LangDialog
Overview
overview
8Static
static
768be4bd405...3b.exe
windows7-x64
768be4bd405...3b.exe
windows10-2004-x64
7$PLUGINSDI...LL.dll
windows7-x64
3$PLUGINSDI...LL.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3$PLUGINSDI...ec.dll
windows7-x64
3$PLUGINSDI...ec.dll
windows10-2004-x64
3DuiLib.dll
windows7-x64
3DuiLib.dll
windows10-2004-x64
3WinDivert.dll
windows7-x64
1WinDivert.dll
windows10-2004-x64
1WinDivert32.sys
windows10-2004-x64
1WinDivert64.sys
windows10-2004-x64
1WinDivert640.sys
windows10-2004-x64
1plug.dll
windows7-x64
1plug.dll
windows10-2004-x64
1plug64.dll
windows7-x64
1plug64.dll
windows10-2004-x64
1start.exe
windows7-x64
1start.exe
windows10-2004-x64
1uninst.exe
windows7-x64
8uninst.exe
windows10-2004-x64
$PLUGINSDI...gs.dll
windows7-x64
1$PLUGINSDI...gs.dll
windows10-2004-x64
1$PLUGINSDI...ll.dll
windows7-x64
7$PLUGINSDI...ll.dll
windows10-2004-x64
7$PLUGINSDI...ec.dll
windows7-x64
3$PLUGINSDI...ec.dll
windows10-2004-x64
3xdr.exe
windows7-x64
1Behavioral task
behavioral1
Sample
68be4bd4051500c984a5607c8a56e7332d1b53e165e0d7217129a2d50ce0163b.exe
Resource
win7-20240221-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
68be4bd4051500c984a5607c8a56e7332d1b53e165e0d7217129a2d50ce0163b.exe
Resource
win10v2004-20240412-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral3
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral4
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral5
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral6
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral7
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral8
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral9
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20240220-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral10
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral11
Sample
DuiLib.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral12
Sample
DuiLib.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral13
Sample
WinDivert.dll
Resource
win7-20240319-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral14
Sample
WinDivert.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral15
Sample
WinDivert32.sys
Resource
win10v2004-20240412-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral16
Sample
WinDivert64.sys
Resource
win10v2004-20240412-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral17
Sample
WinDivert640.sys
Resource
win10v2004-20240412-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral18
Sample
plug.dll
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral19
Sample
plug.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral20
Sample
plug64.dll
Resource
win7-20240220-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral21
Sample
plug64.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral22
Sample
start.exe
Resource
win7-20240221-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral23
Sample
start.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral24
Sample
uninst.exe
Resource
win7-20240221-en
windows7-x64
9 signatures
150 seconds
Behavioral task
behavioral25
Sample
uninst.exe
Resource
win10v2004-20240412-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral26
Sample
$PLUGINSDIR/Dialogs.dll
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral27
Sample
$PLUGINSDIR/Dialogs.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral28
Sample
$PLUGINSDIR/md5dll.dll
Resource
win7-20240215-en
windows7-x64
4 signatures
150 seconds
Behavioral task
behavioral29
Sample
$PLUGINSDIR/md5dll.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
4 signatures
150 seconds
Behavioral task
behavioral30
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20231129-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral31
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral32
Sample
xdr.exe
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
General
-
Target
68be4bd4051500c984a5607c8a56e7332d1b53e165e0d7217129a2d50ce0163b
-
Size
15.4MB
-
MD5
a272dd310818e75d7ced8fea6ff2562c
-
SHA1
5e21ec9f4a276e052660b4aee0a4e58e100bf826
-
SHA256
68be4bd4051500c984a5607c8a56e7332d1b53e165e0d7217129a2d50ce0163b
-
SHA512
77b692eb9d2690791d4084e3c8a8e878d46c4b187a22cf9b4a1b2de1442aba807f3ea158c79e5857dba0bb74e10a066e77e3786989b5d081a213d44b5e78a959
-
SSDEEP
393216:RtIH7/Nsl7NlLPMQZwGBp9L5iQvZPb2fgS8zjzHqv2qnFA:RGbAMQ+izbvZPb4ojga
Score
7/10
Malware Config
Signatures
-
ACProtect 1.3x - 1.4x DLL software 1 IoCs
Detects file using ACProtect software.
resource yara_rule static1/unpack003/$PLUGINSDIR/md5dll.dll acprotect -
resource yara_rule static1/unpack003/$PLUGINSDIR/md5dll.dll upx -
Unsigned PE 17 IoCs
Checks for missing Authenticode signature.
resource 68be4bd4051500c984a5607c8a56e7332d1b53e165e0d7217129a2d50ce0163b unpack001/$PLUGINSDIR/LangDLL.dll unpack001/$PLUGINSDIR/System.dll unpack001/$PLUGINSDIR/nsDialogs.dll unpack001/$PLUGINSDIR/nsExec.dll unpack001/DuiLib.dll unpack001/WinDivert.dll unpack001/plug.dll unpack001/plug64.dll unpack001/start.exe unpack001/uninst.exe unpack003/$PLUGINSDIR/Dialogs.dll unpack003/$PLUGINSDIR/md5dll.dll unpack004/out.upx unpack003/$PLUGINSDIR/nsExec.dll unpack001/xdr.exe unpack001/xdrPop.exe
Files
-
68be4bd4051500c984a5607c8a56e7332d1b53e165e0d7217129a2d50ce0163b.exe windows:4 windows x86 arch:x86
56a78d55f3f7af51443e58e0ce2fb5f6
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW
shell32
SHGetSpecialFolderLocation
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW
ole32
OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
CoTaskMemFree
comctl32
ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked
user32
GetClientRect
EndPaint
DrawTextW
IsWindowEnabled
DispatchMessageW
wsprintfA
CharNextA
CharPrevW
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
GetSystemMetrics
FillRect
AppendMenuW
TrackPopupMenu
OpenClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetSysColor
SetWindowPos
GetWindowLongW
PeekMessageW
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
EmptyClipboard
CreatePopupMenu
gdi32
SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject
kernel32
GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
lstrcatW
Sleep
lstrcpyA
WriteFile
GetTempFileNameW
CreateFileW
lstrcmpiA
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersionExW
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
CopyFileW
ExitProcess
GetCurrentProcess
GetModuleFileNameW
GetFileSize
GetTickCount
MulDiv
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
MoveFileExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
Sections
.text Size: 26KB - Virtual size: 26KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 172KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 156KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/LangDLL.dll.dll windows:4 windows x86 arch:x86
3e8d18bb71c7ebbda2ddc2a4bb03547b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
lstrlenW
GlobalFree
lstrcpynW
lstrcmpW
GlobalAlloc
MulDiv
GetModuleHandleW
lstrcpyW
user32
DialogBoxParamW
SetDlgItemTextW
SendDlgItemMessageW
EndDialog
SetWindowTextW
LoadIconW
ShowWindow
SendMessageW
GetDC
gdi32
GetDeviceCaps
CreateFontIndirectW
DeleteObject
Exports
Exports
Sections
.text Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 681B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 352B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 352B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:4 windows x86 arch:x86
fc0224e99e736751432961db63a41b76
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError
user32
wsprintfW
ole32
StringFromGUID2
CLSIDFromString
Exports
Exports
Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 867B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 120B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 662B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/modern-wizard.bmp
-
$PLUGINSDIR/nsDialogs.dll.dll windows:4 windows x86 arch:x86
6b5c4f7d679059f68f1269aad3a5cecd
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetFileAttributesW
lstrcpyW
MulDiv
lstrlenW
HeapFree
GetCurrentDirectoryW
lstrcmpiW
GetProcessHeap
HeapReAlloc
GlobalFree
lstrcpynW
GlobalAlloc
SetCurrentDirectoryW
HeapAlloc
user32
DestroyWindow
CallWindowProcW
SetCursor
LoadCursorW
GetPropW
CharPrevW
DrawFocusRect
GetWindowLongW
DrawTextW
GetClientRect
SetWindowLongW
GetDlgItem
GetSysColor
SetWindowPos
CreateDialogParamW
MapDialogRect
GetWindowRect
SetPropW
CreateWindowExW
IsWindow
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
CharNextW
SendMessageW
MapWindowPoints
RemovePropW
GetWindowTextW
gdi32
SetTextColor
shell32
SHBrowseForFolderW
SHGetPathFromIDListW
comdlg32
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
ole32
CoTaskMemFree
Exports
Exports
Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show
Sections
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 152B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 638B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/nsExec.dll.dll windows:4 windows x86 arch:x86
