XMouseButtonControlSetup[.]2[.]19[.]2[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

XMouseButtonControlSetup.2.19.2.exe
Size

2.6MB
MD5

1303890f3577db2f931323d10aad43d0
SHA1

782cd048deaad6b13da71fd2f4e3596e145bb188
SHA256

bc99080acc10eeb1c8379719c86c652221f3f6d1bff104a2ca32d6326154c636
SHA512

92db9b2d83c02337ff793c2ae2258bbd7c7a8c34e0f7149fd13c48310ac1637ffbe01dfc0d3b26c8b04877456bd6b168af94d4dbe5161dcc61e2a5580b559157
SSDEEP

49152:8W14xRLQGdJFJlAJLHo1Ztg0QRqUUyZOPb4R1onpLC70jQnh8zpZMzIJ/nJ1NM:8WsdJPlAdH8ZOsUUXT4oRh8hUpkIJ/n+

Score

3^/10

Malware Config

Signatures

Unsigned PE 9 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/ExecCmd.dll
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/ShellExecAsUser.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/$PLUGINSDIR/nsExec.dll
unpack001/BugTrapU-x64.dll
unpack002/$PLUGINSDIR/ExecCmd.dll
unpack002/$PLUGINSDIR/System.dll

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/uninstaller.exe	nsis_installer_1
static1/unpack001/uninstaller.exe	nsis_installer_2

Files

XMouseButtonControlSetup.2.19.2.exe
.exe windows:4 windows x86 arch:x86

b1a57b635b23ffd553b3fd1e0960b2bd

Code Sign

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

08/03/2016, 13:10

Not After

30/05/2027, 13:10

Subject

CN=Certum EV TSA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

29/10/2015, 11:30

Not After

09/06/2027, 11:30

Subject

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5f:40:9f:1e:51:eb:58:16:4c:1e:46:1c:51:a8:29:11
Certificate

Issuer

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

16/03/2020, 09:02

Not After

16/03/2021, 09:02

Subject

CN=Open Source Developer\, Phillip Gibbons,O=Open Source Developer,ST=Berkshire,C=GB,1.2.840.113549.1.9.1=#0c125068696c406869676872657a2e636f2e756b

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d0:d5:46:00:f9:09:a9:7f:0c:09:81:99:f7:c8:90:23:99:45:93:8f
Signer

Actual PE Digest

d0:d5:46:00:f9:09:a9:7f:0c:09:81:99:f7:c8:90:23:99:45:93:8f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
SetFileAttributesA
CompareFileTime
SearchPathA
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
Sleep
lstrcmpiA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrcatA
GetSystemDirectoryA
WaitForSingleObject
SetFileTime
CloseHandle
GlobalFree
lstrcmpA
ExpandEnvironmentStringsA
GetExitCodeProcess
GlobalAlloc
GetCommandLineA
GetTempPathA
GetProcAddress
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
ReadFile
FindClose
GetPrivateProfileStringA
WritePrivateProfileStringA
WriteFile
MulDiv
MultiByteToWideChar
LoadLibraryExA
GetModuleHandleA
FreeLibrary

user32

SetCursor
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
EndDialog
ScreenToClient
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetForegroundWindow
GetWindowLongA
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
SetTimer
PostQuitMessage
SetWindowLongA
SendMessageTimeoutA
LoadImageA
wsprintfA
GetDlgItem
FindWindowExA
IsWindow
SetClipboardData
EmptyClipboard
OpenClipboard
EndPaint
CreateDialogParamA
DestroyWindow
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA
ShellExecuteA

advapi32

RegDeleteValueA
SetFileSecurityA
RegOpenKeyExA
RegDeleteKeyA
RegEnumValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ExecCmd.dll
.dll windows:4 windows x86 arch:x86

bf44c9fb48bb8c36b3e2527e7252350d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
OpenProcess
CloseHandle
GetProcAddress
LoadLibraryA
GetVersionExA
GlobalFree
TerminateProcess
GetExitCodeProcess
WaitForSingleObject
Sleep
CreateProcessA
GlobalAlloc
GetExitCodeThread
lstrcpyA
lstrcpynA
CreateThread
lstrcatA
GetEnvironmentVariableA
lstrcmpiA

user32

SendMessageA
EnumWindows
WaitForInputIdle
wsprintfA
GetWindowThreadProcessId

Exports

Exports

exec
wait

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 802B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 142B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

738dc9bb91549f627cf1953c2000e1d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentDirectoryA
MultiByteToWideChar
SetCurrentDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleA
lstrcmpiA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalAlloc
GlobalUnlock
GlobalLock

user32

GetDlgCtrlID
CloseClipboard
GetClipboardData
MapWindowPoints
LoadCursorA
GetClientRect
SetWindowRgn
LoadIconA
GetWindowLongA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
SetCursor
PtInRect
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
EnableMenuItem
DrawTextA
GetSystemMenu
OpenClipboard
LoadImageA

gdi32

SetTextColor
DeleteObject
CombineRgn
CreateRectRgn
GetDIBits
SelectObject
CreateCompatibleDC
GetObjectA

shell32

SHGetPathFromIDListA
ShellExecuteA
SHBrowseForFolderA
SHGetDesktopFolder

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ShellExecAsUser.dll
.dll windows:4 windows x86 arch:x86

fb89301642ac2a39aefdd3cc2610ed81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
CloseHandle
WaitForSingleObject
OutputDebugStringA
MultiByteToWideChar
lstrlenA
GetModuleHandleA
lstrcmpA
SetEvent
GlobalFree
lstrcpyA
GetProcAddress
CreateEventA
GetVersionExA

user32

CreateWindowExA
PostMessageA
GetMessageA
SetWindowLongA
RegisterClassExA
TranslateMessage
DispatchMessageA
DefWindowProcA
DestroyWindow
GetWindowLongA
PostQuitMessage
wsprintfA

advapi32

GetTokenInformation
OpenProcessToken

shell32

ShellExecuteA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysAllocString
VariantClear
SysAllocStringLen
SysFreeString

shlwapi

ord176

msvcrt

malloc
_initterm
free
_beginthreadex
??2@YAPAXI@Z
??3@YAXPAX@Z
memset
_adjust_fdiv

Exports

Exports

ShellExecAsUser

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 426B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

f2ac1ab587d5531d5f1bf76c094aef4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
GlobalAlloc
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 510B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

f03b2bab186574d8892d3d73fa9fd3fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
lstrcpyA
GetCurrentDirectoryA
HeapFree
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
SetCurrentDirectoryA
GetProcessHeap

user32

DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
GetPropA
CharPrevA
MapWindowPoints
GetWindowLongA
DrawTextA
GetClientRect
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapDialogRect
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
CharNextA
SendMessageA
RemovePropA
DrawFocusRect
GetWindowTextA

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

8abe046ef411de4d3e6e831b6b1ee264

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
Sleep
TerminateProcess
lstrcpyA
lstrcpynA
GlobalReAlloc
GetExitCodeProcess
GlobalUnlock
GlobalSize
ReadFile
PeekNamedPipe
GetTickCount
CreateProcessA
GetStartupInfoA
CreatePipe
GetVersionExA
GetProcAddress
GetModuleHandleA
lstrcmpiA
lstrlenA
GetCurrentProcess
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
CopyFileA
GetTempFileNameA
GlobalFree
GlobalAlloc
GetModuleFileNameA
ExitProcess
GetCommandLineA
DeleteFileA
GlobalLock
lstrcatA

user32

SendMessageA
OemToCharBuffA
FindWindowExA
CharNextA
wsprintfA
CharPrevA

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 410B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BugTrapU-x64.dll
.dll windows:6 windows x64 arch:x64

bce0ab64d2b0769ad1d26a0d18fc1cdd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\projects\bugtrap\bin\BugTrapU-x64.pdb

Imports

ws2_32

gethostbyname
inet_ntoa
WSASocketW
WSASend
WSAGetOverlappedResult
WSAEventSelect
WSAEnumNetworkEvents
WSAGetLastError
shutdown
setsockopt
inet_addr
htons
connect
closesocket
WSACleanup
WSAStartup
gethostname

comctl32

InitCommonControlsEx
ImageList_LoadImageW
ImageList_Destroy

shlwapi

PathRemoveBackslashW
PathRemoveExtensionW
PathSkipRootW
PathFindNextComponentW
PathIsURLW
PathAddExtensionW
PathIsRootW
PathRemoveFileSpecW
UrlIsW
PathCreateFromUrlW
PathAppendW
StrTrimW
StrTrimA
PathIsRelativeW
PathCombineW
PathFindFileNameW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

wininet

HttpEndRequestW
HttpSendRequestExW
HttpOpenRequestW
InternetSetStatusCallbackW
InternetAttemptConnect
InternetWriteFile
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetCrackUrlW
InternetGetLastResponseInfoW

kernel32

GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
Sleep
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
SetLastError
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
HeapSize
GetModuleFileNameW
CreateFileW
WriteFile
CloseHandle
CopyFileW
FindClose
FindFirstFileW
FindNextFileW
RaiseException
SetEvent
WaitForSingleObject
MultiByteToWideChar
GetFileSize
ReadFile
SetFilePointer
GetStringTypeA
MulDiv
FreeLibrary
GetProcAddress
LoadLibraryW
GetProfileIntW
WideCharToMultiByte
GetLastError
GetCurrentProcessId
OpenProcess
GetVersionExW
GetModuleHandleW
DeleteCriticalSection
GetStdHandle
IsProcessorFeaturePresent
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
WriteConsoleW
SetEndOfFile
GetLocalTime
VirtualProtect
VirtualQuery
GetModuleHandleA
RtlCaptureContext
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCommandLineW
GetCurrentDirectoryW
DeleteFileW
GetFileAttributesW
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
SuspendThread
ResumeThread
GetThreadContext
GlobalMemoryStatusEx
GetSystemInfo
ReadProcessMemory
LocalAlloc
LocalFree
FormatMessageW
GetComputerNameW
SystemTimeToFileTime
GetDateFormatW
GetTimeFormatW
SetUnhandledExceptionFilter
CreateEventW
TerminateProcess
CreateProcessW
DisableThreadLibraryCalls
GetUserDefaultLangID
GetTempPathW
ResetEvent
GetExitCodeThread
LocalReAlloc
WaitForMultipleObjects
CreateDirectoryW
RemoveDirectoryW
GetTickCount
GetStringTypeW
GetWindowsDirectoryW
IsDBCSLeadByte
IsDebuggerPresent
HeapAlloc
EncodePointer
DecodePointer
HeapFree
CreateThread
ExitThread
LoadLibraryExW
RtlUnwindEx
GetCommandLineA
GetSystemTimeAsFileTime
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetProcessHeap
GetFileType
GetModuleFileNameA
QueryPerformanceCounter
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleCP
LCMapStringW
HeapReAlloc
SetStdHandle
OutputDebugStringW
FlushFileBuffers

user32

GetCapture
SetCapture
ReleaseCapture
DrawFocusRect
PtInRect
GetDialogBaseUnits
SetScrollPos
IsWindowVisible
IsZoomed
DrawEdge
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
MapWindowPoints
TabbedTextOutW
GetTabbedTextExtentW
EnumDisplayDevicesW
SendMessageTimeoutW
GetActiveWindow
GetSystemMenu
AppendMenuW
GetForegroundWindow
GetWindowThreadProcessId
DrawTextW
GetWindow
GetClassLongPtrW
LoadCursorW
DestroyIcon
DrawIconEx
CopyIcon
GetMessageW
GetFocus
ScreenToClient
GetWindowRect
CreateDialogParamW
SetWindowPos
MessageBoxW
SetForegroundWindow
LoadImageW
SetWindowLongW
GetWindowLongW
CheckRadioButton
ShowWindow
UpdateWindow
IsWindowEnabled
EnableWindow
DialogBoxParamW
DestroyWindow
CreateWindowExW
GetClientRect
InvalidateRect
GetSystemMetrics
LoadStringW
GetSysColor
SetWindowTextW
GetDlgCtrlID
GetWindowTextLengthW
SendMessageW
GetParent
GetWindowTextW
SetFocus
SetDlgItemTextW
GetDlgItem
EndDialog
IsChild
GetMessagePos
SystemParametersInfoW
GetScrollInfo
SetScrollInfo
GetScrollPos
ScrollWindowEx
ReleaseDC
GetDC
GetKeyState
GetWindowLongPtrW
IsRectEmpty
FillRect
GetSysColorBrush
RedrawWindow
EndPaint
BeginPaint
KillTimer
SetTimer
DefWindowProcW
SetWindowLongPtrW
PostQuitMessage
PostMessageW
LoadIconW
DispatchMessageW
SetCursor

