2a66eb011ff9ba0375347ff420387fd2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a66eb011ff9ba0375347ff420387fd2_JaffaCakes118
Size

1.8MB
MD5

2a66eb011ff9ba0375347ff420387fd2
SHA1

9a35d45f3e0c28286aefc3dc81eb081a7cd5bbf6
SHA256

88764d6379ff302acd420e571f1c8616c0938cc5a99c82ae4d431e5225f75965
SHA512

3f48b52b27fef3ad81f09eecd63d763747fcf9196104aacb47b14ea6d7e4a8338cacffa9a53479edbeb691db30e3975680b6f2c802edae9e567db96836fd3a33
SSDEEP

49152:fSCqpQiEkwLTek5FwzjXo9++taXSkm6RU9ipFccgBNwJ:UpQiFwLb5Fw/eNiRU9Rcg0J

Score

3^/10

Malware Config

Signatures

Unsigned PE 20 IoCs

Checks for missing Authenticode signature.

resource
2a66eb011ff9ba0375347ff420387fd2_JaffaCakes118
unpack001/$PLUGINSDIR/BannerDLL.dll
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/UAC.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/AddonsFramework.Typelib.dll
unpack001/AddonsFramework.Typelib64.dll
unpack001/BackgroundHost.exe
unpack001/BackgroundHost64.exe
unpack001/ButtonSite.dll
unpack001/ButtonSite64.dll
unpack001/IEUpdater.exe
unpack001/IEUpdater64.exe
unpack001/ScriptHost.dll
unpack001/ScriptHost64.dll
unpack001/uninstall.exe
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/UAC.dll
unpack002/$PLUGINSDIR/nsDialogs.dll

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/uninstall.exe	nsis_installer_1
static1/unpack001/uninstall.exe	nsis_installer_2

Files

2a66eb011ff9ba0375347ff420387fd2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/BannerDLL.dll
.dll windows:5 windows x86 arch:x86

fe62ae0342805f96b8dd3ce0d03d153b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdiplus

GdipCreateFromHDC
GdipAlloc
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipDeleteGraphics
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipImageGetFrameDimensionsCount
GdiplusShutdown
GdiplusStartup
GdipCloneImage
GdipLoadImageFromStreamICM
GdipDrawImageRectI
GdipFree
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList

kernel32

DecodePointer
EncodePointer
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedPushEntrySList
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
RaiseException
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
GlobalAlloc
FindResourceA
lstrlenA
GetCurrentThreadId
GetLastError
Sleep
LoadResource
FindResourceW
lstrlenW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
lstrcmpA
MulDiv
WideCharToMultiByte
GetModuleFileNameA
InterlockedIncrement
InterlockedDecrement
GlobalUnlock
GlobalLock
SetLastError
GlobalFree
GlobalHandle
FreeResource
SizeofResource
CreateEventA
SetEvent
ResetEvent
CloseHandle
WaitForSingleObject
ResumeThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LockResource

user32

RegisterClassExA
UnregisterClassA
GetClassInfoExA
IsWindow
GetDesktopWindow
SetFocus
GetFocus
DestroyAcceleratorTable
BeginPaint
EndPaint
CreateAcceleratorTableA
FillRect
ReleaseCapture
GetClassNameA
GetDlgItem
GetParent
IsChild
SetCapture
InvalidateRgn
InvalidateRect
GetWindowTextA
SetWindowTextA
ShowWindow
wsprintfA
MessageBoxA
CreateDialogIndirectParamA
RegisterWindowMessageA
GetWindowTextLengthA
CallWindowProcA
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
GetClientRect
MoveWindow
CharNextA
GetSysColor
EndDialog
MapDialogRect
SendMessageA
SetWindowContextHelpId
GetWindow
SetWindowPos
CreateWindowExA
DefWindowProcA
DestroyWindow
SendDlgItemMessageA
GetWindowLongA
SetWindowLongA
RedrawWindow
LoadCursorA

gdi32

GetDeviceCaps
GetStockObject
GetObjectA
CreateSolidBrush
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject

ole32

StringFromGUID2
OleLockRunning
CoTaskMemAlloc
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CreateStreamOnHGlobal
OleInitialize
OleUninitialize

oleaut32

SysStringLen
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
SysAllocString
SysAllocStringLen
SysFreeString

msvcr100

??_V@YAXPAX@Z
memset
__CxxFrameHandler3
_resetstkoflw
_recalloc
calloc
memcpy_s
_CxxThrowException
malloc
free
??3@YAXPAX@Z
_initterm
_initterm_e
_malloc_crt
_amsg_exit
__CppXcptFilter
_unlock
__dllonexit
_lock
_onexit
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
??_U@YAPAXI@Z
??2@YAPAXI@Z
sprintf_s
memcpy
_beginthreadex
strstr
_except_handler4_common
?terminate@@YAXXZ
__clean_type_info_names_internal
_encoded_null

Exports

Exports

CloseBanner
ShowBanner

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UAC.dll
.dll windows:4 windows x86 arch:x86

ee75cece63794fa22feebed80a358b16

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
GetVersionExA
lstrcmpiA
GetCurrentThreadId
GetProcAddress
GetCommandLineA
UnmapViewOfFile
WaitForSingleObject
GetCurrentProcessId
SetEvent
lstrlenA
SetCurrentDirectoryA
MapViewOfFile
Sleep
OpenProcess
GetExitCodeProcess
GetExitCodeThread
CreateThread
CreateFileMappingA
CreateEventA
GlobalAlloc
CreateProcessA
GetLastError
MultiByteToWideChar
FormatMessageA
LocalFree
GlobalFree
CloseHandle
GetModuleFileNameA
lstrcatA
GetPrivateProfileIntA
GetPrivateProfileStringA
DuplicateHandle
LoadLibraryA

user32

GetClassNameA
SetWindowsHookExA
DispatchMessageA
TranslateMessage
IsDialogMessageA
PeekMessageA
MsgWaitForMultipleObjects
DefWindowProcA
PostMessageA
SetForegroundWindow
CreateWindowExA
GetWindowThreadProcessId
CallWindowProcA
SetWindowPos
GetWindowRect
UnhookWindowsHookEx
CallNextHookEx
CharNextA
DialogBoxParamA
SendMessageW
MessageBoxA
EndDialog
SetWindowLongA
LoadImageA
GetWindowLongA
EnableWindow
ShowWindow
wsprintfA
GetDlgItem
SendMessageA
LoadStringA
DestroyWindow

advapi32

GetUserNameA
OpenSCManagerA
GetTokenInformation
OpenProcessToken
FreeSid
CloseServiceHandle
EqualSid
AllocateAndInitializeSid
OpenThreadToken
AdjustTokenPrivileges
LookupPrivilegeValueA
QueryServiceStatus
OpenServiceA

shell32

ShellExecuteExA

ole32

CoInitialize

Exports

Exports

_

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 898B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/before_install.ini
$PLUGINSDIR/help_page.ini
$PLUGINSDIR/ie9install.bmp
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

