f387941f655386384214c82566b7261e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f387941f655386384214c82566b7261e_JaffaCakes118
Size

7.4MB
MD5

f387941f655386384214c82566b7261e
SHA1

794e7c4f7f8c63b2dba64df81eef6d3482e2301a
SHA256

81104bcff9236c027dcc4d91b8b0bf2dd1b8c915494b2878e26653a3d6672907
SHA512

42ebc34d2fd66d164ad56cd367b7281fb1c4cc94ffbdd93a373da90355b5aa949b73d3f410004a4845f3da7d9de6017c8231b2cac66d36fe1659cf0b8b202018
SSDEEP

98304:Om6GEOcCBLF9k2Y3ExzkM4fPwndK6KCCWbkcMAQY2b8bVRXr+0dX7JO9fTW4Lgvw:nOdsL3k2Y3azkMAQddAAtaSVUML4urgT

Score

7^/10

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack002/ocr1.dll	acprotect

Unsigned PE 20 IoCs

Checks for missing Authenticode signature.

resource
unpack001/topocr.exe
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/IM31bmp.dil
unpack002/IM31gif.dil
unpack002/IM31jpg.dil
unpack002/IM31tif.dil
unpack002/IM31xbmp.del
unpack002/IM31xccc.del
unpack002/IM31xgif.del
unpack002/IM31xjpg.del
unpack002/PDC32.DLL
unpack002/hts9.dll
unpack002/imgman32.dll
unpack002/imhost32.dll
unpack002/mb1.exe
unpack002/ocr1.dll
unpack002/ssce5432.dll
unpack002/ter14.dll
unpack002/topocr.exe
unpack002/uninst.exe

NSIS installer 2 IoCs

installer

resource	yara_rule
static1/unpack001/topocr.exe	nsis_installer_1
static1/unpack002/uninst.exe	nsis_installer_1

Files

f387941f655386384214c82566b7261e_JaffaCakes118
.rar
topocr.exe
.exe windows:4 windows x86 arch:x86

9632e80596371cfa7f563f680f3c4498

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create

kernel32

SetErrorMode
GetExitCodeProcess
WaitForSingleObject
ExpandEnvironmentStringsA
GetEnvironmentVariableA
lstrcmpiA
FindNextFileA
DeleteFileA
FindFirstFileA
SetFileTime
GetFileAttributesA
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetCurrentDirectoryA
CreateDirectoryA
SetFileAttributesA
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetModuleHandleA
ExitProcess
lstrcpynA
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GetVersion
GlobalUnlock
GlobalLock
GlobalAlloc
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
GetSystemDirectoryA
EnterCriticalSection
Sleep
LeaveCriticalSection
InitializeCriticalSection
CloseHandle
GlobalFree
LoadLibraryA
GetProcAddress
CreateThread
FreeLibrary
MultiByteToWideChar
GetCurrentProcess
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
MulDiv
CopyFileA

user32

CharNextA
DialogBoxParamA
GetClassInfoA
CreateWindowExA
SystemParametersInfoA
RegisterClassA
EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
PeekMessageA
DispatchMessageA
ExitWindowsEx
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
PostQuitMessage

gdi32

GetDeviceCaps
CreateFontIndirectA
DeleteObject
CreateBrushIndirect
CreateFontA
SetBkMode
SetTextColor
SetBkColor
SelectObject

advapi32

RegEnumValueA
RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyA
RegCloseKey

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHFileOperationA

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

3764e6c387ce3c76b39936a24d523dce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileIntA
MultiByteToWideChar
GetPrivateProfileStringA
MulDiv
lstrcmpiA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GetModuleHandleA
GlobalAlloc

user32

PtInRect
MapWindowPoints
GetDlgCtrlID
LoadIconA
LoadImageA
LoadCursorA
CreateWindowExA
GetDC
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
EnableWindow
SendMessageA
SetWindowTextA
GetWindowTextA
wsprintfA
CharNextA
SetWindowLongA

gdi32

SetTextColor
CreateCompatibleDC
SelectObject
GetTextMetricsA
GetTextExtentPoint32A
DeleteDC
DeleteObject

comdlg32

GetOpenFileNameA
CommDlgExtendedError
GetSaveFileNameA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
BACKGROUND1.BMP
IM31bmp.dil
.dll windows:4 windows x86 arch:x86

3cc74157b8178cf0b688dad72db0d16c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

LoadStringA

kernel32

HeapCreate
VirtualFree
TlsFree
TlsSetValue
TlsAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
GlobalHandle
TlsGetValue
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
SetLastError
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
RtlUnwind
MultiByteToWideChar
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

Exports

Exports

IMDLbuildDIBhead
IMDLclose_image
IMDLclose_keep
IMDLerror_string
IMDLescape
IMDLget_ver
IMDLimg_name
IMDLinit_image
IMDLopen
IMDLprint
IMDLread_rows
IMDLrender
IMDLset_ext
IMDLset_row
IMDLverify_img
WEP

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IM31gif.dil
.dll windows:4 windows x86 arch:x86

d1e9e0753132285eeb2f3999d5ea908a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

LoadStringA

kernel32

FreeEnvironmentStringsW
WideCharToMultiByte
TlsFree
TlsSetValue
TlsAlloc
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalHandle
TlsGetValue
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetCPInfo
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetProcAddress
LoadLibraryA
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetStringTypeW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
RtlUnwind

Exports

Exports

IMDLbuildDIBhead
IMDLclose_image
IMDLclose_keep
IMDLerror_string
IMDLescape
IMDLget_page
IMDLget_ver
IMDLimg_name
IMDLinit_image
IMDLopen
IMDLprint
IMDLread_rows
IMDLrender
IMDLset_ext
IMDLset_page
IMDLset_row
IMDLverify_img
WEP

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IM31jpg.dil
.dll windows:4 windows x86 arch:x86

f457b7f8732fff1247e8a5110ce325da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Imageman\Jpg-dil\Release\JPG-DIL.pdb

Imports

kernel32

TlsSetValue
GlobalFree
GlobalUnlock
GlobalHandle
TlsGetValue
GlobalLock
GlobalAlloc
TlsFree
TlsAlloc
IsBadWritePtr
IsBadStringPtrA
IsBadReadPtr
ReadFile
CloseHandle
ExitProcess
RtlUnwind
RaiseException
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
SetLastError
GetLastError
SetUnhandledExceptionFilter
DeleteCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
VirtualAlloc
HeapReAlloc
LoadLibraryA
InterlockedExchange
VirtualQuery
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
SetFilePointer
HeapSize
FlushFileBuffers
MultiByteToWideChar
VirtualProtect
GetSystemInfo
CompareStringA
CompareStringW
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
SetStdHandle

user32

wsprintfA
LoadStringA

Exports

Exports

IMDLOptionNames
IMDLOptionValue
IMDLbuildDIBhead
IMDLclose_image
IMDLclose_keep
IMDLerror_string
IMDLescape
IMDLget_ver
IMDLimg_name
IMDLinit_image
IMDLopen
IMDLprint
IMDLread_rows
IMDLrender
IMDLset_ext
IMDLset_row
IMDLverify_img

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IM31tif.dil
.dll windows:4 windows x86 arch:x86

628a3c61106d94305d7d6a63437607e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

LoadStringA

kernel32

HeapDestroy
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalHandle
TlsGetValue
GetCommandLineA
GetVersion
RaiseException
GetProcAddress
GetModuleHandleA
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
SetLastError
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
LoadLibraryA
VirtualFree
HeapFree
WriteFile
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
RtlUnwind

