26e8cb3cc31b8fdcf598746df5a9b1cd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

26e8cb3cc31b8fdcf598746df5a9b1cd_JaffaCakes118
Size

2.4MB
MD5

26e8cb3cc31b8fdcf598746df5a9b1cd
SHA1

e09518bca37daecf08a5ce983fcb50d9b234c817
SHA256

dbf057a2e9e6af3435635d3d7abe649c45eecf6855ca104f259a7398a5341afa
SHA512

c0743e468e2af10f0d87b729c7624b7cab58ad3e98066a8993380eed7e32d0b91531a6ee47509c43c2ef16369ad157470b3cbac6cd8d8861d2f6d928ee67c16c
SSDEEP

49152:K5B0gKAh0uIAxumbF/gEf9WnQYDjrYppaalhhZJPVg6v5SKNAFBTV+N:tgKRuIAtZBWnQ2wL1lHZLvcaGBTgN

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/FaceMaker2.exe	upx

Unsigned PE 10 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ClassicTK.exe
unpack001/FaceMaker2.exe
unpack001/MithiaMapEditor.exe
unpack001/Mp3dec.asi
unpack001/Mss32.dll
unpack001/TKDisplaySelector.exe
unpack001/binkw32.dll
unpack001/dbghelp.dll
unpack001/ddraw.dll
unpack001/libcurl.dll

Files

26e8cb3cc31b8fdcf598746df5a9b1cd_JaffaCakes118
.zip
ClassicTK.exe
.exe windows:5 windows x86 arch:x86

6a8bcb33e41e4ae60e1e40cfab86558d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreate

winmm

timeKillEvent
timeSetEvent
timeGetDevCaps
timeBeginPeriod
timeEndPeriod
midiOutShortMsg
midiOutUnprepareHeader
midiStreamProperty
midiStreamOpen
midiStreamOut
midiStreamStop
midiOutReset
midiStreamRestart
midiStreamPause
midiStreamClose
midiOutPrepareHeader
timeGetTime

wsock32

select
recv
htons
socket
setsockopt
connect
closesocket
send
WSAAsyncSelect
gethostbyname
gethostname
WSAStartup
WSAGetLastError

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

imm32

ImmGetCompositionStringW
ImmGetCandidateListA
ImmGetCompositionStringA
ImmGetCandidateListW
ImmGetConversionStatus
ImmDestroyContext
ImmGetProperty
ImmSetOpenStatus
ImmAssociateContext
ImmReleaseContext
ImmGetContext
ImmCreateContext
ImmGetDefaultIMEWnd
ImmGetOpenStatus
ImmNotifyIME

wininet

InternetCloseHandle
InternetOpenUrlW
HttpQueryInfoW
InternetOpenW
InternetSetCookieA
InternetGetLastResponseInfoA
InternetOpenUrlA
InternetOpenA
InternetSetOptionW
InternetReadFile
InternetQueryDataAvailable

libcurl

curl_easy_setopt
curl_easy_perform
curl_easy_cleanup
curl_global_init
curl_version_info
curl_easy_init

kernel32

IsDebuggerPresent
TerminateProcess
IsProcessorFeaturePresent
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetConsoleCP
GetConsoleMode
HeapSize
HeapCreate
UnhandledExceptionFilter
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCPInfo
LCMapStringW
GetStartupInfoW
HeapSetInformation
GetCommandLineA
FindFirstFileExA
FindFirstFileExW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
ExitThread
GetFullPathNameA
GetDriveTypeW
CloseHandle
OutputDebugStringW
WriteFile
MulDiv
GetLastError
MultiByteToWideChar
GetVersionExW
GetSystemTimeAsFileTime
GetTickCount
GetModuleHandleA
GetCommandLineW
GetVersionExA
GetCurrentProcess
GetProcAddress
GetModuleHandleW
SetProcessWorkingSetSize
GlobalMemoryStatus
CreateMutexA
GetCurrentThreadId
Sleep
SetEvent
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetSystemDirectoryA
lstrlenA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MapViewOfFile
UnmapViewOfFile
SetUnhandledExceptionFilter
VirtualQuery
IsBadWritePtr
GetCurrentThread
GetCurrentDirectoryA
GetLogicalDrives
FindNextFileA
FindFirstFileA
GetACP
FreeLibrary
LoadLibraryA
WaitForSingleObject
ReadFile
GetFileSize
SetEndOfFile
SetFilePointer
GetSystemDirectoryW
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
GlobalHandle
ReleaseMutex
ReleaseSemaphore
GetDriveTypeA
SetCommTimeouts
PurgeComm
SetupComm
SetCommMask
SetCommState
GetCommState
EscapeCommFunction
ClearCommError
ResetEvent
GetOverlappedResult
GetCurrentProcessId
GetExitCodeThread
TerminateThread
SuspendThread
ResumeThread
WaitForMultipleObjects
CreateThread
FatalAppExitW
SetFileAttributesW
GetLocaleInfoW
SetCurrentDirectoryW
GlobalGetAtomNameW
GetWindowsDirectoryW
GetModuleFileNameW
GetCurrentDirectoryW
FormatMessageW
FindFirstFileW
DeleteFileW
CreateDirectoryW
CreateSemaphoreW
CreateFileMappingW
CreateEventW
CreateProcessW
CreateFileW
LoadLibraryW
CreateMutexW
OpenFileMappingW
OpenFileMappingA
CreateFileA
CreateProcessA
CreateEventA
CreateFileMappingA
CreateSemaphoreA
CreateDirectoryA
DeleteFileA
FormatMessageA
GetModuleFileNameA
GetWindowsDirectoryA
GlobalGetAtomNameA
SetCurrentDirectoryA
GetLocaleInfoA
SetFileAttributesA
MoveFileA
GetFileAttributesA
ExitProcess
HeapReAlloc
HeapAlloc
HeapFree
RaiseException
RtlUnwind
DecodePointer
EncodePointer
InterlockedExchange
LocalFree
SetEnvironmentVariableA
GetProcessHeap
WriteConsoleW
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetOEMCP
IsValidCodePage
FlushFileBuffers
GetTimeZoneInformation
CompareStringW
GetStringTypeW
GetFullPathNameW
GetFileInformationByHandle
PeekNamedPipe
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetLocalTime

user32

SetCursor
LoadCursorW
LoadCursorFromFileW
PostMessageA
RegisterClassExA
AdjustWindowRect
DispatchMessageA
GetUpdateRect
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
IsClipboardFormatAvailable
PostThreadMessageW
SendMessageA
PeekMessageA
SendMessageW
PostMessageW
PeekMessageW
LoadIconW
DispatchMessageW
CharUpperBuffW
RegisterClipboardFormatW
CreateWindowExW
RegisterClassW
CreateDialogParamW
FindWindowW
OffsetRect
RegisterClipboardFormatA
CharUpperBuffA
LoadIconA
GetDoubleClickTime
SetCursorPos
GetKeyboardState
MessageBoxA
IsWindowVisible
GetDC
ReleaseDC
LoadCursorA
RegisterClassA
CreateWindowExA
InvalidateRect
SetWindowLongA
GetMessageA
RedrawWindow
SetFocus
PostThreadMessageA
GetWindowLongA
DestroyWindow
BeginPaint
EndPaint
PostQuitMessage
GetAsyncKeyState
GetMessageTime
TrackMouseEvent
SetCapture
GetDesktopWindow
SetForegroundWindow
DefWindowProcW
GetKeyboardLayout
FindWindowA
ToAscii
ClientToScreen
GetClientRect
AdjustWindowRectEx
SetRect
UpdateWindow
ShowWindow
MoveWindow
GetSystemMetrics
GetWindowRect
ReleaseCapture
GetKeyState
MsgWaitForMultipleObjects
TranslateMessage
ClipCursor
ShowCursor
SetWindowPos
SystemParametersInfoW
MessageBoxW
SetWindowLongW
GetWindowLongW
CreateDialogParamA
DefWindowProcA

gdi32

DeleteDC
PatBlt
CreateCompatibleDC
CreateDIBSection
BitBlt
StretchBlt
DeleteObject
SelectObject
GetStockObject

advapi32

RegOpenKeyExW
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegEnumValueA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteKeyW
RegEnumValueW
RegQueryInfoKeyW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegSetValueExW

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteExA
SHGetFolderPathW
ShellExecuteA

ole32

OleInitialize
OleUninitialize
CoUninitialize
CoInitialize
OleRun
CLSIDFromProgID
CLSIDFromString
CoCreateInstance

oleaut32

SafeArrayDestroy
SafeArrayCreate
SysAllocString
VariantInit
VariantClear
SysAllocStringByteLen
SysStringByteLen
GetErrorInfo
SysFreeString

binkw32

_BinkOpenMiles@4
_BinkSetSoundSystem@8
_BinkBufferOpen@16
_BinkGetRects@8
_BinkBufferBlit@12
_BinkNextFrame@4
_BinkBufferGetError@0
_BinkWait@4
_BinkClose@4
_BinkOpen@8
_BinkDoFrame@4
_BinkCopyToBuffer@28
_BinkOpenDirectSound@4
_BinkService@4
_BinkGoto@12
_BinkSetSoundOnOff@8
_BinkBufferUnlock@4
_BinkBufferLock@4

mss32

_AIL_close_digital_driver@4
_AIL_release_all_timers@0
_AIL_set_preference@8
_AIL_release_sample_handle@4
_AIL_set_redist_directory@4
_AIL_startup@0
_AIL_open_digital_driver@16
_AIL_set_DirectSound_HWND@8
_AIL_register_stream_callback@8
_AIL_allocate_sample_handle@4
_AIL_start_stream@4
_AIL_shutdown@0
_AIL_last_error@0
_AIL_open_stream@12
_AIL_set_stream_loop_count@8
_AIL_set_file_callbacks@16
_AIL_redbook_set_volume@8
_AIL_set_stream_volume@8
_AIL_stream_status@4
_AIL_start_sample@4
_AIL_set_sample_volume@8
_AIL_pause_stream@8
_AIL_redbook_pause@4
_AIL_redbook_resume@4
_AIL_redbook_position@4
_AIL_redbook_close@4
_AIL_redbook_stop@4
_AIL_redbook_track_info@16
_AIL_redbook_play@12
_AIL_redbook_open_drive@4
_AIL_redbook_tracks@4
_AIL_set_digital_master_volume@8
_AIL_get_DirectSound_info@12
_AIL_sample_status@4
_AIL_init_sample@4
_AIL_end_sample@4
_AIL_close_stream@4
_AIL_set_sample_file@12