1e2884056e655f2b7bc5a904e352fc80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
GetProcessHeap
SetCurrentDirectoryA

user32

GetPropA
DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
RemovePropA
CharPrevA
GetWindowLongA
DrawTextA
GetWindowTextA
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapWindowPoints
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
MapDialogRect
GetClientRect
CharNextA
SendMessageA
DrawFocusRect

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AddonsFramework.Typelib.dll
.dll regsvr32 windows:5 windows x86 arch:x86

840770e3d4f0dd959779a45e1f36a662

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\AddonsFrameworkGit\Internet Explorer\Release\AddonsFramework.pdb

Imports

kernel32

FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
SetThreadLocale
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
GetModuleHandleW
GetProcAddress
GetLastError
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetThreadLocale
lstrlenW
GetStringTypeW
LCMapStringW
LoadLibraryW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
HeapAlloc
HeapFree
RtlUnwind
EncodePointer
DecodePointer
GetCurrentThreadId
GetCommandLineA
ExitProcess
WriteFile
GetStdHandle
HeapCreate
HeapDestroy
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
HeapReAlloc
HeapSize
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
SetHandleCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW

user32

CharNextW

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance

oleaut32

VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AddonsFramework.Typelib64.dll
.dll regsvr32 windows:5 windows x64 arch:x64

e4e0efb6b3a7e79188b6290cc9fe5ce6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\AddonsFrameworkGit\Internet Explorer\x64\Release\AddonsFramework.pdb

Imports

kernel32

FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
GetThreadLocale
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
lstrcmpiW
GetModuleHandleW
GetProcAddress
GetLastError
LeaveCriticalSection
EnterCriticalSection
RaiseException
SetThreadLocale
lstrlenW
GetStringTypeW
LCMapStringW
LoadLibraryW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
HeapAlloc
HeapFree
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
EncodePointer
DecodePointer
GetCurrentThreadId
FlsSetValue
GetCommandLineA
ExitProcess
WriteFile
GetStdHandle
HeapSetInformation
GetVersion
HeapCreate
HeapDestroy
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
TerminateProcess
GetCurrentProcess
FlsGetValue
FlsFree
SetLastError
FlsAlloc
HeapReAlloc
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
SetHandleCount
GetFileType
GetStartupInfoW
GetModuleFileNameA

user32

CharNextW

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance

oleaut32

VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BackgroundHost.exe
.exe windows:5 windows x86 arch:x86

1c984bd80afb4af920a3bac056b154d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\AddonsFrameworkGit\Internet Explorer\Release\BackgroundHost.pdb

Imports

crypt32

CertEnumCertificatesInStore
CertFreeCertificateContext
CertOpenSystemStoreW
CertCloseStore

gdiplus

GdipDrawImageRectI
GdipDeleteBrush
GdipCloneBrush
GdipFree
GdipAlloc
GdipCreatePen1
GdipDeletePen
GdiplusStartup
GdiplusShutdown
GdipCreatePath
GdipDeletePath
GdipClosePathFigure
GdipAddPathLineI
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipSetSmoothingMode
GdipDrawPath
GdipGraphicsClear
GdipFillPath
GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipCreateHBITMAPFromBitmap
GdipCreateSolidFill

wininet

InternetCloseHandle
InternetReadFile
HttpOpenRequestW
InternetQueryOptionW
InternetOpenW
InternetReadFileExW
InternetSetStatusCallbackW
InternetSetOptionW
HttpSendRequestW
HttpQueryInfoW
InternetConnectW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCPInfo
LCMapStringW
GetStartupInfoW
HeapSetInformation
GetSystemTimeAsFileTime
GetLastError
SetLastError
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
GetModuleFileNameW
GetCommandLineW
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleW
Sleep
GetProcAddress
lstrlenW
FreeLibrary
LoadLibraryExW
OutputDebugStringA
LoadLibraryW
GetModuleHandleA
GetFileAttributesW
GetVersion
lstrcmpiW
CloseHandle
CreateThread
CreateEventW
FlushFileBuffers
RaiseException
GetACP
DeleteCriticalSection
SetEvent
InitializeCriticalSectionAndSpinCount
InterlockedIncrement
InterlockedDecrement
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcmpW
MulDiv
FlushInstructionCache
GetCurrentProcess
GlobalFree
GlobalHandle
TerminateThread
IsBadWritePtr
InitializeCriticalSection
IsWow64Process
ReadFile
CreateFileW
LocalFree
LocalAlloc
HeapAlloc
GetProcessHeap
HeapFree
WriteFile
GetTempFileNameW
GetTempPathW
FormatMessageW
HeapDestroy
HeapReAlloc
HeapSize
InterlockedCompareExchange
InterlockedPushEntrySList
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedPopEntrySList
VirtualQuery
GetSystemInfo
VirtualProtect
RtlUnwind
DecodePointer
EncodePointer
InterlockedExchange
GetOEMCP
IsValidCodePage
ExitProcess
GetStdHandle
SetHandleCount
GetFileType
FatalAppExitA
GetConsoleCP
GetConsoleMode
GetCurrentThreadId
SetFilePointer
GetLocaleInfoW
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetConsoleCtrlHandler
WriteConsoleW
SetStdHandle
CreateFileA
WaitForSingleObject
SetEndOfFile