Exports

Exports

IMDLbuildDIBhead
IMDLclose_image
IMDLclose_keep
IMDLerror_string
IMDLescape
IMDLget_page
IMDLget_ver
IMDLimg_name
IMDLinit_image
IMDLopen
IMDLprint
IMDLread_rows
IMDLrender
IMDLset_ext
IMDLset_page
IMDLset_row
IMDLverify_img
WEP

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IM31xbmp.del
.dll windows:4 windows x86 arch:x86

aada7139397b0e55daf8d2515829b6d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
TlsSetValue
TlsAlloc
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
TlsFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
RtlUnwind
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

Exports

Exports

IMXDLbegin_write
IMXDLend_write
IMXDLget_ext
IMXDLget_ver
IMXDLwrite_block
WEP

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IM31xccc.del
.dll windows:4 windows x86 arch:x86

003b4886f5f6a9a31e7f8f94849eab24

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CharUpperA

kernel32

GetEnvironmentVariableA
GetVersionExA
TlsFree
TlsSetValue
TlsAlloc
GlobalUnlock
LocalLock
LocalAlloc
GlobalLock
GlobalAlloc
GlobalFree
GlobalHandle
LocalFree
LocalHandle
GlobalReAlloc
GetCommandLineA
GetVersion
GetProcAddress
GetModuleHandleA
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
RtlUnwind

Exports

Exports

IMXDLbegin_write
IMXDLend_write
IMXDLget_ext
IMXDLget_ver
IMXDLwrite_block

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IM31xgif.del
.dll windows:4 windows x86 arch:x86

c6792ef6896b298792433edc218325f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CharUpperA

kernel32

FreeEnvironmentStringsW
FreeEnvironmentStringsA
TlsFree
TlsSetValue
TlsAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
GlobalHandle
GlobalReAlloc
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
GetStringTypeW
RtlUnwind
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA

Exports

Exports

IMXDLbegin_write
IMXDLend_write
IMXDLget_ext
IMXDLget_ver
IMXDLwrite_block
WEP

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IM31xjpg.del
.dll windows:4 windows x86 arch:x86

1e09111dc34549587dfb3b401e15c09f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CharUpperA

kernel32

GetEnvironmentVariableA
GetEnvironmentStringsW
TlsFree
GlobalFree
GlobalUnlock
GlobalHandle
TlsGetValue
TlsSetValue
TlsAlloc
GlobalLock
GlobalAlloc
GlobalReAlloc
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
GetProcAddress
GetModuleHandleA
RtlUnwind
GetCurrentThreadId
SetLastError
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
FlushFileBuffers
SetFilePointer
CompareStringA
CompareStringW
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
CloseHandle
SetStdHandle
ReadFile

Exports

Exports

IMXDLbegin_write
IMXDLend_write
IMXDLget_ext
IMXDLget_ver
IMXDLwrite_block
WEP

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PDC32.DLL
.dll windows:4 windows x86 arch:x86

b8ee1fd4092f763341c4527b6526cc45

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FlushFileBuffers
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
CompareStringA
CompareStringW
SetEnvironmentVariableA
IsBadReadPtr
ReadFile
GetLocalTime
lstrcatA
_hread
SetFilePointer
WriteFile
CreateFileA
CloseHandle
GetCPInfo
GetVersion
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcmpiA
lstrlenA
lstrcpyA
IsValidLocale
MulDiv
GetCommandLineA
HeapReAlloc
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
GetProcAddress
VirtualAlloc
IsBadWritePtr
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
RtlUnwind
UnhandledExceptionFilter
GetACP
GetOEMCP
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
Sleep
SetConsoleCtrlHandler
RaiseException
GetLocaleInfoW

advapi32

RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA

user32

FindWindowA
GetWindow
SendMessageA
wvsprintfA
MessageBoxA
wsprintfA
GetDC
ReleaseDC

gdi32

GetDIBits
GetTextAlign
GetTextMetricsA
GetStockObject
GetObjectA
CreateFontIndirectA
SetDIBits
GetTextFaceA
LPtoDP
GetBkColor
GetBkMode
GetTextColor
GetWindowExtEx
GetViewportExtEx
CreateBitmap
GetPixel
GetFontData
EnumFontFamiliesExA
GetCharacterPlacementW
GetWorldTransform
PlayEnhMetaFileRecord
CloseEnhMetaFile
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
EnumEnhMetaFile
GetCharWidthA
DeleteEnhMetaFile
GetDeviceCaps
CreateEnhMetaFileA
DeleteObject

Exports

Exports

EnhMetaFileProc
PdcEndDoc
PdcEndDoc2
PdcEndPage
PdcEnumFontFamiliesEx
PdcGetData
PdcGetLastMessage
PdcHandleToStr
PdcHandleToStrInChunks
PdcResetLastMessage
PdcSaveFile
PdcSetFlags
PdcStartDoc
PdcStartDoc2
PdcStartPage
PdcStrToHandle
PdcStrToHandleInChunks
WEP

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VICDEMO.CUR
hts9.dll
.dll windows:4 windows x86 arch:x86

793a92e88aac90649c4844a6f5ea3e25

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
MulDiv
CloseHandle
CreateFileA
lstrcmpA
ReadFile
WideCharToMultiByte
GlobalReAlloc
WriteFile
CopyFileA
GetModuleFileNameA
SetFilePointer
GlobalHandle
DeleteFileA
FlushFileBuffers
SetStdHandle
LoadLibraryA
GetOEMCP
lstrcatA
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
TerminateProcess
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
LCMapStringA
MultiByteToWideChar
lstrcmpiA
GetACP
lstrlenA
GetCPInfo
lstrcpyA
ExitProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetModuleHandleA
GetProcAddress
GetVersion
GetCommandLineA
HeapFree
HeapReAlloc
HeapAlloc
GetLastError
InterlockedIncrement
InterlockedDecrement
RtlUnwind
GetFileAttributesA

user32

MessageBoxA
SendMessageA
PostMessageA
ReleaseDC
GetFocus
wvsprintfA
FindWindowA
GetWindow
DialogBoxParamA
SetWindowPos
PeekMessageA
CreateWindowExA
MoveWindow
SetWindowTextA
GetWindowRect
GetDlgItemInt
EnableWindow
SetDlgItemInt
EndDialog
SetWindowLongA
SetDlgItemTextA
LoadCursorA
SetCursor
InvalidateRect
MessageBeep
GetDlgCtrlID
GetParent
GetKeyState
SetFocus
CallWindowProcA
DestroyWindow
SendDlgItemMessageA
GetDlgItemTextA
wsprintfA
GetDlgItem
DefWindowProcA
GetWindowLongA
GetSystemMetrics
GetDC

gdi32

GetDeviceCaps
GetStockObject
SelectObject
GetTextMetricsA
TranslateCharsetInfo

comdlg32

GetSaveFileNameA
GetOpenFileNameA
ChooseFontA
ChooseColorA

ter14

ord162
ord497
ord59
ord83
ord24
ord399
ord42
ord132
ord462
ord31
ord125
ord55
ord47
ord337
ord17
ord165
ord332
ord147
ord134
ord160
ord97
ord152
ord81
ord212
ord463
ord144
ord464
ord481
ord458
ord456
ord186
ord86
ord237
ord89
ord82
ord149
ord207
ord436
ord433
ord430
ord440
ord450
ord448
ord449
ord446
ord576
ord43
ord172
ord460
ord459
ord178
ord163
ord336
ord620
ord85
ord197
ord665
ord616
ord549
ord150
ord49
ord139
ord503
ord595
ord238
ord575
ord76
ord454
ord218
ord96
ord455
ord126
ord633
ord352
ord90
ord72
ord306
ord405
ord104
ord234
ord65
ord233
ord91
ord190
ord453
ord452
ord311
ord645
ord138
ord471
ord380
ord133
ord29
ord50
ord48
ord146
ord505
ord476
ord297
ord579
ord340
ord180
ord145
ord637
ord383
ord385
ord487
ord411
ord572
ord101
ord39
ord587
ord457
ord116
ord529
ord289
ord628
ord630
ord229
ord136
ord384
ord470
ord191
ord555
ord217
ord239
ord659
ord512
ord84
ord418
ord472
ord490
ord171
ord398
ord367
ord366
ord396
ord60
ord77
ord95
ord135
ord348
ord536
ord94
ord52
ord88
ord148
ord32
ord141
ord156
ord109
ord44
ord108
ord338
ord51
ord40
ord175
ord11
ord19
ord71
ord129
ord155
ord128
ord187
ord193
ord201

