Vichingo455@PCOptimizerPro[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

[email protected]
Size

3.6MB
MD5

a50c74202e2f4d938babf556b9f54725
SHA1

6810db1606cac6ab19edbaa49620ba197ef7bc64
SHA256

937ccad21c0271169104539269b5f3faa43d6ca2e36d676fbf9b6fa6df41b40a
SHA512

28c717b84fc9b94a3cef76ff36de52a7d928d164daab87387efe3e87f934e4e42b62da3c75d7c06ec2f93c7c2903428ad768c0199d48ecea18551becc7ba21a9
SSDEEP

49152:ow3E/lpFJpOhj8ZJvL/QAwN1h1zjZblxwr2UGlm3qnzvSZsrKCB4TlwuwHNBb2j:paa4Zpc7h15bDwvGA6zvSZse7TSoj

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/$PLUGINSDIR/GetVersion.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/$PLUGINSDIR/GetVersion.dll	upx

Unsigned PE 9 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/GetVersion.dll
unpack002/out.upx
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/PCOptimizerProStartApps.exe
unpack001/PCOptimizerProTrays.exe
unpack001/PCOptimizerProUpdatesDll_s.dll
unpack003/$PLUGINSDIR/KillProcDLL.dll

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/uninst.exe	nsis_installer_1
static1/unpack001/uninst.exe	nsis_installer_2

Files

[email protected]
.exe windows:4 windows x86 arch:x86

e9c0657252137ac61c1eeeba4c021000

Code Sign

01
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

01/01/2004, 00:00

Not After

31/12/2028, 23:59

Subject

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d3:31:01:78:ce:82:e8:4a:61:1e:57:c5:02:75:13:d6
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

14/05/2020, 00:00

Not After

14/05/2021, 23:59

Subject

CN=Xportsoft Technologies private Ltd,O=Xportsoft Technologies private Ltd,POSTALCODE=133001,STREET=Near Gugga Maadi\,Khojkipur,L=Ambala,ST=Haryana,C=IN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7c:08:e6:35:13:cc:e5:30:21:6a:63:0d:59:64:9f:f9:5f:58:9e:c7
Signer

Actual PE Digest

7c:08:e6:35:13:cc:e5:30:21:6a:63:0d:59:64:9f:f9:5f:58:9e:c7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetEnvironmentVariableA
Sleep
GetTickCount
GetCommandLineA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GetWindowsDirectoryA
SetFileAttributesA
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
ReadFile
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
GetExitCodeProcess
WaitForSingleObject
CompareFileTime
SetFileTime
GetFileAttributesA
SetCurrentDirectoryA
MoveFileA
GetFullPathNameA
GetShortPathNameA
SearchPathA
CloseHandle
lstrcmpiA
CreateThread
GlobalLock
lstrcmpA
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
SetFilePointer
GetPrivateProfileStringA
WritePrivateProfileStringA
MulDiv
MultiByteToWideChar
FreeLibrary
LoadLibraryExA
GetModuleHandleA
GlobalAlloc
GlobalFree
ExpandEnvironmentStringsA

user32

GetSystemMenu
SetClassLongA
EnableMenuItem
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ScreenToClient
GetWindowRect
GetDlgItem
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
LoadImageA
CreateDialogParamA
SetTimer
SetWindowTextA
SetForegroundWindow
ShowWindow
SetWindowLongA
SendMessageTimeoutA
FindWindowExA
IsWindow
AppendMenuA
TrackPopupMenu
CreatePopupMenu
DrawTextA
EndPaint
DestroyWindow
wsprintfA
PostQuitMessage

gdi32

SelectObject
SetTextColor
SetBkMode
CreateFontIndirectA
CreateBrushIndirect
DeleteObject
GetDeviceCaps
SetBkColor

shell32

SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA

advapi32

AdjustTokenPrivileges
RegCreateKeyExA
RegOpenKeyExA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ord17
ImageList_Destroy

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/GetVersion.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

WindowsName
WindowsPlatformArchitecture
WindowsPlatformId
WindowsServerName
WindowsServicePack
WindowsServicePackBuild
WindowsServicePackMajor
WindowsServicePackMinor
WindowsType
WindowsVersion

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

274b99a815ba574d8c9e1712916d8b30

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GlobalAlloc
lstrcmpA
GetModuleHandleA
lstrlenA
MulDiv
lstrcpynA
GetACP
lstrcpyA

user32

SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
SetWindowTextA
LoadIconA
GetDC
ShowWindow
SendMessageA

gdi32

DeleteObject
CreateFontIndirectA
GetDeviceCaps

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 362B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