user32

MonitorFromRect
GetMonitorInfoW
OffsetRect
PostMessageW
SetFocus
SendMessageW
GetWindowTextLengthW
PostQuitMessage
CharNextW
CharUpperW
DispatchMessageW
TranslateMessage
DestroyWindow
PostThreadMessageW
DefWindowProcW
SetWindowLongW
GetWindowLongW
CallWindowProcW
IsWindow
LoadCursorW
RegisterWindowMessageW
RegisterClassExW
GetClassInfoExW
SetWindowTextW
GetWindowTextW
MonitorFromWindow
GetWindowRect
SetWindowPos
DestroyAcceleratorTable
GetSysColor
GetWindow
GetFocus
IsChild
UnregisterClassA
GetForegroundWindow
FindWindowExW
CharLowerBuffW
GetWindowDC
UpdateLayeredWindow
ShowWindow
DialogBoxIndirectParamW
SendDlgItemMessageW
MapDialogRect
SetWindowContextHelpId
FillRect
EndDialog
MapWindowPoints
SetTimer
KillTimer
MessageBoxW
CreateDialogIndirectParamW
CreateWindowExW
GetDlgItem
InvalidateRgn
EndPaint
SetCapture
ReleaseCapture
ScreenToClient
ClientToScreen
MoveWindow
CreateAcceleratorTableW
GetDC
ReleaseDC
GetDesktopWindow
GetParent
GetClassNameW
RedrawWindow
GetClientRect
BeginPaint
GetMessageW
InvalidateRect

advapi32

RegCloseKey
IsValidSid
GetSidIdentifierAuthority
OpenProcessToken
GetTokenInformation
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegOpenKeyExW
RegDeleteValueW
RegEnumKeyExW
RegQueryValueExW
GetSidSubAuthority
GetSidSubAuthorityCount

ole32

OleLockRunning
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleInitialize
CreateStreamOnHGlobal
OleUninitialize
StringFromCLSID
CoReleaseServerProcess
CoAddRefServerProcess
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2
CoCreateGuid
CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemFree

shell32

ShellExecuteExW

oleaut32

VarBstrCmp
VarUI1FromStr
VarUI2FromStr
VarUI8FromStr
VarI1FromStr
VarI2FromStr
VarI4FromStr
VarI8FromStr
VarR4FromStr
VarR8FromStr
VarBoolFromStr
VarDecFromStr
VarBstrFromUI1
VarBstrFromUI2
VarBstrFromI4
VarBstrFromI8
VarBstrFromI1
VarBstrFromI2
VarBstrFromR4
VarBstrFromR8
VarBstrFromBool
VarBstrFromDec
VariantChangeType
OleCreateFontIndirect
SysAllocStringByteLen
SysStringByteLen
VariantCopy
SysAllocStringLen
VariantClear
VariantInit
DispCallFunc
LoadRegTypeLi
VarUI4FromStr
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen
RegisterTypeLi

shlwapi

UrlCreateFromPathW
PathRemoveFileSpecW
PathFindFileNameW

gdi32

DeleteDC
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
CreateSolidBrush
GetDeviceCaps
GetObjectW
GetStockObject
BitBlt

urlmon

ObtainUserAgentString

Sections

.text
Size: 534KB - Virtual size: 534KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BackgroundHost64.exe
.exe windows:5 windows x64 arch:x64

928de2cedd6bff075c4a7da05467494a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\AddonsFrameworkGit\Internet Explorer\x64\Release\BackgroundHost.pdb

Imports

crypt32

CertEnumCertificatesInStore
CertFreeCertificateContext
CertOpenSystemStoreW
CertCloseStore

gdiplus

GdipDeleteBrush
GdipCreatePen1
GdipDeletePen
GdipCreatePath
GdipDeletePath
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromScan0
GdipCreateHBITMAPFromBitmap
GdiplusShutdown
GdiplusStartup
GdipCreateSolidFill
GdipClosePathFigure
GdipAddPathLineI
GdipGetImageGraphicsContext
GdipSetSmoothingMode
GdipDrawPath
GdipGraphicsClear
GdipFillPath

wininet

InternetCloseHandle
InternetReadFile
HttpOpenRequestW
InternetQueryOptionW
InternetOpenW
InternetReadFileExW
InternetSetStatusCallbackW
InternetSetOptionW
HttpSendRequestW
HttpQueryInfoW
InternetConnectW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

IsValidCodePage
GetOEMCP
GetACP
TerminateProcess
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapCreate
HeapSetInformation
GetStdHandle
ExitProcess
GetCPInfo
LCMapStringW
WideCharToMultiByte
GetLastError
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
SetLastError
MultiByteToWideChar
lstrlenA
lstrlenW
RaiseException
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetProcAddress
GetModuleHandleW
lstrcmpiW
EnterCriticalSection
LeaveCriticalSection
CloseHandle
WaitForSingleObject
GetModuleFileNameW
Sleep
GetCurrentThreadId
CreateThread
CreateEventW
SetEvent
SetFilePointer
LoadLibraryExW
FlsGetValue
FlushInstructionCache
GetCurrentProcess
GlobalAlloc
lstrcmpW
MulDiv
GlobalUnlock
GlobalLock
GlobalFree
GlobalHandle
TerminateThread
IsBadWritePtr
InitializeCriticalSection
LoadLibraryW
ReadFile
CreateFileW
GetVersion
LocalFree
LocalAlloc
HeapAlloc
GetProcessHeap
HeapFree
GetTempFileNameW
GetTempPathW
WriteFile
FormatMessageW
HeapDestroy
HeapReAlloc
HeapSize
InterlockedPushEntrySList
VirtualFree
VirtualAlloc
InterlockedPopEntrySList
GetStartupInfoW
GetSystemTimeAsFileTime
VirtualQuery
GetSystemInfo
SetThreadStackGuarantee
VirtualProtect
RtlUnwindEx
RtlLookupFunctionEntry
RtlPcToFileHeader
DecodePointer
EncodePointer
FlsSetValue
FlsFree
FlsAlloc
SetHandleCount
GetFileType
GetConsoleCP
GetConsoleMode
GetCommandLineW
FlushFileBuffers
GetLocaleInfoW
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
SetStdHandle
FreeLibrary

