hidcfu.pdb
Static task
static1
1 signatures
General
-
Target
x64-.x32.-installer.zip
-
Size
36.1MB
-
MD5
28a4f7ec6f76c1b6c945d7d9486653ff
-
SHA1
487e1081e509a6c2c5e95bf3d8d867d4249c6cd7
-
SHA256
ccdaee14bcfae53e63d76379beaa59e34b14869fc846c0f294a34dc1f8525630
-
SHA512
c2e7e6f9a78d9fa363fc002e86751cff9dd6b37277a1a4bf4b4c64c49af98ffd4a7af8cf14461d41141e3f30e7b4b5c435b34bb7fa0215d478ab5bcf7e9bcfca
-
SSDEEP
786432:Waj6T2MurKVuRzsz60F+anbufbXVriHF4j0Exlrz/Uozo3:Wa1MfVHH+S6Dhil006lrz/Uozo3
Score
3/10
Malware Config
Signatures
-
Unsigned PE 8 IoCs
Checks for missing Authenticode signature.
resource unpack002/HidCfu/HidCfu.dll unpack002/HidCfu/odbccp32.dll unpack002/UpdateAgent/umrdp.dll unpack002/shwebsvc/Startupscan.dll unpack002/shwebsvc/shwebsvc.dll unpack002/vwlanui/FXSUTILITY.dll unpack002/vwlanui/cscui.dll unpack002/vwlanui/wlanui.dll
Files
-
x64-.x32.-installer.zip.zip
Password: 2024
-
password.jpg
-
x64.-x32.setup.zip.zip
Password: 2024
-
HidCfu/HidCfu.dll.dll windows:10 windows x64 arch:x64
Password: 2024
08d399d4a7040048e1d3c77679c41e93
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
msvcrt
__C_specific_handler
_initterm
malloc
memcpy_s
atoi
strstr
_vsnwprintf
strncpy_s
swprintf_s
free
_XcptFilter
memset
_amsg_exit
memcpy
??3@YAXPEAX@Z
strcmp
ntdll
DbgPrintEx
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlInitUnicodeString
RtlCompareUnicodeString
RtlCompareMemory
api-ms-win-eventing-provider-l1-1-0
EventUnregister
EventWriteTransfer
EventRegister
EventSetInformation
api-ms-win-eventing-classicprovider-l1-1-0
GetTraceEnableLevel
GetTraceEnableFlags
UnregisterTraceGuids
RegisterTraceGuidsW
TraceMessage
GetTraceLoggerHandle
api-ms-win-core-file-l1-1-0
ReadFile
GetFileSizeEx
CreateFileW
api-ms-win-core-errorhandling-l1-1-0
UnhandledExceptionFilter
GetLastError
SetUnhandledExceptionFilter
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-registry-l1-1-0
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegDeleteValueW
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-processthreads-l1-1-0
GetCurrentProcess
CreateThread
GetCurrentThread
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
api-ms-win-core-sysinfo-l1-1-0
GetSystemTimeAsFileTime
GetTickCount
wpprecorderum
WppAutoLogTrace
WppAutoLogStart
WppAutoLogStop
api-ms-win-core-com-l1-1-0
CLSIDFromString
api-ms-win-devices-config-l1-1-1
CM_Get_Device_Interface_ListW
CM_Get_Device_Interface_List_SizeW
CM_Get_Device_Interface_PropertyW
CM_Register_Notification
CM_Unregister_Notification
api-ms-win-core-sysinfo-l1-2-0
GetSystemFirmwareTable
api-ms-win-core-localization-l1-2-0
GetACP
api-ms-win-core-string-l1-1-0
WideCharToMultiByte
MultiByteToWideChar
hid
HidP_GetCaps
HidP_GetSpecificValueCaps
HidP_InitializeReportForID
api-ms-win-eventlog-legacy-l1-1-0
DeregisterEventSource
RegisterEventSourceW
ReportEventW
api-ms-win-core-synch-l1-1-0
CreateEventW
SetEvent
WaitForSingleObjectEx
WaitForMultipleObjectsEx
ResetEvent
api-ms-win-core-heap-l1-1-0
GetProcessHeap
HeapFree
HeapAlloc
Exports
Exports
FxDriverEntryUm
Sections
.text Size: 92KB - Virtual size: 91KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
INIT Size: 1024B - Virtual size: 777B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
PAGE Size: 88KB - Virtual size: 88KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 256B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
HidCfu/ResetEngine.dll.dll windows:10 windows x64 arch:x64
Password: 2024
3821e09580f32d521363416d0ad97e29
Code Sign
33:00:00:03:3c:89:c6:6a:7b:45:bb:1f:bd:00:00:00:00:03:3cCertificate
IssuerCN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before02/09/2021, 18:23Not After01/09/2022, 18:23SubjectCN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:07:76:56:00:00:00:00:00:08Certificate
IssuerCN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before19/10/2011, 18:41Not After19/10/2026, 18:51SubjectCN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
5e:08:a9:ee:63:39:7f:bf:0c:a3:e9:62:e3:7a:c3:54:f0:7c:3d:40:5d:e6:ea:fc:cb:27:61:e2:92:9b:e8:90Signer
Actual PE Digest5e:08:a9:ee:63:39:7f:bf:0c:a3:e9:62:e3:7a:c3:54:f0:7c:3d:40:5d:e6:ea:fc:cb:27:61:e2:92:9b:e8:90Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
ResetEngine.pdb
Imports
msvcrt
_wtoi64
towupper
_vsnprintf
_wtof
wcsrchr
_wcsnicmp
wcsstr
wcstoul
_wtoi
_vsnwprintf
wcschr
_wtol
iswspace
strstr
wcsspn
__RTDynamicCast
memcmp
memcpy
memmove
memset
strcmp
realloc
_errno
_onexit
__dllonexit
_unlock
_lock
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
_initterm
_amsg_exit
_XcptFilter
_CxxThrowException
_callnewh
?what@exception@@UEBAPEBDXZ
??1exception@@UEAA@XZ
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBQEBDH@Z
wcscspn
strncpy_s
strtol
_set_errno
strchr
strrchr
bsearch
__iob_func
__CxxFrameHandler3
towlower
malloc
wcscpy_s
__C_specific_handler
_purecall
calloc
vswprintf_s
_vscwprintf
free
memmove_s
memcpy_s
iswalpha
wcsncmp
wcstok_s
??0exception@@QEAA@AEBQEBD@Z
_vsnprintf_s
??0exception@@QEAA@XZ
swprintf_s
_wcsupr
fwprintf
_vsnwprintf_s
fflush
_wcsicmp
sprintf_s
wcscmp
advapi32
ConvertStringSidToSidW
QueryAllTracesW
GetTraceLoggerHandle
IsWellKnownSid
CryptImportKey
CryptExportKey
EventRegister
EventWriteTransfer
EventUnregister
RegGetValueW
CryptGetKeyParam
CryptDecrypt
CryptDestroyKey
RegOpenKeyExW
ControlTraceW
EventSetInformation
CloseTrace
StopTraceW
EnableTraceEx
StartTraceW
RegLoadKeyW
RegUnLoadKeyW
RegDeleteKeyW
RegGetKeySecurity
AdjustTokenPrivileges
LookupPrivilegeValueW
CryptReleaseContext
CryptGenRandom
CryptAcquireContextW
SetFileSecurityW
GetFileSecurityW
RegDeleteKeyExW
RegSetKeySecurity
RegDeleteValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExW
OpenProcessToken
RegEnumKeyExW
RevertToSelf
RegCloseKey
RegQueryInfoKeyW
CredReadW
RegCreateKeyExW
ImpersonateLoggedOnUser
RegDeleteTreeW
RegSetValueExW
RegEnumValueW
kernel32
AcquireSRWLockShared
CreateMutexExW
CreateThreadpoolTimer
CopyFileW
GetErrorMode
ReleaseSRWLockShared
OutputDebugStringA
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
Sleep
WideCharToMultiByte
CompareStringW
LeaveCriticalSection
EnterCriticalSection
RaiseException
DeleteCriticalSection
InitializeCriticalSection
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
GetLastError
GetSystemWindowsDirectoryW
GetProcessHeap
HeapFree
FindResourceExW
CreateMutexW
WaitForSingleObject
GetFileAttributesW
ReleaseMutex
GetSystemDirectoryW
GlobalFree
CloseHandle
GetProcAddress
WTSGetActiveConsoleSessionId
ExitProcess
FreeLibrary
LoadLibraryExW
OutputDebugStringW
FormatMessageW
IsDebuggerPresent
LocalFree
CreateFileW
LoadResource
ReadFile
CreateDirectoryW
SetLastError
GetFullPathNameW
GetLongPathNameW
GetFinalPathNameByHandleW
GetModuleFileNameW
GetTempPathW
GetVolumePathNameW
GetVolumeNameForVolumeMountPointW
GetCurrentDirectoryW
GetDriveTypeW
SetThreadpoolTimer
QueryDosDeviceW
GetVersionExW
GetSystemInfo
VerSetConditionMask
ExpandEnvironmentStringsW
GetFileInformationByHandleEx
FindFirstFileW
FindNextFileW
GetDiskFreeSpaceW
DeviceIoControl
FindClose
SetFileAttributesW
GetFileInformationByHandle
SetFileInformationByHandle
DeleteFileW
GetModuleHandleW
CopyFileExW
FlushFileBuffers
SetEnvironmentVariableW
OpenEventW
SetEvent
CreateThread
ResetEvent
GetVolumePathNamesForVolumeNameW
MoveFileExW
RemoveDirectoryW
CopyFile2
WriteFile
GetDiskFreeSpaceExW
TlsAlloc
TlsGetValue
TlsSetValue
CreateEventW
WaitForMultipleObjects
GetOverlappedResult
CancelIoEx
CreateNamedPipeW
CreateProcessW
GetExitCodeProcess
GetFirmwareEnvironmentVariableW
OpenThread
SuspendThread
GetModuleHandleExW
GetLocaleInfoEx
GetSystemTime
SystemTimeToTzSpecificLocalTime
GetLocalTime
GetDateFormatEx
GetTimeFormatEx
GetSystemPreferredUILanguages
QueryPerformanceFrequency
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
OpenSemaphoreW
WaitForSingleObjectEx
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
CloseThreadpoolTimer
GetCompressedFileSizeW
GetWindowsDirectoryW
DebugBreak
SetFilePointer
GetPrivateProfileSectionW
RtlCompareMemory
LockResource
SizeofResource
MultiByteToWideChar
SetErrorMode
LocalAlloc
GetLocaleInfoW
GetModuleFileNameA
CreateSemaphoreExW
ReleaseSemaphore
InitializeCriticalSectionEx
WaitForThreadpoolTimerCallbacks
VirtualQuery
LoadLibraryExA
VirtualProtect
GetFirmwareType
PowerSetRequest
PowerCreateRequest
PowerClearRequest
SetThreadExecutionState
GetSystemPowerStatus
GetPrivateProfileSectionNamesW
GetFileSize
ole32
CoGetMalloc
CoInitializeEx
StringFromCLSID
CoTaskMemFree
CoCreateGuid
CLSIDFromString
CoCreateInstance
StringFromGUID2
user32
UnregisterClassA
LoadStringW
GetSystemMetrics
FindWindowExW
ntdll
NtPowerInformation
