout
vorbis_synthesis_read

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CFڵ/video/ffdshow/ff_unrar.dll
.dll windows:4 windows x86 arch:x86

ee8961d0e92445bc731a8ab780cf2144

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr71

_adjust_fdiv
__CppXcptFilter
_except_handler3
_initterm
?terminate@@YAXXZ
__dllonexit
_onexit
??1type_info@@UAE@XZ
_CxxThrowException
memmove
strchr
strpbrk
strncmp
atoi
sprintf
strrchr
memset
??2@YAPAXI@Z
memcpy
strcat
strlen
strncpy
realloc
strcmp
malloc
strcpy
__CxxFrameHandler
??3@YAXPAX@Z
free

kernel32

GetCPInfo
IsDBCSLeadByte
WideCharToMultiByte
MultiByteToWideChar
WriteFile
SetEndOfFile
GetFileType
GetStdHandle
ReadFile
CloseHandle
SetFilePointer
GetVersionExA
CreateFileW
CreateFileA
GetLastError
DisableThreadLibraryCalls

user32

CharUpperA
OemToCharA

Exports

Exports

RARCloseArchive
RAROpenArchiveEx
RARProcessFile
RARReadHeaderEx
RARSetCallback
getVersion

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CFڵ/video/ffdshow/ff_vfw.dll
.dll windows:4 windows x86 arch:x86

d01523ec21c763fcdd3e9d781afd93ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
DisableThreadLibraryCalls

ole32

CoUninitialize
CoCreateInstance
CoInitialize

msvcr71

malloc
??2@YAPAXI@Z
??3@YAXPAX@Z
wcscpy
_onexit
free
_initterm
__dllonexit
_adjust_fdiv
__CppXcptFilter
_except_handler3

winmm

DefDriverProc

comctl32

ord17

Exports

Exports

DriverProc
configureVFW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 975B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 290B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CFڵ/video/ffdshow/ff_vfw.dll.manifest
.xml
CFڵ/video/ffdshow/ff_wmv9.dll
.dll windows:4 windows x86 arch:x86

45ea45c67b7bd845ec4bfa1f05e46ac0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr71

??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
_except_handler3
?terminate@@YAXXZ
__dllonexit
_onexit
??1exception@@UAE@XZ
??_U@YAPAXI@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??_V@YAXPAX@Z
strcpy
memcpy
wcscmp
free
malloc
wcscpy
??2@YAPAXI@Z
_wcsicmp
memset
??3@YAXPAX@Z
memcmp
__CppXcptFilter
__CxxFrameHandler
_CxxThrowException

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

kernel32

GetSystemDefaultLCID
GetProcAddress
FreeLibrary
LoadLibraryW
InterlockedDecrement
InterlockedIncrement
DisableThreadLibraryCalls

oleaut32

SysFreeString
VariantInit
SysAllocString

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

Exports

Exports

createWmv9
destroyWmv9
getVersion

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CFڵ/video/ffdshow/ff_x264.dll
.dll windows:4 windows x86 arch:x86

9e7ad2f3ced53a7108b82b86934c5d44

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

msvcrt

_strdup
_unlink
__dllonexit
_assert
_errno
_iob
_vsnprintf
cos
cosh
exit
exp
fclose
fflush
fopen
fprintf
fread
free
fseek
ftell
fwrite
log
malloc
memcpy
memset
pow
rename
sin
sinh
sprintf
sqrt
sscanf
strchr
strcmp
strcpy
strcspn
strlen
strpbrk
strstr
strtod
strtok
strtol
tan
tanh
vfprintf

pthreadgc2

pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_init
pthread_cond_wait
pthread_create
pthread_join
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_unlock

Exports

Exports

getVersion
x264_encoder_close
x264_encoder_encode
x264_encoder_headers
x264_encoder_open
x264_nal_encode
x264_param_default
x264_picture_alloc
x264_picture_clean

Sections

.text
Size: 448KB - Virtual size: 447KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CFڵ/video/ffdshow/ffdshow.ax
.dll regsvr32 windows:4 windows x86 arch:x86