user32

CreateWindowExW
MonitorFromRect
OffsetRect
RegisterClassExW
MessageBoxW
CharNextW
CharUpperW
PostQuitMessage
DispatchMessageW
TranslateMessage
GetMessageW
PostThreadMessageW
CallWindowProcW
GetSysColor
DefWindowProcW
GetWindowLongPtrW
SendMessageW
PostMessageW
SetWindowPos
SetFocus
IsWindow
GetClassInfoExW
LoadCursorW
DestroyWindow
GetMonitorInfoW
MonitorFromWindow
GetWindowLongW
SetWindowLongW
MoveWindow
GetClientRect
ClientToScreen
ScreenToClient
GetDC
ReleaseDC
InvalidateRect
InvalidateRgn
UnregisterClassA
GetForegroundWindow
FindWindowExW
CharLowerBuffW
UpdateLayeredWindow
ShowWindow
GetWindowDC
MapDialogRect
SetCapture
SetWindowContextHelpId
EndDialog
MapWindowPoints
SendDlgItemMessageW
SetTimer
KillTimer
RedrawWindow
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
CreateAcceleratorTableW
GetFocus
GetWindow
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
FillRect
ReleaseCapture
GetClassNameW
GetDlgItem
GetParent
IsChild
SetWindowLongPtrW
GetWindowRect
CreateDialogIndirectParamW

advapi32

RegOpenKeyExW
IsValidSid
GetSidIdentifierAuthority
OpenProcessToken
GetTokenInformation
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueExW
GetSidSubAuthority
GetSidSubAuthorityCount

ole32

StringFromCLSID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
CoCreateGuid
CoReleaseServerProcess
CoAddRefServerProcess
CoCreateInstance
StringFromGUID2
CoUninitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoInitialize

shell32

ShellExecuteExW

oleaut32

VarDecFromStr
SysStringLen
SysFreeString
SysAllocString
VarBstrFromUI1
VarBstrFromUI2
VarBstrFromI4
VarBstrFromI8
VarBstrFromI1
VarBstrFromI2
VarBstrFromR4
VarBstrFromR8
VarBstrFromBool
VarBstrFromDec
VarUI1FromStr
VarUI2FromStr
VarUI8FromStr
VarI1FromStr
VarI2FromStr
VarI4FromStr
VarI8FromStr
VarR4FromStr
VarR8FromStr
VarBoolFromStr
VariantChangeType
OleCreateFontIndirect
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
VariantCopy
VarBstrCmp
LoadRegTypeLi
DispCallFunc
VariantInit
VariantClear
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi

shlwapi

PathRemoveFileSpecW
UrlCreateFromPathW
PathFindFileNameW

gdi32

DeleteObject
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateSolidBrush
GetObjectW
GetStockObject
SelectObject

urlmon

ObtainUserAgentString

Sections

.text
Size: 322KB - Virtual size: 321KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ButtonSite.dll
.dll regsvr32 windows:5 windows x86 arch:x86

65a541ef6021bd6628416168003553b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\AddonsFrameworkGit\Internet Explorer\Release\ButtonSite.pdb

Imports

comctl32

ImageList_SetImageCount
ImageList_GetImageCount
ImageList_ReplaceIcon

uxtheme

IsThemeActive

kernel32

VirtualAllocEx
WriteProcessMemory
VirtualFreeEx
CreateRemoteThread
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
GetCurrentProcessId
TerminateThread
FreeLibrary
LoadLibraryExW
MultiByteToWideChar
lstrlenW
RaiseException
SetThreadLocale
GetThreadLocale
lstrcmpiW
InitializeCriticalSection
WideCharToMultiByte
CreateFileW
LoadLibraryW
ReadFile
LocalAlloc
HeapAlloc
OpenProcess
HeapFree
WriteConsoleW
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStartupInfoW
GetFileType
SetHandleCount
GetStringTypeW
HeapCreate
IsValidCodePage
GetOEMCP
GetACP
GetVersion
CreateEventW
SetEvent
WaitForSingleObject
CreateThread
GetModuleFileNameW
GetProcessHeap
GetProcAddress
GetModuleHandleW
CloseHandle
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
FlushInstructionCache
GetModuleHandleExW
DeleteCriticalSection
InterlockedDecrement
InterlockedIncrement
GetCurrentProcess
GetLastError
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetLocaleInfoW
GetStdHandle
WriteFile
ExitProcess
FlushFileBuffers
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCPInfo
LCMapStringW
RtlUnwind
GetCommandLineA
GetCurrentThreadId
Sleep
DecodePointer
EncodePointer
HeapSize
HeapReAlloc
HeapDestroy
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedCompareExchange
LoadLibraryA
InterlockedExchange

user32

SendMessageW
SetWindowLongW
LoadIconW
FindWindowExW
PostMessageW
GetWindow
DefWindowProcW
IsWindow
InvalidateRect
CharLowerBuffW
DestroyIcon
MapWindowPoints
CharNextW
SetWindowPos
GetWindowRect
GetParent
KillTimer
DrawTextW
CallWindowProcW
GetWindowThreadProcessId
GetMessageW
PeekMessageW
PostThreadMessageW
SetTimer
GetWindowLongW

gdi32

SetBkMode
SetBkColor
SelectObject
DeleteDC
DeleteObject
CreateFontW
SetTextColor

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
OpenProcessToken

ole32

StringFromGUID2
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoUninitialize

oleaut32

VariantClear
SysStringByteLen
VariantCopy
VariantChangeType
VariantInit
RegisterTypeLi
VarUI4FromStr
UnRegisterTypeLi
LoadTypeLi
SysStringLen
SysAllocString
SysFreeString
SysAllocStringByteLen

shlwapi

PathRemoveFileSpecW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ButtonSite64.dll
.dll regsvr32 windows:5 windows x64 arch:x64

e83e12e6a0bcf46e65496f4fbd5da111

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\AddonsFrameworkGit\Internet Explorer\x64\Release\ButtonSite.pdb