gdi32

CreateDCW
GetDeviceCaps
GetTextExtentPoint32W
TextOutW
MoveToEx
GetObjectW
GetDIBits
CreateFontIndirectW
PatBlt
StretchBlt
GetTextMetricsW
SetTextColor
LineTo
SetViewportOrgEx
SelectObject
GetClipBox
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteObject
SetBkColor

comdlg32

GetSaveFileNameW

advapi32

RegEnumValueW
RegEnumKeyExW
GetTokenInformation
AdjustTokenPrivileges
OpenProcessToken
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
GetUserNameW

shell32

ExtractIconExW
SHGetSpecialFolderPathW
SHGetFileInfoW
ShellExecuteW

ole32

StringFromGUID2

oleaut32

GetErrorInfo
SysFreeString

Exports

Exports

BT_AddLogFile
BT_AddRegFile
BT_AppLogEntry
BT_AppLogEntryF
BT_AppLogEntryV
BT_CallCppFilter
BT_CallNetFilter
BT_CallSehFilter
BT_ClearLog
BT_ClearLogFiles
BT_CloseLogFile
BT_CppFilter
BT_DeleteLogFile
BT_ExportRegistryKey
BT_FlushLogFile
BT_GetActivityType
BT_GetAppName
BT_GetAppVersion
BT_GetCustomActivityHandler
BT_GetDialogMessage
BT_GetDumpType
BT_GetExitMode
BT_GetFlags
BT_GetLogEchoMode
BT_GetLogFileEntry
BT_GetLogFileName
BT_GetLogFilesCount
BT_GetLogFlags
BT_GetLogLevel
BT_GetLogSizeInBytes
BT_GetLogSizeInEntries
BT_GetMailProfile
BT_GetModule
BT_GetNotificationEMail
BT_GetPostErrHandler
BT_GetPreErrHandler
BT_GetReportFilePath
BT_GetReportFormat
BT_GetSupportEMail
BT_GetSupportHost
BT_GetSupportPort
BT_GetSupportURL
BT_GetUserMessage
BT_InsLogEntry
BT_InsLogEntryF
BT_InsLogEntryV
BT_InstallSehFilter
BT_InterceptSUEF
BT_MailSnapshot
BT_MailSnapshotEx
BT_NetFilter
BT_OpenLogFile
BT_ReadVersionInfo
BT_SaveSnapshot
BT_SaveSnapshotEx
BT_SehFilter
BT_SendSnapshot
BT_SendSnapshotEx
BT_SetActivityType
BT_SetAppName
BT_SetAppVersion
BT_SetCustomActivityHandler
BT_SetDialogMessage
BT_SetDumpType
BT_SetExitMode
BT_SetFlags
BT_SetLogEchoMode
BT_SetLogFlags
BT_SetLogLevel
BT_SetLogSizeInBytes
BT_SetLogSizeInEntries
BT_SetMailProfile
BT_SetModule
BT_SetNotificationEMail
BT_SetPostErrHandler
BT_SetPreErrHandler
BT_SetReportFilePath
BT_SetReportFormat
BT_SetSupportEMail
BT_SetSupportHost
BT_SetSupportPort
BT_SetSupportServer
BT_SetSupportURL
BT_SetUserMessage
BT_SetUserMessageFromCode
BT_UninstallSehFilter

Sections

.text
Size: 230KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XMouseButtonControl.exe
.exe windows:5 windows x64 arch:x64

c6d54befcc1e174c86370f832c685b63

Code Sign

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

08/03/2016, 13:10

Not After

30/05/2027, 13:10

Subject

CN=Certum EV TSA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

29/10/2015, 11:30

Not After

09/06/2027, 11:30

Subject

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5f:40:9f:1e:51:eb:58:16:4c:1e:46:1c:51:a8:29:11
Certificate

Issuer

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

16/03/2020, 09:02

Not After

16/03/2021, 09:02

Subject

CN=Open Source Developer\, Phillip Gibbons,O=Open Source Developer,ST=Berkshire,C=GB,1.2.840.113549.1.9.1=#0c125068696c406869676872657a2e636f2e756b

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e6:3b:a1:de:dd:0b:80:41:ad:e3:c0:16:76:40:6d:b2:b2:04:16:cf
Signer

Actual PE Digest

e6:3b:a1:de:dd:0b:80:41:ad:e3:c0:16:76:40:6d:b2:b2:04:16:cf

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\My Documents\Visual Studio 2015\Projects\XMBC\XMouseButtonControl.root\XMBC\Bin\x64\Release\XMouseButtonControlFull.pdb

Imports

psapi

EnumProcessModules
GetModuleFileNameExW
EnumProcesses

dnsapi

DnsQuery_W
DnsFree

wininet

InternetOpenW
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
DeleteUrlCacheEntryW