c1c7505e1e6e929ebb6b9100e55b050a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
advapi32
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
IsTextUnicode
user32
wsprintfW
CharNextExA
SendMessageW
FindWindowExW
CharNextW
CharPrevW
kernel32
CreatePipe
DeleteFileW
lstrcmpiW
GetCommandLineW
ExitProcess
Sleep
TerminateProcess
GlobalReAlloc
MultiByteToWideChar
IsDBCSLeadByteEx
ReadFile
PeekNamedPipe
GetExitCodeProcess
WaitForSingleObject
GetTickCount
lstrcpyW
CreateProcessW
GetStartupInfoW
CreateFileMappingW
GetVersion
GetCurrentProcess
lstrcpynW
lstrlenW
lstrcatW
CloseHandle
UnmapViewOfFile
MapViewOfFile
GlobalFree
CreateFileW
CopyFileW
GetTempFileNameW
GlobalAlloc
GetModuleFileNameW
GetProcAddress
GetModuleHandleA
Exports
Exports
Exec
ExecToLog
ExecToStack
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 420B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
DuiLib.dll.dll windows:6 windows x86 arch:x86
df2113bead6932f8fae08bf1e48767b0
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
D:\____02_CodeTest\xdrPopWindow1_process\duilib\DuiLib\Build\Release\DuiLib.pdb
Imports
kernel32
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetStdHandle
HeapReAlloc
HeapAlloc
HeapFree
GetCurrentThread
GetModuleHandleExW
LoadLibraryExW
FreeLibrary
GetProcessHeap
SetFilePointerEx
TlsGetValue
TlsAlloc
EncodePointer
SetLastError
InterlockedFlushSList
InterlockedPushEntrySList
RaiseException
RtlUnwind
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
EnumSystemLocalesW
SetConsoleCtrlHandler
GetStringTypeW
DecodePointer
TlsFree
SetStdHandle
HeapSize
FlushFileBuffers
GetFileSizeEx
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
GlobalLock
GlobalUnlock
GlobalAlloc
GetLocalTime
MulDiv
GetFileSize
LoadLibraryW
GetModuleFileNameW
GetTickCount
SetCurrentDirectoryW
GetLastError
WideCharToMultiByte
SystemTimeToFileTime
DosDateTimeToFileTime
GetCurrentProcess
DuplicateHandle
CloseHandle
WriteFile
SetFileTime
SetFilePointer
ReadFile
GetFileType
CreateFileW
CreateDirectoryW
GetCurrentDirectoryW
GetProcAddress
GetModuleHandleW
GetACP
MultiByteToWideChar
FindResourceW
DisableThreadLibraryCalls
SizeofResource
LockResource
LoadResource
FreeResource
ExitProcess
TlsSetValue
WriteConsoleW
user32
GetCaretBlinkTime
GetWindowTextLengthW
GetWindowTextW
GetCaretPos
CreateCaret
IntersectRect
SetWindowPos
IsIconic
IsZoomed
SetWindowRgn
GetClientRect
HideCaret
ShowCaret
SetCaretPos
GetSysColor
CharNextW
GetWindowRect
MessageBoxW
ScreenToClient
GetWindowLongW
SetWindowLongW
MonitorFromWindow
GetMonitorInfoW
wvsprintfW
SetCursor
InflateRect
UnionRect
OffsetRect
LoadCursorW
PostMessageW
DefWindowProcW
RegisterClassExW
CreateWindowExW
IsWindow
DestroyWindow
ShowWindow
MoveWindow
GetWindowRgn
GetParent
wsprintfW
GetMessageW
TranslateMessage
DispatchMessageW
SendMessageW
PostQuitMessage
CallWindowProcW
RegisterClassW
GetClassInfoExW
SetFocus
EnableWindow
GetSystemMetrics
GetMenu
SetPropW
GetPropW
AdjustWindowRectEx
GetWindow
LoadImageW
PtInRect
SetWindowTextW
GetGUIThreadInfo
ClientToScreen
InvalidateRgn
CreateAcceleratorTableW
SetRect
FillRect
DrawTextW
CharPrevW
MapWindowPoints
GetCursorPos
InvalidateRect
GetUpdateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetKeyState
GetFocus
GetActiveWindow
IsWindowVisible
IsRectEmpty
gdi32
ExtSelectClipRgn
SelectClipRgn
RoundRect
GetTextExtentPoint32W
GetClipBox
GetCharABCWidthsW
CreateSolidBrush
CreateRectRgnIndirect
CreatePenIndirect
CombineRgn
SetWindowOrgEx
GetObjectW
GetTextMetricsW
SaveDC
RestoreDC
Rectangle
GetStockObject
CreatePen
SetBkColor
CreateCompatibleBitmap
BitBlt
CreateDIBSection
SelectObject
PtInRegion
DeleteDC
CreateRectRgn
CreateCompatibleDC
DeleteObject
CreateRoundRectRgn
SetStretchBltMode
SetTextColor
MoveToEx
TextOutW
ExtTextOutW
GdiFlush
GetDeviceCaps
CreatePatternBrush
GetObjectA
SetBkMode
CreateFontIndirectW
LineTo
StretchBlt
ole32
CreateStreamOnHGlobal
OleLockRunning
CoInitialize
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoUninitialize
oleaut32
SysFreeString
SysAllocString
VariantInit
VariantClear
gdiplus
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDrawString
GdipGetFamily
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDeleteFontFamily
GdipDrawImage
GdipGraphicsClear
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipSetPixelOffsetMode
GdipSetSmoothingMode
GdipSetCompositingQuality
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipCreateLineBrushI
GdipDeleteBrush
GdipCloneBrush
GdiplusShutdown
GdiplusStartup
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipFree
GdipAlloc
comctl32
ord17
_TrackMouseEvent
imm32
ImmReleaseContext
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmGetContext
Exports
Exports
??0CActiveXUI@DuiLib@@QAE@ABV01@@Z
??0CActiveXUI@DuiLib@@QAE@XZ
??0CButtonUI@DuiLib@@QAE@$$QAV01@@Z
??0CButtonUI@DuiLib@@QAE@ABV01@@Z
??0CButtonUI@DuiLib@@QAE@XZ
??0CCheckBoxUI@DuiLib@@QAE@$$QAV01@@Z
??0CCheckBoxUI@DuiLib@@QAE@ABV01@@Z
??0CCheckBoxUI@DuiLib@@QAE@XZ
??0CChildLayoutUI@DuiLib@@QAE@$$QAV01@@Z
??0CChildLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CChildLayoutUI@DuiLib@@QAE@XZ
??0CComboUI@DuiLib@@QAE@$$QAV01@@Z
??0CComboUI@DuiLib@@QAE@ABV01@@Z
??0CComboUI@DuiLib@@QAE@XZ
??0CContainerUI@DuiLib@@QAE@ABV01@@Z
??0CContainerUI@DuiLib@@QAE@XZ
??0CControlUI@DuiLib@@QAE@ABV01@@Z
??0CControlUI@DuiLib@@QAE@XZ
??0CDateTimeUI@DuiLib@@QAE@$$QAV01@@Z
??0CDateTimeUI@DuiLib@@QAE@ABV01@@Z
??0CDateTimeUI@DuiLib@@QAE@XZ
??0CDelegateBase@DuiLib@@QAE@ABV01@@Z
??0CDelegateBase@DuiLib@@QAE@PAX0@Z
??0CDialogBuilder@DuiLib@@QAE@XZ
??0CDuiPoint@DuiLib@@QAE@ABUtagPOINT@@@Z
??0CDuiPoint@DuiLib@@QAE@J@Z
??0CDuiPoint@DuiLib@@QAE@JJ@Z
??0CDuiPoint@DuiLib@@QAE@PB_W@Z
??0CDuiPoint@DuiLib@@QAE@XZ
??0CDuiPtrArray@DuiLib@@QAE@ABV01@@Z
??0CDuiPtrArray@DuiLib@@QAE@H@Z
??0CDuiRect@DuiLib@@QAE@ABUtagRECT@@@Z
??0CDuiRect@DuiLib@@QAE@JJJJ@Z
??0CDuiRect@DuiLib@@QAE@PB_W@Z
??0CDuiRect@DuiLib@@QAE@XZ
??0CDuiSize@DuiLib@@QAE@ABUtagSIZE@@@Z
??0CDuiSize@DuiLib@@QAE@JJ@Z
??0CDuiSize@DuiLib@@QAE@PB_W@Z
??0CDuiSize@DuiLib@@QAE@UtagRECT@@@Z
??0CDuiSize@DuiLib@@QAE@XZ
??0CDuiString@DuiLib@@QAE@ABV01@@Z
??0CDuiString@DuiLib@@QAE@PB_WH@Z
??0CDuiString@DuiLib@@QAE@XZ
??0CDuiString@DuiLib@@QAE@_W@Z
??0CDuiStringPtrMap@DuiLib@@QAE@H@Z
??0CDuiValArray@DuiLib@@QAE@HH@Z
??0CEditUI@DuiLib@@QAE@$$QAV01@@Z
??0CEditUI@DuiLib@@QAE@ABV01@@Z
??0CEditUI@DuiLib@@QAE@XZ
??0CEventSource@DuiLib@@QAE@ABV01@@Z
??0CEventSource@DuiLib@@QAE@XZ
??0CGifAnimUI@DuiLib@@QAE@ABV01@@Z
??0CGifAnimUI@DuiLib@@QAE@XZ
??0CHorizontalLayoutUI@DuiLib@@QAE@$$QAV01@@Z
??0CHorizontalLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CHorizontalLayoutUI@DuiLib@@QAE@XZ
??0CLabelUI@DuiLib@@QAE@ABV01@@Z
??0CLabelUI@DuiLib@@QAE@XZ
??0CListContainerElementUI@DuiLib@@QAE@$$QAV01@@Z
??0CListContainerElementUI@DuiLib@@QAE@ABV01@@Z
??0CListContainerElementUI@DuiLib@@QAE@XZ
??0CListElementUI@DuiLib@@QAE@$$QAV01@@Z
??0CListElementUI@DuiLib@@QAE@ABV01@@Z
??0CListElementUI@DuiLib@@QAE@XZ
??0CListHBoxElementUI@DuiLib@@QAE@$$QAV01@@Z
??0CListHBoxElementUI@DuiLib@@QAE@ABV01@@Z
??0CListHBoxElementUI@DuiLib@@QAE@XZ
??0CListHeaderItemUI@DuiLib@@QAE@$$QAV01@@Z
??0CListHeaderItemUI@DuiLib@@QAE@ABV01@@Z
??0CListHeaderItemUI@DuiLib@@QAE@XZ
??0CListHeaderUI@DuiLib@@QAE@$$QAV01@@Z
??0CListHeaderUI@DuiLib@@QAE@ABV01@@Z
??0CListHeaderUI@DuiLib@@QAE@XZ
??0CListLabelElementUI@DuiLib@@QAE@$$QAV01@@Z
??0CListLabelElementUI@DuiLib@@QAE@ABV01@@Z
??0CListLabelElementUI@DuiLib@@QAE@XZ
??0CListTextElementUI@DuiLib@@QAE@ABV01@@Z
??0CListTextElementUI@DuiLib@@QAE@XZ
??0CListUI@DuiLib@@QAE@$$QAV01@@Z
??0CListUI@DuiLib@@QAE@ABV01@@Z
??0CListUI@DuiLib@@QAE@XZ
??0CMarkup@DuiLib@@QAE@PB_W@Z
??0CMarkupNode@DuiLib@@AAE@PAVCMarkup@1@H@Z
??0CMarkupNode@DuiLib@@AAE@XZ
??0CNotifyPump@DuiLib@@QAE@$$QAV01@@Z
??0CNotifyPump@DuiLib@@QAE@ABV01@@Z
??0CNotifyPump@DuiLib@@QAE@XZ
??0COptionUI@DuiLib@@QAE@ABV01@@Z
??0COptionUI@DuiLib@@QAE@XZ
??0CPaintManagerUI@DuiLib@@QAE@ABV01@@Z
??0CPaintManagerUI@DuiLib@@QAE@XZ
??0CProgressUI@DuiLib@@QAE@$$QAV01@@Z
??0CProgressUI@DuiLib@@QAE@ABV01@@Z
??0CProgressUI@DuiLib@@QAE@XZ
??0CRichEditUI@DuiLib@@QAE@ABV01@@Z
??0CRichEditUI@DuiLib@@QAE@XZ
??0CScrollBarUI@DuiLib@@QAE@$$QAV01@@Z
??0CScrollBarUI@DuiLib@@QAE@ABV01@@Z
??0CScrollBarUI@DuiLib@@QAE@XZ
??0CScrollTextUI@DuiLib@@QAE@ABV01@@Z
??0CScrollTextUI@DuiLib@@QAE@XZ
??0CSliderUI@DuiLib@@QAE@$$QAV01@@Z
??0CSliderUI@DuiLib@@QAE@ABV01@@Z
??0CSliderUI@DuiLib@@QAE@XZ
??0CTabLayoutUI@DuiLib@@QAE@$$QAV01@@Z
??0CTabLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CTabLayoutUI@DuiLib@@QAE@XZ
??0CTextUI@DuiLib@@QAE@ABV01@@Z
??0CTextUI@DuiLib@@QAE@XZ
??0CTileLayoutUI@DuiLib@@QAE@$$QAV01@@Z
??0CTileLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CTileLayoutUI@DuiLib@@QAE@XZ
??0CTreeNodeUI@DuiLib@@QAE@ABV01@@Z
??0CTreeNodeUI@DuiLib@@QAE@PAV01@@Z
??0CTreeViewUI@DuiLib@@QAE@ABV01@@Z
??0CTreeViewUI@DuiLib@@QAE@XZ
??0CVerticalLayoutUI@DuiLib@@QAE@$$QAV01@@Z
??0CVerticalLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CVerticalLayoutUI@DuiLib@@QAE@XZ
??0CWaitCursor@DuiLib@@QAE@XZ
??0CWebBrowserUI@DuiLib@@QAE@ABV01@@Z
??0CWebBrowserUI@DuiLib@@QAE@XZ