Imports

comctl32

ImageList_SetImageCount
ImageList_GetImageCount
ImageList_ReplaceIcon

uxtheme

IsThemeActive

kernel32

VirtualFreeEx
CreateRemoteThread
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
GetCurrentProcessId
TerminateThread
FreeLibrary
LoadLibraryExW
MultiByteToWideChar
lstrlenW
RaiseException
SetThreadLocale
GetThreadLocale
lstrcmpiW
InitializeCriticalSection
WideCharToMultiByte
CreateFileW
LoadLibraryW
ReadFile
LocalAlloc
HeapAlloc
GetProcessHeap
HeapFree
WriteProcessMemory
WriteConsoleW
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStartupInfoW
GetFileType
SetHandleCount
GetStringTypeW
HeapCreate
HeapSetInformation
IsValidCodePage
GetOEMCP
GetACP
VirtualAllocEx
OpenProcess
GetVersion
CreateEventW
SetEvent
WaitForSingleObject
CreateThread
GetModuleFileNameW
GetProcAddress
GetModuleHandleW
CloseHandle
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
FlushInstructionCache
GetModuleHandleExW
DeleteCriticalSection
GetCurrentProcess
GetLastError
FlsAlloc
SetLastError
FlsFree
FlsGetValue
GetLocaleInfoW
GetStdHandle
WriteFile
ExitProcess
RtlCaptureContext
RtlVirtualUnwind
FlushFileBuffers
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCPInfo
LCMapStringW
RtlUnwindEx
RtlLookupFunctionEntry
RtlPcToFileHeader
GetCommandLineA
FlsSetValue
GetCurrentThreadId
Sleep
DecodePointer
EncodePointer
HeapSize
HeapReAlloc
HeapDestroy
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
InterlockedPushEntrySList
LoadLibraryA

user32

SendMessageW
SetWindowLongPtrW
LoadIconW
FindWindowExW
PostMessageW
GetWindow
DefWindowProcW
IsWindow
InvalidateRect
CharLowerBuffW
DestroyIcon
MapWindowPoints
CharNextW
SetWindowPos
GetWindowRect
GetParent
KillTimer
DrawTextW
CallWindowProcW
GetWindowThreadProcessId
GetMessageW
PeekMessageW
PostThreadMessageW
SetTimer
GetWindowLongPtrW

gdi32

SetBkMode
SetBkColor
SelectObject
DeleteObject
CreateFontW
SetTextColor

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
OpenProcessToken

ole32

StringFromGUID2
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoUninitialize

oleaut32

SysStringByteLen
VariantClear
VariantCopy
VariantChangeType
VariantInit
RegisterTypeLi
VarUI4FromStr
UnRegisterTypeLi
LoadTypeLi
SysStringLen
SysAllocString
SysFreeString
SysAllocStringByteLen

shlwapi

PathRemoveFileSpecW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IEUpdater.exe
.exe windows:5 windows x86 arch:x86

0959379c21a5181cd44afe75c838111f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\AddonsFrameworkGit\Internet Explorer\Release\IEUpdater.pdb

Imports

crypt32

CertOpenSystemStoreW
CertEnumCertificatesInStore
CertFreeCertificateContext
CertCloseStore

wininet

InternetSetOptionW
InternetOpenW
InternetConnectW
HttpOpenRequestW
InternetReadFile
InternetCloseHandle
InternetQueryOptionW
HttpSendRequestW
HttpQueryInfoW

kernel32

FindResourceExW
GetModuleFileNameW
CloseHandle
ReleaseMutex
GetTempPathW
CreateMutexW
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentThreadId
RaiseException
FlushInstructionCache
GetCurrentProcess
lstrlenW
lstrcmpW
MulDiv
EnterCriticalSection
GlobalFree
GlobalHandle
LeaveCriticalSection
Sleep
GetVersionExW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
WaitForSingleObject
OpenProcess
GetConsoleMode
GetConsoleCP
GetFileType
SetHandleCount
GetStdHandle
WriteFile
ExitProcess
IsValidCodePage
GetOEMCP
GetACP
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
HeapCreate
LoadLibraryW
GetProcAddress
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCPInfo
LCMapStringW
GetStartupInfoW
HeapSetInformation
GetCommandLineW
RtlUnwind
DecodePointer
EncodePointer
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedCompareExchange
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
SetFilePointer
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
LoadResource
LockResource
SizeofResource
FindResourceW
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
SetLastError
GetLastError
SetEndOfFile
CreateFileW
SetStdHandle
WriteConsoleW
VirtualQuery
FreeLibrary
IsValidLocale
GetStringTypeW
ReadFile

user32

PostMessageW
FindWindowW
AdjustWindowRectEx
DrawTextW
PostQuitMessage
GetMenu
MapWindowPoints
GetMonitorInfoW
MonitorFromWindow
GetWindowRect
CreateDialogIndirectParamW
CallWindowProcW
GetDlgItem
InvalidateRgn
InvalidateRect
SetCapture
ReleaseCapture
ScreenToClient
ClientToScreen
MoveWindow
CreateAcceleratorTableW
GetDC
UnregisterClassA
CharNextW
GetParent
GetClassNameW
RedrawWindow
IsWindow
GetClientRect
BeginPaint
FillRect
EndPaint
IsChild
SetFocus
GetFocus
GetSysColor
DestroyAcceleratorTable
SendMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetWindowLongW
DefWindowProcW
RegisterWindowMessageW
GetClassInfoExW
LoadCursorW
RegisterClassExW
SetWindowContextHelpId
SendDlgItemMessageW
ShowWindow
SetWindowPos
CreateWindowExW
SetWindowLongW
EndDialog
DestroyWindow
MapDialogRect
GetWindow
GetDesktopWindow
SetForegroundWindow
GetMessageW
DispatchMessageW
ReleaseDC

gdi32

GetStockObject
GetObjectW
GetDeviceCaps
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC

advapi32

OpenProcessToken
CheckTokenMembership
AllocateAndInitializeSid
CreateWellKnownSid
DuplicateToken
FreeSid
GetTokenInformation

shell32

ShellExecuteExW

ole32

CoCreateInstance
CreateStreamOnHGlobal
CoUninitialize
OleUninitialize
OleInitialize
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
StringFromGUID2
CoTaskMemAlloc
OleLockRunning
CoInitialize

oleaut32

SysAllocString
SysAllocStringByteLen
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantInit
SysStringLen
SysAllocStringLen
VariantClear
SysStringByteLen
SysFreeString

shlwapi

PathRemoveFileSpecW

Sections

.text
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IEUpdater64.exe
.exe windows:5 windows x64 arch:x64

5094db6002a26c366b1df8a68a443eb4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\AddonsFrameworkGit\Internet Explorer\x64\Release\IEUpdater.pdb

Imports

crypt32

CertOpenSystemStoreW
CertEnumCertificatesInStore
CertFreeCertificateContext
CertCloseStore

wininet

InternetQueryOptionW
InternetOpenW
InternetConnectW
HttpOpenRequestW
InternetReadFile
InternetCloseHandle
InternetSetOptionW
HttpSendRequestW
HttpQueryInfoW

kernel32

FindResourceExW
GetModuleFileNameW
CloseHandle
ReleaseMutex
GetTempPathW
CreateMutexW
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentThreadId
RaiseException
FlushInstructionCache
GetCurrentProcess
lstrlenW
lstrcmpW
MulDiv
EnterCriticalSection
GlobalFree
GlobalHandle
LeaveCriticalSection
Sleep
GetVersionExW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
WaitForSingleObject
OpenProcess
GetConsoleMode
GetConsoleCP
GetFileType
SetHandleCount
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleW
IsValidCodePage
GetOEMCP
GetACP
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
HeapCreate
GetVersion
HeapSetInformation
LoadLibraryW
GetProcAddress
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCPInfo
LCMapStringW
GetStartupInfoW
GetCommandLineW
RtlPcToFileHeader
RtlUnwindEx
RtlLookupFunctionEntry
DecodePointer
EncodePointer
InitializeCriticalSection
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
InterlockedPushEntrySList
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
SetFilePointer
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
LoadResource
LockResource
SizeofResource
FindResourceW
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
SetLastError
GetLastError
SetEndOfFile
CreateFileW
SetStdHandle
WriteConsoleW
VirtualQuery
FreeLibrary
ReadFile

user32

GetDlgItem
CreateDialogIndirectParamW
PostQuitMessage
PostMessageW
FindWindowW
AdjustWindowRectEx
DrawTextW
GetWindowRect
GetMenu
MapWindowPoints
GetMonitorInfoW
MonitorFromWindow
CallWindowProcW
InvalidateRgn
InvalidateRect
SetCapture
ReleaseCapture
ScreenToClient
ClientToScreen
MoveWindow
CreateAcceleratorTableW
GetDC
ReleaseDC
CharNextW
GetParent
GetClassNameW
RedrawWindow
IsWindow
GetClientRect
BeginPaint
FillRect
EndPaint
IsChild
SetFocus
GetFocus
GetSysColor
DestroyAcceleratorTable
SendMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetWindowLongPtrW
GetWindowLongW
SetWindowLongW
DefWindowProcW
RegisterWindowMessageW
GetClassInfoExW
LoadCursorW
RegisterClassExW
SetWindowContextHelpId
SendDlgItemMessageW
ShowWindow
SetWindowPos
CreateWindowExW
EndDialog
SetWindowLongPtrW
DestroyWindow
MapDialogRect
GetWindow
GetDesktopWindow
SetForegroundWindow
GetMessageW
DispatchMessageW
UnregisterClassA

gdi32

GetStockObject
GetObjectW
GetDeviceCaps
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC

advapi32

OpenProcessToken
CheckTokenMembership
AllocateAndInitializeSid
CreateWellKnownSid
DuplicateToken
FreeSid
GetTokenInformation

shell32

ShellExecuteExW

ole32

CoCreateInstance
CreateStreamOnHGlobal
CoUninitialize
OleUninitialize
OleInitialize
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
StringFromGUID2
CoTaskMemAlloc
OleLockRunning
CoInitialize

oleaut32

SysAllocString
SysAllocStringByteLen
SysStringByteLen
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantInit
SysStringLen
SysAllocStringLen
VariantClear
SysFreeString

shlwapi

PathRemoveFileSpecW

Sections

.text
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ScriptHost.dll
.dll regsvr32 windows:5 windows x86 arch:x86

4ab95ad72f7d1e11d3056b761ed54235

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\AddonsFrameworkGit\Internet Explorer\Release\ScriptHost.pdb

Imports

gdiplus

GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipAlloc
GdipFree

kernel32

RaiseException
lstrlenW
GetModuleFileNameW
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
SetLastError
GetProcAddress
GetModuleHandleW
SetThreadLocale
GetThreadLocale
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrcmpiW
LockResource
FindResourceExW
GetTickCount
CreateMutexW
WideCharToMultiByte
lstrlenA
OutputDebugStringW
InitializeCriticalSection
LoadLibraryW
IsWow64Process
CloseHandle
ReadFile
CreateFileW
DeleteCriticalSection
LocalFree
LocalAlloc
HeapAlloc
GetProcessHeap
HeapFree
GetModuleFileNameA
GetStartupInfoW
GetFileType
SetHandleCount
LCMapStringW
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
HeapDestroy
HeapCreate
IsProcessorFeaturePresent
ExitProcess
HeapSize
Sleep
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
TlsFree
TlsSetValue
TlsGetValue
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSectionAndSpinCount
GetLastError
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersion
InterlockedCompareExchange
InterlockedPopEntrySList
VirtualFree
InterlockedPushEntrySList
SetFilePointer
FlushFileBuffers
WriteConsoleW
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
TlsAlloc
GetUserDefaultLCID
GetLocaleInfoW
GetStdHandle
WriteFile
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
RtlUnwind
EncodePointer
DecodePointer
GetConsoleCP
GetConsoleMode

user32

SetTimer
FindWindowExW
SetForegroundWindow
SetFocus
keybd_event
CharLowerBuffW
CallWindowProcW
GetWindowLongW
DestroyWindow
DefWindowProcW
PostMessageW
GetTopWindow
GetWindow
IsChild
GetClassNameW
IsWindowVisible
CharNextW
RegisterClassExW
LoadCursorW
GetClassInfoExW
CreateWindowExW
SetWindowLongW
IsWindow
KillTimer
UnregisterClassA

advapi32

GetSidIdentifierAuthority
OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
RegQueryValueExW
RegDeleteValueW
RegQueryInfoKeyW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
IsValidSid

ole32

CoCreateGuid
CoGetClassObject
CLSIDFromProgID
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
StringFromGUID2
CoCreateInstance
CoInitializeEx
CoUninitialize

oleaut32

SysStringByteLen
VariantChangeType
DispCallFunc
VariantCopy
VarBstrFromDec
VarBstrFromBool
VarBstrFromR8
VarBstrFromR4
VarBstrFromI2
VarBstrFromI1
VarBstrFromI8
VarBstrFromI4
VarBstrFromUI2
VarBstrFromUI1
VarDecFromStr
VarBoolFromStr
VarR8FromStr
VarR4FromStr
VarI8FromStr
VarI4FromStr
VarI2FromStr
VarI1FromStr
VarUI8FromStr
VarUI2FromStr
VarUI1FromStr
SysFreeString
SysAllocString
VariantInit
SysAllocStringByteLen
VarUI4FromStr
UnRegisterTypeLi
RegisterTypeLi
VarBstrCmp
SysAllocStringLen
SysStringLen
LoadTypeLi
LoadRegTypeLi
VariantClear

shlwapi

PathRemoveFileSpecW
UrlCreateFromPathW

urlmon

CoInternetGetSession

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ScriptHost64.dll
.dll regsvr32 windows:5 windows x64 arch:x64

b33e12af40a04beaf28c61664c653f9d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\AddonsFrameworkGit\Internet Explorer\x64\Release\ScriptHost.pdb

Imports

kernel32

GetModuleFileNameW
FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
SetLastError
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetProcAddress
GetModuleHandleW
lstrcmpiW
FreeLibrary
MultiByteToWideChar
LoadLibraryExW
SetThreadLocale
GetThreadLocale
WideCharToMultiByte
lstrlenA
GetTickCount
CreateMutexW
OutputDebugStringW
InitializeCriticalSection
LoadLibraryW
CloseHandle
ReadFile
CreateFileW
GetVersion
lstrlenW
LocalAlloc
HeapAlloc
GetProcessHeap
HeapFree
SetHandleCount
LCMapStringW
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
TerminateProcess
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapDestroy
HeapCreate
HeapSetInformation
ExitProcess
HeapSize
Sleep
GetLocaleInfoW
GetStdHandle
WriteFile
FlsAlloc
RaiseException
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
LeaveCriticalSection
EnterCriticalSection
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleW
FlushFileBuffers
InterlockedPushEntrySList
VirtualFree
InterlockedPopEntrySList
LocalFree
GetConsoleMode
GetLocaleInfoA
GetUserDefaultLCID
GetFileType
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlsFree
FlsGetValue
GetCommandLineA
FlsSetValue
VirtualQuery
GetSystemInfo
SetThreadStackGuarantee
VirtualAlloc
VirtualProtect
RtlPcToFileHeader
EncodePointer
DecodePointer
RtlUnwindEx
RtlLookupFunctionEntry
GetStartupInfoW
GetModuleFileNameA

user32

FindWindowExW
SetForegroundWindow
SetFocus
keybd_event
CharLowerBuffW
GetWindowLongPtrW
CallWindowProcW
GetTopWindow
IsChild
GetClassNameW
UnregisterClassA
IsWindowVisible
DefWindowProcW
DestroyWindow
PostMessageW
CharNextW
CreateWindowExW
SetWindowLongPtrW
RegisterClassExW
LoadCursorW
GetClassInfoExW
IsWindow
KillTimer
SetTimer
GetWindow

advapi32

GetSidIdentifierAuthority
OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
IsValidSid

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoInitializeEx
CoUninitialize
CoGetClassObject
CoTaskMemFree
StringFromGUID2
CoCreateGuid
CLSIDFromProgID
CoInitialize
CoCreateInstance

oleaut32

VariantCopy
VarDecFromStr
VarBoolFromStr
VarR8FromStr
VarR4FromStr
VarI8FromStr
VarI4FromStr
VarI2FromStr
VarI1FromStr
VarUI8FromStr
VarUI2FromStr
VarUI1FromStr
VarBstrFromDec
VarBstrFromBool
VarBstrFromR8
VarBstrFromR4
VarBstrFromI2
VarBstrFromI1
VarBstrFromI8
VarBstrFromI4
VarBstrFromUI2
VarBstrFromUI1
SysFreeString
VariantClear
SysAllocString
DispCallFunc
SysStringByteLen
SysAllocStringByteLen
VariantChangeType
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
SysAllocStringLen
VarBstrCmp
LoadTypeLi
LoadRegTypeLi
SysStringLen
VariantInit

