3a5282fbcecaf4a1a210c2307cc93ca1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3a5282fbcecaf4a1a210c2307cc93ca1_JaffaCakes118
Size

4.5MB
MD5

3a5282fbcecaf4a1a210c2307cc93ca1
SHA1

d7202927997152d2c4e645735d6c9b087d93a375
SHA256

2a6002a45627c95d89658449464cde40b4293b3ef9e2da81dabb9383167f3669
SHA512

0c07d2f71fd181d80833b3a9f29b598a415e4a443bf33af220d3b323bc2c82b0b8207d79ae807823523d5ff997d4f931e1f74e2da14df11fd89bbd30828f5ee8
SSDEEP

98304:9zgjas3M4hBCEsIJfCzdeibN5PQMRqpmCFWn1Gl30HpFccePAadQS:pgjn9hB8IMZeqPQRmb1I3KpFdeAa

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 25 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/PEiD/plugins/AntiSPack.dll	acprotect
static1/unpack001/PEiD/plugins/Easy Screen 1.3.0.dll	acprotect
static1/unpack001/PEiD/plugins/ExtOverlay.dll	acprotect
static1/unpack001/PEiD/plugins/FSG v1.33脱壳.dll	acprotect
static1/unpack001/PEiD/plugins/FixCRC.DLL	acprotect
static1/unpack001/PEiD/plugins/GUID.dll	acprotect
static1/unpack001/PEiD/plugins/ImpREC.dll	acprotect
static1/unpack001/PEiD/plugins/Patch_Maker_0.5.0.dll33.bak	acprotect
static1/unpack001/PEiD/plugins/QuickChSum.dll	acprotect
static1/unpack001/PEiD/plugins/RebuildPE.dll	acprotect
static1/unpack001/PEiD/plugins/Sendspy.dll	acprotect
static1/unpack001/PEiD/plugins/StringViewer.dll	acprotect
static1/unpack001/PEiD/plugins/UPXI.dll	acprotect
static1/unpack001/PEiD/plugins/UnUPXShit.dll	acprotect
static1/unpack001/PEiD/plugins/UnUPolyX.dll	acprotect
static1/unpack001/PEiD/plugins/UnitsBrowser.dll	acprotect
static1/unpack001/PEiD/plugins/eCrap.dll	acprotect
static1/unpack001/PEiD/plugins/eCrapOepVerify.dll	acprotect
static1/unpack001/PEiD/plugins/kanal.dll	acprotect
static1/unpack001/PEiD/plugins/ohfixer_v01.dll	acprotect
static1/unpack001/PEiD/plugins/pluzina.dll	acprotect
static1/unpack001/PEiD/plugins/pluzina1.dll	acprotect
static1/unpack001/PEiD/plugins/pluzina4.dll	acprotect
static1/unpack001/PEiD/plugins/unbero.dll	acprotect
static1/unpack001/PEiD/plugins/undef.dll	acprotect

UPX packed file 11 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/PEiD/plugins/AntiSPack.dll	upx
static1/unpack001/PEiD/plugins/Easy Screen 1.3.0.dll	upx
static1/unpack001/PEiD/plugins/ExtOverlay.dll	upx
static1/unpack001/PEiD/plugins/FSG v1.33脱壳.dll	upx
static1/unpack001/PEiD/plugins/GUID.dll	upx
static1/unpack001/PEiD/plugins/Patch_Maker_0.5.0.dll33.bak	upx
static1/unpack001/PEiD/plugins/RebuildPE.dll	upx
static1/unpack001/PEiD/plugins/StringViewer.dll	upx
static1/unpack001/PEiD/plugins/UPXI.dll	upx
static1/unpack001/PEiD/plugins/kanal.dll	upx
static1/unpack001/PEiD/plugins/undef.dll	upx

Unsigned PE 87 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PEiD/PESniffer.dll
unpack001/PEiD/PEiD_V0.95_Win7 版.exe
unpack001/PEiD/PEiD_V0.95_XP 版.exe
unpack001/PEiD/mfc70.dll
unpack001/PEiD/msvcr70.dll
unpack001/PEiD/plugins/AntiSPack.dll
unpack001/PEiD/plugins/EPScan.dll
unpack001/PEiD/plugins/Easy Screen 1.3.0.dll
unpack003/out.upx
unpack001/PEiD/plugins/ExtOverlay.dll
unpack004/out.upx
unpack001/PEiD/plugins/ExtractOverlay.dll
unpack001/PEiD/plugins/FC.DLL
unpack001/PEiD/plugins/FNE.dll
unpack001/PEiD/plugins/FSG v1.33脱壳.dll
unpack005/out.upx
unpack001/PEiD/plugins/FileInfo.dll
unpack001/PEiD/plugins/FixCRC.DLL
unpack001/PEiD/plugins/GUID.dll
unpack006/out.upx
unpack001/PEiD/plugins/GenOEP.dll
unpack001/PEiD/plugins/HideCapt.dll
unpack001/PEiD/plugins/HideCapt2.dll
unpack001/PEiD/plugins/IDToText.DLL
unpack001/PEiD/plugins/ImpREC.dll
unpack001/PEiD/plugins/Imploder.DLL
unpack001/PEiD/plugins/Morphine.DLL
unpack001/PEiD/plugins/Overlay1.0.dll
unpack001/PEiD/plugins/Overlay1.0汉化.dll
unpack001/PEiD/plugins/Oversaver.dll
unpack001/PEiD/plugins/PE2HTML.dll
unpack001/PEiD/plugins/PE2HTML.exe
unpack001/PEiD/plugins/PEExtract.DLL
unpack001/PEiD/plugins/PESniffer4PEiD.DLL
unpack001/PEiD/plugins/PEiDBundle.DLL
unpack001/PEiD/plugins/PackUPX.DLL
unpack001/PEiD/plugins/Patch_Maker_0.5.0.dll
unpack001/PEiD/plugins/Patch_Maker_0.5.0.dll.BAK
unpack001/PEiD/plugins/Patch_Maker_0.5.0.dll33.bak
unpack007/out.upx
unpack001/PEiD/plugins/PlgLdr.dll
unpack001/PEiD/plugins/PluginEx.dll
unpack001/PEiD/plugins/QuickChSum.dll
unpack001/PEiD/plugins/RebuildPE.dll
unpack001/PEiD/plugins/RelocRebuilder.dll
unpack001/PEiD/plugins/SecFix.dll
unpack001/PEiD/plugins/SecTool.DLL
unpack001/PEiD/plugins/Sendspy.dll
unpack001/PEiD/plugins/StringViewer.dll
unpack009/out.upx
unpack001/PEiD/plugins/UNUPX.DLL
unpack001/PEiD/plugins/UPXI.dll
unpack001/PEiD/plugins/UPXScramb.dll
unpack001/PEiD/plugins/UnCDS_SS.DLL
unpack001/PEiD/plugins/UnFakeNinja.DLL
unpack001/PEiD/plugins/UnPPP.DLL
unpack001/PEiD/plugins/UnRCrypt.DLL
unpack001/PEiD/plugins/UnRPolyCrypt.DLL
unpack001/PEiD/plugins/UnUPXShit.dll
unpack001/PEiD/plugins/UnUPolyX.dll
unpack001/PEiD/plugins/UnitsBrowser.dll
unpack001/PEiD/plugins/VerA.dll
unpack001/PEiD/plugins/XNResourceEditor_Plugin.DLL
unpack001/PEiD/plugins/XP.dll
unpack001/PEiD/plugins/YPP.DLL
unpack001/PEiD/plugins/ZDRx.dll
unpack001/PEiD/plugins/[-=About PEiD =-]/UnreaL.DLL
unpack001/PEiD/plugins/advanced_scan.dll
unpack001/PEiD/plugins/crc32.dll
unpack001/PEiD/plugins/eCrap.dll
unpack001/PEiD/plugins/eCrapOepVerify.dll
unpack001/PEiD/plugins/frant.dll
unpack001/PEiD/plugins/hh.dll
unpack001/PEiD/plugins/kanal.dll
unpack001/PEiD/plugins/oepscan.dll
unpack001/PEiD/plugins/ohfixer_v01.dll
unpack001/PEiD/plugins/pluzina.dll
unpack001/PEiD/plugins/pluzina1.dll
unpack001/PEiD/plugins/pluzina4.dll
unpack001/PEiD/plugins/unbero.dll
unpack001/PEiD/plugins/undef.dll
unpack001/PEiD/plugins/unfsg.dll
unpack001/PEiD/plugins/unupx2.dll
unpack001/PEiD/plugins/uupx.dll
unpack001/PEiD/pluginsdk/NULL.dll
unpack001/PEiD/rtl70.bpl
unpack001/PEiD/vcl70.bpl

Files

3a5282fbcecaf4a1a210c2307cc93ca1_JaffaCakes118
.rar
PEiD/IDToText.Ini
PEiD/Info_mix.txt
PEiD/PESniffer.dll
.dll windows:4 windows x86 arch:x86

2b2b794f13fd8c667d8ca834996748b2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
lstrcpyA
HeapFree
HeapAlloc
GetProcessHeap
lstrcatA
GetModuleFileNameA
lstrlenA
CloseHandle
lstrcpynA
ReadFile
CreateFileA
MapViewOfFile
CreateFileMappingA
GetFileSize
UnmapViewOfFile
FlushViewOfFile
IsBadReadPtr
HeapReAlloc
LCMapStringA
GetStringTypeW
RtlUnwind
GetCommandLineA
GetVersion
GetProcAddress
GetModuleHandleA
ExitProcess
TerminateProcess
GetCurrentProcess
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
LCMapStringW

user32

CharUpperA

Exports

Exports

AnalyzeFile
GetTotalSignatures
IsDataBaseLoaded

Sections

.data
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEiD/PEiD_V0.95_Win7 版.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

CODE
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 523KB - Virtual size: 523KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/PEiD_V0.95_XP 版.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

CODE
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 523KB - Virtual size: 523KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/Signs.txt
PEiD/kanal.txt
PEiD/mfc70.dll
.dll windows:4 windows x86 arch:x86

8a5c122c59f95844abbafb18bb75e01a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

mfc70.pdb

Imports

gdi32

UnrealizeObject
OffsetRgn
SetBrushOrgEx
GetRgnBox
CreateMetaFileA
CopyMetaFileA
Ellipse
LPtoDP
CreateEllipticRgn
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
CreateDIBPatternBrushPt
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
OffsetWindowOrgEx
StartDocA
GetPixel
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
OffsetClipRgn
ExcludeClipRect
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
CreateDCA
BitBlt
CreateRectRgnIndirect
RectVisible
CreateBitmap
CreatePatternBrush
CreatePen
PatBlt
Rectangle
TextOutA
DeleteMetaFile
CloseMetaFile
ScaleWindowExtEx
ScaleViewportExtEx
IntersectClipRect
GetDeviceCaps
SetMapMode
SetWindowExtEx
SetViewportExtEx
OffsetViewportOrgEx
GetViewportOrgEx
SetViewportOrgEx
GetWindowOrgEx
SetWindowOrgEx
ExtTextOutA
GetCurrentPositionEx
MoveToEx
CreateFontIndirectA
GetWindowExtEx
GetViewportExtEx
GetTextFaceA
PtVisible
GetTextColor
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
Escape
GetNearestColor
SaveDC
RestoreDC
GetStockObject
GetTextExtentPoint32A
GetTextMetricsA
CreateFontA
GetCharWidthA
DeleteObject
SelectObject
StretchDIBits
DeleteDC
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetTextAlign

kernel32

FindResourceA
MoveFileA
DeleteFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
LoadResource
DuplicateHandle
GetCurrentProcess
lstrcpyA
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
CreateFileA
GetShortPathNameA
GetModuleFileNameA
GetProcAddress
LoadLibraryA
GlobalSize
GlobalLock
GlobalAlloc
GlobalReAlloc
GlobalUnlock
GlobalFree
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
GetFileAttributesA
GetFileTime
GetCPInfo
GetOEMCP
InterlockedDecrement
LocalAlloc
LocalFree
LeaveCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
CreateMutexA
ReleaseMutex
CreateEventA
WaitForMultipleObjects
GetModuleHandleA
lstrcmpW
lstrcatA
FreeLibrary
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
FreeResource
MulDiv
GetProfileIntA
VirtualProtect
GlobalFlags
GetTempFileNameA
GetDiskFreeSpaceA
LocalUnlock
LocalLock
SearchPathA
GetTempPathA
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
SetErrorMode
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetCurrentDirectoryA
InterlockedIncrement
FormatMessageA
FindNextFileA
GetTickCount
CopyFileA
lstrcpyW
GetUserDefaultLCID
IsDBCSLeadByte
GetSystemTime
ExitProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LockResource
SizeofResource
lstrcmpA
IsBadReadPtr
IsBadWritePtr
IsBadStringPtrA
GetLastError
SetLastError
lstrcpynA
GetStringTypeExA
lstrlenA
lstrcmpiA
lstrlenW
GetVersion
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
RaiseException
CloseHandle

msvcr70

_adjust_fdiv
_initterm
_except_handler3
_onexit
__dllonexit
?terminate@@YAXXZ
__security_error_handler
??1type_info@@UAE@XZ
_mbsupr
_mbsnbicmp
_mbsstr
_mbslwr
_itoa
wcsncpy
_ltoa
_ultoa
_ismbcdigit
ceil
swprintf
labs
_mbsnbcmp
_splitpath
_fullpath
atol
__p___argc
__p___argv
_beginthreadex
_endthreadex
_ismbcspace
_strdup
_mbsdec
_mbscspn
_mbsspn
_mbspbrk
atoi
_expand
wcscmp
_wcsicmp
_vscprintf
_mbsicmp
strtod
strtol
strtoul
_mbsrchr
sscanf
vsprintf
abs
_mbctype
calloc
_msize
_mbschr
_purecall
wcslen
_mbscmp
_localtime64
_mktime64
realloc
fflush
fseek
ftell
fgets
fputs
fwrite
fread
clearerr
fclose
_open_osfhandle
_fdopen
__doserrno
_get_osfhandle
memset
_mbsinc
abort
memcmp
strlen
memmove
memcpy
sprintf
_CxxThrowException
wcscpy
free
malloc
strcpy
strcmp
__CxxFrameHandler

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

shlwapi

PathRemoveExtensionA
PathFindExtensionA
PathIsUNCA
PathStripToRootA
PathFindFileNameA

user32

IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongA
GetWindowLongA
CallWindowProcA
DefWindowProcA
SendMessageA
GetDlgCtrlID
SetWindowPlacement
UnregisterClassA
RegisterClassA
GetClassInfoA
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
GetParent
AdjustWindowRectEx
GetSysColor
LoadIconA
GetMenuItemCount
GetMenuItemID
GetSubMenu
PostMessageA
GetMenu
GetClientRect
UpdateWindow
IsWindowVisible
ShowScrollBar
SetForegroundWindow
EnableWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
GetKeyState
TrackPopupMenu
TrackPopupMenuEx
MessageBoxA
ScrollWindow
MapWindowPoints
PeekMessageA
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
DispatchMessageA
CharUpperA
GetLastActivePopup
GetForegroundWindow
GetWindowTextA
GetWindowTextLengthA
IsChild
SetFocus
IsWindow
GetFocus
SendDlgItemMessageA
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassInfoExA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetCapture
WinHelpA
RegisterWindowMessageA
LoadAcceleratorsA
TranslateAcceleratorA
IsWindowEnabled
GetDesktopWindow
ShowWindow
SetMenu
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemA
InvalidateRect
ReleaseCapture
SetCursor
ReuseDDElParam
UnpackDDElParam
GetActiveWindow
DestroyMenu
LoadMenuA
LoadCursorA
GetWindowPlacement
SetCapture
WindowFromPoint
GetWindowThreadProcessId
GetCursorPos
TranslateMessage
GetMessageA
WaitMessage
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
RedrawWindow
InflateRect
SetRect
SetTimer
KillTimer
ReleaseDC
GetDC
IsZoomed
IsRectEmpty
DeleteMenu
AppendMenuA
GetSystemMenu
SetParent
GetDCEx
LockWindowUpdate
GetTabbedTextExtentA
DrawTextA
DrawTextExA
GrayStringA
UnionRect
GetKeyNameTextA
MapVirtualKeyA
LoadBitmapA
FillRect
DrawFocusRect
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
GetAsyncKeyState
MapDialogRect
GetDialogBaseUnits
wvsprintfA
TabbedTextOutA
GetWindowDC
BeginPaint
EndPaint
GetMenuItemInfoA
GetMenuStringA
GetSysColorBrush
SetWindowTextA
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
IsDialogMessageA
MoveWindow
ScrollWindowEx
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
DestroyIcon
DestroyCursor
SetCursorPos
FindWindowA
DrawIcon
SetWindowRgn
IsClipboardFormatAvailable
MessageBeep
RemoveMenu
ValidateRect
PostQuitMessage
ShowOwnedPopups
InsertMenuA
RegisterClipboardFormatA
SendNotifyMessageA
CopyAcceleratorTableA
InSendMessage
PostThreadMessageA
CreateMenu
WindowFromDC
CountClipboardFormats
SetWindowContextHelpId
CharNextA
InvalidateRgn
GetNextDlgGroupItem
ClipCursor
DrawEdge
EnumChildWindows
GetWindowRect
CopyRect
PtInRect
GetWindow
UnhookWindowsHookEx
MsgWaitForMultipleObjects
GetSystemMetrics
wsprintfA
ClientToScreen
SetActiveWindow

Sections

.text
Size: 800KB - Virtual size: 797KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEiD/msvcr70.dll
.dll windows:4 windows x86 arch:x86

1042bb30696d4426da7447f341f51a6e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr70.pdb

Imports

kernel32

GetModuleFileNameA
GetModuleFileNameW
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCurrentThreadId
TlsSetValue
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
TlsGetValue
GetLastError
ResumeThread
CreateThread
TlsFree
SetLastError
GetCurrentThread
TlsAlloc
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapAlloc
HeapFree
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetHandleCount
GetFileType
GetStartupInfoA
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
InitializeCriticalSection
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetEnvironmentVariableA
SetEnvironmentVariableW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
RtlUnwind
GetLocaleInfoW
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
HeapSize
VirtualProtect
GetSystemInfo
VirtualQuery
FlushFileBuffers
SetFilePointer
SetStdHandle
CompareStringA
CompareStringW
Sleep
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
RaiseException
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadCodePtr
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
ReadConsoleA
SetConsoleMode
GetConsoleMode
IsDBCSLeadByteEx
GetConsoleCP
ReadConsoleW
SetEndOfFile
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@AAE@PBQBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_cast@@QAE@PBD@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_Fbad_cast@@QAEXXZ
??_Fbad_typeid@@QAEXXZ
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
??_U@YAPAXI@Z
??_V@YAXPAX@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CxxCallUnwindDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__buffer_overrun
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__lc_clike
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__security_error_handler
__set_app_type
__set_buffer_overrun_handler
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__uncaught_exception
__unguarded_readlc_active
__wargv
__wcserror
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_realloc
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_cgetws
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_cputws
_creat
_cscanf
_ctime64
_ctype
_cwait
_cwprintf
_cwscanf
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirst64
_findfirsti64
_findnext
_findnext64
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstat64
_fstati64
_ftime
_ftime64
_ftol
_fullpath
_futime
_futime64
_gcvt
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getwch
_getwche
_getws
_global_unwind2
_gmtime64
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_localtime64
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_mktime64
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osplatform
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putwch
_putws
_pwctype
_read
_resetstkoflw
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_scprintf
_scwprintf
_searchenv
_seh_longjmp_unwind
_set_SSE2_enable
_set_error_mode
_set_sbh_threshold
_set_security_error_handler
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snscanf
_snwprintf
_snwscanf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv

Sections

.text
Size: 224KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEiD/plugins/AntiSPack.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DoMyJob
LoadDll

Sections

UPX0
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 310B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/EPScan.dll
.dll windows:4 windows x86 arch:x86

c666e5e72f0ab836193a6ecc9d4651fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegOpenKeyExA
RegCloseKey

gdi32

CreateSolidBrush
DeleteObject
GetStockObject
SetBkColor
SetBkMode
SetTextColor
CreateFontIndirectA
GetObjectA
MoveToEx

kernel32

CloseHandle
CreateFileA
EnumResourceNamesA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeEnvironmentStringsA
GetCommandLineA
GetEnvironmentStringsA
GetFileSize
GetFileType
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemInfo
GetVersionExA
GetVolumeInformationA
GlobalAlloc
GlobalFree
GlobalReAlloc
LoadLibraryA
MultiByteToWideChar
ReadFile
SetEndOfFile
SetErrorMode
SetFilePointer
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WideCharToMultiByte
WriteFile
RtlMoveMemory

ole32

CoInitialize
CoUninitialize

oleaut32

SafeArrayCreate
SysAllocStringByteLen
SysFreeString
SysStringByteLen
VariantClear
VariantCopy

user32

CheckRadioButton
ClientToScreen
CreateDialogIndirectParamA
CreateDialogParamA
CreateMenu
CreatePopupMenu
CreateWindowExA
DeleteMenu
DestroyIcon
DestroyWindow
DialogBoxIndirectParamA
DispatchMessageA
DrawMenuBar
EnableWindow
EndDialog
GetClassNameA
GetClientRect
GetDialogBaseUnits
GetDlgCtrlID
GetDlgItem
GetMenu
GetMenuItemInfoA
GetSysColor
GetSysColorBrush
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
InsertMenuItemA
IsDialogMessageA
IsWindow
LoadImageA
MapDialogRect
MessageBoxA
PeekMessageA
PostMessageA
RedrawWindow
ScreenToClient
SendMessageA
SetCursor
SetFocus
SetMenu
SetMenuItemInfoA
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TrackPopupMenu
TranslateMessage
DialogBoxParamA
GetWindow

Exports

Exports

DoMyJob
LoadDll

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.link
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rloc
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEiD/plugins/Easy Screen 1.3.0.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
GetPTPluginName
GetPluginName
LoadDll
RDGPL
StartPTPlugin
StartPlugin
_ODBG_Pluginaction
_ODBG_Plugindata
_ODBG_Plugininit
_ODBG_Pluginmenu

Sections

UPX0
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/plugins/ExtOverlay.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
GetPTPluginName
LoadDll
StartPTPlugin

Sections

UPX0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 141B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/plugins/ExtractOverlay.dll
.dll windows:4 windows x86 arch:x86

18224f0023c1d4b8fa5366890ace8d1b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

CloseHandle
CopyFileA
CreateFileA
CreateFileMappingA
DeleteFileA
GetFileSize
GetModuleFileNameA
GetModuleHandleA
MapViewOfFile
SetEndOfFile
SetFilePointer
UnmapViewOfFile
WriteFile
lstrcatA
lstrlenA

comdlg32

GetSaveFileNameA

Exports

Exports

DoMyJob
LoadDll

Sections

.text
Size: 1024B - Virtual size: 838B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 655B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 174B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEiD/plugins/FC.DLL
.dll windows:4 windows x86 arch:x86

4a0fdd279b8201c411640750f3c864a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

rtl70.bpl

@System@initialization$qqrv

user32

ShowWindow

vcl70.bpl

@Consts@initialization$qqrv

shell32

ShellExecuteA

Exports

Exports

DoMyJob
LoadDll

Sections

pec1
Size: 9KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pec
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/FNE.dll
.dll windows:4 windows x86 arch:x86

c5be17924c06c50e992232655d664483

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdiplus

GdiplusStartup
GdiplusShutdown
GdipFillRectangleI
GdipCreateFromHDC
GdipCreateLineBrushI
GdipCreateSolidFill
GdipDeleteGraphics
GdipDeleteBrush

kernel32

GetFileType
FlushFileBuffers
GetSystemInfo
VirtualProtect
GetStringTypeW
GetStringTypeA
UnmapViewOfFile
CloseHandle
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileA
GetLocaleInfoA
HeapSize
SetStdHandle
ExitProcess
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
HeapFree
HeapAlloc
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
LCMapStringA
MultiByteToWideChar
LCMapStringW

user32

MessageBoxA
DialogBoxParamA
EndDialog
GetDlgItem
BeginPaint
EndPaint
SetDlgItemTextA

Exports

Exports

DoMyJob
LoadDll

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEiD/plugins/FSG v1.33脱壳.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
LoadDll

Sections

UPX0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc0
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/plugins/FileInfo.dll
.dll windows:4 windows x86 arch:x86

d6a022763f44013440a820232d928b0b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

user32

GetKeyboardType

advapi32

RegQueryValueExA

Exports

Exports

DoMyJob
LoadDll

Sections

pec1
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 370B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pec2
Size: 79B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pec
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 750B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/FixCRC.DLL
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
LoadDll

Sections

.code
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/GUID.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DoMyJob
Go
Info
LoadDll
Setting

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text0
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEiD/plugins/GenOEP.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DoMyJob
LoadDll

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEiD/plugins/HideCapt.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
LoadDll

Sections

CODE
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 1002B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 89B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/plugins/HideCapt2.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
LoadDll

Sections

CODE
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 1002B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 89B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/plugins/IDToText.DLL
.dll windows:4 windows x86 arch:x86

74f2151033d553413b34e839e1eae537

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

Exports

Exports

DoMyJob
LoadDll

Sections

CODE
Size: 13KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/ImpREC.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

RebuildImport

Sections

code
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

text
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rsrc
Size: 238B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/Imploder.DLL
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
LoadDll

Sections

CODE
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 89B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.BoB
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/Morphine.DLL
.dll windows:4 windows x86 arch:x86

65aedc289dc5a94502ea375e6866e085

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

rtl70.bpl

@System@initialization$qqrv

user32

ShowWindow

vcl70.bpl

@Consts@initialization$qqrv

Exports

Exports

DoMyJob
GetPTPluginName
LoadDll
StartPTPlugin

Sections

pec1
Size: 22KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pec
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/Overlay1.0.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
GetPTPluginName
LoadDll

Sections

.Upack
Size: - Virtual size: 444KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 154KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/Overlay1.0汉化.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
GetPTPluginName
LoadDll

Sections

.Upack
Size: - Virtual size: 444KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 154KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/Oversaver.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
GetPTPluginName
GetPluginName
LoadDll
RunDLL
StartPTPlugin
StartPlugin

Sections

CODE
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 203B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/plugins/PE2HTML.dll
.dll windows:4 windows x86 arch:x86

0fe9fc740a71cc0e21fb2aeb0606bfde

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ShowWindow
SetDlgItemTextA
MessageBoxA
wsprintfA
SendMessageA

kernel32

SetFilePointer
SetFileAttributesA
CloseHandle
CreateFileA
GetCurrentDirectoryA
RtlZeroMemory
UnmapViewOfFile
lstrcatA
lstrcpyA
lstrcpynA
lstrlenA
FindFirstFileA
FindClose
WriteFile
SetEndOfFile
CopyFileA
CreateFileMappingA
GlobalAddAtomA
GlobalAlloc
GlobalFree
MapViewOfFile

comdlg32

GetOpenFileNameA
GetSaveFileNameA

Exports

Exports

DoMyJob
GetPTPluginName
LoadDll
StartPTPlugin

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEiD/plugins/PE2HTML.exe
.exe windows:4 windows x86 arch:x86

05881e9b42764fe73c81e0c6d8b7878e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
wsprintfA
SendMessageA

kernel32

CloseHandle
CreateFileA
ExitProcess
GetModuleHandleA
RtlZeroMemory
WriteFile
UnmapViewOfFile
lstrcpyA
lstrcpynA
lstrlenA
GetCommandLineA
FindFirstFileA
FindClose
lstrcatA
SetFilePointer
CopyFileA
CreateFileMappingA
GlobalAddAtomA
GlobalAlloc
GlobalFree
MapViewOfFile
SetEndOfFile
SetFileAttributesA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/PEExtract.DLL
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
LoadDll

Sections

CODE
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/plugins/PESniffer4PEiD.ASM
PEiD/plugins/PESniffer4PEiD.DLL
.dll windows:1 windows x86 arch:x86

48c1bd74255beeddd44ca6a38cbc8f52

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
lstrcmpA
lstrcpyA
LoadLibraryA
GetProcAddress
GetTickCount
lstrcatA

user32

SetTimer
FindWindowA
MessageBoxA
CreateWindowExA
SendMessageA
CallWindowProcA
GetWindowLongA
SetWindowLongA
GetDlgItem
GetWindowTextA
SetWindowTextA
DialogBoxParamA
EndDialog
IsDlgButtonChecked
CheckDlgButton
SetDlgItemTextA
wvsprintfA

advapi32

RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey

Exports

Exports

DoMyJob
LoadDll

Sections

.slip
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.slip
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.slip
Size: 1024B - Virtual size: 812B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.slip
Size: 512B - Virtual size: 368B

IMAGE_SCN_MEM_READ

.slip
Size: 512B - Virtual size: 95B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.slip
Size: 512B - Virtual size: 278B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
PEiD/plugins/PEiDBundle.DLL
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
LoadDll

Sections

packerBY
Size: - Virtual size: 113KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bero^fr
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/PackUPX.DLL
.dll windows:4 windows x86 arch:x86

6e6d9f5d16fd7b203829bb9be3d442ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

rtl70.bpl

@System@initialization$qqrv

user32

keybd_event

vcl70.bpl

@Graphics@initialization$qqrv

shell32

DragQueryPoint

Exports

Exports

DoMyJob
GetPTPluginName
LoadDll
StartPTPlugin

Sections

CODE
Size: 162KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/Patch_Maker_0.5.0.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
GetPTPluginName
GetPluginName
LoadDll
StartPTPlugin
StartPlugin

Sections

CODE
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2.4MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 199B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/plugins/Patch_Maker_0.5.0.dll.BAK
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
GetPTPluginName
GetPluginName
LoadDll
StartPTPlugin
StartPlugin

Sections

CODE
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2.4MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 199B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/plugins/Patch_Maker_0.5.0.dll.u.txt
PEiD/plugins/Patch_Maker_0.5.0.dll33.bak
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
GetPTPluginName
GetPluginName
LoadDll
StartPTPlugin
StartPlugin

Sections

UPX0
Size: - Virtual size: 2.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2.4MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 199B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/plugins/PlgLdr.dll
.dll windows:4 windows x86 arch:x86

b32ef6de36824c94b07dbadd3b22887d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SetWindowLongA
SetWindowTextA
ShowWindow
TrackPopupMenu
TranslateMessage
UpdateWindow
SendMessageA
SendDlgItemMessageA
RegisterClassExA
PostQuitMessage
SetMenu
MessageBoxA
LoadIconA
LoadCursorA
GetWindowTextA
GetWindowLongA
GetSystemMetrics
GetSystemMenu
GetMessageA
GetCursorPos
EndPaint
EndDialog
DispatchMessageA
SetForegroundWindow
SetFocus
MessageBoxIndirectA
SetDlgItemTextA
DestroyIcon
DefWindowProcA
GetDC
GetParent
GetSysColor
GetWindowRect
ReleaseDC
ScreenToClient
GetClientRect
CreateWindowExA
CreateMenu
BeginPaint
AppendMenuA
wsprintfA

kernel32

GetModuleFileNameA
lstrcpyA
lstrcatA
SetCurrentDirectoryA
LoadLibraryA
GetVersionExA
GetProcAddress
GetModuleHandleA
GetCurrentDirectoryA
FreeLibrary
FindNextFileA
FindFirstFileA
FindClose
ExitProcess

gdi32

CreatePen
DeleteObject
SelectObject
LineTo
MoveToEx
CreateFontA

shell32

DragQueryFileA
DragFinish
ShellExecuteA

comdlg32

GetOpenFileNameA

Exports

Exports

DoMyJob
GetPTPluginName
LoadDll
StartPTPlugin

Sections

.text
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 744B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEiD/plugins/PluginEx.dll
.dll windows:4 windows x86 arch:x86

1109abdbf41a656328ec6e240c11f456

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
DisableThreadLibraryCalls

user32

SetDlgItemTextA
MessageBoxA

Exports

Exports

DoMyJob
GetPTPluginName
LoadDll
StartPTPlugin

Sections

.data
Size: 1024B - Virtual size: 555B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 42B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEiD/plugins/QuickChSum.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DoMyJob
LoadDll

Sections

.code
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/RebuildPE.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DoMyJob
LoadDll

Sections

UPX0
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 442B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/RelocRebuilder.dll
.dll windows:4 windows x86 arch:x86

e52f56643e6da6cbdb1c93f0b70c77c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
DisableThreadLibraryCalls

user32

GetSystemMenu
DialogBoxParamA
SendDlgItemMessageA
wsprintfA
SendMessageA
SetDlgItemTextA
EndDialog
DeleteMenu

comdlg32

GetOpenFileNameA

msvcrt

fwrite
fread
??2@YAPAXI@Z
fclose
_adjust_fdiv
malloc
_fileno
_filelength
_initterm
_except_handler3
fopen
free

Exports

Exports

GetPTPluginName
StartPTPlugin

Sections

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 242B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEiD/plugins/SecFix.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
LoadDll

Sections

CODE
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 87B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/plugins/SecTool.DLL
.dll windows:4 windows x86 arch:x86

c3faa27f68df446fc4be4d8197124acf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

rtl70.bpl

@System@initialization$qqrv

user32

ShowWindow

vcl70.bpl

@Consts@initialization$qqrv

Exports

Exports

DoMyJob
LoadDll

Sections

CODE
Size: 13KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/Sendspy.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DoMyJob
LoadDll

Sections

.code
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/StringViewer.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DoMyJob
LoadDll

Sections

UPX0
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEiD/plugins/UNUPX.DLL
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
LoadDll

Sections

CODE
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 946B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/plugins/UPXI.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
GetPTPluginName
LoadDll
StartPTPlugin

Sections

UPX0
Size: - Virtual size: 336KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 241KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/UPXScramb.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
GetPTPluginName
LoadDll
StartPTPlugin

Sections

.Upack
Size: - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 150KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/UnCDS_SS.DLL
.dll windows:4 windows x86 arch:x86

74f2151033d553413b34e839e1eae537

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

Exports

Exports

DoMyJob
LoadDll

Sections

CODE
Size: 10KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/UnFakeNinja.DLL
.dll windows:4 windows x86 arch:x86

74f2151033d553413b34e839e1eae537

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

Exports

Exports

DoMyJob
LoadDll

Sections

CODE
Size: 10KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/UnPPP.DLL
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
LoadDll

Sections

CODE
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/plugins/UnRCrypt.DLL
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
LoadDll

Sections

CODE
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 89B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/plugins/UnRPolyCrypt.DLL
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
LoadDll

Sections

CODE
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/plugins/UnUPXShit.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
LoadDll

Sections

text
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

code
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/UnUPolyX.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
LoadDll

Sections

Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/UnitsBrowser.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DoMyJob
LoadDll

Sections

.code
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/VerA.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DiePlugHwnd
DiePlugName
DiePlugPe
DiePlugProc
DoMyJob
LoadDll

Sections

CODE
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 171B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/plugins/VerA.txt
PEiD/plugins/XNResourceEditor_Plugin.DLL
.dll windows:4 windows x86 arch:x86

d8db0b791801ed624296ca19d27a7875

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CoTaskMemFree

comctl32

ImageList_SetIconSize

winspool.drv

OpenPrinterA

shell32

ShellExecuteA

urlmon

HlinkNavigateString

comdlg32

PrintDlgA

winmm

timeGetTime

hhctrl.ocx

ord14

imagehlp

CheckSumMappedFile

Exports

Exports

DoMyJob
GetPTPluginName
LoadDll
StartPTPlugin

Sections

CODE
Size: 486KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/XP.dll
.dll windows:4 windows x86 arch:x86

d6cf6ca95c5d798fd40e32085cf5ee74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

EndDialog
DialogBoxParamA
MessageBoxA
SendMessageA
SetWindowsHookExA
UnhookWindowsHookEx
EnumThreadWindows
RedrawWindow
SetWindowLongA
GetFocus
GetWindowLongA
GetClassNameA
GetWindowDC
GetWindowRect
ReleaseDC
EnumChildWindows
CallNextHookEx
TrackMouseEvent
DefWindowProcA
CallWindowProcA
DrawTextA
OffsetRect
GetWindowTextA
DrawFocusRect
FillRect
GetSysColor
InflateRect
FrameRect
GetSysColorBrush
GetSystemMetrics

msimg32

GradientFill

gdi32

DeleteObject
LineTo
CreateSolidBrush
SetPixel
SetTextColor
GetStockObject
CreatePen
BitBlt
CreateCompatibleBitmap
SelectObject
SetBkMode
CreateCompatibleDC
DeleteDC
MoveToEx

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetCurrentThreadId
lstrcmpiA

Exports

Exports

ClassXP
DoMyJob
LoadDll

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 574B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEiD/plugins/YPP.DLL
.dll windows:4 windows x86 arch:x86

4a0fdd279b8201c411640750f3c864a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

rtl70.bpl

@System@initialization$qqrv

user32

ShowWindow

vcl70.bpl

@Consts@initialization$qqrv

shell32

ShellExecuteA

Exports

Exports

DoMyJob
LoadDll

Sections

pec1
Size: 15KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pec
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/ZDRx.dll
.dll windows:4 windows x86 arch:x86

d4c1f10055794b70836a7d425f419308

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
UnmapViewOfFile
GlobalAlloc
MapViewOfFile
CreateFileMappingA
CloseHandle
CreateFileA
DeleteFileA
WriteFile
TerminateProcess
ContinueDebugEvent
GetModuleHandleA
GetThreadSelectorEntry
WriteProcessMemory
ReadProcessMemory
SetThreadContext
GetThreadContext
WaitForDebugEvent
ExitProcess
CreateProcessA

msvcrt

_strcmpi
_adjust_fdiv
malloc
_initterm
free
sscanf

user32

DialogBoxParamA
SetDlgItemTextA
wsprintfA
EndDialog
GetDlgItemTextA
MessageBoxA
SetWindowPos
SendDlgItemMessageA
SetWindowTextA

Exports

Exports

DoMyJob
LoadDll

Sections

.text
Size: 17KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 382B - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 430B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/[-=About PEiD =-]/UnreaL.DLL
.dll windows:4 windows x86 arch:x86

e07e00e45407ff0dd6abc9eaa981fa7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_initterm
malloc
_adjust_fdiv
free

Exports

Exports

DoMyJob
LoadDll

Sections

.text
Size: 1024B - Virtual size: 679B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 66B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEiD/plugins/advanced_scan.dll
.dll windows:4 windows x86 arch:x86

a5d8959922988908e51a62a998a351db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MoveWindow
SendMessageA
SetWindowTextA
GetDlgItem
EndDialog
DialogBoxParamA
wsprintfA

kernel32

FindClose
MapViewOfFile
lstrlenA
lstrcpyA
lstrcatA
CloseHandle
CompareStringA
CreateFileA
CreateFileMappingA
GetFileAttributesA
GetFileSize
GetModuleFileNameA
GetPrivateProfileSectionNamesA
FindFirstFileA
RtlMoveMemory
UnmapViewOfFile
VirtualAlloc
VirtualFree

shell32

DragFinish
DragQueryFileA

gdi32

CreateFontIndirectA

Exports

Exports

DoMyJob
LoadDll

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 974B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEiD/plugins/crc32.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DoMyJob
LoadDll

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEiD/plugins/eCrap.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DoMyJob
LoadDll

Sections

.code
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/eCrapOepVerify.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DoMyJob
LoadDll

Sections

.code
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/frant.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DoMyJob
Go
Info
LoadDll
Setting

Sections

.Upack
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/hh.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DoMyJob
Go
Info
LoadDll
Setting

Sections

.Upack
Size: - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/kanal.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DoMyJob
LoadDll

Sections

UPX0
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 119KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/oepscan.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
LoadDll

Sections

CODE
Size: 430KB - Virtual size: 429KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/plugins/ohfixer_v01.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DoMyJob
LoadDll

Sections

Inkvizit
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Inkvizit
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Inkvizit
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/pluzina.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DoMyJob
LoadDll

Sections

.code
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/pluzina1.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DoMyJob
LoadDll

Sections

.code
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/pluzina4.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DoMyJob
LoadDll

Sections

.code
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/pluziny.nfo
PEiD/plugins/unbero.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
LoadDll

Sections

Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/undef.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
LoadDll

Sections

UPX0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/unfsg.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DoMyJob
LoadDll

Sections

CODE
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/plugins/unupx2.dll
.dll windows:4 windows x86 arch:x86

95cb3600ce8c2399c0eeca761590692a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetCurrentThreadId
ExitProcess
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetCommandLineA
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
LocalFree
LocalAlloc
GetModuleFileNameA
FreeLibrary
HeapFree
HeapReAlloc
HeapAlloc
GetProcessHeap
WriteProcessMemory
WriteFile
TerminateProcess
SuspendThread
Sleep
SetFilePointer
ResumeThread
ReadProcessMemory
ReadFile
MoveFileA
LoadLibraryA
GetThreadContext
GetStartupInfoA
GetProcAddress
GetFileSize
FreeLibrary
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
DeleteFileA
CreateProcessA
CreateFileA
CloseHandle

user32

CharNextA
MessageBoxA

Exports

Exports

DoMyJob
LoadDll

Sections

Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 426B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 734B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.!rsrc!
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PEiD/plugins/uupx.dll
.dll windows:4 windows x86 arch:x86

084efa91d7cd1e56b376370bf02ad0e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsBadReadPtr
ReadFile
CreateFileA
WriteFile
lstrcmpA
SetFilePointer
GetFileSize
CloseHandle

user32

EnableWindow
GetDlgItem
GetDlgItemTextA
MessageBoxA
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetTimer
DialogBoxParamA
EndDialog

comdlg32

GetOpenFileNameA

Exports

Exports

GetPTPluginName
StartPTPlugin

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 707B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 394B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEiD/plugins/ypp.ini
PEiD/pluginsdk/NULL.dll
.dll windows:4 windows x86 arch:x86

e07e00e45407ff0dd6abc9eaa981fa7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_initterm
malloc
_adjust_fdiv
free

Exports

Exports

DoMyJob
LoadDll

Sections

.text
Size: 1024B - Virtual size: 679B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 66B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEiD/pluginsdk/defs.h
PEiD/pluginsdk/null.c
PEiD/rtl70.bpl
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

@$xp$10DBPROPINFO
@$xp$10IEnumNames
@$xp$10IErrorInfo
@$xp$10ILockBytes
@$xp$10IMallocSpy
@$xp$10IMtsEvents
@$xp$10IOleCache2
@$xp$10IOleObject
@$xp$10IOleWindow
@$xp$10ITypeInfo2
@$xp$10TComObject
@$xp$10TParamFlag
@$xp$10_xml_error
@$xp$10tagREGKIND
@$xp$11Adoint@_ADO
@$xp$11ContextInfo
@$xp$11DBPARAMINFO
@$xp$11IAdviseSink
@$xp$11ICrmMonitor
@$xp$11IDataObject
@$xp$11IDispatchEx
@$xp$11IDropSource
@$xp$11IDropTarget
@$xp$11IEnumString
@$xp$11IGetAppData
@$xp$11IMTSLocator
@$xp$11IOleControl
@$xp$11IReadCookie
@$xp$11IStringList
@$xp$11IViewObject
@$xp$11Masks@TMask
@$xp$11System@Byte
@$xp$11System@Char
@$xp$11System@Comp
@$xp$11System@Real
@$xp$11System@Word
@$xp$11TAutoObject
@$xp$11tagMULTI_QI
@$xp$11tagSTATDATA
@$xp$12ADDRESS_MODE
@$xp$12Adoint@Error
@$xp$12Adoint@Field
@$xp$12DBCOLUMNDESC
@$xp$12DBCOLUMNINFO
@$xp$12IAdviseSink2
@$xp$12IChannelHook
@$xp$12IComQCEvents
@$xp$12IEnumMoniker
@$xp$12IEnumOLEVERB
@$xp$12IEnumStatStg
@$xp$12IEnumUnknown
@$xp$12IEnumVariant
@$xp$12IEventServer
@$xp$12IOleDocument
@$xp$12IPersistFile
@$xp$12IPictureDisp
@$xp$12IPropertyBag
@$xp$12IRootStorage
@$xp$12ITransaction
@$xp$12IViewObject2
@$xp$12IWriteCookie
@$xp$12IXMLDocument
@$xp$12System@Int64
@$xp$12TFactoryProc
@$xp$12tagEXCEPINFO
@$xp$13Adoint@Errors
@$xp$13Adoint@Fields
@$xp$13Classes@TBits
@$xp$13Classes@TList
@$xp$13IClassFactory
@$xp$13IComAppEvents
@$xp$13IComCRMEvents
@$xp$13IComUserEvent
@$xp$13IContextState
@$xp$13IEnumSTATDATA
@$xp$13IMessageMover
@$xp$13IMtsEventInfo
@$xp$13IObjectSafety
@$xp$13IOleContainer
@$xp$13IPropertyPage
@$xp$13ObjectContext
@$xp$13ObjectControl
@$xp$13Oledb@IDBInfo
@$xp$13Oledb@IMDFind
@$xp$13Oledb@IRowset
@$xp$13System@Double
@$xp$13System@Single
@$xp$13System@String
@$xp$13System@UInt64
@$xp$13TByteDynArray
@$xp$13TConnectEvent
@$xp$13TWordDynArray
@$xp$14Adoint@Field15
@$xp$14Classes@TFiler
@$xp$14Contnrs@TQueue
@$xp$14Contnrs@TStack
@$xp$14IClassFactory2
@$xp$14ICreateTypeLib
@$xp$14ICrmLogControl
@$xp$14IEnumFORMATETC
@$xp$14IFillLockBytes
@$xp$14IMessageFilter
@$xp$14IObjectContext
@$xp$14IObjectControl
@$xp$14IOleClientSite
@$xp$14IPersistStream
@$xp$14IPropertyPage2
@$xp$14IQuickActivate
@$xp$14IRpcStubBuffer
@$xp$14ISessionObject
@$xp$14Oledb@ICommand
@$xp$14PROPERTYORIGIN
@$xp$14System@Boolean
@$xp$14System@Integer
@$xp$14System@TObject
@$xp$14System@Variant
@$xp$14TInt64DynArray
@$xp$14TIntfFlagsBase
@$xp$14tagCONNECTDATA
@$xp$14tagQACONTAINER
@$xp$15Adoint@Fields15
@$xp$15Adoint@_ADODisp
@$xp$15Adoint@_Command
@$xp$15Classes@EThread
@$xp$15Classes@TParser
@$xp$15Classes@TReader
@$xp$15Classes@TRecall
@$xp$15Classes@TStream
@$xp$15Classes@TThread
@$xp$15Classes@TWriter
@$xp$15Contnrs@TBucket
@$xp$15IActiveDesigner
@$xp$15ICreateTypeInfo
@$xp$15ICreateTypeLib2
@$xp$15ICrmCompensator
@$xp$15IObjectWithSite
@$xp$15IOleControlSite
@$xp$15IOleInPlaceSite
@$xp$15IOleUndoManager
@$xp$15IPersistStorage
@$xp$15IReceiveAppData
@$xp$15IRpcProxyBuffer
@$xp$15IRunnableObject
@$xp$15ISharedProperty
@$xp$15IStdMarshalInfo
@$xp$15Math@TValueSign
@$xp$15Msxml@IXMLError
@$xp$15Oledb@IAccessor
@$xp$15Oledb@IDBInfoSC
@$xp$15Oledb@IMDFindSC
@$xp$15Oledb@IRowsetSC
@$xp$15Oledb@IViewSort
@$xp$15ShortStringBase
@$xp$15Stdvcl@IStrings
@$xp$15Syncobjs@TEvent
@$xp$15System@ByteBool
@$xp$15System@Cardinal
@$xp$15System@Currency
@$xp$15System@Extended
@$xp$15System@LongBool
@$xp$15System@Shortint
@$xp$15System@Smallint
@$xp$15System@UCS4Char
@$xp$15System@WideChar
@$xp$15System@WordBool
@$xp$15Sysutils@EAbort
@$xp$15TDoubleDynArray
@$xp$15TParamFlagsBase
@$xp$15TSingleDynArray
@$xp$15TStringDynArray
@$xp$15TTypedComObject
@$xp$15Zlib@EZlibError
@$xp$16Activex@TOleEnum
@$xp$16Adoint@CoCommand
@$xp$16Adoint@Command15
@$xp$16Adoint@ErrorDisp
@$xp$16Adoint@FieldDisp
@$xp$16Adoint@Property_
@$xp$16Classes@TStrings
@$xp$16Comobj@EOleError
@$xp$16IComMethodEvents
@$xp$16IComObjectEvents
@$xp$16IComThreadEvents
@$xp$16IConnectionPoint
@$xp$16ICreateErrorInfo
@$xp$16ICreateTypeInfo2
@$xp$16IDispenserDriver
@$xp$16IEnumConnections
@$xp$16IEnumSTATPROPSTG
@$xp$16IObjectConstruct
@$xp$16IOleAdviseHolder
@$xp$16IOleCacheControl
@$xp$16IOleDocumentSite
@$xp$16IOleDocumentView
@$xp$16IOleInPlaceFrame
@$xp$16IPSFactoryBuffer
@$xp$16IPlaybackControl
@$xp$16IPropertyStorage
@$xp$16IServiceProvider
@$xp$16ISimpleFrameSite
@$xp$16Oledb@ICommandSC
@$xp$16SecurityProperty
@$xp$16Stdvcl@IProvider
@$xp$16System@NativeInt
@$xp$16System@TDateTime
@$xp$16TBooleanDynArray
@$xp$16TComClassManager
@$xp$16TIntegerDynArray
@$xp$16Typinfo@TOrdType
@$xp$16tagINTERFACEINFO
@$xp$17Activex@IEnumGUID
@$xp$17Adoint@ErrorsDisp
@$xp$17Adoint@FieldsDisp
@$xp$17Adoint@IDataspace
@$xp$17Adoint@Parameters
@$xp$17Adoint@Properties
@$xp$17Adoint@_Parameter
@$xp$17Adoint@_Recordset
@$xp$17Asptlb@IASPObject
@$xp$17Asptlb@TASPObject
@$xp$17Classes@TBiDiMode
@$xp$17Classes@TGetClass
@$xp$17Classes@THelpType
@$xp$17Classes@TShortCut
@$xp$17IContinueCallback
@$xp$17ICrmMonitorClerks
@$xp$17IDataAdviseHolder
@$xp$17IDispenserManager
@$xp$17IObjectContextTip
@$xp$17IOleCommandTarget
@$xp$17IOleInPlaceObject
@$xp$17IOleInPlaceSiteEx
@$xp$17IOleItemContainer
@$xp$17IParseDisplayName
@$xp$17IPropertyPageSite
@$xp$17IProvideClassInfo
@$xp$17IRpcChannelBuffer
@$xp$17IScriptingContext
@$xp$17ISecurityProperty
@$xp$17ISequentialStream
@$xp$17ISupportErrorInfo
@$xp$17Inifiles@TIniFile
@$xp$17Math@TPaymentTime
@$xp$17Msxml@IXMLDOMNode
@$xp$17Msxml@IXMLDOMText
@$xp$17Msxml@IXMLElement
@$xp$17Msxml@IXTLRuntime
@$xp$17Oledb@IAccessorSC
@$xp$17Oledb@IAlterIndex
@$xp$17Oledb@IAlterTable
@$xp$17Oledb@IOpenRowset
@$xp$17Oledb@IRowsetFind
@$xp$17Oledb@IRowsetInfo
@$xp$17Oledb@IRowsetView
@$xp$17Oledb@IViewFilter
@$xp$17Oledb@IViewRowset
@$xp$17Oledb@IViewSortSC
@$xp$17System@IInterface
@$xp$17System@IInvokable
@$xp$17System@NativeUInt
@$xp$17System@OleVariant
@$xp$17System@Openstring
@$xp$17System@UCS4String
@$xp$17System@UTF8String
@$xp$17System@WideString
@$xp$17Sysutils@EOSError
@$xp$17Sysutils@TLangRec
@$xp$17TCardinalDynArray
@$xp$17TComObjectFactory
@$xp$17TLongWordDynArray
@$xp$17TShortIntDynArray
@$xp$17TSmallIntDynArray
@$xp$17Typinfo@TTypeKind
@$xp$18Adoint@CoParameter
@$xp$18Adoint@CoRecordset
@$xp$18Adoint@Field15Disp
@$xp$18Adoint@Recordset15
@$xp$18Adoint@Recordset20
@$xp$18Adoint@_Collection
@$xp$18Adoint@_Connection
@$xp$18Classes@Classes__1
@$xp$18Classes@EBitsError
@$xp$18Classes@EListError
@$xp$18Classes@EReadError
@$xp$18Classes@TAlignment
@$xp$18Classes@TComponent
@$xp$18Classes@TFilerFlag
@$xp$18Classes@TLeftRight
@$xp$18Classes@TOperation
@$xp$18Classes@TValueType
@$xp$18Classes@TWndMethod
@$xp$18Contnrs@TClassList
@$xp$18IApplicationObject
@$xp$18IComActivityEvents
@$xp$18IComIdentityEvents
@$xp$18IComInstanceEvents
@$xp$18IComResourceEvents
@$xp$18IComSecurityEvents
@$xp$18IPersistStreamInit
@$xp$18IPersistTextStream
@$xp$18IRequestDictionary
@$xp$18IVariantDictionary
@$xp$18Inifiles@THashItem
@$xp$18Math@TFPUException
@$xp$18Math@TRoundToRange
@$xp$18Msxml@IXMLElement2
@$xp$18Objauto@ObjAuto__1
@$xp$18Oledb@IColumnsInfo
@$xp$18Oledb@ICommandText
@$xp$18Oledb@IConvertType
@$xp$18Oledb@IErrorLookup
@$xp$18Oledb@IRowPosition
@$xp$18Oledb@IRowsetIndex
@$xp$18Oledb@ITransaction
@$xp$18Oledb@IViewChapter
@$xp$18Oledb@TDBPropArray
@$xp$18Registry@TRegistry
@$xp$18Stdvcl@IDataBroker
@$xp$18System@ShortString
@$xp$18System@TBoundArray
@$xp$18Sysutils@EControlC
@$xp$18Sysutils@EExternal
@$xp$18Sysutils@EIntError
@$xp$18Sysutils@EOverflow
@$xp$18Sysutils@Exception
@$xp$18Sysutils@TFileName
@$xp$18Sysutils@TNameType
@$xp$18TAutoObjectFactory
@$xp$18Typinfo@TFloatType
@$xp$18Typinfo@TIntfFlags
@$xp$18Typinfo@TTypeKinds
@$xp$18Typinfo@TypInfo__5
@$xp$19Activex@TOldOleEnum
@$xp$19Adoint@CoConnection
@$xp$19Adoint@Connection15
@$xp$19Adoint@Fields15Disp
@$xp$19Adoint@_CommandDisp
@$xp$19Classes@Classes__03
@$xp$19Classes@Classes__84
@$xp$19Classes@Classes__94
@$xp$19Classes@EFOpenError
@$xp$19Classes@EFilerError
@$xp$19Classes@EWriteError
@$xp$19Classes@TCollection
@$xp$19Classes@TDataModule
@$xp$19Classes@TDuplicates
@$xp$19Classes@TFileStream
@$xp$19Classes@TFilerFlags
@$xp$19Classes@TGetStrProc
@$xp$19Classes@TPersistent
@$xp$19Classes@TReaderProc
@$xp$19Classes@TSeekOrigin
@$xp$19Classes@TShiftState
@$xp$19Classes@TStreamProc
@$xp$19Classes@TStringItem
@$xp$19Classes@TStringList
@$xp$19Classes@TThreadList
@$xp$19Classes@TWriterProc
@$xp$19Comobj@EOleSysError
@$xp$19Contnrs@TBucketList
@$xp$19Contnrs@TObjectList
@$xp$19Convutils@TConvType
@$xp$19IComExceptionEvents
@$xp$19IEnumSTATPROPSETSTG
@$xp$19IExternalConnection
@$xp$19IOleInPlaceUIWindow
@$xp$19IPersistPropertyBag
@$xp$19IPropertyNotifySink
@$xp$19IPropertySetStorage
@$xp$19IProvideRuntimeText
@$xp$19IRunningObjectTable
@$xp$19ITransactionContext
@$xp$19Maskutils@TEditMask
@$xp$19Msxml@CoDOMDocument
@$xp$19Msxml@CoXMLDocument
@$xp$19Msxml@IXMLAttribute
@$xp$19Msxml@IXMLDOMEntity
@$xp$19Msxml@IXMLDocument2
@$xp$19Objauto@TParamFlags
@$xp$19Oledb@IAlterIndexSC
@$xp$19Oledb@IAlterTableSC
@$xp$19Oledb@IDBInitialize
@$xp$19Oledb@IDBProperties
@$xp$19Oledb@IOpenRowsetSC
@$xp$19Oledb@IParentRowset
@$xp$19Oledb@IRowsetChange
@$xp$19Oledb@IRowsetFindSC
@$xp$19Oledb@IRowsetInfoSC
@$xp$19Oledb@IRowsetLocate
@$xp$19Oledb@IRowsetScroll
@$xp$19Oledb@IRowsetUpdate
@$xp$19Oledb@IRowsetViewSC
@$xp$19Oledb@ISQLErrorInfo
@$xp$19Oledb@ISecurityInfo
@$xp$19Oledb@IViewFilterSC
@$xp$19Oledb@IViewRowsetSC
@$xp$19Stdvcl@IStringsDisp
@$xp$19Sysutils@EDivByZero
@$xp$19Sysutils@EInvalidOp
@$xp$19Sysutils@EMathError
@$xp$19Sysutils@EPrivilege
@$xp$19Sysutils@EUnderflow
@$xp$19Sysutils@TLanguages
@$xp$19Sysutils@TSearchRec
@$xp$19TWideStringDynArray
@$xp$19Typinfo@TMethodKind
@$xp$19Typinfo@TParamFlags
@$xp$20Activex@ICatRegister
@$xp$20Activex@TUnknownList
@$xp$20Adoint@Command15Disp
@$xp$20Adoint@Property_Disp
@$xp$20Asptlb@TASPMTSObject
@$xp$20Classes@EParserError
@$xp$20Classes@EResNotFound
@$xp$20Classes@EStreamError
@$xp$20Classes@TBasicAction
@$xp$20Classes@TClassFinder
@$xp$20Classes@THelpContext
@$xp$20Classes@TNotifyEvent
@$xp$20Classes@TReaderError
@$xp$20Comobj@EOleException
@$xp$20Contnrs@TBucketArray
@$xp$20Contnrs@TObjectQueue
@$xp$20Contnrs@TObjectStack
@$xp$20Contnrs@TOrderedList
@$xp$20IComObjectPoolEvents
@$xp$20ICrmFormatLogRecords
@$xp$20IPerPropertyBrowsing
@$xp$20ISecurityCallContext
@$xp$20ISecurityCallersColl
@$xp$20ISharedPropertyGroup
@$xp$20Inifiles@IniFiles__4
@$xp$20Inifiles@TMemIniFile
@$xp$20Inifiles@TStringHash
@$xp$20Masks@EMaskException
@$xp$20Msxml@IXMLDOMComment
@$xp$20Msxml@IXMLDOMElement
@$xp$20Msxml@IXMLDSOControl
@$xp$20Oledb@IColumnsInfoSC
@$xp$20Oledb@IColumnsRowset
@$xp$20Oledb@ICommandTextSC
@$xp$20Oledb@IConvertTypeSC
@$xp$20Oledb@IErrorLookupSC
@$xp$20Oledb@IGetDataSource
@$xp$20Oledb@IMDRangeRowset
@$xp$20Oledb@IRowPositionSC
@$xp$20Oledb@IRowsetIndexSC
@$xp$20Oledb@IRowsetRefresh
@$xp$20Oledb@IRowsetResynch
@$xp$20Oledb@ISourcesRowset
@$xp$20Oledb@ITransactionSC
@$xp$20Oledb@IViewChapterSC
@$xp$20Registry@TRegIniFile
@$xp$20Scktcomp@TAsyncStyle
@$xp$20Scktcomp@TClientType
@$xp$20Scktcomp@TErrorEvent
@$xp$20Scktcomp@TServerType
@$xp$20Stdvcl@IProviderDisp
@$xp$20Syncobjs@TWaitResult
@$xp$20System@TRuntimeError
@$xp$20Sysutils@EInOutError
@$xp$20Sysutils@ERangeError
@$xp$20Sysutils@EWin32Error
@$xp$20Sysutils@EZeroDivide
@$xp$20Sysutils@SysUtils__2
@$xp$20Sysutils@TFloatValue
@$xp$20Sysutils@TSysCharSet
@$xp$21Activex@TMultiQIArray
@$xp$21Activex@TTypeInfoList
@$xp$21Adoint@IDataspaceDisp
@$xp$21Adoint@ParametersDisp
@$xp$21Adoint@PropertiesDisp
@$xp$21Adoint@_ParameterDisp
@$xp$21Adoint@_RecordsetDisp
@$xp$21Classes@EFCreateError
@$xp$21Classes@EInvalidImage
@$xp$21Classes@IVCLComObject
@$xp$21Classes@TGetChildProc
@$xp$21Classes@THandleStream
@$xp$21Classes@TListAssignOp
@$xp$21Classes@TMemoryStream
@$xp$21Classes@TSetNameEvent
@$xp$21Classes@TStringStream
@$xp$21Classes@TThreadMethod
@$xp$21Convutils@TConvFamily
@$xp$21Helpintfs@IHelpSystem
@$xp$21IComObjectPoolEvents2
@$xp$21IComTransactionEvents
@$xp$21ICrmMonitorLogRecords
@$xp$21IEnumConnectionPoints
@$xp$21IEnumOleDocumentViews
@$xp$21IGetContextProperties
@$xp$21IGlobalInterfaceTable
@$xp$21ISecurityIdentityColl
@$xp$21ISpecifyPropertyPages
@$xp$21ITransactionContextEx
@$xp$21Maskutils@TMaskedText
@$xp$21Math@EInvalidArgument
@$xp$21Math@TFPURoundingMode
@$xp$21Msxml@CoXMLDSOControl

Sections

CODE
Size: 450KB - Virtual size: 449KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 9KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 25B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/userdb.txt
PEiD/vcl70.bpl
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

@$xp$11Forms@TForm
@$xp$11Menus@TMenu
@$xp$11TActiveForm
@$xp$12Forms@TFrame
@$xp$12Mask@Mask__2
@$xp$13Forms@TScreen
@$xp$13Graphics@TPen
@$xp$14Extctrls@TPage
@$xp$14Forms@Forms__6
@$xp$14Forms@IOleForm
@$xp$14Forms@TMonitor
@$xp$14Graphics@TFont
@$xp$14Graphics@TIcon
@$xp$14Grids@Grids__3
@$xp$14Grids@Grids__4
@$xp$14Mask@TMaskEdit
@$xp$14Stdctrls@TEdit
@$xp$14Stdctrls@TMemo
@$xp$15Buttons@TBitBtn
@$xp$15Comctrls@TWidth
@$xp$15Controls@TAlign
@$xp$15Controls@TMouse
@$xp$15Extctrls@TBevel
@$xp$15Extctrls@TImage
@$xp$15Extctrls@TPanel
@$xp$15Extctrls@TShape
@$xp$15Extctrls@TTimer
@$xp$15Forms@THintInfo
@$xp$15Forms@TPosition
@$xp$15Forms@TTileMode
@$xp$15Graphics@TBrush
@$xp$15Graphics@TColor
@$xp$15Grids@TDrawGrid
@$xp$15Menus@TMainMenu
@$xp$15Menus@TMenuItem
@$xp$15Stdctrls@TLabel
@$xp$15Svcmgr@TService
@$xp$15TActiveXControl
@$xp$15TConnectionKind
@$xp$16Actnlist@TAction
@$xp$16Comctrls@THotKey
@$xp$16Comctrls@TUpDown
@$xp$16Controls@TCursor
@$xp$16Extctrls@THeader
@$xp$16Forms@TFormState
@$xp$16Forms@TFormStyle
@$xp$16Forms@THelpEvent
@$xp$16Forms@TIdleEvent
@$xp$16Forms@TScrollBox
@$xp$16Forms@TTimerMode
@$xp$16Graphics@TBitmap
@$xp$16Graphics@TCanvas
@$xp$16Grids@TEditStyle
@$xp$16Grids@TGridState
@$xp$16Imglist@TOverlay
@$xp$16Imglist@TResType
@$xp$16Menus@EMenuError
@$xp$16Menus@TMenuBreak
@$xp$16Menus@TPopupList
@$xp$16Menus@TPopupMenu
@$xp$16Stdctrls@TButton
@$xp$16TConnectionPoint
@$xp$17Comctrls@TAddMode
@$xp$17Comctrls@TAnimate
@$xp$17Comctrls@TCoolBar
@$xp$17Comctrls@THitTest
@$xp$17Comctrls@TToolBar
@$xp$17Controls@TAnchors
@$xp$17Controls@TCaption
@$xp$17Controls@TControl
@$xp$17Controls@TImeMode
@$xp$17Controls@TImeName
@$xp$17Dialogs@TPageType
@$xp$17Extactns@TFileRun
@$xp$17Extactns@TNextTab
@$xp$17Extactns@TShowCmd
@$xp$17Extctrls@TRowSize
@$xp$17Forms@TBorderIcon
@$xp$17Forms@TCloseEvent
@$xp$17Forms@TCustomForm
@$xp$17Forms@TPrintScale
@$xp$17Forms@TShowAction
@$xp$17Forms@TWindowHook
@$xp$17Graphics@TGraphic
@$xp$17Graphics@TPenMode
@$xp$17Graphics@TPicture
@$xp$17Grids@TCustomGrid
@$xp$17Grids@TGridOption
@$xp$17Grids@TMovedEvent
@$xp$17Grids@TStringGrid
@$xp$17Mask@EDBEditError
@$xp$17Mask@TMaskedState
@$xp$17Olectnrs@TOleForm
@$xp$17Printers@EPrinter
@$xp$17Printers@TPrinter
@$xp$17Stdactns@TEditCut
@$xp$17Stdctrls@TListBox
@$xp$17Svcmgr@TStartType
@$xp$17Svcmgr@TStopEvent
@$xp$17TConnectionPoints
@$xp$17Themes@TThemedTab
@$xp$17Valedit@TItemProp
@$xp$18Axctrls@TOleStream
@$xp$18Buttons@TNumGlyphs
@$xp$18Clipbrd@TClipboard
@$xp$18Comctrls@TCoolBand
@$xp$18Comctrls@THitTests
@$xp$18Comctrls@TItemFind
@$xp$18Comctrls@TListItem
@$xp$18Comctrls@TListView
@$xp$18Comctrls@TRichEdit
@$xp$18Comctrls@TSortType
@$xp$18Comctrls@TTabSheet
@$xp$18Comctrls@TTabStyle
@$xp$18Comctrls@TTickMark
@$xp$18Comctrls@TTrackBar
@$xp$18Comctrls@TTreeNode
@$xp$18Comctrls@TTreeView
@$xp$18Comctrls@TWorkArea
@$xp$18Controls@TAlignSet
@$xp$18Controls@TBevelCut
@$xp$18Controls@TDockTree
@$xp$18Controls@TDockZone
@$xp$18Controls@TDragKind
@$xp$18Controls@TDragMode
@$xp$18Controls@TKeyEvent
@$xp$18Controls@TTabOrder
@$xp$18Dialogs@TMsgDlgBtn
@$xp$18Extactns@TSendMail
@$xp$18Extctrls@TColorBox
@$xp$18Extctrls@TNotebook
@$xp$18Extctrls@TPaintBox
@$xp$18Extctrls@TSplitter
@$xp$18Forms@TApplication
@$xp$18Forms@TBorderIcons
@$xp$18Forms@TBorderStyle
@$xp$18Forms@TCloseAction
@$xp$18Forms@TCustomFrame
@$xp$18Forms@TWindowState
@$xp$18Graphics@TFillMode
@$xp$18Graphics@TFontName
@$xp$18Graphics@TMetafile
@$xp$18Graphics@TPenStyle
@$xp$18Grids@TGridOptions
@$xp$18Grids@TInplaceEdit
@$xp$18Imglist@TImageType
@$xp$18Menus@TTrackButton
@$xp$18Olectnrs@TSizeMode
@$xp$18Stdactns@TEditCopy
@$xp$18Stdactns@TEditUndo
@$xp$18Stdactns@TFileExit
@$xp$18Stdactns@TFileOpen
@$xp$18Stdactns@TFontEdit
@$xp$18Stdactns@TPrintDlg
@$xp$18Stdctrls@TCheckBox
@$xp$18Stdctrls@TComboBox
@$xp$18Stdctrls@TGroupBox
@$xp$18Svcmgr@TDependency
@$xp$18Svcmgr@TPauseEvent
@$xp$18Svcmgr@TStartEvent
@$xp$18TActiveFormControl
@$xp$18TActiveFormFactory
@$xp$18Themes@TThemedEdit
@$xp$18Themes@TThemedMenu
@$xp$18Themes@TThemedPage
@$xp$18Themes@TThemedSpin
@$xp$18Toolwin@TEdgeStyle
@$xp$18Valedit@TItemProps
@$xp$18Valedit@TKeyOption
@$xp$19Actnlist@THintEvent
@$xp$19Axctrls@IFontAccess
@$xp$19Axctrls@TOleGraphic
@$xp$19Buttons@TBitBtnKind
@$xp$19Comctrls@TCommonAVI
@$xp$19Comctrls@TCoolBands
@$xp$19Comctrls@TItemState
@$xp$19Comctrls@TListItems
@$xp$19Comctrls@TNodeState
@$xp$19Comctrls@TStatusBar
@$xp$19Comctrls@TTickStyle
@$xp$19Comctrls@TTreeNodes
@$xp$19Comctrls@TUDBtnType
@$xp$19Comctrls@TViewStyle
@$xp$19Comctrls@TWorkAreas
@$xp$19Commdlg@TOFNotifyEx
@$xp$19Controls@TBevelEdge
@$xp$19Controls@TBevelKind
@$xp$19Controls@TDragState
@$xp$19Controls@TImageList
@$xp$19Dialogs@TFindDialog
@$xp$19Dialogs@TFindOption
@$xp$19Dialogs@TFontDialog
@$xp$19Dialogs@TMsgDlgType
@$xp$19Dialogs@TOpenDialog
@$xp$19Dialogs@TOpenOption
@$xp$19Dialogs@TPrintRange
@$xp$19Dialogs@TSaveDialog
@$xp$19Extactns@TBrowseURL
@$xp$19Extactns@TTabAction
@$xp$19Extactns@TURLAction
@$xp$19Extctrls@TShapeType
@$xp$19Forms@IDesignerHook
@$xp$19Forms@TMessageEvent
@$xp$19Forms@TScrollBarInc
@$xp$19Graphics@TFillStyle
@$xp$19Graphics@TFontPitch
@$xp$19Graphics@TFontStyle
@$xp$19Graphics@TIconImage
@$xp$19Graphics@TPenRecall
@$xp$19Grids@TGetEditEvent
@$xp$19Grids@TGridMovement
@$xp$19Grids@TSetEditEvent
@$xp$19Imglist@TChangeLink
@$xp$19Imglist@TImageIndex
@$xp$19Menus@TFindItemKind
@$xp$19Menus@TMenuAutoFlag
@$xp$19Olectrls@TEnumValue
@$xp$19Stdactns@TEditPaste
@$xp$19Stdctrls@TScrollBar
@$xp$19Svcmgr@TEventLogger
@$xp$19Svcmgr@TServiceType
@$xp$19Themes@TThemedClock
@$xp$19Themes@TThemedRebar
@$xp$19Toolwin@TEdgeBorder
@$xp$19Toolwin@TToolWindow
@$xp$19Valedit@TKeyOptions
@$xp$20Actnlist@TActionLink
@$xp$20Actnlist@TActionList
@$xp$20Axctrls@TFontAdapter
@$xp$20Buttons@TButtonState
@$xp$20Buttons@TButtonStyle
@$xp$20Buttons@TSpeedButton
@$xp$20Comctrls@ComCtrls__9
@$xp$20Comctrls@TComboBoxEx
@$xp$20Comctrls@TConversion
@$xp$20Comctrls@TDTDateMode
@$xp$20Comctrls@THKModifier
@$xp$20Comctrls@TItemChange
@$xp$20Comctrls@TItemStates
@$xp$20Comctrls@TListColumn
@$xp$20Comctrls@TSearchType
@$xp$20Comctrls@TTabControl
@$xp$20Comctrls@TToolButton
@$xp$20Controls@TAnchorKind
@$xp$20Controls@TBevelEdges
@$xp$20Controls@TBevelWidth
@$xp$20Controls@TDragObject
@$xp$20Controls@THintWindow
@$xp$20Controls@TMouseEvent
@$xp$20Controls@TWinControl
@$xp$20Dialogs@TColorDialog
@$xp$20Dialogs@TFindOptions
@$xp$20Dialogs@TOpenOptions
@$xp$20Dialogs@TPrintDialog
@$xp$20Dialogs@TPrinterKind
@$xp$20Extctrls@TBevelShape
@$xp$20Extctrls@TBevelStyle
@$xp$20Extctrls@TBoundLabel
@$xp$20Extctrls@TControlBar
@$xp$20Extctrls@TRadioGroup
@$xp$20Forms@TScrollBarKind
@$xp$20Forms@TShortCutEvent
@$xp$20Forms@TShowHintEvent
@$xp$20Graphics@TBrushStyle
@$xp$20Graphics@TFontRecall
@$xp$20Graphics@TFontStyles
@$xp$20Graphutil@TArrowType
@$xp$20Grids@TDrawCellEvent
@$xp$20Grids@TGridDrawState
@$xp$20Mask@TCustomMaskEdit
@$xp$20Menus@TMenuAnimation
@$xp$20Menus@TMenuItemStack
@$xp$20Olectnrs@TCreateInfo
@$xp$20Olectnrs@TCreateType
@$xp$20Olectrls@TOleControl
@$xp$20Oleserver@TOleServer
@$xp$20Stdactns@TEditAction
@$xp$20Stdactns@TEditDelete
@$xp$20Stdactns@TFileAction
@$xp$20Stdactns@TFileSaveAs
@$xp$20Stdactns@THelpAction
@$xp$20Stdactns@THelpOnHelp
@$xp$20Stdactns@THintAction
@$xp$20Stdactns@TSearchFind
@$xp$20Stdctrls@TCustomEdit
@$xp$20Stdctrls@TCustomMemo
@$xp$20Stdctrls@TScrollCode
@$xp$20Stdctrls@TStaticText
@$xp$20Stdctrls@TTextLayout
@$xp$20Svcmgr@TDependencies
@$xp$20Svcmgr@TServiceEvent
@$xp$20TActiveXPropertyPage
@$xp$20Themes@TThemedButton
@$xp$20Themes@TThemedHeader
@$xp$20Themes@TThemedStatus
@$xp$20Themes@TThemedWindow
@$xp$20Toolwin@TEdgeBorders
@$xp$21Actnlist@TActionEvent
@$xp$21Axctrls@TPropertyPage
@$xp$21Buttons@TButtonLayout
@$xp$21Comctrls@ComCtrls__34
@$xp$21Comctrls@TComboExItem
@$xp$21Comctrls@TDisplayCode
@$xp$21Comctrls@THKModifiers
@$xp$21Comctrls@THeaderStyle
@$xp$21Comctrls@TIconOptions
@$xp$21Comctrls@TItemRequest
@$xp$21Comctrls@TListColumns
@$xp$21Comctrls@TPageControl
@$xp$21Comctrls@TProgressBar
@$xp$21Comctrls@TSearchTypes
@$xp$21Comctrls@TStatusPanel
@$xp$21Comctrls@TTabPosition
@$xp$21Controls@Controls__01
@$xp$21Controls@Controls__11
@$xp$21Controls@Controls__21
@$xp$21Controls@IDockManager
@$xp$21Controls@TBorderWidth
@$xp$21Controls@TDragMessage
@$xp$21Controls@TModalResult
@$xp$21Controls@TMouseButton
@$xp$21Controls@TUnDockEvent
@$xp$21Dialogs@TCommonDialog
@$xp$21Dialogs@TFDApplyEvent
@$xp$21Dialogs@TOpenOptionEx
@$xp$21Extactns@TDownLoadURL
@$xp$21Extactns@TOpenPicture
@$xp$21Extactns@TPreviousTab
@$xp$21Extactns@TSavePicture
@$xp$21Extctrls@TCustomPanel
@$xp$21Extctrls@TLabeledEdit
@$xp$21Extctrls@TResizeStyle
@$xp$21Forms@TCustomDockForm
@$xp$21Forms@TDefaultMonitor
@$xp$21Forms@TExceptionEvent
@$xp$21Forms@TScrollBarStyle
@$xp$21Graphics@TBitmapImage
@$xp$21Graphics@TBrushRecall
@$xp$21Graphics@TCanvasState
@$xp$21Graphics@TFontCharset
@$xp$21Graphics@TPixelFormat
@$xp$21Graphics@TSharedImage
@$xp$21Grids@TCustomDrawGrid
@$xp$21Grids@TGetExtentsFunc
@$xp$21Imglist@TDrawingStyle
@$xp$21Imglist@TLoadResource
@$xp$21Menus@TMenuActionLink
@$xp$21Menus@TMenuAnimations
@$xp$21Menus@TPopupAlignment
@$xp$21Olectnrs@TObjectState
@$xp$21Stdactns@TColorSelect
@$xp$21Stdactns@TWindowClose
@$xp$21Stdctrls@TCustomCombo
@$xp$21Stdctrls@TCustomLabel
@$xp$21Stdctrls@TRadioButton
@$xp$21Stdctrls@TScrollEvent
@$xp$21Stdctrls@TScrollStyle
@$xp$21Svcmgr@TContinueEvent
@$xp$21Svcmgr@TCurrentStatus
@$xp$21Svcmgr@TErrorSeverity
@$xp$21Svcmgr@TServiceThread
@$xp$21Themes@TThemeServices
@$xp$21Themes@TThemedElement
@$xp$21Themes@TThemedTaskBar
@$xp$21Themes@TThemedToolBar
@$xp$21Themes@TThemedToolTip
@$xp$21Toolwin@TToolDockForm
@$xp$22Actnlist@TCustomAction
@$xp$22Actnlist@TShortCutList
@$xp$22Axctrls@IPictureAccess
@$xp$22Axctrls@TCustomAdapter
@$xp$22Comctrls@TCalDayOfWeek
@$xp$22Comctrls@TComboExItems
@$xp$22Comctrls@TCustomHotKey
@$xp$22Comctrls@TCustomUpDown
@$xp$22Comctrls@TDTDateFormat
@$xp$22Comctrls@TDateTimeKind
@$xp$22Comctrls@TDrawTabEvent
@$xp$22Comctrls@THKInvalidKey
@$xp$22Comctrls@TItemRequests
@$xp$22Comctrls@TPageScroller
@$xp$22Comctrls@TStatusPanels
@$xp$22Comctrls@TUDClickEvent
@$xp$22Controls@TControlState
@$xp$22Controls@TControlStyle
@$xp$22Controls@TDragObjectEx
@$xp$22Controls@TEndDragEvent
@$xp$22Controls@TScalingFlags
@$xp$22Dialogs@TFileEditStyle
@$xp$22Dialogs@TMsgDlgButtons
@$xp$22Dialogs@TOpenOptionsEx
@$xp$22Dialogs@TReplaceDialog
@$xp$22Extactns@TRichEditBold
@$xp$22Extctrls@NaturalNumber
@$xp$22Extctrls@TSectionEvent
@$xp$22Forms@TCloseQueryEvent
@$xp$22Forms@TFormBorderStyle
@$xp$22Graphics@TCanvasStates
@$xp$22Graphics@TFontDataName
@$xp$22Grids@TInplaceEditList
@$xp$22Grids@TSelectCellEvent
@$xp$22Imglist@TLoadResources
@$xp$22Menus@TMenuChangeEvent
@$xp$22Olectnrs@IVCLFrameForm
@$xp$22Olectnrs@TAutoActivate
@$xp$22Olectnrs@TOleContainer
@$xp$22Olectrls@EOleCtrlError
@$xp$22Olectrls@TEnumPropDesc
@$xp$22Oleserver@TConnectKind
@$xp$22Printers@TPrinterState
@$xp$22Stdactns@TFileOpenWith
@$xp$22Stdactns@THelpContents
@$xp$22Stdactns@TSearchAction
@$xp$22Stdactns@TWindowAction
@$xp$22Stdctrls@TEditCharCase
@$xp$22Stdctrls@TListBoxStyle
@$xp$22TActiveXControlFactory
@$xp$22Themes@TThemedComboBox
@$xp$22Themes@TThemedListview
@$xp$22Themes@TThemedProgress
@$xp$22Themes@TThemedTaskBand
@$xp$22Themes@TThemedTrackBar
@$xp$22Themes@TThemedTreeview
@$xp$22Valedit@TDisplayOption
@$xp$23Axctrls@TPictureAdapter
@$xp$23Axctrls@TStringsAdapter
@$xp$23Comctrls@EDateTimeError
@$xp$23Comctrls@EMonthCalError
@$xp$23Comctrls@ETreeViewError
@$xp$23Comctrls@TAttributeType
@$xp$23Comctrls@THKInvalidKeys
@$xp$23Comctrls@THeaderControl
@$xp$23Comctrls@THeaderSection
@$xp$23Comctrls@TLVChangeEvent
@$xp$23Comctrls@TLVEditedEvent
@$xp$23Comctrls@TLVNotifyEvent
@$xp$23Comctrls@TMonthCalendar
@$xp$23Comctrls@TTBButtonEvent
@$xp$23Comctrls@TTVEditedEvent
@$xp$23Comctrls@TUDAlignButton
@$xp$23Comctrls@TUDOrientation
@$xp$23Controls@TControlCanvas
@$xp$23Controls@TCustomControl
@$xp$23Controls@TDockDropEvent
@$xp$23Controls@TDockOverEvent
@$xp$23Controls@TDragDropEvent
@$xp$23Controls@TDragImageList
@$xp$23Controls@TDragOverEvent
@$xp$23Controls@TKeyPressEvent
@$xp$23Dialogs@TPaintPageEvent
@$xp$23Extactns@TCustomFileRun
@$xp$23Extctrls@TBandDragEvent
@$xp$23Extctrls@TBandInfoEvent
@$xp$23Extctrls@TBandMoveEvent
@$xp$23Extctrls@TColorBoxStyle
@$xp$23Extctrls@TLabelPosition
@$xp$23Forms@TControlScrollBar
@$xp$23Forms@TCustomActiveForm
@$xp$23Forms@TMonitorDefaultTo
@$xp$23Graphics@TMetafileImage
@$xp$23Graphics@TProgressEvent
@$xp$23Graphics@TProgressStage
@$xp$23Listactns@TGetItemEvent
@$xp$23Menus@TMenuItemAutoFlag
@$xp$23Olectrls@TEnumValueList
@$xp$23Olectrls@TEventDispatch
@$xp$23Oleserver@TVariantArray
@$xp$23Stdactns@TEditSelectAll
@$xp$23Stdactns@TFilePageSetup
@$xp$23Stdactns@TSearchReplace
@$xp$23Stdactns@TWindowArrange
@$xp$23Stdactns@TWindowCascade
@$xp$23Stdctrls@TButtonControl
@$xp$23Stdctrls@TCheckBoxState
@$xp$23Stdctrls@TComboBoxStyle
@$xp$23Stdctrls@TCustomListBox
@$xp$23Stdctrls@TDrawItemEvent
@$xp$23Themes@TThemedScrollBar
@$xp$23Toolwin@TToolDockObject
@$xp$23Valedit@TDisplayOptions
@$xp$24Actnlist@TEnumActionProc
@$xp$24Axctrls@IAmbientDispatch
@$xp$24Axctrls@TAdapterNotifier
@$xp$24Axctrls@TReflectorWindow
@$xp$24Comctrls@TCommonCalendar
@$xp$24Comctrls@TCustomListView
@$xp$24Comctrls@TCustomRichEdit
@$xp$24Comctrls@TCustomTreeView
@$xp$24Comctrls@TDTCalAlignment
@$xp$24Comctrls@TDateTimePicker
@$xp$24Comctrls@TDrawPanelEvent
@$xp$24Comctrls@THeaderSections
@$xp$24Comctrls@TLVCompareEvent
@$xp$24Comctrls@TLVDeletedEvent
@$xp$24Comctrls@TLVEditingEvent
@$xp$24Comctrls@TLVInfoTipEvent
@$xp$24Comctrls@TMonthCalColors
@$xp$24Comctrls@TNodeAttachMode
@$xp$24Comctrls@TNumberingStyle
@$xp$24Comctrls@TParaAttributes

Sections

CODE
Size: 842KB - Virtual size: 841KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 789B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 357KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 33B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEiD/xInfo.TXT
PEiD/飘荡软件.url
.url

Sharing

General

Malware Config

Signatures

Files

2b2b794f13fd8c667d8ca834996748b2

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.data Size: 38KB - Virtual size: 37KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

Headers

DLL Characteristics

File Characteristics

Sections

CODE Size: 10KB - Virtual size: 10KB

DATA Size: 8KB - Virtual size: 8KB

BSS Size: 512B - Virtual size: 512B

.text Size: 523KB - Virtual size: 523KB

.rsrc Size: 42KB - Virtual size: 42KB

Headers

DLL Characteristics

File Characteristics

Sections

CODE Size: 10KB - Virtual size: 10KB

DATA Size: 8KB - Virtual size: 8KB

BSS Size: 512B - Virtual size: 512B

.text Size: 523KB - Virtual size: 523KB

.rsrc Size: 42KB - Virtual size: 42KB

8a5c122c59f95844abbafb18bb75e01a

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

msvcr70

oleacc

shlwapi

user32

Sections

.text Size: 800KB - Virtual size: 797KB

.data Size: 40KB - Virtual size: 37KB

.rsrc Size: 48KB - Virtual size: 45KB

.reloc Size: 60KB - Virtual size: 59KB

1042bb30696d4426da7447f341f51a6e

Headers

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 224KB - Virtual size: 222KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 28KB - Virtual size: 25KB

.rsrc Size: 4KB - Virtual size: 952B

.reloc Size: 12KB - Virtual size: 10KB

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 20KB

UPX1 Size: 2KB - Virtual size: 4KB

UPX2 Size: 310B - Virtual size: 4KB

c666e5e72f0ab836193a6ecc9d4651fa

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

.data
Size: 38KB - Virtual size: 37KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

CODE
Size: 10KB - Virtual size: 10KB

DATA
Size: 8KB - Virtual size: 8KB

BSS
Size: 512B - Virtual size: 512B

.text
Size: 523KB - Virtual size: 523KB

.rsrc
Size: 42KB - Virtual size: 42KB

CODE
Size: 10KB - Virtual size: 10KB

DATA
Size: 8KB - Virtual size: 8KB

BSS
Size: 512B - Virtual size: 512B

.text
Size: 523KB - Virtual size: 523KB

.rsrc
Size: 42KB - Virtual size: 42KB

.text
Size: 800KB - Virtual size: 797KB

.data
Size: 40KB - Virtual size: 37KB

.rsrc
Size: 48KB - Virtual size: 45KB

.reloc
Size: 60KB - Virtual size: 59KB

.text
Size: 224KB - Virtual size: 222KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 28KB - Virtual size: 25KB

.rsrc
Size: 4KB - Virtual size: 952B

.reloc
Size: 12KB - Virtual size: 10KB

UPX0
Size: - Virtual size: 20KB

UPX1
Size: 2KB - Virtual size: 4KB

UPX2
Size: 310B - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 24KB

.data
Size: 1KB - Virtual size: 2KB

.link
Size: 3KB - Virtual size: 2KB

.rloc
Size: 1024B - Virtual size: 724B

UPX0
Size: - Virtual size: 92KB

UPX1
Size: 30KB - Virtual size: 32KB

.rsrc
Size: 25KB - Virtual size: 28KB

CODE
Size: 37KB - Virtual size: 36KB

DATA
Size: 512B - Virtual size: 292B

BSS
Size: - Virtual size: 2KB

.idata
Size: 4KB - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 320B

.reloc
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 50KB - Virtual size: 50KB

UPX0
Size: - Virtual size: 32KB

UPX1
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 4KB

CODE
Size: 12KB - Virtual size: 11KB

DATA
Size: 512B - Virtual size: 180B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 141B

.reloc
Size: 1024B - Virtual size: 944B

.rsrc
Size: 512B - Virtual size: 512B

.text
Size: 1024B - Virtual size: 838B

.rdata
Size: 1024B - Virtual size: 655B

.data
Size: 512B - Virtual size: 824B

.reloc
Size: 512B - Virtual size: 174B