??0CWindowWnd@DuiLib@@QAE@$$QAV01@@Z
??0CWindowWnd@DuiLib@@QAE@ABV01@@Z
??0CWindowWnd@DuiLib@@QAE@XZ
??0CWndShadow@@QAE@ABV0@@Z
??0CWndShadow@@QAE@XZ
??0IMessageFilterUI@DuiLib@@QAE@$$QAV01@@Z
??0IMessageFilterUI@DuiLib@@QAE@ABV01@@Z
??0IMessageFilterUI@DuiLib@@QAE@XZ
??0INotifyUI@DuiLib@@QAE@$$QAV01@@Z
??0INotifyUI@DuiLib@@QAE@ABV01@@Z
??0INotifyUI@DuiLib@@QAE@XZ
??0ITranslateAccelerator@DuiLib@@QAE@$$QAV01@@Z
??0ITranslateAccelerator@DuiLib@@QAE@ABV01@@Z
??0ITranslateAccelerator@DuiLib@@QAE@XZ
??0STRINGorID@DuiLib@@QAE@I@Z
??0STRINGorID@DuiLib@@QAE@PB_W@Z
??0WindowImplBase@DuiLib@@QAE@ABV01@@Z
??0WindowImplBase@DuiLib@@QAE@XZ
??0tagTDrawInfo@DuiLib@@QAE@$$QAU01@@Z
??0tagTDrawInfo@DuiLib@@QAE@ABU01@@Z
??0tagTDrawInfo@DuiLib@@QAE@PB_W@Z
??0tagTDrawInfo@DuiLib@@QAE@XZ
??0tagTFontInfo@DuiLib@@QAE@$$QAU01@@Z
??0tagTFontInfo@DuiLib@@QAE@ABU01@@Z
??0tagTFontInfo@DuiLib@@QAE@XZ
??0tagTImageInfo@DuiLib@@QAE@$$QAU01@@Z
??0tagTImageInfo@DuiLib@@QAE@ABU01@@Z
??0tagTImageInfo@DuiLib@@QAE@XZ
??0tagTResInfo@DuiLib@@QAE@$$QAU01@@Z
??0tagTResInfo@DuiLib@@QAE@ABU01@@Z
??0tagTResInfo@DuiLib@@QAE@XZ
??1CActiveXUI@DuiLib@@UAE@XZ
??1CButtonUI@DuiLib@@UAE@XZ
??1CCheckBoxUI@DuiLib@@UAE@XZ
??1CChildLayoutUI@DuiLib@@UAE@XZ
??1CComboUI@DuiLib@@UAE@XZ
??1CContainerUI@DuiLib@@UAE@XZ
??1CControlUI@DuiLib@@MAE@XZ
??1CDateTimeUI@DuiLib@@UAE@XZ
??1CDelegateBase@DuiLib@@UAE@XZ
??1CDialogBuilder@DuiLib@@QAE@XZ
??1CDuiPtrArray@DuiLib@@QAE@XZ
??1CDuiString@DuiLib@@QAE@XZ
??1CDuiStringPtrMap@DuiLib@@QAE@XZ
??1CDuiValArray@DuiLib@@QAE@XZ
??1CEditUI@DuiLib@@UAE@XZ
??1CEventSource@DuiLib@@QAE@XZ
??1CGifAnimUI@DuiLib@@UAE@XZ
??1CHorizontalLayoutUI@DuiLib@@UAE@XZ
??1CLabelUI@DuiLib@@UAE@XZ
??1CListContainerElementUI@DuiLib@@UAE@XZ
??1CListElementUI@DuiLib@@UAE@XZ
??1CListHBoxElementUI@DuiLib@@UAE@XZ
??1CListHeaderItemUI@DuiLib@@UAE@XZ
??1CListHeaderUI@DuiLib@@UAE@XZ
??1CListLabelElementUI@DuiLib@@UAE@XZ
??1CListTextElementUI@DuiLib@@UAE@XZ
??1CListUI@DuiLib@@UAE@XZ
??1CMarkup@DuiLib@@QAE@XZ
??1CNotifyPump@DuiLib@@QAE@XZ
??1COptionUI@DuiLib@@UAE@XZ
??1CPaintManagerUI@DuiLib@@QAE@XZ
??1CProgressUI@DuiLib@@UAE@XZ
??1CRenderClip@DuiLib@@QAE@XZ
??1CRichEditUI@DuiLib@@UAE@XZ
??1CScrollBarUI@DuiLib@@UAE@XZ
??1CScrollTextUI@DuiLib@@UAE@XZ
??1CSliderUI@DuiLib@@UAE@XZ
??1CTabLayoutUI@DuiLib@@UAE@XZ
??1CTextUI@DuiLib@@UAE@XZ
??1CTileLayoutUI@DuiLib@@UAE@XZ
??1CTreeNodeUI@DuiLib@@UAE@XZ
??1CTreeViewUI@DuiLib@@UAE@XZ
??1CVerticalLayoutUI@DuiLib@@UAE@XZ
??1CWaitCursor@DuiLib@@QAE@XZ
??1CWebBrowserUI@DuiLib@@UAE@XZ
??1CWndShadow@@UAE@XZ
??1WindowImplBase@DuiLib@@UAE@XZ
??1tagTDrawInfo@DuiLib@@QAE@XZ
??1tagTFontInfo@DuiLib@@QAE@XZ
??1tagTImageInfo@DuiLib@@QAE@XZ
??1tagTResInfo@DuiLib@@QAE@XZ
??4CActiveXUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CButtonUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CButtonUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CCheckBoxUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CCheckBoxUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CChildLayoutUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CChildLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CComboUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CComboUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CContainerUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CControlUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CDateTimeUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CDateTimeUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CDelegateBase@DuiLib@@QAEAAV01@ABV01@@Z
??4CDialogBuilder@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CDialogBuilder@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiPoint@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CDuiPoint@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiPtrArray@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiRect@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CDuiRect@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiSize@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CDuiSize@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiString@DuiLib@@QAEABV01@ABV01@@Z
??4CDuiString@DuiLib@@QAEABV01@PBD@Z
??4CDuiString@DuiLib@@QAEABV01@PB_W@Z
??4CDuiString@DuiLib@@QAEABV01@_W@Z
??4CDuiStringPtrMap@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiValArray@DuiLib@@QAEAAV01@ABV01@@Z
??4CEditUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CEditUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CEventSource@DuiLib@@QAEAAV01@ABV01@@Z
??4CGifAnimUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CHorizontalLayoutUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CHorizontalLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CLabelUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListContainerElementUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CListContainerElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListElementUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CListElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListHBoxElementUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CListHBoxElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListHeaderItemUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CListHeaderItemUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListHeaderUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CListHeaderUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListLabelElementUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CListLabelElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListTextElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CListUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CMarkup@DuiLib@@QAEAAV01@ABV01@@Z
??4CMarkupNode@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CMarkupNode@DuiLib@@QAEAAV01@ABV01@@Z
??4CNotifyPump@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CNotifyPump@DuiLib@@QAEAAV01@ABV01@@Z
??4COptionUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CPaintManagerUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CProgressUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CProgressUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CRenderClip@DuiLib@@QAEAAV01@ABV01@@Z
??4CRenderEngine@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CRenderEngine@DuiLib@@QAEAAV01@ABV01@@Z
??4CRichEditUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CScrollBarUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CScrollBarUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CScrollTextUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CSliderUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CSliderUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTabLayoutUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CTabLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTextUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTileLayoutUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CTileLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTreeNodeUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTreeViewUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CVerticalLayoutUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CVerticalLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CWaitCursor@DuiLib@@QAEAAV01@ABV01@@Z
??4CWebBrowserUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CWindowWnd@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CWindowWnd@DuiLib@@QAEAAV01@ABV01@@Z
??4CWndShadow@@QAEAAV0@ABV0@@Z
??4IMessageFilterUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4IMessageFilterUI@DuiLib@@QAEAAV01@ABV01@@Z
??4INotifyUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4INotifyUI@DuiLib@@QAEAAV01@ABV01@@Z
??4ITranslateAccelerator@DuiLib@@QAEAAV01@$$QAV01@@Z
??4ITranslateAccelerator@DuiLib@@QAEAAV01@ABV01@@Z
??4STRINGorID@DuiLib@@QAEAAV01@$$QAV01@@Z
??4STRINGorID@DuiLib@@QAEAAV01@ABV01@@Z
??4WindowImplBase@DuiLib@@QAEAAV01@ABV01@@Z
??4tagTDrawInfo@DuiLib@@QAEAAU01@$$QAU01@@Z
??4tagTDrawInfo@DuiLib@@QAEAAU01@ABU01@@Z
??4tagTEventUI@DuiLib@@QAEAAU01@$$QAU01@@Z
??4tagTEventUI@DuiLib@@QAEAAU01@ABU01@@Z
??4tagTFontInfo@DuiLib@@QAEAAU01@$$QAU01@@Z
??4tagTFontInfo@DuiLib@@QAEAAU01@ABU01@@Z
??4tagTImageInfo@DuiLib@@QAEAAU01@$$QAU01@@Z
??4tagTImageInfo@DuiLib@@QAEAAU01@ABU01@@Z
??4tagTPercentInfo@DuiLib@@QAEAAU01@$$QAU01@@Z
??4tagTPercentInfo@DuiLib@@QAEAAU01@ABU01@@Z
??4tagTResInfo@DuiLib@@QAEAAU01@$$QAU01@@Z
??4tagTResInfo@DuiLib@@QAEAAU01@ABU01@@Z
??8CDuiString@DuiLib@@QBE_NPB_W@Z
??9CDuiString@DuiLib@@QBE_NPB_W@Z
??ACDuiPtrArray@DuiLib@@QBEPAXH@Z
??ACDuiString@DuiLib@@QBE_WH@Z
??ACDuiStringPtrMap@DuiLib@@QBEPB_WH@Z
??ACDuiValArray@DuiLib@@QBEPAXH@Z
??BCDuiString@DuiLib@@QBEPB_WXZ
??BCEventSource@DuiLib@@QAE_NXZ
??BCWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
??BCWndShadow@@QBEPAUHWND__@@XZ
??HCDuiString@DuiLib@@QBE?AV01@ABV01@@Z
??HCDuiString@DuiLib@@QBE?AV01@PB_W@Z
??MCDuiString@DuiLib@@QBE_NPB_W@Z
??NCDuiString@DuiLib@@QBE_NPB_W@Z
??OCDuiString@DuiLib@@QBE_NPB_W@Z
