33ce050675e42e6d29c772a659bab34a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

33ce050675e42e6d29c772a659bab34a_JaffaCakes118
Size

4.0MB
MD5

33ce050675e42e6d29c772a659bab34a
SHA1

3e0f42c86ca0f537d43977c06c7e0a34797774fc
SHA256

a3cea108ea76371ad9b8a043c3d4640e0a14ca9dda4c9cb59e309f9376fecf51
SHA512

79fdf68774586c2d3d2299c3454235b7e4fa454e9f0fa99397ed30b8f64e7ed6782d33d578cce055051793a1ac235b969b57ff5eeed49d6ca556a23730a846b6
SSDEEP

98304:GeujzltAzHPlaOmCxJ0oi4fsQykmXqhyxHJsOgW:xujvCL9coi40Q0XqhyB2Oz

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/OEMDS2.DLL
unpack001/OEMDS2.DS
unpack001/OEMIMG2.dll
unpack001/OEMUI2.DLL
unpack001/TWAIN_32.DLL
unpack001/TWUNK_32.exe

Files

33ce050675e42e6d29c772a659bab34a_JaffaCakes118
.cab
Defaults.ini
OEMDS2.DLL
.dll windows:4 windows x86 arch:x86

059a3ac7cc182be41f15db072140946f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\workspace\twain3.0_(win)\view_builder_hudson_twain30\twain4network_win\source\component\dsengine\win32\release\OEMDS2.pdb

Imports

oemimg2

?IsSupported@CImageColorManagement@@QAE_NXZ
?Rotate180@CImageTransform@@SAKKKIPAE0@Z
?Rotate90@CImageTransform@@SAKKKIPAE0@Z
?GetFilterInfo@CImageFilter@@QBEPAUtagFILTERINFO@@XZ
??1CImageTransform@@UAE@XZ
?Apply@CImageFilter@@QAEKKKIPAEW4FilterStage@@0@Z
?GetGrayPalette@CImagePalette@@QAEHPAUtagRGBQUAD@@@Z
?GetPalette@CImagePalette@@QAEHPAUtagRGBQUAD@@@Z
??1CImagePalette@@QAE@XZ
??0CImagePalette@@QAE@XZ
?VerticalFlip@CImageTransform@@SAKKKIPAE0@Z
??0CImageFringeRemoval@@QAE@XZ
?HorizontalFlip@CImageTransform@@SAKKKIPAE0@Z
??1CImageFringeRemoval@@QAE@XZ
?Create@CImageFringeRemoval@@QAEXII@Z
?Apply@CImageFringeRemoval@@QAEKKKIPBEW4FilterStage@@PAE@Z
?GetBufferSize@CImageFringeRemoval@@QBEIXZ
??0CImageResample@@QAE@XZ
??0CImageBkgRemoval@@QAE@XZ
??0CImageConvertor@@QAE@XZ
??1CImageResample@@UAE@XZ
??1CImageBkgRemoval@@QAE@XZ
??1CImageConvertor@@UAE@XZ
?Create@CImageResample@@QAEHPAUtagRESAMPLEINFO@@@Z
?Create@CImageBkgRemoval@@QAE_NHEI@Z
?Create@CImageConvertor@@QAEXPAUtagRGBQUAD@@K@Z
?Apply@CImageResample@@QAEKKKIPAEW4FilterStage@@0PAUIMAGEtagSIZE@@@Z
?Apply@CImageBkgRemoval@@QAEKKKIPAE0@Z
?Convert@CImageConvertor@@QAEKKPAE0@Z
??0CImageDescreen@@QAE@XZ
??1CImageDescreen@@QAE@XZ
?Create@CImageDescreen@@QAEXII@Z
??0CImageAdjustment@@QAE@XZ
?Apply@CImageDescreen@@QAEKKKIPBEW4FilterStage@@PAE@Z
??1CImageAdjustment@@UAE@XZ
?GetBufferSize@CImageDescreen@@QBEIXZ
?Create@CImageAdjustment@@QAEHHPAH00H00HH@Z
?Apply@CImageAdjustment@@QAEKKKIPAE0@Z
?Create@CImageColorManagement@@QAE_NW4RenderingIntent@@PBD1_N@Z
?Apply@CImageColorManagement@@QAEKKKIPAE0@Z
?GetAcceptableMonitorProfileName@CImageColorManagement@@QAE_NPAD@Z
?GetMonitorProfiles@CImageColorManagement@@QAE_NPAPAUIMonitorProfilesList@@@Z
??0CImageFilter@@QAE@XZ
??1CImageFilter@@UAE@XZ
?Create@CImageFilter@@QAEHW4SystemFilter@@I@Z
??1CImageColorManagement@@QAE@XZ
??0CImageColorManagement@@QAE@XZ
?DEFAULT_MIDTONE_VALUE@CImageBkgRemoval@@2EB
??0CImageTransform@@QAE@XZ
?Rotate270@CImageTransform@@SAKKKIPAE0@Z

oemui2

FinishScan
SetProgress
ShowStartButton
ShowUI
ShowAuthenticationDlg
CloseUI
CreateProgress
ShowMessageBox
CreateWaitingMessageDlg
DestroyProgress
HideStartButton
SetText

setupapi

CM_Get_Device_IDA
SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
CM_Get_Parent
SetupDiGetDeviceInterfaceDetailA
SetupDiOpenDeviceInterfaceRegKey

kernel32

SetStdHandle
GetStringTypeW
GetStringTypeA
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
GetStartupInfoA
SetHandleCount
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStdHandle
HeapCreate
HeapDestroy
HeapSize
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RaiseException
RtlUnwind
GetTimeZoneInformation
GetFileType
GetSystemTimeAsFileTime
HeapReAlloc
InterlockedDecrement
GetProcessHeap
GetCommandLineA
ExitThread
ExitProcess
MultiByteToWideChar
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapFree
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetPrivateProfileIntA
GetModuleFileNameA
GetLastError
lstrcpyA
GetPrivateProfileStringA
OutputDebugStringA
GetProcAddress
GetLocalTime
WriteFile
LoadLibraryA
IsBadWritePtr
lstrcmpA
FreeLibrary
IsBadStringPtrA
CloseHandle
SetFilePointer
CreateFileA
IsBadReadPtr
lstrlenA
GetTempPathA
CreateDirectoryA
FormatMessageA
GetLocaleInfoA
VirtualFree
GlobalMemoryStatus
VirtualAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
SetErrorMode
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
SetEndOfFile
GetDiskFreeSpaceA
GetSystemInfo
GetModuleHandleA
GetFullPathNameA
GetVersionExA
ReadFile
FlushFileBuffers
WaitForSingleObject
Sleep
CreateProcessA
DisableThreadLibraryCalls
GetTickCount
GlobalFree
SetThreadExecutionState
CancelIo
InterlockedExchange
QueryPerformanceFrequency
InterlockedIncrement
GetSystemDirectoryA
GetOverlappedResult
QueryPerformanceCounter
CreateEventA
GetTimeFormatA
DeviceIoControl
SetEvent
InterlockedExchangeAdd
LocalFree
ResetEvent
SetThreadPriority
GetExitCodeThread
CreateThread
TerminateThread
GetCurrentThread
GetFileSize
GlobalSize
WideCharToMultiByte
CreateFileMappingW
GetCurrentThreadId
LocalAlloc

user32

RegisterClassA
CreateWindowExA
DestroyWindow
IsWindow
SystemParametersInfoA
MessageBoxA
DispatchMessageW
MsgWaitForMultipleObjects
IsDialogMessageA
GetFocus
TranslateMessage
DispatchMessageA
DefWindowProcA
CharNextA
SetTimer
FindWindowA
BringWindowToTop
KillTimer
wsprintfA
RegisterWindowMessageA
PeekMessageA
IsWindowUnicode
UnregisterClassA

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc

rpcrt4

RpcStringFreeA
UuidToStringA
UuidCreate
UuidToStringW
RpcStringFreeW

mscms

GetColorDirectoryA

shlwapi

PathFindExtensionA
PathFindFileNameA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

ws2_32

ioctlsocket
WSASetLastError
getsockopt
closesocket
gethostbyaddr
htonl
select
inet_ntoa
WSAGetLastError
htons
getservbyport
getservbyname
WSAStartup
socket
send
WSACleanup
recv
connect
ntohl
gethostbyname
ntohs
getsockname
inet_addr

Exports

Exports

DS_Entry

Sections

.text
Size: 980KB - Virtual size: 978KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 404KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OEMDS2.DS
.dll windows:4 windows x86 arch:x86

4c46f46c2079516bd997f596ee5a04e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\workspace\twain3.0_(win)\view_builder_hudson_twain30\twain4network_win\source\component\oemds\win32\release\OEMDS2.pdb

Imports

kernel32

DisableThreadLibraryCalls
GetLocalTime
SetErrorMode
LoadLibraryA
FreeLibrary
GetModuleFileNameA
GetCurrentDirectoryA
GetCurrentThreadId
OutputDebugStringA
SetCurrentDirectoryA
GetLastError
GetProcAddress
WideCharToMultiByte
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
HeapSize
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WriteFile
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
VirtualAlloc
InitializeCriticalSection
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CloseHandle
FlushFileBuffers
RaiseException

Exports

Exports

DS_Entry

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OEMIMG2.dll
.dll windows:4 windows x86 arch:x86

f2f1a33a9cbe590ede3ba821264dd7fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\workspace\twain3.0_(win)\view_builder_hudson_twain30\twain4network_win\source\component\imageprocessing\win32\release\OEMIMG2.pdb

Imports

kernel32

WriteFile
SetFilePointer
GetTempPathA
CreateFileA
LocalFree
LocalAlloc
GetLocalTime
SetErrorMode
GetModuleHandleA
GetModuleFileNameA
FindClose
FindFirstFileA
FindNextFileA
GetCurrentThreadId
CloseHandle
OutputDebugStringA
CreateDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
GetPrivateProfileIntA
lstrcpyA
lstrlenA
IsBadStringPtrA
IsBadWritePtr
GetLastError
GetVersion
FormatMessageA
CompareStringW
CompareStringA
FlushFileBuffers
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapAlloc
HeapFree
RtlUnwind
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetSystemTimeAsFileTime
GetCommandLineA
GetVersionExA
GetProcessHeap
Sleep
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
GetStdHandle
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapDestroy
HeapCreate
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetConsoleCP
GetConsoleMode
SetConsoleCtrlHandler
MultiByteToWideChar
GetLocaleInfoA
GetLocaleInfoW
InitializeCriticalSection
InterlockedExchange
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA

gdi32

CreateHalftonePalette
StretchDIBits
GetDIBColorTable
SetStretchBltMode
SetBrushOrgEx
CreateDIBSection
GdiFlush
CreateCompatibleDC
GetDIBits
SelectObject
BitBlt
DeleteDC
DeleteObject
GetPaletteEntries

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

shlwapi

PathRemoveBackslashA
PathFileExistsA
PathFindFileNameA

Exports

Exports

??0?$CImageBuffer@USRGBTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAE@XZ
??0?$CImageBuffer@USYIQTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAE@XZ
??0?$CVector@N@CImageFringeRemoval@@QAE@XZ
??0?$CVector@PAUSRGBTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAE@XZ
??0?$CVector@PAUSYIQTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAE@XZ
??0?$CVector@PBUSYIQTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAE@XZ
??0?$CVector@USRGBTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAE@XZ
??0?$CVector@USYIQTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAE@XZ
??0CColorMath@@QAE@XZ
??0CDefineExpcorrParams@@QAE@XZ
??0CExpcorrFilter@@QAE@XZ
??0CImage@@QAE@ABV0@@Z
??0CImage@@QAE@XZ
??0CImageAdjustment@@QAE@XZ
??0CImageAutoCrop@@QAE@XZ
??0CImageBkgRemoval@@QAE@XZ
??0CImageColor@@QAE@XZ
??0CImageColorManagement@@QAE@XZ
??0CImageConvertor@@QAE@XZ
??0CImageDescreen@@QAE@XZ
??0CImageFilter@@QAE@XZ
??0CImageFringeRemoval@@QAE@XZ
??0CImageHistogram@@QAE@XZ
??0CImagePalette@@QAE@XZ
??0CImageResample@@QAE@XZ
??0CImageTransform@@QAE@ABV0@@Z
??0CImageTransform@@QAE@XZ
??0SAutoBkgRemovalParams@@QAE@XZ
??1?$CImageBuffer@USRGBTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAE@XZ
??1?$CImageBuffer@USYIQTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAE@XZ
??1?$CVector@N@CImageFringeRemoval@@QAE@XZ
??1?$CVector@PAUSRGBTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAE@XZ
??1?$CVector@PAUSYIQTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAE@XZ
??1?$CVector@PBUSYIQTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAE@XZ
??1?$CVector@USRGBTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAE@XZ
??1?$CVector@USYIQTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAE@XZ
??1CColorMath@@QAE@XZ
??1CDefineExpcorrParams@@QAE@XZ
??1CExpcorrFilter@@QAE@XZ
??1CImage@@QAE@XZ
??1CImageAdjustment@@UAE@XZ
??1CImageAutoCrop@@QAE@XZ
??1CImageBkgRemoval@@QAE@XZ
??1CImageColor@@QAE@XZ
??1CImageColorManagement@@QAE@XZ
??1CImageConvertor@@UAE@XZ
??1CImageDescreen@@QAE@XZ
??1CImageFilter@@UAE@XZ
??1CImageFringeRemoval@@QAE@XZ
??1CImageHistogram@@UAE@XZ
??1CImagePalette@@QAE@XZ
??1CImageResample@@UAE@XZ
??1CImageTransform@@UAE@XZ
??1SAutoBkgRemovalParams@@QAE@XZ
??4CDefineExpcorrParams@@QAEAAV0@ABV0@@Z
??4CImage@@QAEAAV0@ABV0@@Z
??4CImageAutoCrop@@QAEAAV0@ABV0@@Z
??4CImageBkgRemoval@@QAEAAV0@ABV0@@Z
??4CImageColorManagement@@QAEAAV0@ABV0@@Z
??4CImagePalette@@QAEAAV0@ABV0@@Z
??4CImageTransform@@QAEAAV0@ABV0@@Z
??4SAutoBkgRemovalParams@@QAEAAU0@ABU0@@Z
??4SRGBTripple@CImageFringeRemoval@@QAEAAU01@ABU01@@Z
??4SYIQTripple@CImageFringeRemoval@@QAEAAU01@ABU01@@Z
??4tagECFILTERINFO@@QAEAAU0@ABU0@@Z
??4tagECIMAGEINFO@@QAEAAU0@ABU0@@Z
??4tagFILTERINFO@@QAEAAU0@ABU0@@Z
??4tagRESAMPLEINFO@@QAEAAU0@ABU0@@Z
??A?$CImageBuffer@USRGBTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QBEPBUSRGBTripple@1@I@Z
??A?$CImageBuffer@USYIQTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QBEPBUSYIQTripple@1@I@Z
??ACColorMath@@QAE?AUtagRGBQUAD@@H@Z
??BCImage@@UAEPAUHBITMAP__@@XZ
??BSRGBTripple@CImageFringeRemoval@@QBE?AUSYIQTripple@1@XZ
??BSYIQTripple@CImageFringeRemoval@@QBE?AUSRGBTripple@1@XZ
??_7CImage@@6B@
??_7CImageAdjustment@@6B@
??_7CImageConvertor@@6B@
??_7CImageFilter@@6B@
??_7CImageHistogram@@6B@
??_7CImageResample@@6B@
??_7CImageTransform@@6B@
?AddData@CDefineExpcorrParams@@QAEHKPAEW4FilterStage@@@Z
?AddData@CImageColor@@QAEHKPAEW4FilterStage@@@Z
?AddStatistics@CImageHistogram@@QAE_NPAEK@Z
?AddStatistics@CImagePalette@@QAEHPAEK@Z
?AppendData@CImage@@UAEXPAXK@Z
?AppendRawData@CImage@@UAEXKPAXK@Z
?Apply@CExpcorrFilter@@QAEKKPAEW4FilterStage@@0@Z
?Apply@CImageAdjustment@@QAEKKKIPAE0@Z
?Apply@CImageAutoCrop@@QAEKPBEKK@Z
?Apply@CImageBkgRemoval@@QAEKKKIPAE0@Z
?Apply@CImageColor@@QAEKKPAE0@Z
?Apply@CImageColorManagement@@QAEKKKIPAE0@Z
?Apply@CImageDescreen@@QAEKKKIPBEW4FilterStage@@PAE@Z
?Apply@CImageFilter@@QAEKKKIPAEW4FilterStage@@0@Z
?Apply@CImageFringeRemoval@@QAEKKKIPBEW4FilterStage@@PAE@Z
?Apply@CImageResample@@QAEKKKIPAEW4FilterStage@@0PAUIMAGEtagSIZE@@@Z
?ApplyCustom256@CImageResample@@IAEKKKIPAEW4FilterStage@@0PAUIMAGEtagSIZE@@@Z
?ApplyCustom@CImageResample@@IAEKKKIPAEW4FilterStage@@0PAUIMAGEtagSIZE@@@Z
?ApplyCustomBW@CImageResample@@IAEKKKIPAEW4FilterStage@@0PAUIMAGEtagSIZE@@@Z
?ApplyCustomRGB@CImageResample@@IAEKKKIPAEW4FilterStage@@0PAUIMAGEtagSIZE@@@Z
?ApplyExponent@CImageResample@@IAEKKKIPAEW4FilterStage@@0PAUIMAGEtagSIZE@@@Z
?ApplyExponentH@CImageResample@@IAEKKKIPAEW4FilterStage@@0PAUIMAGEtagSIZE@@@Z
?ApplyExponentV@CImageResample@@IAEKKKIPAEW4FilterStage@@0PAUIMAGEtagSIZE@@@Z
?ApplyTwoThirds256@CImageResample@@IAEKKKIPAEW4FilterStage@@0PAUIMAGEtagSIZE@@@Z
?ApplyTwoThirds@CImageResample@@IAEKKKIPAEW4FilterStage@@0PAUIMAGEtagSIZE@@@Z
?ApplyTwoThirdsBW@CImageResample@@IAEKKKIPAEW4FilterStage@@0PAUIMAGEtagSIZE@@@Z
?ApplyTwoThirdsRGB@CImageResample@@IAEKKKIPAEW4FilterStage@@0PAUIMAGEtagSIZE@@@Z
?BACKGROUND_LEVEL_STD_THRESHOLD1@CImageBkgRemoval@@2IB
?BACKGROUND_LEVEL_STD_THRESHOLD2@CImageBkgRemoval@@2IB
?BAD_BACKGROUND_STRENGTH_VALUE@CImageBkgRemoval@@2HB
?BilateralFilterSeparable@CExpcorrFilter@@AAEHPAE0KK@Z
?CC_MASK@CImageDescreen@@1QBEB
?CC_MASK_EN@CImageDescreen@@1EB
?COLOR_TH_150dpi@CImageDescreen@@1QBEB
?COLOR_TH_300dpi@CImageDescreen@@1QBEB
?COLOR_TH_600dpi@CImageDescreen@@1QBEB
?CalcAutoBackgroundLevel@CImageBkgRemoval@@QAEHABUSAutoBkgRemovalParams@@KKIPAE@Z
?CalcAutoBackgroundLevel@CImageBkgRemoval@@QAEHIKKIPAE@Z
?Convert2RGB@CImageConvertor@@QAEKKPAE0@Z
?Convert@CImageConvertor@@QAEKKPAE0@Z
?CopyPixels8bpp@CImageResample@@IAEXPAEEE@Z
?Create@CDefineExpcorrParams@@QAEHPAUtagECIMAGEINFO@@HH@Z
?Create@CExpcorrFilter@@QAEHPAUtagECFILTERINFO@@PAUtagECIMAGEINFO@@HH@Z
?Create@CImage@@UAEHPAUtagBITMAPINFO@@W4ColorMode@@PAUtagSIZE@@PAUtagRGBQUAD@@W4UpdateDirection@@@Z
?Create@CImageAdjustment@@QAEHHPAH00H00HH@Z
?Create@CImageAutoCrop@@QAE_NEKN@Z
?Create@CImageBkgRemoval@@QAE_NHEI@Z
?Create@CImageColor@@QAEHW4ImageFormat@@KKI@Z
?Create@CImageColorManagement@@QAE_NW4RenderingIntent@@PBD1_N@Z
?Create@CImageConvertor@@QAEXPAUtagRGBQUAD@@K@Z
?Create@CImageDescreen@@QAEXII@Z
?Create@CImageFilter@@QAEHIIIPAHI@Z
?Create@CImageFilter@@QAEHPAUtagFILTERINFO@@I@Z
?Create@CImageFilter@@QAEHW4SystemFilter@@I@Z
?Create@CImageFringeRemoval@@QAEXII@Z
?Create@CImageHistogram@@QAE_NI@Z
?Create@CImageResample@@QAEHPAUtagRESAMPLEINFO@@@Z
?CreateHalftone@CImagePalette@@IAEPAUHPALETTE__@@XZ
?CreatePixels8bpp@CImageResample@@IAEXPAE0K@Z
?DEFAULT_BACKGROUND_OFFSET@CImageBkgRemoval@@2HB
?DEFAULT_BACKGROUND_STD_THRESHOLD@CImageBkgRemoval@@2IB
?DEFAULT_BLOCK_SIZE@CImageBkgRemoval@@2IB
?DEFAULT_HIGHLIGTH_THRESHOLD@CImageBkgRemoval@@2EB
?DEFAULT_MIDTONE_VALUE@CImageBkgRemoval@@2EB
?DEFAULT_MIN_MONOABS_LEVEL@CImageBkgRemoval@@2EB
?DefineGamma@CDefineExpcorrParams@@AAEXXZ
?DefineShadowHighlightParameters@CDefineExpcorrParams@@AAEXXZ
?GetAcceptableMonitorProfileName@CImageColorManagement@@QAE_NPAD@Z
?GetBestColor@CImageColor@@QAEHPAUtagColorInfo@@PAUtagIMAGE_RECT@@@Z
?GetBufferSize@CImageDescreen@@QBEIXZ
?GetBufferSize@CImageFringeRemoval@@QBEIXZ
?GetCParam@CImageColor@@QAEMXZ
?GetCount@CImageHistogram@@QAEKHK@Z
?GetFilterInfo@CDefineExpcorrParams@@QAEXPAUtagECFILTERINFO@@@Z
?GetFilterInfo@CExpcorrFilter@@QAEPAUtagECFILTERINFO@@XZ
?GetFilterInfo@CImageFilter@@QBEPAUtagFILTERINFO@@XZ
?GetGrayPalette@CImagePalette@@QAEHPAUtagRGBQUAD@@@Z
?GetHalf@CImageFilter@@IAEIXZ
?GetHistogram@CImageHistogram@@QBEPAIH@Z
?GetImageInfo@CDefineExpcorrParams@@QAEPAUtagECIMAGEINFO@@XZ
?GetImageInfo@CExpcorrFilter@@QAEPAUtagECIMAGEINFO@@XZ
?GetMaxCount@CImageHistogram@@QAEKHPAE@Z
?GetMean@CImageHistogram@@QAENHPAK@Z
?GetMonitorProfiles@CImageColorManagement@@QAE_NPAPAUIMonitorProfilesList@@@Z
?GetNearestColor2@CColorMath@@AAEEHHH@Z
?GetNearestColor@CColorMath@@QAEEHHH@Z
?GetNearestColorUI@CColorMath@@QAEEHHH@Z
?GetPalette@CColorMath@@QAEPAUtagRGBQUAD@@XZ
?GetPalette@CImagePalette@@QAEHPAUtagRGBQUAD@@@Z
?HIGHLIGHT_PIXEL_THRESHOLD@CImageBkgRemoval@@2IB
?HISTORY_SIZE@CImageDescreen@@1EB
?HorizontalFlip@CImageTransform@@SAKKKIPAE0@Z
?InitLUT@CExpcorrFilter@@AAEHHHNHPAE@Z
?IsSupported@CImageColorManagement@@QAE_NXZ
?IsSymmetric@CImageFilter@@QBEHXZ
?MONO_TH_150dpi@CImageDescreen@@1QBEB
?MONO_TH_300dpi@CImageDescreen@@1QBEB
?MONO_TH_600dpi@CImageDescreen@@1QBEB
?Process@CImageFilter@@IAEEPAEIK@Z
?ResetErrors@CImageConvertor@@QAEXXZ
?Rotate180@CImageTransform@@SAKKKIPAE0@Z
?Rotate270@CImageTransform@@SAKKKIPAE0@Z
?Rotate90@CImageTransform@@SAKKKIPAE0@Z
?SATURATION_TH1@CImageDescreen@@1EB
?SATURATION_TH2@CImageDescreen@@1EB
?SATURATION_TH3@CImageDescreen@@1EB
?SATURATION_Y1@CImageDescreen@@1EB
?SATURATION_Y2@CImageDescreen@@1EB
?Save@CImage@@IAEXPBD@Z
?SetBrightness@CImageAdjustment@@IAEHHH@Z
?SetCParam@CImageColor@@QAEXM@Z
?SetColorValue@CImageColor@@QAEXUtagColorInfo@@@Z
?SetContrast@CImageAdjustment@@IAEHHH@Z
?SetGamma@CImageAdjustment@@IAEHHHHH@Z
?SetHighlight@CImageAdjustment@@IAEHHH@Z
?SetImageInfo@CDefineExpcorrParams@@QAEHPAUtagECIMAGEINFO@@@Z
?SetInversion@CImageAdjustment@@IAEHH@Z
?SetPalette@CColorMath@@QAEXPAUtagRGBQUAD@@@Z
?SetPalette@CImage@@IAEXPAUtagRGBQUAD@@@Z
?SetShadow@CImageAdjustment@@IAEHHH@Z
?SetStretchMode@CImage@@IAEXPAUHDC__@@@Z
?SetToDefault@CDefineExpcorrParams@@AAEXXZ
?T_HIGH_CUTOFF@CImageDescreen@@1EB
?T_LOW_CUTOFF@CImageDescreen@@1EB
?T_MIN_MAX1@CImageDescreen@@1EB
?ToRGB@SYIQTripple@CImageFringeRemoval@@SAXNNNPAE00@Z
?ToYIQ@SRGBTripple@CImageFringeRemoval@@SAXEEEPAN00@Z
?VerticalFlip@CImageTransform@@SAKKKIPAE0@Z
?bufferFull@?$CImageBuffer@USYIQTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QBE_NXZ
?buildContrastTable@CImageBkgRemoval@@IAE_NXZ
?c_Cum0@CDefineExpcorrParams@@0IB
?c_H0@CDefineExpcorrParams@@0IB
?c_T@CDefineExpcorrParams@@0IB
?c_minColors@CDefineExpcorrParams@@0IB
?c_minImageSize@CDefineExpcorrParams@@0IB
?c_nFringeTextThreshold@CImageFringeRemoval@@1NB
?calcOutputHeight@CImageFringeRemoval@@IAEKKW4FilterStage@@@Z
?ccFlag@CImageDescreen@@IAEHHHEEEEEEEEEPAH0@Z
?checkParameters@CImageBkgRemoval@@IAE_NABUSAutoBkgRemovalParams@@KKIPAE@Z
?checkparams@SAutoBkgRemovalParams@@QBE_NXZ
?contrastTable@CImageBkgRemoval@@QAEPBEXZ
?create@?$CImageBuffer@USRGBTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAE_NII@Z
?create@?$CImageBuffer@USYIQTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAE_NII@Z
?create@?$CVector@N@CImageFringeRemoval@@QAEPANI@Z
?create@?$CVector@PAUSRGBTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAEPAPAUSRGBTripple@2@I@Z
?create@?$CVector@PAUSYIQTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAEPAPAUSYIQTripple@2@I@Z
?create@?$CVector@PBUSYIQTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAEPAPBUSYIQTripple@2@I@Z
?create@?$CVector@USRGBTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAEPAUSRGBTripple@2@I@Z
?create@?$CVector@USYIQTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAEPAUSYIQTripple@2@I@Z
?getBBox@CImageAutoCrop@@QBEABUtagIMAGE_RECT@@XZ
?getBackgroundStrength@CImageBkgRemoval@@QBEHXZ
?getBottom@CImageAutoCrop@@QBEKXZ
?getLeft@CImageAutoCrop@@QBEKXZ
?getMidToneValue@CImageBkgRemoval@@QBEIXZ
?getRight@CImageAutoCrop@@QBEKXZ
?getTop@CImageAutoCrop@@QBEKXZ
?imageEnhancementColor@CImageDescreen@@IAEXHHHPAEH@Z
?imageEnhancementMono@CImageDescreen@@IAEXHHHPAEH@Z
?imageShift@CImageDescreen@@IAEXPBEPAE11HHIH@Z
?isValid@?$CImageBuffer@USRGBTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QBE_NXZ
?isValid@?$CImageBuffer@USYIQTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QBE_NXZ
?lineEmpty@?$CImageBuffer@USYIQTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QBE_NI@Z
?medianValueCalculation@CImageDescreen@@IAE_NAAHHHHHHHHHH@Z
?minMax@CImageDescreen@@IAE_NHEEEEEEEE@Z
?moveLineToUp@?$CImageBuffer@USRGBTripple@CImageFringeRemoval@@@CImageFringeRemoval@@IAEPAUSRGBTripple@2@XZ
?moveLineToUp@?$CImageBuffer@USYIQTripple@CImageFringeRemoval@@@CImageFringeRemoval@@IAEPAUSYIQTripple@2@XZ
?process@CImageFringeRemoval@@IAE_NPBEPAEK@Z
?processBorder@CImageFringeRemoval@@IAE_NPBEPAEK@Z
?pushLine@?$CImageBuffer@USRGBTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAE_NPBUSRGBTripple@2@I@Z
?realEdgeDetection@CImageDescreen@@IAEHHHPAE000@Z
?release@?$CImageBuffer@USRGBTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAE_NXZ
?release@?$CImageBuffer@USYIQTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAE_NXZ
?release@?$CVector@N@CImageFringeRemoval@@QAEXXZ
?release@?$CVector@PAUSRGBTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAEXXZ
?release@?$CVector@PAUSYIQTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAEXXZ
?release@?$CVector@PBUSYIQTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAEXXZ
?release@?$CVector@USRGBTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAEXXZ
?release@?$CVector@USYIQTripple@CImageFringeRemoval@@@CImageFringeRemoval@@QAEXXZ
?resetToDefault@CImageBkgRemoval@@QAEXXZ
?setBackgroundStrength@CImageBkgRemoval@@QAE_NH@Z
?setMidToneValue@CImageBkgRemoval@@QAE_NE@Z
?windowGeneration@CImageDescreen@@IAEXPAE00HHI@Z

Sections

.text
Size: 348KB - Virtual size: 346KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OEMUI.dat
OEMUI.ipb
OEMUI.ver
OEMUI2.DLL
.dll windows:4 windows x86 arch:x86

77e6553a2c81bb2f94078f3d6ff55d2a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\workspace\twain3.0_(win)\view_builder_hudson_twain30\twain4network_win\source\component\ui\win32\release\OEMUI2.pdb

Imports

imm32

ImmAssociateContext

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

oemimg2

??1CImage@@QAE@XZ
??1CImagePalette@@QAE@XZ
?GetPalette@CImagePalette@@QAEHPAUtagRGBQUAD@@@Z
??0CImagePalette@@QAE@XZ
?Rotate90@CImageTransform@@SAKKKIPAE0@Z
?Rotate180@CImageTransform@@SAKKKIPAE0@Z
?Rotate270@CImageTransform@@SAKKKIPAE0@Z
?VerticalFlip@CImageTransform@@SAKKKIPAE0@Z
?HorizontalFlip@CImageTransform@@SAKKKIPAE0@Z
?Apply@CImageColorManagement@@QAEKKKIPAE0@Z
??1CImageColorManagement@@QAE@XZ
?Create@CImageColorManagement@@QAE_NW4RenderingIntent@@PBD1_N@Z
??0CImageColorManagement@@QAE@XZ
??1CExpcorrFilter@@QAE@XZ
?Apply@CExpcorrFilter@@QAEKKPAEW4FilterStage@@0@Z
?Create@CExpcorrFilter@@QAEHPAUtagECFILTERINFO@@PAUtagECIMAGEINFO@@HH@Z
??0CExpcorrFilter@@QAE@XZ
??1CImageFilter@@UAE@XZ
?Apply@CImageFilter@@QAEKKKIPAEW4FilterStage@@0@Z
?Create@CImageFilter@@QAEHW4SystemFilter@@I@Z
??0CImageFilter@@QAE@XZ
?Apply@CImageBkgRemoval@@QAEKKKIPAE0@Z
??1CImageBkgRemoval@@QAE@XZ
?Create@CImageBkgRemoval@@QAE_NHEI@Z
?DEFAULT_MIDTONE_VALUE@CImageBkgRemoval@@2EB
??0CImageBkgRemoval@@QAE@XZ
??1CImageFringeRemoval@@QAE@XZ
?Apply@CImageFringeRemoval@@QAEKKKIPBEW4FilterStage@@PAE@Z
?Create@CImageFringeRemoval@@QAEXII@Z
??0CImageFringeRemoval@@QAE@XZ
??1CImageDescreen@@QAE@XZ
?Apply@CImageDescreen@@QAEKKKIPBEW4FilterStage@@PAE@Z
?Create@CImageDescreen@@QAEXII@Z
??0CImageDescreen@@QAE@XZ
??1SAutoBkgRemovalParams@@QAE@XZ
?BAD_BACKGROUND_STRENGTH_VALUE@CImageBkgRemoval@@2HB
?CalcAutoBackgroundLevel@CImageBkgRemoval@@QAEHABUSAutoBkgRemovalParams@@KKIPAE@Z
??0SAutoBkgRemovalParams@@QAE@XZ
??1CDefineExpcorrParams@@QAE@XZ
?GetFilterInfo@CDefineExpcorrParams@@QAEXPAUtagECFILTERINFO@@@Z
?AddData@CDefineExpcorrParams@@QAEHKPAEW4FilterStage@@@Z
?Create@CDefineExpcorrParams@@QAEHPAUtagECIMAGEINFO@@HH@Z
??0CDefineExpcorrParams@@QAE@XZ
??1CImageAutoCrop@@QAE@XZ
?getBottom@CImageAutoCrop@@QBEKXZ
?getTop@CImageAutoCrop@@QBEKXZ
?getRight@CImageAutoCrop@@QBEKXZ
?getLeft@CImageAutoCrop@@QBEKXZ
?Apply@CImageAutoCrop@@QAEKPBEKK@Z
?Create@CImageAutoCrop@@QAE_NEKN@Z
??0CImageAutoCrop@@QAE@XZ
?AddStatistics@CImageHistogram@@QAE_NPAEK@Z
?Create@CImageHistogram@@QAE_NI@Z
?GetMaxCount@CImageHistogram@@QAEKHPAE@Z
?GetCount@CImageHistogram@@QAEKHK@Z
?GetHistogram@CImageHistogram@@QBEPAIH@Z
?GetMean@CImageHistogram@@QAENHPAK@Z
??0CImageHistogram@@QAE@XZ
??1CImageHistogram@@UAE@XZ
??0CImage@@QAE@XZ

kernel32

GetThreadLocale
GetACP
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
ReadFile
GetTimeZoneInformation
GetVersionExA
InterlockedCompareExchange
FormatMessageA
GetLastError
IsBadWritePtr
IsBadReadPtr
IsBadStringPtrA
IsBadStringPtrW
lstrlenA
lstrcpyA
lstrcmpA
GetPrivateProfileStringA
lstrlenW
lstrcpyW
lstrcmpW
GetPrivateProfileSectionNamesW
GetPrivateProfileStringW
GetPrivateProfileSectionW
InterlockedDecrement
GetModuleFileNameA
MultiByteToWideChar
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetFileAttributesW
GetVersion
CreateDirectoryA
GetPrivateProfileIntA
LoadLibraryW
SetLastError
GetModuleFileNameW
HeapFree
GetCurrentThreadId
GetLocalTime
FreeLibrary
CloseHandle
WriteFile
SetFilePointer
GetTempPathA
CreateFileA
LoadLibraryA
RaiseException
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
FlushInstructionCache
GetCurrentProcess
GetLocaleInfoW
InterlockedExchange
MulDiv
WaitForSingleObject
CreateProcessW
InitializeCriticalSection
InterlockedIncrement
lstrcmpiW
LoadLibraryExW
SizeofResource
LoadResource
FindResourceW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcatW
SetErrorMode
Sleep
WideCharToMultiByte
WritePrivateProfileStringW
CreateFileW
GetLocaleInfoA
lstrcpynW
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
HeapReAlloc
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThread
GetCPInfo
GetOEMCP
IsValidCodePage
GetStdHandle
HeapDestroy
HeapCreate
FatalAppExitA
HeapSize
ExitProcess
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle
SetConsoleCtrlHandler
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
OutputDebugStringA

user32

SetCursor
SetCapture
LoadCursorW
ReleaseCapture
GetDlgCtrlID
ChildWindowFromPointEx
GetWindow
GetParent
ReleaseDC
GetWindowDC
GetWindowLongW
GetClassNameW
GetUpdateRect
GetClientRect
LoadBitmapW
SetWindowPos
PtInRect
SetWindowRgn
ScreenToClient
GetKeyState
SendMessageW
DefWindowProcW
DialogBoxParamW
GetForegroundWindow
GetWindowTextW
GetActiveWindow
IsWindow
RedrawWindow
SetWindowTextW
SetWindowLongW
LoadStringW
UpdateWindow
InvalidateRect
WindowFromPoint
ClientToScreen
PostMessageW
DestroyWindow
LoadIconW
SetTimer
KillTimer
AdjustWindowRectEx
DrawTextW
SystemParametersInfoW
DrawIcon
CallWindowProcW
GetMenu
BeginPaint
EndPaint
MapWindowPoints
GetWindowRect
GetCapture
DrawFocusRect
DrawEdge
EnumChildWindows
GetDlgItemTextW
SetScrollInfo
GetScrollInfo
InvalidateRgn
SetWindowTextA
GetWindowTextA
OpenIcon
IsIconic
LoadImageW
GetComboBoxInfo
FillRect
BeginDeferWindowPos
EndDeferWindowPos
wsprintfW
DeferWindowPos
IsRectEmpty
IsDialogMessageW
ChildWindowFromPoint
IsWindowVisible
GetFocus
FrameRect
CopyRect
CheckRadioButton
GetWindowTextLengthW
GetSysColor
EqualRect
GetNextDlgTabItem
SetFocus
IntersectRect
OffsetRect
CharNextW
RegisterWindowMessageW
EnableWindow
PeekMessageW
TranslateMessage
DispatchMessageW
SetForegroundWindow
SetActiveWindow
GetDlgItem
SetDlgItemTextW
CreateDialogParamW
EndDialog
GetDC
ShowWindow
MoveWindow
GetSystemMetrics
InflateRect
SetRect
CreateWindowExW
IsWindowEnabled
UnregisterClassA

gdi32

CreateCompatibleDC
GetPixel
CreateCompatibleBitmap
GetDeviceCaps
RectInRegion
SetBkColor
LineTo
CreateBitmap
MoveToEx
StretchBlt
GetClipBox
SelectClipRgn
GetStockObject
GetViewportOrgEx
SetViewportOrgEx
GetWindowOrgEx
SetTextAlign
CreateRectRgn
SetViewportExtEx
CombineRgn
GetTextMetricsW
ExtTextOutW
GetDIBits
CreatePen
SetROP2
Rectangle
DeleteDC
CreateFontIndirectW
GetTextExtentPoint32W
TextOutW
CreatePolygonRgn
GetObjectW
BitBlt
SetTextColor
SetBkMode
SelectObject
DeleteObject
CreateBrushIndirect
CreateRectRgnIndirect
CreateSolidBrush

advapi32

RegSetValueExA
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegCloseKey
RegQueryValueExW
RegEnumValueW
RegDeleteValueW
RegSetValueExW
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetMalloc

ole32

CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysFreeString
VarUI4FromStr

shlwapi

PathFindFileNameW
PathFindExtensionA
PathFindFileNameA

Exports

Exports

CloseUI
CreateProgress
CreateWaitingMessageDlg
DestroyProgress
FinishScan
HideStartButton
SetProgress
SetText
ShowAuthenticationDlg
ShowMessageBox
ShowStartButton
ShowUI

Sections

.text
Size: 676KB - Virtual size: 675KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 908KB - Virtual size: 905KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OEMUIab.dat
OEMUIbp.dat
OEMUIcp.dat
OEMUIct.dat
OEMUIcz.dat
OEMUIdn.dat
OEMUIdt.dat
OEMUIel.dat
OEMUIfi.dat
OEMUIfn.dat
OEMUIgr.dat
OEMUIhb.dat
OEMUIhu.dat
OEMUIit.dat
OEMUIjp.dat
OEMUIkr.dat
OEMUInr.dat
OEMUIpo.dat
OEMUIpt.dat
OEMUIru.dat
OEMUIsp.dat
OEMUIsw.dat
OEMUItk.dat
OEMUIuk.dat
Presets.ini
TWAIN.DLL
TWAIN_32.DLL
.dll windows:4 windows x86 arch:x86

d7eba359a0575224cf61a6a1abfab1f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
GlobalUnlock
GlobalLock
GlobalAlloc
lstrlenA
lstrcpyA
GetProcAddress
LoadLibraryA
OpenFile
FreeLibrary
GlobalFree
IsBadReadPtr
lstrcatA
GetWindowsDirectoryA
GetProfileIntA
FindClose
FindNextFileA
GetLastError
FindFirstFileA
GetProfileStringA
CreateProcessA
GetTempPathA
GlobalHandle
GlobalSize
WriteProfileStringA
GetVersion
GlobalFlags
SetLastError
TlsGetValue
FlushFileBuffers
GetStringTypeA
HeapReAlloc
GetStringTypeW
GetOEMCP
GetACP
VirtualAlloc
LCMapStringA
MultiByteToWideChar
LCMapStringW
IsBadCodePtr
GetCPInfo
SetUnhandledExceptionFilter
HeapFree
IsBadWritePtr
HeapCreate
HeapDestroy
VirtualFree
GetEnvironmentStrings
RtlUnwind
GetCurrentDirectoryA
SetCurrentDirectoryA
SetEnvironmentVariableA
GetFullPathNameA
GetDriveTypeA
CloseHandle
GetCurrentProcess
LockFile
UnlockFile
GetFileType
CreateFileA
ReadFile
DeleteFileA
SetFilePointer
WriteFile
GetCommandLineA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
WideCharToMultiByte
GetEnvironmentStringsW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
InterlockedDecrement
InterlockedIncrement
HeapAlloc
GetModuleHandleA
SetStdHandle
SetHandleCount
GetStdHandle
GetStartupInfoA
SetEndOfFile
TerminateProcess
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW

user32

SendDlgItemMessageA
CallNextHookEx
DialogBoxParamA
UnhookWindowsHook
SetWindowsHookA
SetFocus
GetDlgItem
EnableWindow
TranslateMessage
EndDialog
DdeCmpStringHandles
DdeInitializeA
DispatchMessageA
DdeUninitialize
DdeCreateStringHandleA
DdeGetLastError
DdeFreeStringHandle
DdeQueryConvInfo
DdeCreateDataHandle
DdeGetData
DdeClientTransaction
DdeDisconnect
DdeConnect
PeekMessageA
FindWindowA
IsWindow
LoadStringA
SendMessageA
CharUpperA
PostMessageA
RegisterWindowMessageA
wsprintfA

Exports

Exports

AboutDlgProc
ChooseDlgProc
DSM_Entry
InfoHook
WGDlgProc

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TWUNK_16.exe
TWUNK_32.exe
.exe windows:4 windows x86 arch:x86

d7cb6bb8ed7916536df912c1990c5d46

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GlobalSize
GetProfileIntA
GetLastError
LoadLibraryA
lstrcmpA
FreeLibrary
GetVersion
GlobalAlloc
GlobalFree
GlobalFlags
GlobalLock
GlobalUnlock
RtlUnwind
GetFileType
GetCurrentProcess
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
HeapReAlloc
VirtualAlloc
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
HeapAlloc
SetEndOfFile
GetStdHandle
SetHandleCount
lstrcatA
GetTempPathA
CloseHandle
Sleep
LockFile
UnlockFile
ExitProcess
TerminateProcess
SetStdHandle
WriteFile
CreateFileA
ReadFile
DeleteFileA
SetFilePointer
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapFree

user32

LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
GetSystemMenu
ChangeMenuA
ShowWindow
DefWindowProcA
PostQuitMessage
RegisterWindowMessageA
PostMessageA
GetMessageA
TranslateMessage
DispatchMessageA
DdePostAdvise
PeekMessageA
DdeCmpStringHandles
DdeNameService
DdeUninitialize
DdeInitializeA
DdeGetLastError
DdeFreeStringHandle
DdeCreateStringHandleA
DdeCreateDataHandle
DdeGetData
wsprintfA
DdeDisconnect

gdi32

GetStockObject

Exports

Exports

C_DdeCliCallBack
C_DdeSerCallBack
TwunkWndProc

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
oemui.chm
.chm
oemuiab.chm
.chm
oemuibp.chm
.chm
oemuicp.chm
.chm
oemuict.chm
.chm
oemuicz.chm
.chm
oemuidn.chm
.chm
oemuidt.chm
.chm
oemuiel.chm
.chm
oemuifi.chm
.chm
oemuifn.chm
.chm
oemuigr.chm
.chm
oemuihb.chm
.chm
oemuihu.chm
.chm
oemuiit.chm
.chm
oemuijp.chm
.chm
oemuikr.chm
.chm
oemuinr.chm
.chm
oemuipo.chm
.chm
oemuipt.chm
.chm
oemuiru.chm
.chm
oemuisp.chm
.chm
oemuisw.chm
.chm
oemuitk.chm
.chm
oemuiuk.chm
.chm

Sharing

General

Malware Config

Signatures

Files

059a3ac7cc182be41f15db072140946f

Headers

File Characteristics

PDB Paths

Imports

oemimg2

oemui2

setupapi

kernel32

user32

advapi32

shell32

rpcrt4

mscms

shlwapi

version

ws2_32

Exports

Exports

Sections

.text Size: 980KB - Virtual size: 978KB

.rdata Size: 404KB - Virtual size: 403KB

.data Size: 36KB - Virtual size: 100KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 92KB - Virtual size: 88KB

4c46f46c2079516bd997f596ee5a04e8

Headers

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 6KB

f2f1a33a9cbe590ede3ba821264dd7fa

Headers

File Characteristics

PDB Paths

Imports

kernel32

gdi32

shell32

shlwapi

Exports

Exports

Sections

.text Size: 348KB - Virtual size: 346KB

.rdata Size: 96KB - Virtual size: 94KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 11KB

77e6553a2c81bb2f94078f3d6ff55d2a

Headers

File Characteristics

PDB Paths

Imports

imm32

version

oemimg2

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text
Size: 980KB - Virtual size: 978KB

.rdata
Size: 404KB - Virtual size: 403KB

.data
Size: 36KB - Virtual size: 100KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 92KB - Virtual size: 88KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 6KB

.text
Size: 348KB - Virtual size: 346KB

.rdata
Size: 96KB - Virtual size: 94KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 11KB

.text
Size: 676KB - Virtual size: 675KB

.rdata
Size: 128KB - Virtual size: 124KB

.data
Size: 24KB - Virtual size: 48KB

.rsrc
Size: 908KB - Virtual size: 905KB

.reloc
Size: 48KB - Virtual size: 44KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 1KB