bugtrapu-x64

BT_CppFilter
BT_SehFilter
BT_SetUserMessage

xmousebuttonhook

?SetScrollLines@CApplicationSettings@@QEAAXH@Z
?SetForceSPIMessage@CApplicationSettings@@QEAAX_N@Z
??0CSettings@@QEAA@_NVCMouseInfo@@@Z
?GetStartupMouseInfo@@YAAEBVCMouseInfo@@XZ
??1CSettings@@UEAA@XZ
?SetSetupWindow@@YAXPEAUHWND__@@@Z
?GetShortName@CApplicationSettings@@QEAAHPEA_WH@Z
?IsEnabled@CApplicationSettings@@QEAA_NXZ
?GetSettingsFile@@YAHPEA_W_K_NAEA_N@Z
?CreateFolder@@YA_NPEB_W@Z
?Load@CSettings@@QEAA_NPEB_WAEA_N_N@Z
?GetCaption@CApplicationSettings@@QEAAPEB_WXZ
?GetClass@CApplicationSettings@@QEAAPEB_WXZ
?GetParentClass@CApplicationSettings@@QEAAPEB_WXZ
?IsCustomWindow@CApplicationSettings@@QEAA_NXZ
?GetMatchType@CApplicationSettings@@QEAAHXZ
?GetUseWindowArea@CApplicationSettings@@QEAA_NXZ
?GetWindowMask@CApplicationSettings@@QEAA?AW4WINDOWMASK@@XZ
?GetFullName@CApplicationSettings@@QEAAPEB_WXZ
?SetApplication@CApplicationSettings@@QEAAXPEB_W@Z
?SetDescription@CApplicationSettings@@QEAAXPEB_W@Z
?SetNoParentFlag@CApplicationSettings@@QEAAX_N@Z
?SetRegExMatching@CApplicationSettings@@QEAAX_N@Z
?SetMatchType@CApplicationSettings@@QEAAXH@Z
?SetWindowMask@CApplicationSettings@@QEAAXW4WINDOWMASK@@@Z
?SetUseWindowArea@CApplicationSettings@@QEAAX_N@Z
?SetWindowArea@CApplicationSettings@@QEAAXUtagRECT@@@Z
?AddApplication@CSettings@@QEAA_NPEAVCApplicationSettings@@@Z
?NoParent@CApplicationSettings@@QEAA_NXZ
?RegExMatching@CApplicationSettings@@QEAA_NXZ
?GetWindowArea@CApplicationSettings@@QEAA?AUtagRECT@@XZ
?Copy@CApplicationSettings@@QEAAXPEAV1@@Z
?RemoveApplication@CSettings@@QEAA_NPEAVCApplicationSettings@@@Z
?SetDebug@@YAX_NPEB_W@Z
?UpdateSettings@@YA_NXZ
?SetDefaultApp@CSettings@@QEAAXPEAVCApplicationSettings@@@Z
?ClearApplications@CSettings@@QEAAXXZ
?Save@CSettings@@QEAA_NPEB_W@Z
?SavePersistantSettings@@YA_NXZ
?SetEnableFlag@CApplicationSettings@@QEAAX_N@Z
?FlushLog@CLogger@@SAXXZ
?Import@CSettings@@QEAAHPEB_WPEAUHWND__@@0PEAPEAVCApplicationSettings@@@Z
?Export@CSettings@@QEAA_NPEAVCApplicationSettings@@PEB_W@Z
?GetFilename@CSettings@@QEAAPEB_WXZ
?SetSettingsFile@@YAHPEB_W@Z
?GetDefaultSettingsFile@@YAHPEA_W_K@Z
?LoadIcons@CIconSettings@@QEAAHPEB_W@Z
?SaveIcons@CIconSettings@@QEAAHPEB_W@Z
??0InvalidParameterInstaller@@QEAA@XZ
??1InvalidParameterInstaller@@QEAA@XZ
?DebugOutput@CLogger@@SAXPEB_WZZ
?DisableLogging@CLogger@@SAX_N@Z
?SetPortable@@YAX_N@Z
?AddFiles@ExceptionHandlerInstaller@@SAXXZ
?DisableBanner@CLogger@@SAXXZ
?GetProcessIntegrityLevel@@YAHKPEAX@Z
?GetHooktimeoutValue@@YAKXZ
?GetOfficeMouse@@YA_NXZ
?SetOfficeMouse@@YAX_N@Z
?GetShowIcon@@YA_NXZ
?SetMouseHook@@YA_NXZ
?RemoveMouseHook@@YA_N_N@Z
?GetLanguageFile@@YA_NPEA_WH@Z
?CopyChords@CApplicationSettings@@QEAAXHHPEAVCXMBCChords@@@Z
?GetLaunchApp@CApplicationSettings@@QEAAPEA_WHH@Z
?GetKeystrokes@CApplicationSettings@@QEAAPEA_WHH@Z
?SendKeyAction@CApplicationSettings@@QEAAHHH@Z
?SendKeyRepeat@CApplicationSettings@@QEAAHHH@Z
?SendKeyWhenActive@CApplicationSettings@@QEAA_NHH@Z
?BlockMouse@CApplicationSettings@@QEAA_NHH@Z
?RandomiseDelay@CApplicationSettings@@QEAA_NHH@Z
?GetAutoSwitchTime@CApplicationSettings@@QEAANH@Z
?GetActionData@CApplicationSettings@@QEAAPEAVCActionData@@HH@Z
?GetLayerName@CApplicationSettings@@QEAAPEA_WH@Z
?SetLayerDisabled@CApplicationSettings@@QEAAXH_N@Z
?SetLayerDisabledNextPrev@CApplicationSettings@@QEAAXH_N@Z
?SetRevertLayer1@CApplicationSettings@@QEAAXH_N@Z
?SetAutoSwitchTime@CApplicationSettings@@QEAAXHN@Z
?SetAutoSwitchLayer@CApplicationSettings@@QEAAXHH@Z
?SetTimedClicks@CApplicationSettings@@QEAAXHHPEAVCXMBCTimedClicks@@@Z
?SetChords@CApplicationSettings@@QEAAXHHPEAVCXMBCChords@@@Z
?SetMovement2Scroll@CApplicationSettings@@QEAAXHHPEAVCMovement2Scroll@@@Z
?SetLaunchApp@CApplicationSettings@@QEAAXHHPEB_W@Z
?SetKeystrokes@CApplicationSettings@@QEAAXHHPEB_WHH_N11@Z
?SetActionDescription@CApplicationSettings@@QEAAXHHPEB_W@Z
?SetLayerName@CApplicationSettings@@QEAAXPEB_WH@Z
?SetActions@CApplicationSettings@@QEAAXHHW4_ACTIONS@@@Z
?GetRevertLayer1@CApplicationSettings@@QEAA_NH@Z
?GetAutoSwitchLayer@CApplicationSettings@@QEAAHH@Z
?GetLayerDisabledNextPrev@CApplicationSettings@@QEAA_NH_N@Z
?GetLayerDisabled@CApplicationSettings@@QEAA_NH@Z
?GetActions@CApplicationSettings@@QEAA?AW4_ACTIONS@@HH_N@Z
?GetLayerModifierKeys@CSettings@@QEAAPEAVCLayerModifierKeys@@XZ
??1CThreadLock@@QEAA@XZ
??0CThreadLock@@QEAA@PEAU_RTL_CRITICAL_SECTION@@PEB_W@Z
?SaveIcons@CIconSettings@@QEAAHXZ
?WindowHandle@CIcon@@QEAAPEAUHWND__@@XZ
?IsGadget@CIcon@@QEAA_NXZ
?GetPosition@CIcon@@QEAA?AUtagPOINT@@XZ
?GetName@CIcon@@QEAAPEB_WXZ
?Index@CIcon@@QEAAIXZ
?GetIcon@CIconSettings@@QEAAPEAVCIcon@@H@Z
?GetCount@CIconSettings@@QEAAHXZ
?LoadIcons@CIconSettings@@QEAAHXZ
??1CIcon@@UEAA@XZ
?RemoveListedIcons@CIconSettings@@QEAAHXZ
?AddIcon@CIconSettings@@QEAAHPEAVCIcon@@@Z
??0CIcon@@QEAA@IPEB_WUtagPOINT@@PEAUHWND__@@_N@Z
?ClearIcons@CIconSettings@@QEAAHXZ
?GetDebug@@YA_NXZ
??1CIconSettings@@UEAA@XZ
??0CIconSettings@@QEAA@XZ
?SetScrollPages@CApplicationSettings@@QEAAX_N@Z
?LogThreadDebug@CLogger@@SAXPEB_WZZ
?SetThreadName@@YAXKPEBD@Z
?SetMaxLayers@CSettings@@QEAA_NH@Z
?RealWindowFromPoint@@YAPEAUHWND__@@AEBUtagPOINT@@@Z
?SetFindHook@@YA_NPEAUHWND__@@@Z
?RemoveFindHook@@YA_NXZ
?GetProfileWindow@@YAPEAUHWND__@@XZ
?WindowFromPointEx@@YAPEAUHWND__@@UtagPOINT@@H@Z
?GetPhysCursorPos@@YAHPEAUtagPOINT@@@Z
?MaxLayers@@YAHXZ
?GetLogFile@@YAHPEA_W_K_N@Z
?SetDefaultLogFolder@@YA_NPEB_W@Z
?GetDefaultLogFolder@@YA_NPEA_WK@Z
?SetDisableLayerModifier@CApplicationSettings@@QEAAX_N@Z
?SetDisableMouseOver@CApplicationSettings@@QEAAX_N@Z
?SetClipMouse@CApplicationSettings@@QEAAX_N@Z
?SetIgnoreHScroll@CApplicationSettings@@QEAAX_N@Z
?SetIgnoreVScroll@CApplicationSettings@@QEAAX_N@Z
?SetAxisLocking@CApplicationSettings@@QEAAX_N@Z
?ChangeCursor@CApplicationSettings@@QEAAX_N@Z
?SetMouseSpeed@CApplicationSettings@@QEAAXH@Z
?ActivateOnHover@CApplicationSettings@@QEAAX_N@Z
?EnhancePointerPrecision@CApplicationSettings@@QEAAX_N@Z
?OverrideMouseSpeed@CApplicationSettings@@QEAAX_N@Z
?SetDisableScrollUnderCursor@CApplicationSettings@@QEAAX_N@Z
?SetSwapButtons@CApplicationSettings@@QEAAXW4swapbuttons@@@Z
?SetIgnoreHScrollTime@CApplicationSettings@@QEAAXH@Z
?SetIgnoreVScrollTime@CApplicationSettings@@QEAAXH@Z
?ChangeCursor@CApplicationSettings@@QEAA_NXZ
?GetMouseSpeed@CApplicationSettings@@QEAAHXZ
?ActivateOnHover@CApplicationSettings@@QEAA_NXZ
?GetDisableLayerModifier@CApplicationSettings@@QEAA_NXZ
?AxisLocking@CApplicationSettings@@QEAA_NXZ
?GetDisableMouseOver@CApplicationSettings@@QEAA_NXZ
?IsDefault@CApplicationSettings@@QEAA_NXZ
?GetIgnoreHScrollTime@CApplicationSettings@@QEAAHXZ
?GetIgnoreVScrollTime@CApplicationSettings@@QEAAHXZ
?GetIgnoreHScroll@CApplicationSettings@@QEAA_NXZ
?GetIgnoreVScroll@CApplicationSettings@@QEAA_NXZ
?GetDisableScrollUnderCursor@CApplicationSettings@@QEAA_NXZ
?EnhancePointerPrecision@CApplicationSettings@@QEAA_NXZ
?OverrideMouseSpeed@CApplicationSettings@@QEAA_NXZ
?ClipMouse@CApplicationSettings@@QEAA_NXZ
?SetCursor@CApplicationSettings@@QEAAXPEB_W@Z
?GetCursor@CApplicationSettings@@QEAAPEB_WXZ
?SwapButtons@CApplicationSettings@@QEAA?AW4swapbuttons@@XZ
?SetActionData@CMovement2Scroll@@QEAAXPEAVCActionData@@@Z
?SetSensitivityX@CMovement2Scroll@@QEAAXH@Z
?SetSensitivityY@CMovement2Scroll@@QEAAXH@Z
?SetAxisLock@CMovement2Scroll@@QEAAXH@Z
?SetStickyBlock@CMovement2Scroll@@QEAAX_N@Z
?SetSticky@CMovement2Scroll@@QEAAX_N@Z
?SetInvertHorizontal@CMovement2Scroll@@QEAAX_N@Z
?SetInvertVertical@CMovement2Scroll@@QEAAX_N@Z
?SetBlockMouse@CMovement2Scroll@@QEAAX_N@Z
?GetActionData@CMovement2Scroll@@QEAAPEAVCActionData@@XZ
?getSensitivityX@CMovement2Scroll@@QEAAHXZ
?getSensitivityY@CMovement2Scroll@@QEAAHXZ
?InvertHorizontal@CMovement2Scroll@@QEAA_NXZ
?InvertVertical@CMovement2Scroll@@QEAA_NXZ
?SetInvertHorzScrolling@CApplicationSettings@@QEAAX_N@Z
?SetInvertScrolling@CApplicationSettings@@QEAAX_N@Z
?SetAdvScrollHorizontal@CApplicationSettings@@QEAAXH@Z
?GetChords@CApplicationSettings@@QEAAPEAVCXMBCChords@@HH@Z
?GetAxisLocked@CMovement2Scroll@@QEAAHXZ
?IsStickyBlock@CMovement2Scroll@@QEAA_NXZ
?IsSticky@CMovement2Scroll@@QEAA_NXZ
?IsButtonBlocked@CMovement2Scroll@@QEAA_NXZ
?SetModifier@CHotkey@@QEAAHG@Z
?SetVirtualKey@CHotkey@@QEAAHG@Z
?IsExtended@CHotkey@@QEAA_NXZ
?GetHotkey@CLayerModifierKeys@@QEAAPEAVCHotkey@@W4ModifierKeys@@@Z
?SetLanguage@CSettings@@QEAAXPEB_W@Z
?GetLanguage@CSettings@@QEAAPEB_WXZ
?SetHotkey@CHotkey@@QEAAHK@Z
?GetVirtualKey@CHotkey@@QEAAGXZ
?GetModifier@CHotkey@@QEAAGXZ
?GetHotkey@CHotKeys@@QEAAPEAVCHotkey@@W4GlobalHotkeys@@@Z
?MaxLayers@CSettings@@QEAA?BHXZ
?GetDescription@CApplicationSettings@@QEAAPEB_WXZ
?GetApplication@CApplicationSettings@@QEAAPEB_WXZ
?GetApplication@CSettings@@QEAAPEAVCApplicationSettings@@H@Z
?SetHookVolumeOSDWindow@@YAXPEAUHWND__@@@Z
?SetHookBrightnessOSDWindow@@YAXPEAUHWND__@@@Z
?SetHookMainWindow@@YAXPEAUHWND__@@@Z
?GetHooked@@YA_NXZ
?NotificatcionsEnabled@@YA_NXZ
?IsXMBCDisabled@@YA_N_N@Z
?UpdateSPIThread@@YAXXZ
?GetEnableOSD@@YA_NXZ
?GetCurrentLayername@@YAPEB_WH@Z
?SetCurrentLayer@@YAXH_N00@Z
?GetReinstallOnResume@@YA_NXZ
?GetCurrentLayer@@YAHXZ
?LeftClickCycleLayer@@YA_NXZ
?NextLayer@@YAXXZ
?PreviousLayer@@YAXXZ
?GetApplicationCount@CSettings@@QEAAHXZ
?GetDefaultApp@CSettings@@QEAAPEAVCApplicationSettings@@XZ
?NewAction@CActionData@@SAPEAV1@H@Z
?Clear@CActionData@@QEAAXXZ
?GetTimedClicks@CActionData@@QEAAPEAVCXMBCTimedClicks@@XZ
?GetLaunchApp@CXMBCChord@@QEAAPEB_WXZ
?SendKeyAction@CXMBCChord@@QEAAHXZ
?GetKeys@CXMBCChord@@QEAAPEB_WXZ
?GetChords@CActionData@@QEAAPEAVCXMBCChords@@XZ
?HookToggleXAxisLock@@YAXXZ
?HookToggleYAxisLock@@YAXXZ
?HookToggleXAxisInvert@@YAXXZ
?HookToggleYAxisInvert@@YAXXZ
?CycleCursorSpeed@@YAXXZ
?GetCycleCursorSpeed@@YAHXZ
?GetHotkeys@@YAPEAVCHotKeys@@XZ
?GetUseWhenDisabled@CHotkey@@QEAAHXZ
?UpdateCursors@@YAXXZ
?DisplayChanged@@YAXXZ
?SetAdvScrollVertical@CApplicationSettings@@QEAAXH@Z
?SetAdvScrollMethod@CApplicationSettings@@QEAAXH@Z
?AdvScrollHorizontal@CApplicationSettings@@QEAAHXZ
?AdvScrollVertical@CApplicationSettings@@QEAAHXZ
?AdvScrollMethod@CApplicationSettings@@QEAAHXZ
?ScrollLines@CApplicationSettings@@QEAAHXZ
?ScrollPages@CApplicationSettings@@QEAA_NXZ
?InvertedHorzScrolling@CApplicationSettings@@QEAA_NXZ
?InvertedScrolling@CApplicationSettings@@QEAA_NXZ
?ForceSPIMessage@CApplicationSettings@@QEAA_NXZ
?LogOSError@CLogger@@SAXKPEB_WZZ
?TimedClicksAction@CActionData@@SAPEAV1@AEAVCXMBCTimedClicks@@@Z
?ChordedAction@CActionData@@SAPEAV1@AEAVCXMBCChords@@@Z
??1CApplicationSettings@@UEAA@XZ
??0CApplicationSettings@@QEAA@PEAVCSettings@@_N@Z
?GetTimedClicks@CApplicationSettings@@QEAAPEAVCXMBCTimedClicks@@HH@Z
?CopyTimedClicks@CApplicationSettings@@QEAAXHHPEAVCXMBCTimedClicks@@@Z
?GetHotKeys@CSettings@@QEAAPEAVCHotKeys@@XZ
?CheckVersionEnabled@@YA_NXZ
?CheckVersionDays@@YAHXZ
?GetLastUpdateCheck@@YAHXZ
?LogDebug@CLogger@@SAXPEB_WZZ
??0ExceptionHandlerInstaller@@QEAA@XZ
??1ExceptionHandlerInstaller@@UEAA@XZ
?LogMessage@CLogger@@SAXPEB_WZZ
?CheckBetaVersionEnabled@@YA_NXZ
?SetLastUpdateCheck@@YAXH@Z
?GetSettingsFolder@@YAHPEA_W_K@Z
?GetEXEFolder@@YAHPEA_W_K@Z
?get_ResetStickyOnAnyButton@CSettings@@QEAA_NXZ
?get_ResetStickyOnAnyKey@CSettings@@QEAA_NXZ
?get_ResetStickyOnLayerChange@CSettings@@QEAA_NXZ
?get_EnableDebounce@CSettings@@QEAA_NXZ
?get_DebounceTime@CSettings@@QEAAHXZ
?get_DebounceFromUp@CSettings@@QEAA_NXZ
?put_ResetStickyOnAnyButton@CSettings@@QEAAX_N@Z
?put_ResetStickyOnAnyKey@CSettings@@QEAAX_N@Z
?put_ResetStickyOnLayerChange@CSettings@@QEAAX_N@Z
?put_EnableDebounce@CSettings@@QEAAX_N@Z
?put_DebounceTime@CSettings@@QEAAXH@Z
?put_DebounceFromUp@CSettings@@QEAAX_N@Z
?LogOSMessage@CLogger@@SAXKPEB_WZZ
?GetOSVersion@@YA?AW4_ActionOSVersion@@XZ
??1CBrightness@@QEAA@XZ
??0CBrightness@@QEAA@PEAUHWND__@@@Z
?GetAlwaysShowOSD@@YA_NXZ
?SetBrightness@CBrightness@@QEAA_NH@Z
?Action@CActionData@@QEAA?AW4_ACTIONS@@XZ
??0CXMBCChords@@QEAA@XZ
??1CXMBCChords@@UEAA@XZ
??4CXMBCChords@@QEAAXPEAV0@@Z
?DelayUntilChordKnown@CXMBCChords@@QEAA_NXZ
?GetApplication@CActionData@@QEAAPEA_WXZ
?SetActionData@CXMBCTimedClick@@QEAAXPEAVCActionData@@@Z
?SetEnabled@CXMBCTimedClicks@@QEAAXH_N@Z
?SetReleaseOnUp@CXMBCTimedClicks@@QEAAX_N@Z
?SetAbortOnMouseMove@CXMBCTimedClicks@@QEAAX_N@Z
?SetTime@CXMBCTimedClicks@@QEAAXHH@Z
?SetDescription@CXMBCTimedClicks@@QEAAXPEB_W@Z
?GetTime@CXMBCTimedClicks@@QEAAHH@Z
?GetDescription@CXMBCTimedClicks@@QEAAPEA_WXZ
?GetActionData@CXMBCTimedClick@@QEAAPEAVCActionData@@XZ
?GetTimedClick@CXMBCTimedClicks@@QEAAPEAVCXMBCTimedClick@@H@Z
?GetAction@CXMBCTimedClick@@QEAA?AW4_ACTIONS@@XZ
?GetEnabled@CXMBCTimedClicks@@QEAA_NH@Z
?GetReleaseOnUp@CXMBCTimedClicks@@QEAA_NXZ
?GetAbortOnMouseMove@CXMBCTimedClicks@@QEAA_NXZ
?Initialise@CXMBCTimedClicks@@QEAAXW4MouseButtons@@_N@Z
??4CXMBCTimedClicks@@QEAAXPEAV0@@Z
??1CXMBCTimedClicks@@UEAA@XZ
??0CXMBCTimedClicks@@QEAA@XZ
??1CMovement2Scroll@@QEAA@XZ
?SetMovement2Scroll@CActionData@@QEAAXPEAVCMovement2Scroll@@@Z
?GetMovement2Scroll@CActionData@@QEAAPEAVCMovement2Scroll@@XZ
?Copy@CMovement2Scroll@@QEAAXPEAV1@@Z
??0CMovement2Scroll@@QEAA@XZ
?OpenFolderAction@CActionData@@SAPEAV1@PEB_W@Z
?AppAction@CActionData@@SAPEAV1@PEB_W@Z
?KeyAction@CActionData@@SAPEAV1@PEB_WHHH_N110@Z
?GetDescription@CActionData@@QEAAPEA_WXZ
?RandomiseDelay@CActionData@@QEAA_NXZ
?BlockMouse@CActionData@@QEAA_NXZ
?Active@CActionData@@QEAA_NXZ
?KeyRepeat@CActionData@@QEAAHXZ
?KeyAction@CActionData@@QEAAHXZ
?GetKeys@CActionData@@QEAAPEA_WXZ
?SetUnblockTime@CXMBCChords@@QEAAXH@Z
?SetUnblockAfterMovement@CXMBCChords@@QEAAX_N@Z
?SetUnblockAfterDelay@CXMBCChords@@QEAAX_N@Z
?SetDelayUntilChordKnown@CXMBCChords@@QEAAX_N@Z
?SetDescription@CXMBCChords@@QEAAXPEB_W@Z
?SetActionData@CXMBCChord@@QEAAXPEAVCActionData@@@Z
?GetDescription@CXMBCChords@@QEAAPEA_WXZ
?GetActionData@CXMBCChord@@QEAAPEAVCActionData@@XZ
?GetChord@CXMBCChords@@QEAAPEAVCXMBCChord@@W4MouseButtons@@@Z
?UnblockAfterDelay@CXMBCChords@@QEAA_NXZ
?UnblockTime@CXMBCChords@@QEAAHXZ
?UnblockAfterMovement@CXMBCChords@@QEAA_NXZ
?GetAction@CXMBCChord@@QEAA?AW4_ACTIONS@@XZ

