46bb762303fc8398106a53388b1e45a0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

46bb762303fc8398106a53388b1e45a0_JaffaCakes118
Size

8.6MB
MD5

46bb762303fc8398106a53388b1e45a0
SHA1

3d9e04370fe50635d395c2ef6893ce12d3cc9a04
SHA256

f0c7cea18e6e8f3cf26fc7940bc3fade76c6db2fd374855e681df2759b468d78
SHA512

74e5ddb29a3cdb98b4619450d02ef8350ec7e054436f2dd886703bb76d0073863b288177a2ad6614253a52b405c7dcd0db1d5ea181f47d21bbceefd40bda3721
SSDEEP

196608:3uZ5HbCbijuzHNJ/W60B+XUTxqXzHLHc6N9sr:ev+bi0OTxELc2s

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/EGALAX TOUCH_Win7_5.6.0.6806/ISSetup.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/EGALAX TOUCH_Win7_5.6.0.6806/ISSetup.dll	upx

Unsigned PE 29 IoCs

Checks for missing Authenticode signature.

resource
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/ISSetup.dll
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/global/COMBUS.exe
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/global/ClearTKHandle.exe
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/global/LaunchTouchMon.exe
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/global/MonitorMapping.exe
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/global/XTouch32EX.dll
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/global/eGalaxTouch.exe
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/global/lpk.dll
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/global/mfc42.dll
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/global/mouclass.sys
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/global/msvcrt.dll
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/global/xAuto4PtsCal.exe
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/global/xTouchMon.exe
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/global/xTouchMon2k.exe
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/global/xtkutility.dll
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/global/xtkutility2k.dll
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/lpk.dll
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/win7x32/combus.sys
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/win7x32/devcon.exe
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/win7x32/egxfilter.sys
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/win7x32/lpk.dll
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/win7x32/sertouch.sys
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/win7x32/xtouch.sys
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/win7x64/combus.sys
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/win7x64/devcon.exe
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/win7x64/egxfilter.sys
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/win7x64/lpk.dll
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/win7x64/sertouch.sys
unpack001/EGALAX TOUCH_Win7_5.6.0.6806/win7x64/xtouch.sys

Files

46bb762303fc8398106a53388b1e45a0_JaffaCakes118
.rar
EGALAX TOUCH_Win7_5.6.0.6806/ISSetup.dll
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProductSKU
InstallEngineTypelib
RemoveEngineTypelib

Sections

UPX0
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 356KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
EGALAX TOUCH_Win7_5.6.0.6806/PS2setup.bat
EGALAX TOUCH_Win7_5.6.0.6806/PS2setup.iss
EGALAX TOUCH_Win7_5.6.0.6806/TouchKit.xpo
EGALAX TOUCH_Win7_5.6.0.6806/_Setup.dll
.dll windows:4 windows x86 arch:x86

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

03:69:39:c4:75:d5:3c:1d:70:99:2d:b8:a8:7e:b7:d3
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

10/02/2006, 00:00

Not After

20/02/2008, 23:59

Subject

CN=Macrovision Corporation,OU=ENGINEERING,O=Macrovision Corporation,L=Schaumburg,ST=Illinois,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

71:42:63:c0:8c:8b:dc:e9:b1:9f:e5:06:03:fa:23:ec:e3:ee:77:a5
Signer

Actual PE Digest

71:42:63:c0:8c:8b:dc:e9:b1:9f:e5:06:03:fa:23:ec:e3:ee:77:a5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 4KB - Virtual size: 6B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/data1.cab
EGALAX TOUCH_Win7_5.6.0.6806/data1.hdr
EGALAX TOUCH_Win7_5.6.0.6806/data2.cab
EGALAX TOUCH_Win7_5.6.0.6806/global/COMBUS.exe
.exe windows:4 windows x86 arch:x86

348be35a4afc5af614598897bb5bc8d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
GetACP
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
RaiseException
HeapAlloc
GetProfileStringA
HeapFree
TerminateProcess
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
FormatMessageA
GetFileTime
GetFileSize
GetFileAttributesA
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
DuplicateHandle
SetErrorMode
GetOEMCP
GetCPInfo
GetThreadLocale
SizeofResource
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
MulDiv
SetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
GetProcAddress
lstrlenA
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
OutputDebugStringA
WriteFile
CreateFileA
GetLastError
CloseHandle
WaitForSingleObject
IsBadWritePtr
GetExitCodeProcess

user32

InvalidateRect
CharUpperA
RegisterClipboardFormatA
PostThreadMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
ScreenToClient
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
CopyAcceleratorTableA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
CopyRect
GetDC
ReleaseDC
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
GetNextDlgGroupItem
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
LoadIconA
SendMessageA
PostQuitMessage
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
RemovePropA
MessageBeep
GetWindowLongA
MessageBoxA
SetCursor
PostMessageA
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
DefDlgProcA
IsWindowUnicode
AppendMenuA
CharNextA
InflateRect
GetSysColorBrush
PtInRect
GetClassNameA
GetDesktopWindow
LoadCursorA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
DestroyMenu
LoadStringA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
DestroyWindow
SetRect
OffsetRect

gdi32

SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
ScaleViewportExtEx
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetMapMode
DPtoLP
GetTextColor
GetBkColor
LPtoDP
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
PatBlt
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA

shell32

ShellExecuteExA

comctl32

ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create
ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleUninitialize

olepro32

ord253

oleaut32

VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
VariantCopy
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysStringLen
VariantClear

Sections

.text
Size: 148KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/global/ClearTKHandle.exe
.exe windows:4 windows x86 arch:x86

ed8702941ee1e8c0a1c5229b03bdcab1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord2621
ord1134
ord825
ord5265
ord4376
ord5731
ord4998
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord641
ord324
ord4234
ord4710
ord755
ord470
ord1168
ord2379
ord1146
ord2512
ord2554
ord4486
ord6375
ord4274
ord4853
ord4673
ord1576

msvcrt

_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_acmdln
exit
_XcptFilter
__getmainargs
_setmbcp
__CxxFrameHandler
__dllonexit
_onexit
_exit

kernel32

GetModuleHandleA
GetStartupInfoA

user32

EnableWindow
GetClientRect
IsIconic
SendMessageA
DrawIcon
GetSystemMetrics
LoadIconA

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/global/Ding.wav
EGALAX TOUCH_Win7_5.6.0.6806/global/DingCal.wav
EGALAX TOUCH_Win7_5.6.0.6806/global/ESC7000.txt
EGALAX TOUCH_Win7_5.6.0.6806/global/LaunchTouchMon.exe
.exe windows:4 windows x86 arch:x86

1aed31afb7ff23b5b1cb42cd12106c59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord800
ord537
ord1134
ord825
ord5265
ord4376
ord4853
ord1089
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord641
ord324
ord4234
ord4710
ord755
ord470
ord1168
ord2379
ord1146
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4998
ord4673
ord1576

msvcrt

__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
exit
_XcptFilter
_exit
_onexit
__dllonexit
_setmbcp
memcpy
strlen
memset
__CxxFrameHandler
_acmdln

kernel32

GetStartupInfoA
GetModuleHandleA
CreateProcessA
Sleep

user32

EnableWindow
LoadIconA
IsIconic
SendMessageA
DrawIcon
GetSystemMetrics
IsWindow
GetClientRect

advapi32

RegCreateKeyExA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/global/MonitorMapping.exe
.exe windows:4 windows x86 arch:x86

199deb49d28de3fb829efcb29feca7fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
TerminateProcess
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
GetFileTime
GetFileSize
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
SetErrorMode
GetOEMCP
GetCPInfo
GetThreadLocale
GetProcessVersion
GetLastError
WritePrivateProfileStringA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
lstrcpynA
GlobalUnlock
MulDiv
GetModuleHandleA
SetLastError
FindResourceA
LoadResource
LockResource
GlobalFree
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetTickCount
LoadLibraryA
GetProcAddress
VirtualFree
OutputDebugStringA

user32

GetSysColorBrush
CharNextA
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
MessageBeep
CharUpperA
RegisterClipboardFormatA
PostThreadMessageA
DestroyMenu
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
PtInRect
GetWindowTextA
GetDlgCtrlID
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
OffsetRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
UnhookWindowsHookEx
CopyRect
GrayStringA
DrawTextA
TabbedTextOutA
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
LoadStringA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SetCursor
GetClassNameA
GetDesktopWindow
EnableWindow
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
MoveWindow
BeginPaint
EndPaint
DefWindowProcA
FindWindowA
CreateWindowExA
SetTimer
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
GetSystemMetrics
KillTimer
ShowCursor
PostQuitMessage
CloseWindow
EnumDisplaySettingsA
MessageBoxA
GetClientRect
InvalidateRect
UpdateWindow
PostMessageA
LoadIconA
LoadCursorA
RegisterClassExA
SetWindowLongA
UnregisterClassA

gdi32

GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetMapMode
CreateFontIndirectA
DPtoLP
GetObjectA
GetTextColor
GetBkColor
LPtoDP
MoveToEx
DeleteObject
GetStockObject
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkMode
SetBkColor
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
AngleArc
BitBlt
RoundRect
Ellipse
CreateCompatibleDC
CreateCompatibleBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

xtkutility

ord10
ord96
ord87
ord9
ord11
ord89
ord15
ord13
ord8
ord30
ord88

Sections

.text
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/global/PROFILE.TXT
EGALAX TOUCH_Win7_5.6.0.6806/global/TKT_BLK.CUR
EGALAX TOUCH_Win7_5.6.0.6806/global/TOUCH.INI
EGALAX TOUCH_Win7_5.6.0.6806/global/Thumbs.db
EGALAX TOUCH_Win7_5.6.0.6806/global/UserGuide.chm
.chm
EGALAX TOUCH_Win7_5.6.0.6806/global/XTouch32EX.dll
.dll windows:4 windows x86 arch:x86

2f317853c8d259d7677ec796dc6f12cf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

newdev

UpdateDriverForPlugAndPlayDevicesA

hid

HidD_GetHidGuid
HidD_GetAttributes

mfc42

ord6199
ord860
ord4160
ord4710
ord2645
ord825
ord2379
ord6055
ord1776
ord5290
ord3402
ord4424
ord3698
ord567
ord3663
ord640
ord2450
ord6170
ord1640
ord323
ord4133
ord4297
ord5788
ord472
ord537
ord823
ord3693
ord3626
ord2414
ord3619
ord6467
ord5787
ord283
ord3573
ord6172
ord5873
ord2818
ord939
ord940
ord2614
ord1168
ord1200
ord665
ord2764
ord4204
ord354
ord602
ord1081
ord858
ord3092
ord6394
ord5440
ord6383
ord715
ord5597
ord5789
ord5823
ord3664
ord415
ord1641
ord3567
ord941
ord1871
ord5605
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord4622
ord3738
ord561
ord815
ord4234
ord2302
ord800
ord324
ord540
ord641
ord765
ord3597
ord4425
ord4627
ord4080
ord269
ord826
ord600
ord1578
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1575
ord1176
ord1116
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4853
ord4376
ord5265
ord5450

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
memmove
strcpy
fprintf
strtoul
fseek
time
rand
atoi
fopen
fread
fclose
sprintf
sscanf
strncpy
malloc
free
labs
_strcmpi
strlen
memcpy
_ftol
__CxxFrameHandler
_stricmp
memset

kernel32

InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetWindowsDirectoryA
SetFileAttributesA
DeleteFileA
CreateEventA
WaitForSingleObject
ResetEvent
SetEvent
GetModuleHandleA
FreeLibrary
SetCommTimeouts
GetLastError
FormatMessageA
LocalFree
GetVersionExA
OutputDebugStringA
GetVersion
CreateFileA
CloseHandle
Beep
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
Sleep
ReadFile
DeviceIoControl
LocalAlloc
GetCommTimeouts
SetCommState
GetCommState
ExitThread
CreateThread
CancelIo
GetOverlappedResult
DeleteCriticalSection
WriteFile
GetExitCodeProcess
GetCurrentProcess
WaitForMultipleObjects

user32

EnumDisplaySettingsA
ShowWindow
InvalidateRect
GetDC
MessageBoxA
DrawTextA
ReleaseDC
GetWindowDC
GetSystemMetrics
RegisterDeviceNotificationA
UnregisterDeviceNotification
SystemParametersInfoA
GetDoubleClickTime
CreateWindowExA
SetWindowPos
FindWindowA
RegisterWindowMessageA
EnumDisplayMonitors
SetWindowLongA
GetWindowLongA
BeginPaint
GetClientRect
EndPaint
DefWindowProcA
GetMonitorInfoA
LoadIconA
LoadCursorA
RegisterClassExA
SendMessageA
EnableWindow
KillTimer
SetTimer
PostMessageA

gdi32

CreateFontIndirectA
Arc
GetStockObject
Rectangle

advapi32

RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA

shell32

ShellExecuteExA

setupapi

SetupDiOpenDevRegKey
SetupDiDeleteDeviceInterfaceRegKey
SetupDiGetDeviceInstanceIdA
SetupDiBuildDriverInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupCopyOEMInfA
SetupDiRemoveDevice
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiSetDeviceRegistryPropertyA
SetupDiSetClassInstallParamsA
SetupDiChangeState
SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList

Exports

Exports

CloseDevice
CopyCatalogFile
CreateDevice
DelInfAndHWRegKey
DeleteInf
DoCalibration
DoDrawTest
DoLinearization
DoLinearizationEx
EnableAutoRightButton
EnableConstTouch
EnableTouch
EnumerateHidDigitizerEx
EnumerateHidTouchscreen
EnumerateTouchDevice
EnumerateTouchInstance
ExitTray
GetBranchFormat
GetCalInfo
GetConstTouchInfo
GetEdgeInfo
GetLinzErrorPercent
GetLinzInfo
GetMonitorInfo32
GetMouseMode
GetOrientation
GetTouchBeepInfo
GetTouchDriverVersion
HID_SetDefault2Registry
IsAnyControllerExist
IsRunIn64BitOS
IsWin64
IsWin7Version
PreInstallDrv
PreInstallHIDDPen
PreInstallPS2Drv
PreInstallPS2HIDDrv
PreInstallPS2HIDPen
PreInstallSerialDrv
PreInstallSerialHIDPen
PreInstallTKBus
RegisterTPNotifyMessage
RemoveSerHWKey
RestartFirmware
ScanCOMDeviceHideDialog
ScanCOMHidDeviceDialog
ScanCOMHidDeviceHideDialog
ScanCOMPortDevice
SearchHIDSerialTouch2Remove
SearchSerialTouch
SetActiveArea
SetBranchFormat
SetCalInfo
SetConstTouchInfo
SetDefault2Registry
SetEdgeInfo
SetHIDDef2Reg
SetLinzErrorPercent
SetLinzInfo
SetMonitorInfo32
SetMouseMode
SetOrientation
SetShowDisplayPageFlagToServiceReg
SetTouchBeepInfo
SetValueToServiceXTouchReg
SetXPDefReg
StartDeviceThread
StopDeviceThread
UnInstallPS2Drv
UnInstallPS2HIDDrv
UnLoadHID
UnLoadUsbDrv
UnLoadUsbDrv2k
UninstallSerialInstance
UpdateControllerCalInfo
UpdateControllerLinzInfo
UpdateMonitorInfo
VerifyEEPROM
_AddPS2Instance@0
_AddRemoveHidPS2FilterDriver@12
_AddRemovePS2FilterDriver@12
_AddSerialInstance@4
_CheckTypeAndModel@4
_DisableEnableUsbDrv@12
_DoMonitorMap@16
_DoSeCode@4
_EnableMultiMonitor@8
_EnableOnePointCalibration@4
_EnableSplitDisplay@8
_EnumerateHIDTouchInstanceEx@28
_EnumerateTouchInstanceEx@12
_GetBlockEEPROM@24
_GetCAT2FilterOrder@12
_GetCAT2ReportFormat@8
_GetCAT2SignalFreq@8
_GetCAT2SignalGain@8
_GetCAT2SkipCnts@8
_GetCAT2Threshold@8
_GetCapGainFactor@8
_GetCapIntegTimeConst@8
_GetCapTouchDownThreshold@8
_GetEEPROM@12
_GetHardwareInfo2@24
_GetHardwareInfo@24
_GetLanguage@0
_GetModelName@8
_GetMsgStringPointer@0
_GetRandomNum@0
_GetTYPEName@8
_GetTouchDbClickRange@0
_GetTouchDbClickSpeed@0
_IsDeviceBusy@4
_IsDeviceExistOnThePort@4
_QueryCommName@12
_QueryTouchscreenCommType@8
_ReCalcWorkingArea@4
_RegisterAddRemoveInterfaceNotify@4
_RegisterDeviceAddRemoveNotify@8
_RegisterDeviceRemoval@12
_RegisterDeviceRemovalHook@12
_RegisterHookCmd@16
_RegisterNotifyMessage@16
_RemovePS2Instance@0
_RemoveSerialInstance@4
_RemoveSerialTouchInstance@4
_SearchandAddHIDTouchInstance@0
_SearchandAddTouchInstance@0
_SetBlockEEPROM@20
_SetCAT2FilterOrder@12
_SetCAT2ReportFormat@8
_SetCAT2SignalFreq@8
_SetCAT2SignalGain@8
_SetCAT2SkipCnts@8
_SetCAT2Threshold@8
_SetCapGainFactor@8
_SetCapIntegGainConst@8
_SetCapIntegTimeConst@8
_SetCapTouchDownThreshold@8
_SetDeviceBusy@8
_SetEEPROM@12
_SetESCAPSurCapCmd@8
_SetLanguage@4
_SetTouchDbClickRange@4
_SetTouchDbClickSpeed@4
_SetWatchdogTimeOut@8
_UnRegisterAddRemove@4
_UnRegisterHookCmd@8
_UpdateLanguageText@4
_WakeUPDevices@0
_WriteDevice@12

Sections

.text
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/global/eGalaxTouch.exe
.exe windows:4 windows x86 arch:x86

d0e4ee3898cd75fc27e8bb48fb8cb92d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

xtkutility

ord2
ord3

mfc42

ord5265
ord4377
ord4854
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5287
ord3798
ord4835
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4425
ord489
ord768
ord4258
ord825
ord823
ord1008
ord1168
ord1908
ord1690
ord2528
ord6055
ord1776
ord5288
ord4837
ord4439
ord2054
ord4431
ord496
ord497
ord4358
ord4259
ord4715
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord1576
ord4424
ord3738
ord815
ord561
ord2621
ord1134
ord860
ord3663
ord800
ord540
ord2725
ord5450
ord6394
ord5440
ord6383
ord4376
ord4853
ord5280
ord3597
ord324
ord641
ord4234
ord693
ord686
ord2096
ord384
ord2302
ord6901
ord4160
ord755
ord470
ord6215
ord4284
ord2863
ord2379
ord1146
ord2582
ord4402
ord5290
ord3370
ord3640
ord567
ord2862
ord3998
ord4948
ord4976
ord4742
ord4905
ord5160
ord5162
ord5161
ord1907
ord771
ord4622

msvcrt

_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
exit
_XcptFilter
_exit
_onexit
__dllonexit
malloc
free
memset
__CxxFrameHandler
_setmbcp
memcpy

kernel32

GetModuleHandleA
GetStartupInfoA
Sleep
GetSystemDefaultLangID

user32

LoadIconA
GetClientRect
IsIconic
GetSystemMenu
AppendMenuA
DrawIcon
GetSystemMetrics
IsWindow
PostMessageA
SendMessageA
EnableWindow
ExitWindowsEx

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA

comctl32

ImageList_ReplaceIcon

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/global/eGalaxTouch_reg.ini
EGALAX TOUCH_Win7_5.6.0.6806/global/logo1.bmp
EGALAX TOUCH_Win7_5.6.0.6806/global/lpk.dll
.dll windows:5 windows x86 arch:x86

00c5fd00087020a0645079ce30f4148b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetProcAddress
RtlMoveMemory
LoadLibraryW
lstrcatW
GetSystemDirectoryW
FreeLibrary
lstrcpynA
LockResource
LoadResource
SizeofResource
FindResourceW
CreateProcessW
RtlZeroMemory
CloseHandle
WriteFile
CreateFileW
GetTempFileNameW
GetTempPathW
GetLastError
CreateMutexA
lstrcmpiW
GetModuleFileNameW
GetExitCodeProcess
TerminateProcess
WaitForSingleObject
GetCurrentThreadId
GetFileAttributesW
lstrcpyW
GetTickCount
GetLogicalDrives
FindNextFileW
SetFileAttributesW
CopyFileW
FindClose
FindFirstFileW
WaitForMultipleObjects
TerminateThread
ResumeThread
SetThreadPriority
CreateThread
SetEvent
CreateEventW
DisableThreadLibraryCalls

user32

wsprintfW

shell32

ord64
ord92

shlwapi

SHRegGetValueW
PathFindExtensionW
PathFindFileNameW
PathAppendW
PathRemoveFileSpecW
StrStrIW

Exports

Exports

LpkDllInitialize
LpkDrawTextEx
LpkEditControl
LpkExtTextOut
LpkGetCharacterPlacement
LpkGetTextExtentExPoint
LpkInitialize
LpkPSMTextOut
LpkTabbedTextOut
LpkUseGDIWidthCache
ftsWordBreak

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/global/m2L.bmp
EGALAX TOUCH_Win7_5.6.0.6806/global/m2R.bmp
EGALAX TOUCH_Win7_5.6.0.6806/global/mfc42.dll
.dll regsvr32 windows:4 windows x86 arch:x86

bcd2542f46e742c06cabefff84c7320d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

MFC42.pdb

Imports

msvcrt

memcpy
memmove
malloc
free
abort
_mbsinc
memset
_get_osfhandle
__doserrno
_fdopen
_open_osfhandle
fclose
clearerr
fread
fwrite
fputs
fgets
ftell
fseek
fflush
realloc
_mbscmp
_mbschr
_mbspbrk
_mbsrev
_mbslwr
_mbsupr
wcslen
_mbscspn
_mbsrchr
_mbsspn
_mbsstr
_mbsnbcmp
_mbclen
vsprintf
strlen
sprintf
_ismbcdigit
atoi
_ismbcspace
mktime
gmtime
localtime
strftime
time
_mbctype
_purecall
_msize
calloc
memcmp
abs
strtoul
strtol
strtod
_expand
_mbsdec
_strdup
_endthreadex
_beginthreadex
__p___argv
__p___argc
atol
_fullpath
_splitpath
floor
fabs
_ftol
ceil
modf
_itoa
labs
swprintf
_ultoa
_ltoa
wcscpy
wcsncpy
_mbsnbicmp
??1type_info@@UAE@XZ
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
_initterm
_adjust_fdiv
strcmp
strcpy
_CxxThrowException
__CxxFrameHandler

kernel32

WriteFile
GetProcAddress
LoadLibraryA
lstrcpyA
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetCurrentProcess
GlobalSize
GlobalLock
GlobalAlloc
GlobalReAlloc
GlobalUnlock
GlobalFree
GetFileAttributesA
GetFileSize
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
InterlockedDecrement
WideCharToMultiByte
InterlockedIncrement
LocalFree
FormatMessageA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCPInfo
GetOEMCP
LocalAlloc
LeaveCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
CreateMutexA
ReleaseMutex
CreateEventA
WaitForMultipleObjects
GetVersionExA
GetModuleHandleA
lstrcatA
FreeLibrary
GlobalDeleteAtom
GlobalFindAtomA
GetVersion
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
FreeResource
LockResource
LoadResource
FindResourceA
MulDiv
GetProfileIntA
VirtualProtect
FindResourceExA
SizeofResource
GetProcessVersion
GlobalFlags
GetTempFileNameA
GetDiskFreeSpaceA
LocalUnlock
LocalLock
SearchPathA
GetTempPathA
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
GetCurrentThread
SetErrorMode
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentDirectoryA
FindNextFileA
GetTickCount
lstrlenW
CopyFileA
lstrcpyW
GetUserDefaultLCID
IsDBCSLeadByte
GetSystemDirectoryA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
DuplicateHandle
MultiByteToWideChar
GetModuleFileNameA
GetShortPathNameA
lstrcmpiA
GetThreadLocale
GetStringTypeExA
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
CloseHandle
FlushFileBuffers
SetFilePointer
ReadFile
lstrcmpA
OutputDebugStringA
lstrlenA
IsBadReadPtr
IsBadWritePtr
IsBadStringPtrA
IsBadStringPtrW
GetLastError
SetLastError
lstrcpynA
RaiseException
InterlockedExchange
CreateFileA

gdi32

ScaleWindowExtEx
GetROP2
EnumFontFamiliesA
GetPixel
GetPaletteEntries
RealizePalette
CreatePalette
OffsetRgn
SetBrushOrgEx
CreateMetaFileA
CopyMetaFileA
LPtoDP
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
CreateHatchBrush
ExtCreatePen
CreateDIBPatternBrushPt
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
OffsetWindowOrgEx
SelectPalette
StartDocA
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
OffsetClipRgn
ExcludeClipRect
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
EnumFontFamiliesExA
CreateDCA
CreateRectRgnIndirect
UnrealizeObject
CreateBitmap
CreatePatternBrush
CreatePen
PatBlt
Rectangle
TextOutA
DeleteMetaFile
CloseMetaFile
GetPolyFillMode
ScaleViewportExtEx
IntersectClipRect
GetDeviceCaps
SetMapMode
SetWindowExtEx
SetViewportExtEx
OffsetViewportOrgEx
GetViewportOrgEx
SetViewportOrgEx
GetWindowOrgEx
SetWindowOrgEx
GetCurrentPositionEx
MoveToEx
GetWindowExtEx
GetViewportExtEx
GetTextFaceA
GetTextAlign
RectVisible
PtVisible
GetTextColor
GetBkMode
GetBkColor
Escape
GetNearestColor
SaveDC
RestoreDC
GetStockObject
CreateFontA
GetCharWidthA
DeleteObject
CreateCompatibleBitmap
StretchDIBits
DeleteDC
CreateFontIndirectA
GetTextMetricsA
GetTextExtentPoint32A
ExtTextOutA
BitBlt
SelectObject
CreateCompatibleDC
CreateSolidBrush
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetStretchBltMode

user32

GetScrollRange
LoadStringA
FrameRect
InvalidateRgn
EnumChildWindows
DrawEdge
ClipCursor
GetNextDlgGroupItem
CharNextA
SetWindowContextHelpId
CountClipboardFormats
WindowFromDC
CreateMenu
PostThreadMessageA
InSendMessage
CopyAcceleratorTableA
RegisterClipboardFormatA
InsertMenuA
GetMenuStringA
ShowOwnedPopups
UnregisterClassA
PostQuitMessage
ValidateRect
RemoveMenu
MessageBeep
IsClipboardFormatAvailable
FindWindowA
SetCursorPos
DestroyCursor
DestroyIcon
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
MoveWindow
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetWindowTextA
GetClassNameA
GetSysColorBrush
EndPaint
BeginPaint
TabbedTextOutA
GetDialogBaseUnits
MapDialogRect
GetAsyncKeyState
wvsprintfA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
DrawFocusRect
UnionRect
GrayStringA
DrawTextA
GetTabbedTextExtentA
LockWindowUpdate
GetDCEx
SetParent
GetSystemMenu
AppendMenuA
DeleteMenu
IsRectEmpty
IsZoomed
GetDC
KillTimer
SetTimer
SetRect
LoadBitmapA
ReleaseDC
GetWindowDC
InvertRect
FillRect
PtInRect
InflateRect
RedrawWindow
TranslateMDISysAccel
wsprintfA
GetSystemMetrics
CharUpperA
CharToOemA
OemToCharA
UnhookWindowsHookEx
MsgWaitForMultipleObjects
GetWindow
CopyRect
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongA
GetWindowLongA
CallWindowProcA
DefWindowProcA
SendMessageA
GetDlgCtrlID
GetWindowTextA
GetWindowTextLengthA
GetDlgItem
SetWindowPlacement
RegisterClassA
GetClassInfoA
GetMenuItemCount
GetMenuItemID
GetSubMenu
PostMessageA
GetMenu
GetClientRect
GetParent
UpdateWindow
MessageBoxA
IsWindowVisible
SetActiveWindow
SetScrollInfo
GetScrollInfo
ScrollWindow
ShowScrollBar
GetLastActivePopup
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
SetForegroundWindow
GetForegroundWindow
GetSysColor
MapWindowPoints
EnableWindow
PeekMessageA
LoadIconA
GetScrollPos
SetScrollPos
DrawMenuBar
SetScrollRange
DestroyWindow
GetKeyState
TrackPopupMenu
IsChild
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
SetFocus
IsWindow
GetFocus
GetMessagePos
GetMessageTime
RemovePropA
GetPropA
DispatchMessageA
SendDlgItemMessageA
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
WinHelpA
GetCapture
RegisterWindowMessageA
LoadAcceleratorsA
TranslateAcceleratorA
IsWindowEnabled
GetDesktopWindow
ShowWindow
SetMenu
BringWindowToTop
SetRectEmpty
InvalidateRect
ReleaseCapture
SetCursor
DestroyMenu
LoadMenuA
ReuseDDElParam
UnpackDDElParam
GetActiveWindow
LoadCursorA
ClientToScreen
GetWindowThreadProcessId
SetCapture
WindowFromPoint
GetCursorPos
TranslateMessage
GetMessageA
WaitMessage
DefFrameProcA
DefMDIChildProcA

Exports

Exports

?classCCachedDataPathProperty@CCachedDataPathProperty@@2UCRuntimeClass@@B
?classCDataPathProperty@CDataPathProperty@@2UCRuntimeClass@@B
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 660KB - Virtual size: 656KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 200KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/global/mouclass.sys
.sys windows:5 windows x86 arch:x86

1939285b2dace32918ca43b18fdbb8b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

mouclass.pdb

Imports

ntoskrnl.exe

IoOpenDeviceRegistryKey
IoReleaseRemoveLockEx
IofCompleteRequest
IoReleaseCancelSpinLock
IoAcquireRemoveLockEx
KeSetEvent
KeWaitForSingleObject
KeInitializeEvent
memmove
RtlCopyUnicodeString
RtlQueryRegistryValues
RtlAppendUnicodeToString
ObfDereferenceObject
IoRegisterPlugPlayNotification
IoGetDeviceObjectPointer
IoGetDeviceProperty
IoBuildDeviceIoControlRequest
IoWriteErrorLogEntry
IoAllocateErrorLogEntry
IoUnregisterPlugPlayNotification
IoFreeWorkItem
DbgPrint
IoQueueWorkItem
IoAllocateWorkItem
ZwClose
PoStartNextPowerIrp
PoSetPowerState
PoRequestPowerIrp
SeSinglePrivilegeCheck
KefReleaseSpinLockFromDpcLevel
KefAcquireSpinLockAtDpcLevel
PoSetSystemState
IoDeleteDevice
RtlFreeUnicodeString
KeInitializeSpinLock
IoInitializeRemoveLockEx
IoCreateDevice
IoSetDeviceInterfaceState
IoWMIRegistrationControl
IoCancelIrp
ZwSetValueKey
RtlWriteRegistryValue
IoDetachDevice
IoReleaseRemoveLockAndWaitEx
IoRegisterDeviceInterface
IoAttachDeviceToDeviceStack
IoRegisterDriverReinitialization
VerSetConditionMask
RtlVerifyVersionInfo
ZwPowerInformation
RtlInitUnicodeString
ExAllocatePoolWithTag
ZwQueryValueKey
ExFreePoolWithTag
PoCallDriver
IofCallDriver

hal

KfAcquireSpinLock
KeGetCurrentIrql
ExAcquireFastMutex
ExReleaseFastMutex
KfReleaseSpinLock

wmilib.sys

WmiSystemControl
WmiCompleteRequest

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 417B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 896B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/global/msvcrt.dll
.dll windows:5 windows x86 arch:x86

1838f96daab97a33395f5dee7b6f4a3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcrt.pdb

Imports

kernel32

MultiByteToWideChar
GetLastError
WideCharToMultiByte
Sleep
Beep
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
FindFirstFileW
FindNextFileW
GetCurrentThreadId
TlsSetValue
TlsGetValue
GetCommandLineA
GetVersionExA
GetFileAttributesA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
SetEnvironmentVariableW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
RaiseException
RtlUnwind
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
IsBadCodePtr
CloseHandle
GetExitCodeProcess
WaitForSingleObject
GetProcAddress
LoadLibraryA
FreeLibrary
CreateProcessA
CreateProcessW
HeapReAlloc
GetModuleHandleA
HeapFree
GetModuleFileNameA
HeapAlloc
GetProcessHeap
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapValidate
HeapCompact
HeapWalk
HeapSize
VirtualProtect
GetSystemInfo
VirtualQuery
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
ReadConsoleA
SetConsoleMode
GetConsoleMode
IsDBCSLeadByteEx
GetConsoleCP
ReadConsoleW
SetEndOfFile
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
DuplicateHandle
GetCurrentProcess
GetFileInformationByHandle
PeekNamedPipe
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
LockFile
UnlockFile
SetFilePointer
CreateFileA
CreatePipe
ReadFile
CreateFileW
WriteFile
GetACP
GetOEMCP
GetCPInfo
UnhandledExceptionFilter
CompareStringA
CompareStringW
GetLocaleInfoA
GetLocaleInfoW
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
InitializeCriticalSection
SetLastError
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
InterlockedExchange
ExitProcess
TlsFree
GetCurrentThread
TlsAlloc
ExitThread
ResumeThread
CreateThread
GetModuleFileNameW
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetSystemTimeAsFileTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime
GetTickCount
QueryPerformanceCounter
TerminateProcess

ntdll

RtlGetNtVersionNumbers

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@AAE@PBQBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_cast@@QAE@PBD@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_Fbad_cast@@QAEXXZ
??_Fbad_typeid@@QAEXXZ
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
??_U@YAPAXI@Z
??_V@YAXPAX@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CxxCallUnwindDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
___lc_codepage_func
___lc_handle_func
___mb_cur_max_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pctype_func
__pioinfo
__pxcptinfoptrs
__set_app_type
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__uncaught_exception
__unguarded_readlc_active
__wargv
__wcserror
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_realloc
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_cgetws
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_cputws
_creat
_cscanf
_ctime64
_ctype
_cwait
_cwprintf
_cwscanf
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirst64
_findfirsti64
_findnext
_findnext64
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstat64
_fstati64
_ftime
_ftime64
_ftol
_fullpath
_futime
_futime64
_gcvt
_get_heap_handle
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getwch
_getwche
_getws
_global_unwind2
_gmtime64
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_localtime64
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_mktime64
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osplatform
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putwch
_putws
_pwctype
_read
_resetstkoflw
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_scprintf
_scwprintf
_searchenv
_seh_longjmp_unwind
_set_SSE2_enable
_set_error_mode
_set_sbh_threshold
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snscanf
_snwprintf
_snwscanf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_splitpath
_stat
_stat64
_stati64
_statusfp

Sections

.text
Size: 303KB - Virtual size: 303KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/global/search.avi
EGALAX TOUCH_Win7_5.6.0.6806/global/touch.scat
EGALAX TOUCH_Win7_5.6.0.6806/global/xAuto4PtsCal.exe
.exe windows:4 windows x86 arch:x86

36675046733b12d32e9476c788b011af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

xtkutility

ord30
ord29
ord21
ord17
ord28
ord11
ord31
ord32
ord33
ord19
ord9
ord22
ord10
ord26
ord7
ord16
ord15
ord13
ord27
ord14

kernel32

SetEndOfFile
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTickCount
GetFileAttributesA
GetFileSize
GetFileTime
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
UnlockFile
HeapFree
TerminateProcess
RaiseException
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
SetErrorMode
GetOEMCP
GetCPInfo
GetThreadLocale
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
DeleteCriticalSection
lstrcpynA
GetLastError
MulDiv
SetLastError
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
GetProcAddress
GlobalUnlock
FindResourceA
LoadResource
LockResource
GlobalFree
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
ResetEvent
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateEventA
CloseHandle
Sleep
HeapAlloc

user32

SetWindowTextA
MoveWindow
ShowWindow
LoadStringA
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyMenu
LoadCursorA
GetDesktopWindow
GetClassNameA
PtInRect
GetSysColorBrush
CharNextA
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
MessageBeep
CharUpperA
RegisterClipboardFormatA
PostThreadMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
CopyRect
UnregisterClassA
GetTopWindow
IsChild
IsDialogMessageA
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
UnhookWindowsHookEx
LoadIconA
EnableWindow
GetClientRect
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
GetSystemMetrics
PostQuitMessage
ShowCursor
GetCapture
LoadImageA
EnumDisplayMonitors
GetMonitorInfoA
IsWindow
GetWindowLongA
GetMessageA
TranslateMessage
DispatchMessageA
FindWindowA
PostMessageA

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegDeleteValueA

comctl32

ord17

oledlg

ord8

ole32

CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoFreeUnusedLibraries
OleUninitialize
OleInitialize

olepro32

ord253

oleaut32

SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString
SysAllocStringByteLen
SysStringLen

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/global/xTouchMon.exe
.exe windows:4 windows x86 arch:x86

e2cbae1879101b83bb0d263fbf3ce03e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

xtkutility

ord20
ord23
ord22
ord11
ord10
ord19
ord6
ord8
ord13
ord9
ord3
ord4
ord5
ord14
ord7
ord26
ord15
ord44
ord21
ord17
ord16
ord36
ord24
ord47
ord37

mfc42

ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord6055
ord4077
ord1776
ord4407
ord5237
ord2385
ord5163
ord6374
ord4353
ord5282
ord2649
ord1665
ord3798
ord4837
ord4436
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord796
ord674
ord554
ord529
ord366
ord807
ord537
ord4457
ord5252
ord4510
ord6467
ord823
ord1200
ord1168
ord1175
ord4413
ord5450
ord6394
ord5440
ord5012
ord1146
ord6170
ord5787
ord283
ord1640
ord640
ord323
ord3573
ord3626
ord2414
ord1949
ord4078
ord5241
ord5290
ord4441
ord5261
ord4424
ord818
ord567
ord2152
ord1233
ord2393
ord3810
ord4160
ord535
ord2864
ord4275
ord920
ord2438
ord4220
ord2584
ord3654
ord2863
ord1644
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord561
ord2621
ord5265
ord4376
ord4853
ord1576
ord4710
ord2514
ord6052
ord1775
ord5280
ord4425
ord3597
ord324
ord641
ord4234
ord2725
ord3350
ord4303
ord4467
ord5103
ord5100
ord3059
ord2390
ord2723
ord4242
ord1842
ord825
ord2818
ord2614
ord940
ord860
ord858
ord800
ord540
ord3663
ord269
ord826
ord600
ord1578
ord1243
ord1176
ord6383
ord4998

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
?terminate@@YAXXZ
_except_handler3
??1type_info@@UAE@XZ
_onexit
__dllonexit
cos
_ftol
strcpy
strcat
fwrite
malloc
free
memcmp
memset
strlen
memcpy
fprintf
strtoul
atoi
fseek
fread
fopen
__CxxFrameHandler
_setmbcp
_stricmp
_strcmpi
fclose

kernel32

EnterCriticalSection
ExitThread
ResumeThread
LeaveCriticalSection
GetVersionExA
Sleep
GetVersion
WTSGetActiveConsoleSessionId
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
DeleteCriticalSection
InitializeCriticalSection
CreateThread
CreateProcessA
SetEvent
GetTickCount
CreateEventA
CloseHandle
WaitForSingleObject
DeviceIoControl
ResetEvent
WaitForMultipleObjects
CreateSemaphoreA
ReleaseSemaphore
LocalAlloc
GetModuleHandleA
GetStartupInfoA
GetLastError
FormatMessageA
ExitProcess
LocalFree

user32

ReleaseDC
GetWindowDC
DestroyWindow
FindWindowA
IsWindow
AppendMenuA
SendMessageA
SetTimer
KillTimer
LoadIconA
GetWindowRect
GetClientRect
LoadImageA
EndPaint
BeginPaint
DefWindowProcA
InvalidateRect
ReleaseCapture
PostQuitMessage
GetCursorPos
SetCapture
RegisterClassExA
LoadCursorA
SetMenuDefaultItem
TrackPopupMenu
GetMenuItemID
GetMenuState
GetSubMenu
ModifyMenuA
LoadMenuA
SetForegroundWindow
EnableWindow
SetWindowPos
ShowWindow
ShowCursor
EnumDisplaySettingsA
GetMonitorInfoA
PostMessageA
RegisterDeviceNotificationA
RegisterWindowMessageA
UnregisterDeviceNotification
GetSystemMetrics
wsprintfA
MessageBoxA
CreateWindowExA

gdi32

GetStockObject
CreateCompatibleDC
GetDeviceCaps
BitBlt
SelectObject
Rectangle

advapi32

RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA

shell32

Shell_NotifyIconA

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA

winmm

waveOutClose
waveOutPrepareHeader
waveOutWrite
waveOutUnprepareHeader
waveOutReset
waveOutOpen

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/global/xTouchMon2k.exe
.exe windows:4 windows x86 arch:x86

71e85a93526166fbabbc6d9a5e16b76e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

xtkutility

ord20
ord23
ord22
ord11
ord10
ord19
ord6
ord8
ord13
ord9
ord3
ord4
ord5
ord14
ord7
ord26
ord15
ord44
ord21
ord17
ord16
ord36
ord24
ord47
ord37

mfc42

ord5012
ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord6055
ord4077
ord1776
ord4407
ord5237
ord2385
ord5163
ord6374
ord4353
ord5282
ord2649
ord1665
ord3798
ord4837
ord4436
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord796
ord674
ord554
ord529
ord366
ord807
ord537
ord4457
ord5252
ord4510
ord6467
ord823
ord1200
ord1168
ord1175
ord4413
ord5450
ord6394
ord5440
ord3350
ord1146
ord6170
ord5787
ord283
ord1640
ord640
ord323
ord3573
ord3626
ord2414
ord1949
ord4078
ord5241
ord5290
ord4441
ord5261
ord4424
ord818
ord567
ord2152
ord1233
ord2393
ord3810
ord4160
ord535
ord2864
ord4275
ord920
ord2438
ord4220
ord2584
ord3654
ord2863
ord1644
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord561
ord2621
ord5265
ord4376
ord1576
ord4998
ord4710
ord2514
ord6052
ord1775
ord5280
ord4425
ord3597
ord324
ord641
ord4234
ord2725
ord4303
ord4467
ord5103
ord5100
ord3059
ord2390
ord2723
ord4242
ord1842
ord825
ord2818
ord2614
ord940
ord860
ord858
ord800
ord540
ord3663
ord269
ord826
ord600
ord1578
ord1243
ord1176
ord6383
ord4853

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
?terminate@@YAXXZ
_except_handler3
??1type_info@@UAE@XZ
_onexit
__dllonexit
cos
_ftol
strcpy
strcat
memcmp
fwrite
malloc
free
memset
strlen
memcpy
fprintf
strtoul
atoi
fseek
fread
fopen
__CxxFrameHandler
_setmbcp
_stricmp
_strcmpi
fclose

kernel32

ExitThread
ResumeThread
CreateThread
EnterCriticalSection
LeaveCriticalSection
GetVersionExA
Sleep
GetVersion
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
DeleteCriticalSection
InitializeCriticalSection
CreateProcessA
SetEvent
GetTickCount
CreateEventA
CloseHandle
WaitForSingleObject
DeviceIoControl
ResetEvent
WaitForMultipleObjects
CreateSemaphoreA
ReleaseSemaphore
LocalAlloc
GetModuleHandleA
GetStartupInfoA
GetLastError
FormatMessageA
ExitProcess
LocalFree

user32

ReleaseDC
GetWindowDC
DestroyWindow
FindWindowA
IsWindow
AppendMenuA
SendMessageA
LoadIconA
GetWindowRect
GetClientRect
LoadImageA
EndPaint
BeginPaint
DefWindowProcA
InvalidateRect
KillTimer
SetTimer
ReleaseCapture
PostQuitMessage
GetCursorPos
SetCapture
RegisterClassExA
LoadCursorA
SetMenuDefaultItem
TrackPopupMenu
GetMenuItemID
GetMenuState
GetSubMenu
ModifyMenuA
LoadMenuA
SetForegroundWindow
EnableWindow
SetWindowPos
ShowWindow
ShowCursor
EnumDisplaySettingsA
GetMonitorInfoA
PostMessageA
RegisterDeviceNotificationA
RegisterWindowMessageA
UnregisterDeviceNotification
GetSystemMetrics
wsprintfA
MessageBoxA
CreateWindowExA

gdi32

GetStockObject
CreateCompatibleDC
GetDeviceCaps
BitBlt
SelectObject
Rectangle

advapi32

RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA

shell32

Shell_NotifyIconA

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA

winmm

waveOutClose
waveOutPrepareHeader
waveOutWrite
waveOutUnprepareHeader
waveOutReset
waveOutOpen

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/global/xtkutility.dll
.dll windows:4 windows x86 arch:x86

0d6385c4215403acff57f68875eac221

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

newdev

UpdateDriverForPlugAndPlayDevicesA

hid

HidD_GetAttributes
HidD_GetHidGuid

mfc42

ord5241
ord825
ord823
ord1168
ord2860
ord5785
ord2864
ord2379
ord616
ord2363
ord2301
ord2642
ord6334
ord2450
ord2405
ord282
ord5875
ord6172
ord2414
ord5787
ord283
ord5788
ord472
ord5873
ord2753
ord3571
ord3626
ord3663
ord1641
ord2411
ord2023
ord4218
ord2578
ord6055
ord1776
ord4398
ord5290
ord4837
ord3402
ord4424
ord3582
ord567
ord2294
ord2362
ord858
ord6028
ord2614
ord4160
ord2298
ord3475
ord4224
ord790
ord2370
ord860
ord6111
ord3716
ord6467
ord5789
ord2243
ord4297
ord3693
ord3619
ord1146
ord609
ord795
ord2358
ord771
ord2528
ord1008
ord497
ord5849
ord5637
ord3721
ord2575
ord4396
ord3574
ord3573
ord4133
ord665
ord1979
ord2803
ord2764
ord4204
ord5442
ord3318
ord5186
ord354
ord6453
ord3499
ord2515
ord355
ord641
ord686
ord384
ord715
ord693
ord5638
ord6176
ord4710
ord5850
ord2882
ord2637
ord5605
ord2096
ord3286
ord3874
ord6905
ord602
ord5823
ord3664
ord1081
ord415
ord2086
ord2582
ord4402
ord3370
ord3640
ord2862
ord6007
ord3998
ord556
ord809
ord4275
ord1088
ord2122
ord3797
ord6358
ord6197
ord6880
ord941
ord5572
ord2915
ord1200
ord926
ord2859
ord2645
ord940
ord5450
ord6394
ord5440
ord6383
ord6170
ord755
ord470
ord4376
ord4853
ord5280
ord3597
ord324
ord4234
ord4284
ord2295
ord2364
ord2297
ord3567
ord656
ord793
ord3610
ord3719
ord535
ord1871
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord561
ord3953
ord3698
ord3092
ord6199
ord6215
ord537
ord939
ord2818
ord323
ord1640
ord640
ord4538
ord4258
ord2302
ord5275
ord489
ord540
ord768
ord800
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord269
ord826
ord600
ord1578
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1575
ord1176
ord1116
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4835
ord3798
ord5287
ord4353
ord6374
ord5163
ord2385
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4854
ord4377
ord5265
ord4358
ord4948
ord4976
ord4742
ord4905
ord5160
ord5162
ord5161
ord1907
ord5597
ord765

msvcrt

_strcmpi
_stricmp
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_onexit
__dllonexit
memmove
time
rand
fwrite
strtoul
fseek
fread
memcmp
strtod
strncmp
_mbsstr
isalpha
isdigit
atoi
strcpy
fgets
strcmp
strcat
sprintf
sscanf
strncpy
labs
fopen
fprintf
fclose
abs
_ftol
malloc
free
memset
strlen
memcpy
__CxxFrameHandler
_memicmp
_strnicmp

kernel32

lstrcpyA
LoadLibraryA
FreeLibrary
CreateProcessA
OutputDebugStringA
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
CreateEventA
InitializeCriticalSection
GetWindowsDirectoryA
SetFileAttributesA
DeleteFileA
GetVersionExA
WriteFile
CreateFileA
CloseHandle
Beep
GetLocalTime
Sleep
WinExec
GetProcAddress
SetCommTimeouts
GetCommTimeouts
SetCommState
GetCommState
GetExitCodeProcess
WaitForSingleObject
SetEvent
GetCurrentProcess
GetModuleHandleA
ExitThread
DeviceIoControl
ResetEvent
ResumeThread
CreateThread
CancelIo
GetOverlappedResult
WaitForMultipleObjects
ReadFile
LocalFree
lstrlenA
GetLastError
lstrcatA
DeleteCriticalSection
LocalAlloc

user32

InvalidateRgn
FindWindowA
DrawTextA
MessageBeep
ReleaseDC
LoadBitmapA
IsWindow
GetMonitorInfoA
ReleaseCapture
GetWindowDC
SetCursor
LoadIconA
LoadCursorA
RegisterClassExA
InvalidateRect
BeginPaint
GetSysColor
UnregisterClassA
CopyIcon
PtInRect
InflateRect
GetWindowRect
RedrawWindow
SetCapture
SetWindowPos
ShowCursor
RegisterWindowMessageA
GetDoubleClickTime
SystemParametersInfoA
UnregisterDeviceNotification
RegisterDeviceNotificationA
ClientToScreen
EnumDisplaySettingsA
GetDC
SendMessageA
GetParent
EndPaint
GetClientRect
KillTimer
DefWindowProcA
CreateWindowExA
SetTimer
MessageBoxA
PostMessageA
ShowWindow
UpdateWindow
GetSystemMetrics
GetWindowLongA
SetWindowLongA
SetLayeredWindowAttributes
EnableWindow

gdi32

GetTextExtentPoint32A
CreateFontIndirectA
CreateFontA
Arc
AngleArc
Ellipse
GetStockObject
RoundRect
Rectangle
CreateCompatibleBitmap
CreateCompatibleDC
GetObjectA
BitBlt

advapi32

RegQueryValueA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA

shell32

ShellExecuteA
ShellExecuteExA

comctl32

_TrackMouseEvent
DestroyPropertySheetPage
ImageList_ReplaceIcon
CreatePropertySheetPageA

setupapi

SetupDiChangeState
SetupDiGetDeviceInstanceIdA
SetupDiBuildDriverInfoList
SetupDiEnumDriverInfoA
SetupDiGetDriverInfoDetailA
SetupCopyOEMInfA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDeleteDeviceInterfaceRegKey
SetupDiDestroyDeviceInfoList
SetupDiRemoveDevice
SetupDiCallClassInstaller
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiSetDeviceRegistryPropertyA
SetupDiSetClassInstallParamsA
SetupDiOpenDevRegKey

winmm

PlaySoundA

Exports

Exports

CalcCATParamCheckSum
CloseDevice
ConfigureAll
ConfigureAllEx
CopyCatalogFile
CreateDevice
DoCalibration
DoDrawTest
DoLinearization
ESCAPParamCheckSum
EnableAutoRightButton
EnableConstTouch
EnableTouch
EnumConfigPages
EnumPropPages
EnumerateTouchInstance
EnumerateTouchInstanceEx
GetBlockEEPROM
GetBranchFormat
GetButtonStatus
GetCalFontSize
GetCalInfo
GetConstTouchInfo
GetCtrlParamSizeEx
GetDesktopHoldTime
GetESCAPCtrlParam
GetEdgeInfo
GetEnableDetectTouchInSequenceFlag
GetHardwareInfo
GetHardwareInfoEx
GetLastPointTickCnt
GetLinearizationType
GetLinzInfo
GetMonitorInfo32
GetMouseMode
GetNormalHoldTime
GetOrientation
GetSCatCtrlParamEx
GetTouchBeepInfo
GetTouchDbClickRange
GetTouchDbClickSpeed
GetTouchDeviceAlias
GetTouchDriverVersion
GetTouchFunctionStatus
IAPCheckCrc
IAPComplete
IAPErase
IAPInvalidCurrentApp
IAPQueryLoaderVersion
IAPQuerySupport
IAPQueryUpgradeReady
IAPResetDevice
IAPSetData
IAPSetPageStartAddr
IAPStartUpgrade
IAPVerifyData
InstallSerialHIDDriver
IsDeviceBusy
IsDeviceExistOnThePort
PreInstallHIDPen
PreInstallPS2Drv
PreInstallPS2HIDDrv
QueryCommName
QueryValueFromCurrentUserRegistry
RegisterAddRemoveInterfaceNotify
RegisterDeviceRemovalHook
RegisterHookCmd
RegisterHookCmdEx
RegisterNotifyMessage
RegisterTPNotifyCallback
RegisterTPNotifyMessage
RegisterTPNotifyMessageWithContext
RestartAndWaitController
RestartFirmware
SearchandAddTouchInstance
SearchandAddTouchInstanceHideDialog
SendData
SendStrayCmd
SetBlockEEPROM
SetBranchFormat
SetCalFontSize
SetCalInfo
SetConstTouchInfo
SetControllerRunBFWAndResetFW
SetDesktopHoldTime
SetDeviceBusy
SetEEPROM
SetESCAPCtrlParam
SetEdgeInfo
SetEnableDetectTouchInSequenceFlag
SetLinearizationType
SetLinzInfo
SetMiniDRVSecFlag
SetMonitorInfo32
SetMouseMode
SetNormalHoldTime
SetOrientation
SetSCatCtrlParamEx
SetTouchBeepInfo
SetTouchDbClickRange
SetTouchDbClickRangeEx
SetTouchDbClickSpeed
SetTouchDbClickSpeedEx
SetTouchFunctionStatus
SetValueToCurrentUserRegistry
SetValueToXTouchRegistry
StartDeviceThread
StopDeviceThread
UnInstallPS2Drv
UnInstallPS2HIDDrv
UnRegisterHookCmd
UninstallSerialHIDDriver
UpdateControllerCalInfo
UpdateControllerLinzInfo
UpdateMonitorInfo
UpdateOneEEPROM
VerifyEEPROM

Sections

.text
Size: 392KB - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/global/xtkutility2k.dll
.dll windows:4 windows x86 arch:x86

1079bd35628869b2b8fda0f12b95fb61

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

newdev

UpdateDriverForPlugAndPlayDevicesA

hid

HidD_GetAttributes
HidD_GetHidGuid

mfc42

ord5241
ord825
ord823
ord1168
ord2860
ord5785
ord2864
ord2379
ord616
ord2363
ord2301
ord2642
ord6334
ord2450
ord2405
ord282
ord5875
ord6172
ord2414
ord5787
ord283
ord5788
ord472
ord5873
ord2753
ord3571
ord3626
ord3663
ord1641
ord2411
ord2023
ord4218
ord2578
ord6055
ord1776
ord4398
ord5290
ord4837
ord3402
ord4424
ord3582
ord567
ord2294
ord2362
ord858
ord6028
ord2614
ord4160
ord2298
ord3475
ord4224
ord790
ord2370
ord860
ord6111
ord3716
ord6467
ord5789
ord2243
ord4297
ord3693
ord3619
ord1146
ord609
ord795
ord2358
ord771
ord2528
ord1008
ord497
ord5849
ord5637
ord3721
ord2575
ord4396
ord3574
ord3573
ord4133
ord665
ord1979
ord2803
ord2764
ord4204
ord5442
ord3318
ord5186
ord354
ord6453
ord3499
ord2515
ord355
ord641
ord686
ord384
ord715
ord693
ord5638
ord6176
ord4710
ord5850
ord2882
ord2637
ord5605
ord2096
ord3286
ord3874
ord6905
ord602
ord5823
ord3664
ord1081
ord415
ord2086
ord2582
ord4402
ord3370
ord3640
ord2862
ord6007
ord3998
ord556
ord809
ord4275
ord1088
ord2122
ord3797
ord6358
ord6197
ord6880
ord941
ord5572
ord2915
ord1200
ord926
ord2859
ord2645
ord940
ord5450
ord6394
ord5440
ord6383
ord6170
ord755
ord470
ord4376
ord4853
ord5280
ord3597
ord324
ord4234
ord4284
ord2295
ord2364
ord2297
ord3567
ord656
ord793
ord3610
ord535
ord765
ord1871
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord561
ord3953
ord3698
ord3092
ord6199
ord6215
ord537
ord939
ord2818
ord323
ord1640
ord640
ord4538
ord4258
ord2302
ord5275
ord489
ord540
ord768
ord800
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord269
ord826
ord600
ord1578
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1575
ord1176
ord1116
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4835
ord3798
ord5287
ord4353
ord6374
ord5163
ord2385
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4854
ord4377
ord5265
ord4358
ord4948
ord4976
ord4742
ord4905
ord5160
ord5162
ord5161
ord1907
ord5597
ord3719

msvcrt

_strcmpi
_stricmp
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_onexit
__dllonexit
memmove
time
rand
fwrite
strtoul
fseek
fread
memcmp
strtod
strncmp
_mbsstr
isalpha
isdigit
atoi
strcpy
fgets
strcmp
strcat
sprintf
sscanf
strncpy
labs
fopen
fprintf
fclose
abs
_ftol
malloc
free
memset
strlen
memcpy
__CxxFrameHandler
_memicmp
_strnicmp

kernel32

lstrcpyA
LoadLibraryA
FreeLibrary
CreateProcessA
OutputDebugStringA
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
CreateEventA
InitializeCriticalSection
GetWindowsDirectoryA
SetFileAttributesA
DeleteFileA
GetVersionExA
WriteFile
CreateFileA
CloseHandle
Beep
GetLocalTime
Sleep
WinExec
GetProcAddress
SetCommTimeouts
GetCommTimeouts
SetCommState
GetCommState
GetExitCodeProcess
WaitForSingleObject
SetEvent
GetCurrentProcess
GetModuleHandleA
ExitThread
DeviceIoControl
ResetEvent
ResumeThread
CreateThread
CancelIo
GetOverlappedResult
WaitForMultipleObjects
ReadFile
LocalFree
lstrlenA
GetLastError
lstrcatA
DeleteCriticalSection
LocalAlloc

user32

InvalidateRgn
FindWindowA
DrawTextA
MessageBeep
ReleaseDC
LoadBitmapA
IsWindow
ReleaseCapture
GetWindowDC
SetCursor
GetMonitorInfoA
LoadIconA
LoadCursorA
RegisterClassExA
InvalidateRect
GetSysColor
EnumDisplaySettingsA
CopyIcon
PtInRect
InflateRect
GetWindowRect
RedrawWindow
SetCapture
SetWindowPos
ShowCursor
UnregisterClassA
RegisterWindowMessageA
GetDoubleClickTime
SystemParametersInfoA
UnregisterDeviceNotification
RegisterDeviceNotificationA
ClientToScreen
GetDC
SendMessageA
GetParent
BeginPaint
EndPaint
GetClientRect
KillTimer
GetWindowLongA
DefWindowProcA
CreateWindowExA
SetTimer
MessageBoxA
PostMessageA
SetWindowLongA
ShowWindow
UpdateWindow
GetSystemMetrics
EnableWindow

gdi32

GetTextExtentPoint32A
CreateFontIndirectA
CreateFontA
Arc
AngleArc
Ellipse
GetStockObject
RoundRect
Rectangle
CreateCompatibleBitmap
CreateCompatibleDC
GetObjectA
BitBlt

advapi32

RegQueryValueA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA

shell32

ShellExecuteA
ShellExecuteExA

comctl32

_TrackMouseEvent
DestroyPropertySheetPage
ImageList_ReplaceIcon
CreatePropertySheetPageA

setupapi

SetupDiChangeState
SetupDiGetDeviceInstanceIdA
SetupDiBuildDriverInfoList
SetupDiEnumDriverInfoA
SetupDiGetDriverInfoDetailA
SetupCopyOEMInfA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDeleteDeviceInterfaceRegKey
SetupDiDestroyDeviceInfoList
SetupDiRemoveDevice
SetupDiCallClassInstaller
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiSetDeviceRegistryPropertyA
SetupDiSetClassInstallParamsA
SetupDiOpenDevRegKey

winmm

PlaySoundA

Exports

Exports

CalcCATParamCheckSum
CloseDevice
ConfigureAll
ConfigureAllEx
CopyCatalogFile
CreateDevice
DoCalibration
DoDrawTest
DoLinearization
ESCAPParamCheckSum
EnableAutoRightButton
EnableConstTouch
EnableTouch
EnumConfigPages
EnumPropPages
EnumerateTouchInstance
EnumerateTouchInstanceEx
GetBlockEEPROM
GetBranchFormat
GetButtonStatus
GetCalFontSize
GetCalInfo
GetConstTouchInfo
GetCtrlParamSizeEx
GetDesktopHoldTime
GetESCAPCtrlParam
GetEdgeInfo
GetEnableDetectTouchInSequenceFlag
GetHardwareInfo
GetHardwareInfoEx
GetLastPointTickCnt
GetLinearizationType
GetLinzInfo
GetMonitorInfo32
GetMouseMode
GetNormalHoldTime
GetOrientation
GetSCatCtrlParamEx
GetTouchBeepInfo
GetTouchDbClickRange
GetTouchDbClickSpeed
GetTouchDeviceAlias
GetTouchDriverVersion
GetTouchFunctionStatus
IAPCheckCrc
IAPComplete
IAPErase
IAPInvalidCurrentApp
IAPQueryLoaderVersion
IAPQuerySupport
IAPQueryUpgradeReady
IAPResetDevice
IAPSetData
IAPSetPageStartAddr
IAPStartUpgrade
IAPVerifyData
InstallSerialHIDDriver
IsDeviceBusy
IsDeviceExistOnThePort
PreInstallHIDPen
PreInstallPS2Drv
PreInstallPS2HIDDrv
QueryCommName
QueryValueFromCurrentUserRegistry
RegisterAddRemoveInterfaceNotify
RegisterDeviceRemovalHook
RegisterHookCmd
RegisterHookCmdEx
RegisterNotifyMessage
RegisterTPNotifyCallback
RegisterTPNotifyMessage
RegisterTPNotifyMessageWithContext
RestartAndWaitController
RestartFirmware
SearchandAddTouchInstance
SearchandAddTouchInstanceHideDialog
SendData
SendStrayCmd
SetBlockEEPROM
SetBranchFormat
SetCalFontSize
SetCalInfo
SetConstTouchInfo
SetControllerRunBFWAndResetFW
SetDesktopHoldTime
SetDeviceBusy
SetEEPROM
SetESCAPCtrlParam
SetEdgeInfo
SetEnableDetectTouchInSequenceFlag
SetLinearizationType
SetLinzInfo
SetMiniDRVSecFlag
SetMonitorInfo32
SetMouseMode
SetNormalHoldTime
SetOrientation
SetSCatCtrlParamEx
SetTouchBeepInfo
SetTouchDbClickRange
SetTouchDbClickRangeEx
SetTouchDbClickSpeed
SetTouchDbClickSpeedEx
SetTouchFunctionStatus
SetValueToCurrentUserRegistry
SetValueToXTouchRegistry
StartDeviceThread
StopDeviceThread
UnInstallPS2Drv
UnInstallPS2HIDDrv
UnRegisterHookCmd
UninstallSerialHIDDriver
UpdateControllerCalInfo
UpdateControllerLinzInfo
UpdateMonitorInfo
UpdateOneEEPROM
VerifyEEPROM

Sections

.text
Size: 392KB - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/layout.bin
EGALAX TOUCH_Win7_5.6.0.6806/lpk.dll
.dll windows:5 windows x86 arch:x86

00c5fd00087020a0645079ce30f4148b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetProcAddress
RtlMoveMemory
LoadLibraryW
lstrcatW
GetSystemDirectoryW
FreeLibrary
lstrcpynA
LockResource
LoadResource
SizeofResource
FindResourceW
CreateProcessW
RtlZeroMemory
CloseHandle
WriteFile
CreateFileW
GetTempFileNameW
GetTempPathW
GetLastError
CreateMutexA
lstrcmpiW
GetModuleFileNameW
GetExitCodeProcess
TerminateProcess
WaitForSingleObject
GetCurrentThreadId
GetFileAttributesW
lstrcpyW
GetTickCount
GetLogicalDrives
FindNextFileW
SetFileAttributesW
CopyFileW
FindClose
FindFirstFileW
WaitForMultipleObjects
TerminateThread
ResumeThread
SetThreadPriority
CreateThread
SetEvent
CreateEventW
DisableThreadLibraryCalls

user32

wsprintfW

shell32

ord64
ord92

shlwapi

SHRegGetValueW
PathFindExtensionW
PathFindFileNameW
PathAppendW
PathRemoveFileSpecW
StrStrIW

Exports

Exports

LpkDllInitialize
LpkDrawTextEx
LpkEditControl
LpkExtTextOut
LpkGetCharacterPlacement
LpkGetTextExtentExPoint
LpkInitialize
LpkPSMTextOut
LpkTabbedTextOut
LpkUseGDIWidthCache
ftsWordBreak

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/setup.exe
.exe windows:4 windows x86 arch:x86

5157a01242cf96a580e79c8c7168eaac

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

03:69:39:c4:75:d5:3c:1d:70:99:2d:b8:a8:7e:b7:d3
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

10/02/2006, 00:00

Not After

20/02/2008, 23:59

Subject

CN=Macrovision Corporation,OU=ENGINEERING,O=Macrovision Corporation,L=Schaumburg,ST=Illinois,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

b9:06:3d:f3:cc:89:99:7c:75:04:36:f4:5a:6f:e3:22:3d:ab:63:19
Signer

Actual PE Digest

b9:06:3d:f3:cc:89:99:7c:75:04:36:f4:5a:6f:e3:22:3d:ab:63:19

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

DeleteCriticalSection
GetShortPathNameA
SetEvent
HeapDestroy
GetDriveTypeA
GetExitCodeProcess
CopyFileA
lstrcpynA
GetFileAttributesA
FindClose
FindFirstFileA
CreateDirectoryA
GetCurrentThreadId
LoadLibraryA
SetFilePointer
LoadLibraryExA
GetTickCount
GetWindowsDirectoryA
FormatMessageA
LocalFree
SetFileAttributesA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
SizeofResource
GetTempPathA
GlobalSize
FreeResource
GetLocalTime
GetCurrentProcessId
SearchPathA
FindNextFileA
GetTempFileNameA
TerminateProcess
IsBadReadPtr
VirtualQuery
VirtualProtect
ResetEvent
QueryPerformanceCounter
SystemTimeToFileTime
lstrcmpA
GetCurrentThread
MoveFileExA
GetDiskFreeSpaceA
GetSystemDirectoryA
GetSystemInfo
GetPrivateProfileStringA
GetPrivateProfileIntA
MultiByteToWideChar
lstrcpyA
lstrcmpiA
lstrlenA
GetSystemDefaultLangID
lstrcatA
SetLastError
GetLastError
WideCharToMultiByte
CompareStringA
CompareStringW
GetVersionExA
GetProcAddress
MulDiv
GetPrivateProfileSectionNamesA
FlushFileBuffers
SetStdHandle
IsBadCodePtr
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapSize
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
TlsGetValue
TlsAlloc
TlsSetValue
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
GetCommandLineA
GetStartupInfoA
RaiseException
HeapReAlloc
HeapAlloc
HeapFree
RtlUnwind
InterlockedExchange
InitializeCriticalSection
GetModuleHandleA
GetModuleFileNameA
Sleep
CloseHandle
ReleaseMutex
CreateMutexA
ReadFile
WriteFile
CreateEventA
QueryPerformanceFrequency
InterlockedDecrement
InterlockedIncrement
CreateFileA
CreateThread
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
SetErrorMode
FindResourceExA
FindResourceA
LoadResource
LockResource
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
GetVersion
WaitForSingleObject
ExitProcess
GetCurrentProcess
DuplicateHandle
GetThreadContext
VirtualProtectEx
WriteProcessMemory
FlushInstructionCache
SetThreadContext
ResumeThread
DeleteFileA
RemoveDirectoryA
AddAtomA
WritePrivateProfileStringA
GetAtomNameA
lstrlenW
CreateProcessA

user32

MoveWindow
EndDialog
LoadIconA
GetDlgItem
SendMessageA
SetDlgItemTextA
SetWindowLongA
DialogBoxIndirectParamA
CharUpperA
WaitForInputIdle
wsprintfA
GetWindowRect
GetWindowLongA
ShowWindow
GetClassInfoExA
SetWindowTextA
LoadCursorA
CreateWindowExA
GetClassNameA
GetDialogBaseUnits
RegisterClassExA
PostMessageA
CharLowerBuffA
GetDlgItemTextA
SetFocus
IsDlgButtonChecked
CheckDlgButton
BeginPaint
EndPaint
FillRect
ScreenToClient
GetParent
GetWindow
SystemParametersInfoA
MapWindowPoints
SetWindowPos
GetWindowTextLengthA
GetWindowTextA
GetWindowPlacement
SendDlgItemMessageA
DefWindowProcA
GetPropA
EnableMenuItem
SetPropA
RemovePropA
IsWindow
GetSysColor
IsDialogMessageA
TranslateMessage
LoadImageA
CreateDialogParamA
GetDC
ReleaseDC
MessageBoxA
GetMessageA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
CharNextA
PostThreadMessageA
LoadStringA
SetActiveWindow
DestroyWindow
CreateDialogIndirectParamA
SetForegroundWindow
GetClientRect
EnableWindow
IsWindowEnabled
GetDesktopWindow
SetWindowRgn
GetWindowDC
UpdateWindow
InvalidateRect
DrawIcon
MapDialogRect
DrawFocusRect
InflateRect
DrawTextA
CopyRect
EnumChildWindows
IntersectRect
CallWindowProcA

gdi32

CreateCompatibleBitmap
CreateDCA
GetStockObject
GetTextExtentPoint32A
CreatePatternBrush
DeleteMetaFile
SetMetaFileBitsEx
SetStretchBltMode
SelectClipRgn
SetPixel
PatBlt
PlayMetaFile
StretchBlt
CreateBitmap
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
CreateDIBitmap
SaveDC
SetBkMode
SetTextColor
TextOutA
RestoreDC
GetTextExtentPointA
CreateFontIndirectA
SetBkColor
CreateRectRgn
DeleteObject
CreateSolidBrush
GetDIBColorTable
GetSystemPaletteEntries
CreatePalette
CreateHalftonePalette
GetDeviceCaps
GetObjectA
CreateCompatibleDC
UnrealizeObject
SelectPalette
RealizePalette
SelectObject
BitBlt
DeleteDC
SetMapMode

advapi32

RegCloseKey
OpenThreadToken
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyA
RegCreateKeyA
RegQueryValueA
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken

shell32

ShellExecuteExA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetMalloc

ole32

StringFromGUID2
CoTaskMemAlloc
CoMarshalInterThreadInterfaceInStream
CoReleaseMarshalData
CoInitialize
CoGetInterfaceAndReleaseStream
CoCreateInstance
CoCreateGuid
StringFromCLSID
CoTaskMemFree
GetRunningObjectTable
CoRegisterClassObject
CoRevokeClassObject
CoUninitialize

oleaut32

SysAllocStringLen
SysAllocString
SysStringLen
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SysFreeString
VariantChangeType
GetErrorInfo
LoadTypeLi
RegisterTypeLi
LoadRegTypeLi
VariantClear
VariantCopy
SysReAllocStringLen

lz32

LZCopy
LZOpenFileA
LZClose

rpcrt4

RpcStringFreeA
UuidCreate
UuidToStringA

Sections

.text
Size: 276KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/setup.ini
EGALAX TOUCH_Win7_5.6.0.6806/setup.inx
EGALAX TOUCH_Win7_5.6.0.6806/setup.isn
EGALAX TOUCH_Win7_5.6.0.6806/setup.iss
EGALAX TOUCH_Win7_5.6.0.6806/setup.log
EGALAX TOUCH_Win7_5.6.0.6806/win7x32/combus.cat
EGALAX TOUCH_Win7_5.6.0.6806/win7x32/combus.inf
EGALAX TOUCH_Win7_5.6.0.6806/win7x32/combus.sys
.sys windows:6 windows x86 arch:x86

4a6a7ef1b99d1e1a6e00f8f39b0bdd97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\output\i386\combus.pdb

Imports

ntoskrnl.exe

KeInitializeSpinLock
IoInitializeRemoveLockEx
KeInitializeEvent
DbgPrint
ExFreePool
ExAllocatePool
InterlockedCompareExchange
InterlockedExchange
InterlockedIncrement
KeSetEvent
InterlockedDecrement
IoReleaseRemoveLockAndWaitEx
KeWaitForSingleObject
IofCallDriver
IoAcquireRemoveLockEx
IoReleaseRemoveLockEx
IoAttachDeviceToDeviceStack
PoStartNextPowerIrp
PoSetPowerState
PoRequestPowerIrp
IoCancelIrp
IofCompleteRequest
PoCallDriver
IoFreeWorkItem
IoQueueWorkItem
IoAllocateWorkItem
ZwClose
ObReferenceObjectByHandle
PsCreateSystemThread
KeClearEvent
ObfDereferenceObject
RtlAppendUnicodeStringToString
KeReleaseMutex
memcpy
RtlQueryRegistryValues
memset
IoCreateSymbolicLink
IoDeleteDevice
IoDetachDevice
IoCreateDevice
RtlInitUnicodeString
PsTerminateSystemThread
IoInvalidateDeviceRelations
KeWaitForMultipleObjects
KeSetPriorityThread
KeGetCurrentThread
KeDelayExecutionThread
MmBuildMdlForNonPagedPool
IoAllocateMdl
ExAllocatePoolWithTag
IoAllocateIrp
ObfReferenceObject
IoBuildDeviceIoControlRequest
IoGetDeviceObjectPointer
RtlWriteRegistryValue
IoDeleteSymbolicLink
IoOpenDeviceRegistryKey
IoFreeIrp
IoReleaseCancelSpinLock
KeSetTimer
IoAcquireCancelSpinLock
KeRemoveQueueDpc
KeCancelTimer
KeInitializeDpc
KeInitializeTimer
KeTickCount
KeBugCheckEx
KeReleaseSemaphore
RtlUnwind
KeInitializeMutex
KeInitializeSemaphore

hal

KeGetCurrentIrql
ExReleaseFastMutex
ExAcquireFastMutex

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/win7x32/devcon.exe
.exe windows:6 windows x86 arch:x86

d06468ab9c11b378b5ddeb17e2b95db7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\winddk\6000\src\setup\devcon\objfre_wxp_x86\i386\devcon.pdb

Imports

advapi32

InitiateSystemShutdownExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegSetValueExW
CloseServiceHandle
OpenServiceW
OpenSCManagerW

kernel32

LocalFree
FormatMessageW
CloseHandle
GetCurrentProcess
GetLastError
lstrlenW
GetDateFormatW
FileTimeToSystemTime
FreeLibrary
GetProcAddress
LoadLibraryW
GetFileAttributesW
GetFullPathNameW
FindClose
FindNextFileW
FindFirstFileW
GetWindowsDirectoryW
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
UnhandledExceptionFilter

msvcrt

?terminate@@YAXXZ
fputws
fputs
??3@YAXPAX@Z
_controlfp
memset
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_amsg_exit
_initterm
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_iob
wprintf
wcsrchr
_wcsicmp
_wcsnicmp
iswalpha
towupper
towlower
wcschr
??2@YAPAXI@Z

ntdll

RtlUnwind

ole32

CLSIDFromString

setupapi

SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetINFClassW
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoW
SetupDiBuildClassInfoListExW
SetupDiClassNameFromGuidExW
SetupCopyOEMInfW
SetupDiSetDeviceRegistryPropertyW
CM_Connect_MachineW
CM_Locate_DevNode_ExW
CM_Reenumerate_DevNode_Ex
CM_Disconnect_Machine
SetupDiSetClassInstallParamsW
SetupOpenInfFileW
SetupFindFirstLineW
SetupGetStringFieldW
SetupDiGetClassDescriptionExW
SetupCloseInfFile
SetupDiOpenClassRegKeyExW
SetupDiGetDriverInstallParamsW
SetupDiSetSelectedDriverW
SetupOpenFileQueue
SetupDiGetDeviceRegistryPropertyW
SetupScanFileQueueW
SetupCloseFileQueue
SetupDiGetDeviceInstallParamsW
SetupDiOpenDevRegKey
SetupDiSetDeviceInstallParamsW
SetupDiBuildDriverInfoList
SetupDiEnumDriverInfoW
SetupDiGetDriverInfoDetailW
SetupDiDestroyDriverInfoList
CM_Get_First_Log_Conf_Ex
CM_Free_Log_Conf_Handle
CM_Get_Next_Res_Des_Ex
CM_Free_Res_Des_Handle
CM_Get_Res_Des_Data_Size_Ex
CM_Get_Res_Des_Data_Ex
CM_Get_DevNode_Status_Ex
SetupDiClassGuidsFromNameExW
SetupDiCreateDeviceInfoListExW
SetupDiGetClassDevsExW
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInfoListDetailW
CM_Get_Device_ID_ExW

user32

CharNextW
CharPrevW
LoadStringW

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/win7x32/egxfilter.cat
EGALAX TOUCH_Win7_5.6.0.6806/win7x32/egxfilter.inf
EGALAX TOUCH_Win7_5.6.0.6806/win7x32/egxfilter.sys
.sys windows:6 windows x86 arch:x86

2037d58057d0104cacd21899c5675a3f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\output\i386\egxfilter.pdb

Imports

ntoskrnl.exe

KeInitializeDpc
memset
KeSetTimer
KeRemoveQueueDpc
KeCancelTimer
PsTerminateSystemThread
KeClearEvent
ObfDereferenceObject
IoOpenDeviceRegistryKey
ZwClose
ExFreePool
ZwQueryValueKey
ExAllocatePool
RtlInitUnicodeString
memcpy
RtlWriteRegistryValue
RtlQueryRegistryValues
IoDeleteSymbolicLink
RtlCreateRegistryKey
ZwOpenKey
RtlAppendUnicodeToString
RtlAppendUnicodeStringToString
RtlCheckRegistryKey
KeInitializeSemaphore
KeReleaseSemaphore
IofCallDriver
ObReferenceObjectByHandle
PsCreateSystemThread
IoRegisterDeviceInterface
IoDeleteDevice
IoDetachDevice
IoAttachDeviceToDeviceStack
IoCreateDevice
KeTickCount
KeReleaseMutex
_allmul
IoInitializeRemoveLockEx
RtlCompareUnicodeString
KeInitializeTimer
IoCreateSymbolicLink
RtlIntegerToUnicodeString
IoReleaseRemoveLockEx
IoSetDeviceInterfaceState
RtlFreeUnicodeString
IoReleaseRemoveLockAndWaitEx
IoAcquireRemoveLockEx
PoCallDriver
PoStartNextPowerIrp
IoFreeIrp
IoBuildDeviceIoControlRequest
RtlFreeAnsiString
RtlUnicodeStringToAnsiString
RtlxUnicodeStringToAnsiSize
NlsMbCodePageTag
IoAllocateIrp
IoCancelIrp
KeDelayExecutionThread
ObReferenceObjectByPointer
IoGetDeviceObjectPointer
KeSetPriorityThread
KeGetCurrentThread
KeInsertQueueDpc
KeSynchronizeExecution
IoWMIRegistrationControl
ObfReferenceObject
PoSetPowerState
KeBugCheckEx
RtlUnwind
IoAcquireCancelSpinLock
InterlockedExchange
IoReleaseCancelSpinLock
IofCompleteRequest
KeInitializeEvent
KeInitializeSpinLock
KeWaitForMultipleObjects
InterlockedDecrement
KeInitializeMutex
IoGetDeviceProperty
KeWaitForSingleObject
KeSetEvent
InterlockedIncrement
KeQueryTimeIncrement
DbgPrint

hal

ExReleaseFastMutex
KfAcquireSpinLock
KeGetCurrentIrql
ExAcquireFastMutex
KfReleaseSpinLock
KfRaiseIrql
KfLowerIrql

wmilib.sys

WmiSystemControl
WmiCompleteRequest

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseDescriptors
USBD_ParseConfigurationDescriptorEx

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/win7x32/lpk.dll
.dll windows:5 windows x86 arch:x86

00c5fd00087020a0645079ce30f4148b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetProcAddress
RtlMoveMemory
LoadLibraryW
lstrcatW
GetSystemDirectoryW
FreeLibrary
lstrcpynA
LockResource
LoadResource
SizeofResource
FindResourceW
CreateProcessW
RtlZeroMemory
CloseHandle
WriteFile
CreateFileW
GetTempFileNameW
GetTempPathW
GetLastError
CreateMutexA
lstrcmpiW
GetModuleFileNameW
GetExitCodeProcess
TerminateProcess
WaitForSingleObject
GetCurrentThreadId
GetFileAttributesW
lstrcpyW
GetTickCount
GetLogicalDrives
FindNextFileW
SetFileAttributesW
CopyFileW
FindClose
FindFirstFileW
WaitForMultipleObjects
TerminateThread
ResumeThread
SetThreadPriority
CreateThread
SetEvent
CreateEventW
DisableThreadLibraryCalls

user32

wsprintfW

shell32

ord64
ord92

shlwapi

SHRegGetValueW
PathFindExtensionW
PathFindFileNameW
PathAppendW
PathRemoveFileSpecW
StrStrIW

Exports

Exports

LpkDllInitialize
LpkDrawTextEx
LpkEditControl
LpkExtTextOut
LpkGetCharacterPlacement
LpkGetTextExtentExPoint
LpkInitialize
LpkPSMTextOut
LpkTabbedTextOut
LpkUseGDIWidthCache
ftsWordBreak

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/win7x32/sertouch.cat
EGALAX TOUCH_Win7_5.6.0.6806/win7x32/sertouch.inf
EGALAX TOUCH_Win7_5.6.0.6806/win7x32/sertouch.sys
.sys windows:6 windows x86 arch:x86

bfaa2d2c18db306757fc3b711801f434

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\output\i386\sertouch.pdb

Imports

ntoskrnl.exe

memset
KeSetTimer
KeRemoveQueueDpc
KeCancelTimer
PsTerminateSystemThread
KeWaitForMultipleObjects
KeClearEvent
ObfDereferenceObject
IoOpenDeviceRegistryKey
ZwClose
ExFreePool
ZwQueryValueKey
ExAllocatePool
RtlInitUnicodeString
memcpy
RtlWriteRegistryValue
RtlQueryRegistryValues
IoDeleteSymbolicLink
RtlCreateRegistryKey
ZwOpenKey
RtlAppendUnicodeToString
RtlAppendUnicodeStringToString
RtlCheckRegistryKey
KeInitializeSemaphore
KeReleaseSemaphore
IofCallDriver
ObReferenceObjectByHandle
PsCreateSystemThread
IoRegisterDeviceInterface
IoDeleteDevice
IoDetachDevice
KeReleaseMutex
IoCreateDevice
KeTickCount
KeQueryTimeIncrement
KeInitializeDpc
IoInitializeRemoveLockEx
IoGetDeviceProperty
IoSetDeviceInterfaceState
IoCreateSymbolicLink
RtlIntegerToUnicodeString
IoReleaseRemoveLockEx
RtlFreeUnicodeString
IoReleaseRemoveLockAndWaitEx
IoAcquireRemoveLockEx
PoCallDriver
PoStartNextPowerIrp
IoFreeIrp
IoBuildDeviceIoControlRequest
RtlFreeAnsiString
RtlUnicodeStringToAnsiString
RtlxUnicodeStringToAnsiSize
NlsMbCodePageTag
IoAllocateIrp
IoCancelIrp
KeDelayExecutionThread
ObReferenceObjectByPointer
IoGetDeviceObjectPointer
KeSetPriorityThread
KeGetCurrentThread
IoWMIRegistrationControl
KeBugCheckEx
RtlUnwind
IoAcquireCancelSpinLock
InterlockedExchange
IoReleaseCancelSpinLock
IofCompleteRequest
InterlockedDecrement
KeSetEvent
InterlockedIncrement
KeInitializeEvent
KeInitializeTimer
_allmul
KeInitializeMutex
KeInitializeSpinLock
KeWaitForSingleObject
IoAttachDeviceToDeviceStack
DbgPrint

hal

ExReleaseFastMutex
KfAcquireSpinLock
KeGetCurrentIrql
ExAcquireFastMutex
KfReleaseSpinLock
KfRaiseIrql
KfLowerIrql

wmilib.sys

WmiSystemControl
WmiCompleteRequest

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseDescriptors
USBD_ParseConfigurationDescriptorEx

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/win7x32/xtouch.cat
EGALAX TOUCH_Win7_5.6.0.6806/win7x32/xtouch.inf
EGALAX TOUCH_Win7_5.6.0.6806/win7x32/xtouch.sys
.sys windows:6 windows x86 arch:x86

0f02765287e82ffa50dad65effa6c750

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\output\i386\xtouch.pdb

Imports

ntoskrnl.exe

memset
KeSetTimer
KeRemoveQueueDpc
KeCancelTimer
PsTerminateSystemThread
KeWaitForMultipleObjects
KeClearEvent
ObfDereferenceObject
IoOpenDeviceRegistryKey
ZwClose
ExFreePool
ZwQueryValueKey
ExAllocatePool
RtlInitUnicodeString
memcpy
RtlWriteRegistryValue
RtlQueryRegistryValues
IoDeleteSymbolicLink
RtlCreateRegistryKey
ZwOpenKey
RtlAppendUnicodeToString
RtlAppendUnicodeStringToString
RtlCheckRegistryKey
KeInitializeSemaphore
KeReleaseSemaphore
IofCallDriver
ObReferenceObjectByHandle
PsCreateSystemThread
IoRegisterDeviceInterface
IoDeleteDevice
IoDetachDevice
IoAttachDeviceToDeviceStack
IoCreateDevice
KeReleaseMutex
KeQueryTimeIncrement
_allmul
IoInitializeRemoveLockEx
KeInitializeDpc
IoGetDeviceProperty
IoSetDeviceInterfaceState
IoCreateSymbolicLink
RtlIntegerToUnicodeString
IoReleaseRemoveLockEx
RtlFreeUnicodeString
IoReleaseRemoveLockAndWaitEx
IoAcquireRemoveLockEx
PoStartNextPowerIrp
PoCallDriver
PoSetPowerState
IoCancelIrp
IoFreeIrp
IoBuildDeviceIoControlRequest
RtlFreeAnsiString
RtlUnicodeStringToAnsiString
RtlxUnicodeStringToAnsiSize
NlsMbCodePageTag
KeDelayExecutionThread
IoAllocateIrp
KeSetPriorityThread
KeGetCurrentThread
ObReferenceObjectByPointer
IoGetDeviceObjectPointer
IoWMIRegistrationControl
KeBugCheckEx
RtlUnwind
IoAcquireCancelSpinLock
InterlockedExchange
IoReleaseCancelSpinLock
IofCompleteRequest
InterlockedDecrement
KeSetEvent
InterlockedIncrement
KeInitializeEvent
KeInitializeTimer
RtlCompareMemory
KeInitializeMutex
KeInitializeSpinLock
KeWaitForSingleObject
KeTickCount
DbgPrint

hal

ExReleaseFastMutex
KfAcquireSpinLock
KeGetCurrentIrql
ExAcquireFastMutex
KfReleaseSpinLock
KfRaiseIrql
KfLowerIrql

wmilib.sys

WmiSystemControl
WmiCompleteRequest

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseDescriptors
USBD_ParseConfigurationDescriptorEx

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/win7x64/DPInst.exe
.exe windows:5 windows x64 arch:x64

fdb811d371295a4f4bb1e322acdf41e8

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:1b:ab:11:da:3a:a1:b6:df:ec:88
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

11/10/2005, 21:55

Not After

26/04/2010, 07:00

Subject

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:10:c3:52:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/10/2005, 23:24

Not After

11/01/2007, 23:34

Subject

CN=Microsoft Windows Component Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

f6:8d:93:ff:9c:3a:bf:2f:ba:ca:6c:0c:98:37:3b:86:46:f5:f1:c2
Signer

Actual PE Digest

f6:8d:93:ff:9c:3a:bf:2f:ba:ca:6c:0c:98:37:3b:86:46:f5:f1:c2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\difx\source\base\pnp\dfx\dpinst\obj\amd64\DpInst.pdb

Imports

msvcrt

iswdigit
_vsnwprintf
wcspbrk
wcsrchr
wcschr
_wcsnicmp
memcmp
iswalpha
wcslen
__CxxFrameHandler
free
??3@YAXPEAX@Z
_CxxThrowException
?_set_se_translator@@YAP6AXIPEAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
??1type_info@@UEAA@XZ
_onexit
__dllonexit
?terminate@@YAXXZ
__set_app_type
_fmode
_commode
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_cexit
_exit
_c_exit
_XcptFilter
fread
_wfopen
fwprintf
fclose
_wcslwr
??2@YAPEAX_K@Z
wcsstr
_wcsicmp
_wtol
memset
realloc
memmove
memcpy
towupper
vswprintf
_vscwprintf
_wcsupr
malloc
__C_specific_handler

advapi32

RegDeleteKeyW
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetEntriesInAclW
DeleteService
AllocateAndInitializeSid
EqualSid
FreeSid
OpenProcessToken
IsTextUnicode
StartServiceW
ControlService
OpenSCManagerW
OpenServiceW
QueryServiceStatus
CloseServiceHandle
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
GetTokenInformation
CheckTokenMembership
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAce
InitializeAcl
GetLengthSid

kernel32

DeviceIoControl
LocalReAlloc
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExW
RaiseException
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
CloseHandle
GetLastError
GetCurrentProcess
MultiByteToWideChar
SetCurrentDirectoryW
GetWindowsDirectoryW
GetLocalTime
EnumResourceLanguagesW
SetThreadLocale
IsValidLocale
GetUserDefaultUILanguage
WaitForMultipleObjects
GetCommandLineW
WriteFile
CreateFileW
CreateThread
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
LocalFree
FormatMessageW
SetFileAttributesW
FindClose
FindNextFileW
FindFirstFileW
GetTempFileNameW
lstrcmpiW
lstrlenW
lstrcmpW
GetFileAttributesW
DeleteFileW
ReadFile
SetFilePointer
ReleaseMutex
WaitForSingleObject
HeapFree
GetProcessHeap
SetEndOfFile
HeapAlloc
CreateMutexW
CreateEventW
SetEvent
ResetEvent
SetConsoleCursorPosition
FillConsoleOutputCharacterW
ReadConsoleOutputW
GetConsoleScreenBufferInfo
SetConsoleMode
GetConsoleMode
FreeLibrary
FreeConsole
GetStdHandle
GetProcAddress
LoadLibraryW
WriteConsoleOutputW
WriteConsoleW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetStartupInfoW
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
HeapReAlloc
HeapSize
lstrcpyW
RemoveDirectoryW
CreateDirectoryW
GetFullPathNameW
GetModuleHandleW
GetModuleFileNameW
lstrcpynW
GlobalFree
MoveFileExW
GetShortPathNameW
CopyFileW
SetLastError
GetSystemWindowsDirectoryW
GetCurrentDirectoryW
GetEnvironmentVariableW
CompareStringW
VerifyVersionInfoW
VerSetConditionMask
Sleep
LocalAlloc
GetSystemDirectoryW

gdi32

GetTextMetricsW
StartPage
GetDeviceCaps
CreateFontIndirectW
EndPage
EndDoc
DeleteObject
StartDocW

user32

GetParent
SetDlgItemTextW
IsDlgButtonChecked
CheckDlgButton
SetFocus
DrawTextExW
LoadImageW
LoadBitmapW
PostMessageW
GetSysColor
LoadIconW
LoadStringW
DestroyWindow
SetWindowLongW
GetWindowLongPtrW
SendDlgItemMessageW
InvalidateRect
SystemParametersInfoW
GetDC
ReleaseDC
SetWindowLongPtrW
SetWindowTextW
CallWindowProcW
DestroyIcon
DialogBoxParamW
EndDialog
GetDlgItem
SendMessageW
MessageBoxW
GetProcessWindowStation
GetUserObjectInformationW
CharLowerW
CharPrevW
GetSystemMetrics

shell32

ord59
CommandLineToArgvW
SHGetFolderPathW

setupapi

CM_Locate_DevNodeW
SetupDiOpenClassRegKey
SetupDiClassNameFromGuidW
pSetupSetGlobalFlags
pSetupGetGlobalFlags
SetupGetFieldCount
SetupGetIntField
SetupGetStringFieldW
SetupFindNextLine
SetupFindNextMatchLineW
CM_Get_Device_ID_List_SizeW
SetupPromptReboot
SetupInstallFromInfSectionW
SetupInstallServicesFromInfSectionW
SetupFindFirstLineW
CMP_WaitNoPendingInstallEvents
SetupOpenAppendInfFileW
SetupGetLineCountW
SetupDiGetActualSectionToInstallW
SetupCloseInfFile
SetupOpenInfFileW
SetupDiSetSelectedDevice
CM_Get_Device_ID_ListW
CM_Setup_DevNode
CM_Query_And_Remove_SubTreeW
CM_Enumerate_Classes
SetupInstallFilesFromInfSectionW
SetupDiOpenDeviceInfoW
SetupQueueCopyW
SetupQueueCopyIndirectW
SetupTermDefaultQueueCallback
SetupDefaultQueueCallbackW
SetupCommitFileQueueW
SetupInitDefaultQueueCallbackEx
SetupOpenFileQueue
SetupCloseFileQueue
SetupGetTargetPathW
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiOpenDevRegKey
SetupDiEnumDeviceInfo
SetupCopyOEMInfW
SetupDiSetDeviceRegistryPropertyW
SetupDiGetDeviceRegistryPropertyW
SetupDiCreateDeviceInfoList
CM_Get_DevNode_Status
SetupDiGetDeviceInstanceIdW
SetupDiCallClassInstaller
SetupDiBuildDriverInfoList
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceInstallParamsW
SetupDiGetDriverInfoDetailW
SetupDiGetSelectedDriverW
SetupDiSetClassInstallParamsW
CM_Get_Device_IDW

wintrust

WinVerifyTrust
CryptCATAdminCalcHashFromFileHandle

ole32

CoTaskMemFree
StringFromCLSID
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

VariantClear
VariantInit
SysAllocString
SysFreeString
VariantChangeType

crypt32

CryptQueryObject
CertGetCTLContextProperty
CertFreeCTLContext
CertFreeCertificateContext

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 667KB - Virtual size: 666KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Shared
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/win7x64/combus.cat
EGALAX TOUCH_Win7_5.6.0.6806/win7x64/combus.inf
EGALAX TOUCH_Win7_5.6.0.6806/win7x64/combus.sys
.sys windows:6 windows x64 arch:x64

7e4da4925e2e958509654c961103dbc7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\output\amd64\combus.pdb

Imports

ntoskrnl.exe

ExAllocatePool
ExFreePool
RtlAppendUnicodeStringToString
DbgPrint
IoAcquireRemoveLockEx
ExReleaseFastMutex
ExAcquireFastMutex
KeSetEvent
IoFreeWorkItem
KeInitializeEvent
IoReleaseRemoveLockEx
PoRequestPowerIrp
IoCancelIrp
PoSetPowerState
IoAllocateWorkItem
PoStartNextPowerIrp
IofCompleteRequest
IoReleaseRemoveLockAndWaitEx
KeWaitForSingleObject
IoAttachDeviceToDeviceStack
PoCallDriver
IoInitializeRemoveLockEx
IoQueueWorkItem
IofCallDriver
KeClearEvent
PsCreateSystemThread
ZwClose
ObReferenceObjectByHandle
ObfDereferenceObject
KeReleaseSemaphore
KeReleaseMutex
RtlInitUnicodeString
IoDeleteDevice
RtlQueryRegistryValues
IoDetachDevice
IoCreateSymbolicLink
IoCreateDevice
ExAllocatePoolWithTag
IoBuildDeviceIoControlRequest
IoDeleteSymbolicLink
KeSetPriorityThread
IoInvalidateDeviceRelations
MmBuildMdlForNonPagedPool
KeDelayExecutionThread
IoGetDeviceObjectPointer
PsTerminateSystemThread
RtlWriteRegistryValue
IoAllocateIrp
ObfReferenceObject
KeWaitForMultipleObjects
IoAllocateMdl
KeRemoveQueueDpc
KeInitializeDpc
KeInitializeTimer
IoFreeIrp
KeSetTimer
IoOpenDeviceRegistryKey
KeCancelTimer
IoReleaseCancelSpinLock
IoAcquireCancelSpinLock
KeBugCheckEx
KeInitializeMutex
KeInitializeSemaphore
__C_specific_handler

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/win7x64/devcon.exe
.exe windows:6 windows x64 arch:x64

3379adb25e1d167eef855835156fc734

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\winddk\6000\src\setup\devcon\objfre_wlh_amd64\amd64\devcon.pdb

Imports

advapi32

OpenProcessToken
LookupPrivilegeValueW
RegQueryValueExW
AdjustTokenPrivileges
InitiateSystemShutdownExW
RegCloseKey
RegSetValueExW
CloseServiceHandle
RegDeleteValueW
OpenSCManagerW
OpenServiceW

kernel32

LocalFree
lstrlenW
GetLastError
GetCurrentProcess
CloseHandle
FormatMessageW
LoadLibraryW
GetDateFormatW
FileTimeToSystemTime
FreeLibrary
GetProcAddress
FindNextFileW
GetFileAttributesW
GetWindowsDirectoryW
GetFullPathNameW
FindFirstFileW
FindClose
Sleep
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleW
SetUnhandledExceptionFilter
UnhandledExceptionFilter

msvcrt

??2@YAPEAX_K@Z
fputs
wcsrchr
__iob_func
towupper
iswalpha
??3@YAXPEAX@Z
_wcsicmp
?terminate@@YAXXZ
memset
__set_app_type
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
exit
_cexit
_exit
_XcptFilter
__C_specific_handler
__wgetmainargs
wprintf
towlower
_wcsnicmp
fputws
wcschr

ntdll

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

ole32

CLSIDFromString

setupapi

CM_Free_Log_Conf_Handle
SetupDiEnumDeviceInfo
CM_Get_Device_ID_ExW
SetupDiSetDeviceRegistryPropertyW
SetupDiGetINFClassW
CM_Disconnect_Machine
CM_Locate_DevNode_ExW
SetupDiBuildClassInfoListExW
SetupDiSetClassInstallParamsW
SetupDiCreateDeviceInfoW
SetupDiClassNameFromGuidExW
CM_Reenumerate_DevNode_Ex
SetupDiCreateDeviceInfoList
SetupCopyOEMInfW
CM_Connect_MachineW
SetupOpenFileQueue
SetupDiSetSelectedDriverW
SetupDiCallClassInstaller
SetupGetStringFieldW
SetupDiDestroyDriverInfoList
CM_Get_Res_Des_Data_Size_Ex
SetupOpenInfFileW
SetupDiEnumDriverInfoW
CM_Free_Res_Des_Handle
SetupDiDestroyDeviceInfoList
CM_Get_First_Log_Conf_Ex
SetupScanFileQueueW
SetupDiSetDeviceInstallParamsW
CM_Get_DevNode_Status_Ex
CM_Get_Next_Res_Des_Ex
SetupFindFirstLineW
SetupCloseFileQueue
SetupDiGetDriverInfoDetailW
SetupDiGetClassDescriptionExW
SetupDiBuildDriverInfoList
SetupDiGetDriverInstallParamsW
CM_Get_Res_Des_Data_Ex
SetupDiGetDeviceInstallParamsW
SetupDiOpenClassRegKeyExW
SetupDiOpenDevRegKey
SetupCloseInfFile
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsExW
SetupDiClassGuidsFromNameExW
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInfoListDetailW
SetupDiCreateDeviceInfoListExW

user32

CharPrevW
CharNextW
LoadStringW

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/win7x64/egxfilter.cat
EGALAX TOUCH_Win7_5.6.0.6806/win7x64/egxfilter.inf
EGALAX TOUCH_Win7_5.6.0.6806/win7x64/egxfilter.sys
.sys windows:6 windows x64 arch:x64

c192d10777afdeffba7b539699594f21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\output\amd64\egxfilter.pdb

Imports

ntoskrnl.exe

KeRemoveQueueDpc
KeInitializeMutex
RtlInitUnicodeString
RtlCheckRegistryKey
RtlAppendUnicodeToString
RtlQueryRegistryValues
KeInitializeDpc
KeInitializeTimer
KeReleaseMutex
ZwQueryValueKey
ExAllocatePool
PsTerminateSystemThread
ExFreePool
ZwClose
RtlAppendUnicodeStringToString
KeWaitForSingleObject
RtlWriteRegistryValue
KeSetTimer
ObfDereferenceObject
IoOpenDeviceRegistryKey
KeCancelTimer
IoReleaseCancelSpinLock
IoAcquireCancelSpinLock
RtlCreateRegistryKey
ZwOpenKey
KeReleaseSpinLock
KeInitializeSemaphore
KeReleaseSemaphore
KeAcquireSpinLockRaiseToDpc
IofCallDriver
PsCreateSystemThread
ObReferenceObjectByHandle
IoRegisterDeviceInterface
IoDeleteDevice
IoDetachDevice
IoDeleteSymbolicLink
IoCreateDevice
KeQueryTimeIncrement
RtlInt64ToUnicodeString
RtlCompareUnicodeString
IoCreateSymbolicLink
IoInitializeRemoveLockEx
IoGetDeviceProperty
IoAcquireRemoveLockEx
IoSetDeviceInterfaceState
IoReleaseRemoveLockEx
RtlFreeUnicodeString
IoReleaseRemoveLockAndWaitEx
PoStartNextPowerIrp
PoCallDriver
NlsMbCodePageTag
IoBuildDeviceIoControlRequest
RtlUnicodeStringToAnsiString
IoCancelIrp
KeDelayExecutionThread
IoFreeIrp
RtlFreeAnsiString
IoAllocateIrp
RtlxUnicodeStringToAnsiSize
KeSetPriorityThread
IoGetDeviceObjectPointer
ObReferenceObjectByPointer
KeInsertQueueDpc
KeSynchronizeExecution
ExReleaseFastMutex
ExAcquireFastMutex
IoWMIRegistrationControl
ObfReferenceObject
PoSetPowerState
KeBugCheckEx
KeClearEvent
KeWaitForMultipleObjects
DbgPrint
IofCompleteRequest
KeInitializeEvent
IoAttachDeviceToDeviceStack
KeSetEvent
__C_specific_handler

wmilib.sys

WmiSystemControl
WmiCompleteRequest

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseConfigurationDescriptorEx
USBD_ParseDescriptors

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/win7x64/lpk.dll
.dll windows:5 windows x86 arch:x86

00c5fd00087020a0645079ce30f4148b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetProcAddress
RtlMoveMemory
LoadLibraryW
lstrcatW
GetSystemDirectoryW
FreeLibrary
lstrcpynA
LockResource
LoadResource
SizeofResource
FindResourceW
CreateProcessW
RtlZeroMemory
CloseHandle
WriteFile
CreateFileW
GetTempFileNameW
GetTempPathW
GetLastError
CreateMutexA
lstrcmpiW
GetModuleFileNameW
GetExitCodeProcess
TerminateProcess
WaitForSingleObject
GetCurrentThreadId
GetFileAttributesW
lstrcpyW
GetTickCount
GetLogicalDrives
FindNextFileW
SetFileAttributesW
CopyFileW
FindClose
FindFirstFileW
WaitForMultipleObjects
TerminateThread
ResumeThread
SetThreadPriority
CreateThread
SetEvent
CreateEventW
DisableThreadLibraryCalls

user32

wsprintfW

shell32

ord64
ord92

shlwapi

SHRegGetValueW
PathFindExtensionW
PathFindFileNameW
PathAppendW
PathRemoveFileSpecW
StrStrIW

Exports

Exports

LpkDllInitialize
LpkDrawTextEx
LpkEditControl
LpkExtTextOut
LpkGetCharacterPlacement
LpkGetTextExtentExPoint
LpkInitialize
LpkPSMTextOut
LpkTabbedTextOut
LpkUseGDIWidthCache
ftsWordBreak

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/win7x64/sertouch.cat
EGALAX TOUCH_Win7_5.6.0.6806/win7x64/sertouch.inf
EGALAX TOUCH_Win7_5.6.0.6806/win7x64/sertouch.sys
.sys windows:6 windows x64 arch:x64

61528883024af0fe7007ac8c481724c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\output\amd64\sertouch.pdb

Imports

ntoskrnl.exe

KeRemoveQueueDpc
KeInitializeMutex
RtlInitUnicodeString
RtlCheckRegistryKey
RtlAppendUnicodeToString
RtlQueryRegistryValues
KeInitializeDpc
KeInitializeTimer
KeReleaseMutex
ZwQueryValueKey
ExAllocatePool
PsTerminateSystemThread
ExFreePool
ZwClose
RtlAppendUnicodeStringToString
RtlWriteRegistryValue
KeSetTimer
ObfDereferenceObject
IoOpenDeviceRegistryKey
KeCancelTimer
KeWaitForMultipleObjects
IoReleaseCancelSpinLock
IoAcquireCancelSpinLock
RtlCreateRegistryKey
ZwOpenKey
KeReleaseSpinLock
KeInitializeSemaphore
KeReleaseSemaphore
KeAcquireSpinLockRaiseToDpc
IofCallDriver
PsCreateSystemThread
ObReferenceObjectByHandle
IoDeleteSymbolicLink
IoDeleteDevice
IoDetachDevice
IoAttachDeviceToDeviceStack
IoCreateDevice
KeQueryTimeIncrement
IoSetDeviceInterfaceState
RtlInt64ToUnicodeString
IoCreateSymbolicLink
IoInitializeRemoveLockEx
IoGetDeviceProperty
IoAcquireRemoveLockEx
IoReleaseRemoveLockEx
RtlFreeUnicodeString
IoReleaseRemoveLockAndWaitEx
PoStartNextPowerIrp
PoCallDriver
NlsMbCodePageTag
IoBuildDeviceIoControlRequest
RtlUnicodeStringToAnsiString
IoCancelIrp
KeDelayExecutionThread
IoFreeIrp
RtlFreeAnsiString
IoAllocateIrp
RtlxUnicodeStringToAnsiSize
KeSetPriorityThread
IoGetDeviceObjectPointer
ObReferenceObjectByPointer
ExReleaseFastMutex
ExAcquireFastMutex
IoWMIRegistrationControl
KeBugCheckEx
KeClearEvent
KeWaitForSingleObject
DbgPrint
IofCompleteRequest
KeInitializeEvent
IoRegisterDeviceInterface
KeSetEvent
__C_specific_handler

wmilib.sys

WmiSystemControl
WmiCompleteRequest

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseConfigurationDescriptorEx
USBD_ParseDescriptors

Sections

.text
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 938B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EGALAX TOUCH_Win7_5.6.0.6806/win7x64/xtouch.cat
EGALAX TOUCH_Win7_5.6.0.6806/win7x64/xtouch.inf
EGALAX TOUCH_Win7_5.6.0.6806/win7x64/xtouch.sys
.sys windows:6 windows x64 arch:x64

89442d0829c8665303078176cf895fd5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\output\amd64\xtouch.pdb

Imports

ntoskrnl.exe

KeRemoveQueueDpc
KeInitializeMutex
RtlInitUnicodeString
RtlCheckRegistryKey
RtlAppendUnicodeToString
RtlQueryRegistryValues
KeInitializeDpc
KeInitializeTimer
KeReleaseMutex
ZwQueryValueKey
ExAllocatePool
PsTerminateSystemThread
ExFreePool
ZwClose
RtlAppendUnicodeStringToString
RtlWriteRegistryValue
KeSetTimer
ObfDereferenceObject
IoOpenDeviceRegistryKey
KeCancelTimer
KeWaitForMultipleObjects
IoReleaseCancelSpinLock
IoAcquireCancelSpinLock
RtlCreateRegistryKey
ZwOpenKey
KeReleaseSpinLock
KeInitializeSemaphore
KeReleaseSemaphore
KeAcquireSpinLockRaiseToDpc
IofCallDriver
PsCreateSystemThread
ObReferenceObjectByHandle
IoRegisterDeviceInterface
IoDeleteSymbolicLink
IoDetachDevice
IoAttachDeviceToDeviceStack
IoCreateDevice
KeQueryTimeIncrement
IoSetDeviceInterfaceState
RtlInt64ToUnicodeString
RtlCompareMemory
IoCreateSymbolicLink
IoInitializeRemoveLockEx
IoGetDeviceProperty
IoAcquireRemoveLockEx
IoReleaseRemoveLockEx
RtlFreeUnicodeString
IoReleaseRemoveLockAndWaitEx
PoSetPowerState
PoStartNextPowerIrp
PoCallDriver
NlsMbCodePageTag
IoBuildDeviceIoControlRequest
KeSetPriorityThread
RtlUnicodeStringToAnsiString
IoCancelIrp
KeDelayExecutionThread
IoFreeIrp
RtlFreeAnsiString
IoAllocateIrp
RtlxUnicodeStringToAnsiSize
IoGetDeviceObjectPointer
ObReferenceObjectByPointer
ExReleaseFastMutex
ExAcquireFastMutex
IoWMIRegistrationControl
KeBugCheckEx
KeClearEvent
KeWaitForSingleObject
DbgPrint
IofCompleteRequest
KeInitializeEvent
IoDeleteDevice
KeSetEvent
__C_specific_handler

wmilib.sys

WmiSystemControl
WmiCompleteRequest

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseConfigurationDescriptorEx
USBD_ParseDescriptors

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 934B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 1.1MB

UPX1 Size: 356KB - Virtual size: 360KB

.rsrc Size: 128KB - Virtual size: 132KB

Code Sign

0aCertificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

03:69:39:c4:75:d5:3c:1d:70:99:2d:b8:a8:7e:b7:d3Certificate

Extended Key Usages

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88Certificate

Extended Key Usages

Key Usages

71:42:63:c0:8c:8b:dc:e9:b1:9f:e5:06:03:fa:23:ec:e3:ee:77:a5Signer

Headers

File Characteristics

Sections

.text Size: 4KB - Virtual size: 6B

.rsrc Size: 144KB - Virtual size: 140KB

.reloc Size: 4KB - Virtual size: 12B

348be35a4afc5af614598897bb5bc8d0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 148KB - Virtual size: 144KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 20KB - Virtual size: 35KB

.rsrc Size: 84KB - Virtual size: 81KB

ed8702941ee1e8c0a1c5229b03bdcab1

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

Sections

.text Size: 4KB - Virtual size: 2KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 340B

.rsrc Size: 84KB - Virtual size: 80KB

1aed31afb7ff23b5b1cb42cd12106c59

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 420B

UPX0
Size: - Virtual size: 1.1MB

UPX1
Size: 356KB - Virtual size: 360KB

.rsrc
Size: 128KB - Virtual size: 132KB

0a
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

03:69:39:c4:75:d5:3c:1d:70:99:2d:b8:a8:7e:b7:d3
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

71:42:63:c0:8c:8b:dc:e9:b1:9f:e5:06:03:fa:23:ec:e3:ee:77:a5
Signer

.text
Size: 4KB - Virtual size: 6B

.rsrc
Size: 144KB - Virtual size: 140KB

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 148KB - Virtual size: 144KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 20KB - Virtual size: 35KB

.rsrc
Size: 84KB - Virtual size: 81KB

.text
Size: 4KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 340B

.rsrc
Size: 84KB - Virtual size: 80KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 420B

.rsrc
Size: 84KB - Virtual size: 80KB

.text
Size: 140KB - Virtual size: 136KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 20KB - Virtual size: 30KB

.rsrc
Size: 76KB - Virtual size: 74KB

.text
Size: 148KB - Virtual size: 145KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 24KB - Virtual size: 29KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 12KB - Virtual size: 9KB

.text
Size: 12KB - Virtual size: 8KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 500B

.rsrc
Size: 84KB - Virtual size: 81KB