??PCDuiString@DuiLib@@QBE_NPB_W@Z
??RCDelegateBase@DuiLib@@QAE_NPAX@Z
??RCEventSource@DuiLib@@QAE_NPAX@Z
??YCDuiString@DuiLib@@QAEABV01@ABV01@@Z
??YCDuiString@DuiLib@@QAEABV01@PBD@Z
??YCDuiString@DuiLib@@QAEABV01@PB_W@Z
??YCDuiString@DuiLib@@QAEABV01@_W@Z
??YCEventSource@DuiLib@@QAEXABVCDelegateBase@1@@Z
??YCEventSource@DuiLib@@QAEXP6A_NPAX@Z@Z
??ZCEventSource@DuiLib@@QAEXABVCDelegateBase@1@@Z
??ZCEventSource@DuiLib@@QAEXP6A_NPAX@Z@Z
??_7CActiveXUI@DuiLib@@6BCControlUI@1@@
??_7CActiveXUI@DuiLib@@6BIMessageFilterUI@1@@
??_7CButtonUI@DuiLib@@6B@
??_7CCheckBoxUI@DuiLib@@6B@
??_7CChildLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CChildLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CComboUI@DuiLib@@6B@
??_7CComboUI@DuiLib@@6BCControlUI@1@@
??_7CComboUI@DuiLib@@6BIContainerUI@1@@
??_7CContainerUI@DuiLib@@6BCControlUI@1@@
??_7CContainerUI@DuiLib@@6BIContainerUI@1@@
??_7CControlUI@DuiLib@@6B@
??_7CDateTimeUI@DuiLib@@6B@
??_7CDelegateBase@DuiLib@@6B@
??_7CEditUI@DuiLib@@6B@
??_7CGifAnimUI@DuiLib@@6B@
??_7CHorizontalLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CHorizontalLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CLabelUI@DuiLib@@6B@
??_7CListContainerElementUI@DuiLib@@6B@
??_7CListContainerElementUI@DuiLib@@6BCControlUI@1@@
??_7CListContainerElementUI@DuiLib@@6BIContainerUI@1@@
??_7CListElementUI@DuiLib@@6BCControlUI@1@@
??_7CListElementUI@DuiLib@@6BIListItemUI@1@@
??_7CListHBoxElementUI@DuiLib@@6B@
??_7CListHBoxElementUI@DuiLib@@6BCControlUI@1@@
??_7CListHBoxElementUI@DuiLib@@6BIContainerUI@1@@
??_7CListHeaderItemUI@DuiLib@@6B@
??_7CListHeaderUI@DuiLib@@6BCControlUI@1@@
??_7CListHeaderUI@DuiLib@@6BIContainerUI@1@@
??_7CListLabelElementUI@DuiLib@@6BCControlUI@1@@
??_7CListLabelElementUI@DuiLib@@6BIListItemUI@1@@
??_7CListTextElementUI@DuiLib@@6BCControlUI@1@@
??_7CListTextElementUI@DuiLib@@6BIListItemUI@1@@
??_7CListUI@DuiLib@@6B@
??_7CListUI@DuiLib@@6BCControlUI@1@@
??_7CListUI@DuiLib@@6BIContainerUI@1@@
??_7CNotifyPump@DuiLib@@6B@
??_7COptionUI@DuiLib@@6B@
??_7CProgressUI@DuiLib@@6B@
??_7CRichEditUI@DuiLib@@6B@
??_7CRichEditUI@DuiLib@@6BCControlUI@1@@
??_7CRichEditUI@DuiLib@@6BIContainerUI@1@@
??_7CScrollBarUI@DuiLib@@6B@
??_7CScrollTextUI@DuiLib@@6B@
??_7CSliderUI@DuiLib@@6B@
??_7CTabLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CTabLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CTextUI@DuiLib@@6B@
??_7CTileLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CTileLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CTreeNodeUI@DuiLib@@6B@
??_7CTreeNodeUI@DuiLib@@6BCControlUI@1@@
??_7CTreeNodeUI@DuiLib@@6BIContainerUI@1@@
??_7CTreeViewUI@DuiLib@@6BCControlUI@1@@
??_7CTreeViewUI@DuiLib@@6BCListUI@1@@
??_7CTreeViewUI@DuiLib@@6BIContainerUI@1@@
??_7CTreeViewUI@DuiLib@@6BINotifyUI@1@@
??_7CVerticalLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CVerticalLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CWebBrowserUI@DuiLib@@6BCControlUI@1@@
??_7CWebBrowserUI@DuiLib@@6BIDispatch@@@
??_7CWebBrowserUI@DuiLib@@6BIDocHostUIHandler@@@
??_7CWebBrowserUI@DuiLib@@6BIMessageFilterUI@1@@
??_7CWebBrowserUI@DuiLib@@6BIOleCommandTarget@@@
??_7CWebBrowserUI@DuiLib@@6BIServiceProvider@@@
??_7CWebBrowserUI@DuiLib@@6BITranslateAccelerator@1@@
??_7CWindowWnd@DuiLib@@6B@
??_7CWndShadow@@6B@
??_7IMessageFilterUI@DuiLib@@6B@
??_7INotifyUI@DuiLib@@6B@
??_7ITranslateAccelerator@DuiLib@@6B@
??_7WindowImplBase@DuiLib@@6BCNotifyPump@1@@
??_7WindowImplBase@DuiLib@@6BCWindowWnd@1@@
??_7WindowImplBase@DuiLib@@6BIDialogBuilderCallback@1@@
??_7WindowImplBase@DuiLib@@6BIMessageFilterUI@1@@
??_7WindowImplBase@DuiLib@@6BINotifyUI@1@@
??_FCDuiPtrArray@DuiLib@@QAEXXZ
??_FCDuiStringPtrMap@DuiLib@@QAEXXZ
??_FCMarkup@DuiLib@@QAEXXZ
??_FCTreeNodeUI@DuiLib@@QAEXXZ
?Activate@CButtonUI@DuiLib@@UAE_NXZ
?Activate@CComboUI@DuiLib@@UAE_NXZ
?Activate@CControlUI@DuiLib@@UAE_NXZ
?Activate@CListContainerElementUI@DuiLib@@UAE_NXZ
?Activate@CListElementUI@DuiLib@@UAE_NXZ
?Activate@COptionUI@DuiLib@@UAE_NXZ
?Add@CComboUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CDuiPtrArray@DuiLib@@QAE_NPAX@Z
?Add@CDuiValArray@DuiLib@@QAE_NPBX@Z
?Add@CListUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CTabLayoutUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CTreeNodeUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CTreeViewUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?AddAt@CComboUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CListUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CTabLayoutUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CTreeNodeUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CTreeViewUI@DuiLib@@QAEJPAVCTreeNodeUI@2@H@Z
?AddAt@CTreeViewUI@DuiLib@@QAE_NPAVCTreeNodeUI@2@0@Z
?AddAt@CTreeViewUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddChildNode@CTreeNodeUI@DuiLib@@QAE_NPAV12@@Z
?AddCustomAttribute@CControlUI@DuiLib@@QAEXPB_W0@Z
?AddDefaultAttributeList@CPaintManagerUI@DuiLib@@QAEXPB_W0_N@Z
?AddDelayedCleanup@CPaintManagerUI@DuiLib@@QAEXPAVCControlUI@2@@Z
?AddFont@CPaintManagerUI@DuiLib@@QAEPAUHFONT__@@HPB_WH_N111@Z
?AddImage@CPaintManagerUI@DuiLib@@QAEPBUtagTImageInfo@2@PB_W0K_N1@Z
?AddImage@CPaintManagerUI@DuiLib@@QAEPBUtagTImageInfo@2@PB_WPAUHBITMAP__@@HH_N2@Z
?AddMessageFilter@CPaintManagerUI@DuiLib@@QAE_NPAVIMessageFilterUI@2@@Z
?AddMouseLeaveNeeded@CPaintManagerUI@DuiLib@@QAEXPAVCControlUI@2@@Z
?AddMultiLanguageString@CPaintManagerUI@DuiLib@@SAXHPB_W@Z
?AddNativeWindow@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@PAUHWND__@@@Z
?AddNotifier@CPaintManagerUI@DuiLib@@QAE_NPAVINotifyUI@2@@Z
?AddOptionGroup@CPaintManagerUI@DuiLib@@QAE_NPB_WPAVCControlUI@2@@Z
?AddPostPaint@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@@Z
?AddPreMessageFilter@CPaintManagerUI@DuiLib@@QAE_NPAVIMessageFilterUI@2@@Z
?AddRef@CWebBrowserUI@DuiLib@@UAGKXZ
?AddTranslateAccelerator@CPaintManagerUI@DuiLib@@QAE_NPAVITranslateAccelerator@2@@Z
?AddVirtualWnd@CNotifyPump@DuiLib@@QAE_NVCDuiString@2@PAV12@@Z
?AddWindowCustomAttribute@CPaintManagerUI@DuiLib@@QAEXPB_W0@Z
?AdjustColor@CRenderEngine@DuiLib@@SAKKFFF@Z
?AdjustImage@CRenderEngine@DuiLib@@SAX_NPAUtagTImageInfo@2@FFF@Z
?AdjustImagesHSL@CPaintManagerUI@DuiLib@@AAEXXZ
?AdjustSharedImagesHSL@CPaintManagerUI@DuiLib@@CAXXZ
?Append@CDuiString@DuiLib@@QAEXPB_W@Z
?AppendText@CRichEditUI@DuiLib@@QAEHPB_W_N@Z
?Assign@CDuiString@DuiLib@@QAEXPB_WH@Z
?AttachDialog@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@@Z
?BeforeNavigate2@CWebBrowserUI@DuiLib@@IAEXPAUIDispatch@@AAPAUtagVARIANT@@1111AAPAF@Z
?CalLocation@CTreeNodeUI@DuiLib@@AAEPAV12@PAV12@@Z
?CenterWindow@CWindowWnd@DuiLib@@QAEXXZ
?CharFromPos@CRichEditUI@DuiLib@@QBEHVCDuiPoint@2@@Z
?CheckBoxSelected@CTreeNodeUI@DuiLib@@QAEX_N@Z
?Clear@CRichEditUI@DuiLib@@QAEXXZ
?Clear@tagTDrawInfo@DuiLib@@QAEXXZ
?Close@CWindowWnd@DuiLib@@QAEXI@Z
?CommandStateChange@CWebBrowserUI@DuiLib@@IAEXJF@Z
?Compare@CDuiString@DuiLib@@QBEHPB_W@Z
?CompareNoCase@CDuiString@DuiLib@@QBEHPB_W@Z
?Copy@CRichEditUI@DuiLib@@QAEXXZ
?Create@CDialogBuilder@DuiLib@@QAEPAVCControlUI@2@PAVIDialogBuilderCallback@2@PAVCPaintManagerUI@2@PAV32@@Z
?Create@CDialogBuilder@DuiLib@@QAEPAVCControlUI@2@VSTRINGorID@2@PB_WPAVIDialogBuilderCallback@2@PAVCPaintManagerUI@2@PAV32@@Z
?Create@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PB_WKKHHHHPAUHMENU__@@@Z
?Create@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PB_WKKUtagRECT@@PAUHMENU__@@@Z
?Create@CWndShadow@@QAEXPAUHWND__@@@Z
?CreateARGB32Bitmap@CRenderEngine@DuiLib@@SAPAUHBITMAP__@@PAUHDC__@@HHPAPAK@Z
?CreateControl@CActiveXUI@DuiLib@@QAE_NPB_W@Z
?CreateControl@CActiveXUI@DuiLib@@QAE_NU_GUID@@@Z
?CreateControl@WindowImplBase@DuiLib@@UAEPAVCControlUI@2@PB_W@Z
?CreateDuiWindow@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PB_WKK@Z
?Cut@CRichEditUI@DuiLib@@QAEXXZ
?DUI__Trace@DuiLib@@YAXPB_WZZ
?DUI__TraceMsg@DuiLib@@YAPB_WI@Z
?Deflate@CDuiRect@DuiLib@@QAEXHH@Z
?Delete@CControlUI@DuiLib@@UAEXXZ
?DeleteGif@CGifAnimUI@DuiLib@@AAEXXZ
?DoCreateControl@CActiveXUI@DuiLib@@MAE_NXZ
?DoCreateControl@CWebBrowserUI@DuiLib@@UAE_NXZ
?DoEvent@CButtonUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CComboUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CContainerUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CDateTimeUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CEditUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
Sections
.text Size: 613KB - Virtual size: 612KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 254KB - Virtual size: 254KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 30KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
WinDivert.dll.dll windows:4 windows x86 arch:x86
a8e7995c1f834b606568ac0eb04eba9c
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
Imports
advapi32
CloseServiceHandle
CreateServiceW
DeleteService
OpenSCManagerW
OpenServiceW
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegSetValueExW
StartServiceW
kernel32
CloseHandle
CreateEventW
CreateFileW
CreateMutexW
DeviceIoControl
GetCurrentProcess
GetLastError
GetModuleFileNameW
GetOverlappedResult