Exports

Exports

AddSelectionItem
ButtonFieldParam
FontSizeParam
FormEditParam
FormListParam
HtsAddSelectionItem
HtsCheckScriptResult
HtsClearWindow
HtsClose
HtsCommand
HtsDelSelectionItem
HtsEditFormId
HtsEditRule
HtsGetActiveWnd
HtsGetActiveWnd2
HtsGetCurForm
HtsGetCurPath
HtsGetFieldData
HtsGetFont
HtsGetFontSize
HtsGetFormInfo
HtsGetFrameName
HtsGetLinkData
HtsGetLinkDataEx
HtsGetLinkInfo
HtsGetParaAttrib
HtsGetTagData
HtsGetTarget
HtsGetTopWin
HtsGetUserTag
HtsGetUsfList
HtsInViewMode
HtsInitialize
HtsInitialize2
HtsInsertButtonField
HtsInsertLink
HtsInsertPicture
HtsInsertRule
HtsInsertSelectField
HtsInsertTextField
HtsInternetGet
HtsIsHttpFile
HtsIsLocalFile
HtsLoadControl
HtsLparam2String
HtsMenuEnable
HtsMenuSelect
HtsModified
HtsNewFile
HtsOpenFile
HtsParaNormal
HtsPositionName
HtsRead
HtsReadFromTer
HtsReformat
HtsRtfToHtml
HtsRtfToHtmlEx
HtsSave
HtsSaveFromTer
HtsSetActiveWnd
HtsSetBkColor
HtsSetBkPict
HtsSetDefaultTarget
HtsSetDocTitle
HtsSetDownloadDir
HtsSetFlags
HtsSetFlags2
HtsSetFont
HtsSetFontDlg
HtsSetFontSize
HtsSetFontSizeTbl
HtsSetForm
HtsSetFormId
HtsSetFrameName
HtsSetHeader
HtsSetLinkInfo
HtsSetLinkInfoDlg
HtsSetList
HtsSetListEx
HtsSetMiscCharType
HtsSetMiscParaType
HtsSetNewBkColor
HtsSetNewTextColor
HtsSetParaSpace
HtsSetPictFileBase
HtsSetPictUseMap
HtsSetPicture
HtsSetReadOnly
HtsSetTableWidth
HtsSetTarget
HtsSetUserTag
HtsString2Lparam
HtsUpdateLink
HtsUpdateLinkEx
HtsWrite
LinkDataParam
LinkParam
PictureParam
RuleParam
SelectFieldParam
SelectFontElement
SelectLinkAttrib
SetFormParam
SubclassEdit
TerCallback
TextFieldParam
WEP

Sections

.text
Size: 200KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
imgman32.dll
.dll windows:4 windows x86 arch:x86

f99a3b66f06b174fe6b8dabe2b67fedb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetClipboardData
OpenClipboard
LoadStringA
CloseClipboard
DialogBoxIndirectParamA
SetRect
SetClipboardData
GetActiveWindow
IsClipboardFormatAvailable
MessageBoxA
EmptyClipboard
OffsetRect
IntersectRect
CharUpperA
wsprintfA
EnableWindow
DestroyWindow
IsWindow
TranslateMessage
SendMessageA
DispatchMessageA
InflateRect
GetMessageA
CreateWindowExA
EqualRect
ScrollDC
SubtractRect
GetWindowRect
MoveWindow
IsDlgButtonChecked
FillRect
GetParent
ReleaseDC
GetClientRect
SetCursor
LoadCursorA
GetDlgItem
IsWindowVisible
GetDC
CheckDlgButton
SetDlgItemTextA
ShowWindow
GetDlgItemTextA
SetWindowLongA
GetWindowLongA
EndDialog
GetDialogBaseUnits
CheckRadioButton
SetWindowPos
KillTimer
SetTimer

gdi32

GetDIBits
GetDeviceCaps
RealizePalette
RectVisible
GetClipRgn
Rectangle
OffsetRgn
SelectClipRgn
CreateRoundRectRgn
CreateEllipticRgn
CombineRgn
CreateRectRgnIndirect
CreateRectRgn
ExcludeClipRect
SetDIBColorTable
CreateDIBSection
GetDIBColorTable
GetPaletteEntries
GetObjectA
BitBlt
DeleteMetaFile
CreatePalette
GetStockObject
SelectPalette
StretchBlt
SaveDC
LPtoDP
GetClipBox
IntersectClipRect
SetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
RestoreDC
GdiFlush
StretchDIBits
CreateCompatibleDC
DeleteDC
CreateCompatibleBitmap
SelectObject
PatBlt
SetMapMode
SetViewportExtEx
PlayMetaFile
CopyMetaFileA
CreateDIBitmap
DeleteObject

kernel32

LocalFree
WriteFile
ReadFile
FileTimeToSystemTime
SetFilePointer
CompareStringW
CompareStringA
SetEnvironmentVariableA
SetStdHandle
FlushFileBuffers
GetOEMCP
GetACP
IsBadReadPtr
GetTimeZoneInformation
IsBadCodePtr
LCMapStringW
LCMapStringA
GetCPInfo
GetStringTypeA
IsBadWritePtr
GetStringTypeW
VirtualFree
HeapCreate
VirtualAlloc
GetVersionExA
GetEnvironmentStringsW
HeapDestroy
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
GetStartupInfoA
GetFileType
FreeEnvironmentStringsA
SetHandleCount
SetUnhandledExceptionFilter
GetStdHandle
SetLastError
GetCurrentThreadId
HeapReAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GetEnvironmentVariableA
GetWindowsDirectoryA
GetSystemDirectoryA
GetCurrentDirectoryA
GetModuleFileNameA
GlobalLock
GlobalAlloc
TlsFree
TlsGetValue
FreeLibrary
LoadLibraryA
MulDiv
TlsSetValue
LocalAlloc
TlsAlloc
FindClose
FindNextFileA
GetProcAddress
GetModuleHandleA
FindFirstFileA
GlobalSize
lstrcmpiA
GlobalReAlloc
LocalUnlock
LocalLock
DeleteFileA
GetFileAttributesA
LocalHandle
FreeResource
LockResource
LoadResource
FindResourceA
CloseHandle
GetLastError
CreateFileA
GetCurrentProcess
HeapSize
InterlockedIncrement
lstrcpyA
OpenFile
lstrcatA
lstrlenA
InterlockedDecrement
MultiByteToWideChar
_lclose
_lwrite
_llseek
GetFullPathNameA
GetDriveTypeA
FileTimeToLocalFileTime
LeaveCriticalSection
TerminateProcess
ExitProcess
HeapFree
RtlUnwind
RaiseException
GetCommandLineA
GetVersion
HeapAlloc
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

advapi32

RegCreateKeyA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

Exports

Exports

ImgBrightness
ImgClose
ImgContrast
ImgCopy
ImgCreateDDB
ImgDrawImage
ImgDrawImageFX
ImgErrBox
ImgErrString
ImgFilter
ImgFilterLow
ImgFromClipboard
ImgFromDIB
ImgFromDIBSection
ImgFromPDIB
ImgFromWMF
ImgGamma
ImgGetDDB
ImgGetDIB
ImgGetDIBPtr
ImgGetDataPtr
ImgGetExt
ImgGetHBitmap
ImgGetInfo
ImgGetInfoStruct
ImgGetPage
ImgGetPalette
ImgGetROP
ImgGetStatus
ImgGetWMF
ImgIncreaseColors
ImgInit
ImgInvert
ImgLoad
ImgLoadLibraryExt
ImgMirror
ImgOpenCustom
ImgOpenDialog
ImgOpenEmbedded
ImgOpenMem
ImgOpenSolo
ImgPageCount
ImgPlugInAbout
ImgPlugInEnumerate
ImgPlugInHostIsAvailable
ImgPlugInHostIsEnabled
ImgPlugInHostLoad
ImgPlugInHostUnload
ImgPlugInInvoke
ImgPlugInInvokeEx
ImgPlugInLoad
ImgPlugInSetStatusProc
ImgPrintImage
ImgReduceColors
ImgReduceColorsPal
ImgRotate
ImgSetDefaultStatusProc
ImgSetPage
ImgSetROP
ImgSetStatusProc
ImgShutdown
ImgToClipboard
ImgUnload
ImgVerString
ImgXAbort
ImgXBeginWrite
ImgXBeginWriteMem
ImgXEndWrite
ImgXEndWriteMem
ImgXErrBox
ImgXErrString
ImgXFileDialog
ImgXGetExt
ImgXGetStatus
ImgXOptBlkAdd
ImgXOptBlkCreate
ImgXOptBlkDel
ImgXOptBlkGet
ImgXSetError
ImgXWriteBMPBlock
ImgXWriteBlock
ImgXWriteDIB
ImgXWriteImage
ScanAcquirePage
ScanInitDebugLog
ScanIsTWAINAvailable
ScanLowAcquirePages
ScanLowCloseJob
ScanLowInitTwainJob
ScanLowRegisterApp
ScanLowSetBrightnessContrast
ScanLowSetDuplex
ScanLowSetResolution
ScanLowSetScanArea
ScanLowSetScanDevice
ScanLowSetTransferMode
ScanSelectSource
WEP

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
imhost32.dll
.dll windows:4 windows x86 arch:x86

c30d363ba32ef5833f80ff36844452c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LocalFree
FindNextFileA
LoadLibraryA
TlsAlloc
TlsFree
FreeLibrary
LocalAlloc
TlsSetValue
GlobalAlloc
GlobalLock
FindResourceA
LoadResource
LockResource
EnumResourceNamesA
GetLastError
GlobalHandle
GlobalUnlock
TlsGetValue
FindClose
FindFirstFileA
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
SetEnvironmentVariableA
CompareStringW
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
GetCurrentThreadId
SetLastError
GetCurrentThread
ExitProcess
GlobalFree
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
SetFilePointer
GetLocaleInfoW
CompareStringA
InterlockedDecrement
InterlockedIncrement
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
FatalAppExitA
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
Sleep
SetConsoleCtrlHandler
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
CloseHandle
GetTimeZoneInformation

user32

DispatchMessageA
TranslateMessage
PeekMessageA

gdi32

DeleteObject
GetDeviceCaps
SelectPalette
RealizePalette
SetDIBColorTable
DeleteDC
CreateDIBSection
GetObjectA
CreateCompatibleDC
SelectObject
GetDIBColorTable

imgman32

ord22
ord58
ord10
ord2
ord43
ord29
ord15

Exports

Exports

PIIMAdvanceState
PIIMDisplayPixelsProc
PIIMEnumerate
PIIMHostProc
PIIMInit
PIIMInvokePlugIn
PIIMLoadSpecific
PIIMPlugInAbout
PIIMProgressProc
PIIMSetStatusProc
PIIMTestAbortProc
WEP

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mb1.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

0000
Size: - Virtual size: 808KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000
Size: 790KB - Virtual size: 792KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ocr1.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Exports

Exports

ocrImage

Sections

Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ssce5432.dll
.dll windows:4 windows x86 arch:x86

5beaf43fd83e14a96d8bccb142e76263

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
GetPrivateProfileStringA
lstrcmpiA
GetShortPathNameA
GetProfileStringA
lstrlenA
_lread
_llseek
lstrcpyA
GlobalFree
GlobalUnlock
GlobalLock
_lclose
LeaveCriticalSection
InterlockedExchange
InitializeCriticalSection
_lcreat
_lopen
_lwrite
WritePrivateProfileStringA
GetVersion
lstrcmpA
Sleep
GetFileAttributesA
InterlockedDecrement
InterlockedIncrement
CompareStringA
SetEndOfFile
SetFilePointer
LoadLibraryA
GetProcAddress
ReadFile
GetStringTypeW
GetStringTypeA
RtlUnwind
GetOEMCP
GetACP
GetCPInfo
CreateFileA
FlushFileBuffers
SetStdHandle
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
SetEnvironmentVariableA
CompareStringW
GetTickCount
EnterCriticalSection
GetCommandLineA
HeapDestroy
LCMapStringW
LCMapStringA
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetLastError
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetCurrentProcess
GetCurrentThreadId
VirtualAlloc
HeapReAlloc
TerminateProcess
HeapCreate
VirtualFree
DeleteCriticalSection
ExitProcess
WideCharToMultiByte
CloseHandle
GetFullPathNameA
GetCurrentDirectoryA
MultiByteToWideChar

user32

EnumChildWindows
MessageBoxA
ClientToScreen
GetWindowTextLengthA
TrackPopupMenu
RemoveMenu
ModifyMenuA
GetSubMenu
LoadMenuA
ShowCursor
SetCursor
LoadCursorA
KillTimer
ShowWindow
SetTimer
SetDlgItemTextA
GetSystemMetrics
SystemParametersInfoA
GetDesktopWindow
MoveWindow
SetRect
InflateRect
IntersectRect
OffsetRect
UnionRect
EqualRect
GetDlgItemTextA
GetWindowRect
EnableWindow
GetSysColor
GetWindowTextA
SetWindowTextA
GetDlgItem
EndDialog
WinHelpA
SetFocus
CallWindowProcA
DialogBoxParamA
GetParent
SetWindowLongA
GetClassNameA
SendMessageA
wsprintfA

gdi32

CreateSolidBrush
DeleteObject
GetObjectA
SetTextColor
SetBkColor
CreateFontIndirectA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA

Exports

Exports

EditLexDlgProc
NewLexDlgProc
OptionsDlgProc
SSCE_AddToLex
SSCE_CheckBlock
SSCE_CheckBlockDlg
SSCE_CheckBlockDlgTmplt
SSCE_CheckCtrlBackground
SSCE_CheckCtrlDlg
SSCE_CheckCtrlDlgTmplt
SSCE_CheckString
SSCE_CheckWord
SSCE_ClearLex
SSCE_CloseBlock
SSCE_CloseLex
SSCE_CloseSession
SSCE_CompressLexAbort
SSCE_CompressLexEnd
SSCE_CompressLexFile
SSCE_CompressLexInit
SSCE_CountStringWords
SSCE_CreateLex
SSCE_DelBlockText
SSCE_DelBlockWord
SSCE_DelFromLex
SSCE_DelStringText
SSCE_DelStringWord
SSCE_EditLexDlg
SSCE_EditLexDlgTmplt
SSCE_FindLexWord
SSCE_GetAutoCorrect
SSCE_GetBlock
SSCE_GetBlockInfo
SSCE_GetBlockWord
SSCE_GetCharSet
SSCE_GetHelpFile
SSCE_GetIniFile
SSCE_GetLex
SSCE_GetLexId
SSCE_GetLexInfo
SSCE_GetMainLexFiles
SSCE_GetMainLexPath
SSCE_GetMinSuggestDepth
SSCE_GetOption
SSCE_GetRegTreeName
SSCE_GetSelUserLexFile
SSCE_GetSid
SSCE_GetStatistics
SSCE_GetStringTableName
SSCE_GetStringWord
SSCE_GetUserLexFiles
SSCE_GetUserLexPath
SSCE_InsertBlockText
SSCE_InsertStringText
SSCE_NextBlockWord
SSCE_OpenBlock
SSCE_OpenLex
SSCE_OpenSession
SSCE_OptionsDlg
SSCE_OptionsDlgTmplt
SSCE_ReplaceBlockWord
SSCE_ReplaceStringWord
SSCE_ResetLex
SSCE_SetAutoCorrect
SSCE_SetBlockCursor
SSCE_SetCharSet
SSCE_SetDebugFile
SSCE_SetDialogOrigin
SSCE_SetHelpFile
SSCE_SetIniFile
SSCE_SetKey
SSCE_SetMainLexFiles
SSCE_SetMainLexPath
SSCE_SetMinSuggestDepth
SSCE_SetOption
SSCE_SetRegTreeName
SSCE_SetSelUserLexFile
SSCE_SetStringTableName
SSCE_SetUserLexFiles
SSCE_SetUserLexPath
SSCE_Suggest
SSCE_SyncLex
SSCE_Version
SndMsgEnumCb
SpellCheckDlgProc

Sections

.text
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ssceam2.clx
ssceda2.clx
sscedu2.clx
sscefi2.clx
sscefr2.clx
sscege2.clx
ssceit2.clx
sscenb2.clx
sscepo2.clx
sscesp2.clx
sscesw2.clx
ter14.dll
.dll windows:4 windows x86 arch:x86

2f25183b0fb56e390cecc8b2f732b89c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ord17
ImageList_Draw

imm32

ImmGetCompositionStringA
ImmReleaseContext
ImmGetCompositionStringW
ImmGetContext
ImmNotifyIME
ImmIsUIMessageA

ssce5432

SSCE_CreateLex
SSCE_CloseLex
SSCE_OpenLex
SSCE_SetOption
SSCE_OpenSession
SSCE_CloseSession
SSCE_SetIniFile
SSCE_SetKey
SSCE_Suggest
SSCE_CheckWord
SSCE_AddToLex

kernel32

FlushFileBuffers
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetStringTypeA
InitializeCriticalSection
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
GetFullPathNameA
GetCurrentDirectoryA
LCMapStringW
LCMapStringA
VirtualFree
HeapCreate
HeapDestroy
HeapReAlloc
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
ExitProcess
IsDebuggerPresent
GetCurrentProcess
TerminateProcess
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetProcessHeap
HeapAlloc
HeapFree
GetCommandLineA
GetCurrentThreadId
GetDriveTypeA
GetSystemTimeAsFileTime
MoveFileA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapValidate
RtlUnwind
GetFileType
WriteConsoleW
GetStdHandle
DebugBreak
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
OpenFileMappingA
GetCurrentThread
CreateFileMappingA
MapViewOfFile
GetSystemInfo
UnmapViewOfFile
VirtualAlloc
OutputDebugStringW
OutputDebugStringA
OpenEventA
SetEvent
RaiseException
GetCurrentProcessId
GetThreadLocale
InterlockedExchange
GetFileAttributesA
GetModuleHandleA
GetLastError
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
SetFilePointer
CreateFileA
WaitForSingleObject
CreateMutexA
ReleaseMutex
DeleteFileA
FreeLibrary
GetProcAddress
LoadLibraryW
GetUserDefaultLangID
GetVersionExA
IsBadWritePtr
ReadFile
GetFileSize
lstrlenW
lstrlenA
lstrcpyA
GlobalFree
GlobalLock
GlobalAlloc
SystemTimeToFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
FileTimeToSystemTime
GetProfileStringA
IsBadReadPtr
GlobalHandle
GetModuleFileNameA
FindResourceA
LoadResource
LockResource
FreeResource
GetStringTypeW
GlobalReAlloc
SetErrorMode
LoadLibraryA
WriteFile
GlobalSize
lstrcmpA
GetDateFormatA
GetTimeFormatA
GetLocalTime
GetACP
IsDBCSLeadByteEx
IsDBCSLeadByte
MulDiv
GetCPInfo
GetVersion
GetUserDefaultLCID
GetLocaleInfoA
lstrcatA
CreateProcessA
lstrcmpiA
GlobalUnlock

user32

SetWindowLongA
GetWindowLongA
GetDlgItemInt
UpdateWindow
wsprintfA
LoadStringA
MessageBoxA
IsDlgButtonChecked
SetWindowsHookExA
DestroyCursor
DestroyWindow
ReleaseDC
KillTimer
SetMenu
GetSystemMetrics
ReleaseCapture
SetCapture
MessageBeep
ToUnicodeEx
SetFocus
SetWindowTextA
InvalidateRect
SetDlgItemTextA
SendDlgItemMessageA
EnableWindow
SetWindowPos
GetWindowRect
BringWindowToTop
ShowWindow
GetDlgItem
EndDialog
SendMessageA
BeginPaint
GetClientRect
GetSysColor
GetKeyboardState
GetKeyboardLayout
RegisterClassA
LoadCursorA
LoadIconA
GetClassInfoA
LoadMenuA
MoveWindow
SetRect
ValidateRect
HideCaret
ShowCaret
PtInRect
ClientToScreen
ScreenToClient
SetCaretPos
GetWindow
GetCursorPos
GetDC
GetParent
GetDlgItemTextA
CallWindowProcA
GetWindowTextA
GetWindowTextLengthA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
IsClipboardFormatAvailable
DialogBoxParamA
FillRect
EndPaint
DefWindowProcA
CreateWindowExA
PostMessageA
GetClassNameA
CallNextHookEx
GetKeyState
GetFocus
SetTimer
GetDlgCtrlID
PeekMessageA
IsWindow
TranslateAcceleratorA
UnregisterClassA
DestroyAcceleratorTable
DestroyMenu
SetCursor
GetSysColorBrush
RegisterClassExA
TrackPopupMenu
CreateDialogParamA
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetWindowThreadProcessId
SetForegroundWindow
TrackPopupMenuEx
EnableMenuItem
CheckMenuItem
AppendMenuA
CreatePopupMenu
CharNextA
IsWindowVisible
CreateCaret
DestroyCaret
wvsprintfA
FindWindowA
IsCharUpperW
CharLowerW
LoadBitmapA
LoadAcceleratorsA
SetScrollPos
RegisterClipboardFormatA
ShowScrollBar
SetScrollRange
CharUpperBuffA
CharLowerBuffA
SetScrollInfo
IsWindowEnabled
SetDlgItemInt
UnhookWindowsHookEx