kernel32

GetLastError
GetTempPathW
DeleteFileW
Sleep
WideCharToMultiByte
lstrcpynW
GetCurrentThreadId
GetVersionExW
LoadLibraryW
GetProcAddress
FreeLibrary
FindNextFileW
FindClose
FindFirstFileW
WaitForSingleObject
GetTickCount
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateEventW
CloseHandle
GetExitCodeThread
ResumeThread
SetEvent
TerminateThread
ResetEvent
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleHandleW
lstrcmpW
ReleaseMutex
CreateMutexW
OpenMutexW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CreateThread
GetCurrentProcess
OpenProcess
VirtualAllocEx
VirtualFreeEx
ReadProcessMemory
WriteProcessMemory
GetPrivateProfileStringW
WritePrivateProfileStringW
OutputDebugStringW
GetStringTypeW
LCMapStringW
GetCPInfo
RtlPcToFileHeader
RtlUnwindEx
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
WriteConsoleW
GetCommandLineW
HeapQueryInformation
VirtualAlloc
VirtualQuery
GetStdHandle
ExitProcess
GetFileType
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
GetDriveTypeW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
InitializeCriticalSectionAndSpinCount
CreateToolhelp32Snapshot
FindResourceW
LoadResource
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
GetUserDefaultLCID
SetErrorMode
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
GetCurrentDirectoryW
FindResourceExW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetThreadLocale
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFlags
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
GetPrivateProfileIntW
SystemTimeToTzSpecificLocalTime
lstrcmpA
VirtualProtect
LoadLibraryExW
GetSystemDirectoryW
EncodePointer
FormatMessageW
MulDiv
GetCurrentProcessId
GlobalUnlock
GlobalLock
FreeResource
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GetModuleHandleExW
SetLastError
OutputDebugStringA
GetACP
CopyFileW
MoveFileW
LocalFree
CreateNamedPipeW
LocalAlloc
DisconnectNamedPipe
ReadFile
ConnectNamedPipe
SetThreadPriority
GetCurrentThread
GetSystemInfo
GetProcessId
GetModuleFileNameW
WriteFile
WaitNamedPipeW
CreateFileW
GlobalFree
GlobalAlloc
GetProcessHeap
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
HeapFree
Process32NextW
MultiByteToWideChar
SizeofResource
LockResource
Process32FirstW

user32

IsWindowVisible
CharUpperW
PostThreadMessageW
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
CharNextW
RealChildWindowFromPoint
RegisterClipboardFormatW
SetWindowContextHelpId
DestroyMenu
NotifyWinEvent
WindowFromPoint
MapDialogRect
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
IsDialogMessageW
SetDlgItemTextW
MonitorFromWindow
WinHelpW
GetClassLongPtrW
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
GetScrollPos
ValidateRect
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
IsIconic
IsChild
IsMenu
GetClassInfoW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
EndPaint
BeginPaint
TabbedTextOutW
GrayStringW
GetMenuStringW
GetLastActivePopup
GetActiveWindow
RegisterWindowMessageW
EnableWindow
MessageBoxW
GetTopWindow
GetWindow
PostMessageW
SendMessageW
GetWindowThreadProcessId
GetNextDlgTabItem
LoadIconW
GetClientRect
FindWindowExW
GetWindowTextW
EnumDesktopWindows
IsWindow
GetWindowRect
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetSystemMetrics
GetComboBoxInfo
MoveWindow
GetCapture
GetWindowLongW
SetWindowLongW
DrawStateW
InflateRect
OffsetRect
GetSysColor
GetFocus
FrameRect
GetCursorPos
ScreenToClient
RedrawWindow
InvalidateRect
UpdateWindow
GetParent
GetMonitorInfoW
MonitorFromPoint
CopyRect
SystemParametersInfoW
SetWindowRgn
DestroyIcon
FillRect
GetSysColorBrush
DrawTextExW
DrawIconEx
GetClassNameW
IsRectEmpty
PtInRect
SetRectEmpty
ReleaseCapture
SetFocus
SetCapture
GetDlgCtrlID
EqualRect
GetKeyState
IntersectRect
LoadImageW
SetCursor
LoadCursorW
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
AnimateWindow
GetIconInfo
KillTimer
SetTimer
GetDC
ReleaseDC
ClientToScreen
GetClassInfoExW
DefWindowProcW
RegisterClassExW
SetParent
GetDesktopWindow
SetRect
DrawFocusRect
GetWindowTextLengthW
SetWindowTextW
IsWindowEnabled
LoadMenuW
GetSubMenu
GetMenuItemCount
GetMenuItemID
ModifyMenuW
EnableMenuItem
GetAsyncKeyState
LoadBitmapW
GetCursor
CreatePopupMenu
AppendMenuW
ShowWindow
GetWindowDC
wsprintfW
RegisterHotKey
UnregisterHotKey
PostQuitMessage
GetMessageW
TranslateMessage
DispatchMessageW
UnregisterClassW
CreateWindowExW
MessageBeep
SetWindowPos
GetThreadDesktop
FindWindowW
SetLayeredWindowAttributes
DrawTextW
GetAncestor
SetForegroundWindow
LockWindowUpdate
GetScrollBarInfo
ShowScrollBar
DialogBoxIndirectParamW
DialogBoxParamW
SetWindowLongPtrW
GetDlgItem
EndDialog
GetWindowLongPtrW
GetSystemMenu
CreateIconIndirect
DrawEdge
SetActiveWindow
RemoveMenu
CheckMenuItem
GetDoubleClickTime
SetCursorPos
GetForegroundWindow
SendDlgItemMessageA
DestroyWindow
CreateDialogIndirectParamW

gdi32

GetDeviceCaps
GetDIBits
SetDIBits
CreateDIBSection
PatBlt
Ellipse
DeleteDC
CreateBitmap
Escape
GetViewportExtEx
GetWindowExtEx
LineTo
PtVisible
RectVisible
BeginPath
SaveDC
ExtSelectClipRgn
SetMapMode
EnumFontFamiliesExW
GetLayout
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
CreateFontW
SetTextColor
SetBkColor
GetClipBox
Rectangle
CreatePen
GetTextMetricsW
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
SetPixel
SelectClipRgn
CreateSolidBrush
GetCurrentObject
GetStockObject
CreateFontIndirectW
DeleteObject
SetBkMode
SelectClipPath
SetLayout
EndPath
CreateRoundRectRgn
CreateRectRgnIndirect
GetObjectW
RestoreDC
ScaleViewportExtEx
ScaleWindowExtEx
GetMapMode
GetRgnBox
GetTextColor
GetBkColor
BitBlt

msimg32

GradientFill
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCreateKeyExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
GetUserNameW

shell32

ExtractIconExW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
FindExecutableW
SHGetFolderPathW
ord680
Shell_NotifyIconW
ShellExecuteW

comctl32

ord17
ImageList_GetIconSize
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_GetIcon
InitCommonControlsEx

shlwapi

PathFileExistsW
PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW

uxtheme

EnableThemeDialogTexture
IsThemeActive
OpenThemeData
CloseThemeData
SetWindowTheme
DrawThemeBackground
GetThemePartSize
IsAppThemed

ole32

CoCreateInstance
CoTaskMemFree
CoInitialize
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
CoInitializeEx
CoTaskMemAlloc
CoInitializeSecurity
CoUninitialize

oleaut32

VariantInit
VariantClear
VariantChangeType
SysAllocString
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysAllocStringLen
VariantCopy
OleCreateFontIndirect
SysFreeString

oledlg

OleUIBusyW

urlmon

URLDownloadToFileW

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 883KB - Virtual size: 882KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 517KB - Virtual size: 517KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XMouseButtonHook.dll
.dll windows:5 windows x64 arch:x64

1f6f4f2c7314d1ecaee858a949154c55

Code Sign

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

08/03/2016, 13:10

Not After

30/05/2027, 13:10

Subject

CN=Certum EV TSA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

29/10/2015, 11:30

Not After

09/06/2027, 11:30

Subject

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5f:40:9f:1e:51:eb:58:16:4c:1e:46:1c:51:a8:29:11
Certificate

Issuer

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

16/03/2020, 09:02

Not After

16/03/2021, 09:02

Subject

CN=Open Source Developer\, Phillip Gibbons,O=Open Source Developer,ST=Berkshire,C=GB,1.2.840.113549.1.9.1=#0c125068696c406869676872657a2e636f2e756b

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

44:23:98:aa:19:51:d7:97:2b:e2:0b:dc:a8:b0:4e:cd:85:dc:90:d4
Signer

Actual PE Digest

44:23:98:aa:19:51:d7:97:2b:e2:0b:dc:a8:b0:4e:cd:85:dc:90:d4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\My Documents\Visual Studio 2015\Projects\XMBC\XMouseButtonControl.root\XMBC\Bin\x64\Release\XMouseButtonHookFull.pdb

Imports

psapi

EnumProcessModules
GetModuleFileNameExW
GetProcessImageFileNameW

bugtrapu-x64

BT_SetNotificationEMail
BT_SetFlags
BT_SetPreErrHandler
BT_SetPostErrHandler
BT_UninstallSehFilter
BT_SetSupportServer
BT_AddLogFile
BT_InstallSehFilter
BT_SetAppName
BT_CallCppFilter
BT_SetAppVersion
BT_SetSupportEMail
BT_SetSupportURL

msimg32

TransparentBlt

kernel32

TerminateThread
GetExitCodeThread
SetLastError
GetCurrentThreadId
GetCurrentThread
SetThreadPriority
GlobalAlloc
GlobalLock
GlobalUnlock
RaiseException
DecodePointer
GetModuleHandleW
GetProcAddress
GetVersionExW
GetCurrentProcess
GetProcessId
OpenProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CreateEventW
SetPriorityClass
ExitProcess
LoadLibraryW
FreeLibrary
GetTempPathW
FindFirstFileW
FindClose
GetModuleFileNameW
GetFileAttributesW
CreateDirectoryW
CreateTimerQueueTimer
DeleteTimerQueueTimer
LocalAlloc
SetEvent
GetSystemDirectoryW
WaitForSingleObject
Sleep
QueryPerformanceCounter
WriteConsoleW
QueryPerformanceFrequency
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
GetProcessHeap
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetConsoleMode
GetConsoleCP
HeapSize
GetFileType
GetStdHandle
GetACP
GetModuleFileNameA
HeapReAlloc
HeapAlloc
HeapFree
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
InterlockedFlushSList
LoadLibraryExW
RtlUnwindEx
RtlPcToFileHeader
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
ResetEvent
IsDebuggerPresent
GetSystemTimeAsFileTime
TlsFree
WideCharToMultiByte
TlsSetValue
TlsGetValue
TlsAlloc
GetLocaleInfoW
LCMapStringW
CompareStringW
GetCPInfo
EncodePointer
GetStringTypeW
MultiByteToWideChar
CloseHandle
SetEndOfFile
ReadFile
SetFilePointerEx
GetFileSizeEx
CreateFileW
LocalFree
FormatMessageW
WriteFile
SetFilePointer
GetTickCount
TryEnterCriticalSection
GetLocalTime
FlushFileBuffers
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
OutputDebugStringW
InitializeCriticalSection
GetComputerNameW
GetLastError
InitializeCriticalSectionAndSpinCount
SetStdHandle

user32

LoadKeyboardLayoutW
GetKeyboardLayoutList
SetCapture
ReleaseCapture
IsChild
GetFocus
FindWindowW
SwitchToThisWindow
SystemParametersInfoW
GetAncestor
GetClassNameW
RegisterWindowMessageW
GetScrollInfo
EnumDisplayMonitors
GetMonitorInfoW
SetWindowsHookExW
UnhookWindowsHookEx
MessageBeep
GetClipboardData
ClipCursor
UnionRect
GetWindowLongPtrW
LockWorkStation
ShowWindow
ActivateKeyboardLayout
GetWindowTextW
GetWindow
GetGUIThreadInfo
GetWindowThreadProcessId
GetAsyncKeyState
CallNextHookEx
UnloadKeyboardLayout
GetDoubleClickTime
SetWindowPos
EnumChildWindows
GetWindowLongW
GetParent
IsWindowVisible
PtInRect
IsWindow
MonitorFromPoint
GetDesktopWindow
WindowFromPoint
ChildWindowFromPointEx
ScreenToClient
DispatchMessageW
TranslateMessage
CopyImage
SetTimer
KillTimer
VkKeyScanW
OemKeyScan
VkKeyScanExW
GetKeyboardLayout
CharToOemW
GetKeyState
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
SendMessageW
MessageBoxW
GetMessageW
MapVirtualKeyW
MapVirtualKeyExW
SendInput
GetWindowRect
ClientToScreen
GetForegroundWindow
SetCursorPos
GetCursorPos
PostThreadMessageW
LoadCursorW
SetSystemCursor
DestroyIcon
CreateIconIndirect
DrawIconEx
GetIconInfo
FillRect
ReleaseDC
GetSystemMetrics
GetDC
CopyIcon
LoadImageW
DestroyCursor
PostMessageW
SendMessageTimeoutW

gdi32

CreateDIBSection
CreateCompatibleDC
CreateSolidBrush
SetBkMode
GetObjectW
SelectObject
DeleteObject
CreateBitmap
GetDeviceCaps
GetDIBits
CreateFontIndirectW
TextOutW
DeleteDC
CreatePen
Ellipse
Rectangle
SetTextColor
GetTextExtentPointW
SetBkColor
RoundRect

advapi32

GetUserNameW
GetSidSubAuthorityCount
GetSidSubAuthority
GetTokenInformation
OpenProcessToken
RegSetValueExW
RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW

shell32

ShellExecuteW
ShellExecuteExW

ole32

CoCreateInstance
CoInitializeEx
CoSetProxyBlanket

oleaut32

VariantClear
SysFreeString
SysAllocString
VariantInit

shlwapi

PathFileExistsW
StrStrIW

Exports

Exports

??0CActionData@@AEAA@XZ
??0CActionData@@QEAA@AEBV0@@Z
??0CApplicationSettings@@QEAA@AEBV0@@Z
??0CApplicationSettings@@QEAA@PEAVCSettings@@_N@Z
??0CBrightness@@QEAA@PEAUHWND__@@@Z
??0CHotKeys@@QEAA@AEBV0@@Z
??0CHotKeys@@QEAA@XZ
??0CHotkey@@QEAA@AEBV0@@Z
??0CHotkey@@QEAA@H@Z
??0CIcon@@QEAA@AEBV0@@Z
??0CIcon@@QEAA@IPEB_WHHPEAUHWND__@@_N@Z
??0CIcon@@QEAA@IPEB_WUtagPOINT@@PEAUHWND__@@_N@Z
??0CIconSettings@@QEAA@AEBV0@@Z
??0CIconSettings@@QEAA@XZ
??0CLayerModifierKeys@@QEAA@AEBV0@@Z
??0CLayerModifierKeys@@QEAA@XZ
??0CLockAxis@@QEAA@AEBV0@@Z
??0CLockAxis@@QEAA@XZ
??0CMouseInfo@@QEAA@QEAH@Z
??0CMouseInfo@@QEAA@XZ
??0CMovement2Scroll@@QEAA@PEAV0@@Z
??0CMovement2Scroll@@QEAA@W4_ACTIONS@@@Z
??0CMovement2Scroll@@QEAA@XZ
??0CMyRegKey@@QEAA@PEB_WPEAUHKEY__@@K@Z
??0CProfileTrigger@@QEAA@AEBV0@@Z
??0CProfileTrigger@@QEAA@PEAVCApplicationSettings@@@Z
??0CSettings@@QEAA@AEBV0@@Z
??0CSettings@@QEAA@_NVCMouseInfo@@@Z
??0CThreadLock@@QEAA@PEAU_RTL_CRITICAL_SECTION@@PEB_W@Z
??0CThreadLock@@QEAA@PEB_W@Z
??0CXMBCChord@@QEAA@AEBV0@@Z
??0CXMBCChord@@QEAA@XZ
??0CXMBCChords@@QEAA@AEAV0@@Z
??0CXMBCChords@@QEAA@XZ
??0CXMBCTimedClick@@QEAA@AEBV0@@Z
??0CXMBCTimedClick@@QEAA@XZ
??0CXMBCTimedClicks@@QEAA@AEAV0@@Z
??0CXMBCTimedClicks@@QEAA@XZ
??0ExceptionHandlerInstaller@@QEAA@AEBV0@@Z
??0ExceptionHandlerInstaller@@QEAA@XZ
??0InvalidParameterInstaller@@QEAA@XZ
??1CActionData@@UEAA@XZ
??1CApplicationSettings@@UEAA@XZ
??1CBrightness@@QEAA@XZ
??1CHotKeys@@UEAA@XZ
??1CHotkey@@UEAA@XZ
??1CIcon@@UEAA@XZ
??1CIconSettings@@UEAA@XZ
??1CLayerModifierKeys@@UEAA@XZ
??1CLockAxis@@UEAA@XZ
??1CMovement2Scroll@@QEAA@XZ
??1CMyRegKey@@QEAA@XZ
??1CProfileTrigger@@UEAA@XZ
??1CSettings@@UEAA@XZ
??1CThreadLock@@QEAA@XZ
??1CXMBCChord@@UEAA@XZ
??1CXMBCChords@@UEAA@XZ
??1CXMBCTimedClick@@UEAA@XZ
??1CXMBCTimedClicks@@UEAA@XZ
??1ExceptionHandlerInstaller@@UEAA@XZ
??1InvalidParameterInstaller@@QEAA@XZ
??4CActionData@@QEAAAEAV0@AEBV0@@Z
??4CApplicationSettings@@QEAAAEAV0@AEBV0@@Z
??4CBrightness@@QEAAAEAV0@AEBV0@@Z
??4CHotKeys@@QEAAAEAV0@AEBV0@@Z
??4CHotkey@@QEAAAEAV0@AEBV0@@Z
??4CIcon@@QEAAAEAV0@AEBV0@@Z
??4CIconSettings@@QEAAAEAV0@AEBV0@@Z
??4CLayerModifierKeys@@QEAAAEAV0@AEBV0@@Z
??4CLockAxis@@QEAAAEAV0@AEBV0@@Z
??4CLogger@@QEAAAEAV0@$$QEAV0@@Z
??4CLogger@@QEAAAEAV0@AEBV0@@Z
??4CMouseInfo@@QEAAAEAV0@$$QEAV0@@Z
??4CMouseInfo@@QEAAAEAV0@AEBV0@@Z
??4CMovement2Scroll@@QEAAAEAV0@AEBV0@@Z
??4CMyRegKey@@QEAAAEAV0@AEBV0@@Z
??4CProfileTrigger@@QEAAAEAV0@AEBV0@@Z
??4CSettings@@QEAAAEAV0@AEBV0@@Z
??4CThreadLock@@QEAAAEAV0@AEBV0@@Z
??4CXMBCChord@@QEAAXAEAV0@@Z
??4CXMBCChord@@QEAAXPEAV0@@Z
??4CXMBCChords@@QEAAAEAV0@AEAV0@@Z
??4CXMBCChords@@QEAAXPEAV0@@Z
??4CXMBCTimedClick@@QEAAXAEAV0@@Z
??4CXMBCTimedClick@@QEAAXPEAV0@@Z
??4CXMBCTimedClicks@@QEAAAEAV0@AEAV0@@Z
??4CXMBCTimedClicks@@QEAAXPEAV0@@Z
??4ExceptionHandlerInstaller@@QEAAAEAV0@AEBV0@@Z
??4InvalidParameterInstaller@@QEAAAEAV0@AEBV0@@Z
??_7CActionData@@6B@
??_7CApplicationSettings@@6B@
??_7CHotKeys@@6B@
??_7CHotkey@@6B@
??_7CIcon@@6B@
??_7CIconSettings@@6B@
??_7CLayerModifierKeys@@6B@
??_7CLockAxis@@6B@
??_7CProfileTrigger@@6B@
??_7CSettings@@6B@
??_7CXMBCChord@@6B@
??_7CXMBCChords@@6B@
??_7CXMBCTimedClick@@6B@
??_7CXMBCTimedClicks@@6B@
??_7ExceptionHandlerInstaller@@6B@
?Abort@CXMBCTimedClicks@@QEAAXUtagPOINT@@@Z
?Action@CActionData@@QEAA?AW4_ACTIONS@@XZ
?ActivateOnHover@CApplicationSettings@@QEAAX_N@Z
?ActivateOnHover@CApplicationSettings@@QEAA_NXZ
?Active@CActionData@@QEAA_NXZ
?AddApplication@CSettings@@QEAA_NPEAVCApplicationSettings@@@Z
?AddFiles@ExceptionHandlerInstaller@@SAXXZ
?AddIcon@CIconSettings@@QEAAHPEAVCIcon@@@Z
?AdvScrollHorizontal@CApplicationSettings@@QEAAHXZ
?AdvScrollMethod@CApplicationSettings@@QEAAHXZ
?AdvScrollVertical@CApplicationSettings@@QEAAHXZ
?AppAction@CActionData@@SAPEAV1@PEB_W@Z
?AxisLocking@CApplicationSettings@@QEAA_NXZ
?BlockMouse@CActionData@@QEAA_NXZ
?BlockMouse@CApplicationSettings@@QEAA_NHH@Z
?BlockMouse@CXMBCChord@@QEAA_NXZ
?BlockMouse@CXMBCTimedClick@@QEAA_NXZ
?CalculateKeystrokesWaitHoldTime@CApplicationSettings@@SAHPEB_WH@Z
?CancelChord@CXMBCChord@@QEAAXXZ
?ChangeCursor@CApplicationSettings@@QEAAX_N@Z
?ChangeCursor@CApplicationSettings@@QEAA_NXZ
?ChangeCursor@CLockAxis@@QEAAXPEAVCSPIThread@@PEAUHICON__@@H@Z
?ChangeCursor@CLockAxis@@QEAAXPEAVCSPIThread@@PEAVCApplicationSettings@@H_N2@Z
?CheckAbort@CXMBCTimedClicks@@QEAAXUtagPOINT@@@Z
?CheckBetaVersionEnabled@@YA_NXZ
?CheckVersionDays@@YAHXZ
?CheckVersionEnabled@@YA_NXZ
?ChordCancelled@CXMBCChord@@QEAA_NXZ
?ChordedAction@CActionData@@SAPEAV1@AEAVCXMBCChords@@@Z
?Clear@CActionData@@QEAAXXZ
?ClearApplications@CSettings@@QEAAXXZ
?ClearChordedFlag@CXMBCChord@@QEAAXXZ
?ClearIcons@CIconSettings@@QEAAHXZ
?ClearString@CApplicationSettings@@SAPEA_WAEAPEA_W@Z
?ClipMouse@CApplicationSettings@@QEAA_NXZ
?CloseLogFile@CLogger@@SAX_N@Z
?Copy@CApplicationSettings@@QEAAXPEAV1@@Z
?Copy@CMovement2Scroll@@QEAAXPEAV1@@Z
?Copy@CProfileTrigger@@QEAAXPEAV1@@Z
?CopyChords@CApplicationSettings@@QEAAXHHPEAVCXMBCChords@@@Z
?CopyMovement2Scrolls@CApplicationSettings@@QEAAXHHPEAVCMovement2Scroll@@@Z
?CopyString@CApplicationSettings@@SAPEA_WAEAPEA_WPEB_W_N@Z
?CopyTimedClicks@CApplicationSettings@@QEAAXHHPEAVCXMBCTimedClicks@@@Z
?CreateFolder@@YA_NPEB_W@Z
?CreateKey@CMyRegKey@@QEAAHPEB_WPEAUHKEY__@@@Z
?CustomAction@CActionData@@SAPEAV1@HPEB_WHHH_N1100PEAVCXMBCChords@@PEAVCMovement2Scroll@@PEAVCXMBCTimedClicks@@@Z
?CycleCursorSpeed@@YAXXZ
?DebugEnabled@CLogger@@SA_NXZ
?DebugOutput@CLogger@@SAXPEB_WZZ
?DefaultRepeat@CApplicationSettings@@SAKXZ
?DelayUntilChordKnown@CXMBCChords@@QEAA_NXZ
?DeleteApplications@CSettings@@AEAAX_N@Z
?DeleteCS@CThreadLock@@SAXXZ
?DeleteValue@CMyRegKey@@QEAAHPEB_W@Z
?DestroyCursors@CLockAxis@@QEAAXXZ
?DisableBanner@CLogger@@SAXXZ
?DisableLogging@CLogger@@SAX_N@Z
?DisplayChanged@@YAXXZ
?Down@CBrightness@@QEAAXAEBUtagPOINT@@@Z
?EnableDebug@CLogger@@SAX_N@Z
?EnhancePointerPrecision@CApplicationSettings@@QEAAX_N@Z
?EnhancePointerPrecision@CApplicationSettings@@QEAA_NXZ
?EnhancePointerPrecision@CMouseInfo@@QEAA_NXZ
?EnterCS@CThreadLock@@SA_NPEB_W@Z
?ExecuteTimer@CXMBCTimedClicks@@QEAAXXZ
?Export@CSettings@@QEAA_NPEAVCApplicationSettings@@PEB_W@Z
?FlushLog@CLogger@@SAXXZ
?ForceSPIMessage@CApplicationSettings@@QEAA_NXZ
?GetAbortOnMouseMove@CXMBCTimedClicks@@QEAA_NXZ
?GetAborted@CXMBCTimedClicks@@QEAA_NXZ
?GetAction@CXMBCChord@@QEAA?AW4_ACTIONS@@XZ
?GetAction@CXMBCTimedClick@@QEAA?AW4_ACTIONS@@XZ
?GetActionData@CApplicationSettings@@QEAAPEAVCActionData@@HH@Z
?GetActionData@CMovement2Scroll@@QEAAPEAVCActionData@@XZ
?GetActionData@CXMBCChord@@QEAAPEAVCActionData@@XZ
?GetActionData@CXMBCTimedClick@@QEAAPEAVCActionData@@XZ
?GetActionDescription@CApplicationSettings@@QEAAPEA_WHH@Z
?GetActionString@CApplicationSettings@@AEAA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@W4MouseButtons@@H@Z
?GetActions@CApplicationSettings@@QEAA?AW4_ACTIONS@@HH_N@Z
?GetAlwaysShowOSD@@YA_NXZ
?GetApplication@CActionData@@QEAAPEA_WXZ
?GetApplication@CApplicationSettings@@QEAAPEB_WXZ
?GetApplication@CProfileTrigger@@QEAAPEB_WXZ
?GetApplication@CSettings@@QEAAPEAVCApplicationSettings@@H@Z
?GetApplication@CSettings@@QEAAPEAVCApplicationSettings@@PEB_W@Z
?GetApplicationCount@CSettings@@QEAAHXZ
?GetApplications@CSettings@@QEAAPEAV?$list@PEAVCApplicationSettings@@V?$allocator@PEAVCApplicationSettings@@@std@@@std@@XZ
?GetAutoSwitchLayer@CApplicationSettings@@QEAAHH@Z
?GetAutoSwitchTime@CApplicationSettings@@QEAANH@Z
?GetAxisLocked@CMovement2Scroll@@QEAAHXZ
?GetBrightness@CBrightness@@AEAAHXZ
?GetButtonUpCount@CMovement2Scroll@@QEAAHXZ
?GetCaption@CApplicationSettings@@QEAAPEB_WXZ
?GetCaption@CProfileTrigger@@QEAAPEB_WXZ
?GetChord@CXMBCChords@@QEAAPEAVCXMBCChord@@W4MouseButtons@@@Z
?GetChordButton@CApplicationSettings@@QEAA?AW4MouseButtons@@H@Z
?GetChordSourceButton@CXMBCChord@@QEAA?AW4MouseButtons@@XZ
?GetChordUsed@CXMBCChord@@QEAA_NXZ
?GetChordedButton@CXMBCChord@@QEAA?AW4MouseButtons@@XZ
?GetChords@CActionData@@QEAAPEAVCXMBCChords@@XZ
?GetChords@CApplicationSettings@@QEAAPEAVCXMBCChords@@HH@Z
?GetClass@CApplicationSettings@@QEAAPEB_WXZ
?GetClass@CProfileTrigger@@QEAAPEB_WXZ
?GetClickAction@CXMBCTimedClicks@@QEAAPEAVCXMBCTimedClick@@XZ
?GetCount@CIconSettings@@QEAAHXZ
?GetCurrentChords@CXMBCChord@@QEAAPEAVCXMBCChords@@XZ
?GetCurrentLayer@@YAHXZ
?GetCurrentLayername@@YAPEB_WH@Z
?GetCurrentProcessName@@YAHPEA_WAEAH@Z
?GetCursor@CApplicationSettings@@QEAAPEB_WXZ
?GetCustomApplications@CSettings@@QEAAPEAV?$list@PEAVCApplicationSettings@@V?$allocator@PEAVCApplicationSettings@@@std@@@std@@XZ
?GetCycleCursorSpeed@@YAHXZ
?GetDebug@@YA_NXZ
?GetDefaultApp@CSettings@@QEAAPEAVCApplicationSettings@@XZ
?GetDefaultLogFolder@@YA_NPEA_WK@Z
?GetDefaultSettingsFile@@YAHPEA_W_K@Z
?GetDescription@CActionData@@QEAAPEA_WXZ
?GetDescription@CApplicationSettings@@QEAAPEB_WXZ
?GetDescription@CProfileTrigger@@QEAAPEB_WXZ
?GetDescription@CXMBCChords@@QEAAPEA_WXZ
?GetDescription@CXMBCTimedClicks@@QEAAPEA_WXZ
?GetDisableLayerModifier@CApplicationSettings@@QEAA_NXZ
?GetDisableMouseOver@CApplicationSettings@@QEAA_NXZ
?GetDisableScrollUnderCursor@CApplicationSettings@@QEAA_NXZ
?GetEXEFolder@@YAHPEA_W_K@Z
?GetEnableOSD@@YA_NXZ
?GetEnabled@CXMBCTimedClicks@@QEAA_NH@Z
?GetFilename@CSettings@@QEAAPEB_WXZ
?GetFullName@CApplicationSettings@@QEAAPEB_WXZ
?GetFullName@CProfileTrigger@@QEAAPEB_WXZ
?GetHooked@@YA_NXZ
?GetHooktimeoutValue@@YAKXZ
?GetHotKeys@CSettings@@QEAAPEAVCHotKeys@@XZ
?GetHotkey@CHotKeys@@QEAAPEAVCHotkey@@W4GlobalHotkeys@@@Z
?GetHotkey@CHotkey@@QEAAKXZ
?GetHotkey@CLayerModifierKeys@@QEAAPEAVCHotkey@@W4ModifierKeys@@@Z
?GetHotkeys@@YAPEAVCHotKeys@@XZ
?GetIcon@CIconSettings@@QEAAPEAVCIcon@@H@Z
?GetIgnoreHScroll@CApplicationSettings@@QEAA_NXZ
?GetIgnoreHScrollTime@CApplicationSettings@@QEAAHXZ
?GetIgnoreVScroll@CApplicationSettings@@QEAA_NXZ
?GetIgnoreVScrollTime@CApplicationSettings@@QEAAHXZ
?GetKey@CApplicationSettings@@QEAA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
?GetKey@CProfileTrigger@@QEAA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
?GetKeys@CActionData@@QEAAPEA_WXZ
?GetKeys@CXMBCChord@@QEAAPEB_WXZ
?GetKeys@CXMBCTimedClick@@QEAAPEB_WXZ
?GetKeystrokes@CApplicationSettings@@QEAAPEA_WHH@Z
?GetKeystrokesWaitHoldTime@CActionData@@QEAAHH@Z
?GetKeystrokesWaitHoldTime@CApplicationSettings@@QEAAHHHH@Z
?GetLanguage@CSettings@@QEAAPEB_WXZ
?GetLanguageFile@@YA_NPEA_WH@Z
?GetLastUpdateCheck@@YAHXZ
?GetLaunchApp@CApplicationSettings@@QEAAPEA_WHH@Z
?GetLaunchApp@CXMBCChord@@QEAAPEB_WXZ
?GetLaunchApp@CXMBCTimedClick@@QEAAPEB_WXZ
?GetLayerDisabled@CApplicationSettings@@QEAA_NH@Z
?GetLayerDisabledNextPrev@CApplicationSettings@@QEAA_NH_N@Z