HeapAlloc
HeapCreate
HeapDestroy
IsWow64Process
ReleaseMutex
SetLastError
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject
Exports
Exports
WinDivertClose
WinDivertGetParam
WinDivertHelperCalcChecksums
WinDivertHelperCompileFilter
WinDivertHelperDecrementTTL
WinDivertHelperEvalFilter
WinDivertHelperFormatFilter
WinDivertHelperFormatIPv4Address
WinDivertHelperFormatIPv6Address
WinDivertHelperHashPacket
WinDivertHelperHtonIPv6Address
WinDivertHelperHtonIpv6Address
WinDivertHelperHtonl
WinDivertHelperHtonll
WinDivertHelperHtons
WinDivertHelperNtohIPv6Address
WinDivertHelperNtohIpv6Address
WinDivertHelperNtohl
WinDivertHelperNtohll
WinDivertHelperNtohs
WinDivertHelperParseIPv4Address
WinDivertHelperParseIPv6Address
WinDivertHelperParsePacket
WinDivertOpen
WinDivertRecv
WinDivertRecvEx
WinDivertSend
WinDivertSendEx
WinDivertSetParam
WinDivertShutdown
Sections
.text Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 20B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 8B
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 1024B - Virtual size: 964B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
WinDivert32.sys.sys windows:10 windows x86 arch:x86
7e59afc2d9906fae8fc85f4522426cb3
Code Sign
01Certificate
IssuerCN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before01/01/2004, 00:00Not After31/12/2028, 23:59SubjectCN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GBKey Usages
KeyUsageCertSign
KeyUsageCRLSign
48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate
IssuerCN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before25/05/2021, 00:00Not After31/12/2028, 23:59SubjectCN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6eCertificate
IssuerCN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GBNot Before22/03/2021, 00:00Not After21/03/2036, 23:59SubjectCN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate
IssuerCN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=USNot Before02/05/2019, 00:00Not After18/01/2038, 23:59SubjectCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate
IssuerCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBNot Before11/05/2022, 00:00Not After10/08/2033, 23:59SubjectCN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
61:50:19:91:b1:8f:32:38:04:52:51:37:dc:25:00:5aCertificate
IssuerCN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GBNot Before25/05/2022, 00:00Not After25/05/2023, 23:59SubjectSERIALNUMBER=91510107MA7E8Y2876,CN=成都密思听科技有限公司,O=成都密思听科技有限公司,ST=四川省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#1302434eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
33:00:00:00:57:ee:4d:65:9a:92:3e:7c:10:00:00:00:00:00:57Certificate
IssuerCN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before07/06/2022, 18:08Not After01/06/2023, 18:08SubjectCN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
33:00:00:00:0d:69:0d:5d:78:93:d0:76:df:00:00:00:00:00:0dCertificate
IssuerCN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before15/10/2014, 20:31Not After15/10/2029, 20:41SubjectCN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
d3:5b:c5:1a:ca:fa:b8:93:69:8e:60:64:d2:86:54:19:18:a7:89:ac:7c:06:a6:44:2b:f4:35:1d:de:84:27:77Signer
Actual PE Digestd3:5b:c5:1a:ca:fa:b8:93:69:8e:60:64:d2:86:54:19:18:a7:89:ac:7c:06:a6:44:2b:f4:35:1d:de:84:27:77Digest Algorithmsha256PE Digest Matchestrued3:5b:c5:1a:ca:fa:b8:93:69:8e:60:64:d2:86:54:19:18:a7:89:ac:7c:06:a6:44:2b:f4:35:1d:de:84:27:77Signer
Actual PE Digestd3:5b:c5:1a:ca:fa:b8:93:69:8e:60:64:d2:86:54:19:18:a7:89:ac:7c:06:a6:44:2b:f4:35:1d:de:84:27:77Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
C:\WinDivert-2.2.2\install\MSVC\i386\WinDivert32.pdb
Imports
ntoskrnl.exe
MmMapLockedPagesSpecifyCache
IoAllocateErrorLogEntry
IoAllocateMdl
IoFreeMdl
IoGetCurrentProcess
IoWriteErrorLogEntry
ObfReferenceObject
ObfDereferenceObject
RtlCopyUnicodeString
ExUuidCreate
PsGetProcessId
IoGetRequestorProcess
_alldiv
KeBugCheckEx
memset
memcpy
_allmul
MmBuildMdlForNonPagedPool
ExFreePoolWithTag
ExAllocatePoolWithTag
RtlGetVersion
RtlIntegerToUnicodeString
hal
KeReleaseInStackQueuedSpinLock
KeQueryPerformanceCounter
KeAcquireInStackQueuedSpinLock
ndis.sys
NdisAllocateNetBufferPool
NdisFreeNetBufferPool
NdisAdvanceNetBufferDataStart
NdisRetreatNetBufferDataStart
NdisFreeNetBufferListPool
NdisAllocateNetBufferListPool
NdisGetDataBuffer
fwpkclnt.sys
FwpsAllocateNetBufferAndNetBufferList0
FwpmFilterDeleteByKey0
FwpmFilterAdd0
FwpmCalloutDeleteByKey0
FwpmCalloutAdd0
FwpmSubLayerDeleteByKey0
FwpmSubLayerAdd0
FwpmProviderDeleteByKey0
FwpmProviderAdd0
FwpmTransactionAbort0
FwpmTransactionCommit0
FwpmTransactionBegin0
FwpmEngineClose0
FwpmEngineOpen0
FwpsQueryPacketInjectionState0
FwpsInjectNetworkReceiveAsync0
FwpsInjectForwardAsync0
FwpsInjectNetworkSendAsync0
FwpsCalloutRegister0
FwpsCalloutUnregisterByKey0
FwpsFlowAssociateContext0
FwpsFlowRemoveContext0
FwpsInjectionHandleCreate0
FwpsInjectionHandleDestroy0
FwpsFreeNetBufferList0
wdfldr.sys
WdfVersionBind
WdfVersionBindClass
WdfVersionUnbindClass
WdfVersionUnbind
Sections
.text Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
WinDivert64.sys.sys windows:10 windows x64 arch:x64
db584dd0570594898805dd67d7ff391c
Code Sign
01Certificate
IssuerCN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before01/01/2004, 00:00Not After31/12/2028, 23:59SubjectCN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GBKey Usages
KeyUsageCertSign
KeyUsageCRLSign
48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate
IssuerCN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before25/05/2021, 00:00Not After31/12/2028, 23:59SubjectCN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6eCertificate
IssuerCN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GBNot Before22/03/2021, 00:00Not After21/03/2036, 23:59SubjectCN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate
IssuerCN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=USNot Before02/05/2019, 00:00Not After18/01/2038, 23:59SubjectCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate
IssuerCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBNot Before11/05/2022, 00:00Not After10/08/2033, 23:59SubjectCN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
61:50:19:91:b1:8f:32:38:04:52:51:37:dc:25:00:5aCertificate
IssuerCN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GBNot Before25/05/2022, 00:00Not After25/05/2023, 23:59SubjectSERIALNUMBER=91510107MA7E8Y2876,CN=成都密思听科技有限公司,O=成都密思听科技有限公司,ST=四川省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#1302434eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
33:00:00:00:57:ee:4d:65:9a:92:3e:7c:10:00:00:00:00:00:57Certificate
IssuerCN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before07/06/2022, 18:08Not After01/06/2023, 18:08SubjectCN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
33:00:00:00:0d:69:0d:5d:78:93:d0:76:df:00:00:00:00:00:0dCertificate
IssuerCN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before15/10/2014, 20:31Not After15/10/2029, 20:41SubjectCN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
5a:de:d7:5d:6b:eb:31:58:49:f6:98:a7:8f:80:33:de:26:eb:15:19:55:a1:cb:c0:1e:30:37:32:0e:2a:0e:b6Signer
Actual PE Digest5a:de:d7:5d:6b:eb:31:58:49:f6:98:a7:8f:80:33:de:26:eb:15:19:55:a1:cb:c0:1e:30:37:32:0e:2a:0e:b6Digest Algorithmsha256PE Digest Matchestrue5a:de:d7:5d:6b:eb:31:58:49:f6:98:a7:8f:80:33:de:26:eb:15:19:55:a1:cb:c0:1e:30:37:32:0e:2a:0e:b6Signer
Actual PE Digest5a:de:d7:5d:6b:eb:31:58:49:f6:98:a7:8f:80:33:de:26:eb:15:19:55:a1:cb:c0:1e:30:37:32:0e:2a:0e:b6Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\WinDivert-2.2.2\install\MSVC\amd64\WinDivert64.pdb
Imports
ntoskrnl.exe
RtlCopyUnicodeString
KeBugCheckEx
IoGetRequestorProcess
PsGetProcessId
ExUuidCreate
ObfDereferenceObject
ObfReferenceObject
IoWriteErrorLogEntry
IoGetCurrentProcess
IoFreeMdl
IoAllocateMdl
IoAllocateErrorLogEntry
MmMapLockedPagesSpecifyCache
MmBuildMdlForNonPagedPool
ExFreePoolWithTag
ExAllocatePoolWithTag
KeReleaseInStackQueuedSpinLock
KeAcquireInStackQueuedSpinLock
RtlGetVersion
RtlIntegerToUnicodeString
hal
KeQueryPerformanceCounter
ndis.sys
NdisAllocateNetBufferPool
NdisFreeNetBufferPool
NdisAllocateNetBufferListPool
NdisGetDataBuffer
NdisAdvanceNetBufferDataStart
NdisRetreatNetBufferDataStart
NdisFreeNetBufferListPool
fwpkclnt.sys
FwpmTransactionAbort0
FwpmTransactionBegin0
FwpmEngineClose0
FwpmEngineOpen0
FwpsQueryPacketInjectionState0
FwpmProviderAdd0
FwpmProviderDeleteByKey0
FwpsInjectNetworkReceiveAsync0
FwpmSubLayerAdd0
FwpmSubLayerDeleteByKey0
FwpmCalloutAdd0
FwpmCalloutDeleteByKey0
FwpmFilterAdd0
FwpmFilterDeleteByKey0
FwpmTransactionCommit0
FwpsCalloutRegister0
FwpsCalloutUnregisterByKey0
FwpsFlowAssociateContext0
FwpsFlowRemoveContext0
FwpsInjectionHandleCreate0
FwpsInjectionHandleDestroy0
FwpsAllocateNetBufferAndNetBufferList0
FwpsFreeNetBufferList0
FwpsInjectNetworkSendAsync0
FwpsInjectForwardAsync0
wdfldr.sys
WdfVersionBindClass
WdfVersionUnbindClass
WdfVersionBind
WdfVersionUnbind
Sections