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Cursor/attack.ani
Cursor/normal.ani
Cursor/put.ani
Cursor/select.ani
Cursor/view.ani
FaceMaker2.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 588KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 318KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Meta.dat
MithiaMapEditor.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\andre\Desktop\NTK SHIIT\nexustkpriv\nexustkpriv\mithiamapeditor-master\Aesir5\obj\Debug\MithiaMapEditor.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mp3dec.asi
.dll windows:4 windows x86 arch:x86

113244029ceda204dda9cd578f66b019

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteFile
GetCommandLineA
GetVersion
GetProcAddress
GetModuleHandleA
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
DisableThreadLibraryCalls
HeapAlloc
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
RaiseException
RtlUnwind

mss32

RIB_register_interface
_RIB_provider_library_handle@0
_AIL_mem_free_lock@4
_AIL_mem_alloc_lock@4
_AIL_MMX_available@0
RIB_unregister_interface

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mss32.dll
.dll windows:4 windows x86 arch:x86

8823b40cfbd955ccc79193f76f00d84b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeEnvironmentStringsA
ResumeThread
SuspendThread
WaitForMultipleObjects
ReleaseMutex
WaitForSingleObject
CloseHandle
SetEvent
CreateMutexA
Sleep
SetThreadPriority
CreateThread
CreateEventA
GetModuleHandleA
GetCurrentProcessId
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetProcAddress
QueryPerformanceCounter
QueryPerformanceFrequency
GetVersionExA
OutputDebugStringA
GetProfileStringA
DuplicateHandle
GetCurrentThread
GetCurrentProcess
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
GlobalHandle
WriteFile
CreateFileA
FreeLibrary
LoadLibraryA
SetErrorMode
lstrcatA
SetFilePointer
ReadFile
OpenFile
GetTempPathA
CreateDirectoryA
FindClose
FindNextFileA
FindFirstFileA
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
WideCharToMultiByte
HeapFree
GetLastError
MultiByteToWideChar
LCMapStringA
LCMapStringW
ExitProcess
TerminateProcess
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
RaiseException
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapAlloc
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA

user32

IsWindow
GetActiveWindow
GetWindowThreadProcessId
GetWindowLongA
GetWindow
GetTopWindow
GetForegroundWindow
MessageBoxA
SetTimer
KillTimer
wsprintfA

winmm

timeGetTime
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutGetDevCapsA
waveOutGetID
waveOutOpen
waveOutClose
waveOutReset
waveOutWrite
midiOutLongMsg
midiOutShortMsg
midiOutClose
midiOutReset
midiOutUnprepareHeader
midiOutPrepareHeader
midiOutOpen
auxGetDevCapsA
auxGetNumDevs
mixerClose
mixerGetControlDetailsA
mixerGetLineInfoA
mixerOpen
mixerGetLineControlsA
mixerGetNumDevs
mciSendCommandA
auxGetVolume
auxSetVolume
mixerSetControlDetails
waveInAddBuffer
waveInPrepareHeader
waveInOpen
waveInClose
waveInUnprepareHeader
waveInReset
waveInStart