?GetLayerModifierKeys@CSettings@@QEAAPEAVCLayerModifierKeys@@XZ
?GetLayerName@CApplicationSettings@@QEAAPEA_WH@Z
?GetLogFile@@YAHPEA_W_K_N@Z
?GetLogFolder@@YAHPEA_W_K_N@Z
?GetLogicalCursorPos@@YAHPEAUHWND__@@PEAUtagPOINT@@@Z
?GetMatchType@CApplicationSettings@@QEAAHXZ
?GetMatchType@CProfileTrigger@@QEAAHXZ
?GetModifier@CHotkey@@QEAAGXZ
?GetMouseButton@CMovement2Scroll@@QEAA?AW4MouseButtons@@XZ
?GetMouseInfo@CMouseInfo@@QEAAXAEAY02H@Z
?GetMouseSpeed@CApplicationSettings@@QEAAHXZ
?GetMovement2Scroll@CActionData@@QEAAPEAVCMovement2Scroll@@XZ
?GetMovement2Scroll@CApplicationSettings@@QEAAPEAVCMovement2Scroll@@HH@Z
?GetName@CIcon@@QEAAPEB_WXZ
?GetOSVersion@@YA?AW4_ActionOSVersion@@XZ
?GetOfficeMouse@@YA_NXZ
?GetParentClass@CApplicationSettings@@QEAAPEB_WXZ
?GetParentClass@CProfileTrigger@@QEAAPEB_WXZ
?GetPhysCursorPos@@YAHPEAUtagPOINT@@@Z
?GetPortable@@YA_NXZ
?GetPosition@CIcon@@QEAA?AUtagPOINT@@XZ
?GetProcessIntegrityLevel@@YAHKPEAX@Z
?GetProcessedDown@CXMBCTimedClick@@QEAA_NXZ
?GetProcessedUp@CXMBCTimedClick@@QEAA_NXZ
?GetProfileWindow@@YAPEAUHWND__@@XZ
?GetReinstallOnResume@@YA_NXZ
?GetReleaseOnUp@CXMBCTimedClicks@@QEAA_NXZ
?GetResetKeys@CApplicationSettings@@QEAA_NHH@Z
?GetRevertLayer1@CApplicationSettings@@QEAA_NH@Z
?GetSettingsFile@@YAHPEA_W_K_NAEA_N@Z
?GetSettingsFolder@@YAHPEA_W_K@Z
?GetShortName@CApplicationSettings@@QEAAHPEA_WH@Z
?GetShowIcon@@YA_NXZ
?GetStartupMouseInfo@@YAAEBVCMouseInfo@@XZ
?GetStuckKeys@CApplicationSettings@@QEAAPEB_WHH@Z
?GetTime@CXMBCTimedClicks@@QEAAHH@Z
?GetTimedClick@CXMBCTimedClicks@@QEAAPEAVCXMBCTimedClick@@H@Z
?GetTimedClicks@CActionData@@QEAAPEAVCXMBCTimedClicks@@XZ
?GetTimedClicks@CApplicationSettings@@QEAAPEAVCXMBCTimedClicks@@HH@Z
?GetUseWhenDisabled@CHotkey@@QEAAHXZ
?GetUseWindowArea@CApplicationSettings@@QEAA_NXZ
?GetUseWindowArea@CProfileTrigger@@QEAA_NXZ
?GetValue@CMyRegKey@@QEAAHPEB_WPEAK@Z
?GetValue@CMyRegKey@@QEAAHPEB_WPEAKPEAPEAE1@Z
?GetValue@CMyRegKey@@QEAAHPEB_WPEA_WK@Z
?GetVirtualKey@CHotkey@@QEAAGXZ
?GetWin81CursorPos@@YAHPEAUtagPOINT@@@Z
?GetWindowArea@CApplicationSettings@@QEAA?AUtagRECT@@XZ
?GetWindowArea@CProfileTrigger@@QEAA?AUtagRECT@@XZ
?GetWindowMask@CApplicationSettings@@QEAA?AW4WINDOWMASK@@XZ
?GetWindowMask@CProfileTrigger@@QEAA?AW4WINDOWMASK@@XZ
?HookToggleXAxisInvert@@YAXXZ
?HookToggleXAxisLock@@YAXXZ
?HookToggleYAxisInvert@@YAXXZ
?HookToggleYAxisLock@@YAXXZ
?IPHandler@InvalidParameterInstaller@@CAXPEB_W00I_K@Z
?Import@CSettings@@QEAAHPEB_WPEAUHWND__@@0PEAPEAVCApplicationSettings@@@Z
?IncButtonUpCount@CMovement2Scroll@@QEAAXXZ
?Index@CIcon@@QEAAIXZ
?Init@CLockAxis@@QEAAXXZ
?InitCursors@CLockAxis@@QEAAXPEAUHINSTANCE__@@@Z
?InitGlobalCS@CThreadLock@@SAXXZ
?InitScalingFunctions@@YAXXZ
?Initialise@CLogger@@SAXXZ
?Initialise@CXMBCTimedClick@@QEAAXW4MouseButtons@@H_N@Z
?Initialise@CXMBCTimedClicks@@QEAAXW4MouseButtons@@_N@Z
?InvertHorizontal@CMovement2Scroll@@QEAA_NXZ
?InvertVertical@CMovement2Scroll@@QEAA_NXZ
?InvertX@CLockAxis@@QEAAXXZ
?InvertXY@CLockAxis@@QEAAXXZ
?InvertY@CLockAxis@@QEAAXXZ
?InvertedHorzScrolling@CApplicationSettings@@QEAA_NXZ
?InvertedScrolling@CApplicationSettings@@QEAA_NXZ
?IsButtonBlocked@CMovement2Scroll@@QEAA_NXZ
?IsCustomWindow@CApplicationSettings@@QEAA_NXZ
?IsCustomWindow@CProfileTrigger@@QEAA_NXZ
?IsDefault@CApplicationSettings@@QEAA_NXZ
?IsEnabled@CApplicationSettings@@QEAA_NXZ
?IsEnabled@CProfileTrigger@@QEAA_NXZ
?IsExtended@CHotkey@@QEAA_NXZ
?IsGadget@CIcon@@QEAA_NXZ
?IsInverted@CLockAxis@@QEAA_NXZ
?IsSticky@CMovement2Scroll@@QEAA_NXZ
?IsStickyBlock@CMovement2Scroll@@QEAA_NXZ
?IsValid@CMyRegKey@@QEAAHXZ
?IsXInverted@CLockAxis@@QEAA_NXZ
?IsXMBCDisabled@@YA_N_N@Z
?IsYInverted@CLockAxis@@QEAA_NXZ
?KeyAction@CActionData@@QEAAHXZ
?KeyAction@CActionData@@SAPEAV1@PEB_WHHH_N110@Z
?KeyExists@CMyRegKey@@QEAAHPEB_W@Z
?KeyRepeat@CActionData@@QEAAHXZ
?KillTimerThreadTimers@@YAXXZ
?LastMTSMoved@CMovement2Scroll@@QEAA_NXZ
?LeaveCS@CThreadLock@@SAXXZ
?LeftClickCycleLayer@@YA_NXZ
?Load@CApplicationSettings@@QEAA_NAEAVxml_node@pugi@@HAEA_NAEAH@Z
?Load@CMovement2Scroll@@QEAA_NAEAVxml_node@pugi@@H@Z
?Load@CProfileTrigger@@QEAA_NAEAVxml_node@pugi@@AEA_N@Z
?Load@CSettings@@QEAA_NPEB_WAEA_N_N@Z
?Load@CXMBCChord@@QEAA_NAEAVxml_node@pugi@@H@Z
?Load@CXMBCChords@@QEAA_N_NAEAVxml_node@pugi@@H@Z
?Load@CXMBCTimedClick@@QEAA_NW4MouseButtons@@H_NAEAVxml_node@pugi@@H@Z
?Load@CXMBCTimedClicks@@QEAA_NW4MouseButtons@@_NAEAVxml_node@pugi@@H@Z
?LoadDefault@CApplicationSettings@@QEAA_NAEAVxml_node@pugi@@HAEAH@Z
?LoadIcons@CIconSettings@@QEAAHPEB_W@Z
?LoadIcons@CIconSettings@@QEAAHXZ
?LockToAxis@CLockAxis@@QEAAXPEAVCSPIThread@@H_N@Z
?LockX@CLockAxis@@QEAAXPEAVCSPIThread@@H_N@Z
?LockY@CLockAxis@@QEAAXPEAVCSPIThread@@H_N@Z
?Locked@CLockAxis@@QEAA_NXZ
?LockedToAxis@CLockAxis@@QEAA_NXZ
?LockedX@CLockAxis@@QEAA_NXZ
?LockedY@CLockAxis@@QEAA_NXZ
?Log@CApplicationSettings@@QEAAXPEB_W@Z
?LogDebug@CLogger@@SAXPEB_WZZ
?LogMessage@CLogger@@SAXPEB_WZZ
?LogOSError@CLogger@@SAXKPEB_WZZ
?LogOSMessage@CLogger@@SAXKPEB_WZZ
?LogThreadDebug@CLogger@@SAXPEB_WZZ
?LoggingDisabled@CLogger@@SA_NXZ
?MatchCaption@CApplicationSettings@@QEAA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?MatchCaption@CProfileTrigger@@QEAA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?MatchClass@CApplicationSettings@@QEAA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?MatchClass@CProfileTrigger@@QEAA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?MatchParentClass@CApplicationSettings@@QEAA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?MatchParentClass@CProfileTrigger@@QEAA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?MatchPath@CProfileTrigger@@QEAA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?MatchProcess@CApplicationSettings@@QEAA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?MatchProcess@CApplicationSettings@@QEAA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PEAUHWND__@@@Z
?MatchProcess@CProfileTrigger@@QEAA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?MatchProcess@CProfileTrigger@@QEAA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PEAUHWND__@@@Z
?MaxLayers@@YAHXZ
?MaxLayers@CSettings@@QEAA?BHXZ
?NewAction@CActionData@@SAPEAV1@H@Z
?NextLayer@@YAXXZ
?NoParent@CApplicationSettings@@QEAA_NXZ
?NoParent@CProfileTrigger@@QEAA_NXZ
?NotificatcionsEnabled@@YA_NXZ
?OSD_SHOW_WINDOW@CBrightness@@0IA
?OpenFolderAction@CActionData@@SAPEAV1@PEB_W@Z
?OpenLogFile@CLogger@@CA_NXZ
?OverrideMouseSpeed@CApplicationSettings@@QEAAX_N@Z
?OverrideMouseSpeed@CApplicationSettings@@QEAA_NXZ
?PreviousLayer@@YAXXZ
?Profile@CProfileTrigger@@QEAAPEAVCApplicationSettings@@XZ
?RandomiseDelay@CActionData@@QEAA_NXZ
?RandomiseDelay@CApplicationSettings@@QEAA_NHH@Z
?RandomiseDelay@CXMBCChord@@QEAA_NXZ
?RandomiseDelay@CXMBCTimedClick@@QEAA_NXZ
?RealWindowFromPoint@@YAPEAUHWND__@@AEBUtagPOINT@@@Z
?RealWindowFromPoint_SkipLocked@@YAPEAUHWND__@@AEBUtagPOINT@@_N@Z
?RegExMatching@CApplicationSettings@@QEAA_NXZ
?RegExMatching@CProfileTrigger@@QEAA_NXZ
?ReleaseChord@CXMBCChord@@QEAAXXZ
?RemoveApplication@CSettings@@QEAA_NPEAVCApplicationSettings@@@Z
?RemoveFindHook@@YA_NXZ
?RemoveHooks@@YAXXZ
?RemoveListedIcons@CIconSettings@@QEAAHXZ
?RemoveMouseHook@@YA_N_N@Z
?Reset@CXMBCTimedClicks@@QEAAXXZ
?ResetCursor@CLockAxis@@QEAAXPEAVCSPIThread@@@Z
?ResetGlobalCS@CThreadLock@@SAXXZ
?Save@CApplicationSettings@@QEAA_NAEAVxml_node@pugi@@@Z
?Save@CMovement2Scroll@@QEAAXAEAVxml_node@pugi@@@Z
?Save@CProfileTrigger@@QEAA_NAEAVxml_node@pugi@@@Z
?Save@CSettings@@QEAA_NPEB_W@Z
?Save@CXMBCChord@@QEAAXAEAVxml_node@pugi@@@Z
?Save@CXMBCChords@@QEAAX_NAEAVxml_node@pugi@@@Z
?Save@CXMBCTimedClick@@QEAAXAEAVxml_node@pugi@@@Z
?Save@CXMBCTimedClicks@@QEAAX_NAEAVxml_node@pugi@@@Z
?SaveDefault@CApplicationSettings@@QEAA_NAEAVxml_node@pugi@@@Z
?SaveIcons@CIconSettings@@QEAAHPEB_W@Z
?SaveIcons@CIconSettings@@QEAAHXZ
?SavePersistantSettings@@YA_NXZ
?ScaleWin81CursorPos@@YAHPEAUtagPOINT@@@Z
?ScrollLines@CApplicationSettings@@QEAAHXZ
?ScrollPages@CApplicationSettings@@QEAA_NXZ
?SendKeyAction@CApplicationSettings@@QEAAHHH@Z
?SendKeyAction@CXMBCChord@@QEAAHXZ
?SendKeyAction@CXMBCTimedClick@@QEAAHXZ
?SendKeyRepeat@CApplicationSettings@@QEAAHHH@Z
?SendKeyRepeat@CXMBCChord@@QEAAHXZ
?SendKeyRepeat@CXMBCTimedClick@@QEAAHXZ
?SendKeyWhenActive@CApplicationSettings@@QEAA_NHH@Z
?SendKeyWhenActive@CXMBCChord@@QEAA_NXZ
?SendKeyWhenActive@CXMBCTimedClick@@QEAA_NXZ
?SetAbortOnMouseMove@CXMBCTimedClicks@@QEAAX_N@Z
?SetAction@CXMBCChord@@QEAAXW4_ACTIONS@@@Z
?SetAction@CXMBCTimedClick@@QEAAXW4_ACTIONS@@@Z
?SetActionData@CMovement2Scroll@@QEAAXPEAVCActionData@@@Z
?SetActionData@CXMBCChord@@QEAAXPEAVCActionData@@@Z
?SetActionData@CXMBCTimedClick@@QEAAXPEAVCActionData@@@Z
?SetActionDescription@CApplicationSettings@@QEAAXHHPEB_W@Z
?SetActions@CApplicationSettings@@QEAAXHHW4_ACTIONS@@@Z
?SetAdvScrollHorizontal@CApplicationSettings@@QEAAXH@Z
?SetAdvScrollMethod@CApplicationSettings@@QEAAXH@Z
?SetAdvScrollVertical@CApplicationSettings@@QEAAXH@Z
?SetApplication@CApplicationSettings@@QEAAXPEB_W@Z
?SetApplication@CProfileTrigger@@QEAAXPEB_W@Z
?SetAutoSwitchLayer@CApplicationSettings@@QEAAXHH@Z
?SetAutoSwitchTime@CApplicationSettings@@QEAAXHN@Z
?SetAxisLock@CMovement2Scroll@@QEAAXH@Z
?SetAxisLocking@CApplicationSettings@@QEAAX_N@Z
?SetBlockMouse@CMovement2Scroll@@QEAAX_N@Z
?SetBlockMouse@CXMBCChord@@QEAAX_N@Z
?SetBlockMouse@CXMBCTimedClick@@QEAAX_N@Z
?SetBrightness@CBrightness@@QEAA_NH@Z
?SetChord@CXMBCChords@@QEAAXW4MouseButtons@@AEAVCXMBCChord@@@Z
?SetChordButton@CApplicationSettings@@QEAAXW4MouseButtons@@H@Z
?SetChordSourceButton@CXMBCChord@@QEAAXW4MouseButtons@@@Z
?SetChordUsed@CXMBCChord@@QEAAXXZ
?SetChordedButton@CXMBCChord@@QEAAXW4MouseButtons@@@Z
?SetChords@CApplicationSettings@@QEAAXHHPEAVCXMBCChords@@@Z
?SetClipMouse@CApplicationSettings@@QEAAX_N@Z
?SetCurrentChords@CXMBCChord@@QEAAXPEAVCXMBCChords@@@Z
?SetCurrentLayer@@YAXH_N00@Z
?SetCursor@CApplicationSettings@@QEAAXPEB_W@Z
?SetDebug@@YAX_NPEB_W@Z
?SetDefaultApp@CSettings@@QEAAXPEAVCApplicationSettings@@@Z
?SetDefaultLogFolder@@YA_NPEB_W@Z
?SetDelayUntilChordKnown@CXMBCChords@@QEAAX_N@Z
?SetDescription@CApplicationSettings@@QEAAXPEB_W@Z
?SetDescription@CProfileTrigger@@QEAAXPEB_W@Z
?SetDescription@CXMBCChords@@QEAAXPEB_W@Z
?SetDescription@CXMBCTimedClicks@@QEAAXPEB_W@Z
?SetDisableLayerModifier@CApplicationSettings@@QEAAX_N@Z
?SetDisableMouseOver@CApplicationSettings@@QEAAX_N@Z
?SetDisableScrollUnderCursor@CApplicationSettings@@QEAAX_N@Z
?SetEnableFlag@CApplicationSettings@@QEAAX_N@Z
?SetEnableFlag@CProfileTrigger@@QEAAX_N@Z
?SetEnabled@CXMBCTimedClicks@@QEAAXH_N@Z
?SetFindHook@@YA_NPEAUHWND__@@@Z
?SetForceSPIMessage@CApplicationSettings@@QEAAX_N@Z
?SetHookBrightnessOSDWindow@@YAXPEAUHWND__@@@Z
?SetHookMainWindow@@YAXPEAUHWND__@@@Z
?SetHookVolumeOSDWindow@@YAXPEAUHWND__@@@Z
?SetHotkey@CHotkey@@QEAAHK@Z