gdi32

GetCharacterPlacementW
GetCharacterPlacementA
CreateBitmapIndirect
SetAbortProc
AbortDoc
CreateEnhMetaFileA
CloseEnhMetaFile
StartDocA
EndDoc
StartPage
GetViewportOrgEx
GetWindowOrgEx
GetWindowExtEx
GetViewportExtEx
GetMapMode
RoundRect
EndPage
PlayEnhMetaFile
LPtoDP
GetObjectType
GdiComment
DPtoLP
CreateMetaFileA
UnrealizeObject
CloseMetaFile
Escape
ResetDCA
GetMetaFileBitsEx
SetMetaFileBitsEx
GetEnhMetaFileBits
SetEnhMetaFileBits
CreateBitmap
SetDIBits
CreateDCA
GetDIBits
DeleteEnhMetaFile
GetCharWidthW
GetCharWidthA
GetTextExtentPointW
EnumFontsA
TranslateCharsetInfo
GetTextMetricsA
GetFontLanguageInfo
CreateFontIndirectA
SetTextAlign
ExtTextOutW
SetTextCharacterExtra
GetPaletteEntries
ExtTextOutA
Ellipse
ModifyWorldTransform
SetGraphicsMode
SetWorldTransform
Polyline
Polygon
SetROP2
MoveToEx
LineTo
GetObjectA
DeleteMetaFile
CopyEnhMetaFileA
GetEnhMetaFileHeader
GetDeviceCaps
CopyMetaFileA
EnumFontFamiliesExA
GetTextExtentPointA
TextOutA
GetPixel
SetPixel
CreatePolygonRgn
PtInRegion
SetStretchBltMode
SaveDC
CreateRectRgn
SelectClipRgn
RestoreDC
EnumEnhMetaFile
Rectangle
SetMapMode
SetWindowExtEx
SetViewportExtEx
EnumMetaFile
RealizePalette
SetViewportOrgEx
SetWindowOrgEx
CreatePalette
PlayMetaFileRecord
BitBlt
StretchDIBits
PlayEnhMetaFileRecord
GetBkMode
SetBkMode
SetTextColor
GetTextColor
CreatePen
SetBkColor
SelectPalette
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
CreateSolidBrush
DeleteObject
StretchBlt
DeleteDC

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA
DeviceCapabilitiesA

comdlg32

GetOpenFileNameA
ChooseFontA
ChooseColorA
PrintDlgA
GetSaveFileNameA

advapi32

RegDeleteKeyA
RegQueryValueExA
RegCloseKey
OpenThreadToken
RevertToSelf
SetThreadToken
GetUserNameA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegOpenKeyExA

shell32

DragQueryPoint
DragQueryFileA
DragFinish
ShellExecuteA
DragAcceptFiles

ole32

OleConvertOLESTREAMToIStorage
OleLoad
OleCreateFromFile
OleCreateLinkToFile
StgCreateDocfile
ProgIDFromCLSID
OleSetContainedObject
ReleaseStgMedium
OleConvertIStorageToOLESTREAM
CLSIDFromProgID
OleDraw
OleSave
OleUninitialize
DoDragDrop
RevokeDragDrop
RegisterDragDrop
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
WriteFmtUserTypeStg
WriteClassStg
OleCreate
OleCreateFromData
OleGetClipboard
OleCreateLinkFromData
OleInitialize
OleBuildVersion
CoUninitialize
CoInitialize
StringFromCLSID

oleaut32

SysAllocString
SysFreeString

Exports

Exports

BookmarkParam
CellBorderColorParam
CellBorderParam
CellColorParam
CellRotationParam
CellShadingParam
CellVertAlignParam
CellWidthFlagParam
CellWidthParam
CharScaleXParam
CharSpaceParam
CheckBoxFieldParam
ClearAllTabs
ClearTab
CloseTer
CreateTerWindow
CtlDlgFn
CtlFlags
CtlInfo
CtlStyle
CustomControlInfoA
CustomControlSizeToText
CustomControlStyle
DataFieldParam
DateParam
DeleteCellsParam
DeselectTerText
DrawObjectParam
EditInputFieldParam
EditPictureParam
EditStyleParam
FontParam
FootnoteParam
FormFieldSubclass
GetFontInfo
GetFontInfo2
GetTerBuffer
GetTerCursorPos
GetTerFields
GetTerFieldsAlt
GetTerLine
HandleToIntArray
HandleToStr
HandleToStrInChunks
HookGetMsgProc
HyperlinkParam
InputFieldParam
InsertObjectParam
InsertRtfBuf
InsertTerText
JumpParam
ListLevelParam
ListOrPropParam
ListOrSelectParam
ListParaParam
ListPropParam
ListSelectParam
LoadTerControl
MergeEnumMetafile
ObjectAttribParam
ObjectPosParam
OleEnumMetafile
OverrideBinParam
PageParam
ParaBoxParam
ParaHangingIndent
ParaIndentTwips
ParaLeftIndent
ParaNormal
ParaRightIndent
ParaSpaceParam
ParaTextFlowParam
PasteSpecialParam
PrintAbortParam
PrintPreviewProc
PrintProc
PrtEnumMetafile
RangeParam
ReadTerFile
ReplaceParam
RowHeightParam
RowPositionParam
RowTextFlowParam
SaveTerFile
ScrEnhMetaFileProc
SearchParam
SectionParam
SelectStyleParam
SelectTerText
SetTab
SetTabParam
SetTerBkColor
SetTerBuffer
SetTerCharStyle
SetTerColor
SetTerCursorPos
SetTerDefaultFont
SetTerFields
SetTerFont
SetTerLine
SetTerParaFmt
SetTerPointSize
StrToHandle
StrToHandleInChunks
TerAbsToRowCol
TerAcceptChanges
TerAddAnimPict
TerAddAutoCompWord
TerAddImageMapRect
TerAddToolbarIcon
TerAddToolbarItem
TerAdjustHtmlTable
TerAnd
TerAppendText
TerAppendTextEx
TerAppendTextU
TerApplyHyperlink
TerBmp2Png
TerBulletToText
TerCancelEditStyle
TerCellBorder
TerCellBorder2
TerCellBorderColor
TerCellColor
TerCellRotateText
TerCellShading
TerCellVertAlign
TerCellWidth
TerChangeField
TerClearAutoCompList
TerClosePrinter
TerColBreak
TerCommand
TerCommand2
TerCopyHeadersFooters
TerCreateBulletId
TerCreateBulletId2
TerCreateBulletId3
TerCreateCellId
TerCreateFirstHdrFtr
TerCreateFont
TerCreateFont2
TerCreateFont3
TerCreateFont4
TerCreateImageMap
TerCreateListBulletId
TerCreateListBulletId2
TerCreateOcxObject
TerCreateOcxObject2
TerCreateParaFrameId
TerCreateParaId
TerCreateParaIdEx
TerCreateTabId
TerCreateTable
TerCreateWindowAlt
TerDataVersion
TerDeleteBlock
TerDeleteBookmark
TerDeleteCellText
TerDeleteCells
TerDeleteField
TerDeleteFirstHdrFtr
TerDeleteHdrFtr
TerDeleteHypertext
TerDeleteIDispatch
TerDeleteObject
TerDeleteStyle
TerDeleteTag
TerDifTableRows
TerDocName
TerDrawImage
TerEditList
TerEditListLevel
TerEditListOr
TerEditStyle
TerEditTooltip
TerEnableDashes
TerEnableHScrollBar
TerEnableRefresh
TerEnableSpeedKey
TerEnableTracking
TerEngageCaret
TerEnumFontFamiliesEx
TerEnumFonts
TerEquateHtmlTable
TerExit
TerFieldToText
TerFileToMem
TerFindHlinkField
TerFindNextChange
TerFlushUndo
TerGetAppMemory
TerGetBaseLineY
TerGetBkPictId
TerGetBookmark
TerGetBufferDC
TerGetBulletInfo
TerGetBulletInfo2
TerGetBulletInfo3
TerGetCaretPos
TerGetCellBorderColor
TerGetCellBorderWidth
TerGetCellInfo
TerGetCellInfo2
TerGetCellParam
TerGetCellParam2
TerGetCharDim
TerGetCheckboxInfo
TerGetControlId
TerGetControlPos
TerGetCurFont
TerGetCurParaNum
TerGetDeviceRes
TerGetDevmode
TerGetDispPageNo
TerGetDrawObjectInfo
TerGetEffectiveFont
TerGetField
TerGetFieldFont
TerGetFontAux1Id
TerGetFontFieldCode
TerGetFontFieldId
TerGetFontLang
TerGetFontParam
TerGetFontSpace
TerGetFontStyleId
TerGetFrameParam
TerGetFrameSize
TerGetHdrFtrPos
TerGetHypertext
TerGetHypertext2
TerGetHypertextEx
TerGetHypertextU
TerGetIDispatch
TerGetImageMapInfo
TerGetImageMapRectInfo
TerGetInputFieldId
TerGetInputFieldInfo
TerGetLastMessage
TerGetLevelCell
TerGetLine
TerGetLineCol
TerGetLineEx
TerGetLineInfo
TerGetLineParam
TerGetLineU
TerGetLineWidth
TerGetListId
TerGetListInfo
TerGetListInfo2
TerGetListLevelInfo
TerGetListLine
TerGetListOrInfo
TerGetMarginEx
TerGetMsgCallback
TerGetNextControlPos
TerGetOleClass
TerGetOlePtr
TerGetOrigPictSize
TerGetOverrideBin
TerGetPageBorderDim
TerGetPageCount
TerGetPageFirstLine
TerGetPageNumFmt
TerGetPageOffset
TerGetPageOrient
TerGetPageOrient2
TerGetPageOrientEx
TerGetPagePos
TerGetPageSect
TerGetPageSize
TerGetParaAux1Id
TerGetParaCount
TerGetParaInfo
TerGetParaInfo2
TerGetParaInfo3
TerGetParaInfo4
TerGetParaParam
TerGetParam
TerGetParentPtr
TerGetPictCropping
TerGetPictFrame
TerGetPictInfo
TerGetPictMapId
TerGetPictOffset
TerGetPrevControlPos
TerGetPrinter
TerGetReadOnly
TerGetReviewerInfo
TerGetRowCellCount
TerGetRowInfo
TerGetRtfDocInfo
TerGetRtfSel
TerGetSectAuxId
TerGetSectBins
TerGetSectInfo
TerGetSectParam
TerGetSelection
TerGetSeqSect
TerGetStyleId
TerGetStyleInfo
TerGetStyleParam
TerGetTabStop
TerGetTabStop2
TerGetTableId
TerGetTableLevel
TerGetTablePos
TerGetTablePos2
TerGetTag
TerGetTagEx
TerGetTextColor
TerGetTextFieldInfo
TerGetTextHeight
TerGetTextSel
TerGetTextSelU
TerGetVbxCallback
TerGetVersion
TerGetVisibleCol
TerGetWordCount
TerHdrFtrExists
TerHideToolbarIcon
TerHideWindow
TerHigh16Bits
TerHtmlCellWidthFlag
TerHtmlCharSet
TerIgnoreCommand
TerImageMapNameToId
TerInit
TerInsertBookmark
TerInsertCheckBoxField
TerInsertControl
TerInsertDateTime
TerInsertDrawObject
TerInsertDynamicField
TerInsertField
TerInsertFootnote
TerInsertFootnote2
TerInsertHyperlink
TerInsertHyperlinkU
TerInsertLine
TerInsertLineObject
TerInsertObjectId
TerInsertOleFile
TerInsertOleObject
TerInsertPageRef
TerInsertParaFrame
TerInsertPictureFile
TerInsertPictureFileXY
TerInsertRtfFile
TerInsertTableCol
TerInsertTableRow
TerInsertText
TerInsertTextInputField
TerInsertTextU
TerInsertToc
TerInternetClose
TerInternetGet
TerInternetOpen
TerInternetPut
TerInvokeOcx
TerInvokeOcx2
TerIsInIE
TerIsModified
TerIsPrinting
TerIsSspAvail
TerIsTableSelected
TerIsTableWider
TerLineInfoFlags
TerLineSelected
TerLocateAuxIdChar
TerLocateChangedChar
TerLocateField
TerLocateFieldChar
TerLocateFontFlags
TerLocateFontId
TerLocateInputField
TerLocateStyle
TerLocateStyleChar
TerLow16Bits
TerLparam2String
TerMakeMbcs
TerMbcsChar
TerMbcsDir
TerMbcsExt
TerMbcsLen
TerMenuEnable
TerMenuEnable2
TerMenuSelect
TerMenuSelect2
TerMergeFields
TerMergePrint
TerMergePrintMeta
TerMergePrintMeta2
TerMergePrintRE
TerMergePrintRep
TerMergePrintRep2
TerMergePrintRep3
TerMergePrintVB
TerMoveParaFrame
TerMoveParaFrame2
TerMovePictFrame
TerMovePictFrame2
TerNormalizeBlock
TerOcxPropInfo
TerOr
TerOverridePageCount
TerOverridePageSize
TerOverrideStyles
TerPageBreak
TerPageFromLine
TerPastePicture
TerPdcEnd
TerPdcPrintPage
TerPdcStart
TerPdcStart2
TerPdfEnd
TerPdfPrintPage
TerPdfSetDllName
TerPdfStart
TerPdfStart2
TerPdfStart3
TerPdfStart4
TerPickBknd
TerPictAltInfo
TerPictLinkName
TerPictureFromEmf
TerPictureFromFile
TerPictureFromGif
TerPictureFromJpg
TerPictureFromOther
TerPictureFromPng
TerPictureFromTif
TerPictureFromWmf
TerPixToTextPos
TerPlayMergeMeta
TerPlayMergeMeta2
TerPosAfterTable
TerPosAtParaNum
TerPosBodyText
TerPosBookmark
TerPosFrame
TerPosHdrFtr
TerPosHdrFtrEx
TerPosLineAtTop
TerPosPage
TerPosTable
TerPosTable2
TerPosTable3
TerPosTable4
TerPosTag
TerPosTagEx
TerPrint
TerPrint2
TerPrintEx
TerPrintPreview
TerPrintPreviewMode
TerProcessTab
TerQueryExit
TerQuickRepaint
TerRecreateToolbar
TerRedirectArrowKeys
TerRegisterMsgCallback
TerRegisterPrintCallback
TerRegisterVbxCallback
TerRejectChanges
TerRepaginate
TerRepaint
TerRepaintArea
TerResetLastMessage
TerRewrap
TerRotateFrameText
TerRowColToAbs
TerRowHeight
TerRowPosition
TerRowPositionEx
TerSavePict
TerSavePictDIB
TerSavePictEmf
TerSavePictGif
TerSavePictJpg
TerSavePictPng
TerScrLineHeight
TerScrToTwipsX
TerScrToTwipsY
TerSearchReplace
TerSearchReplace2
TerSearchReplaceU
TerSectBreak
TerSelectCellText
TerSelectCharStyle
TerSelectCol
TerSelectFrameText
TerSelectParaStyle
TerSelectParaText
TerSelectPrint
TerSelectPrint2
TerSelectRow
TerSelectTable
TerSetAccelHandle
TerSetAnimInfo

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
topocr.exe
.exe windows:4 windows x86 arch:x86

e296cc3cd43a3c22289e236788924cda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imgman32

ord5
ord302
ord28
ord300
ord301
ord7
ord4
ord31
ord29
ord59
ord118
ord408
ord56
ord54
ord38
ord37
ord41
ord45
ord120
ord57
ord43
ord40
ord102
ord123
ord3
ord109
ord105
ord10
ord2
ord18
ord9
ord39
ord32
ord22
ord6
ord30
ord25

kernel32

HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
LCMapStringW
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
GetACP
FreeEnvironmentStringsA
GetEnvironmentStrings
GetStartupInfoA
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
SetEnvironmentVariableA
CreateFileW
GetVersion
InterlockedExchange
MultiByteToWideChar
CompareStringW
CompareStringA
WideCharToMultiByte
GetStringTypeExA
lstrcmpiA
lstrlenA
GetLastError
SetCurrentDirectoryA
GlobalFree
GlobalUnlock
GlobalHandle
GetModuleFileNameA
GetFileAttributesA
TlsSetValue
LocalAlloc
TlsGetValue
GlobalLock
FindResourceA
SizeofResource
LockResource
LoadResource
GetTickCount
GetProcessHeap
GetCommandLineA
GetDriveTypeA
ExitProcess
HeapReAlloc
HeapFree
HeapAlloc
VirtualAlloc
RtlUnwind
RaiseException
Sleep
FreeLibrary
GetProcAddress
LoadLibraryA
MulDiv
LocalFree
FormatMessageA
GlobalAlloc
SetErrorMode
GetCurrentDirectoryA
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileA
GetShortPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetThreadLocale
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
GetOEMCP
SetLastError
GetCPInfo
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsAlloc
InitializeCriticalSection
GlobalReAlloc
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetCurrentProcessId
InterlockedDecrement
GetModuleFileNameW
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetModuleHandleA
GetVersionExA
FreeResource
FreeEnvironmentStringsW

user32

SetParent
CopyAcceleratorTableA
CreateMenu
PostThreadMessageA
GetTabbedTextExtentA
GetDCEx
LockWindowUpdate
RegisterClipboardFormatA
SetMenu
GetMenuItemInfoA
InflateRect
DestroyCursor
SetRect
KillTimer
SetTimer
SetWindowRgn
DrawIcon
FindWindowA
RedrawWindow
TranslateAcceleratorA
TranslateMDISysAccel
BringWindowToTop
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
LoadMenuA
LoadAcceleratorsA
DestroyMenu
ShowOwnedPopups
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
SetRectEmpty
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetWindowTextA
IsDialogMessageA
SetDlgItemInt
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
GetScrollRange
SetForegroundWindow
ShowScrollBar
PostMessageA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetDesktopWindow
GetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
IsWindow
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
SetActiveWindow
SetWindowPos
IsWindowVisible
IsZoomed
IsIconic
InvalidateRect
GetMenu
ScreenToClient
GetCursorPos
SetCapture
PeekMessageA
ReleaseCapture
CopyRect
GetCursor
LoadCursorFromFileA
IsClipboardFormatAvailable
DestroyIcon
DeleteMenu
WindowFromPoint
UnregisterClassA
GetSysColorBrush
UnpackDDElParam
ReuseDDElParam
InsertMenuItemA
GetPropA
CreatePopupMenu
LoadStringA
GetWindowLongA
SendMessageA
SetWindowLongA
CheckDlgButton
GetParent
GetWindowRect
MapDialogRect
MoveWindow
IsDlgButtonChecked
LoadCursorA
SetCursor
GetDlgItem
GetClientRect
GetDC
ReleaseDC
FillRect
SetDlgItemTextA
UpdateWindow
MessageBoxA
ShowWindow
GetScrollPos
SetScrollRange
SetScrollPos
wsprintfA
EnableWindow
CharUpperA
CreateWindowExA

gdi32

GetWindowOrgEx
GetTextFaceA
GetTextAlign
GetTextColor
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetNearestColor
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateCompatibleBitmap
StretchDIBits
CreateFontA
GetCharWidthA
CreateFontIndirectA
Rectangle
DeleteObject
GetStockObject
GetDeviceCaps
CreateHatchBrush
GetBkColor
PatBlt
SetWindowOrgEx
SelectPalette
RealizePalette
LPtoDP
CreateDCA
GetClipBox
SetTextColor
SetBkColor
GetObjectA
CreateBitmap
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
DeleteDC
CreatePatternBrush
CreateCompatibleDC
CreatePen
GetTextMetricsA
GetTextExtentPoint32A
CreateEllipticRgn
DPtoLP
Ellipse
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetViewportOrgEx
CreateSolidBrush

comdlg32

GetFileTitleA
GetOpenFileNameA
CommDlgExtendedError

winspool.drv

GetJobA
OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegCreateKeyA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
GetFileSecurityA
SetFileSecurityA
RegOpenKeyA
RegSetValueA
RegCloseKey

shell32

DragFinish
DragQueryFileA
SHGetFileInfoA
ExtractIconA
DragAcceptFiles

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator

oleaut32

SysAllocStringLen
VariantInit
VariantChangeType
VariantClear

Sections

.text
Size: 564KB - Virtual size: 561KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 905KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
uninst.exe
.exe windows:4 windows x86 arch:x86

9632e80596371cfa7f563f680f3c4498

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create

kernel32

SetErrorMode
GetExitCodeProcess
WaitForSingleObject
ExpandEnvironmentStringsA
GetEnvironmentVariableA
lstrcmpiA
FindNextFileA
DeleteFileA
FindFirstFileA
SetFileTime
GetFileAttributesA
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetCurrentDirectoryA
CreateDirectoryA
SetFileAttributesA
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetModuleHandleA
ExitProcess
lstrcpynA
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GetVersion
GlobalUnlock
GlobalLock
GlobalAlloc
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
GetSystemDirectoryA
EnterCriticalSection
Sleep
LeaveCriticalSection
InitializeCriticalSection
CloseHandle
GlobalFree
LoadLibraryA
GetProcAddress
CreateThread
FreeLibrary
MultiByteToWideChar
GetCurrentProcess
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
MulDiv
CopyFileA

user32

CharNextA
DialogBoxParamA
GetClassInfoA
CreateWindowExA
SystemParametersInfoA
RegisterClassA
EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
PeekMessageA
DispatchMessageA
ExitWindowsEx
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
PostQuitMessage

gdi32

GetDeviceCaps
CreateFontIndirectA
DeleteObject
CreateBrushIndirect
CreateFontA
SetBkMode
SetTextColor
SetBkColor
SelectObject

advapi32

RegEnumValueA
RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyA
RegCloseKey

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHFileOperationA

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

9632e80596371cfa7f563f680f3c4498

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

version

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 16KB - Virtual size: 20KB

3764e6c387ce3c76b39936a24d523dce

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 924B

3cc74157b8178cf0b688dad72db0d16c

Headers

File Characteristics

Imports

user32

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

d1e9e0753132285eeb2f3999d5ea908a

Headers

File Characteristics

Imports

user32

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 1KB

f457b7f8732fff1247e8a5110ce325da

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 16KB - Virtual size: 15KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 16KB - Virtual size: 20KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 924B

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 12KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 22KB