12bcdb449b0071b8451c4887a87efef9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

12bcdb449b0071b8451c4887a87efef9_JaffaCakes118
Size

5.5MB
MD5

12bcdb449b0071b8451c4887a87efef9
SHA1

34f179932ac93e0bf92c2fd8cd9fd44d479742fe
SHA256

7d93356ce79e5c931bc2951c4284d42fc9210c8e130ffec7833463f3d7aaaa75
SHA512

7be9f14b0535f8b43789136349d6725af474b5ab3820f74928a4ec2bcdd6df4747b8644937908a1a87c7d8e7d88db88505a6954861705077ab2bebdbf8ccc0a8
SSDEEP

98304:l7vDN1vO9D5WE8YvH/UoGPiYaq1g5ox28qHIHic0SKVdIcVOteMO9hLQPZFTXjOF:l7bsfP/FGPEox25Hcwgc8eR9qtOFjeGb

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/$INSTDIR"/bin/"/lame_enc.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/$INSTDIR"/bin/"/lame_enc.dll	upx

Unsigned PE 14 IoCs

Checks for missing Authenticode signature.

resource
12bcdb449b0071b8451c4887a87efef9_JaffaCakes118
unpack001/$INSTDIR"/OpalViewerUninstall.exe"
unpack001/$INSTDIR"/bin/"/$OUTDIR/OpalPreFetchListener.exe
unpack001/$INSTDIR"/bin/"/GdiPlus.dll
unpack001/$INSTDIR"/bin/"/OpalPreFetchListener.exe
unpack001/$INSTDIR"/bin/"/OpalViewer.exe
unpack001/$INSTDIR"/bin/"/OpalWebKicker.dll
unpack001/$INSTDIR"/bin/"/VizMMC.ocx
unpack001/$INSTDIR"/bin/"/WinTail.exe
unpack001/$INSTDIR"/bin/"/lame_enc.dll
unpack002/out.upx
unpack001/$INSTDIR"/bin/"/libxml2.dll
unpack001/$INSTDIR"/bin/"/win32pad.exe
unpack001/$PLUGINSDIR/System.dll

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/$INSTDIR"/OpalViewerUninstall.exe"	nsis_installer_1
static1/unpack001/$INSTDIR"/OpalViewerUninstall.exe"	nsis_installer_2

Files

12bcdb449b0071b8451c4887a87efef9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$INSTDIR"/OpalViewerUninstall.exe"
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$INSTDIR"/bin/"/$OUTDIR/OpalPreFetchListener.exe
.exe windows:4 windows x86 arch:x86

de39dc68941cc6307e3b2590c857a907

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA

user32

wsprintfA

advapi32

RegCloseKey

ole32

OleRun

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 405KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 331KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 68KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$INSTDIR"/bin/"/GdiPlus.dll
.dll windows:5 windows x86 arch:x86

7941976a82dd7ff8b1a2ea069878fab3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetOEMCP
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
InterlockedExchange
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
RaiseException
Sleep
CloseHandle
WriteFile
CreateFileA
WaitForSingleObject
SetEvent
lstrcmpiA
CreateThread
CreateEventA
WideCharToMultiByte
MultiByteToWideChar
GetTickCount
GetSystemDefaultLCID
GetProcAddress
GetModuleHandleW
GetACP
GetVersionExA
VirtualQuery
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
ExitProcess
GetCommandLineA
GetSystemInfo
HeapReAlloc
HeapFree
VirtualAlloc
IsValidLocale
ConvertDefaultLocale
GetLocaleInfoW
GetModuleFileNameW
GetModuleFileNameA
FindResourceA
LoadResource
LockResource
GetProfileIntA
GetProfileStringA
lstrcmpiW
IsDBCSLeadByteEx
LocalReAlloc
MulDiv
SetLastError
LocalAlloc
LocalFree
GetFileTime
SearchPathW
SearchPathA
InterlockedIncrement
CreateSemaphoreA
lstrcpyW
lstrcatW
LoadLibraryW
lstrcpyA
lstrcatA
GetSystemDirectoryA
CreateFileMappingW
ReleaseSemaphore
GetProfileSectionA
CreateFileW
SetEndOfFile
SetFilePointer
ReadFile
UnlockFile
GetFileInformationByHandle
LockFile
FlushFileBuffers
GetLastError
VirtualFree
GlobalAlloc
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GlobalLock
GlobalSize
GlobalUnlock
GlobalFree
HeapCreate
GetModuleHandleA
GetSystemDirectoryW
GetWindowsDirectoryA
FreeLibrary
HeapDestroy
LoadLibraryA

user32

ReleaseDC
LoadBitmapW
LoadBitmapA
wsprintfW
SystemParametersInfoA
GetDC
wsprintfA
GetSysColor
UnregisterClassA
DestroyWindow
GetSystemMetrics
DefWindowProcA
CreateWindowExA
RegisterClassA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageA
GetClientRect
GetDesktopWindow
GetWindowRect
WindowFromDC
CreateIconIndirect
GetIconInfo
ClientToScreen
wvsprintfA
GetDCEx
GetWindowLongA
GetClassLongA

gdi32

GetNearestPaletteIndex
GetDIBColorTable
FillRgn
SetMiterLimit
CreateSolidBrush
StrokePath
GetGraphicsMode
SetPolyFillMode
FillPath
StrokeAndFillPath
GetViewportExtEx
ExtTextOutA
GetTextCharsetInfo
TranslateCharsetInfo
PolylineTo
Polyline
LineTo
GetCurrentPositionEx
ArcTo
SetArcDirection
SelectClipPath
GetPath
CloseFigure
AbortPath
FlattenPath
WidenPath
BeginPath
Ellipse
AngleArc
PolyBezierTo
PolyBezier
RoundRect
PolyDraw
Pie
Chord
Arc
EndPath
OffsetClipRgn
GetRgnBox
CombineRgn
SetPaletteEntries
ResizePalette
ExcludeClipRect
MoveToEx
PlayEnhMetaFile
GetWinMetaFileBits
PlgBlt
BitBlt
OffsetViewportOrgEx
StretchBlt
ScaleViewportExtEx
ScaleWindowExtEx
CombineTransform
SetMapperFlags
CreatePen
CreateDIBitmap
CreatePatternBrush
ExtSelectClipRgn
GetBkMode
GetTextAlign
ModifyWorldTransform
ExtCreateRegion
CreateCompatibleBitmap
GetNearestColor
SetStretchBltMode
StretchDIBits
SetTextAlign
SetTextJustification
PolyPolygon
PlayMetaFileRecord
ExtCreatePen
GetWorldTransform
GetROP2
SetROP2
Rectangle
Polygon
IntersectClipRect
SetBrushOrgEx
GetClipRgn
SelectClipRgn
GetBkColor
GetTextColor
CreatePenIndirect
GetObjectW
DPtoLP
CreateDIBPatternBrushPt
ExtTextOutW
SetBitmapBits
CreateEnhMetaFileW
GdiComment
GetMetaFileW
GetMetaFileA
SaveDC
SetWindowOrgEx
SetViewportOrgEx
SetGraphicsMode
SetWorldTransform
GetEnhMetaFileW
GetEnhMetaFileA
GetEnhMetaFileBits
CopyEnhMetaFileA
CopyMetaFileA
DeleteMetaFile
GetEnhMetaFileHeader
SetMetaFileBitsEx
SetEnhMetaFileBits
CreateEnhMetaFileA
SetMapMode
SetViewportExtEx
SetWindowExtEx
PlayMetaFile
CloseEnhMetaFile
DeleteEnhMetaFile
SetMetaRgn
GetMetaFileBitsEx
EnumMetaFile
EnumEnhMetaFile
PlayEnhMetaFileRecord
RestoreDC
GetStockObject
CreateBitmap
SetTextColor
SetBkColor
SetBkMode
SetDIBits
CreatePalette
GetSystemPaletteEntries
GetSystemPaletteUse
GetDeviceCaps
ExtEscape
GetObjectType
GetPixel
SetDIBColorTable
DeleteObject
SelectPalette
GetTextFaceA
GetTextMetricsA
GetTextFaceW
GetTextMetricsW
EnumFontFamiliesExA
EnumFontFamiliesExW
SelectObject
CreateFontIndirectW
CreateFontIndirectA
GetRegionData
DeleteDC
CreateDCA
CreateICA
CreateRectRgn
GetRandomRgn
LPtoDP
GetWindowExtEx
PolyPolyline
GetWindowOrgEx
GetViewportOrgEx
GetMapMode
SetICMMode
Escape
GetDCOrgEx
GetObjectA
GetCurrentObject
GetDIBits
CreateCompatibleDC
CreateDIBSection
RealizePalette
GetPaletteEntries
GdiFlush
PatBlt
CreateBrushIndirect

ole32

CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal

advapi32

RegSetValueExA
RegCloseKey
RegEnumValueW
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegEnumKeyExA
RegEnumKeyExW
RegCreateKeyExA
RegQueryValueExW
RegSetValueExW
RegEnumValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW

Exports

Exports

GdipAddPathArc
GdipAddPathArcI
GdipAddPathBezier
GdipAddPathBezierI
GdipAddPathBeziers
GdipAddPathBeziersI
GdipAddPathClosedCurve
GdipAddPathClosedCurve2
GdipAddPathClosedCurve2I
GdipAddPathClosedCurveI
GdipAddPathCurve
GdipAddPathCurve2
GdipAddPathCurve2I
GdipAddPathCurve3
GdipAddPathCurve3I
GdipAddPathCurveI
GdipAddPathEllipse
GdipAddPathEllipseI
GdipAddPathLine
GdipAddPathLine2
GdipAddPathLine2I
GdipAddPathLineI
GdipAddPathPath
GdipAddPathPie
GdipAddPathPieI
GdipAddPathPolygon
GdipAddPathPolygonI
GdipAddPathRectangle
GdipAddPathRectangleI
GdipAddPathRectangles
GdipAddPathRectanglesI
GdipAddPathString
GdipAddPathStringI
GdipAlloc
GdipBeginContainer
GdipBeginContainer2
GdipBeginContainerI
GdipBitmapGetPixel
GdipBitmapLockBits
GdipBitmapSetPixel
GdipBitmapSetResolution
GdipBitmapUnlockBits
GdipClearPathMarkers
GdipCloneBitmapArea
GdipCloneBitmapAreaI
GdipCloneBrush
GdipCloneCustomLineCap
GdipCloneFont
GdipCloneFontFamily
GdipCloneImage
GdipCloneImageAttributes
GdipCloneMatrix
GdipClonePath
GdipClonePen
GdipCloneRegion
GdipCloneStringFormat
GdipClosePathFigure
GdipClosePathFigures
GdipCombineRegionPath
GdipCombineRegionRect
GdipCombineRegionRectI
GdipCombineRegionRegion
GdipComment
GdipCreateAdjustableArrowCap
GdipCreateBitmapFromDirectDrawSurface
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromHICON
GdipCreateBitmapFromResource
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateCachedBitmap
GdipCreateCustomLineCap
GdipCreateFont
GdipCreateFontFamilyFromName
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCreateFontFromLogfontW
GdipCreateFromHDC
GdipCreateFromHDC2
GdipCreateFromHWND
GdipCreateFromHWNDICM
GdipCreateHBITMAPFromBitmap
GdipCreateHICONFromBitmap
GdipCreateHalftonePalette
GdipCreateHatchBrush
GdipCreateImageAttributes
GdipCreateLineBrush
GdipCreateLineBrushFromRect
GdipCreateLineBrushFromRectI
GdipCreateLineBrushFromRectWithAngle
GdipCreateLineBrushFromRectWithAngleI
GdipCreateLineBrushI
GdipCreateMatrix
GdipCreateMatrix2
GdipCreateMatrix3
GdipCreateMatrix3I
GdipCreateMetafileFromEmf
GdipCreateMetafileFromFile
GdipCreateMetafileFromStream
GdipCreateMetafileFromWmf
GdipCreateMetafileFromWmfFile
GdipCreatePath
GdipCreatePath2
GdipCreatePath2I
GdipCreatePathGradient
GdipCreatePathGradientFromPath
GdipCreatePathGradientI
GdipCreatePathIter
GdipCreatePen1
GdipCreatePen2
GdipCreateRegion
GdipCreateRegionHrgn
GdipCreateRegionPath
GdipCreateRegionRect
GdipCreateRegionRectI
GdipCreateRegionRgnData
GdipCreateSolidFill
GdipCreateStreamOnFile
GdipCreateStringFormat
GdipCreateTexture
GdipCreateTexture2
GdipCreateTexture2I
GdipCreateTextureIA
GdipCreateTextureIAI
GdipDeleteBrush
GdipDeleteCachedBitmap
GdipDeleteCustomLineCap
GdipDeleteFont
GdipDeleteFontFamily
GdipDeleteGraphics
GdipDeleteMatrix
GdipDeletePath
GdipDeletePathIter
GdipDeletePen
GdipDeletePrivateFontCollection
GdipDeleteRegion
GdipDeleteStringFormat
GdipDisposeImage
GdipDisposeImageAttributes
GdipDrawArc
GdipDrawArcI
GdipDrawBezier
GdipDrawBezierI
GdipDrawBeziers
GdipDrawBeziersI
GdipDrawCachedBitmap
GdipDrawClosedCurve
GdipDrawClosedCurve2
GdipDrawClosedCurve2I
GdipDrawClosedCurveI
GdipDrawCurve
GdipDrawCurve2
GdipDrawCurve2I
GdipDrawCurve3
GdipDrawCurve3I
GdipDrawCurveI
GdipDrawDriverString
GdipDrawEllipse
GdipDrawEllipseI
GdipDrawImage
GdipDrawImageI
GdipDrawImagePointRect
GdipDrawImagePointRectI
GdipDrawImagePoints
GdipDrawImagePointsI
GdipDrawImagePointsRect
GdipDrawImagePointsRectI
GdipDrawImageRect
GdipDrawImageRectI
GdipDrawImageRectRect
GdipDrawImageRectRectI
GdipDrawLine
GdipDrawLineI
GdipDrawLines
GdipDrawLinesI
GdipDrawPath
GdipDrawPie
GdipDrawPieI
GdipDrawPolygon
GdipDrawPolygonI
GdipDrawRectangle
GdipDrawRectangleI
GdipDrawRectangles
GdipDrawRectanglesI
GdipDrawString
GdipEmfToWmfBits
GdipEndContainer
GdipEnumerateMetafileDestPoint
GdipEnumerateMetafileDestPointI
GdipEnumerateMetafileDestPoints
GdipEnumerateMetafileDestPointsI
GdipEnumerateMetafileDestRect
GdipEnumerateMetafileDestRectI
GdipEnumerateMetafileSrcRectDestPoint
GdipEnumerateMetafileSrcRectDestPointI
GdipEnumerateMetafileSrcRectDestPoints
GdipEnumerateMetafileSrcRectDestPointsI
GdipEnumerateMetafileSrcRectDestRect
GdipEnumerateMetafileSrcRectDestRectI
GdipFillClosedCurve
GdipFillClosedCurve2
GdipFillClosedCurve2I
GdipFillClosedCurveI
GdipFillEllipse
GdipFillEllipseI
GdipFillPath
GdipFillPie
GdipFillPieI
GdipFillPolygon
GdipFillPolygon2
GdipFillPolygon2I
GdipFillPolygonI
GdipFillRectangle
GdipFillRectangleI
GdipFillRectangles
GdipFillRectanglesI
GdipFillRegion
GdipFlattenPath
GdipFlush
GdipFree
GdipGetAdjustableArrowCapFillState
GdipGetAdjustableArrowCapHeight
GdipGetAdjustableArrowCapMiddleInset
GdipGetAdjustableArrowCapWidth
GdipGetAllPropertyItems
GdipGetBrushType
GdipGetCellAscent
GdipGetCellDescent
GdipGetClip
GdipGetClipBounds
GdipGetClipBoundsI
GdipGetCompositingMode
GdipGetCompositingQuality
GdipGetCustomLineCapBaseCap
GdipGetCustomLineCapBaseInset
GdipGetCustomLineCapStrokeCaps
GdipGetCustomLineCapStrokeJoin
GdipGetCustomLineCapType
GdipGetCustomLineCapWidthScale
GdipGetDC
GdipGetDpiX
GdipGetDpiY
GdipGetEmHeight
GdipGetEncoderParameterList
GdipGetEncoderParameterListSize
GdipGetFamily
GdipGetFamilyName
GdipGetFontCollectionFamilyCount
GdipGetFontCollectionFamilyList
GdipGetFontHeight
GdipGetFontHeightGivenDPI
GdipGetFontSize
GdipGetFontStyle
GdipGetFontUnit
GdipGetGenericFontFamilyMonospace
GdipGetGenericFontFamilySansSerif
GdipGetGenericFontFamilySerif
GdipGetHatchBackgroundColor
GdipGetHatchForegroundColor
GdipGetHatchStyle
GdipGetHemfFromMetafile
GdipGetImageAttributesAdjustedPalette
GdipGetImageBounds
GdipGetImageDecoders
GdipGetImageDecodersSize
GdipGetImageDimension
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImageFlags
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipGetImageHorizontalResolution
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageRawFormat
GdipGetImageThumbnail
GdipGetImageType
GdipGetImageVerticalResolution
GdipGetImageWidth
GdipGetInterpolationMode
GdipGetLineBlend
GdipGetLineBlendCount
GdipGetLineColors
GdipGetLineGammaCorrection
GdipGetLinePresetBlend
GdipGetLinePresetBlendCount
GdipGetLineRect
GdipGetLineRectI
GdipGetLineSpacing
GdipGetLineTransform
GdipGetLineWrapMode
GdipGetLogFontA
GdipGetLogFontW
GdipGetMatrixElements
GdipGetMetafileDownLevelRasterizationLimit
GdipGetMetafileHeaderFromEmf
GdipGetMetafileHeaderFromFile
GdipGetMetafileHeaderFromMetafile
GdipGetMetafileHeaderFromStream
GdipGetMetafileHeaderFromWmf
GdipGetNearestColor
GdipGetPageScale
GdipGetPageUnit
GdipGetPathData
GdipGetPathFillMode
GdipGetPathGradientBlend
GdipGetPathGradientBlendCount
GdipGetPathGradientCenterColor
GdipGetPathGradientCenterPoint
GdipGetPathGradientCenterPointI
GdipGetPathGradientFocusScales
GdipGetPathGradientGammaCorrection
GdipGetPathGradientPath
GdipGetPathGradientPointCount
GdipGetPathGradientPresetBlend
GdipGetPathGradientPresetBlendCount
GdipGetPathGradientRect
GdipGetPathGradientRectI
GdipGetPathGradientSurroundColorCount
GdipGetPathGradientSurroundColorsWithCount
GdipGetPathGradientTransform
GdipGetPathGradientWrapMode
GdipGetPathLastPoint
GdipGetPathPoints
GdipGetPathPointsI
GdipGetPathTypes
GdipGetPathWorldBounds
GdipGetPathWorldBoundsI
GdipGetPenBrushFill
GdipGetPenColor
GdipGetPenCompoundArray
GdipGetPenCompoundCount
GdipGetPenCustomEndCap
GdipGetPenCustomStartCap
GdipGetPenDashArray
GdipGetPenDashCap197819
GdipGetPenDashCount
GdipGetPenDashOffset
GdipGetPenDashStyle
GdipGetPenEndCap
GdipGetPenFillType
GdipGetPenLineJoin
GdipGetPenMiterLimit
GdipGetPenMode
GdipGetPenStartCap
GdipGetPenTransform
GdipGetPenUnit
GdipGetPenWidth
GdipGetPixelOffsetMode
GdipGetPointCount
GdipGetPropertyCount
GdipGetPropertyIdList
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipGetPropertySize
GdipGetRegionBounds
GdipGetRegionBoundsI
GdipGetRegionData
GdipGetRegionDataSize
GdipGetRegionHRgn
GdipGetRegionScans
GdipGetRegionScansCount
GdipGetRegionScansI
GdipGetRenderingOrigin
GdipGetSmoothingMode
GdipGetSolidFillColor
GdipGetStringFormatAlign
GdipGetStringFormatDigitSubstitution
GdipGetStringFormatFlags
GdipGetStringFormatHotkeyPrefix
GdipGetStringFormatLineAlign
GdipGetStringFormatMeasurableCharacterRangeCount
GdipGetStringFormatTabStopCount
GdipGetStringFormatTabStops
GdipGetStringFormatTrimming
GdipGetTextContrast
GdipGetTextRenderingHint
GdipGetTextureImage
GdipGetTextureTransform
GdipGetTextureWrapMode
GdipGetVisibleClipBounds
GdipGetVisibleClipBoundsI
GdipGetWorldTransform
GdipGraphicsClear
GdipImageForceValidation
GdipImageGetFrameCount
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageRotateFlip
GdipImageSelectActiveFrame
GdipInvertMatrix
GdipIsClipEmpty
GdipIsEmptyRegion
GdipIsEqualRegion
GdipIsInfiniteRegion
GdipIsMatrixEqual
GdipIsMatrixIdentity
GdipIsMatrixInvertible
GdipIsOutlineVisiblePathPoint
GdipIsOutlineVisiblePathPointI
GdipIsStyleAvailable
GdipIsVisibleClipEmpty
GdipIsVisiblePathPoint
GdipIsVisiblePathPointI
GdipIsVisiblePoint
GdipIsVisiblePointI
GdipIsVisibleRect
GdipIsVisibleRectI
GdipIsVisibleRegionPoint
GdipIsVisibleRegionPointI
GdipIsVisibleRegionRect
GdipIsVisibleRegionRectI
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipMeasureCharacterRanges
GdipMeasureDriverString
GdipMeasureString
GdipMultiplyLineTransform
GdipMultiplyMatrix
GdipMultiplyPathGradientTransform
GdipMultiplyPenTransform
GdipMultiplyTextureTransform
GdipMultiplyWorldTransform
GdipNewInstalledFontCollection
GdipNewPrivateFontCollection
GdipPathIterCopyData
GdipPathIterEnumerate
GdipPathIterGetCount
GdipPathIterGetSubpathCount
GdipPathIterHasCurve
GdipPathIterIsValid
GdipPathIterNextMarker
GdipPathIterNextMarkerPath
GdipPathIterNextPathType
GdipPathIterNextSubpath
GdipPathIterNextSubpathPath
GdipPathIterRewind
GdipPlayMetafileRecord
GdipPrivateAddFontFile
GdipPrivateAddMemoryFont
GdipRecordMetafile
GdipRecordMetafileFileName
GdipRecordMetafileFileNameI
GdipRecordMetafileI
GdipRecordMetafileStream
GdipRecordMetafileStreamI
GdipReleaseDC
GdipRemovePropertyItem
GdipResetClip
GdipResetImageAttributes
GdipResetLineTransform
GdipResetPageTransform
GdipResetPath
GdipResetPathGradientTransform
GdipResetPenTransform
GdipResetTextureTransform
GdipResetWorldTransform
GdipRestoreGraphics
GdipReversePath
GdipRotateLineTransform
GdipRotateMatrix
GdipRotatePathGradientTransform
GdipRotatePenTransform
GdipRotateTextureTransform
GdipRotateWorldTransform
GdipSaveAdd
GdipSaveAddImage
GdipSaveGraphics
GdipSaveImageToFile
GdipSaveImageToStream
GdipScaleLineTransform
GdipScaleMatrix
GdipScalePathGradientTransform
GdipScalePenTransform
GdipScaleTextureTransform
GdipScaleWorldTransform
GdipSetAdjustableArrowCapFillState
GdipSetAdjustableArrowCapHeight
GdipSetAdjustableArrowCapMiddleInset
GdipSetAdjustableArrowCapWidth
GdipSetClipGraphics
GdipSetClipHrgn
GdipSetClipPath
GdipSetClipRect
GdipSetClipRectI
GdipSetClipRegion
GdipSetCompositingMode
GdipSetCompositingQuality
GdipSetCustomLineCapBaseCap
GdipSetCustomLineCapBaseInset
GdipSetCustomLineCapStrokeCaps
GdipSetCustomLineCapStrokeJoin