Sections

.text
Size: 550KB - Virtual size: 550KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninstaller.exe
.exe windows:4 windows x86 arch:x86

b1a57b635b23ffd553b3fd1e0960b2bd

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

29/10/2015, 11:30

Not After

09/06/2027, 11:30

Subject

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5f:40:9f:1e:51:eb:58:16:4c:1e:46:1c:51:a8:29:11
Certificate

Issuer

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

16/03/2020, 09:02

Not After

16/03/2021, 09:02

Subject

CN=Open Source Developer\, Phillip Gibbons,O=Open Source Developer,ST=Berkshire,C=GB,1.2.840.113549.1.9.1=#0c125068696c406869676872657a2e636f2e756b

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6d:a6:4e:02:82:f6:a1:37:16:f8:ab:f4:9d:cd:1a:5a:b5:62:24:b9
Signer

Actual PE Digest

6d:a6:4e:02:82:f6:a1:37:16:f8:ab:f4:9d:cd:1a:5a:b5:62:24:b9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
SetFileAttributesA
CompareFileTime
SearchPathA
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
Sleep
lstrcmpiA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrcatA
GetSystemDirectoryA
WaitForSingleObject
SetFileTime
CloseHandle
GlobalFree
lstrcmpA
ExpandEnvironmentStringsA
GetExitCodeProcess
GlobalAlloc
GetCommandLineA
GetTempPathA
GetProcAddress
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
ReadFile
FindClose
GetPrivateProfileStringA
WritePrivateProfileStringA
WriteFile
MulDiv
MultiByteToWideChar
LoadLibraryExA
GetModuleHandleA
FreeLibrary

user32

SetCursor
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
EndDialog
ScreenToClient
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetForegroundWindow
GetWindowLongA
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
SetTimer
PostQuitMessage
SetWindowLongA
SendMessageTimeoutA
LoadImageA
wsprintfA
GetDlgItem
FindWindowExA
IsWindow
SetClipboardData
EmptyClipboard
OpenClipboard
EndPaint
CreateDialogParamA
DestroyWindow
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA
ShellExecuteA

advapi32

RegDeleteValueA
SetFileSecurityA
RegOpenKeyExA
RegDeleteKeyA
RegEnumValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ExecCmd.dll
.dll windows:4 windows x86 arch:x86

bf44c9fb48bb8c36b3e2527e7252350d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
OpenProcess
CloseHandle
GetProcAddress
LoadLibraryA
GetVersionExA
GlobalFree
TerminateProcess
GetExitCodeProcess
WaitForSingleObject
Sleep
CreateProcessA
GlobalAlloc
GetExitCodeThread
lstrcpyA
lstrcpynA
CreateThread
lstrcatA
GetEnvironmentVariableA
lstrcmpiA

user32

SendMessageA
EnumWindows
WaitForInputIdle
wsprintfA
GetWindowThreadProcessId

Exports

Exports

exec
wait

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 802B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 142B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

f2ac1ab587d5531d5f1bf76c094aef4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
GlobalAlloc
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 510B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1a57b635b23ffd553b3fd1e0960b2bd

Code Sign

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70Certificate

Extended Key Usages

Key Usages

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2Certificate

Extended Key Usages

Key Usages

5f:40:9f:1e:51:eb:58:16:4c:1e:46:1c:51:a8:29:11Certificate

Extended Key Usages

Key Usages

d0:d5:46:00:f9:09:a9:7f:0c:09:81:99:f7:c8:90:23:99:45:93:8fSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 108KB

.ndata Size: - Virtual size: 52KB

.rsrc Size: 24KB - Virtual size: 24KB

bf44c9fb48bb8c36b3e2527e7252350d

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 802B

.data Size: 512B - Virtual size: 142B

.reloc Size: 512B - Virtual size: 200B

738dc9bb91549f627cf1953c2000e1d6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

fb89301642ac2a39aefdd3cc2610ed81

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

msvcrt

Exports

Exports

Sections

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

5f:40:9f:1e:51:eb:58:16:4c:1e:46:1c:51:a8:29:11
Certificate

d0:d5:46:00:f9:09:a9:7f:0c:09:81:99:f7:c8:90:23:99:45:93:8f
Signer

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 108KB

.ndata
Size: - Virtual size: 52KB

.rsrc
Size: 24KB - Virtual size: 24KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 802B

.data
Size: 512B - Virtual size: 142B

.reloc
Size: 512B - Virtual size: 200B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 732B

.reloc
Size: 512B - Virtual size: 426B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 512B - Virtual size: 510B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 572B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 410B