Exports

Exports

@stream_background@0
AIL_debug_printf
AIL_sprintf
DLSClose
DLSCompactMemory
DLSGetInfo
DLSLoadFile
DLSLoadMemFile
DLSMSSOpen
DLSSetAttribute
DLSUnloadAll
DLSUnloadFile
RIB_alloc_provider_handle
RIB_enumerate_interface
RIB_error
RIB_find_file_provider
RIB_free_provider_handle
RIB_free_provider_library
RIB_load_provider_library
RIB_register_interface
RIB_request_interface
RIB_request_interface_entry
RIB_type_string
RIB_unregister_interface
_AIL_3D_distance_factor@4
_AIL_3D_doppler_factor@4
_AIL_3D_orientation@28
_AIL_3D_position@16
_AIL_3D_provider_attribute@12
_AIL_3D_rolloff_factor@4
_AIL_3D_room_type@4
_AIL_3D_sample_attribute@12
_AIL_3D_sample_cone@16
_AIL_3D_sample_distances@12
_AIL_3D_sample_effects_level@4
_AIL_3D_sample_length@4
_AIL_3D_sample_loop_count@4
_AIL_3D_sample_obstruction@4
_AIL_3D_sample_occlusion@4
_AIL_3D_sample_offset@4
_AIL_3D_sample_playback_rate@4
_AIL_3D_sample_status@4
_AIL_3D_sample_volume@4
_AIL_3D_speaker_type@4
_AIL_3D_user_data@8
_AIL_3D_velocity@16
_AIL_DLS_close@8
_AIL_DLS_compact@4
_AIL_DLS_get_info@12
_AIL_DLS_get_reverb@16
_AIL_DLS_load_file@12
_AIL_DLS_load_memory@12
_AIL_DLS_open@28
_AIL_DLS_set_reverb@16
_AIL_DLS_unload@8
_AIL_HWND@0
_AIL_MIDI_handle_reacquire@4
_AIL_MIDI_handle_release@4
_AIL_MIDI_to_XMI@20
_AIL_MMX_available@0
_AIL_WAV_file_write@20
_AIL_WAV_info@8
_AIL_XMIDI_master_volume@4
_AIL_active_3D_sample_count@4
_AIL_active_sample_count@4
_AIL_active_sequence_count@4
_AIL_allocate_3D_sample_handle@4
_AIL_allocate_file_sample@12
_AIL_allocate_sample_handle@4
_AIL_allocate_sequence_handle@4
_AIL_auto_service_stream@8
_AIL_auto_update_3D_position@8
_AIL_background@0
_AIL_branch_index@8
_AIL_channel_notes@8
_AIL_close_3D_listener@4
_AIL_close_3D_object@4
_AIL_close_3D_provider@4
_AIL_close_XMIDI_driver@4
_AIL_close_digital_driver@4
_AIL_close_filter@4
_AIL_close_input@4
_AIL_close_stream@4
_AIL_compress_ADPCM@12
_AIL_compress_ASI@20
_AIL_compress_DLS@20
_AIL_controller_value@12
_AIL_create_wave_synthesizer@16
_AIL_decompress_ADPCM@12
_AIL_decompress_ASI@24
_AIL_delay@4
_AIL_destroy_wave_synthesizer@4
_AIL_digital_CPU_percent@4
_AIL_digital_configuration@16
_AIL_digital_handle_reacquire@4
_AIL_digital_handle_release@4
_AIL_digital_latency@4
_AIL_digital_master_volume@4
_AIL_end_3D_sample@4
_AIL_end_sample@4
_AIL_end_sequence@4
_AIL_enumerate_3D_provider_attributes@12
_AIL_enumerate_3D_providers@12
_AIL_enumerate_3D_sample_attributes@12
_AIL_enumerate_filter_attributes@12
_AIL_enumerate_filter_sample_attributes@12
_AIL_enumerate_filters@12
_AIL_extract_DLS@28
_AIL_file_error@0
_AIL_file_read@8
_AIL_file_size@4
_AIL_file_type@8
_AIL_file_write@12
_AIL_filter_DLS_attribute@12
_AIL_filter_DLS_with_XMI@24
_AIL_filter_attribute@12
_AIL_filter_sample_attribute@12
_AIL_filter_stream_attribute@12
_AIL_find_DLS@24
_AIL_get_DirectSound_info@12
_AIL_get_input_info@4
_AIL_get_preference@4
_AIL_get_timer_highest_delay@0
_AIL_init_sample@4
_AIL_init_sequence@12
_AIL_last_error@0
_AIL_list_DLS@20
_AIL_list_MIDI@20
_AIL_load_sample_buffer@16
_AIL_lock@0
_AIL_lock_channel@4
_AIL_lock_mutex@0
_AIL_map_sequence_channel@12
_AIL_mem_alloc_lock@4
_AIL_mem_free_lock@4
_AIL_mem_use_free@4
_AIL_mem_use_malloc@4
_AIL_merge_DLS_with_XMI@16
_AIL_midiOutClose@4
_AIL_midiOutOpen@12
_AIL_minimum_sample_buffer_size@12
_AIL_ms_count@0
_AIL_open_3D_listener@4
_AIL_open_3D_object@4
_AIL_open_3D_provider@4
_AIL_open_XMIDI_driver@4
_AIL_open_digital_driver@16
_AIL_open_filter@8
_AIL_open_input@4
_AIL_open_stream@12
_AIL_pause_stream@8
_AIL_primary_digital_driver@4
_AIL_process_digital_audio@24
_AIL_quick_copy@4
_AIL_quick_halt@4
_AIL_quick_handles@12
_AIL_quick_load@4
_AIL_quick_load_and_play@12
_AIL_quick_load_mem@8
_AIL_quick_ms_length@4
_AIL_quick_ms_position@4
_AIL_quick_play@8
_AIL_quick_set_ms_position@8
_AIL_quick_set_reverb@16
_AIL_quick_set_speed@8
_AIL_quick_set_volume@12
_AIL_quick_shutdown@0
_AIL_quick_startup@20
_AIL_quick_status@4
_AIL_quick_type@4
_AIL_quick_unload@4
_AIL_redbook_close@4
_AIL_redbook_eject@4
_AIL_redbook_id@4
_AIL_redbook_open@4
_AIL_redbook_open_drive@4
_AIL_redbook_pause@4
_AIL_redbook_play@12
_AIL_redbook_position@4
_AIL_redbook_resume@4
_AIL_redbook_retract@4
_AIL_redbook_set_volume@8
_AIL_redbook_status@4
_AIL_redbook_stop@4
_AIL_redbook_track@4
_AIL_redbook_track_info@16
_AIL_redbook_tracks@4