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$INSTDIR"/bin/"/NMSAccessU.exe
.exe windows:4 windows x86 arch:x86

688a278fc0cd04b40cebe10520018d9d

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01-08-1996 00:00

Not After

31-12-2020 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06-08-2003 00:00

Not After

05-08-2013 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:8c:24:a0:c2:7c:57:1a:f6:9f:ba:8f:e5:1d:3c:f5
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

02-05-2008 00:00

Not After

16-04-2009 23:59

Subject

CN=Numedia Soft\, Inc.,OU=SECURE APPLICATION DEVELOPMENT,O=Numedia Soft\, Inc.,L=Dallas,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
SetConsoleCtrlHandler
Sleep
GetModuleFileNameW
FormatMessageW
lstrlenW
SetEvent
CreateEventW
CreateNamedPipeW
ResetEvent
GetLastError
WaitForMultipleObjects
ConnectNamedPipe
ReadFile
WriteFile
DisconnectNamedPipe
CloseHandle
LocalAlloc
LocalFree
HeapFree
HeapAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetStdHandle
GetModuleFileNameA
LoadLibraryA
InitializeCriticalSection
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CreateFileA

advapi32

EqualSid
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
OpenServiceW
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerW
CreateServiceW
CloseServiceHandle
SetServiceStatus
RegisterEventSourceW
ReportEventW
DeregisterEventSource
AllocateAndInitializeSid
GetFileSecurityW
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
GetLengthSid
SetFileSecurityW
SetSecurityDescriptorDacl
AddAccessAllowedAce
AddAce
GetAce
InitializeAcl

shell32

CommandLineToArgvW

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$INSTDIR"/bin/"/NMSDVDXU.dll
.dll regsvr32 windows:4 windows x86 arch:x86

b32d75e61ce1e5d823db461b78bc2cfa

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01-08-1996 00:00

Not After

31-12-2020 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06-08-2003 00:00

Not After

05-08-2013 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:8c:24:a0:c2:7c:57:1a:f6:9f:ba:8f:e5:1d:3c:f5
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