8c8a576201f68de1a3f26fc723b9f30f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GlobalFree
GlobalSize
lstrcpynA
lstrcpyA
GetProcAddress
VirtualFree
FreeLibrary
lstrlenA
LoadLibraryA
GetModuleHandleA
GlobalAlloc
WideCharToMultiByte
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

ebc2d915841be8afc8fa1ee9f6850960

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesA
lstrcpyA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
lstrcmpiA
GetProcessHeap
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
SetCurrentDirectoryA
HeapAlloc

user32

DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
GetPropA
CharPrevA
DrawFocusRect
GetWindowLongA
DrawTextA
GetClientRect
SetWindowLongA
GetDlgItem
GetSysColor
SetWindowPos
CreateDialogParamA
MapDialogRect
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
CharNextA
SendMessageA
MapWindowPoints
RemovePropA
GetWindowTextA

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Languages/DE.xml
Languages/EN.xml
.xml
Languages/ES.xml
Languages/FR.xml
Languages/IT.xml
PCOptProCtxMenu.dll
.dll regsvr32 windows:5 windows x86 arch:x86

0c2771af06971df8add0189eeaa8d81f

Code Sign

df:cc:96:6e:57:30:45:16:e8:b3:7c:4b:1f:8f:0e:cd
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

14/05/2018, 00:00

Not After

14/05/2019, 23:59

Subject

CN=Xportsoft Technologies,O=Xportsoft Technologies,POSTALCODE=133001,STREET=Near Gugga Maadi\, Khojkipur+STREET=Khojkipur,L=Ambala Cantt,ST=Haryana,C=IN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31/12/2015, 00:00

Not After

09/07/2019, 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6f:09:56:e8:93:c9:36:c3:ff:89:4a:a4:40:17:3d:7e:6e:37:a5:33:21:e8:62:b5:24:70:35:44:84:a9:b5:f4
Signer

Actual PE Digest

6f:09:56:e8:93:c9:36:c3:ff:89:4a:a4:40:17:3d:7e:6e:37:a5:33:21:e8:62:b5:24:70:35:44:84:a9:b5:f4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

g:\DEV_VC\PC Optimizer Pro\PCOptProCtxMenu\Release\PCOptProCtxMenu.pdb

Imports

kernel32

InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
CreateFileA
OpenEventA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
VirtualFree
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemInfo
VirtualAlloc
OutputDebugStringW
GetFileType
WriteConsoleW
OutputDebugStringA
GetStdHandle
DebugBreak
GetModuleFileNameA
ExitProcess
GetCommandLineA
IsBadReadPtr
HeapValidate
RtlUnwind
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
LoadLibraryA
GlobalFindAtomW
GetVersionExA
lstrlenA
GetAtomNameW
GlobalGetAtomNameW
GetModuleHandleA
CompareStringW
GlobalFlags
WritePrivateProfileStringW
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GlobalFree
FormatMessageW
LocalFree
SetLastError
GetCurrentProcessId
GlobalAddAtomW
SetEvent
CloseHandle
LockResource
InterlockedExchange
WideCharToMultiByte
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
GetCurrentThreadId
GetLocaleInfoW
LoadLibraryW
ConvertDefaultLocale
EnumResourceLanguagesW
LeaveCriticalSection
EnterCriticalSection
lstrcpyW
Sleep
GlobalLock
GlobalUnlock
lstrcpynW
lstrcpynA
GetThreadLocale
SetThreadLocale
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
GetModuleFileNameW
lstrcmpiW
GetModuleHandleW
GetProcAddress
GetLastError
RaiseException
lstrlenW
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection

user32

PtInRect
InflateRect
GetClipboardFormatNameA
ReleaseCapture
SetRectEmpty
ShowWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
WinHelpW
TrackPopupMenu
GetClassLongW
SetPropW
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
SetMenu
GetMenu
GetMessageTime
GetMessagePos
SetWindowLongW
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
RegisterWindowMessageW
DestroyWindow
GetDlgItem
DestroyMenu
LoadAcceleratorsW
LoadIconW
LoadCursorW
GetForegroundWindow
SetForegroundWindow
GetTopWindow
GetCapture
SetActiveWindow
GetActiveWindow
ShowOwnedPopups
IsWindowVisible
InvalidateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
ScreenToClient
MapWindowPoints
GetClientRect
BringWindowToTop
IsIconic
GetDesktopWindow
GetWindowTextW
SetWindowTextW
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
UnregisterClassW
UnhookWindowsHookEx
LoadMenuW
ModifyMenuW
InsertMenuItemW
GetMenuItemInfoW
EnableMenuItem
CheckMenuItem
CreatePopupMenu
GrayStringW
DrawTextExW
FillRect
GetSysColorBrush
IsMenu
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuItemID
MessageBoxW
GetWindowLongW
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
GetWindowThreadProcessId
SetCursor
GetKeyState
CharNextW
InsertMenuW
SendMessageW
FindWindowExW
CallNextHookEx
PeekMessageW
GetCursorPos
SetWindowsHookExW
ValidateRect
GetMessageW
TranslateMessage
DispatchMessageW
GetMenuCheckMarkDimensions
LoadBitmapW
SetMenuItemBitmaps
GetFocus
DrawTextW
OffsetRect
GetSystemMetrics
DrawIconEx
SetRect
GetIconInfo
CopyRect
GetSysColor
SystemParametersInfoW
ReuseDDElParam
TranslateAcceleratorW
UnpackDDElParam
GetClipboardFormatNameW
PostQuitMessage
TabbedTextOutW
PostMessageW
IsWindow

gdi32

PtVisible
RectVisible
CreateBitmap
GetDeviceCaps
GetStockObject
GetObjectType
SetBkMode
GetTextExtentPoint32W
DeleteObject
DeleteDC
SelectObject
CreateCompatibleDC
ExtTextOutW
GetObjectW
SetBkColor
SetTextColor
CreateSolidBrush
CreatePatternBrush
CreateFontIndirectW
CreateCompatibleBitmap
BitBlt
GetPixel
TextOutW
Escape
SaveDC
RestoreDC
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox

advapi32

OpenThreadToken
SetThreadToken
RegOpenKeyW
RegEnumKeyW
RegQueryValueW
RevertToSelf
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

shell32

DragFinish
DragQueryFileW
ShellExecuteW
SHGetFileInfoW

ole32

ReleaseStgMedium
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
StringFromCLSID

oleaut32

VariantClear
VariantInit
VariantChangeType
LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysFreeString

shlwapi

PathFindExtensionW
PathFindFileNameW
PathFileExistsW

oleacc

LresultFromObject
CreateStdAccessibleObject

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 380KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PCOptimizerPro.exe
.exe windows:5 windows x86 arch:x86

c6f112eabcd018b114744bb243a48bbb

Code Sign

01
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

01/01/2004, 00:00

Not After

31/12/2028, 23:59

Subject

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d3:31:01:78:ce:82:e8:4a:61:1e:57:c5:02:75:13:d6
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

14/05/2020, 00:00

Not After

14/05/2021, 23:59

Subject

CN=Xportsoft Technologies private Ltd,O=Xportsoft Technologies private Ltd,POSTALCODE=133001,STREET=Near Gugga Maadi\,Khojkipur,L=Ambala,ST=Haryana,C=IN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:5d:8b:91:d9:09:2e:54:41:c6:eb:ba:78:48:66:94:5e:31:af:77
Signer

Actual PE Digest

52:5d:8b:91:d9:09:2e:54:41:c6:eb:ba:78:48:66:94:5e:31:af:77

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

i:\projects\PCOP-Original\Release\PCOptimizerPro.pdb

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

winmm

waveOutGetNumDevs
waveOutGetDevCapsW

mpr

WNetGetUserW

wininet

InternetCloseHandle
InternetOpenW
InternetOpenUrlW
InternetReadFile

xmllite

CreateXmlReader

iphlpapi

GetAdaptersInfo

kernel32

GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
SetErrorMode
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
FindFirstFileA
ExitThread
CreateThread
RtlUnwind
HeapReAlloc
SetStdHandle
GetFileType
VirtualAlloc
VirtualQuery
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
LCMapStringW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
LCMapStringA
GetFileAttributesA
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetExitCodeProcess
CreateProcessA
GetDriveTypeA
FreeEnvironmentStringsA
GetEnvironmentStrings
SetEnvironmentVariableA
WritePrivateProfileStringW
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrlenA
lstrcmpA
GetFileTime
GetFileSizeEx
GetFullPathNameW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
VirtualProtect
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
TlsGetValue
GetModuleHandleA
GetCurrentProcessId
InterlockedDecrement
ReadFile
SetFilePointer
GetFileInformationByHandle
GetSystemInfo
GetComputerNameW
GlobalMemoryStatus
GetVolumeInformationW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
InterlockedIncrement
SetThreadPriority
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentThread
Process32NextW
TerminateProcess
Process32FirstW
CreateToolhelp32Snapshot
OpenProcess
lstrcpyW
WinExec
lstrcatW
LoadLibraryExW
ResetEvent
SetEvent
FreeResource
ResumeThread
MulDiv
CreateEventW
SuspendThread
WideCharToMultiByte
GetTickCount
GetLocalTime
SystemTimeToFileTime
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalMemoryStatusEx
CreateMutexW
CreateDirectoryW
RaiseException
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
LocalFree
FormatMessageW
OutputDebugStringW
FreeLibrary
SetLastError
GetUserDefaultLangID
LoadLibraryW
GetFileSize
CopyFileW
FindNextFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
FindClose
GetFileAttributesW
GetVersion
GetProcAddress
GetModuleHandleW
GetDiskFreeSpaceExW
GetCurrentDirectoryW
GetWindowsDirectoryW
GetSystemDirectoryW
GetModuleFileNameW
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
GetSystemTime
GetVersionExW
GetCurrentProcess
WriteFile
MultiByteToWideChar
GetLastError
MoveFileExW
SetFileAttributesW
FindFirstFileW
CloseHandle
CreateFileW
GetDriveTypeW
ExpandEnvironmentStringsW
MoveFileW
WaitForSingleObject
DeleteFileW
RemoveDirectoryW
lstrlenW
FindResourceW
LoadResource
LockResource
SizeofResource
GetVersionExA
LocalAlloc
InterlockedCompareExchange
IsProcessorFeaturePresent
HeapSize

user32

SetMenuItemBitmaps
GetMenuCheckMarkDimensions
CheckMenuItem
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
GetMessageTime
MapWindowPoints
GetKeyState
SetMenu
GetScrollRange
SetScrollPos
GetScrollPos
GetClassInfoW
RegisterClassW
UnregisterClassA
SetScrollInfo
GetMenu
SystemParametersInfoA
GetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetNextDlgTabItem
EndDialog
IntersectRect
GetWindowTextLengthW
GetWindowTextW
GetFocus
SetWindowPos
SetFocus
ShowWindow
SetWindowTextW
SendDlgItemMessageW
GetDlgItem
GetWindowDC
GetWindowThreadProcessId
GetLastActivePopup
UnhookWindowsHookEx
GetMenuState
ValidateRect
GetMenuItemID
GetMenuItemCount
IsWindowVisible
GetKeyboardType
EnumDisplayDevicesW
ExitWindowsEx
GetDlgCtrlID
GetWindow
AdjustWindowRectEx
ClientToScreen
EndPaint
BeginPaint
GetMessagePos
EnumDisplaySettingsW
FindWindowExW
WaitForInputIdle
ScreenToClient
DestroyCursor
SetLayeredWindowAttributes
EnableMenuItem
ModifyMenuW
GetLastInputInfo
GetWindowPlacement
SetActiveWindow
DrawIcon
IsIconic
MoveWindow
MessageBoxW
FindWindowW
GetIconInfo
FrameRect
CreateWindowExW
GetClassInfoExW
RegisterClassExW
GetMenuDefaultItem
TrackPopupMenu
SetForegroundWindow
GetCursorPos
LoadImageW
CreateIconIndirect
GetSystemMetrics
LoadMenuW
SetMenuDefaultItem
GetSubMenu
DestroyIcon
RegisterWindowMessageW
CallWindowProcW
DefWindowProcW
GetWindowLongW
SetWindowLongW
GetAsyncKeyState
IsWindow
GetMessageW
MapDialogRect
CharUpperW
WindowFromPoint
DestroyMenu
PostQuitMessage
SetWindowContextHelpId
GetSysColorBrush
UnregisterClassW
CopyAcceleratorTableW
IsRectEmpty
InvalidateRgn
CharNextW
SetCapture
ReleaseCapture
CopyIcon
GrayStringW
DrawTextExW
TabbedTextOutW
DrawEdge
UpdateWindow
GetScrollInfo
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatW
PostThreadMessageW
PtInRect
OffsetRect
SetRectEmpty
GetDesktopWindow
GetWindowRect
GetParent
PostMessageW
ReleaseDC
GetDC
RedrawWindow
DispatchMessageW
TranslateMessage
IsDialogMessageW
PeekMessageW
LoadCursorW
SetCursor
SetWindowRgn
InflateRect
InvalidateRect
DrawTextW
SetRect
DrawFocusRect
GetSysColor
CopyRect
KillTimer
LoadIconW
SetTimer
LoadBitmapW
SendMessageW
FillRect
GetClientRect
EnableWindow
IsWindowEnabled
EqualRect