.text Size: 45KB - Virtual size: 44KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 420B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
WinDivert640.sys.sys windows:10 windows x64 arch:x64
db584dd0570594898805dd67d7ff391c
Code Sign
43:bb:43:7d:60:98:66:28:6d:d8:39:e1:d0:03:09:f5Certificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before02/09/2011, 00:00Not After01/09/2014, 23:59SubjectCN=NVIDIA Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Software,O=NVIDIA Corporation,L=Santa Clara,ST=California,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
61:19:93:e4:00:00:00:00:00:1cCertificate
IssuerCN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before22/02/2011, 19:25Not After22/02/2021, 19:35SubjectCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08/02/2010, 00:00Not After07/02/2020, 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
f6:06:2c:27:16:88:15:44:6f:20:ca:39:8c:24:32:5e:b7:2d:87:d6Signer
Actual PE Digestf6:06:2c:27:16:88:15:44:6f:20:ca:39:8c:24:32:5e:b7:2d:87:d6Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\WinDivert-2.2.2\install\MSVC\amd64\WinDivert64.pdb
Imports
ntoskrnl.exe
RtlCopyUnicodeString
KeBugCheckEx
IoGetRequestorProcess
PsGetProcessId
ExUuidCreate
ObfDereferenceObject
ObfReferenceObject
IoWriteErrorLogEntry
IoGetCurrentProcess
IoFreeMdl
IoAllocateMdl
IoAllocateErrorLogEntry
MmMapLockedPagesSpecifyCache
MmBuildMdlForNonPagedPool
ExFreePoolWithTag
ExAllocatePoolWithTag
KeReleaseInStackQueuedSpinLock
KeAcquireInStackQueuedSpinLock
RtlGetVersion
RtlIntegerToUnicodeString
hal
KeQueryPerformanceCounter
ndis.sys
NdisAllocateNetBufferPool
NdisFreeNetBufferPool
NdisAllocateNetBufferListPool
NdisGetDataBuffer
NdisAdvanceNetBufferDataStart
NdisRetreatNetBufferDataStart
NdisFreeNetBufferListPool
fwpkclnt.sys
FwpmTransactionAbort0
FwpmTransactionBegin0
FwpmEngineClose0
FwpmEngineOpen0
FwpsQueryPacketInjectionState0
FwpmProviderAdd0
FwpmProviderDeleteByKey0
FwpsInjectNetworkReceiveAsync0
FwpmSubLayerAdd0
FwpmSubLayerDeleteByKey0
FwpmCalloutAdd0
FwpmCalloutDeleteByKey0
FwpmFilterAdd0
FwpmFilterDeleteByKey0
FwpmTransactionCommit0
FwpsCalloutRegister0
FwpsCalloutUnregisterByKey0
FwpsFlowAssociateContext0
FwpsFlowRemoveContext0
FwpsInjectionHandleCreate0
FwpsInjectionHandleDestroy0
FwpsAllocateNetBufferAndNetBufferList0
FwpsFreeNetBufferList0
FwpsInjectNetworkSendAsync0
FwpsInjectForwardAsync0
wdfldr.sys
WdfVersionBindClass
WdfVersionUnbindClass
WdfVersionBind
WdfVersionUnbind
Sections
.text Size: 45KB - Virtual size: 44KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 420B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
plug.dll.dll windows:6 windows x86 arch:x86
2cadd170ca796de6a4f3089fb9205696
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
version
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA
ws2_32
inet_ntoa
getpeername
connect
WSACleanup
WSASend
WSARecv
WSAGetLastError
WSAStartup
getsockopt
WSAIoctl
send
recv
listen
htonl
ioctlsocket
shutdown
accept
freeaddrinfo
getaddrinfo
socket
setsockopt
getsockname
closesocket
bind
kernel32
IsValidCodePage
SetEndOfFile
HeapReAlloc
GetTimeZoneInformation
GetFileSizeEx
GetConsoleOutputCP
SetFilePointerEx
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
HeapFree
HeapAlloc
GetModuleFileNameW
ExitProcess
GetCommandLineA
CloseHandle
WaitForSingleObject
OpenEventA
Sleep
WaitForMultipleObjects
GetCurrentProcess
TerminateProcess
DisableThreadLibraryCalls
GetModuleFileNameA
AllocConsole
SetConsoleOutputCP
GetCurrentProcessId
GetModuleHandleA
GetProcAddress
VirtualQuery
LoadLibraryA
GetVersionExA
ReadProcessMemory
FreeLibraryAndExitThread
VirtualProtect
FreeLibrary
GetDriveTypeW
CreateFileA
GetDriveTypeA
GetLastError
DeviceIoControl
lstrlenA
GetLogicalDriveStringsA
SetEvent
ResetEvent
CreateEventA
MultiByteToWideChar
WideCharToMultiByte
GetACP
LocalFree
GetCurrentThread
GetCurrentThreadId
ResumeThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualAlloc
VirtualFree
VirtualProtectEx
VirtualQueryEx
SetLastError
GetModuleHandleW
LoadLibraryExW
GetDynamicTimeZoneInformation
GetStdHandle
WriteFile
GetConsoleMode
WriteConsoleA
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
WriteConsoleW
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
GetSystemInfo
GetTickCount64
CreateIoCompletionPort
GetQueuedCompletionStatus
DisconnectNamedPipe
SetHandleInformation
CancelIoEx
ReadFile
GetNamedPipeClientProcessId
GetNamedPipeServerProcessId
ConnectNamedPipe
CreateNamedPipeA
FindClose
GetTempPathA
GetTempFileNameA
GetFileType
SetStdHandle
GetModuleHandleExW
ExitThread
CreateThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetOEMCP
HeapSize
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
FlushFileBuffers
LocalAlloc
InterlockedFlushSList
RtlUnwind
RaiseException
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
GetExitCodeThread
TryAcquireSRWLockExclusive
FormatMessageA
QueryPerformanceCounter
QueryPerformanceFrequency
GetLocaleInfoEx
CreateFileW
FindFirstFileExW
FindNextFileW
AreFileApisANSI
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetSystemTimeAsFileTime
GetStringTypeW
CompareStringEx
GetCPInfo
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetModuleHandleA
CreateEventA
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
LoadLibraryA
FreeLibrary
GetTickCount
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFree
LocalAlloc
LocalFree
GetProcAddress
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
LoadResource
MultiByteToWideChar
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
GetLastError
FlushFileBuffers
WriteConsoleW
SetStdHandle
IsProcessorFeaturePresent
DecodePointer
GetCommandLineA
RaiseException
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
LCMapStringW
GetStringTypeW
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
HeapSize
WriteFile
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapReAlloc
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress
shell32
SHCreateShellItemArrayFromIDLists
SHGetIDListFromObject
ole32
CoCreateInstance
CoTaskMemFree
CoInitialize
CoUninitialize
advapi32
SetSecurityDescriptorDacl
IsValidSecurityDescriptor
SetEntriesInAclA
FreeSid
AllocateAndInitializeSid
InitializeSecurityDescriptor
dbghelp
ImageNtHeader
setupapi
CM_Get_Parent
CM_Get_Device_IDA
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
user32
CharUpperBuffW
Sections
.text Size: - Virtual size: 654KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 118KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 70KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.detourc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourd Size: - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.zca Size: - Virtual size: 2.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.m.r Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.4qi Size: 4.6MB - Virtual size: 4.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
plug64.dll.dll windows:6 windows x64 arch:x64
a9e0385741d1313ab64115607948c21f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
ws2_32
inet_ntoa
getpeername
connect
WSACleanup
WSASend
WSARecv
WSAGetLastError
WSAStartup
getsockopt
WSAIoctl
send
recv
listen
htonl
ioctlsocket
shutdown
accept
freeaddrinfo
getaddrinfo
socket
setsockopt
getsockname
closesocket
bind
kernel32
IsValidCodePage
SetEndOfFile
HeapReAlloc
GetTimeZoneInformation
GetFileSizeEx
GetConsoleOutputCP
SetFilePointerEx
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
HeapFree
HeapAlloc
GetModuleFileNameW
ExitProcess
GetCommandLineA
CloseHandle
WaitForSingleObject
OpenEventA
Sleep
WaitForMultipleObjects
GetCurrentProcess
TerminateProcess
DisableThreadLibraryCalls
GetModuleFileNameA
AllocConsole
SetConsoleOutputCP
GetCurrentProcessId
GetModuleHandleA
GetProcAddress
VirtualQuery
LoadLibraryA
GetVersionExA
ReadProcessMemory
FreeLibraryAndExitThread
VirtualProtect
FreeLibrary
GetDriveTypeW
CreateFileA
GetDriveTypeA
GetLastError
DeviceIoControl
lstrlenA
GetLogicalDriveStringsA
SetEvent
ResetEvent
CreateEventA
MultiByteToWideChar
WideCharToMultiByte
GetACP
LocalFree
GetCurrentThread
GetCurrentThreadId
ResumeThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualAlloc
VirtualFree
VirtualProtectEx
VirtualQueryEx
SetLastError
GetModuleHandleW
LoadLibraryExW
GetDynamicTimeZoneInformation
GetStdHandle
WriteFile
GetConsoleMode
WriteConsoleA
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
WriteConsoleW
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
GetSystemInfo
GetTickCount64
CreateIoCompletionPort
GetQueuedCompletionStatus
DisconnectNamedPipe
SetHandleInformation
CancelIoEx
ReadFile
GetNamedPipeClientProcessId
GetNamedPipeServerProcessId
ConnectNamedPipe
CreateNamedPipeA
FindClose
GetTempPathA
GetTempFileNameA
GetFileType
SetStdHandle
GetModuleHandleExW
ExitThread
CreateThread
RtlUnwind
TlsFree
TlsSetValue
TlsGetValue
GetOEMCP
GetCommandLineW
GetEnvironmentStringsW
HeapSize
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
FlushFileBuffers
LocalAlloc
TlsAlloc
InterlockedFlushSList
RtlUnwindEx
RaiseException
RtlPcToFileHeader
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
WaitForSingleObjectEx
GetExitCodeThread
TryAcquireSRWLockExclusive
FormatMessageA
QueryPerformanceCounter
QueryPerformanceFrequency
GetLocaleInfoEx
CreateFileW
FindFirstFileExW
FindNextFileW
AreFileApisANSI
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetSystemTimeAsFileTime
GetStringTypeW
CompareStringEx
GetCPInfo
InitializeCriticalSectionAndSpinCount
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress
shell32
SHCreateShellItemArrayFromIDLists
SHGetIDListFromObject
ole32
CoCreateInstance
CoTaskMemFree
CoInitialize
CoUninitialize
advapi32
IsValidSecurityDescriptor
SetEntriesInAclA
FreeSid
AllocateAndInitializeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
dbghelp
ImageNtHeader
setupapi
CM_Get_Parent
CM_Get_Device_IDA
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
Sections
.text Size: - Virtual size: 804KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 181KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 81KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourc Size: - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourd Size: - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.vQS Size: - Virtual size: 1.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.fm{ Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ua4 Size: 3.7MB - Virtual size: 3.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 236B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
resource.zip.zip
-
start.exe.exe windows:6 windows x86 arch:x86
7537b0aa4eda76f7a86d77c6d2ba69d8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
OpenProcess
DeleteFileW
CloseHandle
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
GetLastError
SetEvent
TerminateProcess
OpenEventA
GetCurrentProcessId
GetCurrentThreadId
GetStdHandle
WriteFile
GetConsoleMode
WriteConsoleW
SetEnvironmentVariableW
Sleep
GetProcessHeap
FlushFileBuffers
HeapSize
ResetEvent
EncodePointer
GetLocaleInfoEx
CreateFileW
FindClose
FindFirstFileExW
FindNextFileW
GetModuleHandleW
GetProcAddress
QueryPerformanceCounter
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
WaitForSingleObjectEx
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
DecodePointer
GetSystemTimeAsFileTime
LCMapStringEx
GetStringTypeW
CompareStringEx
GetCPInfo
InitializeCriticalSectionAndSpinCount
CreateEventW
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RaiseException
RtlUnwind
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
SetStdHandle
GetFileType
GetModuleFileNameW
HeapFree
SetFilePointerEx
GetConsoleOutputCP
HeapAlloc
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapReAlloc
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
Sections
.text Size: 301KB - Virtual size: 300KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 75KB - Virtual size: 74KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
uninst.exe.exe windows:4 windows x86 arch:x86
56a78d55f3f7af51443e58e0ce2fb5f6
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW
shell32
SHGetSpecialFolderLocation
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW
ole32
OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
CoTaskMemFree
comctl32
ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked
user32
GetClientRect
EndPaint
DrawTextW
IsWindowEnabled
DispatchMessageW
wsprintfA
CharNextA
CharPrevW
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
GetSystemMetrics
FillRect
AppendMenuW
TrackPopupMenu
OpenClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetSysColor
SetWindowPos
GetWindowLongW
PeekMessageW
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
EmptyClipboard
CreatePopupMenu
gdi32
SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject
kernel32
GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
lstrcatW
Sleep
lstrcpyA
WriteFile
GetTempFileNameW
CreateFileW
lstrcmpiA
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersionExW
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
CopyFileW
ExitProcess
GetCurrentProcess
GetModuleFileNameW
GetFileSize
GetTickCount
MulDiv
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
MoveFileExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
Sections
.text Size: 26KB - Virtual size: 26KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 172KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 156KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/Dialogs.dll.dll windows:4 windows x86 arch:x86
cc08aff34c5841b24932a6e8869bdafe
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetProcessHeap
MulDiv
GlobalFree
lstrcpyW
WideCharToMultiByte
MultiByteToWideChar
FlushFileBuffers
CloseHandle
CreateFileA
HeapAlloc
HeapSize
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapFree
GetLogicalDriveStringsW
lstrlenW
RtlUnwind
HeapReAlloc
VirtualAlloc
InitializeCriticalSection
LoadLibraryA
GetOEMCP
GetCurrentThreadId
GetCommandLineA
GetVersionExA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
user32
EnableWindow
SetDlgItemTextW
DestroyWindow
SendMessageW
SendDlgItemMessageW
GetDlgItem
GetDC
ReleaseDC
MessageBoxW
CreateDialogParamW
GetMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
IsWindow
GetWindowLongW
SetWindowLongW
InvalidateRect
GetDlgItemTextW
PostQuitMessage
SetWindowTextW
gdi32
GetObjectW
GetDeviceCaps
GetStockObject
shell32
SHBrowseForFolderW
SHGetPathFromIDListW
ole32
CoTaskMemFree
comdlg32
ChooseColorW
GetOpenFileNameW
GetSaveFileNameW
ChooseFontW
Exports
Exports
About
ColorDlg
DrivesDlg
FolderDlg
FontDlg
InputBox
Open
Save
Ver
Sections
.text Size: 39KB - Virtual size: 38KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/md5dll.dll.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Exports
Exports
GetFileMD5
GetMD5
GetMD5File
GetMD5Random
GetMD5String
Sections
UPX0 Size: - Virtual size: 28KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.text Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 992B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 162B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/nsExec.dll.dll windows:4 windows x86 arch:x86
c1c7505e1e6e929ebb6b9100e55b050a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
advapi32
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
IsTextUnicode
user32
wsprintfW
CharNextExA
SendMessageW
FindWindowExW
CharNextW
CharPrevW
kernel32
CreatePipe
DeleteFileW
lstrcmpiW
GetCommandLineW
ExitProcess
Sleep
TerminateProcess
GlobalReAlloc
MultiByteToWideChar
IsDBCSLeadByteEx
ReadFile
PeekNamedPipe
GetExitCodeProcess
WaitForSingleObject
GetTickCount
lstrcpyW
CreateProcessW
GetStartupInfoW
CreateFileMappingW
GetVersion
GetCurrentProcess
lstrcpynW
lstrlenW
lstrcatW
CloseHandle
UnmapViewOfFile
MapViewOfFile
GlobalFree
CreateFileW
CopyFileW
GetTempFileNameW
GlobalAlloc
GetModuleFileNameW
GetProcAddress
GetModuleHandleA
Exports
Exports
Exec
ExecToLog
ExecToStack
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 420B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
web.lc
-
xdr.conf
-
xdr.exe.exe windows:6 windows x86 arch:x86
684fcc641bbe2db2c3e3e0b2dc6cc13f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ws2_32
socket
WSAStartup
getsockname
getaddrinfo
WSACleanup
WSAGetLastError
htons
gethostbyname
connect
WSARecv
freeaddrinfo
WSASend
inet_pton
inet_ntop
ntohl
closesocket
WSASetLastError
WSAStringToAddressW
htonl
WSAAddressToStringW
send
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
shutdown
gethostname
ioctlsocket
select
__WSAFDIsSet
sendto
recvfrom
listen
accept
WSAIoctl
setsockopt
ntohs
getsockopt
getpeername
bind
recv
WSAWaitForMultipleEvents
WSAResetEvent
WSAEventSelect
iphlpapi
SendARP
windivert
WinDivertClose
WinDivertOpen
version
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
VerQueryValueA
kernel32
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeSListHead
CreateEventW
InitializeCriticalSectionAndSpinCount
GetCPInfo
CompareStringEx
LCMapStringEx
DecodePointer
EncodePointer
CloseHandle
WaitForSingleObject
GetCurrentProcess
TerminateProcess
SetConsoleOutputCP
OpenProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
Sleep
GetCurrentProcessId
GetCommandLineA
GetLastError
CreateRemoteThread
GetExitCodeThread
GetProcessId
GetNativeSystemInfo
VirtualAllocEx
ReadProcessMemory
WriteProcessMemory
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LoadLibraryW
Module32FirstW
Module32NextW
CreateThread
GetVersionExA
FreeLibrary
LoadLibraryA
lstrcmpiA
GetComputerNameA
InitializeCriticalSectionEx
HeapAlloc
HeapFree
GetProcessHeap
GetProcessTimes
GetSystemInfo
GetSystemTimeAsFileTime
QueryFullProcessImageNameW
K32GetProcessMemoryInfo
CreateMutexA
CreateProcessA
QueryFullProcessImageNameA
WTSGetActiveConsoleSessionId
VerSetConditionMask
GetCommandLineW
GetTickCount
GetModuleFileNameW
LocalAlloc
LocalFree
VerifyVersionInfoW
K32EnumProcesses
K32GetModuleBaseNameW
K32GetProcessImageFileNameW
CreateFileA
GetModuleFileNameA
GetDriveTypeA
DeviceIoControl
lstrlenA
GetLogicalDriveStringsA
QueryDosDeviceA
DeleteFileW
GetExitCodeProcess
MultiByteToWideChar
WideCharToMultiByte
SetEvent
ResetEvent
CreateEventA
OpenEventA
GetSystemTime
FormatMessageA
FormatMessageW
ReleaseSemaphore
WaitForSingleObjectEx
WaitForMultipleObjectsEx
CreateSemaphoreA
LCMapStringA
GetUserDefaultLCID
GetStringTypeExA
VirtualAlloc
VirtualProtect
QueryPerformanceCounter
QueryPerformanceFrequency
IsProcessorFeaturePresent
IsDebuggerPresent
ResumeThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CreateWaitableTimerA
IsValidCodePage
IsDBCSLeadByteEx
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
CreateDirectoryA
DeleteFileA
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
LockFile
ReadFile
RemoveDirectoryA
SetFilePointerEx
UnlockFile
WriteFile
GetTempPathA
GetLocalTime
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
MoveFileA
ReplaceFileA
SleepEx
GetSystemDirectoryA
GetEnvironmentVariableA
SetLastError
MoveFileExA
GetStdHandle
GetFileType
PeekNamedPipe
WaitForMultipleObjects
VerifyVersionInfoA
ReleaseMutex
FindFirstFileW
FindNextFileW
lstrlenW
GetDynamicTimeZoneInformation
GetConsoleMode
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
WriteConsoleW
InitializeSRWLock
SleepConditionVariableSRW
GetCurrentThread
GetTickCount64
CreateIoCompletionPort
GetQueuedCompletionStatus
DisconnectNamedPipe
SetHandleInformation
CancelIoEx
GetNamedPipeClientProcessId
GetNamedPipeServerProcessId
ConnectNamedPipe
CreateNamedPipeA
GetTempFileNameA
GetCurrentDirectoryW
InitOnceComplete
InitOnceBeginInitialize
GetStringTypeW
GetFileInformationByHandleEx
CreateDirectoryW
CreateFileW
FindFirstFileExW
GetFileAttributesW
MoveFileExW
GetStartupInfoW
GetCurrentThreadId
RaiseException
RtlUnwind
InterlockedPushEntrySList
LoadLibraryExW
ExitProcess
GetModuleHandleExW
ExitThread
FreeLibraryAndExitThread
SetConsoleCtrlHandler
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
SetStdHandle
ReadConsoleW
GetConsoleOutputCP
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesW
GetNumberOfConsoleInputEvents
PeekConsoleInputA
GetTimeZoneInformation
HeapReAlloc
SetEndOfFile
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
HeapSize
TryAcquireSRWLockExclusive
GetLocaleInfoEx
SetWaitableTimer
WriteConsoleA
CopyFileW
AreFileApisANSI
GetTempPathW
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesExW
GetSystemTimeAsFileTime
GetModuleHandleA
CreateEventA
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
LoadLibraryA
FreeLibrary
GetTickCount
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFree
LocalAlloc
LocalFree
GetProcAddress
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
LoadResource
MultiByteToWideChar
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
GetLastError
FlushFileBuffers
WriteConsoleW
SetStdHandle
IsProcessorFeaturePresent
DecodePointer
GetCommandLineA
RaiseException
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
LCMapStringW
GetStringTypeW
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
HeapSize
WriteFile
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapReAlloc
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress
user32
LoadStringA
CreateWindowExW
wsprintfW
TranslateMessage
DispatchMessageA
GetMessageA
RegisterDeviceNotificationA
PostThreadMessageA
DefWindowProcA
RegisterClassW
CharUpperBuffW
shell32
ShellExecuteExW
ole32
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoUninitialize
CoCreateInstance
oleaut32
SysFreeString
SysAllocString
VariantClear
VariantChangeType
VariantInit
advapi32
IsValidSecurityDescriptor
CryptGenRandom
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextA
SetEntriesInAclA
FreeSid
AllocateAndInitializeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExA
RegCreateKeyExA
CreateProcessAsUserW
UnlockServiceDatabase
StartServiceW
QueryServiceStatusEx
QueryServiceLockStatusA
OpenServiceW
OpenSCManagerA
LockServiceDatabase
DeleteService
CreateServiceW
ControlService
CloseServiceHandle
ChangeServiceConfig2A
StartServiceCtrlDispatcherW
SetServiceStatus
RegisterServiceCtrlHandlerW
LookupAccountSidA
GetTokenInformation
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
wtsapi32
WTSEnumerateSessionsA
WTSQueryUserToken
setupapi
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
CM_Get_Parent
CM_Get_Device_IDA
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
Sections
.text Size: - Virtual size: 2.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 630KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 102KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
._5z Size: - Virtual size: 2.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.%D0 Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.,wi Size: 5.8MB - Virtual size: 5.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 748B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
xdrPop.exe.exe windows:6 windows x86 arch:x86
0c7eed26b0c530d5edeb7f96ca8bf077
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
D:\____02_CodeTest\xdrPopWindow1_process\xdrPop\Release\xdrPop.pdb
Imports
duilib
?MessageLoop@CPaintManagerUI@DuiLib@@SAHXZ
?SetResourcePath@CPaintManagerUI@DuiLib@@SAXPB_W@Z
?SetInstance@CPaintManagerUI@DuiLib@@SAXPAUHINSTANCE__@@@Z
?GetInstancePath@CPaintManagerUI@DuiLib@@SA?AVCDuiString@2@XZ
??BCDuiString@DuiLib@@QBEPB_WXZ
??1CDuiString@DuiLib@@QAE@XZ
?MessageHandler@CPaintManagerUI@DuiLib@@QAE_NIIJAAJ@Z
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PB_W@Z
?AddNotifier@CPaintManagerUI@DuiLib@@QAE_NPAVINotifyUI@2@@Z
?AttachDialog@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@@Z
?Init@CPaintManagerUI@DuiLib@@QAEXPAUHWND__@@PB_W@Z
??1CPaintManagerUI@DuiLib@@QAE@XZ
??0CPaintManagerUI@DuiLib@@QAE@XZ
?Create@CDialogBuilder@DuiLib@@QAEPAVCControlUI@2@VSTRINGorID@2@PB_WPAVIDialogBuilderCallback@2@PAVCPaintManagerUI@2@PAV32@@Z
??0CDialogBuilder@DuiLib@@QAE@XZ
??0STRINGorID@DuiLib@@QAE@I@Z
?GetTextStyle@CLabelUI@DuiLib@@QBEIXZ
?SetTextStyle@CLabelUI@DuiLib@@QAEXI@Z
?GetStyle@WindowImplBase@DuiLib@@UAEJXZ
?HandleCustomMessage@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?HandleMessage@WindowImplBase@DuiLib@@UAEJIIJ@Z
?OnMouseMove@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnLButtonUp@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnLButtonDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnSetFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnKillFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnKeyDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnCreate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnSysCommand@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnChar@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnSize@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseHover@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseWheel@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnGetMinMaxInfo@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcHitTest@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcPaint@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcCalcSize@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcActivate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnDestroy@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnClose@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?MessageHandler@WindowImplBase@DuiLib@@UAEJIIJAA_N@Z
?CreateControl@WindowImplBase@DuiLib@@UAEPAVCControlUI@2@PB_W@Z
?GetResourceID@WindowImplBase@DuiLib@@UBEPB_WXZ
?GetZIPFileName@WindowImplBase@DuiLib@@UBE?AVCDuiString@2@XZ
?GetResourceType@WindowImplBase@DuiLib@@UBE?AW4UILIB_RESOURCETYPE@2@XZ
?GetClassStyle@WindowImplBase@DuiLib@@UBEIXZ
?ResponseDefaultKeyEvent@WindowImplBase@DuiLib@@MAEJI@Z
?OnClick@WindowImplBase@DuiLib@@MAEXAAUtagTNotifyUI@2@@Z
?GetMessageMap@WindowImplBase@DuiLib@@MBEPBUDUI_MSGMAP@2@XZ
?OnFinalMessage@WindowImplBase@DuiLib@@UAEXPAUHWND__@@@Z
?GetSuperClassName@CWindowWnd@DuiLib@@MBEPB_WXZ
?ShowWindow@CWindowWnd@DuiLib@@QAEX_N0@Z
?Create@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PB_WKKHHHHPAUHMENU__@@@Z
?GetHWND@CWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
??8CDuiString@DuiLib@@QBE_NPB_W@Z
??4CDuiString@DuiLib@@QAEABV01@ABV01@@Z
??4CDuiString@DuiLib@@QAEABV01@PB_W@Z
??0CDuiString@DuiLib@@QAE@XZ
??0CDuiString@DuiLib@@QAE@ABV01@@Z
??0CDuiString@DuiLib@@QAE@PB_WH@Z
??1CDialogBuilder@DuiLib@@QAE@XZ
?InitWindow@WindowImplBase@DuiLib@@UAEXXZ
??1WindowImplBase@DuiLib@@UAE@XZ
??0WindowImplBase@DuiLib@@QAE@XZ
kernel32
MultiByteToWideChar
GetModuleHandleW
CreateFileW
DecodePointer
CloseHandle
HeapReAlloc
HeapSize
GetConsoleMode
GetConsoleOutputCP
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
GetCurrentThreadId
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
RtlUnwind
RaiseException
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
WriteFile
HeapFree
HeapAlloc
GetFileType
LCMapStringW
SetFilePointerEx
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
GetStringTypeW
FlushFileBuffers
WriteConsoleW
user32
KillTimer
SetWindowPos
GetDesktopWindow
SystemParametersInfoW
IsIconic
PostQuitMessage
SetTimer
Sections
.text Size: 51KB - Virtual size: 50KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 30KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