02-05-2008 00:00

Not After

16-04-2009 23:59

Subject

CN=Numedia Soft\, Inc.,OU=SECURE APPLICATION DEVELOPMENT,O=Numedia Soft\, Inc.,L=Dallas,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetThreadLocale
WritePrivateProfileStringW
SetEndOfFile
RtlUnwind
HeapFree
HeapReAlloc
HeapAlloc
VirtualProtect
GetSystemInfo
VirtualQuery
GetCommandLineA
GetProcessHeap
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
CreateThread
ExitProcess
HeapSize
GetStdHandle
GetModuleFileNameA
HeapCreate
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetLocaleInfoA
SetEnvironmentVariableA
SetEnvironmentVariableW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetStringTypeA
GetStringTypeW
CreateFileA
GlobalFlags
GetModuleHandleA
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetCurrentProcessId
FormatMessageW
LocalFree
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GlobalFree
FreeResource
GetFileSize
SetFilePointer
WriteFile
ReadFile
DeleteFileW
ReleaseMutex
CreateMutexW
ResetEvent
SetEvent
FindNextFileW
WideCharToMultiByte
FindClose
GetSystemTimeAsFileTime
GetSystemTime
FindFirstFileW
GetLogicalDrives
FlushFileBuffers
VirtualAlloc
CallNamedPipeW
VirtualFree
GetTempFileNameW
GetTempPathW
InterlockedCompareExchange
IsProcessorFeaturePresent
GetVersionExW
GlobalMemoryStatus
CreateFileW
DeviceIoControl
CreateEventW
WaitForSingleObject
CloseHandle
LoadLibraryW
GetProcAddress
Sleep
GetDriveTypeW
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
SetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetLocalTime
LockResource
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
lstrcmpiW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
RaiseException
GetLastError
GetModuleFileNameW
GetModuleHandleW
lstrlenW
InitializeCriticalSection
InterlockedDecrement
HeapDestroy
InterlockedIncrement

user32

ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
UnregisterClassW
SetCursor
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
GetWindowThreadProcessId
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
CopyRect
GetDlgCtrlID
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamW
GetDlgItem
GetSysColorBrush
DestroyMenu
IsWindowEnabled
GetNextDlgTabItem
SendMessageW
EndDialog
wsprintfW
GetClassInfoExW
LoadCursorW
RegisterClassExW
CreateWindowExW
CallWindowProcW
GetWindowLongW
SetWindowLongW
BeginPaint
GetClientRect
EndPaint
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
UnionRect
PtInRect
GetKeyState
GetParent
GetFocus
IsChild
SetFocus
ShowWindow
IsWindow
LoadIconW
DrawIcon
InvalidateRect
DestroyWindow
DefWindowProcW
GetDC
ReleaseDC
CharNextW
EnableWindow
KillTimer
SetTimer
PostMessageW
UnregisterClassA

gdi32

GetStockObject
ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
RestoreDC
DeleteObject
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateMetaFileW
SetWindowExtEx
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
CreateDCW
GetDeviceCaps
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegEnumKeyW
RegQueryValueExW
RegOpenKeyW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

shlwapi

PathFindExtensionW
PathCombineW
PathFindFileNameW

ole32

CoUninitialize
CoCreateInstance
StringFromGUID2
CreateStreamOnHGlobal
CoMarshalInterface
CoReleaseMarshalData
CoUnmarshalInterface
OleSaveToStream
CoInitialize
OleLoadFromStream
CreateDataAdviseHolder
OleRegGetMiscStatus
CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
WriteClassStm

oleaut32

UnRegisterTypeLi
RegisterTypeLi
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringByteLen
SysAllocString
OleCreatePropertyFrame
VariantChangeType
SysStringByteLen
VariantInit
SysAllocStringLen
VarUI4FromStr
SysFreeString
LoadRegTypeLi
LoadTypeLi
SysStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear

winmm

mmioRead
mmioOpenW
mmioDescend
mmioSeek
mmioAscend
mmioClose

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 760KB - Virtual size: 757KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$INSTDIR"/bin/"/OpalPreFetchListener.exe
.exe windows:4 windows x86 arch:x86

165bff19cac81cca7464d45d5e8dc60f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCloseHandle
InternetReadFile
HttpSendRequestA
InternetSetOptionA
InternetQueryOptionA
HttpOpenRequestA
InternetConnectA
InternetOpenA

libxml2

ord366
ord486
ord386
ord265
ord284
ord755
ord558
ord581
ord388
ord680
ord583
ord684
ord530
ord484
ord489
ord283
ord666
ord667
ord677

gdiplus

GdipDrawLinesI
GdipAddPathLine2I
GdipSetPenColor
GdipSetSolidFillColor
GdipCloneImage
GdipGetImageGraphicsContext
GdipBitmapGetPixel
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipAddPathEllipseI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdiplusStartup
GdiplusShutdown
GdipCombineRegionRectI
GdipDrawImageRectRectI
GdipDrawEllipseI
GdipScaleWorldTransform
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipDrawImageRect
GdipDrawRectangleI
GdipResetWorldTransform
GdipCreateBitmapFromResource
GdipSetImagePalette
GdipGetImagePalette
GdipGetImagePaletteSize
GdipSetMatrixElements
GdipAddPathCurveI
GdipMultiplyWorldTransform
GdipDrawEllipse
GdipAddPathRectangleI
GdipSetPenDashArray
GdipAddPathArcI
GdipDrawArcI
GdipGetPenDashStyle
GdipGetSolidFillColor
GdipDeleteRegion
GdipSetInfinite
GdipCombineRegionRegion
GdipCreateHatchBrush
GdipFillRegion
GdipCreateRegionRectI
GdipDrawPolygonI
GdipFillEllipse
GdipGetSmoothingMode
GdipCreateBitmapFromHBITMAP
GdipGetFontHeight
GdipGetGenericFontFamilyMonospace
GdipDrawArc
GdipGetFamily
GdipGetFontStyle
GdipGetFontSize
GdipGetFontUnit
GdipGraphicsClear
GdipCreateMatrix
GdipLoadImageFromFile
GdipSetEmpty
GdipDrawLine
GdipDeleteMatrix
GdipDeleteBrush
GdipCreateStringFormat
GdipDeleteStringFormat
GdipGetImageDimension
GdipCreateSolidFill
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipAddPathLineI
GdipAddPathPolygonI
GdipSetWorldTransform
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipGetWorldTransform
GdipDrawLineI
GdipFillPolygonI
GdipDrawString
GdipMeasureString
GdipCloneBrush
GdipCreatePen1
GdipDeletePen
GdipCreatePath
GdipDeletePath
GdipCombineRegionRect
GdipCombineRegionPath
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipCreateFont
GdipDeleteFont
GdipSetPenWidth
GdipGetPenWidth
GdipSetPenDashStyle
GdipWidenPath
GdipSetSmoothingMode
GdipFillRectangle
GdipSaveGraphics
GdipRestoreGraphics

snmpapi

SnmpUtilVarBindFree
SnmpUtilOidNCmp
SnmpUtilOidCpy

kernel32

GetTickCount
GetFileSize
CreateFileW
SizeofResource
LockResource
LoadResource
FindResourceA
Sleep
DisconnectNamedPipe
ReadFile
ConnectNamedPipe
GetSystemTimeAsFileTime
SleepEx
FormatMessageA
CreateMutexA
ReleaseMutex
FreeLibrary
GetProcAddress
LoadLibraryA
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
SetEndOfFile
SetFilePointer
HeapReAlloc
WaitForMultipleObjects
GlobalUnlock
GlobalLock
GlobalAlloc
RaiseException
GetModuleFileNameA
CreateDirectoryA
InterlockedCompareExchange
GetVersionExW
AreFileApisANSI
UnlockFile
LockFile
GetFileAttributesA
GetFileAttributesW
DeleteFileW
LoadLibraryW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTime
LockFileEx
GetTempPathA
GetTempPathW
LocalFree
FormatMessageW
GetFullPathNameA
GetFullPathNameW
GetDiskFreeSpaceA
GetDiskFreeSpaceW
FreeResource
GlobalFree
lstrcmpW
SetLastError
ResetEvent
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcmpA
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
MulDiv
CopyFileA
GetUserDefaultLCID
GetModuleFileNameW
FindClose
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
GlobalFlags
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
GetCurrentDirectoryA
GetThreadLocale
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
SystemTimeToFileTime
SetErrorMode
GetFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
ExitProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetTimeFormatA
GetDateFormatA
GetCommandLineA
GetStartupInfoA
GetFileType
GetConsoleCP
GetConsoleMode
ExitThread
GetDriveTypeA
RemoveDirectoryA
HeapSize
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
GetACP
IsValidCodePage
GetTimeZoneInformation
SetHandleCount
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
GetLocaleInfoW
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA
DeleteFileA
MoveFileA
CreateThread
ResumeThread
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetVersionExA
lstrlenA
CompareStringW
CompareStringA
GetVersion
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
GetCurrentThreadId
CreateNamedPipeA
GetModuleHandleA
WaitForSingleObject
HeapAlloc
CreateFileA
GetLastError
WaitNamedPipeA
WriteFile
FlushFileBuffers
GetProcessHeap
HeapFree
SetEvent
CloseHandle
CreateEventA
InterlockedDecrement
SetWaitableTimer
CreateWaitableTimerA
GlobalDeleteAtom

user32

CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
GetWindowThreadProcessId
PostQuitMessage
ValidateRect
TranslateMessage
GetMessageA
SetCursor
RegisterClipboardFormatA
MapDialogRect
SetWindowContextHelpId
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
GetSysColorBrush
CharNextA
CopyAcceleratorTableA
InvalidateRect
InvalidateRgn
SetCapture
ReleaseCapture
GetNextDlgGroupItem
MessageBeep
UnregisterClassA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
IsWindowVisible
UpdateWindow
GetClientRect
GetMenu
GetMenuItemCount
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
CopyRect
GetDlgCtrlID
CallWindowProcA
SetWindowPos
IntersectRect
IsIconic
GetWindowPlacement
GetWindow
GetDesktopWindow
GetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
ReleaseDC
GetDC
IsRectEmpty
OffsetRect
PtInRect
LoadCursorA
SetRectEmpty
MessageBoxIndirectA
MessageBoxA
PeekMessageA
SetRect
PostThreadMessageA
RegisterWindowMessageA
DestroyWindow
RegisterClassExA
DefWindowProcA
SetTimer
SetActiveWindow
GetWindowLongA
SetWindowLongA
CreateWindowExA
SystemParametersInfoA
GetClassNameA
GetWindowRect
SetForegroundWindow
TrackPopupMenu
PostMessageA
GetMenuItemID
LoadMenuA
GetSubMenu
DestroyMenu
SetMenuDefaultItem
IsWindow
KillTimer
CharUpperA
LoadIconA
SendMessageA
EnableWindow
GetCursorPos

gdi32

SelectObject
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
GetDeviceCaps
CreateRectRgnIndirect
SaveDC
RestoreDC
SetMapMode
GetViewportExtEx
GetWindowExtEx
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
GetStockObject
SetViewportExtEx
ExtSelectClipRgn
DeleteObject
DeleteDC
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
GetObjectA
PtVisible

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumKeyA
RegQueryValueA
RegOpenKeyA
RegCloseKey
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA

shell32

Shell_NotifyIconA

comctl32

ord17

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathFindExtensionA

oledlg

ord8

ole32

StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
CoDisconnectObject
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
CoInitializeEx
CoUninitialize
StgOpenStorageOnILockBytes
OleInitialize
CoFreeUnusedLibraries
OleUninitialize

oleaut32

SysStringByteLen
SysAllocStringByteLen
GetErrorInfo
SysFreeString
SysAllocStringLen
VariantClear
LoadTypeLi
VariantChangeType
VariantInit
SysStringLen
VariantCopy
SysAllocString
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy

ws2_32

WSAStartup
WSACleanup
inet_ntoa
send
recv
accept
listen
bind
socket
setsockopt
WSAGetLastError
select
closesocket
htons
htonl

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 405KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 331KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$INSTDIR"/bin/"/OpalViewer.exe
.exe windows:4 windows x86 arch:x86

de39dc68941cc6307e3b2590c857a907

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA

user32

wsprintfA

advapi32

RegCloseKey

ole32

OleRun

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 309KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 292KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 68KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$INSTDIR"/bin/"/OpalWebKicker.dll
.dll regsvr32 windows:4 windows x86 arch:x86

f6a1e0e32f54c926d70d2702e9b70e5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
lstrlenA
lstrcmpiA
GetModuleFileNameA
IsDBCSLeadByte
InterlockedIncrement
InterlockedDecrement
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
SetThreadLocale
GetThreadLocale
OutputDebugStringA
InterlockedExchange
LockResource
FindResourceExA
CloseHandle
CreateFileA
EnterCriticalSection
CompareStringA
CompareStringW
CreateDirectoryA
CreateProcessA
ReadFile
FlushFileBuffers
WriteFile
WaitNamedPipeA
WaitForSingleObject
ReleaseMutex
Sleep
GetFullPathNameA
GetTempPathW
GetFullPathNameW
CreateFileW
GetFileAttributesW
GetFileAttributesA
RaiseException
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
UnlockFile
LockFile
LoadLibraryW
LockFileEx
DeleteFileA
GetSystemTime
GetTempPathA
DeleteFileW
SetEndOfFile
GetFileSize
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetTimeZoneInformation
GetLocaleInfoW
SetEnvironmentVariableA
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
LCMapStringW
LCMapStringA
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetVersionExW
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetACP
GetLocaleInfoA
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
VirtualProtect
VirtualAlloc
GetProcAddress
GetSystemInfo
VirtualQuery
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
VirtualFree
HeapCreate
ExitProcess
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCPInfo
GetOEMCP
IsValidCodePage
GetStringTypeA
GetStringTypeW
SetHandleCount
GetFileType

user32

CharNextA
UnregisterClassA

advapi32

RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA

ole32

CoCreateInstance
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

SysAllocStringLen
VARIANT_UserFree
VARIANT_UserUnmarshal
VARIANT_UserMarshal
VARIANT_UserSize
SysStringLen
SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi
VariantClear
VariantInit

rpcrt4

NdrStubCall2
NdrStubForwardingFunction
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
NdrOleFree
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer2_Release
NdrDllRegisterProxy
NdrDllUnregisterProxy
NdrOleAllocate

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 436KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 4KB - Virtual size: 267B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$INSTDIR"/bin/"/VizMMC.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

e46e2d36e663f8ee53c5780ed52f958e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

hid

HidD_GetAttributes
HidD_GetPreparsedData
HidP_GetCaps
HidD_GetHidGuid
HidD_FreePreparsedData

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

winmm

mixerGetLineInfoA
waveInClose
waveInUnprepareHeader
waveInReset
waveInAddBuffer
waveInStart
waveInPrepareHeader
waveInOpen
mixerClose
mixerOpen
mixerGetLineControlsA
waveInGetNumDevs
waveOutClose
waveOutPrepareHeader
waveOutWrite
waveOutOpen
waveOutGetVolume
waveOutSetVolume
waveOutPause
waveOutGetPosition
waveOutRestart
waveOutReset
waveOutUnprepareHeader
waveOutGetNumDevs
waveOutGetDevCapsA
mixerSetControlDetails
waveInGetDevCapsA

gdiplus

GdipCreateFromHDC
GdipDrawRectangle
GdipFillRectangle
GdipCloneBrush
GdiplusStartup
GdiplusShutdown
GdipCreateLineBrushFromRectWithAngle
GdipCreateSolidFill
GdipDeleteGraphics
GdipDeletePen
GdipCreatePen1
GdipDeleteBrush
GdipDeleteFont
GdipFillRectangleI
GdipDrawString
GdipMeasureString
GdipCreateFontFromLogfontA
GdipDrawCurve
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipCreateFont
GdipAlloc
GdipFree

wininet

InternetOpenA
InternetConnectA
HttpOpenRequestA
InternetQueryOptionA
InternetSetOptionA
InternetReadFile
HttpSendRequestA
InternetCloseHandle

kernel32

GetNativeSystemInfo
GetVersionExA
RaiseException
GetModuleFileNameA
GetModuleHandleA
CreateDirectoryA
DeleteFileA
FreeLibrary
GetProcAddress
LoadLibraryA
GetFileAttributesA
CancelIo
GetOverlappedResult
ReadFile
WriteFile
CreateFileA
MulDiv
ResetEvent
UnmapViewOfFile
TerminateThread
LocalAlloc
LocalFree
MapViewOfFile
CreateFileMappingA
GetFileSize
lstrcpyA
FreeResource
GlobalFree
FormatMessageA
GlobalSize
CopyFileA
SetLastError
IsDBCSLeadByte
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentProcessId
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
ResumeThread
GetModuleFileNameW
GlobalAlloc
InterlockedIncrement
GetUserDefaultLCID
FindClose
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GlobalFlags
GetCPInfo
GetOEMCP
GetThreadLocale
SystemTimeToFileTime
WritePrivateProfileStringA
GetCurrentDirectoryA
MoveFileA
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
GetFullPathNameA
GetShortPathNameA
FindResourceExA
GetFileTime
GetProfileIntA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
GetConsoleCP
GetConsoleMode
GetFileType
HeapReAlloc
VirtualProtect
GetSystemInfo
VirtualQuery
GetTimeFormatA
GetDateFormatA
GetDriveTypeA
GetCommandLineA
ExitProcess
ExitThread
HeapSize
GetTimeZoneInformation
HeapDestroy
HeapCreate
GetStdHandle
GetACP
IsValidCodePage
SetStdHandle
SetHandleCount
GetStartupInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetLocaleInfoW
GetStringTypeA
GetStringTypeW
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA
GlobalLock
GlobalUnlock
GetCurrentThreadId
CreateWaitableTimerA
SetWaitableTimer
CreateNamedPipeA
lstrlenA
CompareStringW
CompareStringA
lstrlenW
GetVersion
MultiByteToWideChar
InterlockedExchange
GetLastError
Beep
GetTickCount
GetLocalTime
SetEvent
HeapAlloc
GetCurrentProcess
DuplicateHandle
CreateSemaphoreA
CreateEventA
VirtualFree
CreateThread
SetThreadPriority
VirtualAlloc
WideCharToMultiByte
Sleep
lstrcmpA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WaitForSingleObject
ReleaseSemaphore
GetProcessHeap
HeapFree
GetSystemTimeAsFileTime
CloseHandle
FindResourceA
LoadResource
LockResource
SizeofResource
InterlockedCompareExchange
WaitForMultipleObjects
GetFileAttributesExA
InterlockedDecrement

user32

DrawTextA
DrawTextExA
GrayStringA
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
InflateRect
DestroyMenu
GetWindowThreadProcessId
CheckMenuItem
EnableMenuItem
ModifyMenuA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
PostQuitMessage
TranslateMessage
SetCursor
SetParent
LoadCursorA
SetRectEmpty
CreateMenu
IsRectEmpty
SetRect
RegisterClipboardFormatA
EnumChildWindows
LockWindowUpdate
UnregisterClassA
GetDialogBaseUnits
GetSysColorBrush
DestroyIcon
GetTabbedTextExtentA
GetDCEx
SetWindowPos
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetFocus
IsChild
GetClassNameA
PtInRect
GetKeyState
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
SendDlgItemMessageA
GetDesktopWindow
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
PeekMessageA
OffsetRect
DrawFocusRect
GetSysColor
GetNextDlgGroupItem
ClientToScreen
TabbedTextOutA
GetWindowLongA
GetDC
SetWindowRgn
DrawEdge
LoadBitmapA
GetCapture
GetCursorPos
KillTimer
GetParent
ValidateRect
ReleaseCapture
SetCapture
UpdateWindow
CharUpperA
RegisterWindowMessageA
MessageBeep
EnableWindow
InvalidateRect
GetClientRect
GetWindowRect
PostMessageA
AppendMenuA
CreatePopupMenu
GetMessageA
PostThreadMessageA
MessageBoxA
SendMessageA
GetClassInfoA
FillRect
ShowWindow
MoveWindow
SetWindowTextA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetForegroundWindow
IsWindowVisible
GetMenu
CreateWindowExA
GetClassInfoExA
SetWindowLongA
RegisterClassA
IsDialogMessageA
AdjustWindowRectEx
ScreenToClient
WindowFromPoint
LoadIconA
EqualRect
CopyRect
GetDlgCtrlID
DefWindowProcA
RemoveMenu
CallWindowProcA

gdi32

CreateBitmap
StretchBlt
GetPixel
CombineRgn
CreateRectRgn
GetObjectA
CreateFontIndirectA
CopyMetaFileA
CreateDCA
GetClipBox
SetBkColor
SetTextColor
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteObject
DeleteDC
CreatePatternBrush
SelectClipRgn
GetStockObject
UnrealizeObject
Rectangle
EnumFontFamiliesExA
GetTextAlign
GetTextMetricsA
DeleteMetaFile
CloseMetaFile
CreateMetaFileA
LPtoDP
DPtoLP
SetRectRgn
PatBlt
CreateRectRgnIndirect
GetTextExtentPoint32A
CreateSolidBrush
CreatePen
SaveDC
RestoreDC
SetBkMode
SetROP2
SetMapMode
MoveToEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegCreateKeyA
RegSetValueExA
RegDeleteValueA
RegSetValueA

shell32

ExtractIconA

comctl32

_TrackMouseEvent

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

ole32

CoCreateInstance
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemFree
ReadFmtUserTypeStg
StringFromCLSID
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleLoadFromStream
ReadClassStm
CreateStreamOnHGlobal
CoDisconnectObject
CreateDataAdviseHolder
OleSaveToStream
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateOleAdviseHolder
CreateDataCache
StringFromGUID2

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
SysAllocStringByteLen
SysStringByteLen
RegisterTypeLi
LoadTypeLi
OleCreatePropertyFrame
SysAllocString
VariantCopy
OleLoadPicture
OleCreateFontIndirect
OleCreatePictureIndirect
LoadRegTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 748KB - Virtual size: 747KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$INSTDIR"/bin/"/WinTail.exe
.exe windows:4 windows x86 arch:x86

0734581ed75e65d67f36a915a7c2097d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameA
GetCommandLineA
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetStdHandle
LoadLibraryA
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
WriteFile
RtlUnwind
HeapFree
CreateProcessA
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetProcAddress
ExitProcess
CreateFileA
GetFileSize
ReadFile
GetVersion
GetStartupInfoA
GetModuleHandleA
GetLastError
CloseHandle
SetLastError
SetFilePointer
VirtualFree
FlushFileBuffers

user32

MessageBoxA
ShowWindow
MoveWindow
LoadIconA
LoadCursorA
RegisterClassExA
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
GetClientRect
BeginPaint
EndPaint
PostQuitMessage
KillTimer
DestroyWindow
DefWindowProcA
DialogBoxParamA
CreateWindowExA
CreateMenu
SetTimer
EndDialog
IsIconic
LockWindowUpdate
SendMessageA
GetWindowPlacement
GetMenuItemInfoA
DeleteMenu
InsertMenuItemA
GetSystemMenu
CheckMenuItem
SetWindowPos
SystemParametersInfoA

gdi32

DeleteObject
CreateFontIndirectA

comdlg32

GetOpenFileNameA
ChooseFontA
GetFileTitleA

advapi32

RegQueryValueExA
RegSetValueExA
RegCloseKey
RegCreateKeyExA

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$INSTDIR"/bin/"/lame_enc.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

beCloseStream
beDeinitStream
beEncodeChunk
beEncodeChunkFloatS16NI
beFlushNoGap
beInitStream
beVersion
beWriteInfoTag
beWriteVBRHeader
lame_close
lame_encode_buffer_interleaved
lame_encode_flush
lame_get_in_samplerate
lame_get_num_channels
lame_get_num_samples
lame_get_out_samplerate
lame_get_scale
lame_get_scale_left
lame_get_scale_right
lame_init
lame_init_params
lame_mp3_tags_fid
lame_set_in_samplerate
lame_set_num_channels
lame_set_num_samples
lame_set_out_samplerate
lame_set_scale
lame_set_scale_left
lame_set_scale_right

Sections

UPX0
Size: - Virtual size: 512KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 152KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 336KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_DATA
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$INSTDIR"/bin/"/libxml2.dll
.dll windows:4 windows x86 arch:x86

40602d21cad0da8eda1b98477c883bd7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetEnvironmentVariableA

msvcrt

_access
_close
_getcwd
_open
_read
_stat
_strdup
_write
_errno
_iob
_snprintf
_vsnprintf
fclose
fflush
fopen
fprintf
fputc
fread
free
frexp
fwrite
getenv
log10
malloc
memcpy
memmove
memset
perror
pow
realloc
sprintf
sscanf
strcat
strchr
strcmp
strcpy
strerror
strncmp
strncpy
strtol
toupper
vfprintf

wsock32

WSAGetLastError
__WSAFDIsSet
bind
connect
gethostbyname
getsockname
getsockopt
htons
listen
ntohs
recv
select
send
socket

Exports

Exports

UTF8ToHtml
UTF8Toisolat1
__docbDefaultSAXHandler
__htmlDefaultSAXHandler
__oldXMLWDcompatibility
__xmlBufferAllocScheme
__xmlDefaultBufferSize
__xmlDefaultSAXHandler
__xmlDefaultSAXLocator
__xmlDoValidityCheckingDefaultValue
__xmlFree
__xmlGenericError
__xmlGenericErrorContext
__xmlGetWarningsDefaultValue
__xmlIndentTreeOutput
__xmlKeepBlanksDefaultValue
__xmlLineNumbersDefaultValue
__xmlLoadExtDtdDefaultValue
__xmlMalloc
__xmlMemStrdup
__xmlParserDebugEntities
__xmlParserVersion
__xmlPedanticParserDefaultValue
__xmlRealloc
__xmlSaveNoEmptyTags
__xmlSubstituteEntitiesDefaultValue
attribute
attributeDecl
cdataBlock
characters
checkNamespace
comment
debugmem_tag_error
docbCreateFileParserCtxt
docbCreatePushParserCtxt
docbDefaultSAXHandler
docbDefaultSAXHandlerInit
docbEncodeEntities
docbFreeParserCtxt
docbParseChunk
docbParseDoc
docbParseDocument
docbParseFile
docbSAXParseDoc
docbSAXParseFile
elementDecl
endDocument
endElement
entityDecl
externalSubset
getColumnNumber
getEntity
getLineNumber
getNamespace
getParameterEntity
getPublicId
getSystemId
globalNamespace
hasExternalSubset
hasInternalSubset
htmlAutoCloseTag
htmlCreateFileParserCtxt
htmlCreatePushParserCtxt
htmlDecodeEntities
htmlDefaultSAXHandler
htmlDefaultSAXHandlerInit
htmlDocContentDumpFormatOutput
htmlDocContentDumpOutput
htmlDocDump
htmlDocDumpMemory
htmlEncodeEntities
htmlEntityLookup
htmlEntityValueLookup
htmlFreeParserCtxt
htmlGetMetaEncoding
htmlHandleOmittedElem
htmlInitAutoClose
htmlIsAutoClosed
htmlIsScriptAttribute
htmlNewDoc
htmlNewDocNoDtD
htmlNodeDump
htmlNodeDumpFile
htmlNodeDumpFileFormat
htmlNodeDumpFormatOutput
htmlNodeDumpOutput
htmlParseCharRef
htmlParseChunk
htmlParseDoc
htmlParseElement
htmlParseEntityRef
htmlParseFile
htmlSAXParseDoc
htmlSAXParseFile
htmlSaveFile
htmlSaveFileEnc
htmlSaveFileFormat
htmlSetMetaEncoding
htmlTagLookup
ignorableWhitespace
initGenericErrorDefaultFunc
initdocbDefaultSAXHandler
inithtmlDefaultSAXHandler
initxmlDefaultSAXHandler
inputPop
inputPush
internalSubset
isStandalone
isolat1ToUTF8
namePop
namePush
namespaceDecl
nodePop
nodePush
notationDecl
oldXMLWDcompatibility
processingInstruction
reference
resolveEntity
setDocumentLocator
setNamespace
startDocument
startElement
unparsedEntityDecl
valuePop
valuePush
xlinkGetDefaultDetect
xlinkGetDefaultHandler
xlinkIsLink
xlinkSetDefaultDetect
xlinkSetDefaultHandler
xmlACatalogAdd
xmlACatalogDump
xmlACatalogRemove
xmlACatalogResolve
xmlACatalogResolvePublic
xmlACatalogResolveSystem
xmlACatalogResolveURI
xmlAddAttributeDecl
xmlAddChild
xmlAddChildList
xmlAddDocEntity
xmlAddDtdEntity
xmlAddElementDecl
xmlAddEncodingAlias
xmlAddID
xmlAddNextSibling
xmlAddNotationDecl
xmlAddPrevSibling
xmlAddRef
xmlAddSibling
xmlAllocOutputBuffer
xmlAllocParserInputBuffer
xmlBoolToText
xmlBufferAdd
xmlBufferAddHead
xmlBufferAllocScheme
xmlBufferCCat
xmlBufferCat
xmlBufferContent
xmlBufferCreate
xmlBufferCreateSize
xmlBufferDump
xmlBufferEmpty
xmlBufferFree
xmlBufferGrow
xmlBufferLength
xmlBufferResize
xmlBufferSetAllocationScheme
xmlBufferShrink
xmlBufferWriteCHAR
xmlBufferWriteChar
xmlBufferWriteQuotedString
xmlBuildURI
xmlCatalogAdd
xmlCatalogAddLocal
xmlCatalogCleanup
xmlCatalogConvert
xmlCatalogDump
xmlCatalogFreeLocal
xmlCatalogGetDefaults
xmlCatalogGetPublic
xmlCatalogGetSystem
xmlCatalogIsEmpty
xmlCatalogLocalResolve
xmlCatalogLocalResolveURI
xmlCatalogRemove
xmlCatalogResolve
xmlCatalogResolvePublic
xmlCatalogResolveSystem
xmlCatalogResolveURI
xmlCatalogSetDebug
xmlCatalogSetDefaultPrefer
xmlCatalogSetDefaults
xmlCharEncCloseFunc
xmlCharEncFirstLine
xmlCharEncInFunc
xmlCharEncOutFunc
xmlCharStrdup
xmlCharStrndup
xmlCheckLanguageID
xmlCheckUTF8
xmlCheckVersion
xmlCleanupCharEncodingHandlers
xmlCleanupEncodingAliases
xmlCleanupInputCallbacks
xmlCleanupOutputCallbacks
xmlCleanupParser
xmlCleanupPredefinedEntities
xmlCleanupThreads
xmlClearNodeInfoSeq
xmlClearParserCtxt
xmlConvertSGMLCatalog
xmlCopyAttributeTable
xmlCopyChar
xmlCopyCharMultiByte
xmlCopyDoc
xmlCopyDtd
xmlCopyElementContent
xmlCopyElementTable
xmlCopyEntitiesTable
xmlCopyEnumeration
xmlCopyNamespace
xmlCopyNamespaceList
xmlCopyNode
xmlCopyNodeList
xmlCopyNotationTable
xmlCopyProp
xmlCopyPropList
xmlCreateDocParserCtxt
xmlCreateEntitiesTable
xmlCreateEntityParserCtxt
xmlCreateEnumeration
xmlCreateFileParserCtxt
xmlCreateIOParserCtxt
xmlCreateIntSubset
xmlCreateMemoryParserCtxt
xmlCreatePushParserCtxt
xmlCreateURI
xmlCurrentChar
xmlDebugDumpAttr
xmlDebugDumpAttrList
xmlDebugDumpDTD
xmlDebugDumpDocument
xmlDebugDumpDocumentHead
xmlDebugDumpEntities
xmlDebugDumpNode
xmlDebugDumpNodeList
xmlDebugDumpOneNode
xmlDebugDumpString
xmlDecodeEntities
xmlDefaultBufferSize
xmlDefaultSAXHandler
xmlDefaultSAXHandlerInit
xmlDefaultSAXLocator
xmlDelEncodingAlias
xmlDetectCharEncoding
xmlDoValidityCheckingDefaultValue
xmlDocCopyNode
xmlDocDump
xmlDocDumpFormatMemory
xmlDocDumpFormatMemoryEnc
xmlDocDumpMemory
xmlDocDumpMemoryEnc
xmlDocGetRootElement
xmlDocSetRootElement
xmlDumpAttributeDecl
xmlDumpAttributeTable
xmlDumpElementDecl
xmlDumpElementTable
xmlDumpEntitiesTable
xmlDumpEntityDecl
xmlDumpNotationDecl
xmlDumpNotationTable
xmlElemDump
xmlEncodeEntities
xmlEncodeEntitiesReentrant
xmlEncodeSpecialChars
xmlFindCharEncodingHandler
xmlFree
xmlFreeAttributeTable
xmlFreeCatalog
xmlFreeDoc
xmlFreeDtd
xmlFreeElementContent
xmlFreeElementTable
xmlFreeEntitiesTable
xmlFreeEnumeration
xmlFreeIDTable
xmlFreeInputStream
xmlFreeMutex
xmlFreeNode
xmlFreeNodeList
xmlFreeNotationTable
xmlFreeNs
xmlFreeNsList
xmlFreeParserCtxt
xmlFreeParserInputBuffer
xmlFreeProp
xmlFreePropList
xmlFreeRMutex
xmlFreeRefTable
xmlFreeURI
xmlGenericError
xmlGenericErrorContext
xmlGenericErrorDefaultFunc
xmlGetBufferAllocationScheme
xmlGetCharEncodingHandler
xmlGetCharEncodingName
xmlGetCompressMode
xmlGetDocCompressMode
xmlGetDocEntity
xmlGetDtdAttrDesc
xmlGetDtdElementDesc
xmlGetDtdEntity
xmlGetDtdNotationDesc
xmlGetDtdQAttrDesc
xmlGetDtdQElementDesc
xmlGetEncodingAlias
xmlGetExternalEntityLoader
xmlGetFeature
xmlGetFeaturesList
xmlGetGlobalState
xmlGetID
xmlGetIntSubset
xmlGetLastChild
xmlGetLineNo
xmlGetNodePath
xmlGetNsList
xmlGetNsProp
xmlGetParameterEntity
xmlGetPredefinedEntity
xmlGetProp
xmlGetRefs
xmlGetThreadId
xmlGetWarningsDefaultValue
xmlHandleEntity
xmlHasNsProp
xmlHasProp
xmlHashAddEntry
xmlHashAddEntry2
xmlHashAddEntry3
xmlHashCopy
xmlHashCreate
xmlHashFree
xmlHashLookup
xmlHashLookup2
xmlHashLookup3
xmlHashRemoveEntry
xmlHashRemoveEntry2
xmlHashRemoveEntry3
xmlHashScan
xmlHashScan3
xmlHashScanFull
xmlHashScanFull3
xmlHashSize
xmlHashUpdateEntry
xmlHashUpdateEntry2
xmlHashUpdateEntry3
xmlIOHTTPOpenW
xmlIOParseDTD
xmlIndentTreeOutput
xmlInitCharEncodingHandlers
xmlInitMemory
xmlInitNodeInfoSeq
xmlInitParser
xmlInitParserCtxt
xmlInitThreads
xmlInitializeCatalog
xmlInitializeGlobalState
xmlInitializePredefinedEntities
xmlIsBaseChar
xmlIsBlank
xmlIsBlankNode
xmlIsChar
xmlIsCombining
xmlIsDigit
xmlIsExtender
xmlIsID
xmlIsIdeographic
xmlIsLetter
xmlIsMainThread
xmlIsMixedElement
xmlIsPubidChar
xmlIsRef
xmlKeepBlanksDefault
xmlKeepBlanksDefaultValue
xmlLineNumbersDefault
xmlLineNumbersDefaultValue
xmlLinkGetData
xmlListAppend
xmlListClear
xmlListCopy
xmlListCreate
xmlListDelete
xmlListDup
xmlListEmpty
xmlListEnd
xmlListFront
xmlListInsert
xmlListMerge
xmlListPopBack
xmlListPopFront
xmlListPushBack
xmlListPushFront
xmlListRemoveAll
xmlListRemoveFirst
xmlListRemoveLast
xmlListReverse
xmlListReverseSearch
xmlListReverseWalk
xmlListSearch
xmlListSize
xmlListSort
xmlListWalk
xmlLoadACatalog
xmlLoadCatalog
xmlLoadCatalogs
xmlLoadExtDtdDefaultValue
xmlLoadExternalEntity
xmlLoadSGMLSuperCatalog
xmlLockLibrary
xmlLsCountNode
xmlLsOneNode
xmlMalloc
xmlMallocBreakpoint
xmlMallocLoc
xmlMemDisplay
xmlMemFree
xmlMemGet
xmlMemMalloc
xmlMemRealloc
xmlMemSetup
xmlMemShow
xmlMemStrdup
xmlMemStrdupLoc
xmlMemUsed
xmlMemoryDump
xmlMemoryStrdup
xmlMutexLock
xmlMutexUnlock
xmlNamespaceParseNCName
xmlNamespaceParseNSDef
xmlNamespaceParseQName
xmlNanoFTPCheckResponse
xmlNanoFTPCleanup
xmlNanoFTPClose
xmlNanoFTPCloseConnection
xmlNanoFTPConnect
xmlNanoFTPConnectTo
xmlNanoFTPCwd
xmlNanoFTPFreeCtxt
xmlNanoFTPGet
xmlNanoFTPGetConnection
xmlNanoFTPGetResponse
xmlNanoFTPGetSocket
xmlNanoFTPInit
xmlNanoFTPList
xmlNanoFTPNewCtxt
xmlNanoFTPOpen
xmlNanoFTPProxy
xmlNanoFTPQuit
xmlNanoFTPRead
xmlNanoFTPScanProxy
xmlNanoFTPUpdateURL
xmlNanoHTTPAuthHeader
xmlNanoHTTPCleanup
xmlNanoHTTPClose
xmlNanoHTTPContentLength
xmlNanoHTTPFetch
xmlNanoHTTPFetchContent
xmlNanoHTTPInit
xmlNanoHTTPMethod
xmlNanoHTTPMethodRedir
xmlNanoHTTPOpen
xmlNanoHTTPOpenRedir
xmlNanoHTTPRead
xmlNanoHTTPReturnCode
xmlNanoHTTPSave
xmlNanoHTTPScanProxy
xmlNewCDataBlock
xmlNewCatalog
xmlNewCharRef
xmlNewChild
xmlNewComment
xmlNewDoc
xmlNewDocComment
xmlNewDocFragment
xmlNewDocNode
xmlNewDocProp
xmlNewDocRawNode
xmlNewDocText
xmlNewDocTextLen
xmlNewDtd
xmlNewElementContent
xmlNewEntityInputStream
xmlNewGlobalNs
xmlNewIOInputStream
xmlNewInputFromFile
xmlNewInputStream

Sections

.text
Size: 455KB - Virtual size: 455KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$INSTDIR"/bin/"/win32pad.exe
.exe windows:4 windows x86 arch:x86

95aa5ebb92f3986d62ff35547e7bad27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

CreateToolbarEx
InitCommonControls
PropertySheetA

comdlg32

ChooseColorA
ChooseFontA
CommDlgExtendedError
FindTextA
GetOpenFileNameA
GetSaveFileNameA
PrintDlgA
ReplaceTextA

gdi32

AbortDoc
CreateFontIndirectA
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteObject
EndDoc
EndPage
GetDeviceCaps
GetObjectA
GetStockObject
GetTextExtentPoint32A
SelectObject
SetBkColor
SetTextColor
StartDocA
StartPage

kernel32

AddAtomA
CloseHandle
CreateDirectoryA
CreateFileA
ExitProcess
FindAtomA
FindClose
FindFirstFileA
FormatMessageA
FreeLibrary
GetAtomNameA
GetCommandLineA
GetDateFormatA
GetFileSize
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetStartupInfoA
GetTimeFormatA
GetVersionExA
GlobalAlloc
GlobalFree
LoadLibraryExA
LocalFree
MulDiv
MultiByteToWideChar
ReadFile
SetEndOfFile
SetFilePointer
SetUnhandledExceptionFilter
VirtualAlloc
VirtualFree
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_access
_cexit
_iob
_itoa
_onexit
_setmode
_stat
abort
atexit
atol
free
malloc
memchr
memset
signal
strchr
strncat
strrchr

shell32

DragAcceptFiles
DragQueryFileA
ShellExecuteA
ShellExecuteExA
Shell_NotifyIconA

shfolder

SHGetFolderPathA

user32

CallWindowProcA
CheckMenuItem
ChildWindowFromPointEx
ClientToScreen
CloseClipboard
CreateWindowExA
DefWindowProcA
DestroyMenu
DestroyWindow
DialogBoxParamA
DispatchMessageA
DrawTextA
EmptyClipboard
EnableMenuItem
EndDialog
FillRect
FindWindowA
FindWindowExA
GetClientRect
GetClipboardData
GetCursorPos
GetDC
GetDlgCtrlID
GetDlgItem
GetDlgItemInt
GetKeyState
GetMenu
GetMenuItemID
GetMessageA
GetParent
GetSubMenu
GetSysColor
GetSysColorBrush
GetUpdateRect
GetWindowPlacement
GetWindowRect
GetWindowTextA
InsertMenuItemA
InvalidateRect
IsDialogMessageA
KillTimer
LoadAcceleratorsA
LoadCursorA
LoadIconA
LoadMenuA
LoadStringA
MessageBeep
MessageBoxA
MoveWindow
OpenClipboard
PostMessageA
PostQuitMessage
RegisterClassA
RegisterWindowMessageA
ReleaseDC
RemoveMenu
ScreenToClient
SendDlgItemMessageA
SendMessageA
SetClipboardData
SetCursor
SetDlgItemInt
SetFocus
SetForegroundWindow
SetMenuItemInfoA
SetScrollPos
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
SystemParametersInfoA
TrackPopupMenu
TranslateAcceleratorA
TranslateMessage
UpdateWindow
ValidateRect
WinHelpA
WindowFromPoint
wsprintfA

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 3KB - Virtual size: 3KB

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 3KB - Virtual size: 3KB

de39dc68941cc6307e3b2590c857a907

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 405KB - Virtual size: 404KB

.data Size: 331KB - Virtual size: 376KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 25KB - Virtual size: 25KB

.adata Size: 68KB - Virtual size: 114KB

7941976a82dd7ff8b1a2ea069878fab3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

advapi32

Exports

Exports

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.data Size: 40KB - Virtual size: 40KB

Shared Size: 4KB - Virtual size: 3KB

.rsrc Size: 72KB - Virtual size: 70KB

.reloc Size: 32KB - Virtual size: 28KB

688a278fc0cd04b40cebe10520018d9d

Code Sign

01Certificate

0aCertificate

Extended Key Usages

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 3KB - Virtual size: 3KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 3KB - Virtual size: 3KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 405KB - Virtual size: 404KB

.data
Size: 331KB - Virtual size: 376KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 25KB - Virtual size: 25KB

.adata
Size: 68KB - Virtual size: 114KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 40KB - Virtual size: 40KB

Shared
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 72KB - Virtual size: 70KB

.reloc
Size: 32KB - Virtual size: 28KB

01
Certificate

0a
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

47:8c:24:a0:c2:7c:57:1a:f6:9f:ba:8f:e5:1d:3c:f5
Certificate

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 176B

01
Certificate

0a
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

47:8c:24:a0:c2:7c:57:1a:f6:9f:ba:8f:e5:1d:3c:f5
Certificate

.text
Size: 760KB - Virtual size: 757KB

.rdata
Size: 232KB - Virtual size: 231KB

.data
Size: 32KB - Virtual size: 46KB

.rsrc
Size: 116KB - Virtual size: 115KB

.reloc
Size: 60KB - Virtual size: 58KB