gdi32

CreateRectRgnIndirect
GetRgnBox
GetCurrentObject
GetTextExtentPointA
GetTextMetricsA
SelectClipRgn
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetTextAlign
GetClipBox
SetMapMode
GetStockObject
SetTextColor
GetTextColor
GetTextMetricsW
CreateCompatibleBitmap
BitBlt
SelectObject
CreateDIBSection
DeleteObject
DeleteDC
StretchBlt
GetObjectW
CreateCompatibleDC
CreateSolidBrush
SetTextJustification
SetBkColor
SetBkMode
LineTo
MoveToEx
GetTextAlign
CreateBitmap
FrameRgn
SetViewportOrgEx
GetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetBkColor
DPtoLP
GetViewportExtEx
GetWindowExtEx
GetMapMode
LPtoDP
CreatePen
CreateRoundRectRgn
CreateFontW
Pie
RestoreDC
GetTextExtentPoint32W
SaveDC
GetDeviceCaps
GetCurrentPositionEx
CreateFontIndirectW
SetStretchBltMode

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

OpenThreadToken
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyW
RegEnumValueW
RegQueryValueExW
RegSetKeySecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAce
InitializeAcl
RegGetKeySecurity
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
CopySid
GetLengthSid
GetUserNameW
RegCloseKey
RegQueryValueW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
GetTokenInformation
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyW
RegEnumKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryInfoKeyW

shell32

SHGetFolderPathW
DragAcceptFiles
SHFileOperationW
DragQueryFileW
SHGetSpecialFolderPathW
SHGetMalloc
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetDataFromIDListW
SHEmptyRecycleBinW
ShellExecuteW
Shell_NotifyIconW
ord680
SHGetFileInfoW
ShellExecuteExW

comctl32

InitCommonControlsEx
ord17
ImageList_GetImageCount
ImageList_GetIcon
_TrackMouseEvent

shlwapi

PathFileExistsW
PathIsRelativeW
PathIsRootW
PathFindOnPathW
PathIsDirectoryW
PathFindExtensionW
PathRenameExtensionW
PathRemoveFileSpecW
PathAppendW
PathCompactPathW
SHCreateStreamOnFileW
PathRemoveBlanksW
SHDeleteKeyW
PathStripToRootW
PathIsUNCW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
CreateILockBytesOnHGlobal
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitialize
CoRegisterMessageFilter
CoInitializeEx
CLSIDFromProgID
CoTaskMemAlloc
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CoRevokeClassObject
OleFlushClipboard

oleaut32

SafeArrayCreate
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
DispCallFunc
SysAllocString
VariantCopy
VariantChangeType
SysStringLen
SysAllocStringLen
VariantClear
VariantInit
OleLoadPicture
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
LoadRegTypeLi
VarDateFromStr
SysFreeString

ws2_32

WSAStartup
gethostname
gethostbyname
inet_ntoa
WSACleanup

rpcrt4

UuidCreateSequential

netapi32

NetWkstaTransportEnum
NetApiBufferFree

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12.8MB - Virtual size: 12.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 185KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PCOptimizerProStartApps.exe
.exe windows:5 windows x86 arch:x86

bb6c4b376c3b7023439d039164ffd08d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\projects\PCOP-Original\Release\StartApps.pdb

Imports

kernel32

ExitProcess
HeapReAlloc
RaiseException
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
HeapFree
HeapAlloc
GetStartupInfoW
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
GetTickCount
SetErrorMode
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FileTimeToSystemTime
lstrlenA
GetThreadLocale
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetModuleHandleA
GlobalFindAtomW
GetVersionExW
CompareStringW
LoadLibraryA
GetVersionExA
InterlockedDecrement
GetCurrentProcessId
GlobalAddAtomW
CloseHandle
GetLastError
SetLastError
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
lstrlenW
WritePrivateProfileStringW
FreeResource
GlobalFree
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryW
WideCharToMultiByte
CompareStringA
MultiByteToWideChar
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
GetModuleHandleW
GetProcAddress
GetModuleFileNameW
Sleep
FindResourceW
LoadResource
LockResource
IsDebuggerPresent
SizeofResource

user32

RegisterClipboardFormatW
PostThreadMessageW
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
CharNextW
ReleaseCapture
LoadCursorW
SetCapture
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextW
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSysColor
DestroyMenu
CopyRect
LoadIconW
SendMessageW
UnhookWindowsHookEx
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
UnregisterClassW
CharUpperW
GetSysColorBrush
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
IsIconic
GetSystemMetrics
GetClientRect
EnableWindow
PostMessageW
PostQuitMessage
SetWindowPos
MapDialogRect
GetParent
SetWindowContextHelpId
GetWindow
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
GetWindowLongW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
GetDesktopWindow
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
WinHelpW

gdi32

ExtSelectClipRgn
DeleteDC
GetStockObject
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutW
RectVisible
PtVisible
GetDeviceCaps
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
ExtTextOutW
GetObjectW
CreateBitmap