5bc19cf8f51b08a34bcdd7608e8f714b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateSemaphoreW
VirtualAlloc
DisableThreadLibraryCalls
lstrlenA
GetModuleFileNameA
SetThreadPriority
VirtualFree
GetModuleHandleW
ReleaseSemaphore
lstrcpynW
WriteFile
GetVolumeInformationW
DeleteFileW
GetSystemDirectoryW
GetModuleFileNameW
SearchPathW
GetSystemInfo
GetUserDefaultLCID
LocalFree
SizeofResource
FindFirstChangeNotificationW
FindCloseChangeNotification
LoadLibraryW
GetProcAddress
FreeLibrary
FindResourceW
LoadResource
LockResource
LocalAlloc
GetVersionExW
ResetEvent
DeleteCriticalSection
InitializeCriticalSection
lstrcmpW
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
SystemTimeToFileTime
GetCommandLineW
GetWindowsDirectoryW
GetFullPathNameW
GetLastError
GetFileSize
MultiByteToWideChar
ReadFile
CreateFileW
GetFileTime
FindNextFileW
lstrlenW
FindFirstFileW
FindClose
GetFileAttributesW
GetCurrentProcessId
CreateEventW
GetTickCount
Sleep
WaitForSingleObject
SetEvent
CloseHandle
OutputDebugStringW
OutputDebugStringA
WideCharToMultiByte
CreateThread

user32

GetWindowLongW
wsprintfW
DefWindowProcW
SendMessageW
GetClientRect
GetFocus
PostQuitMessage
SetWindowLongW
RegisterWindowMessageW
CreateWindowExW
RegisterClassW
EnumChildWindows
MessageBoxW
SetRect
PostMessageW
DestroyWindow
GetWindowThreadProcessId
GetForegroundWindow
GetWindowTextW
GetClassNameW
UnregisterClassW
DispatchMessageW
TranslateMessage
GetMessageW
ReleaseDC
SetWindowPos
GetWindowRect
GetDC
SetDlgItemTextW
GetDlgCtrlID
LoadStringW
InsertMenuItemW
CreatePopupMenu
SetTimer
KillTimer
DestroyMenu
TrackPopupMenu
SetForegroundWindow
GetCursorPos
LoadImageW
GetMenuStringW
FillRect
IntersectRect
IsRectEmpty
SendDlgItemMessageW
ShowWindow
GetDlgItem
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CallWindowProcW
InvalidateRect
IsWindowVisible
SetFocus
MoveWindow
OffsetRect
GetParent
ClientToScreen
MessageBoxA
DialogBoxIndirectParamW
DialogBoxParamW
CreateDialogParamW
GetMenuItemCount
EnableWindow
GetMenuItemInfoW
SetMenuItemInfoW
MapDialogRect
RegisterClassExW
UpdateWindow
LoadIconW
DestroyIcon
DrawEdge
MapWindowPoints
PtInRect
WindowFromPoint
PeekMessageW
SetWindowPlacement
IsWindow
GetWindowPlacement
GetDesktopWindow
CreateDialogIndirectParamW
GetSystemMetrics
SetScrollInfo
GetScrollInfo
ScrollWindow
GetWindowTextLengthW
SetWindowTextW
SetParent
EndDialog
LoadMenuW
GetSubMenu
EnableMenuItem
SetCursorPos
IsWindowEnabled
GetSysColorBrush
LoadCursorW
SetCursor
ScreenToClient
LoadBitmapW
SetCapture
ReleaseCapture
GetSysColor
DrawTextW

gdi32

MoveToEx
CreatePen
Polygon
TextOutW
SetTextAlign
LineTo
StretchDIBits
TextOutA
GetTextExtentPoint32A
GetTextExtentExPointA
CreateBrushIndirect
GetTextColor
CreateSolidBrush
GetCurrentObject
GetObjectW
EnumFontFamiliesExW
SetDIBitsToDevice
GetDeviceCaps
SetTextCharacterExtra
CreateCompatibleDC
DeleteDC
GetOutlineTextMetricsW
CreateCompatibleBitmap
GetStockObject
SetTextColor
SetBkColor
GetDIBits
CreateFontIndirectW
SelectObject
GetTextExtentPoint32W
StretchBlt
GetBkColor
DeleteObject

comdlg32

GetSaveFileNameW
ChooseColorW
GetOpenFileNameW

advapi32

RegSetValueW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegEnumValueW
RegEnumKeyW
RegOpenKeyW
RegCreateKeyW
RegCloseKey
RegEnumKeyExW
RegDeleteKeyW

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
Shell_NotifyIconW

ole32

CoTaskMemFree
StringFromIID
CreateItemMoniker
GetRunningObjectTable
CoGetMalloc
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemAlloc
PropVariantClear
CoFreeUnusedLibraries
StringFromGUID2

oleaut32

OleCreatePropertyFrame
VariantClear
VariantInit
OleLoadPicturePath

msvcr71

wcscpy
_fileno
__CppXcptFilter
_adjust_fdiv
_initterm
_onexit
__dllonexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_hypot
_wcsicoll
_except_handler3
memcpy
wcstoul
wcspbrk
fopen
fwprintf
_wcsupr
sprintf
_snprintf
isalpha
perror
iswupper
isupper
isxdigit
strtoul
isdigit
atoi
strrchr
strtod
swscanf
wcstod
sscanf
fputs
_wsetlocale
_mbclen
_wcslwr
_beginthread
fprintf
_wstrtime
wcsrchr
_swab
_snwprintf
fputws
clock
_HUGE
_CIfmod
_CIasin
_CIacos
_CIsinh
_CIcosh
_CItanh
floor
ceil
_CIpow
_CxxThrowException
realloc
_aligned_realloc
_aligned_free
_aligned_malloc
_wcsicmp
iswspace
_wtoi
wcscmp
strtol
strstr
strchr
_filelength
fread
feof
rewind
getc
fgets
_strnicmp
time
srand
fflush
fwrite
fclose
towupper
_wfopen
_wmakepath
_wsplitpath
vswprintf
wcsstr
_wcsnicmp
wcschr
wcstol
wcsncat
fseek
ftell
rand
_beginthreadex
strncpy
_endthreadex
wcscat
_purecall
_vsnwprintf
_vsnprintf
isspace
toupper
strncmp
tolower
memmove
_itow
wcsncmp
malloc
swprintf
_strlwr
wcslen
wcsncpy
calloc
free
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z

winmm

mmioRead
mmioClose
mmioAscend
mmioDescend
mmioOpenW

comctl32

ImageList_Add
ImageList_Create
ImageList_Destroy
ImageList_DrawEx
ImageList_Draw
ord17

dinput

DirectInputCreateW

shlwapi

PathCompactPathExW
SHDeleteKeyW
PathIsRelativeW
PathCompactPathW
PathCanonicalizeW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
configure
configureAudio
configureAudioRaw
configureDec
configureEnc
configureRaw
ffacm2creator

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.TEXT
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 424KB - Virtual size: 422KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 535KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CFڵ/video/ffdshow/ffdshow.ax.manifest
.xml
CFڵ/video/ffdshow/ffdshow1.ico
CFڵ/video/ffdshow/ffdshow2.ico
CFڵ/video/ffdshow/ffdshow3.ico
CFڵ/video/ffdshow/languages/ffdshow.1026.bg
CFڵ/video/ffdshow/languages/ffdshow.1028.tc
CFڵ/video/ffdshow/languages/ffdshow.1029.cz
CFڵ/video/ffdshow/languages/ffdshow.1031.de
CFڵ/video/ffdshow/languages/ffdshow.1033.en
CFڵ/video/ffdshow/languages/ffdshow.1034.es
CFڵ/video/ffdshow/languages/ffdshow.1036.fr
CFڵ/video/ffdshow/languages/ffdshow.1038.hu
CFڵ/video/ffdshow/languages/ffdshow.1040.it
CFڵ/video/ffdshow/languages/ffdshow.1041.ja
CFڵ/video/ffdshow/languages/ffdshow.1041.jp
CFڵ/video/ffdshow/languages/ffdshow.1045.pl
CFڵ/video/ffdshow/languages/ffdshow.1046.br
CFڵ/video/ffdshow/languages/ffdshow.1049.ru
CFڵ/video/ffdshow/languages/ffdshow.1051.sk
CFڵ/video/ffdshow/languages/ffdshow.1053.se
CFڵ/video/ffdshow/languages/ffdshow.2052.sc
CFڵ/video/ffdshow/libavcodec.dll
.dll windows:4 windows x86 arch:x86

82838c60486eeb171c1c00aa274a2910

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateSemaphoreA
DeleteCriticalSection
DisableThreadLibraryCalls
InitializeCriticalSection
ReleaseSemaphore
WaitForSingleObject

msvcrt

_strnicmp
__dllonexit
__mb_cur_max
_assert
_beginthreadex
_errno
_iob
_isctype
_pctype
_snprintf
acos
asin
atan
ceil
cos
cosh
exp
fflush
floor
fprintf
free
fwrite
ldexp
log
log10
malloc
memcpy
memmove
memset
perror
pow
qsort
realloc
sin
sinh
sqrt
sscanf
strchr
strcmp
strcpy
strlen
strtod
strtol
tan
tanh
toupper
vfprintf

Exports

Exports

av_free
av_free_static
av_log_get_callback
av_log_set_callback
avcodec_alloc_context
avcodec_alloc_frame
avcodec_close
avcodec_decode_audio
avcodec_decode_video
avcodec_default_get_buffer
avcodec_default_reget_buffer
avcodec_default_release_buffer
avcodec_encode_audio
avcodec_encode_video
avcodec_find_decoder
avcodec_find_encoder
avcodec_flush_buffers
avcodec_get_current_idct
avcodec_get_encoder_info
avcodec_init
avcodec_open
avcodec_register_all
avcodec_thread_free
avcodec_thread_init
dsputil_init
getVersion

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 490KB - Virtual size: 489KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 725KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CFڵ/video/ffdshow/libmpeg2_ff.dll
.dll windows:4 windows x86 arch:x86

0923d5b18fb335b9cfc159feaf98fe4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr71

_adjust_fdiv
__CppXcptFilter
_except_handler3
__dllonexit
_onexit
malloc
_initterm
memset
free
_aligned_malloc
_aligned_free

kernel32

DisableThreadLibraryCalls

Exports

Exports

getVersion
mpeg2_accel
mpeg2_buffer
mpeg2_close
mpeg2_info
mpeg2_init
mpeg2_parse
mpeg2_reset
mpeg2_set_accel
mpeg2_set_rtStart

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CFڵ/video/ffdshow/libmplayer.dll
.dll windows:4 windows x86 arch:x86

aa8124841b5e8bbd8a79677902f1f7c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateSemaphoreA
GetSystemInfo
ReleaseSemaphore
VirtualAlloc
VirtualFree
WaitForSingleObject

msvcrt

__dllonexit
_beginthreadex
_errno
_iob
_snprintf
fflush
fprintf
free
fwrite
malloc
memcpy
memmove
memset
pow
realloc
strcpy
strlen

Exports

Exports

MP3_DecodeFrame
MP3_Done
MP3_Init
decCPUCount
getVersion
incCPUCount
init_mplayer
palette8tobgr15
palette8tobgr16
palette8tobgr24
palette8tobgr32
palette8torgb15
palette8torgb16
palette8torgb24
palette8torgb32
pp_free_context
pp_get_context
pp_postprocess
sws_freeContext
sws_freeFilter
sws_freeVec
sws_getConstVec
sws_getContext
sws_getContextEx
sws_getDefaultFilter
sws_getGaussianVec
sws_normalizeVec
sws_scale
sws_scale_ordered

Sections

.text
Size: 368KB - Virtual size: 367KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 780B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CFڵ/video/ffdshow/openIE.js
.js
CFڵ/video/ffdshow/pthreadGC2.dll
.dll windows:4 windows x86 arch:x86

4ed4b97c004af0f3c95aeb69c247d60b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FindAtomA
FreeLibrary
GetAtomNameA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetLastError
GetProcAddress
GetProcessAffinityMask
GetThreadContext
GetThreadPriority
InitializeCriticalSection
InterlockedDecrement
InterlockedExchangeAdd
LeaveCriticalSection
LoadLibraryA
OpenProcess
ReleaseSemaphore
ResetEvent
ResumeThread
SetEvent
SetLastError
SetThreadContext
SetThreadPriority
Sleep
SuspendThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForMultipleObjects
WaitForSingleObject

msvcrt

__dllonexit
_beginthreadex
_endthreadex
_errno
_ftime
_setjmp
abort
calloc
exit
fflush
free
longjmp
malloc

wsock32

WSAGetLastError
WSASetLastError

Exports

Exports

pthreadCancelableTimedWait
pthreadCancelableWait
pthread_attr_destroy
pthread_attr_getdetachstate
pthread_attr_getinheritsched
pthread_attr_getschedparam
pthread_attr_getschedpolicy
pthread_attr_getscope
pthread_attr_getstackaddr
pthread_attr_getstacksize
pthread_attr_init
pthread_attr_setdetachstate
pthread_attr_setinheritsched
pthread_attr_setschedparam
pthread_attr_setschedpolicy
pthread_attr_setscope
pthread_attr_setstackaddr
pthread_attr_setstacksize
pthread_barrier_destroy
pthread_barrier_init
pthread_barrier_wait
pthread_barrierattr_destroy
pthread_barrierattr_getpshared
pthread_barrierattr_init
pthread_barrierattr_setpshared
pthread_cancel
pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_init
pthread_cond_signal
pthread_cond_timedwait
pthread_cond_wait
pthread_condattr_destroy
pthread_condattr_getpshared
pthread_condattr_init
pthread_condattr_setpshared
pthread_create
pthread_delay_np
pthread_detach
pthread_equal
pthread_exit
pthread_getconcurrency
pthread_getschedparam
pthread_getspecific
pthread_getw32threadhandle_np
pthread_join
pthread_key_create
pthread_key_delete
pthread_kill
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_timedlock
pthread_mutex_trylock
pthread_mutex_unlock
pthread_mutexattr_destroy
pthread_mutexattr_getkind_np
pthread_mutexattr_getpshared
pthread_mutexattr_gettype
pthread_mutexattr_init
pthread_mutexattr_setkind_np
pthread_mutexattr_setpshared
pthread_mutexattr_settype
pthread_num_processors_np
pthread_once
pthread_rwlock_destroy
pthread_rwlock_init
pthread_rwlock_rdlock
pthread_rwlock_timedrdlock
pthread_rwlock_timedwrlock
pthread_rwlock_tryrdlock
pthread_rwlock_trywrlock
pthread_rwlock_unlock
pthread_rwlock_wrlock
pthread_rwlockattr_destroy
pthread_rwlockattr_getpshared
pthread_rwlockattr_init
pthread_rwlockattr_setpshared
pthread_self
pthread_setcancelstate
pthread_setcanceltype
pthread_setconcurrency
pthread_setschedparam
pthread_setspecific
pthread_spin_destroy
pthread_spin_init
pthread_spin_lock
pthread_spin_trylock
pthread_spin_unlock
pthread_testcancel
pthread_timechange_handler_np
pthread_win32_process_attach_np
pthread_win32_process_detach_np
pthread_win32_test_features_np
pthread_win32_thread_attach_np
pthread_win32_thread_detach_np
ptw32_get_exception_services_code
ptw32_pop_cleanup
ptw32_push_cleanup
sched_get_priority_max
sched_get_priority_min
sched_getscheduler
sched_setscheduler
sched_yield
sem_close
sem_destroy
sem_getvalue
sem_init
sem_open
sem_post
sem_post_multiple
sem_timedwait
sem_trywait
sem_unlink
sem_wait

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 368B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 740B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
CFڵ/video/ffdshow/xvidcore.dll
.dll windows:4 windows x86 arch:x86

50f664b643e7bf188874685ce2e531cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateThread
GetCurrentProcess
GetProcessAffinityMask
Sleep
WaitForSingleObject

msvcrt

__dllonexit
_errno
_setjmp
fclose
fflush
fgetc
fopen
fprintf
free
fwrite
log
log10
longjmp
malloc
memcpy
memset
printf
rand
realloc
setbuf
signal
sprintf
sqrt
srand
sscanf
strerror
strlen
vsprintf

Exports

Exports

xvid_decore
xvid_encore
xvid_global
xvid_plugin_2pass1
xvid_plugin_2pass2
xvid_plugin_dump
xvid_plugin_lumimasking
xvid_plugin_psnr
xvid_plugin_single
xvid_plugin_ssim

Sections

.text
Size: 585KB - Virtual size: 585KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 460KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55f3dfd13c0557d3e32bcbc604441dd3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 52KB

.rsrc Size: 32KB - Virtual size: 31KB

922b855d216a21490e4bcbf6c29b7f7d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 930B

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 2KB

4df004908141990e14e24741df59afe8

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

mfc42

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 2KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 880B

.reloc Size: 4KB - Virtual size: 344B

d01523ec21c763fcdd3e9d781afd93ea

Headers

File Characteristics

Imports

kernel32

ole32

msvcr71

winmm

comctl32

Exports

Exports

Sections

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 52KB

.rsrc
Size: 32KB - Virtual size: 31KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 930B

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 2KB

.text
Size: 4KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 880B

.reloc
Size: 4KB - Virtual size: 344B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 1024B - Virtual size: 975B

.data
Size: 512B - Virtual size: 72B

.reloc
Size: 512B - Virtual size: 290B

.text
Size: 25KB - Virtual size: 25KB

.data
Size: 512B - Virtual size: 128B

.bss
Size: - Virtual size: 368B

.edata
Size: 4KB - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 740B

.text
Size: 588KB - Virtual size: 586KB

.rdata
Size: 156KB - Virtual size: 154KB

.data
Size: 44KB - Virtual size: 69KB

.rsrc
Size: 124KB - Virtual size: 120KB

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 60KB - Virtual size: 57KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 300B

.rsrc
Size: 52KB - Virtual size: 51KB