_AIL_redbook_volume@4
_AIL_register_3D_EOS_callback@8
_AIL_register_EOB_callback@8
_AIL_register_EOF_callback@8
_AIL_register_EOS_callback@8
_AIL_register_ICA_array@8
_AIL_register_SOB_callback@8
_AIL_register_beat_callback@8
_AIL_register_event_callback@8
_AIL_register_prefix_callback@8
_AIL_register_sequence_callback@8
_AIL_register_stream_callback@8
_AIL_register_timbre_callback@8
_AIL_register_timer@4
_AIL_register_trigger_callback@8
_AIL_release_3D_sample_handle@4
_AIL_release_all_timers@0
_AIL_release_channel@8
_AIL_release_sample_handle@4
_AIL_release_sequence_handle@4
_AIL_release_timer_handle@4
_AIL_request_EOB_ASI_reset@8
_AIL_resume_3D_sample@4
_AIL_resume_sample@4
_AIL_resume_sequence@4
_AIL_sample_buffer_info@20
_AIL_sample_buffer_ready@4
_AIL_sample_granularity@4
_AIL_sample_loop_count@4
_AIL_sample_ms_position@12
_AIL_sample_pan@4
_AIL_sample_playback_rate@4
_AIL_sample_position@4
_AIL_sample_reverb@16
_AIL_sample_status@4
_AIL_sample_user_data@8
_AIL_sample_volume@4
_AIL_send_channel_voice_message@20
_AIL_send_sysex_message@8
_AIL_sequence_loop_count@4
_AIL_sequence_ms_position@12
_AIL_sequence_position@12
_AIL_sequence_status@4
_AIL_sequence_tempo@4
_AIL_sequence_user_data@8
_AIL_sequence_volume@4
_AIL_serve@0
_AIL_service_stream@8
_AIL_set_3D_distance_factor@8
_AIL_set_3D_doppler_factor@8
_AIL_set_3D_orientation@28
_AIL_set_3D_position@16
_AIL_set_3D_provider_preference@12
_AIL_set_3D_rolloff_factor@8
_AIL_set_3D_room_type@8
_AIL_set_3D_sample_cone@16
_AIL_set_3D_sample_distances@12
_AIL_set_3D_sample_effects_level@8
_AIL_set_3D_sample_file@8
_AIL_set_3D_sample_info@8
_AIL_set_3D_sample_loop_block@12
_AIL_set_3D_sample_loop_count@8
_AIL_set_3D_sample_obstruction@8
_AIL_set_3D_sample_occlusion@8
_AIL_set_3D_sample_offset@8
_AIL_set_3D_sample_playback_rate@8
_AIL_set_3D_sample_preference@12
_AIL_set_3D_sample_volume@8
_AIL_set_3D_speaker_type@8
_AIL_set_3D_user_data@12
_AIL_set_3D_velocity@20
_AIL_set_3D_velocity_vector@16
_AIL_set_DLS_processor@12
_AIL_set_DirectSound_HWND@8
_AIL_set_XMIDI_master_volume@8
_AIL_set_digital_driver_processor@12
_AIL_set_digital_master_volume@8
_AIL_set_error@4
_AIL_set_file_async_callbacks@20
_AIL_set_file_callbacks@16
_AIL_set_filter_DLS_preference@12
_AIL_set_filter_preference@12
_AIL_set_filter_sample_preference@12
_AIL_set_filter_stream_preference@12
_AIL_set_input_state@8
_AIL_set_named_sample_file@20
_AIL_set_preference@8
_AIL_set_redist_directory@4
_AIL_set_sample_address@12
_AIL_set_sample_adpcm_block_size@8
_AIL_set_sample_file@12
_AIL_set_sample_loop_block@12
_AIL_set_sample_loop_count@8
_AIL_set_sample_ms_position@8
_AIL_set_sample_pan@8
_AIL_set_sample_playback_rate@8
_AIL_set_sample_position@8
_AIL_set_sample_processor@12
_AIL_set_sample_reverb@16
_AIL_set_sample_type@12
_AIL_set_sample_user_data@12
_AIL_set_sample_volume@8
_AIL_set_sequence_loop_count@8
_AIL_set_sequence_ms_position@8
_AIL_set_sequence_tempo@12
_AIL_set_sequence_user_data@12
_AIL_set_sequence_volume@12
_AIL_set_stream_loop_block@12
_AIL_set_stream_loop_count@8
_AIL_set_stream_ms_position@8
_AIL_set_stream_pan@8
_AIL_set_stream_playback_rate@8
_AIL_set_stream_position@8
_AIL_set_stream_processor@12
_AIL_set_stream_reverb@16
_AIL_set_stream_user_data@12
_AIL_set_stream_volume@8
_AIL_set_timer_divisor@8
_AIL_set_timer_frequency@8
_AIL_set_timer_period@8
_AIL_set_timer_user@8
_AIL_shutdown@0
_AIL_size_processed_digital_audio@16
_AIL_start_3D_sample@4
_AIL_start_all_timers@0
_AIL_start_sample@4
_AIL_start_sequence@4
_AIL_start_stream@4
_AIL_start_timer@4
_AIL_startup@0
_AIL_stop_3D_sample@4
_AIL_stop_all_timers@0
_AIL_stop_sample@4
_AIL_stop_sequence@4
_AIL_stop_timer@4
_AIL_stream_info@20
_AIL_stream_loop_count@4
_AIL_stream_ms_position@12
_AIL_stream_pan@4
_AIL_stream_playback_rate@4
_AIL_stream_position@4
_AIL_stream_reverb@16
_AIL_stream_status@4
_AIL_stream_user_data@8
_AIL_stream_volume@4
_AIL_true_sequence_channel@8
_AIL_unlock@0
_AIL_unlock_mutex@0
_AIL_update_3D_position@8
_AIL_us_count@0
_AIL_waveOutClose@4
_AIL_waveOutOpen@16
_DLSMSSGetCPU@4
_DllMain@12
_RIB_enumerate_providers@12
_RIB_find_file_dec_provider@20
_RIB_find_files_provider@20
_RIB_find_provider@12
_RIB_load_application_providers@4
_RIB_provider_library_handle@0
_RIB_provider_system_data@8
_RIB_provider_user_data@8
_RIB_set_provider_system_data@12
_RIB_set_provider_user_data@12

Sections

.text
Size: 223KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

MSSMIXER
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TKDisplaySelector.exe
.exe windows:4 windows x86 arch:x86

a67bf67540ebc1dd65d526cef4c0be48

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\work\TKtools\TKdisplayselector\release\TKDisplaySelector.pdb

Imports

kernel32

GetStartupInfoW
RtlUnwind
ExitProcess
RaiseException
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetProcessHeap
UnhandledExceptionFilter
IsDebuggerPresent
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
HeapAlloc
HeapFree
GetFileTime
GetFileAttributesW
FileTimeToLocalFileTime
GetTickCount
FileTimeToSystemTime
SetErrorMode
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
lstrlenA
InterlockedIncrement
FormatMessageW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalFree
LocalAlloc
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MulDiv
GetModuleHandleA
InterlockedDecrement
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
GlobalAddAtomW
CloseHandle
GlobalUnlock
lstrlenW
WritePrivateProfileStringW
FreeResource
GlobalFree
GetCurrentProcessId
GetLastError
SetLastError
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
GetModuleFileNameW
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryW
WideCharToMultiByte
CompareStringA
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
GetModuleHandleW
TerminateProcess
GetProcAddress

user32

RegisterClipboardFormatW
PostThreadMessageW
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
CharNextW
ReleaseCapture
SetCapture
LoadCursorW
GetSysColorBrush
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextW
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
UnregisterClassW
DestroyMenu
LoadBitmapW
GetFocus
CharUpperW
MessageBeep
GetCapture
GetNextDlgGroupItem
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetWindowThreadProcessId
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
PostMessageW
PostQuitMessage
SetCursor
DrawIcon
GetClientRect
EnableWindow
GetSystemMetrics
IsIconic
LoadIconW
SendMessageW
GetMessagePos
UnregisterClassA

gdi32

DeleteDC
Escape
GetStockObject
GetDeviceCaps
GetBkColor
GetTextColor
ExtSelectClipRgn
GetRgnBox
GetMapMode
ExtTextOutW
TextOutW
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
CreateRectRgnIndirect
CreateBitmap
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetObjectW
SetBkColor
SetTextColor
GetClipBox
SelectObject

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegDeleteKeyW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

VariantCopy
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString

Sections

.text
Size: 200KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
binkw32.dll
.dll windows:4 windows x86 arch:x86

d9649b742153857e9a4932490d2c3cfe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
QueryPerformanceFrequency
QueryPerformanceCounter
CreateThread
HeapAlloc
HeapFree
RtlUnwind
GetCommandLineA
GetVersion
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
RaiseException
ExitProcess
GetProcAddress
SetErrorMode
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
GetSystemDirectoryA
LoadLibraryA
CloseHandle
FreeLibrary
GetModuleHandleA
SetFilePointer
Sleep
ReadFile
GetWindowsDirectoryA
CreateFileA
GetModuleFileNameA
TerminateProcess
GetCurrentProcess

user32

CreateWindowExA
GetCursorPos
RegisterClassA
ClientToScreen
IsWindowVisible
GetClientRect
GetWindowRect
GetClassLongA
ChangeDisplaySettingsA
GetActiveWindow
GetWindowThreadProcessId
GetWindowLongA
GetWindow
GetTopWindow
PeekMessageA
ScreenToClient
GetDC
GetSystemMetrics
MessageBoxA
ReleaseDC
ShowCursor
BeginPaint
DefWindowProcA
DestroyWindow
SetCursor
EndPaint
UnregisterClassA

winmm

waveOutRestart
waveOutSetVolume
timeGetTime
waveOutUnprepareHeader
waveOutPause
waveOutReset
waveOutPrepareHeader
waveOutWrite
waveOutOpen
waveOutClose

gdi32

SetPixel
GetPixel
GetDeviceCaps
DeleteDC
CreateDIBSection
SelectObject
DeleteObject
GetDIBits
CreateCompatibleDC
StretchBlt
SetStretchBltMode
CreateCompatibleBitmap

Exports

Exports

_BinkBufferBlit@12
_BinkBufferCheckWinPos@12
_BinkBufferClear@8
_BinkBufferClose@4
_BinkBufferGetDescription@4
_BinkBufferGetError@0
_BinkBufferLock@4
_BinkBufferOpen@16
_BinkBufferSetDirectDraw@8
_BinkBufferSetHWND@8
_BinkBufferSetOffset@12
_BinkBufferSetResolution@12
_BinkBufferSetScale@12
_BinkBufferUnlock@4
_BinkCheckCursor@20
_BinkClose@4
_BinkCloseTrack@4
_BinkCopyToBuffer@28
_BinkDDSurfaceType@4
_BinkDoFrame@4
_BinkGetError@0
_BinkGetKeyFrame@12
_BinkGetRealtime@12
_BinkGetRects@8
_BinkGetSummary@8
_BinkGetTrackData@8
_BinkGetTrackID@8
_BinkGetTrackMaxSize@8
_BinkGetTrackType@8
_BinkGoto@12
_BinkIsSoftwareCursor@8
_BinkLogoAddress@0
_BinkNextFrame@4
_BinkOpen@8
_BinkOpenDirectSound@4
_BinkOpenMiles@4
_BinkOpenTrack@8
_BinkOpenWaveOut@4
_BinkPause@8
_BinkRestoreCursor@4
_BinkService@4
_BinkSetError@4
_BinkSetFrameRate@8
_BinkSetIO@4
_BinkSetIOSize@4
_BinkSetPan@8
_BinkSetSimulate@4
_BinkSetSoundOnOff@8
_BinkSetSoundSystem@8
_BinkSetSoundTrack@4
_BinkSetVideoOnOff@8
_BinkSetVolume@8
_BinkWait@4
_ExpandBink@56
_ExpandBundleSizes@8
_RADSetMemory@8
_RADTimerRead@0
_YUV_blit_16a1bpp@52
_YUV_blit_16a1bpp_mask@52
_YUV_blit_16a4bpp@52
_YUV_blit_16a4bpp_mask@52
_YUV_blit_16bpp@48
_YUV_blit_16bpp_mask@48
_YUV_blit_24bpp@48
_YUV_blit_24bpp_mask@48
_YUV_blit_24rbpp@48
_YUV_blit_24rbpp_mask@48
_YUV_blit_32abpp@52
_YUV_blit_32abpp_mask@52
_YUV_blit_32bpp@48
_YUV_blit_32bpp_mask@48
_YUV_blit_32rabpp@52
_YUV_blit_32rabpp_mask@52
_YUV_blit_32rbpp@48
_YUV_blit_32rbpp_mask@48
_YUV_blit_UYVY@48
_YUV_blit_UYVY_mask@48
_YUV_blit_YUY2@48
_YUV_blit_YUY2_mask@48
_YUV_blit_YV12@52
_YUV_init@4
_radfree@4
_radmalloc@4

Sections

.text
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dbghelp.dll
.dll windows:5 windows x86 arch:x86

29ba6cfb5bc74e73404bb0c1dc60e0db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

msvcrt

_onexit
_adjust_fdiv
__dllonexit
_except_handler3
_strlwr
malloc
_initterm
strstr
_ftol
strncmp
_vsnprintf
_ltoa
_itoa
_makepath
tolower
strncat
wcsncpy
sprintf
qsort
free
wcslen
calloc
_splitpath
_mbsnbcpy
time
fflush
_iob
_purecall
_fullpath
_close
_read
_sopen
_memicmp
_open_osfhandle
_lseek
_errno
_write
_chsize
_mbsicmp
_mbsrchr
printf
_access
bsearch
memmove
_mbscmp
_stricmp
_strnicmp
strncpy
strchr

kernel32

WideCharToMultiByte
IsDBCSLeadByte
CopyFileA
GetVersion
FindClose
ReadProcessMemory
VirtualAlloc
OutputDebugStringA
VirtualFree
GetCurrentProcessId
VirtualProtect
lstrcpyA
DuplicateHandle
ExpandEnvironmentStringsA
LoadLibraryA
FreeLibrary
GetFileSize
MapViewOfFile
lstrlenA
CreateFileMappingA
GetProcAddress
GetModuleHandleA
MultiByteToWideChar
GetCurrentProcess
UnmapViewOfFile
GetEnvironmentVariableA
GetFileAttributesA
SetLastError
CloseHandle
CreateFileA
GetFullPathNameA
GetLastError
HeapCreate
HeapDestroy
FindNextFileA
FindFirstFileA
CreateDirectoryA
HeapAlloc
HeapFree
DisableThreadLibraryCalls
GetVersionExA
HeapReAlloc

Exports

Exports

EnumerateLoadedModules
EnumerateLoadedModules64
ExtensionApiVersion
FindDebugInfoFile
FindDebugInfoFileEx
FindExecutableImage
FindExecutableImageEx
FindFileInSearchPath
GetTimestampForLoadedLibrary
ImageDirectoryEntryToData
ImageDirectoryEntryToDataEx
ImageNtHeader
ImageRvaToSection
ImageRvaToVa
ImagehlpApiVersion
ImagehlpApiVersionEx
MakeSureDirectoryPathExists
MapDebugInformation
SearchTreeForFile
StackWalk
StackWalk64
SymCleanup
SymEnumerateModules
SymEnumerateModules64
SymEnumerateSymbols
SymEnumerateSymbols64
SymEnumerateSymbolsW
SymEnumerateSymbolsW64
SymFunctionTableAccess
SymFunctionTableAccess64
SymGetLineFromAddr
SymGetLineFromAddr64
SymGetLineFromName
SymGetLineFromName64
SymGetLineNext
SymGetLineNext64
SymGetLinePrev
SymGetLinePrev64
SymGetModuleBase
SymGetModuleBase64
SymGetModuleInfo
SymGetModuleInfo64
SymGetModuleInfoEx
SymGetModuleInfoEx64
SymGetModuleInfoW
SymGetModuleInfoW64
SymGetOptions
SymGetSearchPath
SymGetSymFromAddr
SymGetSymFromAddr64
SymGetSymFromName
SymGetSymFromName64
SymGetSymNext
SymGetSymNext64
SymGetSymPrev
SymGetSymPrev64
SymGetSymbolInfo
SymGetSymbolInfo64
SymInitialize
SymLoadModule
SymLoadModule64
SymMatchFileName
SymRegisterCallback
SymRegisterCallback64
SymRegisterFunctionEntryCallback
SymRegisterFunctionEntryCallback64
SymSetOptions
SymSetSearchPath
SymUnDName
SymUnDName64
SymUnloadModule
SymUnloadModule64
UnDecorateSymbolName
UnmapDebugInformation
WinDbgExtensionDllInit
sym