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegDeleteKeyW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW

shell32

ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW
PathAppendW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleIsCurrentClipboard
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleFlushClipboard
CoRegisterMessageFilter
CoGetClassObject

oleaut32

SysAllocStringLen
SysStringLen
VariantClear
VariantChangeType
VariantInit
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantCopy
SysFreeString

Sections

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PCOptimizerProTrays.exe
.exe windows:5 windows x86 arch:x86

78b0f0b09ab83e542e8f4ca1d0c71be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\projects\PCOP-Original\Release\PCOptProTrays.pdb

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

wininet

InternetOpenUrlW
InternetOpenW
InternetReadFile
InternetCloseHandle

xmllite

CreateXmlReader

kernel32

GetSystemTimeAsFileTime
HeapFree
HeapAlloc
RtlUnwind
HeapReAlloc
SetStdHandle
GetFileType
VirtualAlloc
ExitProcess
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
IsDebuggerPresent
HeapCreate
VirtualFree
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
GetStringTypeA
GetStringTypeW
CreateFileA
SetEnvironmentVariableA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetTickCount
WritePrivateProfileStringW
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GlobalFlags
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrlenA
lstrcmpA
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
RaiseException
FlushFileBuffers
SetFilePointer
InterlockedDecrement
GetModuleHandleW
GetCurrentProcessId
GetModuleHandleA
SetLastError
FreeResource
GetWindowsDirectoryW
MulDiv
lstrcpyW
WinExec
lstrcatW
LoadLibraryExW
WideCharToMultiByte
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
CreateMutexW
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleFileNameW
OutputDebugStringW
LocalFree
FormatMessageW
MultiByteToWideChar
lstrlenW
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileW
GetVersionExW
GetLastError
GetCurrentProcess
CloseHandle
WriteFile
LockResource
SizeofResource
LoadResource
FindResourceW
GetStartupInfoA

user32

GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
DefWindowProcW
CallWindowProcW
GetMenu
SystemParametersInfoA
GetWindowPlacement
RegisterWindowMessageW
PostMessageW
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
CopyRect
SetWindowLongW
IsWindowVisible
SetWindowPos
GetDlgCtrlID
GetWindow
MoveWindow
AdjustWindowRectEx
RemovePropW
EndPaint
BeginPaint
FrameRect
SetRect
ScreenToClient
GetCursorPos
SetRectEmpty
LoadCursorW
LoadImageW
DestroyCursor
DestroyIcon
CopyIcon
CreateIconIndirect
ReleaseDC
GetDC
GetSystemMetrics
IsIconic
LoadIconW
GetKeyState
GetAsyncKeyState
GetIconInfo
SetActiveWindow
SetForegroundWindow
SetCapture
PtInRect
FillRect
RegisterClipboardFormatW
SetTimer
KillTimer
DestroyMenu
IsWindow
SendMessageW
ReleaseCapture
SetCursor
OffsetRect
GetClientRect
UpdateWindow
InvalidateRect
GetParent
RedrawWindow
GetSysColor
EnableWindow
GetWindowRect
SystemParametersInfoW
DispatchMessageW
TranslateMessage
IsDialogMessageW
PeekMessageW
LoadBitmapW
GetPropW
SetPropW
UnregisterClassW
GetSysColorBrush
WindowFromPoint
ClientToScreen
PostQuitMessage
GetMessageW
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
ShowWindow
SetWindowTextW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetClassNameW
SetWindowsHookExW
CallNextHookEx
InflateRect
GetClassLongW
GetCapture

gdi32

SetTextJustification
GetTextExtentPoint32W
TextOutW
GetDeviceCaps
CreateRoundRectRgn
SelectClipRgn
FrameRgn
GetCurrentObject
SaveDC
RestoreDC
SetStretchBltMode
SetMapMode
GetClipBox
SetTextAlign
GetViewportOrgEx
PtVisible
RectVisible
GetTextMetricsW
Escape
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetBkMode
SetWindowExtEx
ScaleWindowExtEx
DPtoLP
ExtTextOutW
SetBkColor
CreateSolidBrush
CreateFontIndirectW
CreatePen
CreateCompatibleBitmap
BitBlt
SelectObject
CreateDIBSection
DeleteObject
DeleteDC
LineTo
MoveToEx
SetTextColor
CreateBitmap
GetStockObject
SetViewportOrgEx
GetObjectW
CreateCompatibleDC
StretchBlt

msimg32

AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegDeleteKeyW
RegOpenKeyW
RegQueryValueW
RegEnumKeyW
RegCloseKey
RegOpenKeyExW

shell32

ShellExecuteW

comctl32

ImageList_GetIcon
ImageList_GetImageCount
ord17
_TrackMouseEvent

shlwapi

PathRemoveFileSpecW
PathFileExistsW
PathAppendW
PathFindExtensionW
SHCreateStreamOnFileW
PathFindFileNameW

oleaut32

VariantChangeType
VariantClear
VariantInit

Sections

.text
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PCOptimizerProUpdatesDll_s.dll
.dll windows:5 windows x86 arch:x86

c3fb8ed13ebde636278543873cf818a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

I:\projects\PCOP-Original\Release\UpdatesDll_s.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

wininet

InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetQueryDataAvailable
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetOpenW
InternetOpenUrlW
InternetReadFile
InternetCloseHandle

xmllite

CreateXmlReader

kernel32

GetFileTime
GlobalFlags
WritePrivateProfileStringW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
CreateThread
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetCommandLineA
HeapReAlloc
RtlUnwind
SetStdHandle
GetFileType
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
GetStdHandle
GetModuleFileNameA
HeapCreate
HeapDestroy
GetFileSizeEx
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
LCMapStringW
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
LCMapStringA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
CreateFileA
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
RaiseException
lstrlenA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
InterlockedDecrement
GetCurrentProcessId
GetModuleHandleA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetModuleHandleW
GetVersionExA
InterlockedIncrement
GetCurrentThreadId
SetThreadPriority
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
SetLastError
FreeLibrary
GetProcAddress
LoadLibraryW
GetTickCount
MoveFileW
FindClose
FindFirstFileW
ExitProcess
SetFileTime
WriteFile
CreateDirectoryW
GetFileAttributesW
WideCharToMultiByte
LocalFileTimeToFileTime
GetCurrentDirectoryW
SystemTimeToFileTime
ReadFile
SetFilePointer
CreateFileW
ResetEvent
SetEvent
FreeResource
GlobalAlloc
GlobalFree
MulDiv
GlobalUnlock
GlobalLock
CreateEventW
GetModuleFileNameW
CloseHandle
GetCurrentProcess
GetVersionExW
LocalFree
FormatMessageW
MultiByteToWideChar
GetLastError
ExpandEnvironmentStringsW
Sleep
GetTempPathW
DeleteFileW
WaitForSingleObject
ResumeThread
SuspendThread
lstrlenW
OutputDebugStringW
LockResource
SizeofResource
LoadResource
FindResourceW
VirtualFree

user32

InvalidateRgn
IsRectEmpty
CopyAcceleratorTableW
LoadCursorW
GetSysColorBrush
UnregisterClassW
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetWindowDC
IsWindowEnabled
ShowWindow
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
SetMenu
SetForegroundWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
ScreenToClient
EqualRect
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetDlgItem
GetWindowLongW
CharNextW
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
GetDesktopWindow
CharUpperW
GetSystemMetrics
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
DrawIconEx
LoadIconW
FindWindowExW
MessageBoxW
FindWindowW
LoadBitmapW
wsprintfW
PostThreadMessageW
RegisterClipboardFormatW
MessageBeep
GetNextDlgGroupItem
DestroyMenu
GetMessagePos
GetDlgCtrlID
GetWindow
MoveWindow
AdjustWindowRectEx
ClientToScreen
EndPaint
BeginPaint
CopyRect
ReleaseDC
GetDC
SetRect
SetCapture
PtInRect
FillRect
SetTimer
KillTimer
IsWindow
ReleaseCapture
SetCursor
OffsetRect
GetClientRect
UpdateWindow
InvalidateRect
GetParent
RedrawWindow
GetWindowRect
GetSysColor
EnableWindow
SendMessageW
PostMessageW

gdi32

GetViewportExtEx
GetWindowExtEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreateRectRgnIndirect
GetRgnBox
SetMapMode
SetROP2
SetTextAlign
GetDeviceCaps
GetStockObject
SetViewportOrgEx
GetViewportOrgEx
DeleteObject
CreateSolidBrush
BitBlt
CreateCompatibleDC
GetObjectW
CreateFontIndirectW
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetTextColor
Escape
ExtTextOutW
RectVisible
PtVisible
TextOutW
GetTextExtentPoint32W
GetBkColor
DPtoLP
GetMapMode
LPtoDP
CreateFontW
GetTextExtentPointA
GetTextMetricsA
CreateCompatibleBitmap
DeleteDC
SelectObject

msimg32

TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegSetValueExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
RegOpenKeyExW

shell32

ShellExecuteW

comctl32

_TrackMouseEvent

shlwapi

SHCreateStreamOnFileW
PathRemoveFileSpecW
PathFileExistsW
PathStripToRootW
PathIsUNCW
UrlUnescapeW
PathFindExtensionW
PathAppendW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

OleFlushClipboard
CoRegisterMessageFilter
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard

oleaut32

SystemTimeToVariantTime
SafeArrayDestroy
VariantChangeType
OleCreateFontIndirect
SysAllocStringLen
SysStringLen
VariantCopy
VariantClear
VariantInit
SysAllocString
VariantTimeToSystemTime
SysFreeString
OleLoadPicture

Exports

Exports

InstallUpdates
IsUpdation
ShowMainDialogFirst
StartDownload

Sections

.text
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 395KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
pcoptimizerprodata.xml
.xml
uninst.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Code Sign

df:cc:96:6e:57:30:45:16:e8:b3:7c:4b:1f:8f:0e:cd
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

14/05/2018, 00:00

Not After

14/05/2019, 23:59

Subject

CN=Xportsoft Technologies,O=Xportsoft Technologies,POSTALCODE=133001,STREET=Near Gugga Maadi\, Khojkipur+STREET=Khojkipur,L=Ambala Cantt,ST=Haryana,C=IN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31/12/2015, 00:00

Not After

09/07/2019, 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

68:44:40:97:05:5a:f3:4c:25:c3:5e:96:d6:79:a4:f8:f7:95:98:60:65:77:88:1b:46:c4:a2:04:ba:b3:2d:26
Signer

Actual PE Digest

68:44:40:97:05:5a:f3:4c:25:c3:5e:96:d6:79:a4:f8:f7:95:98:60:65:77:88:1b:46:c4:a2:04:ba:b3:2d:26

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
GlobalFree
lstrcpyA
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
RtlUnwind
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP

Exports

Exports

KillProc

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
uninst.exe.nsis

Sharing

General

Malware Config

Signatures

Files

e9c0657252137ac61c1eeeba4c021000

Code Sign

01Certificate

Key Usages

d3:31:01:78:ce:82:e8:4a:61:1e:57:c5:02:75:13:d6Certificate

Extended Key Usages

Key Usages

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95Certificate

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

7c:08:e6:35:13:cc:e5:30:21:6a:63:0d:59:64:9f:f9:5f:58:9e:c7Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 149KB

.ndata Size: - Virtual size: 92KB

.rsrc Size: 33KB - Virtual size: 32KB

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 24KB

UPX1 Size: 3KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: - Virtual size: 16B

.rsrc Size: 1024B - Virtual size: 728B

.reloc Size: 1024B - Virtual size: 624B

274b99a815ba574d8c9e1712916d8b30

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 697B

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 352B

.reloc Size: 512B - Virtual size: 362B

8c8a576201f68de1a3f26fc723b9f30f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

01
Certificate

d3:31:01:78:ce:82:e8:4a:61:1e:57:c5:02:75:13:d6
Certificate

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

7c:08:e6:35:13:cc:e5:30:21:6a:63:0d:59:64:9f:f9:5f:58:9e:c7
Signer

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 149KB

.ndata
Size: - Virtual size: 92KB

.rsrc
Size: 33KB - Virtual size: 32KB

UPX0
Size: - Virtual size: 24KB

UPX1
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 728B

.reloc
Size: 1024B - Virtual size: 624B

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 697B

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 362B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 867B

.data
Size: 512B - Virtual size: 104B

.reloc
Size: 1024B - Virtual size: 636B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 628B

df:cc:96:6e:57:30:45:16:e8:b3:7c:4b:1f:8f:0e:cd
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

6f:09:56:e8:93:c9:36:c3:ff:89:4a:a4:40:17:3d:7e:6e:37:a5:33:21:e8:62:b5:24:70:35:44:84:a9:b5:f4
Signer

.text
Size: 380KB - Virtual size: 380KB

.rdata
Size: 110KB - Virtual size: 109KB

.data
Size: 10KB - Virtual size: 26KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 63KB - Virtual size: 62KB

01
Certificate

d3:31:01:78:ce:82:e8:4a:61:1e:57:c5:02:75:13:d6
Certificate

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate