c2ffaacfbc43f5107a417a72cf80f930_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

c2ffaacfbc43f5107a417a72cf80f930_NeikiAnalytics
Size

1.3MB
MD5

c2ffaacfbc43f5107a417a72cf80f930
SHA1

4851dd223bea3b62af0be65e09021c420fa09791
SHA256

f402560019eb33dea9ced1593c0cb5d2f6fff974d4e43db8ba551b33b78c8fe8
SHA512

4de2995bffe06115c9bce5b4a6bc942f3102521ef3d5e03ed7213164ea10a16f4c282c4d950e961710005fa513f2cff9024cdec327d40da7483374b41fcd9777
SSDEEP

24576:3sG8dyxls+IUN58GKQUEu97iG+5WQ21cuJ/0AjG8RSNQMABD27fl9zxd23d:P8YDIaw2e7rUY1cuJNG8RBJWlhy3d

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
static1/unpack001/AmlMaple.exe	vmprotect

Unsigned PE 14 IoCs

Checks for missing Authenticode signature.

resource
c2ffaacfbc43f5107a417a72cf80f930_NeikiAnalytics
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/$PLUGINSDIR/StartMenu.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/AM_Exit.exe
unpack001/AM_Restorer.exe
unpack001/AmlMaple.dll
unpack001/AmlMaple.exe
unpack001/FlgCrt.dll
unpack001/GGSoundUtil.dll
unpack001/uninst.exe
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/LangDLL.dll

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/uninst.exe	nsis_installer_1
static1/unpack001/uninst.exe	nsis_installer_2

Files

c2ffaacfbc43f5107a417a72cf80f930_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

9b6b6a7858e17fb0b17e1c1428330343

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GetACP
lstrlenA
lstrcmpA
lstrcpynA
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc

user32

SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
LoadIconA
SendMessageA
ShowWindow
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/OtherProducts.ini
$PLUGINSDIR/StartMenu.dll
.dll windows:4 windows x86 arch:x86

a648aeaa164b592c1e8892a10400b5ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
lstrcatA
FindClose
FindNextFileA
MulDiv
GlobalFree
lstrcpynA
GlobalAlloc
lstrcmpiA
FindFirstFileA
lstrcpyA

user32

TranslateMessage
GetMessageA
IsDialogMessageA
PostMessageA
DispatchMessageA
GetWindowLongA
CheckDlgButton
ShowWindow
LoadIconA
GetClientRect
MoveWindow
ScreenToClient
GetWindowRect
ReleaseDC
GetDC
EnableWindow
SetWindowTextA
SendMessageA
IsDlgButtonChecked
GetWindowTextA
DestroyWindow
GetDlgItem
CreateDialogParamA
SetWindowLongA
wsprintfA
CallWindowProcA

gdi32

GetTextMetricsA
SelectObject

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoTaskMemFree

Exports

Exports

Init
Select
Show

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 518B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
AM_Exit.exe
.exe windows:4 windows x86 arch:x86

8a567512bffdd114fff0e66f783ee625

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetEvent
OpenEventW
lstrlenW
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
GetModuleHandleA
GetStartupInfoA

user32

CharNextW
GetUserObjectInformationW
GetThreadDesktop
LoadStringW

msvcrt

_initterm
_controlfp
__CxxFrameHandler
memcpy
??2@YAPAXI@Z
??3@YAXPAX@Z
_XcptFilter
exit
_acmdln
__getmainargs
_exit
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
AM_Restorer.exe
.exe windows:4 windows x86 arch:x86

d3f9b5423c87da0a4dd66bc48bce344f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
GetCommandLineW
WaitForSingleObject
InterlockedDecrement
GetModuleHandleA
GetStartupInfoA
lstrlenW
CloseHandle

user32

SetSystemCursor
SystemParametersInfoW
CopyIcon
LoadStringW
LoadCursorW

msvcrt

exit
_controlfp
_except_handler3
__CxxFrameHandler
swscanf
__set_app_type
memcpy
??2@YAPAXI@Z
??3@YAXPAX@Z
wcsstr
_exit
_XcptFilter
wcslen
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 982B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
AmlMaple.dll
.dll windows:4 windows x86 arch:x86

c9fcf4c7eef8679b74e7edd1e8a1e09a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
lstrcmpiA
LoadLibraryA
LoadLibraryW
LoadLibraryExA
LoadLibraryExW
GetVersionExW
lstrcmpW
lstrlenW
InterlockedExchange
HeapFree
GetCurrentProcess
GetProcessHeap
GetModuleFileNameW
HeapDestroy
HeapCreate
GetModuleHandleW
GetLocaleInfoW
GetCurrentThreadId
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
IsBadStringPtrW
WriteProcessMemory
VirtualQuery
GetCurrentProcessId
CreateToolhelp32Snapshot
Module32FirstW
Module32NextW
CloseHandle
GetProcAddress
GetSystemInfo
GetModuleHandleA
GetWindowsDirectoryW
GetModuleFileNameA
HeapAlloc
ExitProcess

user32

GetParent
HideCaret
ShowCaret
GetGUIThreadInfo
GetKeyboardLayout
GetKeyState
PostMessageW
UnhookWinEvent
SetCaretPos
RedrawWindow
IsRectEmpty
InvalidateRect
DestroyCaret
CreateCaret
GetFocus
SendMessageW
DrawTextW
SystemParametersInfoW
FillRect
GetClassNameW
GetActiveWindow
MessageBoxA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetKeyboardLayoutList

gdi32

CreateCompatibleBitmap
CreateSolidBrush
GetObjectW
CreateFontIndirectW
SetTextColor
SetBkMode
CreateDCW
CreateCompatibleDC
DeleteDC
DeleteObject
SelectObject

imagehlp

ImageDirectoryEntryToData

msvcrt

_local_unwind2
_except_handler3
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
_wcsicmp
_wcsupr
wcscat
wcscpy
_wsplitpath
wcschr
swprintf
wcsncpy
wcslen
__dllonexit
_onexit
wcscmp

Exports

Exports

AM_GetAbbr
AM_GetFlags
AM_Install
AM_InstallEncoder
AM_SetColorData
AM_SetFlags
AM_Uninstall
AM_UninstallEncoder

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.amlclrs
Size: 512B - Virtual size: 102B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AmlMaple.exe
.exe windows:4 windows x86 arch:x86

861048d5d64c1cd9359f4191ba4806d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32FirstW
CreateMutexW
FindNextFileW
MulDiv
ReadFile
GetFileSize
FileTimeToSystemTime
FileTimeToLocalFileTime
WritePrivateProfileStringW
WritePrivateProfileStructW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStructW
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
HeapFree
GetProcessHeap
WideCharToMultiByte
IsBadStringPtrA
SizeofResource
FindResourceExW
EnumResourceLanguagesW
EnumResourceNamesW
EnumResourceTypesW
VirtualAlloc
lstrcatW
VirtualFree
GlobalDeleteAtom
GlobalAddAtomW
SetFilePointer
LoadLibraryExW
UnmapViewOfFile
FlushViewOfFile
MapViewOfFile
CreateFileMappingW
GetUserDefaultLangID
HeapAlloc
GetTimeZoneInformation
LocalFree
LocalAlloc
Module32NextW
GetCurrentDirectoryW
LocalFileTimeToFileTime
Process32NextW
FindFirstChangeNotificationW
LCMapStringW
GetOEMCP
SetEndOfFile
LoadLibraryA
CreateFileA
SetStdHandle
GetStringTypeW
GetStringTypeA
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
SetUnhandledExceptionFilter
FlushFileBuffers
LCMapStringA
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
HeapSize
TerminateProcess
TlsGetValue
TlsAlloc
TlsSetValue
ExitProcess
GetVersion
GetStartupInfoW
GetModuleHandleA
RaiseException
HeapReAlloc
RtlUnwind
CreateToolhelp32Snapshot
Module32FirstW
lstrcpynW
CopyFileW
CompareStringW
lstrcmpiW
lstrcpyW
GlobalMemoryStatus
GetSystemInfo
GetACP
GetCPInfoExW
FindResourceW
LoadResource
LockResource
GlobalHandle
FreeResource
CreateFileW
WriteFile
CreateProcessW
CompareFileTime
GlobalSize
GlobalFree
GetThreadLocale
SystemTimeToFileTime
GetDateFormatW
GetTimeFormatW
GetSystemTime
DeleteFileW
SetFileAttributesW
SetThreadPriority
ResumeThread
SetErrorMode
GetFileAttributesW
GetDriveTypeW
IsBadWritePtr
GetTempFileNameW
IsBadStringPtrW
GetModuleFileNameW
GetTempPathW
FindFirstFileW
FindClose
OpenMutexW
ReleaseMutex
SetLastError
SetThreadLocale
CreateDirectoryW
GetSystemDirectoryW
FindNextChangeNotification
FindCloseChangeNotification
GetLastError
FormatMessageW
IsBadCodePtr
GetLocaleInfoW
GetVersionExW
MultiByteToWideChar
WaitForMultipleObjects
InterlockedCompareExchange
GetTickCount
GetComputerNameW
GetLocalTime
GetCurrentProcessId
Sleep
CreateThread
GetCurrentProcess
FlushInstructionCache
lstrcmpW
GlobalAlloc
GlobalLock
GlobalUnlock
OpenEventW
WaitForSingleObject
ResetEvent
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
GetCurrentThreadId
SetEvent
CloseHandle
CreateEventW
GetProcAddress
InterlockedExchange
GetUserDefaultLCID
IsBadReadPtr
OutputDebugStringW
DebugBreak
lstrlenA
GetModuleHandleW
LoadLibraryW
FreeLibrary
InterlockedIncrement
lstrlenW
SetFileTime
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

GetMenuItemRect
GetClassInfoW
CallWindowProcA
GetMenu
FindWindowExW
ShowCursor
WindowFromPoint
GetWindowRgn
GetWindowDC
LoadKeyboardLayoutW
SendMessageTimeoutW
GetAsyncKeyState
SetWinEventHook
UnhookWinEvent
AdjustWindowRectEx
RemoveMenu
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
AdjustWindowRect
EqualRect
DestroyAcceleratorTable
CheckMenuItem
EnableMenuItem
DrawFrameControl
IsMenu
CallNextHookEx
SetWindowsHookExW
ActivateKeyboardLayout
GetKeyboardLayoutNameW
GetKeyboardState
VkKeyScanExW
ToUnicodeEx
ShowCaret
UnregisterClassW
RegisterHotKey
UnregisterHotKey
GetNextDlgTabItem
MapVirtualKeyW
GetKeyNameTextW
IsCharAlphaNumericW
CharUpperBuffW
InflateRect
SetClassLongW
SetCursorPos
DialogBoxParamW
IsRectEmpty
EnumChildWindows
SetMenuDefaultItem
EndDialog
DrawFocusRect
OffsetRect
GetCursorPos
DestroyMenu
PtInRect
GetCapture
UpdateWindow
SetRectEmpty
GetKeyboardType
GetKeyState
MapVirtualKeyExW
CreatePopupMenu
AppendMenuW
TrackPopupMenu
GetSubMenu
ClientToScreen
ValidateRect
GetMonitorInfoW
CopyRect
ScreenToClient
IsWindowEnabled
GetDlgCtrlID
CreateDialogIndirectParamW
MapWindowPoints
GetSysColorBrush
EnableWindow
GetWindowRect
GetUserObjectInformationW
GetThreadDesktop
CopyImage
DrawIconEx
DrawTextW
GetSystemMetrics
MonitorFromWindow
PostQuitMessage
IsClipboardFormatAvailable
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
IsIconic
FlashWindow
SetForegroundWindow
SetActiveWindow
AttachThreadInput
CloseClipboard
EnumWindows
EnumThreadWindows
GetMenuItemCount
GetMenuItemID
InsertMenuW
GetKeyboardLayoutList
SetCursor
DestroyIcon
MessageBeep
CharUpperW
GetPropW
RemovePropW
wsprintfW
GetDlgItem
SendMessageW
InvalidateRgn
InvalidateRect
SetCapture
ReleaseCapture
CreateAcceleratorTableW
GetDesktopWindow
GetClassNameW
RedrawWindow
SetWindowPos
BeginPaint
GetClientRect
FillRect
EndPaint
GetIconInfo
ReleaseDC
CreateIconIndirect
LoadStringW
wvsprintfW
CharNextW
ShowWindow
GetParent
IsWindow
DestroyWindow
MessageBoxW
DestroyCursor
LoadCursorW
SetTimer
SetMenuItemInfoW
EndMenu
GetMessagePos
KillTimer
GetKeyboardLayout
GetWindowThreadProcessId
GetForegroundWindow
IsWindowVisible
UnhookWindowsHookEx
CreateWindowExW
RegisterClassExW
LoadIconW
DefWindowProcW
CopyIcon
LoadImageW
DispatchMessageW
TranslateMessage
GetMessageW
PostMessageW
GetDoubleClickTime
EnumDisplaySettingsW
GetClassLongW
EnumDisplayMonitors
LoadMenuW
SendInput
FindWindowW
SetRect
GetMenuStringW
ModifyMenuW
RegisterClassW
SetScrollPos
UnionRect
SystemParametersInfoW
SetSystemCursor
CallWindowProcW
GetDC
GetFocus
IsChild
SetFocus
GetSysColor
GetWindowLongW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SetWindowLongW
GetWindow
RegisterWindowMessageW
GetClassInfoExW
CreateDialogParamW

comctl32

ord17
ImageList_ReplaceIcon
ImageList_Create
ImageList_SetBkColor
ImageList_GetImageCount
ImageList_Destroy
InitCommonControlsEx
_TrackMouseEvent

shell32

SHGetSpecialFolderLocation
Shell_NotifyIconW
ShellExecuteW
SHGetFileInfoW
SHGetMalloc
SHGetSpecialFolderPathW
DragAcceptFiles
DragQueryFileW
DragFinish
FindExecutableW

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
CheckTokenMembership
SetEntriesInAclW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetUserNameW
OpenProcessToken
RegQueryValueW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegDeleteValueW
RegNotifyChangeKeyValue
RegCreateKeyExW
AccessCheck
MapGenericMask
DuplicateToken
GetFileSecurityW
FreeSid
AllocateAndInitializeSid

gdi32

BitBlt
SelectObject
GetObjectW
GetObjectType
CreateCompatibleDC
DeleteObject
DeleteDC
GetStockObject
GetDeviceCaps
CreateCompatibleBitmap
CreateSolidBrush
LineTo
MoveToEx
CreatePen
CreateFontIndirectW
CreateDCW
SetPixel
GetPixel
SetTextColor
SetBkMode
SetBkColor
GetTextCharacterExtra
SetTextAlign
ExtTextOutW
RestoreDC
GetTextExtentPoint32W
SaveDC
GetTextMetricsW
RoundRect
GetCurrentObject
SelectClipRgn
CreateRoundRectRgn
GetBitmapBits
GetDIBits
FrameRgn
CreateRectRgn
FillRgn
CreatePolygonRgn
CreateBitmap

ole32

CoInitializeEx
OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoInitialize
CoUninitialize

oleacc

AccessibleObjectFromEvent
AccessibleObjectFromWindow

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

comdlg32

GetOpenFileNameW

winmm

PlaySoundW

wininet

HttpSendRequestW
InternetConnectW
InternetOpenW
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
HttpQueryInfoW
HttpOpenRequestW

shlwapi

ord487

olepro32

ord253

oleaut32

VariantClear
SysAllocString
SysFreeString
SysAllocStringLen
LoadRegTypeLi
SysStringLen
DispCallFunc

Sections

.text
Size: 624KB - Virtual size: 623KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Belorussian.lng
BrazilianPortuguese.lng
Bulgarian.lng
Chinese Simplified.lng
FlgCrt.dll
.dll windows:4 windows x86 arch:x86

4002a84c65eec45213b5a2668d8a3aaa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
LoadLibraryW
GlobalGetAtomNameW
CreateThread
VirtualFree
VirtualAlloc
ResetEvent
OpenEventW
WaitForSingleObject
WriteFile
CreateFileW
SetFilePointer
LocalFree
LocalAlloc
CloseHandle
IsBadWritePtr
GetCurrentThreadId
IsBadStringPtrW
InterlockedExchange
GetModuleHandleW
GetProcAddress
GlobalAddAtomW
SetEvent

advapi32

AllocateAndInitializeSid
SetEntriesInAclW
FreeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl

user32

GetFocus
SetWindowsHookExW
GetAsyncKeyState
GetForegroundWindow
UnhookWindowsHookEx
GetCaretPos
ClientToScreen
CallNextHookEx
GetWindowThreadProcessId
GetKeyboardLayout
IsWindow
SendMessageTimeoutW

msvcrt

memset
wcscpy
wcscat
wcscmp
__CxxFrameHandler
_except_handler3
wcsncpy
wcsncat
wcslen

Exports

Exports

AM_Get_DLL_Info
Install
Install2
InstallWndHook
UnInstall

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.amlmacc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WPH
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 642B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
French.lng
GGSoundUtil.dll
.dll windows:4 windows x86 arch:x86

4b8c6e649fedd5aa2b147148cdaddca5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Gosha.CPP\Cls_Mdl\SoundUtil_Test\SoundUtil2_DLL\release\GGSoundUtil.pdb

Imports

ole32

CoUninitialize
CoInitialize
CoCreateInstance

msvcr80

__CppXcptFilter
_crt_debugger_hook
_adjust_fdiv
__clean_type_info_names_internal
__CxxFrameHandler3
__dllonexit
_lock
_onexit
_except_handler4_common
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
??3@YAXPAX@Z
_unlock

kernel32

GetCurrentThreadId
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetTickCount

Exports

Exports

SU2_SetMute_Current_Process

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
German.lng
Hebrew.lng
Hellenic.lng
Help_By.chm
.chm
Help_En.chm
.chm
Help_Ru.chm
.chm
Help_UK.chm
.chm
Italian.lng
Kazakh.lng
Korean.lng
Lithuanian.lng
LocalizationExample.lng
Magyar.lng
Norwegian.lng
Polish.lng
Russian.lng
SHOW_COMMAND_LINE_KEYS.Bat
SHOW_DETECT_langs.Bat
SHOW_MENU.Bat
SHOW_SETTINGS.Bat
Serbian.lng
Sinhala.lng
Spanish.lng
Turkish.lng
Ukrainian.lng
UpdateReport_Pl.htm
UpdateReport_Ru.htm
already_work.wav
arabic.lng
encode.wav
lang_blinked.wav
start.wav
start_asadmin.wav
uninst.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

9b6b6a7858e17fb0b17e1c1428330343

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GetACP
lstrlenA
lstrcmpA
lstrcpynA
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc

user32

SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
LoadIconA
SendMessageA
ShowWindow
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 40KB

.rsrc Size: 20KB - Virtual size: 20KB

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

9b6b6a7858e17fb0b17e1c1428330343

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 697B

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 352B

.reloc Size: 512B - Virtual size: 320B

a648aeaa164b592c1e8892a10400b5ae

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 296B

.reloc Size: 1024B - Virtual size: 518B

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

Imports

kernel32

user32

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 40KB

.rsrc
Size: 20KB - Virtual size: 20KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 697B

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 320B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 296B

.reloc
Size: 1024B - Virtual size: 518B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 428B

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1024B - Virtual size: 982B

.data
Size: 512B - Virtual size: 244B

.rsrc
Size: 3KB - Virtual size: 3KB

.text
Size: 15KB - Virtual size: 14KB

.data
Size: 1024B - Virtual size: 1KB

.amlclrs
Size: 512B - Virtual size: 102B

.CRT
Size: 512B - Virtual size: 28B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 624KB - Virtual size: 623KB