Sections

.text
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ddraw.dll
.dll windows:4 windows x86 arch:x86

dbe3f8a06e3e5a04f06173c484fc25ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ws2_32

gethostbyname
inet_addr
ntohs

kernel32

AddAtomA
CloseHandle
CreateSemaphoreA
FindAtomA
GetAtomNameA
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
ReleaseSemaphore
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualProtect
WaitForSingleObject

msvcrt

_write
__dllonexit
__mb_cur_max
_assert
_errno
_isctype
_pctype
abort
fflush
free
malloc
strcmp

user32

MessageBoxA

Exports

Exports

DirectDrawCreate

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 171B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
fix.reg
libcurl.dll
.dll windows:5 windows x86 arch:x86

b4b4d77ea057487014afa74a32dc41da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

recvfrom
sendto
send
select
__WSAFDIsSet
ioctlsocket
listen
accept
WSAStartup
WSACleanup
ntohl
htonl
gethostname
getaddrinfo
freeaddrinfo
WSASetLastError
connect
socket
closesocket
recv
getpeername
getsockopt
htons
bind
ntohs
getsockname
setsockopt
WSAIoctl
WSAGetLastError

wldap32

ord22
ord211
ord143
ord60
ord50
ord26
ord30
ord200
ord32
ord35
ord79
ord33
ord301
ord27
ord41
ord46

kernel32

DisableThreadLibraryCalls
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetStdHandle
GetFileType
WaitForMultipleObjects
PeekNamedPipe
ReadFile
FormatMessageA
Sleep
ExpandEnvironmentStringsA
WaitForSingleObject
CloseHandle
FreeLibrary
LoadLibraryA
GetProcAddress
VerSetConditionMask
QueryPerformanceCounter
VerifyVersionInfoA
GetSystemTimeAsFileTime
SleepEx
GetLastError
SetLastError
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection

advapi32

CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptAcquireContextA
CryptImportKey
CryptReleaseContext
CryptEncrypt
CryptDestroyKey
CryptGenRandom

msvcr100

fputc
_gmtime64
fflush
fwrite
strerror
atoi
fseek
strpbrk
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_getpid
_strdup
_close
_open
_stricmp
_strnicmp
_read
__sys_nerr
_time64
memset
_errno
strncmp
memcpy
_write
strchr
memmove
strrchr
_strtoi64
sscanf
qsort
fclose
fputs
fopen
__iob_func
fgets
islower
isalpha
isupper
isdigit
isprint
isalnum
isgraph
isspace
isxdigit
_mbschr
_mbsnbcpy
_beginthreadex
calloc
realloc
free
malloc
strtoul
_fstat64
_lseeki64
_stat64
fread
strtol
strncpy
strstr
getenv
tolower
memchr
sprintf

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_maprintf
curl_mfprintf
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_version
curl_version_info

Sections

.text
Size: 221KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a8bcb33e41e4ae60e1e40cfab86558d

Headers

DLL Characteristics

File Characteristics

Imports

ddraw

winmm

wsock32

version

imm32

wininet

libcurl

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

binkw32

mss32

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 363KB - Virtual size: 362KB

.data Size: 57KB - Virtual size: 199KB

.rsrc Size: 243KB - Virtual size: 243KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 588KB

UPX1 Size: 318KB - Virtual size: 320KB

.rsrc Size: 8KB - Virtual size: 8KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 89KB - Virtual size: 88KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 12B

113244029ceda204dda9cd578f66b019

Headers

File Characteristics

Imports

kernel32

mss32

Sections

.text Size: 64KB - Virtual size: 64KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 32KB - Virtual size: 60KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 6KB - Virtual size: 6KB

8823b40cfbd955ccc79193f76f00d84b

Headers

File Characteristics

Imports

kernel32

user32

winmm

Exports

Exports

Sections

.text Size: 223KB - Virtual size: 222KB

MSSMIXER Size: 18KB - Virtual size: 17KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 17KB - Virtual size: 41KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 22KB - Virtual size: 21KB

a67bf67540ebc1dd65d526cef4c0be48

Headers

File Characteristics

PDB Paths

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 363KB - Virtual size: 362KB

.data
Size: 57KB - Virtual size: 199KB

.rsrc
Size: 243KB - Virtual size: 243KB

UPX0
Size: - Virtual size: 588KB

UPX1
Size: 318KB - Virtual size: 320KB

.rsrc
Size: 8KB - Virtual size: 8KB

.text
Size: 89KB - Virtual size: 88KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 64KB - Virtual size: 64KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 32KB - Virtual size: 60KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 6KB - Virtual size: 6KB

.text
Size: 223KB - Virtual size: 222KB

MSSMIXER
Size: 18KB - Virtual size: 17KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 17KB - Virtual size: 41KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 22KB - Virtual size: 21KB

.text
Size: 200KB - Virtual size: 198KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 124KB - Virtual size: 121KB

.text
Size: 198KB - Virtual size: 197KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 29KB - Virtual size: 85KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 21KB - Virtual size: 20KB

.text
Size: 149KB - Virtual size: 148KB

.data
Size: 1KB - Virtual size: 8KB

.rsrc
Size: 1024B - Virtual size: 984B

.reloc
Size: 6KB - Virtual size: 5KB

.text
Size: 16KB - Virtual size: 16KB

.data
Size: 1024B - Virtual size: 616B

.rdata
Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 18KB

.edata
Size: 512B - Virtual size: 171B

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB