610301aed845d5cf63c54e871c568f1b09ed5c4f697b804033f77384ca212d7c[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

610301aed845d5cf63c54e871c568f1b09ed5c4f697b804033f77384ca212d7c.exe
Size

6.9MB
MD5

b4162a5bd63f8e055f4c1d4ba9286b58
SHA1

dceca0894aa48d26c68fedf715e22c5845e8447e
SHA256

610301aed845d5cf63c54e871c568f1b09ed5c4f697b804033f77384ca212d7c
SHA512

a9471a8fc52ab80cb4dd5d0ac8de8becfe74d6ef30387442e77bf3f4b44dc00789e37b84e879939f31e3c907305d46fcde167b53dcfa2e59f9a35c8476712574
SSDEEP

98304:FSgw0AV9jNXZz02l3uO+twjju2Q/6vVJkbN9e9w8QkUoAWueqjPmTEDzTzLZBZ2:FSg6ZXZn+n2e/6NJiUw8moAvETMVBZ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 17 IoCs

Checks for missing Authenticode signature.

Processes:

resource
610301aed845d5cf63c54e871c568f1b09ed5c4f697b804033f77384ca212d7c.exe
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/StartMenu.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/UserInfo.dll
unpack001/Uninstall.exe
unpack002/$PLUGINSDIR/UserInfo.dll
unpack001/libglib-2.0-0.dll
unpack001/libiconv-2.dll
unpack001/libintl-8.dll
unpack001/mt32emu-qt.exe
unpack001/mt32emu-smf2wav.exe
unpack001/mt32emu_win32drv/drvsetup.exe
unpack001/mt32emu_win32drv/infinstall.exe
unpack001/mt32emu_win32drv/infinstall_x64.exe
unpack001/mt32emu_win32drv/mt32emu.dll
unpack001/mt32emu_win32drv/mt32emu_x64.dll

NSIS installer 4 IoCs

installer

Processes:

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/Uninstall.exe	nsis_installer_1
static1/unpack001/Uninstall.exe	nsis_installer_2

Files

610301aed845d5cf63c54e871c568f1b09ed5c4f697b804033f77384ca212d7c.exe
.exe windows:4 windows x86 arch:x86

ced282d9b261d1462772017fe2f6972b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExA
RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
SetFileSecurityA
RegOpenKeyExA
RegEnumValueA

shell32

SHGetFileInfoA
SHFileOperationA
SHGetPathFromIDListA
ShellExecuteExA
SHGetSpecialFolderLocation
SHBrowseForFolderA

ole32

IIDFromString
OleInitialize
OleUninitialize
CoCreateInstance
CoTaskMemFree

comctl32

ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

user32

SetClipboardData
CharPrevA
CallWindowProcA
PeekMessageA
DispatchMessageA
MessageBoxIndirectA
GetDlgItemTextA
SetDlgItemTextA
GetSystemMetrics
CreatePopupMenu
AppendMenuA
TrackPopupMenu
FillRect
EmptyClipboard
LoadCursorA
GetMessagePos
CheckDlgButton
GetSysColor
SetCursor
GetWindowLongA
SetClassLongA
SetWindowPos
IsWindowEnabled
GetWindowRect
GetSystemMenu
EnableMenuItem
RegisterClassA
ScreenToClient
EndDialog
GetClassInfoA
SystemParametersInfoA
CreateWindowExA
ExitWindowsEx
DialogBoxParamA
CharNextA
SetTimer
DestroyWindow
CreateDialogParamA
SetForegroundWindow
SetWindowTextA
PostQuitMessage
SendMessageTimeoutA
ShowWindow
wsprintfA
GetDlgItem
FindWindowExA
IsWindow
GetDC
SetWindowLongA
LoadImageA
InvalidateRect
ReleaseDC
EnableWindow
BeginPaint
SendMessageA
DefWindowProcA
DrawTextA
GetClientRect
EndPaint
IsWindowVisible
CloseClipboard
OpenClipboard

gdi32

SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectA
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject

kernel32

GetExitCodeProcess
WaitForSingleObject
GetProcAddress
GetSystemDirectoryA
WideCharToMultiByte
MoveFileExA
ReadFile
GetTempFileNameA
WriteFile
RemoveDirectoryA
CreateProcessA
CreateFileA
GetLastError
CreateThread
CreateDirectoryA
GlobalUnlock
GetDiskFreeSpaceA
GlobalLock
SetErrorMode
GetVersion
lstrcpynA
GetCommandLineA
GetTempPathA
lstrlenA
SetEnvironmentVariableA
ExitProcess
GetWindowsDirectoryA
GetCurrentProcess
GetModuleFileNameA
CopyFileA
GetTickCount
Sleep
GetFileSize
GetFileAttributesA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetShortPathNameA
MoveFileA
CompareFileTime
SetFileTime
SearchPathA
lstrcmpiA
lstrcmpA
CloseHandle
GlobalFree
GlobalAlloc
ExpandEnvironmentStringsA
LoadLibraryExA
FreeLibrary
lstrcpyA
lstrcatA
FindClose
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
SetFilePointer
GetModuleHandleA
FindNextFileA
FindFirstFileA
DeleteFileA
MulDiv

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

610235b90207a63ccf481f0d4375d329

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileIntA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileStringA
SetCurrentDirectoryA
GetModuleHandleA
lstrcmpiA
WritePrivateProfileStringA
lstrcatA
lstrcpynA
GlobalFree
lstrlenA
lstrcpyA
GlobalUnlock
GlobalAlloc
GlobalLock

user32

MapWindowPoints
PtInRect
CloseClipboard
LoadCursorA
GetDlgCtrlID
OpenClipboard
GetClientRect
SetWindowRgn
DrawFocusRect
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
DrawTextA
SetCursor
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
CallWindowProcA
PostMessageA
MessageBoxA
GetSysColor
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetWindowLongA
EnableMenuItem
GetSystemMenu
GetClipboardData
LoadIconA

gdi32

DeleteObject
CombineRgn
SetTextColor
GetDIBits
SelectObject
CreateRectRgn
GetObjectA
CreateCompatibleDC

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
SHGetDesktopFolder

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/NSIS.InstallOptions.ini
$PLUGINSDIR/StartMenu.dll
.dll windows:4 windows x86 arch:x86