shlwapi

PathRemoveFileSpecW
UrlCreateFromPathW

urlmon

CoInternetGetSession

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 273KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
background.html
.html .js polyglot
background/animate.js
.js
background/background.js
.js
config.xml
.xml
content/content.js
.js
content/serp.js
.js
content/slider.js
.js
content/style.js
.js
content/templates.js
.js
icons/CB-assistant-logo-128.ico
icons/CB-assistant-logo-128.png
.png
icons/CB-assistant-logo-16.ico
icons/CB-assistant-logo-16.png
.png
icons/CB-assistant-logo-18-bw.png
.png
icons/CB-assistant-logo-18.ico
icons/CB-assistant-logo-18.png
.png
icons/CB-assistant-logo-24.ico
icons/CB-assistant-logo-24.png
.png
icons/CB-assistant-logo-48.ico
icons/CB-assistant-logo-48.png
.png
icons/CB-assistant-logo-active-128.png
.png
icons/CB-assistant-logo-active-16.ico
icons/CB-assistant-logo-active-16.png
.png
icons/CB-assistant-logo-active-18.ico
icons/CB-assistant-logo-active-18.png
.png
icons/CB-assistant-logo-active-24.png
.png
icons/CB-assistant-logo-active-48.png
.png
icons/CB-assistant-logo-inactive-128.png
.png
icons/CB-assistant-logo-inactive-16.ico
icons/CB-assistant-logo-inactive-16.png
.png
icons/CB-assistant-logo-inactive-18.ico
icons/CB-assistant-logo-inactive-18.png
.png
icons/CB-assistant-logo-inactive-24.png
.png
icons/CB-assistant-logo-inactive-48.png
.png
icons/btn/18-inactive-0.jpg
.jpg
icons/btn/18-inactive-1.jpg
.jpg
icons/btn/18-inactive-2.jpg
.jpg
icons/btn/18-inactive-3.jpg
.jpg
icons/btn/18-inactive-4.jpg
.jpg
icons/btn/18-inactive-5.jpg
.jpg
icons/btn/18-inactive-6.jpg
.jpg
icons/btn/18-inactive-7.jpg
.jpg
icons/btn/18-inactive.gif
.gif
icons/close.png
.png
icons/merchant-activated.png
.png
icons/merchant-not-activated.png
.png
icons/non-merchant.png
.png
icons/safari.jpg
.png
icons/safari.png
.png
icons/search.png
.png
images/128x128.png
.png
images/16x16-grey.png
.png
images/16x16.png
.png
images/18x18-grey.png
.png
images/18x18.png
.png
images/24x24.png
.png
images/48x48.png
.png
images/layer_0.png
.png
images/layer_1.png
.png
json2.min.js
.js
libs/backbone-min.js
.js
libs/backbone-min.map
libs/backbone-no-conflict.js
.js
libs/handlebars.runtime.min.js
.js
libs/jquery-1.9.1.min.js
.js
libs/jquery-3.1.0.min.js
.js
libs/jquery-no-conflict.js
.js
libs/underscore-min.js
.js
libs/underscore-min.map
libs/underscore-no-conflict.js
.js
libs/underscore.min.js
.js
popup/css/jquery.jscrollpane.css
popup/css/style.css
popup/images/ajax-loader.gif
.gif
popup/images/code-but.png
.png
popup/images/discount-icon.png
.png
popup/images/logo/CB-assistant-logo-128.png
.png
popup/images/logo/CB-assistant-logo-16.png
.png
popup/images/logo/CB-assistant-logo-18-bw.png
.png
popup/images/logo/CB-assistant-logo-18.png
.png
popup/images/logo/CB-assistant-logo-24.png
.png
popup/images/logo/CB-assistant-logo-48.png
.png
popup/images/logo/CB-assistant-logo-active-128.png
.png
popup/images/logo/CB-assistant-logo-active-16.png
.png
popup/images/logo/CB-assistant-logo-active-18.png
.png
popup/images/logo/CB-assistant-logo-active-24.png
.png
popup/images/logo/CB-assistant-logo-active-48.png
.png
popup/images/logo/CB-assistant-logo-inactive-128.png
.png
popup/images/logo/CB-assistant-logo-inactive-16.png
.png
popup/images/logo/CB-assistant-logo-inactive-18.png
.png
popup/images/logo/CB-assistant-logo-inactive-24.png
.png
popup/images/logo/CB-assistant-logo-inactive-48.png
.png
popup/images/logo/merchant-activated.png
.png
popup/images/logo/merchant-not-activated.png
.png
popup/images/logo/non-merchant.png
.png
popup/images/msg-pic.png
.png
popup/images/search-icon.png
.png
popup/images/search.png
.png
popup/images/separator.png
.png
popup/images/settings/settings.png
.png
popup/images/user-pic.png
.png
popup/images/white-poup-selected-menu-triangle.png
.png
popup/js/popup.js
.js
popup/js/style.js
.js
popup/js/templates.js
.js
popup/js/views.js
.js
popup/popup.html
.html
uninstall.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UAC.dll
.dll windows:4 windows x86 arch:x86

ee75cece63794fa22feebed80a358b16

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
GetVersionExA
lstrcmpiA
GetCurrentThreadId
GetProcAddress
GetCommandLineA
UnmapViewOfFile
WaitForSingleObject
GetCurrentProcessId
SetEvent
lstrlenA
SetCurrentDirectoryA
MapViewOfFile
Sleep
OpenProcess
GetExitCodeProcess
GetExitCodeThread
CreateThread
CreateFileMappingA
CreateEventA
GlobalAlloc
CreateProcessA
GetLastError
MultiByteToWideChar
FormatMessageA
LocalFree
GlobalFree
CloseHandle
GetModuleFileNameA
lstrcatA
GetPrivateProfileIntA
GetPrivateProfileStringA
DuplicateHandle
LoadLibraryA

user32

GetClassNameA
SetWindowsHookExA
DispatchMessageA
TranslateMessage
IsDialogMessageA
PeekMessageA
MsgWaitForMultipleObjects
DefWindowProcA
PostMessageA
SetForegroundWindow
CreateWindowExA
GetWindowThreadProcessId
CallWindowProcA
SetWindowPos
GetWindowRect
UnhookWindowsHookEx
CallNextHookEx
CharNextA
DialogBoxParamA
SendMessageW
MessageBoxA
EndDialog
SetWindowLongA
LoadImageA
GetWindowLongA
EnableWindow
ShowWindow
wsprintfA
GetDlgItem
SendMessageA
LoadStringA
DestroyWindow

advapi32

GetUserNameA
OpenSCManagerA
GetTokenInformation
OpenProcessToken
FreeSid
CloseServiceHandle
EqualSid
AllocateAndInitializeSid
OpenThreadToken
AdjustTokenPrivileges
LookupPrivilegeValueA
QueryServiceStatus
OpenServiceA

shell32

ShellExecuteExA

ole32

CoInitialize

Exports

Exports

_

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 898B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

1e2884056e655f2b7bc5a904e352fc80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
GetProcessHeap
SetCurrentDirectoryA

user32

GetPropA
DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
RemovePropA
CharPrevA
GetWindowLongA
DrawTextA
GetWindowTextA
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapWindowPoints
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
MapDialogRect
GetClientRect
CharNextA
SendMessageA
DrawFocusRect

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 68KB

.rsrc Size: 12KB - Virtual size: 12KB

fe62ae0342805f96b8dd3ce0d03d153b

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

kernel32

user32

gdi32

ole32

oleaut32

msvcr100

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 44KB - Virtual size: 44KB

.reloc Size: 5KB - Virtual size: 4KB

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 784B

.data Size: 512B - Virtual size: 100B

.reloc Size: 1024B - Virtual size: 520B

ee75cece63794fa22feebed80a358b16

Headers

File Characteristics

Imports

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 68KB

.rsrc
Size: 12KB - Virtual size: 12KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 44KB - Virtual size: 44KB

.reloc
Size: 5KB - Virtual size: 4KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 1024B - Virtual size: 852B

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 1024B - Virtual size: 898B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 572B

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 6KB - Virtual size: 5KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 9KB

.pdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 1KB - Virtual size: 1KB