RtlDosPathNameToNtPathName_U
RtlFreeUnicodeString
RtlCheckPortableOperatingSystem
NtCreateFile
NtQueryObject
RtlGetNtProductType
NtWriteFile
NtQuerySystemInformation
RtlStringFromGUID
NtQueryLicenseValue
RtlDosPathNameToNtPathName_U_WithStatus
RtlAllocateHeap
RtlFreeHeap
NtSetInformationFile
RtlNtStatusToDosError
RtlSetThreadErrorMode
RtlInitUnicodeString
NtOpenSymbolicLinkObject
NtQuerySymbolicLinkObject
NtOpenFile
NtClose
NtReadFile
oleaut32
BSTR_UserSize
SysAllocString
BSTR_UserFree
BSTR_UserUnmarshal64
SysFreeString
BSTR_UserMarshal
BSTR_UserFree64
BSTR_UserSize64
BSTR_UserMarshal64
BSTR_UserUnmarshal
wdscore
WdsInitialize
WdsSetupLogMessageW
CurrentIP
ConstructPartialMsgVW
WdsTerminate
shlwapi
PathRemoveBackslashW
StrStrIW
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeExW
GetFileVersionInfoExW
GetFileVersionInfoSizeW
wtsapi32
WTSEnumerateSessionsW
WTSQueryUserToken
WTSFreeMemory
rpcrt4
RpcBindingFree
RpcStringBindingComposeW
NdrServerCallAll
UuidCreate
NdrClientCall3
RpcStringFreeW
RpcBindingFromStringBindingW
NdrServerCall2
api-ms-win-devices-config-l1-1-0
CM_Unregister_Notification
CM_Register_Notification
bcd
BcdGetElementData
BcdSetElementData
BcdOpenObject
BcdCloseStore
BcdFlushStore
BcdDeleteElement
BcdDeleteSystemStore
BcdCloseObject
BcdOpenStore
BcdForciblyUnloadStore
SyspartGetSystemPartition
BcdDeleteObject
BcdQueryObject
BcdExportStore
BcdCopyObjectEx
BcdGetSystemStorePath
BcdEnumerateObjects
BcdSetElementDataWithFlags
BcdCreateStore
BcdCopyObjects
BcdOpenStoreFromFile
BcdSetLogging
dismapi
DismOpenSession
DismShutdown
DismCloseSession
DismDelete
DismInitialize
_DismGetEffectiveSystemUILanguage
fveapi
FveGetStatus
FveCloseVolume
FveOpenVolumeW
FveAddAuthMethodInformation
FveCommitChanges
FveConversionDecrypt
FveRevertVolume
FveGetAuthMethodInformation
FveDeleteAuthMethod
FveConversionEncryptEx
FveDeleteDeviceEncryptionOptOutForVolumeW
reagent
WinReHashWimFile
WinReInstallOnTargetOS
WinReGetConfig
WinReCopyDiagnosticFiles
WinReSetRecoveryAction
profapi
ord104
wimgapi
WIMLoadImage
WIMCreateFile
WIMFindFirstImageFile
WIMExtractImagePath
WIMFindNextImageFile
WIMAddImagePath
WIMUnmountImage
WIMCloseHandle
WIMGetAttributes
WIMWriteFileWithIntegrity
WIMRegisterMessageCallback
WIMUnregisterMessageCallback
WIMSetReferenceFile
WIMSetTemporaryPath
WIMGetImageInformation
WIMApplyImage
WIMSplitFile
WIMUnregisterLogFile
WIMRegisterLogFile
WIMReadFileEx
setupapi
SetupDiOpenDeviceInfoW
SetupIterateCabinetW
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceInterfacePropertyW
SetupDiDestroyDeviceInfoList
SetupDiGetDevicePropertyW
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
crypt32
CertVerifyCertificateChainPolicy
tbs
Tbsi_Context_Create
Tbsi_Physical_Presence_Command
Tbsi_GetDeviceInfo
Tbsip_Context_Close
wintrust
WinVerifyTrust
WTHelperProvDataFromStateData
WTHelperGetProvSignerFromChain
xmllite
CreateXmlWriter
CreateXmlReader
bcrypt
BCryptCloseAlgorithmProvider
api-ms-win-core-processenvironment-l1-1-0
SearchPathW
api-ms-win-core-localization-obsolete-l1-2-0
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
Exports
Exports
ResetApplyCloudPartitionLayout
ResetArmBootTrigger
ResetCancelCleanup
ResetCancelImageDownload
ResetCleanPCBlocked
ResetClearSession
ResetCloudEndpointAvailable
ResetConnectCloud
ResetCreateMedia
ResetCreateSession
ResetDisabledByPolicy
ResetDisarmBootTrigger
ResetDownloadImage
ResetDownloadPayload
ResetEnterOOBE
ResetExecCleanup
ResetExecOnline
ResetExecute
ResetGetDataVolumes
ResetGetDiskSpaceRequired
ResetGetMediaSize
ResetGetRestoredApps
ResetGetScenarioType
ResetGetTargetVolume
ResetGetTelemetrySessionID
ResetHasCustomizations
ResetLoadSession
ResetNotifyAcknowledgeWarning
ResetNotifyCancel
ResetNotifyConfirm
ResetPayloadConnection
ResetPayloadEnabled
ResetPrepareSession
ResetProvisionMedia
ResetReleaseMedia
ResetReleaseSession
ResetResumeLog
ResetReturnToOldOS
ResetSetDataPoint
ResetSetStringPoint
ResetSetTestFlag
ResetStageOfflineBoot
ResetSubmitTelemetry
ResetSuspendSession
ResetTraceClientInfo
ResetUndo
ResetUnstageOfflineBoot
ResetUserLogon
ResetValidateScenario
ResetWillSuspendProtection
ResetWipeSystem
Sections
.text Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 984KB - Virtual size: 984KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 43KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 34KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 192B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
HidCfu/odbccp32.dll.dll windows:10 windows x64 arch:x64
Password: 2024
fe885f5a943cd6b641fc3f522dbc532c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
ODBCCP32.pdb
Imports
msvcrt
_initterm
_amsg_exit
_XcptFilter
iswctype
wcstol
_ltow_s
wcschr
__C_specific_handler
_wfullpath
memcpy
memcmp
_close
_wopen
wcsrchr
_snwprintf_s
malloc
free
_errno
calloc
_waccess
_vsnwprintf
_wstat
_wcsnicmp
_wcsicmp
fwprintf
_wfopen
_wmakepath_s
_wsplitpath_s
fclose
memset
user32
IsDlgButtonChecked
LoadIconA
CharUpperBuffW
CheckDlgButton
LoadBitmapA
GetParent
SetWindowTextW
GetDesktopWindow
MoveWindow
LoadStringW
ReleaseDC
GetDC
GetActiveWindow
EndDialog
PostMessageA
SetFocus
OffsetRect
PostMessageW
ShowWindow
DialogBoxParamW
SetWindowLongPtrW
IsWindow
GetWindowTextW
EnableWindow
SendMessageA
SetWindowLongPtrA
GetWindowLongPtrA
GetWindowLongPtrW
LoadCursorA
SetCursor
GetDlgItem
MessageBoxW
GetWindowRect
SendMessageW
GetSystemMetrics
ntdll
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
kernel32
CreateFileW
GetTempFileNameW
ExpandEnvironmentStringsA
LoadLibraryExA
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
CloseHandle
GetThreadLocale
GetDateFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTempPathW
GetModuleHandleW
FormatMessageW
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
GetProfileStringW
VerLanguageNameW
SetThreadErrorMode
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
GetLastError
MultiByteToWideChar
GetSystemDirectoryW
FindClose
GetModuleFileNameW
FindNextFileW
FindFirstFileW
CreateDirectoryW
DeleteFileW
GetPrivateProfileStringW
WritePrivateProfileStringW
FreeLibrary
GetProcAddress
LoadLibraryExW
DelayLoadFailureHook
advapi32
RegCreateKeyExW
RegDeleteValueW
RegQueryValueExA
RegOpenKeyExA
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegEnumValueW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegGetValueW
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
Exports
Exports
ODBCCPlApplet
SQLConfigDataSource
SQLConfigDataSourceW
SQLConfigDriver
SQLConfigDriverW
SQLCreateDataSource
SQLCreateDataSourceEx
SQLCreateDataSourceExW
SQLCreateDataSourceW
SQLGetAvailableDrivers
SQLGetAvailableDriversW
SQLGetConfigMode
SQLGetInstalledDrivers
SQLGetInstalledDriversW
SQLGetPrivateProfileString
SQLGetPrivateProfileStringW
SQLGetTranslator
SQLGetTranslatorW
SQLInstallDriver
SQLInstallDriverEx
SQLInstallDriverExW
SQLInstallDriverManager
SQLInstallDriverManagerW
SQLInstallDriverW
SQLInstallODBC
SQLInstallODBCW
SQLInstallTranslator
SQLInstallTranslatorEx
SQLInstallTranslatorExW
SQLInstallTranslatorW
SQLInstallerError
SQLInstallerErrorW
SQLLoadDataSourcesListBox
SQLLoadDriverListBox
SQLManageDataSources
SQLPostInstallerError
SQLPostInstallerErrorW
SQLReadFileDSN
SQLReadFileDSNW
SQLRemoveDSNFromIni
SQLRemoveDSNFromIniW
SQLRemoveDefaultDataSource
SQLRemoveDriver
SQLRemoveDriverManager
SQLRemoveDriverW
SQLRemoveTranslator
SQLRemoveTranslatorW
SQLSetConfigMode
SQLValidDSN
SQLValidDSNW
SQLWriteDSNToIni
SQLWriteDSNToIniW
SQLWriteFileDSN
SQLWriteFileDSNW
SQLWritePrivateProfileString
SQLWritePrivateProfileStringW
SelectTransDlg
Sections
.text Size: 103KB - Virtual size: 103KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 112B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 112B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
UpdateAgent/UpdateAgent.dll.dll windows:10 windows x64 arch:x64
Password: 2024
6889babfc88aeedab5cdd8d238e06967
Code Sign
33:00:00:03:8d:b0:bf:e1:b0:ca:33:b3:d4:00:00:00:00:03:8dCertificate
IssuerCN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before05/05/2022, 19:23Not After04/05/2023, 19:23SubjectCN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:07:76:56:00:00:00:00:00:08Certificate
IssuerCN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before19/10/2011, 18:41Not After19/10/2026, 18:51SubjectCN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
4a:d3:6f:4a:f9:a3:35:61:17:a0:e6:49:3a:fd:69:c2:a1:dd:c9:92:fd:df:84:20:0d:3a:54:1e:8b:db:02:90Signer
Actual PE Digest4a:d3:6f:4a:f9:a3:35:61:17:a0:e6:49:3a:fd:69:c2:a1:dd:c9:92:fd:df:84:20:0d:3a:54:1e:8b:db:02:90Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_DLL
PDB Paths
UpdateAgent.pdb
Imports
api-ms-win-crt-runtime-l1-1-0
_initterm_e
_initterm
api-ms-win-crt-private-l1-1-0
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__set_errno
_o__wcsicmp
_o__wcsnicmp
_o__wcstoui64
_o__wfopen
_o__wsplitpath_s
_o__wtof
_o__wtoi
_o_fclose
_o_feof
_o_fgetws
_o_free
memmove
_o_iswctype
_o_iswspace
_o_malloc
_o_memcpy_s
_o_strncpy_s
_o_strtol
_o_terminate
_o_toupper
_o_towlower
_o_wcscat_s
_o_wcscpy_s
_o_wcsncpy_s
_o_wcstok_s
_o_wcstoul
__CxxFrameHandler3
_CxxThrowException
_o__execute_onexit_table
_o__errno
_o__crt_atexit
_o__configure_narrow_argv
_o__invalid_parameter_noinfo_noreturn
_o__invalid_parameter_noinfo
_o__initialize_onexit_table
_o__initialize_narrow_environment
_o__cexit
_o__callnewh
wcsstr
_o__aligned_malloc
_o__aligned_free
_o___stdio_common_vswscanf
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsprintf
_o___stdio_common_vsnprintf_s
_o___stdio_common_vfwprintf
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o___acrt_iob_func
strrchr
wcsrchr
strchr
wcschr
__C_specific_handler
memcmp
memcpy
api-ms-win-crt-string-l1-1-0
wcscmp
memset
wcsnlen
strcmp
strncmp
wcsncmp
ntdll
RtlNtStatusToDosError
NtSetInformationFile
RtlCompareUnicodeString
NtUnloadKey2
RtlDosPathNameToNtPathName_U_WithStatus
RtlAdjustPrivilege
NtLoadKey2
NtDelayExecution
NtShutdownSystem
NtQueryLicenseValue
RtlDestroyEnvironment
NtSetInformationProcess
RtlCreateEnvironmentEx
RtlSetEnvironmentVariable
RtlDowncaseUnicodeChar
RtlExpandEnvironmentStrings_U
RtlInitUnicodeStringEx
RtlLengthSid
RtlDuplicateUnicodeString
NtQueryPerformanceCounter
NtFlushKey
DbgPrintEx
NtQueryVolumeInformationFile
RtlValidAcl
NtAdjustPrivilegesToken
RtlSetSaclSecurityDescriptor
RtlCreateUnicodeStringFromAsciiz
NtQueryValueKey
DbgPrint
NtCreateFile
RtlFreeHeap
NtClose
RtlQueryEnvironmentVariable_U
LdrLoadDll
RtlDosPathNameToNtPathName_U
LdrUnloadDll
LdrGetDllHandle
NtOpenKey
NtWriteFile
LdrGetProcedureAddress
NtQueryObject
RtlLeaveCriticalSection
RtlInitializeCriticalSection
RtlEnterCriticalSection
RtlTimeToTimeFields
RtlDeleteCriticalSection
RtlNtStatusToDosErrorNoTeb
RtlLengthSecurityDescriptor
RtlValidSid
NtOpenProcessToken
RtlSetOwnerSecurityDescriptor
RtlGetControlSecurityDescriptor
RtlMakeSelfRelativeSD
NtDuplicateToken
RtlSetDaclSecurityDescriptor
RtlGetSaclSecurityDescriptor
RtlQueryInformationAcl
RtlGetOwnerSecurityDescriptor
RtlAllocateAndInitializeSid
RtlRaiseStatus
RtlCreateHeap
RtlUpcaseUnicodeChar
RtlAllocateHeap
RtlReAllocateHeap
RtlInitUnicodeString
NtSetInformationThread
NtQueryInformationThread
RtlDestroyHeap
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlGetGroupSecurityDescriptor
RtlCopySid
NtOpenThreadToken
RtlGetVersion
RtlSetGroupSecurityDescriptor
RtlCreateSecurityDescriptor
RtlFindAceByType
RtlGetDaclSecurityDescriptor
RtlDeleteSecurityObject
NtYieldExecution
NtQueryKey
NtDeleteKey
RtlSetCurrentTransaction
NtEnumerateKey
RtlGetLengthWithoutLastFullDosOrNtPathElement
NtEnumerateValueKey
NtOpenKeyEx
RtlGetAce
RtlpApplyLengthFunction
RtlAddAccessAllowedAceEx
NtReadFile
NtCreateKeyTransacted
RtlNewSecurityObjectEx
NtDeleteFile
NtSetSecurityObject
RtlGetCurrentTransaction
NtDeleteValueKey
RtlAddAce
NtQueryAttributesFile
NtFlushBuffersFile
NtDuplicateObject
NtFsControlFile
NtQueryInformationFile
RtlCreateAcl
NtCreateKey
NtOpenKeyTransactedEx
NtQueryDirectoryFile
NtQuerySecurityObject
NtSetValueKey
NtOpenFile
RtlDosPathNameToRelativeNtPathName_U_WithStatus
NtSetEaFile
RtlReleaseRelativeName
NtQueryEaFile
NtWaitForSingleObject
RtlCopyUnicodeString
RtlAppendUnicodeStringToString
RtlEqualUnicodeString
RtlCreateEnvironment
NtQuerySystemTime
RtlSetControlSecurityDescriptor
RtlAnsiCharToUnicodeChar
RtlUnicodeToMultiByteN
RtlIsTextUnicode
RtlUnicodeToMultiByteSize
RtlConvertSidToUnicodeString
RtlRunOnceComplete
RtlRunOnceBeginInitialize
RtlFindNextForwardRunClear
RtlNumberOfSetBits
RtlInitializeSRWLock
RtlReleaseSRWLockExclusive
RtlAcquireSRWLockExclusive
RtlExpandEnvironmentStrings
NtQueryInformationToken
VerSetConditionMask
api-ms-win-security-base-l1-1-0
GetSecurityDescriptorLength
GetTokenInformation
AddAccessAllowedAce
GetLengthSid
DestroyPrivateObjectSecurity
MakeSelfRelativeSD
InitializeAcl
InitializeSecurityDescriptor
FreeSid
CopySid
EqualSid
SetSecurityDescriptorDacl
CreatePrivateObjectSecurityWithMultipleInheritance
GetSecurityDescriptorControl
AllocateAndInitializeSid
IsValidSid
AdjustTokenPrivileges
IsValidAcl
AddAccessAllowedAceEx
CheckTokenMembership
IsValidSecurityDescriptor
api-ms-win-core-file-l1-1-0
SetEndOfFile
GetLogicalDriveStringsW
SetFileTime
GetShortPathNameW
DeleteFileW
GetLogicalDrives
GetVolumeInformationW
GetFileSizeEx
FindFirstFileW
GetFileInformationByHandle
FindNextFileW
FlushFileBuffers
SetFileInformationByHandle
SetFilePointer
GetDiskFreeSpaceW
ReadFile
RemoveDirectoryW
GetFullPathNameW
DeleteFileA
SetFilePointerEx
CreateFileA
CreateDirectoryW
CreateFileW
GetFileType
SetFileAttributesW
GetFileAttributesW
FindFirstFileExW
FindClose
GetDriveTypeW
GetFinalPathNameByHandleW
GetLongPathNameW
GetTempFileNameW
GetFileSize
WriteFile
GetDiskFreeSpaceExW
api-ms-win-core-libraryloader-l1-1-0
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleW
GetModuleHandleExW
LoadLibraryExA
GetModuleFileNameA
GetProcAddress
FreeLibrary
api-ms-win-core-registry-l1-1-0
RegDeleteValueW
RegQueryValueExW
RegSetValueExW
RegEnumValueW
RegEnumKeyExW
RegSetKeySecurity
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
api-ms-win-core-string-l1-1-0
WideCharToMultiByte
CompareStringW
CompareStringOrdinal
MultiByteToWideChar
api-ms-win-core-synch-l1-1-0
WaitForSingleObject
ReleaseSRWLockShared
InitializeCriticalSectionEx
CreateMutexW
ResetEvent
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
OpenSemaphoreW
WaitForSingleObjectEx
CreateMutexExW
AcquireSRWLockExclusive
ReleaseSemaphore
AcquireSRWLockShared
OpenEventW
EnterCriticalSection
CreateSemaphoreExW
DeleteCriticalSection
WaitForMultipleObjectsEx
CreateMutexA
SetEvent
TryEnterCriticalSection
CreateEventW
ReleaseSRWLockExclusive
InitializeSRWLock
ReleaseMutex
InitializeCriticalSection
api-ms-win-core-heap-l1-1-0
HeapValidate
HeapReAlloc
HeapCompact
HeapFree
HeapCreate
HeapWalk
HeapAlloc
HeapDestroy
HeapSize
GetProcessHeap
api-ms-win-core-errorhandling-l1-1-0
GetErrorMode
UnhandledExceptionFilter
SetLastError
GetLastError
SetUnhandledExceptionFilter
SetErrorMode
RaiseException
api-ms-win-core-com-l1-1-0
CoTaskMemAlloc
CoCreateGuid
CoGetMalloc
CoInitializeEx
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoSetProxyBlanket
StringFromGUID2
api-ms-win-core-processthreads-l1-1-0
SetThreadPriority
GetCurrentProcess
GetThreadPriority
TlsSetValue
CreateProcessA
SetPriorityClass
GetExitCodeThread
GetPriorityClass
TlsAlloc
GetProcessId
TlsGetValue
ExitProcess
OpenThreadToken
OpenProcessToken
GetCurrentThreadId
TlsFree
CreateProcessW
TerminateProcess
GetCurrentThread
CreateThread
GetCurrentProcessId
GetExitCodeProcess
api-ms-win-core-processenvironment-l1-1-0
ExpandEnvironmentStringsW
GetCurrentDirectoryW
GetEnvironmentVariableW
GetCommandLineW
api-ms-win-security-sddl-l1-1-0
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertStringSidToSidW
api-ms-win-eventing-provider-l1-1-0
EventWriteString
EventProviderEnabled
EventRegister
EventWriteTransfer
EventUnregister
api-ms-win-core-threadpool-l1-2-0
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolTimer
SetThreadpoolTimer
api-ms-win-core-string-l2-1-0
CharNextW
api-ms-win-core-sysinfo-l1-1-0
GetSystemTime
GetWindowsDirectoryW
GlobalMemoryStatusEx
GetComputerNameExW
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryW
GetSystemInfo
GetTickCount64
GetVersion
GetSystemDirectoryW
GetVersionExW
GetTickCount
GetVersionExA
GetLocalTime
api-ms-win-core-processthreads-l1-1-1
IsProcessorFeaturePresent
OpenProcess
api-ms-win-core-file-l1-2-0
GetVolumePathNamesForVolumeNameW
GetTempPathW
GetVolumeNameForVolumeMountPointW
api-ms-win-core-synch-l1-2-0
InitOnceExecuteOnce
Sleep
api-ms-win-core-localization-l1-2-0
ResolveLocaleName
FormatMessageW
GetLocaleInfoW
api-ms-win-core-debug-l1-1-0
OutputDebugStringW
DebugBreak
OutputDebugStringA
IsDebuggerPresent
api-ms-win-core-handle-l1-1-0
CloseHandle
DuplicateHandle
api-ms-win-core-heap-obsolete-l1-1-0
GlobalUnlock
LocalFree
GlobalLock
LocalAlloc
GlobalSize
api-ms-win-core-kernel32-legacy-l1-1-0
CopyFileW
MoveFileW
GlobalMemoryStatus
WaitForMultipleObjects
CreateFileMappingA
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-interlocked-l1-1-0
InitializeSListHead
api-ms-win-core-memory-l1-1-0
VirtualFree
CreateFileMappingW
MapViewOfFile
VirtualAlloc
VirtualQuery
VirtualProtect
UnmapViewOfFile
crypt32
CertVerifyCertificateChainPolicy
CryptHashCertificate2
rpcrt4
I_RpcMapWin32Status
UuidToStringW
RpcStringFreeW
UuidFromStringW
UuidCreate
oleaut32
SysAllocString
SysFreeString
VariantTimeToSystemTime
SystemTimeToVariantTime
api-ms-win-core-timezone-l1-1-0
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
api-ms-win-core-file-l2-1-0
CopyFileExW
GetFileInformationByHandleEx
MoveFileExW
api-ms-win-core-version-l1-1-0
GetFileVersionInfoExW
GetFileVersionInfoSizeExW
VerQueryValueW
api-ms-win-core-io-l1-1-0
GetOverlappedResult
DeviceIoControl
api-ms-win-core-shutdown-l1-1-0
InitiateSystemShutdownExW
wintrust
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WinVerifyTrust
WTHelperGetProvCertFromChain
api-ms-win-core-libraryloader-l1-2-1
LoadLibraryW
api-ms-win-core-registry-l2-1-0
RegDeleteKeyW
api-ms-win-core-heap-l2-1-0
GlobalAlloc
GlobalFree
api-ms-win-security-provider-l1-1-0
SetSecurityInfo
wer
WerReportAddFile
WerReportSetUIOption
WerReportSubmit
WerReportCreate
WerReportCloseHandle
WerReportSetParameter
api-ms-win-core-localization-obsolete-l1-2-0
LCIDToLocaleName
api-ms-win-core-privateprofile-l1-1-0
GetPrivateProfileStringW
api-ms-win-core-string-obsolete-l1-1-0
lstrcmpW
api-ms-win-core-kernel32-legacy-l1-1-1
VerifyVersionInfoW
api-ms-win-core-shlwapi-legacy-l1-1-0
PathMatchSpecW
api-ms-win-eventing-controller-l1-1-0
EnableTraceEx2
ControlTraceW
api-ms-win-core-rtlsupport-l1-1-0
RtlCaptureStackBackTrace
api-ms-win-security-cryptoapi-l1-1-0
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextA
api-ms-win-devices-config-l1-1-1
CM_Get_Device_Interface_ListW
CM_Get_Device_Interface_List_SizeW
CM_Get_Device_Interface_PropertyW
api-ms-win-core-errorhandling-l1-1-2
RaiseFailFastException
Exports
Exports
CreateDeploymentSession
CreateDeploymentSessionEx
CreateOfflineDeploymentSession
UA_CommitActionList
UA_CreateActionList
UA_CreateDownloadList
UA_CreateDownloadListFromActionList
UA_CreatePackageListFromDownloadList
UA_InstallActionList
UA_ReleaseDownloadList
Sections
.text Size: 1.8MB - Virtual size: 1.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
PAGE Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 597KB - Virtual size: 596KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 26KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 46KB - Virtual size: 45KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
UpdateAgent/umrdp.dll.dll windows:10 windows x64 arch:x64
Password: 2024
bff07caf688b91e60cdaae6df2eb7470
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
umrdp.pdb
Imports
msvcrt
__dllonexit
_unlock
_lock
memcpy
_onexit
memmove
memset
_purecall
wcsstr
memcpy_s
__CxxFrameHandler3
_initterm
_amsg_exit
_XcptFilter
free
_callnewh
malloc
wcsrchr
wcschr
rand
srand
time
_wcsicmp
_vsnwprintf
__C_specific_handler
api-ms-win-core-sysinfo-l1-1-0
GetTickCount
GetSystemTimeAsFileTime
GetVersionExW
GetSystemWindowsDirectoryW
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
SetLastError
api-ms-win-core-handle-l1-1-0
DuplicateHandle
CloseHandle
api-ms-win-core-synch-l1-1-0
SetEvent
ResetEvent
WaitForMultipleObjectsEx
CreateEventW
DeleteCriticalSection
WaitForSingleObject
InitializeCriticalSection
CancelWaitableTimer
LeaveCriticalSection
EnterCriticalSection
SetWaitableTimer
api-ms-win-core-libraryloader-l1-2-0
GetProcAddress
GetModuleHandleExA
FreeLibrary
LoadStringW
api-ms-win-core-processthreads-l1-1-0
GetCurrentThread
GetCurrentThreadId
GetCurrentProcess
GetCurrentProcessId
OpenThreadToken
TerminateProcess
CreateThread
api-ms-win-security-sddl-l1-1-0
ConvertStringSecurityDescriptorToSecurityDescriptorW
api-ms-win-core-heap-l2-1-0
LocalAlloc
LocalFree
api-ms-win-security-base-l1-1-0
IsValidAcl
IsValidSid
GetSidIdentifierAuthority
FreeSid
AddAccessAllowedAceEx
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
ImpersonateLoggedOnUser
GetTokenInformation
CreateWellKnownSid
CheckTokenMembership
RevertToSelf
GetSidSubAuthorityCount
GetSidSubAuthority
CopySid
EqualSid
api-ms-win-core-processthreads-l1-1-1
OpenProcess
api-ms-win-core-heap-l1-1-0
HeapReAlloc
HeapFree
HeapAlloc
api-ms-win-core-sysinfo-l1-2-0
VerSetConditionMask
api-ms-win-core-io-l1-1-0
DeviceIoControl
GetOverlappedResult
api-ms-win-core-file-l1-1-0
CreateFileW
DeleteFileW
ReadFile
QueryDosDeviceW
GetFileSize
WriteFile
api-ms-win-core-io-l1-1-1
CancelIo
api-ms-win-core-synch-l1-2-1
CreateWaitableTimerW
api-ms-win-core-registry-l1-1-0
RegOpenUserClassesRoot
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyExW
RegGetValueW
RegNotifyChangeKeyValue
RegCloseKey
RegQueryValueExW
RegOpenCurrentUser
RegDeleteValueW
RegOpenKeyExW
api-ms-win-core-libraryloader-l1-2-1
LoadLibraryW
api-ms-win-core-string-l1-1-0
MultiByteToWideChar
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-file-l1-2-0
GetTempPathW
api-ms-win-core-localization-l1-2-0
FormatMessageW
api-ms-win-core-rtlsupport-l1-1-0
RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
ntdll
EtwEventWriteFull
RtlMultiByteToUnicodeN
NtCreateFile
RtlOpenCurrentUser
RtlNtStatusToDosError
NtMakePermanentObject
NtMakeTemporaryObject
NtClose
NtQuerySymbolicLinkObject
NtOpenSymbolicLinkObject
NtCreateSymbolicLinkObject
RtlInitUnicodeString
NtQueryInformationProcess
EtwEventActivityIdControl
DbgPrint
RtlInitializeGenericTable
RtlEnumerateGenericTable
RtlInsertElementGenericTable
RtlDeleteElementGenericTable
RtlLookupElementGenericTable
RtlEnumerateGenericTableWithoutSplaying
EtwEventRegister
RtlGetSuiteMask
EtwEventUnregister
EtwUnregisterTraceGuids
EtwRegisterTraceGuidsW
EtwGetTraceEnableFlags
EtwGetTraceEnableLevel
EtwGetTraceLoggerHandle
EtwTraceMessage
EtwEventWrite
advapi32
TraceMessage
user32
PeekMessageW
MsgWaitForMultipleObjectsEx
PostThreadMessageW
UnregisterClassW
DefWindowProcW
RegisterClassExW
PostMessageW
DestroyWindow
DispatchMessageW
CreateWindowExW
RegisterDeviceNotificationW
UnregisterDeviceNotification
GetClassInfoExW
kernel32
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
InitializeCriticalSectionEx
CloseThreadpoolCleanupGroupMembers
CreateThreadpoolCleanupGroup
SetThreadpoolThreadMaximum
CreateThreadpool
CloseThreadpool
CloseThreadpoolCleanupGroup
CancelIoEx
WaitForMultipleObjects
GetThreadId
ProcessIdToSessionId
ReadFileEx
GetModuleHandleW
QueueUserAPC
WaitForSingleObjectEx
lstrcmpiW
DeleteTimerQueueTimer
CreateTimerQueueTimer
FreeLibraryAndExitThread
GetProcessHeap
GetModuleHandleExW
GetTickCount64
ReleaseSemaphore
VerifyVersionInfoW
UnregisterWait
SleepEx
TlsSetValue
TlsAlloc
GetSystemInfo
SwitchToThread
CreateSemaphoreW
TlsGetValue
TlsFree
OpenThread
ResumeThread
api-ms-win-eventing-provider-l1-1-0
EventWriteTransfer
EventUnregister
EventActivityIdControl
EventRegister
api-ms-win-devices-config-l1-1-1
CM_Get_DevNode_Status
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
Exports
Exports
ServiceMain
SvchostPushServiceGlobals
Sections
.text Size: 254KB - Virtual size: 254KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 50KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 1024B - Virtual size: 824B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 69KB - Virtual size: 69KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
setup.msi.msi
-
shwebsvc/Startupscan.dll.dll windows:10 windows x64 arch:x64
Password: 2024
3db83af8e709bd0de18b15952bd7b63d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Startupscan.pdb
Imports
msvcrt
_initterm
_XcptFilter
malloc
free
_wcsicmp
wcschr
wcsncmp
wcsstr
_vsnwprintf
__C_specific_handler
memcpy_s
_amsg_exit
memset
shlwapi
ord618
api-ms-win-core-localization-l1-2-0
FormatMessageW
api-ms-win-core-processthreads-l1-1-0
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
GetCurrentThreadId
api-ms-win-core-libraryloader-l1-2-0
GetModuleHandleW
GetProcAddress
GetModuleHandleExW
GetModuleFileNameA
api-ms-win-core-debug-l1-1-0
IsDebuggerPresent
OutputDebugStringW
DebugBreak
api-ms-win-core-errorhandling-l1-1-0
UnhandledExceptionFilter
GetLastError
SetUnhandledExceptionFilter
api-ms-win-core-com-l1-1-0
CoTaskMemFree
CoTaskMemAlloc
api-ms-win-core-registry-l1-1-0
RegOpenKeyExW
RegSetValueExW
RegGetValueW
RegCloseKey
RegEnumValueW
RegCreateKeyExW
api-ms-win-core-path-l1-1-0
PathCchStripToRoot
PathCchAppend
PathCchCombine
api-ms-win-core-processenvironment-l1-1-0
ExpandEnvironmentStringsW
api-ms-win-core-file-l1-1-0
FindFirstFileW
FindNextFileW
FindClose
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-sysinfo-l1-1-0
GetVersionExW
GetTickCount
GetSystemTimeAsFileTime
api-ms-win-core-heap-l2-1-0
LocalFree
LocalAlloc
api-ms-win-core-rtlsupport-l1-1-0
RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
ntdll
EtwGetTraceEnableLevel
EtwTraceMessage
EtwRegisterTraceGuidsW
EtwUnregisterTraceGuids
EtwGetTraceEnableFlags
EtwGetTraceLoggerHandle
Exports
Exports
DllMain
SusResetNotification
SusRunOEMTaskOffline
SusRunOEMTaskOnline
SusRunTask
Sections
.text Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1024B - Virtual size: 660B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 60B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
shwebsvc/StructuredQuery.dll.dll regsvr32 windows:10 windows x64 arch:x64
Password: 2024
24ebe3006ff9d1f04311b0251dcd8abf
Code Sign
33:00:00:02:ed:2c:45:e4:c1:45:cf:48:44:00:00:00:00:02:edCertificate
IssuerCN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before15/12/2020, 21:29Not After02/12/2021, 21:29SubjectCN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:07:76:56:00:00:00:00:00:08Certificate
IssuerCN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before19/10/2011, 18:41Not After19/10/2026, 18:51SubjectCN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
cd:7a:7f:af:e6:9c:22:30:13:01:a6:29:3d:8d:b6:b6:cf:93:cf:8a:e9:39:d7:da:a7:91:32:c7:62:f2:64:82Signer
Actual PE Digestcd:7a:7f:af:e6:9c:22:30:13:01:a6:29:3d:8d:b6:b6:cf:93:cf:8a:e9:39:d7:da:a7:91:32:c7:62:f2:64:82Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
StructuredQuery.pdb
Imports
msvcrt
_CxxThrowException
memcpy_s
?terminate@@YAXXZ
_wtoi
memmove
iswspace
??1exception@@UEAA@XZ
??0exception@@QEAA@XZ
??0exception@@QEAA@AEBV0@@Z
memcpy
memcmp
__CxxFrameHandler3
_onexit
__dllonexit
_unlock
_vsnprintf_s
_lock
_wcsicmp
__C_specific_handler
_wcsnicmp
wcsncmp
bsearch
toupper
_initterm
_amsg_exit
_XcptFilter
??1type_info@@UEAA@XZ
??0exception@@QEAA@AEBQEBD@Z
_callnewh
??0exception@@QEAA@AEBQEBDH@Z
malloc
free
swscanf_s
wcschr
swscanf
_vsnwprintf
_purecall
?what@exception@@UEBAPEBDXZ
memset
oleaut32
BSTR_UserFree64
VarParseNumFromStr
VarBstrFromDate
VarI4FromStr
VarDateFromUdate
VarUdateFromDate
SysAllocStringLen
SysStringLen
SysFreeString
VariantClear
VariantCopy
VariantInit
SysAllocString
BSTR_UserMarshal64
LPSAFEARRAY_UserSize64
BSTR_UserSize64
VarNumFromParseNum
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserUnmarshal64
BSTR_UserSize
BSTR_UserMarshal
BSTR_UserFree
LPSAFEARRAY_UserSize
BSTR_UserUnmarshal
LPSAFEARRAY_UserMarshal64
LPSAFEARRAY_UserFree64
LPSAFEARRAY_UserUnmarshal
BSTR_UserUnmarshal64
LPSAFEARRAY_UserFree
rpcrt4
NdrCStdStubBuffer2_Release
NdrClientCall3
NdrOleFree
NdrStubCall3
CStdStubBuffer_AddRef
CStdStubBuffer_DebugServerQueryInterface
IUnknown_Release_Proxy
NdrStubForwardingFunction
IUnknown_AddRef_Proxy
NdrCStdStubBuffer_Release
CStdStubBuffer_Connect
NdrDllCanUnloadNow
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
CStdStubBuffer_CountRefs
IUnknown_QueryInterface_Proxy
CStdStubBuffer_Disconnect
NdrDllGetClassObject
CStdStubBuffer_QueryInterface
NdrOleAllocate
CStdStubBuffer_DebugServerRelease
api-ms-win-core-com-midlproxystub-l1-1-0
ObjectStublessClient4
NdrProxyForwardingFunction4
ObjectStublessClient3
ObjectStublessClient14
ObjectStublessClient8
ObjectStublessClient5
CStdStubBuffer2_CountRefs
ObjectStublessClient15
CStdStubBuffer2_Disconnect
CStdStubBuffer2_QueryInterface
NdrProxyForwardingFunction5
NdrProxyForwardingFunction10
CStdStubBuffer2_Connect
ObjectStublessClient9
NdrProxyForwardingFunction7
ObjectStublessClient12
NdrProxyForwardingFunction3
ObjectStublessClient10
ObjectStublessClient7
ObjectStublessClient6
NdrProxyForwardingFunction6
NdrProxyForwardingFunction9
ObjectStublessClient11
api-ms-win-shcore-unicodeansi-l1-1-0
SHUnicodeToAnsi
api-ms-win-core-string-obsolete-l1-1-0
lstrlenW
lstrcmpW
api-ms-win-core-localization-l1-2-0
GetSystemDefaultLCID
GetCalendarInfoEx
GetUserDefaultLocaleName
LocaleNameToLCID
GetLocaleInfoEx
GetLocaleInfoW
GetUserDefaultLCID
ResolveLocaleName
LCMapStringW
FindNLSStringEx
GetSystemPreferredUILanguages
FormatMessageW
GetSystemDefaultLangID
IsValidLocaleName
GetUserDefaultLangID
api-ms-win-core-string-l1-1-0
GetStringTypeW
GetStringTypeExW
WideCharToMultiByte
CompareStringEx
MultiByteToWideChar
CompareStringW
CompareStringOrdinal
api-ms-win-core-shlwapi-obsolete-l1-1-0
StrCmpNW
StrCmpIW
QISearch
StrStrIW
StrStrW
StrTrimW
StrChrW
StrToIntExW
api-ms-win-core-heap-l2-1-0
LocalFree
LocalAlloc
api-ms-win-core-errorhandling-l1-1-0
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
RaiseException
api-ms-win-core-synch-l1-1-0
InitializeSRWLock
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
DeleteCriticalSection
OpenSemaphoreW
WaitForSingleObjectEx
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
ReleaseMutex
WaitForSingleObject
CreateSemaphoreExW
AcquireSRWLockShared
ReleaseSRWLockShared
ReleaseSemaphore
CreateMutexExW
api-ms-win-core-file-l1-1-0
CreateDirectoryW
CreateFileW
WriteFile
CompareFileTime
GetFileTime
GetFileAttributesExW
SetFilePointer
api-ms-win-core-heap-l1-1-0
HeapAlloc
HeapReAlloc
GetProcessHeap
HeapFree
api-ms-win-core-localization-obsolete-l1-2-0
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
api-ms-win-core-localization-l1-2-2
LCIDToLocaleName
api-ms-win-eventing-provider-l1-1-0
EventRegister
EventWriteTransfer
EventProviderEnabled
EventSetInformation
EventUnregister
api-ms-win-core-calendar-l1-1-0
IsCalendarLeapYear
GetCalendarDateFormatEx
ConvertCalDateTimeToSystemTime
UpdateCalendarDayOfWeek
AdjustCalendarDate
ConvertSystemTimeToCalDateTime
GetCalendarSupportedDateRange
api-ms-win-core-sysinfo-l1-1-0
GetSystemTime
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetLocalTime
GetTickCount
GetVersionExW
api-ms-win-security-base-l1-1-0
GetTokenInformation
api-ms-win-core-registry-l1-1-0
RegCloseKey
RegQueryValueExW
RegQueryInfoKeyW
RegGetValueW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
api-ms-win-core-processthreads-l1-1-0
OpenProcessToken
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
TlsSetValue
TlsFree
GetCurrentThreadId
TlsAlloc
TlsGetValue
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-path-l1-1-0
PathCchAppend
api-ms-win-core-datetime-l1-1-0
GetDateFormatW
GetTimeFormatW
api-ms-win-core-synch-l1-2-0
InitOnceComplete
InitOnceBeginInitialize
InitOnceExecuteOnce
Sleep
api-ms-win-core-libraryloader-l1-2-0
LoadResource
GetProcAddress
FindResourceExW
LoadStringW
GetModuleFileNameA
GetModuleHandleW
FreeLibrary
LoadLibraryExW
GetModuleHandleExW
api-ms-win-core-debug-l1-1-0
OutputDebugStringW
DebugBreak
IsDebuggerPresent
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
QueryPerformanceFrequency
api-ms-win-core-processenvironment-l1-1-0
SearchPathW
ExpandEnvironmentStringsW
api-ms-win-core-timezone-l1-1-0
GetTimeZoneInformation
FileTimeToSystemTime
SystemTimeToFileTime
TzSpecificLocalTimeToSystemTime
api-ms-win-core-com-private-l1-1-0
CoRevokeInitializeSpy
CoRegisterInitializeSpy
api-ms-win-core-rtlsupport-l1-1-0
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext
api-ms-win-shcore-path-l1-1-0
ord170
shcore
ord141
ord123
ord130
ord200
api-ms-win-core-localization-l2-1-0
EnumTimeFormatsEx
EnumCalendarInfoExEx
EnumDateFormatsExEx
api-ms-win-core-sysinfo-l1-2-0
VerSetConditionMask
api-ms-win-core-kernel32-legacy-l1-1-1
VerifyVersionInfoW
api-ms-win-core-memory-l1-1-0
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
ntdll
RtlGetPersistedStateLocation
RtlIsStateSeparationEnabled
RtlNtStatusToDosError
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 456KB - Virtual size: 455KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 152KB - Virtual size: 151KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 448B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 992B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
shwebsvc/shwebsvc.dll.dll windows:10 windows x64 arch:x64
8b468b302a0fe8a20dfdb89935efa866
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
shwebsvc.pdb
Imports
msvcrt
_vsnwprintf
__CxxFrameHandler3
_onexit
__dllonexit
_unlock
_lock
_initterm
malloc
_amsg_exit
_XcptFilter
free
_resetstkoflw
__C_specific_handler
memcpy_s
memcpy
memset
atl
ord30
shell32
ord190
ord17
ord21
ord23
SHGetPathFromIDListW
SHBrowseForFolderW
ord747
SHGetKnownFolderPath
ord165
ord71
ShellExecuteW
SHGetFileInfoW
SHGetIDListFromObject
SHBindToParent
ord155
ord100
ord18
SHBindToObject
SHGetFolderPathAndSubDirW
SHParseDisplayName
SHGetSpecialFolderLocation
ord25
SHBindToFolderIDListParentEx
ord75
SHGetSpecialFolderPathW
SHCreateItemFromIDList
Shell_GetCachedImageIndexW
CommandLineToArgvW
ord258
ShellExecuteExW
shlwapi
ord199
ord16
ord158
ord154
StrToIntExW
ord176
SHStrDupW
ord165
ord388
ord12
ord168
UrlCombineW
AssocQueryStringW
PathMatchSpecW
PathAppendW
PathFileExistsW
ord471
SHDeleteKeyW
SHSetValueW
ord487
PathParseIconLocationW
SHGetValueW
PathRenameExtensionW
StrDupW
PathFindExtensionW
PathRemoveFileSpecW
StrChrW
AssocGetPerceivedType
PathCombineW
PathFindFileNameW
ord476
UrlGetPartW
StrCmpIW
PathGetDriveNumberW
UrlIsW
PathIsURLW
ord174
ord219
ord2
PathSkipRootW
PathIsUNCW
StrRetToBufW
StrCmpNIW
ord630
PathIsUNCServerW
api-ms-win-core-libraryloader-l1-2-0
GetProcAddress
FreeLibrary
GetModuleHandleW
LoadStringW
FindResourceExW
GetModuleFileNameW
GetModuleHandleExW
LoadResource
GetModuleFileNameA
LockResource
api-ms-win-core-synch-l1-1-0
CreateMutexExW
ReleaseMutex
WaitForSingleObject
ReleaseSemaphore
CreateMutexW
CreateSemaphoreExW
WaitForSingleObjectEx
OpenSemaphoreW
api-ms-win-core-heap-l1-1-0
HeapAlloc
HeapFree
GetProcessHeap
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
SetLastError
UnhandledExceptionFilter
GetLastError
api-ms-win-core-processthreads-l1-1-0
TerminateProcess
GetCurrentProcess
CreateThread
GetCurrentThreadId
GetCurrentProcessId
api-ms-win-core-localization-l1-2-0
GetUserDefaultLangID
GetGeoInfoW
GetLocaleInfoW
GetUserGeoID
GetSystemDefaultLCID
GetUserDefaultLCID
FormatMessageW
api-ms-win-core-debug-l1-1-0
OutputDebugStringW
DebugBreak
OutputDebugStringA
IsDebuggerPresent
api-ms-win-core-handle-l1-1-0
CloseHandle
oleaut32
SetErrorInfo
LoadTypeLi
SysAllocStringLen
VariantInit
SysAllocString
SysFreeString
LoadRegTypeLi
VariantClear
api-ms-win-core-libraryloader-l1-2-1
LoadLibraryW
api-ms-win-core-com-l1-1-0
CoCreateInstance
CoGetMalloc
CoCreateFreeThreadedMarshaler
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
StringFromCLSID
CoCreateGuid
CoInitializeEx
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CoReleaseMarshalData
api-ms-win-eventing-provider-l1-1-0
EventSetInformation
EventWriteTransfer
EventUnregister
EventRegister
api-ms-win-core-com-l1-1-1
RoGetAgileReference
api-ms-win-core-heap-l2-1-0
LocalAlloc
LocalFree
GlobalFree
api-ms-win-core-processenvironment-l1-1-0
GetCommandLineW
mpr
WNetGetConnectionW
api-ms-win-core-string-l1-1-0
MultiByteToWideChar
WideCharToMultiByte
api-ms-win-core-registry-l1-1-0
RegOpenKeyExW
RegGetValueW
RegCloseKey
RegCreateKeyExW
api-ms-win-core-synch-l1-2-0
Sleep
InitOnceBeginInitialize
InitOnceComplete
api-ms-win-core-string-l2-1-0
CharLowerBuffW
api-ms-win-core-rtlsupport-l1-1-0
RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetSystemTimeAsFileTime
GetTickCount
api-ms-win-service-management-l1-1-0
OpenServiceW
CloseServiceHandle
OpenSCManagerW
api-ms-win-service-winsvc-l1-1-0
QueryServiceStatus
kernel32
QueryActCtxW
GetUserDefaultUILanguage
lstrlenW
lstrcmpiW
DeactivateActCtx
ActivateActCtx
FindActCtxSectionStringW
CreateActCtxW
lstrcmpW
ole32
OleInitialize
OleUninitialize
CreateBindCtx
CoInitialize
propsys
PSCreateMemoryPropertyStore
PSPropertyBag_WriteStr
VariantToString
urlmon
URLDownloadToFileW
URLDownloadToCacheFileW
CreateURLMoniker
uxtheme
SetWindowTheme
wininet
InternetCreateUrlW
InternetGoOnlineW
InternetCrackUrlW
gdi32
DeleteObject
SelectObject
user32
SetTimer
GetSystemMetrics
KillTimer
LoadMenuW
SetWindowLongPtrW
GetSubMenu
GetWindowLongPtrW
SetMenuDefaultItem
SendMessageW
GetParent
RegisterClipboardFormatW
SetWindowTextW
SetDlgItemTextW
EnableMenuItem
PostMessageW
TrackPopupMenu
DestroyMenu
GetDlgCtrlID
LoadImageW
SystemParametersInfoW
GetWindowLongW
EndDialog
CheckDlgButton
IsDlgButtonChecked
SetProcessDPIAware
GetDlgItemTextW
CreateWindowExW
GetWindowTextW
MessageBoxW
GetDC
SendDlgItemMessageW
SetFocus
GetClientRect
GetDlgItem
DrawTextExW
LoadCursorW
SetCursor
DispatchMessageW
TranslateMessage
SetWindowPos
ReleaseDC
GetWindowRect
MapWindowPoints
PeekMessageW
EnableWindow
MsgWaitForMultipleObjects
MapDialogRect
DestroyIcon
LoadIconW
ShowWindow
IsWindowVisible
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
Exports
Exports
AddNetPlaceRunDll
DllCanUnloadNow
DllGetClassObject
PublishRunDll
Sections
.text Size: 113KB - Virtual size: 112KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 33KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 299KB - Virtual size: 298KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 892B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
vwlanui/FXSUTILITY.dll.dll regsvr32 windows:10 windows x64 arch:x64
ec1a2365fa398033b2b727fc15766ebb
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
FXSUTILITY.pdb
Imports
msvcrt
wcscmp
memcmp
memcpy
memset
wcschr
_wsplitpath_s
??1type_info@@UEAA@XZ
_initterm
_amsg_exit
_XcptFilter
_CxxThrowException
?what@exception@@UEBAPEBDXZ
??1exception@@UEAA@XZ
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBQEBDH@Z
_callnewh
malloc
free
_purecall
wcscat_s
realloc
__C_specific_handler
__CxxFrameHandler3
iswspace
_vsnwprintf
fxsapi
FaxOpenPort
FaxGetRoutingInfoW
FaxSetGeneralConfiguration
FaxGetGeneralConfiguration
FaxSetOutboxConfiguration
FaxGetOutboxConfiguration
FaxSetSecurityEx2
FaxGetSecurityEx2
FaxGetExtensionDataW
FaxSetExtensionDataW
FaxAccessCheckEx2
FaxSetPortExW
FaxClose
FaxEnumPortsExW
FaxConnectFaxServerW
FaxFreeBuffer
FaxCheckValidFaxFolder
FaxSetRoutingInfoW
shlwapi
PathIsNetworkPathW
StrChrW
PathIsRelativeW
SHAutoComplete
PathFileExistsW
PathMakePrettyW
winspool.drv
EnumPrintersW
kernel32
GetModuleHandleW
FreeLibrary
lstrcmpiW
VirtualQuery
LoadLibraryExW
Sleep
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
LocalAlloc
GetCurrentProcess
TerminateProcess
HeapFree
HeapAlloc
GetProcessHeap
CompareStringW
ExpandEnvironmentStringsW
GetLocaleInfoW
GetFileAttributesW
LoadLibraryW
DeleteCriticalSection
GetCurrentThread
OutputDebugStringW
GetLocaleInfoEx
GetUserPreferredUILanguages
GetFullPathNameW
LoadLibraryExA
ExpandEnvironmentStringsA
SetLastError
GetProcAddress
LoadResource
HeapDestroy
FindResourceExW
GetSystemInfo
DisableThreadLibraryCalls
MultiByteToWideChar
InitializeCriticalSection
LeaveCriticalSection
GetModuleFileNameW
VirtualAlloc
lstrcpynW
EnterCriticalSection
VirtualProtect
SizeofResource
CreateProcessW
LocalFree
CloseHandle
GetLastError
GetVersionExW
CreateActCtxW
ReleaseActCtx
ActivateActCtx
DeactivateActCtx
GetLocalTime
SetUnhandledExceptionFilter
shell32
SHCreateDirectoryExW
SHBrowseForFolderW
SHGetMalloc
SHGetPathFromIDListW
oleaut32
VarUI4FromStr
SysFreeString
SysAllocString
UnRegisterTypeLi
ole32
CoInitialize
CoCreateInstance
CoInitializeEx
CoUninitialize
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
HWND_UserUnmarshal64
HWND_UserMarshal64
HWND_UserMarshal
HWND_UserSize64
HWND_UserFree64
HWND_UserFree
HWND_UserUnmarshal
HWND_UserSize
user32
DialogBoxParamW
GetWindowTextW
CallWindowProcW
GetParent
EnableWindow
ShowWindow
GetDlgItemTextW
SetWindowPos
MessageBoxW
SetWindowLongPtrW
GetWindowLongPtrW
GetDlgItem
LoadStringW
PostMessageW
SendMessageW
SetWindowTextW
GetWindowTextLengthW
SetActiveWindow
FindWindowW
CharPrevW
CharNextW
CheckDlgButton
GetDlgItemInt
SetFocus
SetDlgItemTextW
EndDialog
IsDlgButtonChecked
SetDlgItemInt
SendDlgItemMessageW
advapi32
RegOpenKeyExW
RegQueryValueExA
RegEnumValueW
MapGenericMask
RegDeleteValueW
RegCloseKey
RegOpenKeyExA
SetNamedSecurityInfoW
GetNamedSecurityInfoW
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegQueryInfoKeyW
TraceMessage
OpenThreadToken
OpenServiceW
ChangeServiceConfigW
ConvertStringSecurityDescriptorToSecurityDescriptorW
LookupPrivilegeValueW
AdjustTokenPrivileges
GetSecurityDescriptorControl
SetThreadToken
DuplicateTokenEx
StartServiceW
FreeSid
OpenProcessToken
EnumDependentServicesW
GetSecurityDescriptorLength
MakeSelfRelativeSD
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
AllocateAndInitializeSid
SetEntriesInAclW
ControlService
rpcrt4
NdrDllUnregisterProxy
NdrDllRegisterProxy
CStdStubBuffer_Connect
CStdStubBuffer_IsIIDSupported
NdrDllGetClassObject
CStdStubBuffer_Disconnect
CStdStubBuffer_DebugServerRelease
NdrOleAllocate
CStdStubBuffer_QueryInterface
CStdStubBuffer_CountRefs
IUnknown_Release_Proxy
CStdStubBuffer_AddRef
NdrDllCanUnloadNow
CStdStubBuffer_DebugServerQueryInterface
NdrOleFree
NdrCStdStubBuffer_Release
CStdStubBuffer_Invoke
IUnknown_QueryInterface_Proxy
IUnknown_AddRef_Proxy
aclui
ord1
Exports
Exports
CanSendToFaxRecipient
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo
SendToFaxRecipient
Sections
.text Size: 65KB - Virtual size: 65KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 90KB - Virtual size: 90KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 484B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
vwlanui/cscui.dll.dll regsvr32 windows:10 windows x64 arch:x64
b18197d343870a8734e284f0be2f6713
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
cscui.pdb
Imports
msvcrt
memcmp
floor
memcpy
?terminate@@YAXXZ
_vsnprintf_s
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
_CxxThrowException
memmove
memmove_s
memset
__CxxFrameHandler3
_onexit
__dllonexit
_unlock
_lock
??1type_info@@UEAA@XZ
__C_specific_handler
_initterm
_amsg_exit
_XcptFilter
_callnewh
malloc
_wcsdup
free
_purecall
memcpy_s
_vsnwprintf
sqrt
shell32
ord155
ord18
ord19
ord256
SHCreateDataObject
AssocCreateForClasses
SHCreateDefaultExtractIcon
SHGetDesktopFolder
SHCreateShellItemArrayFromDataObject
SHGetKnownFolderIDList
SHGetFileInfoW
ord28
SHCreateItemFromParsingName
ord165
ord162
ord704
SHCreateShellItemArrayFromShellItem
ord16
SHGetItemFromObject
SHCreateDefaultContextMenu
SHCreateItemFromIDList
SHGetIDListFromObject
ord152
SHBindToParent
SHBindToFolderIDListParentEx
ShellExecuteExW
ord102
SHParseDisplayName
ord190
SHChangeNotify
SHBindToObject
ord241
SHBindToFolderIDListParent
ord680
shlwapi
PathRemoveBackslashW
StrRetToBufW
SHStrDupW
ord619
PathFindExtensionW
ord16
ord174
ord157
ord158
StrChrW
PathAddBackslashW
ord540
ord615
StrStrW
PathCompactPathW
ord354
ord176
ord172
StrFormatByteSizeW
PathGetDriveNumberW
PathBuildRootW
ord388
PathIsUNCServerShareW
PathIsUNCServerW
ord217
AssocQueryStringW
PathParseIconLocationW
PathFindFileNameW
PathIsContentTypeW
PathCompactPathExW
ord199
PathIsUNCW
ord437
ord219
StrDupW
ord215
StrToIntW
ord476
StrToIntA
api-ms-win-core-errorhandling-l1-1-0
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
GetLastError
RaiseException
api-ms-win-core-heap-l2-1-0
LocalFree
LocalAlloc
api-ms-win-security-base-l1-1-0
ImpersonateLoggedOnUser
AdjustTokenPrivileges
RevertToSelf
GetTokenInformation
api-ms-win-core-processthreads-l1-1-0
OpenThreadToken
ResumeThread
GetCurrentThread
GetCurrentThreadId
TerminateProcess
GetCurrentProcessId
GetCurrentProcess
OpenProcessToken
TlsFree
CreateThread
api-ms-win-core-synch-l1-2-0
WakeAllConditionVariable
InitOnceBeginInitialize
SleepConditionVariableSRW
Sleep
api-ms-win-core-synch-l1-1-0
LeaveCriticalSection
CreateMutexW
ReleaseSRWLockExclusive
CreateSemaphoreExW
CreateMutexExW
SetEvent
AcquireSRWLockShared
SetWaitableTimer
OpenSemaphoreW
WaitForSingleObjectEx
InitializeCriticalSection
AcquireSRWLockExclusive
EnterCriticalSection
DeleteCriticalSection
ReleaseMutex
WaitForSingleObject
ReleaseSemaphore
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
ResetEvent
CreateEventW
ReleaseSRWLockShared
api-ms-win-core-libraryloader-l1-2-0
GetModuleHandleW
LoadResource
LoadStringW
GetModuleFileNameA
LoadStringA
LockResource
GetProcAddress
GetModuleFileNameW
GetModuleHandleExW
DisableThreadLibraryCalls
FreeLibraryAndExitThread
FreeLibrary
LoadLibraryExW
api-ms-win-core-handle-l1-1-0
DuplicateHandle
CloseHandle
api-ms-win-core-heap-l1-1-0
HeapFree
HeapAlloc
HeapReAlloc
GetProcessHeap
api-ms-win-core-localization-l1-2-0
GetLocaleInfoW
FormatMessageW
api-ms-win-core-debug-l1-1-0
DebugBreak
IsDebuggerPresent
OutputDebugStringW
api-ms-win-core-shutdown-l1-1-1
InitiateShutdownW
api-ms-win-core-com-l1-1-0
CoRevertToSelf
CoGetCallContext
CoReleaseMarshalData
CoMarshalInterThreadInterfaceInStream
CoCancelCall
CoDisableCallCancellation
StringFromIID
CoEnableCallCancellation
CoCreateGuid
CreateStreamOnHGlobal
CoGetInterfaceAndReleaseStream
StringFromCLSID
CoQueryProxyBlanket
CLSIDFromString
CoWaitForMultipleHandles
CoSetProxyBlanket
CoTaskMemAlloc
StringFromGUID2
PropVariantClear
CoTaskMemFree
CoUninitialize
CoInitializeEx
CoCreateInstance
CoCreateInstanceEx
api-ms-win-core-file-l1-1-0
FindClose
FindNextFileW
FindFirstFileW
GetDriveTypeW
CompareFileTime
GetFileAttributesW
api-ms-win-core-registry-l1-1-0
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegEnumValueW
RegOpenCurrentUser
RegOpenKeyExW
api-ms-win-core-sysinfo-l1-1-0
GetLocalTime
GetTickCount64
GetSystemTimeAsFileTime
GetTickCount
api-ms-win-core-string-l1-1-0
CompareStringW
api-ms-win-core-string-l2-1-0
CharLowerW
CharUpperW
CharNextW
api-ms-win-core-synch-l1-2-1
CreateWaitableTimerW
api-ms-win-core-timezone-l1-1-0
SystemTimeToFileTime
api-ms-win-core-libraryloader-l1-2-1
FindResourceW
api-ms-win-core-processenvironment-l1-1-0
ExpandEnvironmentStringsW
api-ms-win-security-lsalookup-l2-1-0
LookupPrivilegeValueW
rpcrt4
NdrDllGetClassObject
NdrDllRegisterProxy
NdrDllUnregisterProxy
CStdStubBuffer_QueryInterface
NdrDllCanUnloadNow
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Disconnect
IUnknown_QueryInterface_Proxy
CStdStubBuffer_IsIIDSupported
NdrCStdStubBuffer_Release
CStdStubBuffer_Invoke
CStdStubBuffer_CountRefs
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_AddRef
NdrOleAllocate
CStdStubBuffer_Connect
NdrOleFree
api-ms-win-core-com-midlproxystub-l1-1-0
ObjectStublessClient7
ObjectStublessClient3
ObjectStublessClient11
ObjectStublessClient6
ObjectStublessClient8
ObjectStublessClient9
ObjectStublessClient12
ObjectStublessClient10
ObjectStublessClient5
ObjectStublessClient4
api-ms-win-core-rtlsupport-l1-1-0
RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-threadpool-l1-2-0
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolTimer
api-ms-win-core-heap-obsolete-l1-1-0
GlobalUnlock
GlobalLock
api-ms-win-core-kernel32-legacy-l1-1-0
GetComputerNameW
GetSystemPowerStatus
api-ms-win-core-sidebyside-l1-1-0
CreateActCtxW
DeactivateActCtx
ReleaseActCtx
ActivateActCtx
api-ms-win-core-string-obsolete-l1-1-0
lstrlenW
lstrcmpiW
lstrcmpW
api-ms-win-core-localization-obsolete-l1-2-0
CompareStringA
GetNumberFormatW
api-ms-win-core-threadpool-legacy-l1-1-0
CreateTimerQueueTimer
DeleteTimerQueueTimer
ntdll
EtwEventWrite
EtwEventEnabled
EtwEventUnregister
RtlReleaseResource
RtlAcquireResourceExclusive
RtlAcquireResourceShared
RtlDeleteResource
RtlInitializeResource
RtlGetLengthWithoutTrailingPathSeperators
RtlGetLengthWithoutLastFullDosOrNtPathElement
EtwEventRegister
RtlAppendPathElement
RtlpEnsureBufferSize
RtlInitUnicodeString
RtlFreeUnicodeString
RtlNtStatusToDosError
EtwTraceMessage
EtwUnregisterTraceGuids
EtwRegisterTraceGuidsW
EtwGetTraceEnableFlags
EtwGetTraceEnableLevel
EtwGetTraceLoggerHandle
RtlpApplyLengthFunction
user32
MsgWaitForMultipleObjectsEx
GetWindowTextW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
DispatchMessageW
EndDialog
SystemParametersInfoW
MapWindowPoints
GetWindowRect
ShowWindow
GetParent
IsDlgButtonChecked
GetDoubleClickTime
EnableWindow
CheckDlgButton
LoadImageW
ReleaseDC
SetWindowTextW
GetWindowDC
GetClientRect
GetDlgItem
SetDlgItemTextW
SetWindowLongPtrW
GetMenuItemInfoW
GetWindowLongPtrW
DestroyIcon
GetMenuItemCount
GetMenuItemID
LoadCursorW
SetCursor
InsertMenuItemW
DestroyMenu
CreatePopupMenu
InsertMenuW
PostMessageW
DeleteMenu
SetForegroundWindow
SetWindowPos
SendMessageW
RegisterClipboardFormatW
FindWindowW
SetPropW
RemovePropW
SetMenuItemInfoW
SetProcessDPIAware
DialogBoxParamW
GetMenuStringW
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
Exports
Exports
CPlApplet
CSCOptions_RunDLL
CSCOptions_RunDLLA
CSCOptions_RunDLLW
CSCUIInitialize
CSCUIOptionsPropertySheet
CSCUIRemoveFolderFromCache
CSCUISetState
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 319KB - Virtual size: 318KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 95KB - Virtual size: 95KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 10KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 351KB - Virtual size: 350KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
vwlanui/wlanui.dll.dll windows:10 windows x64 arch:x64
8da5534d168dd3aaf6fa0c1f3519d0ad
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
wlanui.pdb
Imports
msvcrt
?terminate@@YAXXZ
_itow
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@XZ
__C_specific_handler
_beginthreadex
_endthreadex
log
memcmp
memcpy
memset
??1type_info@@UEAA@XZ
__CxxFrameHandler3
_onexit
__dllonexit
_unlock
_lock
realloc
_errno
_initterm
_amsg_exit
_XcptFilter
_CxxThrowException
_callnewh
?what@exception@@UEBAPEBDXZ
??1exception@@UEAA@XZ
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBQEBDH@Z
towlower
iswctype
vswprintf_s
_vscwprintf
mbtowc
_vsnwprintf
memmove_s
_purecall
memcpy_s
free
malloc
wcsncpy_s
logf
wcscmp
ntdll
WinSqmIncrementDWORD
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
EtwTraceMessage
RtlUnsubscribeWnfStateChangeNotification
RtlSubscribeWnfStateChangeNotification
RtlQueryWnfStateData
gdi32
SelectObject
GetDeviceCaps
CreateSolidBrush
GetStockObject
Rectangle
SetBkMode
SetTextColor
DeleteObject
GetTextExtentPoint32W
kernel32
DeactivateActCtx
DelayLoadFailureHook
ResolveDelayLoadedAPI
ExpandEnvironmentStringsW
GetSystemWindowsDirectoryW
GetProcAddress
GetModuleHandleW
FreeLibrary
GetLastError
LoadLibraryExW
lstrcmpiW
RaiseException
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceExW
GetModuleFileNameW
InitializeCriticalSection
DeleteCriticalSection
HeapAlloc
GetProcessHeap
FindResourceW
LockResource
HeapFree
LocalFree
FormatMessageW
GlobalAlloc
GlobalFree
SetLastError
WideCharToMultiByte
HeapSize
HeapReAlloc
HeapDestroy
Sleep
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
OutputDebugStringA
CloseHandle
lstrcmpW
CreateActCtxW
ActivateActCtx
ReleaseActCtx
ole32
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoImpersonateClient
CoUninitialize
CoInitializeEx
CreateStreamOnHGlobal
StringFromGUID2
CoGetObject
CLSIDFromString
OleUninitialize
OleInitialize
CoRevertToSelf
CoSetProxyBlanket
shlwapi
ord12
ord213
user32
GetLastInputInfo
CreateWindowExW
UnregisterClassA
CheckRadioButton
IsDlgButtonChecked
CheckDlgButton
MoveWindow
GetWindowInfo
SetWindowTextW
MessageBoxW
EndPaint
DrawIcon
DrawTextW
GetSysColor
BeginPaint
LoadIconW
PostMessageW
InvalidateRect
GetClientRect
ClientToScreen
SetCapture
SetTimer
SetDlgItemTextW
LoadStringW
KillTimer
ReleaseCapture
GetWindowTextW
GetWindowTextLengthW
ShowWindow
IsWindowEnabled
IsWindowVisible
SetFocus
EnableWindow
GetDlgItem
SetClassLongPtrW
SetWindowPos
GetDoubleClickTime
DestroyWindow
SetWindowLongPtrW
GetWindowLongPtrW
EnumChildWindows
GetWindowLongW
TranslateMessage
GetSystemMetrics
GetWindowRect
ReleaseDC
GetDC
GetParent
GetDlgCtrlID
SendMessageW
SetDlgItemInt
GetDlgItemInt
CharNextW
PeekMessageW
DispatchMessageW
MsgWaitForMultipleObjects
SystemParametersInfoW
GetKeyState
GetMessageW
GetClassNameW
uxtheme
DrawThemeBackground
OpenThemeData
CloseThemeData
DrawThemeText
IsThemePartDefined
wlanapi
WlanUtf8SsidToDisplayName
WlanQueryAutoConfigParameter
WlanGetProfile
WlanFreeMemory
WlanSetProfileEapUserData
WlanOpenHandle
WlanStringToSsid
WlanCloseHandle
WlanReasonCodeToString
WlanSetProfile
WlanQueryInterface
WlanGetProfileEapUserDataInfo
gdiplus
GdipCreateBitmapFromHBITMAP
GdipDisposeImageAttributes
GdipDisposeImage
GdipSetInterpolationMode
GdipCreateHBITMAPFromBitmap
GdipCreateImageAttributes
GdipAlloc
GdipSetImageAttributesWrapMode
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipGetImageWidth
GdipCreateBitmapFromScan0
GdipDrawImageRectRectI
GdiplusStartup
GdipCreateBitmapFromStream
GdipCloneImage
GdipGetImageHeight
GdiplusShutdown
GdipFree
dui70
?DefaultAction@Element@DirectUI@@UEAAJXZ
?Release@Value@DirectUI@@QEAAXXZ
?IsRTLReading@Element@DirectUI@@UEAA_NXZ
?IsContentProtected@Element@DirectUI@@UEAA_NXZ
?QueryInterface@Element@DirectUI@@UEAAJAEBU_GUID@@PEAPEAX@Z
?GetChildren@Element@DirectUI@@QEAAPEAV?$DynamicArray@PEAVElement@DirectUI@@$0A@@2@PEAPEAVValue@2@@Z
?GetKeyFocused@Element@DirectUI@@UEAA_NXZ
?GetClass@Element@DirectUI@@QEAAPEBGPEAPEAVValue@2@@Z
?SetVisible@Element@DirectUI@@QEAAJ_N@Z
?SetHeight@Element@DirectUI@@QEAAJH@Z
?SetLayoutPos@Element@DirectUI@@QEAAJH@Z
?SetForegroundStdColor@Element@DirectUI@@QEAAJH@Z
?SetBackgroundStdColor@Element@DirectUI@@QEAAJH@Z
?SetContentString@Element@DirectUI@@QEAAJPEBG@Z
?SetActive@Element@DirectUI@@QEAAJH@Z
?SetAccessible@Element@DirectUI@@QEAAJ_N@Z
?SetAccName@Element@DirectUI@@QEAAJPEBG@Z
?SetEnabled@Element@DirectUI@@QEAAJ_N@Z
?SetLayout@Element@DirectUI@@QEAAJPEAVLayout@2@@Z
?CanSetFocus@HWNDElement@DirectUI@@UEAA_NXZ
?IsMSAAEnabled@HWNDElement@DirectUI@@UEAA_NXZ
?GetHWND@HWNDElement@DirectUI@@UEAAPEAUHWND__@@XZ
?GetClassInfoW@HWNDElement@DirectUI@@UEAAPEAUIClassInfo@2@XZ
?SetMultiline@Edit@DirectUI@@QEAAJ_N@Z
?Create@NativeHWNDHost@DirectUI@@SAJPEBGPEAUHWND__@@PEAUHICON__@@HHHHHHIPEAPEAV12@@Z
?DestroyWindow@NativeHWNDHost@DirectUI@@QEAAXXZ
?Enter@Edit@DirectUI@@SA?AVUID@@XZ
?Create@FillLayout@DirectUI@@SAJPEAPEAVLayout@2@@Z
?Create@DUIXmlParser@DirectUI@@SAJPEAPEAV12@P6APEAVValue@2@PEBGPEAX@Z2P6AX11H2@Z2@Z
?Destroy@DUIXmlParser@DirectUI@@QEAAXXZ
?SetXML@DUIXmlParser@DirectUI@@QEAAJPEBGPEAUHINSTANCE__@@1@Z
?CreateElement@DUIXmlParser@DirectUI@@QEAAJPEBGPEAVElement@2@1PEAKPEAPEAV32@@Z
?CreateGraphic@Value@DirectUI@@SAPEAV12@PEAUHICON__@@_N11@Z
?CreateGraphic@Value@DirectUI@@SAPEAV12@PEAUHBITMAP__@@EI_N11@Z
?GetUIAElementProvider@Element@DirectUI@@UEAAJAEBU_GUID@@PEAPEAX@Z
?GetElementProviderImpl@Element@DirectUI@@UEAAJPEAVInvokeHelper@2@PEAPEAVElementProvider@2@@Z
?HandleUiaDestroyListener@Element@DirectUI@@UEAAXXZ
?HandleUiaPropertyListener@Element@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?HandleUiaPropertyChangingListener@Element@DirectUI@@UEAAXPEBUPropertyInfo@2@@Z
?HandleUiaEventListener@Element@DirectUI@@UEAAXPEAUEvent@2@@Z
?GetUiaFocusDelegate@Element@DirectUI@@UEAAPEAV12@XZ
StrToID
?Host@NativeHWNDHost@DirectUI@@QEAAXPEAVElement@2@@Z
?Click@Button@DirectUI@@SA?AVUID@@XZ
?OnPropertyChanged@HWNDElement@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?OnGroupChanged@HWNDElement@DirectUI@@UEAAXH_N@Z
?OnDestroy@HWNDElement@DirectUI@@UEAAXXZ
?OnEvent@HWNDElement@DirectUI@@UEAAXPEAUEvent@2@@Z
?OnThemeChanged@HWNDElement@DirectUI@@UEAAXPEAUThemeChangedEvent@2@@Z
?OnImmersiveColorSchemeChanged@HWNDElement@DirectUI@@UEAAXXZ
?OnInput@HWNDElement@DirectUI@@UEAAXPEAUInputEvent@2@@Z
?OnNoChildWithShortcutFound@HWNDElement@DirectUI@@UEAAXPEAUKeyboardEvent@2@@Z
?OnGetDlgCode@HWNDElement@DirectUI@@UEAAXPEAUtagMSG@@PEA_J@Z
?OnWmThemeChanged@HWNDElement@DirectUI@@UEAAX_K_J@Z
?OnWmSettingChanged@HWNDElement@DirectUI@@UEAAX_K_J@Z
?OnCompositionChanged@HWNDElement@DirectUI@@UEAAXXZ
?UpdateTooltip@HWNDElement@DirectUI@@UEAAXPEAVElement@2@@Z
?ActivateTooltip@HWNDElement@DirectUI@@UEAAXPEAVElement@2@K@Z
?RemoveTooltip@HWNDElement@DirectUI@@UEAAXPEAVElement@2@@Z
?CreateStyleParser@HWNDElement@DirectUI@@UEAAJPEAPEAVDUIXmlParser@2@@Z
?WndProc@HWNDElement@DirectUI@@UEAA_JPEAUHWND__@@I_K_J@Z
?GetWindowClassNameAndStyle@HWNDElement@DirectUI@@UEAAXPEAPEBGPEAI@Z
?GetAccessibleImpl@HWNDElement@DirectUI@@UEAAJPEAPEAUIAccessible@@@Z
??0HWNDElement@DirectUI@@QEAA@XZ
??1HWNDElement@DirectUI@@UEAA@XZ
?Initialize@HWNDElement@DirectUI@@QEAAJPEAUHWND__@@_NIPEAVElement@2@PEAK@Z
?_OnUIStateChanged@HWNDElement@DirectUI@@MEAAXGG@Z
UnInitThread
UnInitProcessPriv
InitThread
InitProcessPriv
?GetClassInfoPtr@Element@DirectUI@@SAPEAUIClassInfo@2@XZ
?GetEncodedContentString@Element@DirectUI@@QEAAJPEAG_K@Z
?ContentProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?BackgroundProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?ForegroundProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?DoubleBuffered@Element@DirectUI@@QEAAX_N@Z
?OnUnHosted@Element@DirectUI@@MEAAXPEAV12@@Z
?OnHosted@Element@DirectUI@@MEAAXPEAV12@@Z
?_SelfLayoutUpdateDesiredSize@Element@DirectUI@@MEAA?AUtagSIZE@@HHPEAVSurface@2@@Z
?_SelfLayoutDoLayout@Element@DirectUI@@MEAAXHH@Z
?GetImmersiveFocusRectOffsets@Element@DirectUI@@UEAAXPEAUtagRECT@@@Z
?MessageCallback@Element@DirectUI@@UEAAIPEAUtagGMSG@@@Z
?RemoveBehavior@Element@DirectUI@@UEAAJPEAUIDuiBehavior@@@Z
?AddBehavior@Element@DirectUI@@UEAAJPEAUIDuiBehavior@@@Z
?SetKeyFocus@Element@DirectUI@@UEAAXXZ
?EnsureVisible@Element@DirectUI@@UEAA_NHHHH@Z
?GetAdjacent@Element@DirectUI@@UEAAPEAV12@PEAV12@HPEBUNavReference@2@K@Z
?FindDescendent@Element@DirectUI@@QEAAPEAV12@G@Z
?RemoveAll@Element@DirectUI@@QEAAJXZ
?Remove@Element@DirectUI@@UEAAJPEAPEAV12@I@Z
?Insert@Element@DirectUI@@UEAAJPEAPEAV12@II@Z
?Add@Element@DirectUI@@QEAAJPEAV12@@Z
?Add@Element@DirectUI@@UEAAJPEAPEAV12@I@Z
?GetContentSize@Element@DirectUI@@UEAA?AUtagSIZE@@HHPEAVSurface@2@@Z
?Paint@Element@DirectUI@@UEAAXPEAUHDC__@@PEBUtagRECT@@1PEAU4@2@Z
?FireEvent@Element@DirectUI@@QEAAXPEAUEvent@2@_N1@Z
?OnMouseFocusMoved@Element@DirectUI@@UEAAXPEAV12@0@Z
?OnKeyFocusMoved@Element@DirectUI@@UEAAXPEAV12@0@Z
?OnPropertyChanged@Element@DirectUI@@UEAAXPEAUPropertyInfo@2@HPEAVValue@2@1@Z
?OnPropertyChanging@Element@DirectUI@@UEAA_NPEAUPropertyInfo@2@HPEAVValue@2@1@Z
?OnPropertyChanging@Element@DirectUI@@UEAA_NPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?GetContentStringAsDisplayed@Element@DirectUI@@UEAAPEBGPEAPEAVValue@2@@Z
?RemoveLocalValue@Element@DirectUI@@QEAAJP6APEBUPropertyInfo@2@XZ@Z
?SetValue@Element@DirectUI@@QEAAJP6APEBUPropertyInfo@2@XZHPEAVValue@2@@Z
?Destroy@Element@DirectUI@@QEAAJ_N@Z
?Destroy@Layout@DirectUI@@QEAAXXZ
Exports
Exports
DllGetClassObject
WLFreeProfile
WLFreeProfileXml
WLInvokeProfileUI
WLInvokeProfileUIFromXMLFile
WlanUIEditProfile
Sections
.text Size: 168KB - Virtual size: 168KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 72KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 424B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 161KB - Virtual size: 161KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 740B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