17fb6a8708b9c0bb2d5d8687870eb415

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatA
FindClose
FindNextFileA
lstrcmpA
GetModuleHandleA
lstrcmpiA
MulDiv
lstrcpynA
GlobalAlloc
lstrcpyA
FindFirstFileA
GlobalFree

user32

GetMessageA
TranslateMessage
PostMessageA
DispatchMessageA
GetDlgItem
GetWindowLongA
CheckDlgButton
ShowWindow
LoadIconA
GetClientRect
MoveWindow
DestroyWindow
GetWindowRect
ReleaseDC
GetDC
EnableWindow
SetWindowTextA
SendMessageA
IsDlgButtonChecked
GetWindowTextA
CreateDialogParamA
SetWindowLongA
wsprintfA
ScreenToClient
IsDialogMessageA
CallWindowProcA

gdi32

GetTextMetricsA
SelectObject

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoTaskMemFree

Exports

Exports

Init
Select
Show

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

8c8a576201f68de1a3f26fc723b9f30f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GlobalFree
GlobalSize
lstrcpynA
lstrcpyA
GetProcAddress
VirtualFree
FreeLibrary
lstrlenA
LoadLibraryA
GetModuleHandleA
GlobalAlloc
WideCharToMultiByte
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

d576645bcd8a66d2fe678a075f4cc6e0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
GetUserNameA

kernel32

GlobalFree
GetVersion
GlobalAlloc
CloseHandle
GetModuleHandleA
GetLastError
GetCurrentProcess
GetCurrentThread
GetProcAddress
lstrcpynA

Exports

Exports

GetAccountType
GetName
GetOriginalAccountType

Sections

.text
Size: 1024B - Virtual size: 711B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 705B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
Uninstall.exe
.exe windows:4 windows x86 arch:x86

ced282d9b261d1462772017fe2f6972b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExA
RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
SetFileSecurityA
RegOpenKeyExA
RegEnumValueA

shell32

SHGetFileInfoA
SHFileOperationA
SHGetPathFromIDListA
ShellExecuteExA
SHGetSpecialFolderLocation
SHBrowseForFolderA

ole32

IIDFromString
OleInitialize
OleUninitialize
CoCreateInstance
CoTaskMemFree

comctl32

ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

user32

SetClipboardData
CharPrevA
CallWindowProcA
PeekMessageA
DispatchMessageA
MessageBoxIndirectA
GetDlgItemTextA
SetDlgItemTextA
GetSystemMetrics
CreatePopupMenu
AppendMenuA
TrackPopupMenu
FillRect
EmptyClipboard
LoadCursorA
GetMessagePos
CheckDlgButton
GetSysColor
SetCursor
GetWindowLongA
SetClassLongA
SetWindowPos
IsWindowEnabled
GetWindowRect
GetSystemMenu
EnableMenuItem
RegisterClassA
ScreenToClient
EndDialog
GetClassInfoA
SystemParametersInfoA
CreateWindowExA
ExitWindowsEx
DialogBoxParamA
CharNextA
SetTimer
DestroyWindow
CreateDialogParamA
SetForegroundWindow
SetWindowTextA
PostQuitMessage
SendMessageTimeoutA
ShowWindow
wsprintfA
GetDlgItem
FindWindowExA
IsWindow
GetDC
SetWindowLongA
LoadImageA
InvalidateRect
ReleaseDC
EnableWindow
BeginPaint
SendMessageA
DefWindowProcA
DrawTextA
GetClientRect
EndPaint
IsWindowVisible
CloseClipboard
OpenClipboard

gdi32

SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectA
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject

kernel32

GetExitCodeProcess
WaitForSingleObject
GetProcAddress
GetSystemDirectoryA
WideCharToMultiByte
MoveFileExA
ReadFile
GetTempFileNameA
WriteFile
RemoveDirectoryA
CreateProcessA
CreateFileA
GetLastError
CreateThread
CreateDirectoryA
GlobalUnlock
GetDiskFreeSpaceA
GlobalLock
SetErrorMode
GetVersion
lstrcpynA
GetCommandLineA
GetTempPathA
lstrlenA
SetEnvironmentVariableA
ExitProcess
GetWindowsDirectoryA
GetCurrentProcess
GetModuleFileNameA
CopyFileA
GetTickCount
Sleep
GetFileSize
GetFileAttributesA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetShortPathNameA
MoveFileA
CompareFileTime
SetFileTime
SearchPathA
lstrcmpiA
lstrcmpA
CloseHandle
GlobalFree
GlobalAlloc
ExpandEnvironmentStringsA
LoadLibraryExA
FreeLibrary
lstrcpyA
lstrcatA
FindClose
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
SetFilePointer
GetModuleHandleA
FindNextFileA
FindFirstFileA
DeleteFileA
MulDiv

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

d576645bcd8a66d2fe678a075f4cc6e0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
GetUserNameA

kernel32

GlobalFree
GetVersion
GlobalAlloc
CloseHandle
GetModuleHandleA
GetLastError
GetCurrentProcess
GetCurrentThread
GetProcAddress
lstrcpynA

Exports

Exports

GetAccountType
GetName
GetOriginalAccountType

Sections

.text
Size: 1024B - Virtual size: 711B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 705B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
docs/mt32emu/AUTHORS.txt
docs/mt32emu/COPYING.LESSER.txt
docs/mt32emu/COPYING.txt
docs/mt32emu/NEWS.txt
docs/mt32emu/README.html
.html
docs/mt32emu/README.md
docs/mt32emu/TODO.txt
docs/mt32emu_qt/AUTHORS.txt
docs/mt32emu_qt/COPYING.txt
docs/mt32emu_qt/NEWS.txt
docs/mt32emu_qt/README.html
.html
docs/mt32emu_qt/README.md
docs/mt32emu_qt/TODO.txt
docs/mt32emu_smf2wav/AUTHORS.txt
docs/mt32emu_smf2wav/COPYING.txt
docs/mt32emu_smf2wav/README.html
.html
docs/mt32emu_smf2wav/README.md
docs/mt32emu_win32drv/COPYING.LESSER.txt
docs/mt32emu_win32drv/COPYING.txt
docs/mt32emu_win32drv/NEWS.txt
docs/mt32emu_win32drv/README.html
.html
docs/mt32emu_win32drv/README.md
libglib-2.0-0.dll
.dll windows:4 windows x64 arch:x64

71e4a184f2e8ff6661cb0094849d4288

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

libintl-8

libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_dcgettext
libintl_dgettext
libintl_dngettext
libintl_gettext
libintl_sprintf
libintl_textdomain

advapi32

GetUserNameW

kernel32

CloseHandle
CreateEventA
CreateFileMappingA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
ExpandEnvironmentStringsW
FormatMessageW
FreeEnvironmentStringsW
GetACP
GetCPInfoExA
GetComputerNameA
GetConsoleCursorInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesA
GetFileAttributesW
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetShortPathNameW
GetStdHandle
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetVersion
GetWindowsDirectoryW
InitializeCriticalSection
IsDBCSLeadByteEx
IsDebuggerPresent
IsValidCodePage
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
MapViewOfFile
MoveFileExW
MultiByteToWideChar
PeekConsoleInputA
PeekNamedPipe
QueryPerformanceCounter
ReadConsoleInputA
ReadFile
ResetEvent
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetEnvironmentVariableW
SetEvent
SetUnhandledExceptionFilter
Sleep
SleepEx
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForMultipleObjectsEx
WaitForSingleObject
WideCharToMultiByte
WriteFile

msvcrt

_close
_fdopen
_getpid
_read
_write
__dllonexit
__iob_func
__mb_cur_max
_amsg_exit
_beginthreadex
_chsize
_endthreadex
_errno
_exit
_findclose
_fstat64
_get_osfhandle
_gmtime64
_initterm
_kbhit
_localtime64
_lock
_lseeki64
_mktime64
_onexit
_open_osfhandle
_osver
_pipe
_stricmp
_strnicmp
_time64
_unlock
_waccess
_wchdir
_wchmod
_wcreat
_wfindfirst64
_wfindnext64
_wfopen
_wfreopen
_wfullpath
_wmkdir
_wopen
_wputenv
_wremove
_wrmdir
_wspawnv
_wspawnve
_wspawnvp
_wspawnvpe
_wstat64
_wunlink
_wutime
abort
atoi
atol
bsearch
calloc
exit
fclose
feof
ferror
fflush
fprintf
fputc
fputs
fread
free
fwrite
getenv
islower
isupper
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
printf
realloc
setlocale
signal
sprintf
strchr
strcmp
strcoll
strcpy
strcspn
strerror
strlen
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtol
strtoul
strxfrm
tolower
toupper
vfprintf
wcscat
wcschr
wcscmp
wcscpy
wcslen

ole32

CoTaskMemFree

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation

user32

IsWindow
MessageBoxA
MsgWaitForMultipleObjectsEx
PeekMessageA
PostMessageA

winmm

timeGetTime

ws2_32

WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAGetLastError
WSASetEvent
closesocket
getsockopt
ioctlsocket
recv
send

Exports

Exports

_glib_get_locale_dir
g_access
g_allocator_free
g_allocator_new
g_array_append_vals
g_array_free
g_array_get_element_size
g_array_insert_vals
g_array_new
g_array_prepend_vals
g_array_ref
g_array_remove_index
g_array_remove_index_fast
g_array_remove_range
g_array_set_clear_func
g_array_set_size
g_array_sized_new
g_array_sort
g_array_sort_with_data
g_array_unref
g_ascii_digit_value
g_ascii_dtostr
g_ascii_formatd
g_ascii_strcasecmp
g_ascii_strdown
g_ascii_strncasecmp
g_ascii_strtod
g_ascii_strtoll
g_ascii_strtoull
g_ascii_strup
g_ascii_table
g_ascii_tolower
g_ascii_toupper
g_ascii_xdigit_value
g_assert_warning
g_assertion_message
g_assertion_message_cmpnum
g_assertion_message_cmpstr
g_assertion_message_error
g_assertion_message_expr
g_async_queue_length
g_async_queue_length_unlocked
g_async_queue_lock
g_async_queue_new
g_async_queue_new_full
g_async_queue_pop
g_async_queue_pop_unlocked
g_async_queue_push
g_async_queue_push_sorted
g_async_queue_push_sorted_unlocked
g_async_queue_push_unlocked
g_async_queue_ref
g_async_queue_ref_unlocked
g_async_queue_sort
g_async_queue_sort_unlocked
g_async_queue_timed_pop
g_async_queue_timed_pop_unlocked
g_async_queue_timeout_pop
g_async_queue_timeout_pop_unlocked
g_async_queue_try_pop
g_async_queue_try_pop_unlocked
g_async_queue_unlock
g_async_queue_unref
g_async_queue_unref_and_unlock
g_atexit
g_atomic_int_add
g_atomic_int_and
g_atomic_int_compare_and_exchange
g_atomic_int_dec_and_test
g_atomic_int_exchange_and_add
g_atomic_int_get
g_atomic_int_inc
g_atomic_int_or
g_atomic_int_set
g_atomic_int_xor
g_atomic_pointer_add
g_atomic_pointer_and
g_atomic_pointer_compare_and_exchange
g_atomic_pointer_get
g_atomic_pointer_or
g_atomic_pointer_set
g_atomic_pointer_xor
g_base64_decode
g_base64_decode_inplace
g_base64_decode_step
g_base64_encode
g_base64_encode_close
g_base64_encode_step
g_basename
g_bit_lock
g_bit_nth_lsf
g_bit_nth_msf
g_bit_storage
g_bit_trylock
g_bit_unlock
g_blow_chunks
g_bookmark_file_add_application
g_bookmark_file_add_group
g_bookmark_file_error_quark
g_bookmark_file_free
g_bookmark_file_get_added
g_bookmark_file_get_app_info
g_bookmark_file_get_applications
g_bookmark_file_get_description
g_bookmark_file_get_groups
g_bookmark_file_get_icon
g_bookmark_file_get_is_private
g_bookmark_file_get_mime_type
g_bookmark_file_get_modified
g_bookmark_file_get_size
g_bookmark_file_get_title
g_bookmark_file_get_uris
g_bookmark_file_get_visited
g_bookmark_file_has_application
g_bookmark_file_has_group
g_bookmark_file_has_item
g_bookmark_file_load_from_data
g_bookmark_file_load_from_data_dirs
g_bookmark_file_load_from_file
g_bookmark_file_move_item
g_bookmark_file_new
g_bookmark_file_remove_application
g_bookmark_file_remove_group
g_bookmark_file_remove_item
g_bookmark_file_set_added
g_bookmark_file_set_app_info
g_bookmark_file_set_description
g_bookmark_file_set_groups
g_bookmark_file_set_icon
g_bookmark_file_set_is_private
g_bookmark_file_set_mime_type
g_bookmark_file_set_modified
g_bookmark_file_set_title
g_bookmark_file_set_visited
g_bookmark_file_to_data
g_bookmark_file_to_file
g_build_filename
g_build_filenamev
g_build_path
g_build_pathv
g_byte_array_append
g_byte_array_free
g_byte_array_free_to_bytes
g_byte_array_new
g_byte_array_new_take
g_byte_array_prepend
g_byte_array_ref
g_byte_array_remove_index
g_byte_array_remove_index_fast
g_byte_array_remove_range
g_byte_array_set_size
g_byte_array_sized_new
g_byte_array_sort
g_byte_array_sort_with_data
g_byte_array_unref
g_bytes_compare
g_bytes_equal
g_bytes_get_data
g_bytes_get_size
g_bytes_hash
g_bytes_new
g_bytes_new_from_bytes
g_bytes_new_static
g_bytes_new_take
g_bytes_new_with_free_func
g_bytes_ref
g_bytes_unref
g_bytes_unref_to_array
g_bytes_unref_to_data
g_cache_destroy
g_cache_insert
g_cache_key_foreach
g_cache_new
g_cache_remove
g_cache_value_foreach
g_chdir
g_checksum_copy
g_checksum_free
g_checksum_get_digest
g_checksum_get_string
g_checksum_new
g_checksum_reset
g_checksum_type_get_length
g_checksum_update
g_child_watch_add
g_child_watch_add_full
g_child_watch_funcs
g_child_watch_source_new
g_chmod
g_clear_error
g_clear_pointer
g_completion_add_items
g_completion_clear_items
g_completion_complete
g_completion_complete_utf8
g_completion_free
g_completion_new
g_completion_remove_items
g_completion_set_compare
g_compute_checksum_for_bytes
g_compute_checksum_for_data
g_compute_checksum_for_string
g_compute_hmac_for_data
g_compute_hmac_for_string
g_cond_broadcast
g_cond_clear
g_cond_free
g_cond_init
g_cond_new
g_cond_signal
g_cond_timed_wait
g_cond_wait
g_cond_wait_until
g_convert
g_convert_error_quark
g_convert_with_fallback
g_convert_with_iconv
g_creat
g_datalist_clear
g_datalist_foreach
g_datalist_get_data
g_datalist_get_flags
g_datalist_id_dup_data
g_datalist_id_get_data
g_datalist_id_remove_no_notify
g_datalist_id_replace_data
g_datalist_id_set_data_full
g_datalist_init
g_datalist_set_flags
g_datalist_unset_flags
g_dataset_destroy
g_dataset_foreach
g_dataset_id_get_data
g_dataset_id_remove_no_notify
g_dataset_id_set_data_full
g_date_add_days
g_date_add_months
g_date_add_years
g_date_clamp
g_date_clear
g_date_compare
g_date_days_between
g_date_free
g_date_get_day
g_date_get_day_of_year
g_date_get_days_in_month
g_date_get_iso8601_week_of_year
g_date_get_julian
g_date_get_monday_week_of_year
g_date_get_monday_weeks_in_year
g_date_get_month
g_date_get_sunday_week_of_year
g_date_get_sunday_weeks_in_year
g_date_get_weekday
g_date_get_year
g_date_is_first_of_month
g_date_is_last_of_month
g_date_is_leap_year
g_date_new
g_date_new_dmy
g_date_new_julian
g_date_order
g_date_set_day
g_date_set_dmy
g_date_set_julian
g_date_set_month
g_date_set_parse
g_date_set_time
g_date_set_time_t
g_date_set_time_val
g_date_set_year
g_date_strftime
g_date_subtract_days
g_date_subtract_months
g_date_subtract_years
g_date_time_add
g_date_time_add_days
g_date_time_add_full
g_date_time_add_hours
g_date_time_add_minutes
g_date_time_add_months
g_date_time_add_seconds
g_date_time_add_weeks
g_date_time_add_years
g_date_time_compare
g_date_time_difference
g_date_time_equal
g_date_time_format
g_date_time_get_day_of_month
g_date_time_get_day_of_week
g_date_time_get_day_of_year
g_date_time_get_hour
g_date_time_get_microsecond
g_date_time_get_minute
g_date_time_get_month
g_date_time_get_second
g_date_time_get_seconds
g_date_time_get_timezone_abbreviation
g_date_time_get_utc_offset
g_date_time_get_week_numbering_year
g_date_time_get_week_of_year
g_date_time_get_year
g_date_time_get_ymd
g_date_time_hash
g_date_time_is_daylight_savings
g_date_time_new
g_date_time_new_from_timeval_local
g_date_time_new_from_timeval_utc
g_date_time_new_from_unix_local
g_date_time_new_from_unix_utc
g_date_time_new_local
g_date_time_new_now
g_date_time_new_now_local
g_date_time_new_now_utc
g_date_time_new_utc
g_date_time_ref
g_date_time_to_local
g_date_time_to_timeval
g_date_time_to_timezone
g_date_time_to_unix
g_date_time_to_utc
g_date_time_unref
g_date_to_struct_tm
g_date_valid
g_date_valid_day
g_date_valid_dmy
g_date_valid_julian
g_date_valid_month
g_date_valid_weekday
g_date_valid_year
g_dcgettext
g_dgettext
g_dir_close
g_dir_make_tmp
g_dir_open_utf8
g_dir_read_name_utf8
g_dir_rewind
g_direct_equal
g_direct_hash
g_dngettext
g_double_equal
g_double_hash
g_dpgettext
g_dpgettext2
g_environ_getenv
g_environ_setenv
g_environ_unsetenv
g_error_copy
g_error_free
g_error_matches
g_error_new
g_error_new_literal
g_error_new_valist
g_file_error_from_errno
g_file_error_quark
g_file_get_contents_utf8
g_file_open_tmp_utf8
g_file_read_link
g_file_set_contents
g_file_test_utf8
g_filename_display_basename
g_filename_display_name
g_filename_from_uri_utf8
g_filename_from_utf8_utf8
g_filename_to_uri_utf8
g_filename_to_utf8_utf8
g_find_program_in_path_utf8
g_fopen
g_format_size
g_format_size_for_display
g_format_size_full
g_fprintf
g_free
g_freopen
g_get_application_name
g_get_charset
g_get_codeset
g_get_current_dir_utf8
g_get_current_time
g_get_environ
g_get_filename_charsets
g_get_home_dir_utf8
g_get_host_name
g_get_language_names
g_get_locale_variants
g_get_monotonic_time
g_get_prgname
g_get_real_name_utf8
g_get_real_time
g_get_system_config_dirs
g_get_system_data_dirs
g_get_tmp_dir_utf8
g_get_user_cache_dir
g_get_user_config_dir
g_get_user_data_dir
g_get_user_name_utf8
g_get_user_runtime_dir
g_get_user_special_dir
g_getenv_utf8
g_hash_table_add
g_hash_table_contains
g_hash_table_destroy
g_hash_table_find
g_hash_table_foreach
g_hash_table_foreach_remove
g_hash_table_foreach_steal
g_hash_table_get_keys
g_hash_table_get_values
g_hash_table_insert
g_hash_table_iter_get_hash_table
g_hash_table_iter_init
g_hash_table_iter_next
g_hash_table_iter_remove
g_hash_table_iter_replace
g_hash_table_iter_steal
g_hash_table_lookup
g_hash_table_lookup_extended
g_hash_table_new
g_hash_table_new_full
g_hash_table_ref
g_hash_table_remove
g_hash_table_remove_all
g_hash_table_replace
g_hash_table_size
g_hash_table_steal
g_hash_table_steal_all
g_hash_table_unref
g_hmac_copy
g_hmac_get_digest
g_hmac_get_string
g_hmac_new
g_hmac_ref
g_hmac_unref
g_hmac_update
g_hook_alloc
g_hook_compare_ids
g_hook_destroy
g_hook_destroy_link
g_hook_find
g_hook_find_data
g_hook_find_func
g_hook_find_func_data
g_hook_first_valid
g_hook_free
g_hook_get
g_hook_insert_before
g_hook_insert_sorted
g_hook_list_clear
g_hook_list_init
g_hook_list_invoke
g_hook_list_invoke_check
g_hook_list_marshal
g_hook_list_marshal_check
g_hook_next_valid
g_hook_prepend
g_hook_ref
g_hook_unref
g_hostname_is_ascii_encoded
g_hostname_is_ip_address
g_hostname_is_non_ascii
g_hostname_to_ascii
g_hostname_to_unicode
g_iconv
g_iconv_close
g_iconv_open
g_idle_add
g_idle_add_full
g_idle_funcs
g_idle_remove_by_data
g_idle_source_new
g_int64_equal
g_int64_hash
g_int_equal
g_int_hash
g_intern_static_string
g_intern_string
g_io_add_watch
g_io_add_watch_full
g_io_channel_close
g_io_channel_error_from_errno
g_io_channel_error_quark
g_io_channel_flush
g_io_channel_get_buffer_condition
g_io_channel_get_buffer_size
g_io_channel_get_buffered
g_io_channel_get_close_on_unref
g_io_channel_get_encoding
g_io_channel_get_flags
g_io_channel_get_line_term
g_io_channel_init
g_io_channel_new_file_utf8
g_io_channel_read
g_io_channel_read_chars
g_io_channel_read_line
g_io_channel_read_line_string
g_io_channel_read_to_end
g_io_channel_read_unichar
g_io_channel_ref
g_io_channel_seek
g_io_channel_seek_position

Sections

.text
Size: 806KB - Virtual size: 805KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 512B - Virtual size: 119B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/35
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/51
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/63
Size: 1024B - Virtual size: 811B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/77
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/89
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/102
Size: 512B - Virtual size: 223B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/113
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/124
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libiconv-2.dll
.dll windows:4 windows x64 arch:x64

8b7962a3c72926b6329f640964a2d4e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

_strdup
__dllonexit
__iob_func
__mb_cur_max
_amsg_exit
_errno
_initterm
_lock
_onexit
_unlock
abort
atoi
calloc
free
fwrite
malloc
memcmp
memcpy
memset
qsort
setlocale
signal
sprintf
strchr
strcmp
strcpy
strlen
strncmp
vfprintf

Exports

Exports

_imp___libiconv_version
_libiconv_version
aliases2_lookup
aliases_lookup
iconv_canonicalize
libiconv
libiconv_close
libiconv_open
libiconv_open_into
libiconv_relocate
libiconv_set_relocation_prefix
libiconvctl
libiconvlist
locale_charset

Sections

.text
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 814KB - Virtual size: 813KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 433B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 512B - Virtual size: 119B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/35
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/51
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/63
Size: 1024B - Virtual size: 811B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/77
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/89
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/102
Size: 512B - Virtual size: 223B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/113
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/124
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libintl-8.dll
.dll windows:4 windows x64 arch:x64

01a69e35a483d04cbd3b0a614500b178

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

libiconv-2

libiconv
libiconv_open
libiconv_set_relocation_prefix

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

CloseHandle
CreateEventA
DeleteCriticalSection
EnterCriticalSection
EnumResourceLanguagesA
GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetEvent
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

_close
_getcwd
_open
_read
_strdup
__dllonexit
__iob_func
__mb_cur_max
_amsg_exit
_errno
_fstat64
_initterm
_lock
_onexit
_stricmp
_unlock
_vsnprintf
_vsnwprintf
abort
atoi
bsearch
calloc
fclose
feof
fgets
fopen
fputwc
free
fwrite
getenv
isalnum
isalpha
isspace
malloc
memcpy
memset
putc
qsort
realloc
setlocale
signal
sprintf
strchr
strcmp
strcpy
strcspn
strlen
strncmp
strncpy
strstr
strtoul
tolower
vfprintf
vfwprintf
vsprintf
wcschr
wcslen

Exports

Exports

__printf__
_nl_expand_alias
_nl_explode_name
_nl_find_domain
_nl_find_msg
_nl_language_preferences_default
_nl_load_domain
_nl_locale_name
_nl_locale_name_canonicalize
_nl_locale_name_default
_nl_locale_name_environ
_nl_locale_name_from_win32_LANGID
_nl_locale_name_from_win32_LCID
_nl_locale_name_posix
_nl_locale_name_thread
_nl_locale_name_thread_unsafe
_nl_log_untranslated
_nl_make_l10nflist
_nl_msg_cat_cntr
_nl_normalize_codeset
_nl_state_lock
bind_textdomain_codeset
bindtextdomain
dcgettext
dcngettext
dgettext
dngettext
gettext
libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_dcgettext
libintl_dcigettext
libintl_dcngettext
libintl_dgettext
libintl_dngettext
libintl_fprintf
libintl_fwprintf
libintl_gettext
libintl_gettext_extract_plural
libintl_gettext_free_exp
libintl_gettext_germanic_plural
libintl_gettextparse
libintl_hash_string
libintl_lock_destroy_func
libintl_lock_init_func
libintl_lock_lock_func
libintl_lock_unlock_func
libintl_ngettext
libintl_nl_current_default_domain
libintl_nl_default_default_domain
libintl_nl_default_dirname
libintl_nl_domain_bindings
libintl_once_func
libintl_recursive_lock_destroy_func
libintl_recursive_lock_init_func
libintl_recursive_lock_lock_func
libintl_recursive_lock_unlock_func
libintl_relocate
libintl_rwlock_destroy_func
libintl_rwlock_init_func
libintl_rwlock_rdlock_func
libintl_rwlock_unlock_func
libintl_rwlock_wrlock_func
libintl_set_relocation_prefix
libintl_setlocale
libintl_snprintf
libintl_sprintf
libintl_swprintf
libintl_textdomain
libintl_vasnprintf
libintl_vasnwprintf
libintl_version
libintl_vfprintf
libintl_vfwprintf
libintl_vprintf
libintl_vsnprintf
libintl_vsprintf
libintl_vswprintf
libintl_vwprintf
libintl_wprintf
locale_charset
ngettext
textdomain
xmax
xsum
xsum3
xsum4

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 512B - Virtual size: 119B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/35
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/51
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/63
Size: 1024B - Virtual size: 811B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/77
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/89
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/102
Size: 512B - Virtual size: 223B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/113
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/124
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mt32emu-qt.exe
.exe windows:6 windows x64 arch:x64

da9d216c3a161550bf53739b191703b8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

winmm

midiInStart
midiInReset
midiInUnprepareHeader
midiInClose
waveOutGetPosition
timeEndPeriod
midiInGetNumDevs
waveOutGetDevCapsW
waveOutGetErrorTextW
waveOutPause
timeBeginPeriod
waveOutMessage
waveInGetNumDevs
waveInGetDevCapsW
midiInGetDevCapsA
waveInOpen
waveInClose
waveInPrepareHeader
waveInUnprepareHeader
waveInAddBuffer
waveInStart
waveInReset
waveInMessage
mixerGetLineInfoW
mixerGetID
mixerGetLineControlsW
mixerGetControlDetailsW
mixerSetControlDetails
PlaySoundW
timeSetEvent
timeKillEvent
midiInAddBuffer
midiInPrepareHeader
waveInGetErrorTextW
timeGetDevCaps
midiInOpen
waveOutWrite
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutClose
waveOutGetNumDevs
waveOutGetDevCapsA
waveOutRestart
timeGetTime

kernel32

TlsFree
GetSystemInfo
GetStdHandle
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetExitCodeProcess
GetTickCount64
GetSystemTime
GetLocalTime
GetSystemDirectoryW
LoadLibraryW
GetDateFormatW
GetTimeFormatW
GetCurrencyFormatW
GetUserDefaultLCID
GetUserPreferredUILanguages
GetFileAttributesExW
GetStartupInfoW
GetModuleFileNameW
GetCurrentDirectoryW
CreateDirectoryW
DeleteFileW
FindClose
FindFirstFileW
GetFileAttributesW
GetFileInformationByHandle
GetFullPathNameW
GetLogicalDrives
RemoveDirectoryW
SetFileTime
GetTempPathW
GetVolumePathNamesForVolumeNameW
SetErrorMode
CopyFileW
MoveFileW
MoveFileExW
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
SystemTimeToFileTime
GetFileInformationByHandleEx
FlushFileBuffers
GetFileType
ReadFile
SetEndOfFile
TlsGetValue
WriteFile
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
ReadFileEx
PeekNamedPipe
CancelIoEx
SleepEx
WriteFileEx
UnregisterWaitEx
RegisterWaitForSingleObject
CompareStringW
LCMapStringW
MultiByteToWideChar
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextChangeNotification
FindFirstFileExW
FindNextFileW
GetModuleHandleExW
GetTimeZoneInformation
GetGeoInfoW
GetUserGeoID
ExitProcess
ReleaseMutex
CreateMutexW
VirtualAlloc
VirtualFree
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
CreateThread
SwitchToThread
CreateEventW
DuplicateHandle
IsProcessorFeaturePresent
TerminateProcess
OutputDebugStringW
CompareStringEx
GetCommandLineW
GetUserDefaultLangID
GetCurrentProcessId
GlobalSize
GetLocaleInfoW
GlobalLock
GlobalUnlock
OpenProcess
CheckRemoteDebuggerPresent
CreateProcessW
ExpandEnvironmentStringsW
WTSGetActiveConsoleSessionId
FormatMessageW
GetModuleHandleW
GetConsoleWindow
GetProcessHeap
HeapFree
HeapAlloc
lstrcmpW
GetCurrentThreadId
GetThreadPriority
SignalObjectAndWait
LoadLibraryA
GetProcAddress
FreeLibrary
GetPriorityClass
ResumeThread
GetExitCodeThread
TerminateThread
GetCurrentThread
GetCurrentProcess
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
RtlPcToFileHeader
RaiseException
GetStringTypeW
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
RtlUnwindEx
LoadLibraryExW
ExitThread
RtlUnwind
FreeLibraryAndExitThread
GetCommandLineA
GetConsoleMode
WaitForMultipleObjectsEx
DeviceIoControl
CreateFileW
LocalAlloc
CancelWaitableTimer
WaitForSingleObjectEx
WideCharToMultiByte
FormatMessageA
LocalFree
GetVersionExA
SetThreadPriority
WaitForMultipleObjects
ResetEvent
SetEvent
GetEnvironmentVariableA
GlobalFree
GlobalAlloc
GetDriveTypeW
GetLongPathNameW
GetVolumeInformationW
CreateEventA
CreateWaitableTimerA
CloseHandle
WaitForSingleObject
SetWaitableTimer
GetLastError
GetModuleHandleA
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
GetConsoleOutputCP
SetFileAttributesW
SetStdHandle
IsValidLocale
EnumSystemLocalesW
GetFileSizeEx
HeapReAlloc
SetEnvironmentVariableW
IsValidCodePage
GetACP
GetOEMCP
HeapSize
WriteConsoleW
TlsSetValue
SetFilePointerEx
ReadConsoleW

user32

ToAscii
GetKeyboardState
GetKeyState
IsZoomed
PeekMessageW
FindWindowA
SetCaretPos
ShowCaret
HideCaret
DestroyCaret
CreateCaret
IsWindowEnabled
RegisterWindowMessageW
GetKeyboardLayout
RegisterClipboardFormatW
ChangeClipboardChain
SetClipboardViewer
IsHungAppWindow
LoadIconW
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromWindow
SetMenuItemInfoW
GetMenuItemInfoW
TrackPopupMenu
RemoveMenu
ModifyMenuW
AppendMenuW
InsertMenuW
DestroyMenu
CreatePopupMenu
UnregisterDeviceNotification
DrawMenuBar
SetMenu
LoadImageW
GetSysColorBrush
ChildWindowFromPointEx
WindowFromPoint
GetCursorPos
GetFocus
RegisterClassExW
GetClassInfoW
UnregisterClassW
UnregisterPowerSettingNotification
RegisterPowerSettingNotification
GetKeyboardLayoutList
GetAncestor
MonitorFromPoint
CharNextExA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
KillTimer
SetTimer
MsgWaitForMultipleObjectsEx
GetQueueStatus
DispatchMessageW
TranslateMessage
ToUnicode
PostThreadMessageW
ChangeWindowMessageFilterEx
RealGetWindowClassW
EnumWindows
CreateMenu
DestroyIcon
DestroyCursor
GetWindow
SetParent
GetParent
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
GetWindowLongW
ScreenToClient
ClientToScreen
SetCursor
AdjustWindowRectEx
GetWindowRect
GetClientRect
SetWindowTextW
InvalidateRect
SetWindowRgn
GetUpdateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
GetWindowTextW
CloseTouchInputHandle
GetTouchInputInfo
GetAsyncKeyState
GetMessageExtraInfo
TrackMouseEvent
GetClipboardFormatNameW
GetMenu
ReleaseCapture
SetCapture
GetCapture
IsTouchWindow
UnregisterTouchWindow
RegisterTouchWindow
SetFocus
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindowEx
SetLayeredWindowAttributes
UpdateLayeredWindow
ShowWindow
IsChild
CreateWindowExW
AttachThreadInput
PostMessageW
SendMessageW
UpdateLayeredWindowIndirect
GetCaretBlinkTime
MessageBeep
IsWindow
GetDoubleClickTime
MessageBoxW
DestroyWindow
DefWindowProcW
GetDesktopWindow
SystemParametersInfoW
GetSysColor
GetSystemMetrics
EnableMenuItem
GetSystemMenu
ReleaseDC
GetDC
PostMessageA
GetMessageA
CreateWindowExA
RegisterClassA
DefWindowProcA
EnumDisplayDevicesW
RegisterClassW
GetCursorInfo
GetIconInfo
CreateIconIndirect
CreateCursor
LoadCursorW
GetCursor
SetCursorPos
TrackPopupMenuEx
MapVirtualKeyW
RegisterDeviceNotificationW
DrawIconEx
GetWindowThreadProcessId

gdi32

GetBitmapBits
GetObjectW
CreateFontIndirectW
EnumFontFamiliesExW
GetFontData
GetStockObject
AddFontResourceExW
RemoveFontResourceExW
AddFontMemResourceEx
SetPixelFormat
GetTextMetricsW
GetTextFaceW
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetGlyphOutlineW
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetCharABCWidthsI
SetBkMode
SetGraphicsMode
SetTextColor
SetTextAlign
SetWorldTransform
ExtTextOutW
GetPixelFormat
DescribePixelFormat
ChoosePixelFormat
CreateBitmap
CreateDCW
CreateCompatibleBitmap
GetDeviceCaps
SetLayout
OffsetRgn
BitBlt
GdiFlush
CreateDIBSection
SelectObject
SelectClipRgn
GetRegionData
DeleteObject
DeleteDC
CreateRectRgn
CreateCompatibleDC
GetDIBits
SwapBuffers
RemoveFontMemResourceEx
CombineRgn

shell32

SHGetKnownFolderPath
CommandLineToArgvW
Shell_NotifyIconGetRect
SHBrowseForFolderW
SHGetKnownFolderIDList
SHGetPathFromIDListW
SHGetMalloc
SHCreateItemFromIDList
ShellExecuteW
ord727
SHGetStockIconInfo
SHGetFileInfoW
SHCreateItemFromParsingName
Shell_NotifyIconW

ole32

OleSetClipboard
OleGetClipboard
CoTaskMemFree
OleIsCurrentClipboard
DoDragDrop
ReleaseStgMedium
CoGetMalloc
CoUninitialize
CoInitializeEx
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
CoCreateInstance
PropVariantClear
CoInitialize
StringFromGUID2
CoCreateGuid
CoLockObjectExternal
OleUninitialize
RegisterDragDrop
RevokeDragDrop
OleFlushClipboard
OleInitialize

oleaut32

SysAllocString
VariantClear
SysFreeString
SafeArrayCreateVector
SafeArrayPutElement
VariantInit

advapi32

GetLengthSid
DuplicateToken
BuildTrusteeWithSidW
GetNamedSecurityInfoW
GetEffectiveRightsFromAclW
LookupAccountSidW
CopySid
AllocateAndInitializeSid
AccessCheck
OpenProcessToken
RegSetValueExW
RegQueryInfoKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
SystemFunction036
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
MapGenericMask
FreeSid

imm32

ImmGetVirtualKey
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmNotifyIME
ImmGetOpenStatus
ImmGetDefaultIMEWnd
ImmGetContext
ImmReleaseContext
ImmAssociateContext
ImmAssociateContextEx
ImmGetCompositionStringW

userenv

GetUserProfileDirectoryW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

netapi32

NetShareEnum
NetApiBufferFree

ws2_32

htonl
WSAAsyncSelect

uxtheme

GetThemeTransitionDuration
CloseThemeData
ord47
GetThemeBackgroundRegion
GetThemePropertyOrigin
GetThemeBool
SetWindowTheme
IsThemeActive
IsAppThemed
GetCurrentThemeName
GetThemeMargins
IsThemeBackgroundPartiallyTransparent
GetThemeEnumValue
OpenThemeData
GetThemePartSize
GetThemeColor
GetThemeInt

dwmapi

DwmEnableBlurBehindWindow
DwmGetWindowAttribute
DwmSetWindowAttribute
DwmIsCompositionEnabled

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

iphlpapi

ConvertInterfaceLuidToNameW
GetAdaptersAddresses
ConvertInterfaceIndexToLuid
ConvertInterfaceNameToLuidW

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsA
SetupDiOpenDeviceInterfaceRegKey
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceInterfaceAlias
SetupDiEnumDeviceInterfaces

Sections

.text
Size: 8.9MB - Virtual size: 8.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 445KB - Virtual size: 445KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 1024B - Virtual size: 767B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmimed
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gehcont
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mt32emu-qt.ico
mt32emu-smf2wav.exe
.exe windows:6 windows x64 arch:x64

3de693c02948ca2ac0a84036e4facbf1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

libglib-2.0-0

g_ptr_array_remove_index
g_ptr_array_remove
g_ptr_array_sort
g_ptr_array_free
g_ptr_array_add
g_ptr_array_new
g_snprintf
g_log
g_hash_table_new
g_build_filename
g_dir_read_name_utf8
g_hash_table_contains
g_option_context_free
g_option_context_add_main_entries
g_strv_length
g_strfreev
g_dir_close
g_dir_rewind
g_hash_table_add
g_option_context_parse
g_file_get_contents_utf8
g_error_free
g_file_test_utf8
g_hash_table_destroy
g_option_context_get_help
g_dir_open_utf8
g_locale_from_utf8
g_option_context_new
g_filename_from_utf8_utf8
g_malloc_n
g_filename_to_utf8_utf8
g_free

kernel32

GetCurrentProcess
SetEndOfFile
WriteConsoleW
HeapSize
CreateFileW
GetProcessHeap
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
FlushFileBuffers
HeapReAlloc
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
GetFileType
SetFilePointerEx
GetFileSizeEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLastError
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
EncodePointer
DecodePointer
MultiByteToWideChar
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlUnwind
TerminateProcess
IsProcessorFeaturePresent
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwindEx
RtlPcToFileHeader
RaiseException
FreeLibrary
LoadLibraryExW
QueryPerformanceFrequency
ReadFile
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapAlloc
HeapFree

Sections

.text
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gehcont
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mt32emu_win32drv/drvsetup.exe
.exe windows:5 windows x86 arch:x86

001c0dde615699788d90ff515ef54830

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiEnumDeviceInfo
SetupDiSetDeviceRegistryPropertyA
SetupDiCreateDevRegKeyA
SetupDiGetDeviceRegistryPropertyA
SetupDiRemoveDevice
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
SetupDiCreateDeviceInfoA
SetupDiRegisterDeviceInfo
SetupDiCallClassInstaller

kernel32

GetLocaleInfoA
MoveFileExA
GetCurrentProcess
GetEnvironmentVariableA
GetLastError
CopyFileA
GetTempFileNameA
MoveFileA
GetModuleHandleA
GetCurrentDirectoryA
DeleteFileA
GetStringTypeW
HeapSize
GetProcAddress
TlsSetValue
GetCommandLineA
SetUnhandledExceptionFilter
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSectionAndSpinCount
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA

user32

MessageBoxA

advapi32

RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
mt32emu_win32drv/infinstall.exe
.exe windows:5 windows x86 arch:x86

73dd293c6e2179d3dfe77948d1d11e01

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesA

setupapi

SetupDiDestroyDeviceInfoList
SetupDiSetDeviceRegistryPropertyA
SetupDiCallClassInstaller
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiCreateDeviceInfoA
SetupDiGetClassDevsA

kernel32

WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetFullPathNameA
GetLastError
GetCurrentDirectoryA
FreeLibrary
WideCharToMultiByte
CreateFileA
MultiByteToWideChar
GetProcAddress
LoadLibraryA
GetModuleHandleA
CloseHandle
HeapSize
GetConsoleMode
FlushFileBuffers
TlsFree
GetCommandLineA
HeapFree
HeapAlloc
SetUnhandledExceptionFilter
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP

user32

wsprintfA
MessageBoxA

advapi32

CryptGenKey
CryptReleaseContext
CryptAcquireContextW
CryptDestroyKey

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
mt32emu_win32drv/infinstall_x64.exe
.exe windows:6 windows x64 arch:x64

62904ec1558c7b4284b1f21173bbfc21

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesA

setupapi

SetupDiCallClassInstaller
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiCreateDeviceInfoA
SetupDiSetDeviceRegistryPropertyA
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList

kernel32

GetConsoleCP
FlushFileBuffers
HeapReAlloc
HeapSize
SetFilePointerEx
GetFullPathNameA
GetCurrentDirectoryA
GetLastError
FindNextFileW
FindClose
GetConsoleMode
GetModuleHandleA
MultiByteToWideChar
LoadLibraryA
CloseHandle
GetProcAddress
FreeLibrary
WideCharToMultiByte
GetProcessHeap
LCMapStringW
WriteConsoleW
CreateFileW
LeaveCriticalSection
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwindEx
SetLastError
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
RaiseException
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapAlloc
HeapFree
GetFileType
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetStringTypeW
CompareStringW

user32

wsprintfA
MessageBoxA

advapi32

CryptAcquireContextW
CryptGenKey
CryptReleaseContext
CryptDestroyKey

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mt32emu_win32drv/mt32emu.cat
mt32emu_win32drv/mt32emu.dll
.dll windows:5 windows x86 arch:x86

bc1c806062eac2149e9193845abbde44

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime
DriverCallback
waveOutClose
waveOutWrite
waveOutPause
waveOutGetPosition
waveOutRestart
waveOutReset
waveOutGetDevCapsA
waveOutUnprepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutPrepareHeader

kernel32

SetEndOfFile
GetModuleHandleA
CreateFileA
CreateFileW
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
lstrlenA
lstrcpynA
WaitForSingleObject
SetEvent
Sleep
GetProcessHeap
lstrcatA
GetEnvironmentVariableA
SetThreadPriority
lstrcmpiA
CloseHandle
lstrcpyA
QueryPerformanceCounter
GetModuleHandleW
GetModuleFileNameA
QueryPerformanceFrequency
InitializeCriticalSectionAndSpinCount
LoadLibraryA
IsValidLocale
CreateEventA
LCMapStringA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitThread
GetLastError
ResumeThread
CreateThread
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
HeapFree
GetCPInfo
RaiseException
RtlUnwind
LCMapStringW
HeapAlloc
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
ExitProcess
HeapSize
WriteFile
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
ReadFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA

user32

FindWindowW
SendMessageW
MessageBoxW

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey

Exports

Exports

DriverProc
modMessage

Sections

.text
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mt32emu_win32drv/mt32emu.inf
mt32emu_win32drv/mt32emu_x64.dll
.dll windows:6 windows x64 arch:x64

80ea9e1f879aa3decad41cc741aa1b7c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

winmm

waveOutGetDevCapsA
DriverCallback
timeGetTime
waveOutWrite
waveOutGetNumDevs
waveOutUnprepareHeader
waveOutClose
waveOutRestart
waveOutReset
waveOutPause
waveOutOpen
waveOutPrepareHeader
waveOutGetPosition

kernel32

HeapSize
CreateFileW
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
SetThreadPriority
lstrlenA
GetEnvironmentVariableA
WaitForSingleObject
lstrcatA
WriteConsoleW
SetEvent
lstrcpyA
CloseHandle
lstrcpynA
lstrcmpiA
CreateEventA
GetModuleFileNameA
QueryPerformanceFrequency
GetModuleHandleW
QueryPerformanceCounter
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
SetEndOfFile
Sleep
RtlCaptureContext
GetLastError
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetProcAddress
EncodePointer
DecodePointer
MultiByteToWideChar
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
ResetEvent
WaitForSingleObjectEx
RtlUnwind
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
FreeLibrary
LoadLibraryExW
CreateThread
ExitThread
ResumeThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
HeapAlloc
HeapFree
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
ReadFile
ReadConsoleW
HeapReAlloc

user32

FindWindowW
MessageBoxW
SendMessageW

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey

Exports

Exports

DriverProc
modMessage

Sections

.text
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gehcont
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ced282d9b261d1462772017fe2f6972b

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shell32

ole32

comctl32

user32

gdi32

kernel32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 106KB

.ndata Size: - Virtual size: 48KB

.rsrc Size: 30KB - Virtual size: 29KB

610235b90207a63ccf481f0d4375d329

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

17fb6a8708b9c0bb2d5d8687870eb415

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 296B

.reloc Size: 1024B - Virtual size: 568B

8c8a576201f68de1a3f26fc723b9f30f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 867B

.data Size: 512B - Virtual size: 104B

.reloc Size: 1024B - Virtual size: 636B

d576645bcd8a66d2fe678a075f4cc6e0

Headers

DLL Characteristics

File Characteristics

Imports

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 106KB

.ndata
Size: - Virtual size: 48KB

.rsrc
Size: 30KB - Virtual size: 29KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 296B

.reloc
Size: 1024B - Virtual size: 568B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 867B

.data
Size: 512B - Virtual size: 104B

.reloc
Size: 1024B - Virtual size: 636B

.text
Size: 1024B - Virtual size: 711B

.rdata
Size: 1024B - Virtual size: 705B

.data
Size: 512B - Virtual size: 88B

.reloc
Size: 512B - Virtual size: 240B

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 106KB

.ndata
Size: - Virtual size: 48KB

.rsrc
Size: 30KB - Virtual size: 29KB

.text
Size: 1024B - Virtual size: 711B

.rdata
Size: 1024B - Virtual size: 705B

.data
Size: 512B - Virtual size: 88B

.reloc
Size: 512B - Virtual size: 240B

.text
Size: 806KB - Virtual size: 805KB

.data
Size: 9KB - Virtual size: 9KB

.rdata
Size: 362KB - Virtual size: 361KB

.bss
Size: - Virtual size: 7KB

.edata
Size: 47KB - Virtual size: 47KB

.idata
Size: 8KB - Virtual size: 7KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 72B

.rsrc
Size: 1024B - Virtual size: 932B

.reloc
Size: 1KB - Virtual size: 1KB

/4
Size: 512B - Virtual size: 96B

/19
Size: 512B - Virtual size: 119B

/35
Size: 512B - Virtual size: 340B