813f81ac1a264da6fb7bdfe2ea2cb2bc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

813f81ac1a264da6fb7bdfe2ea2cb2bc_JaffaCakes118
Size

1.7MB
MD5

813f81ac1a264da6fb7bdfe2ea2cb2bc
SHA1

9c4447cecc9b1b47757fdac0a1b4b395c9f0ad2e
SHA256

f5be0ed945e2b58122ad1722841772b9cfafe642c6274ecdc8d5be71a911755d
SHA512

d0fd883826ef7ef49dc0713a7aca09942694c16716aac22b11ade0261bfe5d0ef86b08f8fda1fdd89c21a5a2dfff8893a914b60a5fc740812a5744e0e70956d3
SSDEEP

49152:4imWO80t49YJSXIHWabIAzeQWo9OzCL738mnditXW98a02J0X:FmWONsULzgo9eGditGHKX

Score

3^/10

Malware Config

Signatures

Unsigned PE 19 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Setup.exe
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$SYSDIR/ADVPACK.DLL
unpack002/$SYSDIR/ComDlg32.OCX
unpack002/$SYSDIR/Comdlg32.ocx
unpack002/$SYSDIR/VB6STKIT.DLL
unpack002/$SYSDIR/VertMenu.ocx
unpack002/$SYSDIR/asycfilt.dll
unpack002/$SYSDIR/comcat.dll
unpack002/$SYSDIR/msdxm.ocx
unpack002/$SYSDIR/msvbvm60.dll
unpack002/$SYSDIR/oleaut32.dll
unpack002/$SYSDIR/olepro32.dll
unpack002/$SYSDIR/scrrun.dll
unpack002/$SYSDIR/stdole2.tlb
unpack002/$SYSDIR/uninstall.exe
unpack002/$SYSDIR/winmm.dll
unpack002/Web Screen Saver Builder.exe
unpack002/Web Screen Saver Builder.scr

NSIS installer 4 IoCs

installer

resource	yara_rule
static1/unpack001/Setup.exe	nsis_installer_1
static1/unpack001/Setup.exe	nsis_installer_2
static1/unpack002/$SYSDIR/uninstall.exe	nsis_installer_1
static1/unpack002/$SYSDIR/uninstall.exe	nsis_installer_2

Files

813f81ac1a264da6fb7bdfe2ea2cb2bc_JaffaCakes118
.zip
Readme.txt
Setup.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$SYSDIR/ADVPACK.DLL
.dll windows:6 windows x86 arch:x86

6b3b1878ee54569f3a5883e897c2543b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

advpack.pdb

Imports

msvcrt

_initterm
free
malloc
_XcptFilter
_amsg_exit
_ultow
_setjmp3
longjmp
_wtoi
_wtol
_vsnprintf
_vsnwprintf
memcpy
memmove
_adjust_fdiv
wcsncmp
_wcsicmp
_wcsnicmp
bsearch
memset

user32

SendMessageW
SetWindowPos
SendDlgItemMessageW
LoadStringW
CharNextW
ReleaseDC
GetDC
GetWindowRect
CharPrevW
CharUpperW
GetSystemMetrics
MessageBoxW
MessageBeep
DispatchMessageW
MsgWaitForMultipleObjects
PeekMessageW
ExitWindowsEx
EndDialog
EnableWindow
GetDlgItem
SetWindowTextW
GetDesktopWindow
GetDlgItemTextW
SetDlgItemTextW
DialogBoxParamW
OemToCharA
IsWindow
ShowWindow
DestroyWindow
UpdateWindow
CreateDialogParamW
CharNextA

gdi32

CreateFontIndirectW
GetObjectW
GetStockObject
GetDeviceCaps
DeleteObject

kernel32

GetDiskFreeSpaceW
MulDiv
EnumResourceLanguagesW
MultiByteToWideChar
WideCharToMultiByte
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
RtlUnwind
InterlockedCompareExchange
Sleep
InterlockedExchange
GetFileTime
ReadFile
SetFileTime
WritePrivateProfileSectionW
GetProfileStringW
lstrcmpiA
GetLocalTime
GetFullPathNameW
GetSystemInfo
SearchPathW
GetPrivateProfileIntW
FindFirstFileW
FindNextFileW
FindClose
lstrcmpiW
GetCurrentProcess
GetSystemDirectoryW
MoveFileW
MoveFileExW
CopyFileW
GetPrivateProfileSectionW
CreateProcessW
CreateDirectoryW
SetFileAttributesW
GetVolumeInformationW
CompareStringW
ExpandEnvironmentStringsW
GetShortPathNameW
FormatMessageW
RemoveDirectoryW
CreateFileMappingW
MapViewOfFileEx
SetLastError
UnmapViewOfFile
GetUserDefaultUILanguage
LoadLibraryW
GetFileSize
GetProcAddress
GetFileAttributesW
FindResourceExW
MapViewOfFile
GetLocaleInfoW
GetSystemDefaultUILanguage
QueryPerformanceCounter
LoadLibraryExW
GetLastError
lstrlenW
GetDriveTypeW
LocalFree
GetEnvironmentVariableW
CloseHandle
WriteFile
CreateFileW
WritePrivateProfileStringW
LockResource
LoadResource
SizeofResource
FindResourceW
GetTempFileNameW
GetWindowsDirectoryW
GetTempPathW
LocalAlloc
lstrlenA
SetFilePointer
GetModuleFileNameW
DeleteFileW
LocalReAlloc
GetVersionExW
DisableThreadLibraryCalls
lstrcmpW
GetPrivateProfileStringW
FreeLibrary

advapi32

RegFlushKey
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyW
RegUnLoadKeyW
RegLoadKeyW
RegSaveKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
GetTokenInformation
EqualSid
AllocateAndInitializeSid
FreeSid
RegEnumValueW
RegSetValueW
RegSetValueExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges

ole32

OleInitialize
OleUninitialize
CoTaskMemFree

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

setupapi

SetupCloseInfFile
SetupDefaultQueueCallbackW
SetupOpenAppendInfFileW
SetupOpenInfFileW
SetupSetDirectoryIdW
SetupGetLineTextW
SetupFindNextLine
SetupFindFirstLineW
SetupGetStringFieldW
SetupCloseFileQueue
SetupTermDefaultQueueCallback
SetupCommitFileQueueW
SetupInitDefaultQueueCallbackEx
SetupQueueCopyW
SetupOpenFileQueue
SetupInstallFromInfSectionW

shlwapi

StrStrIW
StrChrW
PathAddBackslashW
ord215
ord217
StrRChrW
PathFileExistsW
PathAppendW
PathRemoveFileSpecW
PathBuildRootW
PathCombineW

Exports

Exports

AddDelBackupEntry
AddDelBackupEntryA
AddDelBackupEntryW
AdvInstallFile
AdvInstallFileA
AdvInstallFileW
CloseINFEngine
DelNode
DelNodeA
DelNodeRunDLL32
DelNodeRunDLL32A
DelNodeRunDLL32W
DelNodeW
DoInfInstall
DoInfInstallA
DoInfInstallW
ExecuteCab
ExecuteCabA
ExecuteCabW
ExtractFiles
ExtractFilesA
ExtractFilesW
FileSaveMarkNotExist
FileSaveMarkNotExistA
FileSaveMarkNotExistW
FileSaveRestore
FileSaveRestoreA
FileSaveRestoreOnINF
FileSaveRestoreOnINFA
FileSaveRestoreOnINFW
FileSaveRestoreW
GetVersionFromFile
GetVersionFromFileA
GetVersionFromFileEx
GetVersionFromFileExA
GetVersionFromFileExW
GetVersionFromFileW
IsNTAdmin
LaunchINFSection
LaunchINFSectionA
LaunchINFSectionEx
LaunchINFSectionExA
LaunchINFSectionExW
LaunchINFSectionW
NeedReboot
NeedRebootInit
OpenINFEngine
OpenINFEngineA
OpenINFEngineW
RebootCheckOnInstall
RebootCheckOnInstallA
RebootCheckOnInstallW
RegInstall
RegInstallA
RegInstallW
RegRestoreAll
RegRestoreAllA
RegRestoreAllW
RegSaveRestore
RegSaveRestoreA
RegSaveRestoreOnINF
RegSaveRestoreOnINFA
RegSaveRestoreOnINFW
RegSaveRestoreW
RegisterOCX
RegisterOCXW
RunSetupCommand
RunSetupCommandA
RunSetupCommandW
SetPerUserSecValues
SetPerUserSecValuesA
SetPerUserSecValuesW
TranslateInfString
TranslateInfStringA
TranslateInfStringEx
TranslateInfStringExA
TranslateInfStringExW
TranslateInfStringW
UserInstStubWrapper
UserInstStubWrapperA
UserInstStubWrapperW
UserUnInstStubWrapper
UserUnInstStubWrapperA
UserUnInstStubWrapperW

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/ComDlg32.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

988f29c1eb8054253091352741683c76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

HeapReAlloc
GetLastError
LockResource
GetWindowsDirectoryA
InterlockedDecrement
InterlockedIncrement
IsDBCSLeadByte
CompareStringA
CompareStringW
lstrcmpA
GetLocaleInfoA
GetVersion
GetModuleFileNameA
GetFileAttributesA
IsBadWritePtr
DisableThreadLibraryCalls
GlobalAlloc
lstrcmpiA
LoadLibraryA
GetProcAddress
lstrcatA
lstrlenA
lstrcpyA
WriteProfileStringA
GlobalLock
GlobalUnlock
LoadResource
FindResourceA
lstrcpynA
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
HeapAlloc
GetProfileStringA
EnterCriticalSection
GetProcessHeap
GetCurrentThreadId
MultiByteToWideChar
InitializeCriticalSection
GlobalFree

user32

SetWindowRgn
IntersectRect
EqualRect
PtInRect
IsDialogMessageA
IsChild
GetKeyState
CreateDialogIndirectParamA
MessageBeep
PostMessageA
ClientToScreen
wsprintfA
SendMessageTimeoutA
CharNextA
GetActiveWindow
GetWindowThreadProcessId
LoadCursorA
MessageBoxA
GetWindowLongA
GetWindowRect
CreateWindowExA
SetWindowLongA
ShowWindow
DialogBoxParamA
EnableWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
OffsetRect
GetParent
GetDlgItem
SendMessageA
SetFocus
SetParent
SetDlgItemInt
EndPaint
SetActiveWindow
IsWindowVisible
WinHelpA
GetDlgItemInt
EndDialog
GetDlgItemTextA
DestroyWindow
SetDlgItemTextA
GetWindowTextA
GetNextDlgTabItem
SendDlgItemMessageA
RegisterClassA
GetDC
ReleaseDC
LoadIconA
DrawIcon
DestroyIcon
GetSystemMetrics
RegisterWindowMessageA
LoadStringA
DefWindowProcA
UnregisterClassA
GetClientRect
BeginPaint
RegisterClipboardFormatA
SetWindowPos
MoveWindow

ole32

CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
ReleaseStgMedium

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

LoadRegTypeLi
OleCreatePropertyFrame
SetErrorInfo
UnRegisterTypeLi
LoadTypeLi
LoadTypeLibEx
OleLoadPicture
VariantChangeType
RegisterTypeLi
VariantInit
GetErrorInfo
VariantClear
SysStringLen
SysAllocStringLen
OleTranslateColor
SysFreeString
SysAllocString
CreateErrorInfo

comdlg32

CommDlgExtendedError
PrintDlgA
ChooseFontA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameA

gdi32

GetDIBits
CreateCompatibleDC
CreateBitmap
GetSystemPaletteEntries
StretchDIBits
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetMapMode
LPtoDP
SetViewportExtEx
GetViewportExtEx
CreateRectRgnIndirect
GetWindowExtEx
CreateDCA
GetObjectA
EnumFontFamiliesA
DeleteDC
DeleteObject
GetDeviceCaps
SelectObject

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 67KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$SYSDIR/Comdlg32.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

988f29c1eb8054253091352741683c76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

HeapReAlloc
GetLastError
LockResource
GetWindowsDirectoryA
InterlockedDecrement
InterlockedIncrement
IsDBCSLeadByte
CompareStringA
CompareStringW
lstrcmpA
GetLocaleInfoA
GetVersion
GetModuleFileNameA
GetFileAttributesA
IsBadWritePtr
DisableThreadLibraryCalls
GlobalAlloc
lstrcmpiA
LoadLibraryA
GetProcAddress
lstrcatA
lstrlenA
lstrcpyA
WriteProfileStringA
GlobalLock
GlobalUnlock
LoadResource
FindResourceA
lstrcpynA
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
HeapAlloc
GetProfileStringA
EnterCriticalSection
GetProcessHeap
GetCurrentThreadId
MultiByteToWideChar
InitializeCriticalSection
GlobalFree

user32

SetWindowRgn
IntersectRect
EqualRect
PtInRect
IsDialogMessageA
IsChild
GetKeyState
CreateDialogIndirectParamA
MessageBeep
PostMessageA
ClientToScreen
wsprintfA
SendMessageTimeoutA
CharNextA
GetActiveWindow
GetWindowThreadProcessId
LoadCursorA
MessageBoxA
GetWindowLongA
GetWindowRect
CreateWindowExA
SetWindowLongA
ShowWindow
DialogBoxParamA
EnableWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
OffsetRect
GetParent
GetDlgItem
SendMessageA
SetFocus
SetParent
SetDlgItemInt
EndPaint
SetActiveWindow
IsWindowVisible
WinHelpA
GetDlgItemInt
EndDialog
GetDlgItemTextA
DestroyWindow
SetDlgItemTextA
GetWindowTextA
GetNextDlgTabItem
SendDlgItemMessageA
RegisterClassA
GetDC
ReleaseDC
LoadIconA
DrawIcon
DestroyIcon
GetSystemMetrics
RegisterWindowMessageA
LoadStringA
DefWindowProcA
UnregisterClassA
GetClientRect
BeginPaint
RegisterClipboardFormatA
SetWindowPos
MoveWindow

ole32

CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
ReleaseStgMedium

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

LoadRegTypeLi
OleCreatePropertyFrame
SetErrorInfo
UnRegisterTypeLi
LoadTypeLi
LoadTypeLibEx
OleLoadPicture
VariantChangeType
RegisterTypeLi
VariantInit
GetErrorInfo
VariantClear
SysStringLen
SysAllocStringLen
OleTranslateColor
SysFreeString
SysAllocString
CreateErrorInfo

comdlg32

CommDlgExtendedError
PrintDlgA
ChooseFontA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameA

gdi32

GetDIBits
CreateCompatibleDC
CreateBitmap
GetSystemPaletteEntries
StretchDIBits
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetMapMode
LPtoDP
SetViewportExtEx
GetViewportExtEx
CreateRectRgnIndirect
GetWindowExtEx
CreateDCA
GetObjectA
EnumFontFamiliesA
DeleteDC
DeleteObject
GetDeviceCaps
SelectObject

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 67KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$SYSDIR/VB6STKIT.DLL
.dll windows:4 windows x86 arch:x86

9f4b76d42cbc350286ec870347345155

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

TranslateMessage
CharNextA
wsprintfA
CharPrevA
LoadStringA
PeekMessageA
MessageBoxA
DispatchMessageA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

ole32

CoCreateInstance
StringFromGUID2
OleInitialize
OleUninitialize

oleaut32

RegisterTypeLi
LoadTypeLi

kernel32

GetFileAttributesA
CompareStringW
GetStringTypeW
DeleteFileA
GetStringTypeA
GetLocaleInfoA
GetTimeZoneInformation
LCMapStringW
GetEnvironmentStringsW
LCMapStringA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetEnvironmentStrings
GetACP
GetCPInfo
HeapReAlloc
GetLocaleInfoW
FlushFileBuffers
SetEnvironmentVariableA
GetOEMCP
GetVersion
GetLastError
lstrcatA
lstrcpyA
lstrcmpiA
lstrlenA
CopyFileA
OpenFile
Sleep
lstrcpynA
WriteFile
CloseHandle
SetFilePointer
CreateFileA
FreeLibrary
GetProcAddress
LoadLibraryA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetErrorMode
LocalFree
LocalUnlock
LocalLock
LocalAlloc
SetFileTime
GetFileTime
GetWindowsDirectoryA
MultiByteToWideChar
CompareStringA
WideCharToMultiByte
GetModuleFileNameA
VirtualAlloc
HeapCreate
VirtualFree
TlsSetValue
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
FindClose
FindFirstFileA
GetFileType
SetFileAttributesA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
HeapFree
ReadFile
GetCommandLineA
GetCurrentThreadId
DeleteCriticalSection
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetEndOfFile
SetHandleCount
GetStdHandle
GetStartupInfoA
GetFullPathNameA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
SetStdHandle
InterlockedDecrement
InterlockedIncrement
HeapDestroy

Exports

Exports

AbortAction
AddActionNote
ChangeActionKey
CommitAction
DLLSelfRegister
DisableLogging
EnableLogging
ExtractFileFromCab
GetClsidFromActXFile
LogConfig
LogError
LogNote
LogWarning
NewAction
RegisterTLB
SyncShell
_SetTime@8
fCreateShellLink
fRemoveShellLink
fWithinAction

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/VertMenu.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

40713784e09318f5966d991d0e8df47a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

MethCallEngine
ord595
ord631
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord534
ord685
ord101
ord102
ord103
ord104
ord105
ord616
ord581

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/asycfilt.dll
.dll windows:5 windows x86 arch:x86

5deee9ef803f3882a12b5c1690dcfb3e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

asycfilt.pdb

Imports

ole32

ReleaseStgMedium

user32

UnionRect

gdi32

SetStretchBltMode
GetObjectW
CreateSolidBrush
DeleteObject
PatBlt
SelectObject
SetDIBits
SelectPalette
SetDIBitsToDevice
StretchDIBits
GetCurrentObject
SetMapMode
GetNearestPaletteIndex
SetDIBColorTable
GetNearestColor

kernel32

InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetUnhandledExceptionFilter
GetLastError
GlobalDeleteAtom
GlobalAddAtomA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
EnterCriticalSection
lstrlenA
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection

msvcrt

exit
fprintf
_iob
_snprintf
sscanf
getenv
malloc
free
??3@YAXPAX@Z
__CxxFrameHandler
??2@YAPAXI@Z
longjmp
_setjmp3
realloc
_except_handler3
_purecall
_initterm
_adjust_fdiv

Exports

Exports

DllCanUnloadNow
FilterCreateInstance

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/comcat.dll
.dll regsvr32 windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 512B - Virtual size: 251B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/msdxm.ocx
.dll regsvr32 windows:5 windows x86 arch:x86

679896098842047b8c2d59c2fff2c5ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_onexit
__dllonexit
_adjust_fdiv
_initterm
wcstok
strncpy
_pctype
strrchr
tolower
wcspbrk
_wcsdup
memmove
wcsncat
wcsncmp
_ui64tow
_wcslwr
wprintf
iswctype
swprintf
swscanf
_wtoi
_itow
_ltow
wcsstr
malloc
_HUGE
_ftol
_wcsicmp
wcslen
wcsncpy
??2@YAPAXI@Z
wcscmp
??3@YAXPAX@Z
_wtol
_purecall
realloc
rand
srand
_snwprintf
_wcsnicmp
wcsrchr
free
atoi
wcscpy
wcschr
wcstol
wcscat

kernel32

HeapDestroy
InitializeCriticalSection
WaitForSingleObject
DeleteCriticalSection
GlobalAlloc
GlobalUnlock
FindClose
GlobalLock
FindFirstFileW
FindNextFileW
ReadFile
GetNumberFormatW
GetTimeFormatW
GetDateFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
ReleaseMutex
lstrcmpW
GetShortPathNameW
CreateDirectoryW
CreateProcessW
GetSystemDirectoryW
GetPrivateProfileStringW
GetProfileStringW
ExpandEnvironmentStringsW
WriteProfileStringW
DisableThreadLibraryCalls
WriteFile
DeleteFileW
GetCommandLineW
LockResource
MulDiv
CreateMutexW
CreateEventW
SetEvent
TerminateProcess
ResumeThread
FreeResource
WritePrivateProfileStringW
WinExec
LocalFree
LocalAlloc
Sleep
GetSystemDefaultLCID
GetTempPathW
OpenFileMappingW
OpenEventW
WaitForSingleObjectEx
GetModuleHandleW
GetSystemTimeAsFileTime
lstrcpyA
GetCurrentProcessId
GetSystemTime
SystemTimeToFileTime
GetSystemInfo
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
CreateFileW
GetFileSize
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
lstrlenA
lstrcpynW
GetCurrentDirectoryW
GetProcAddress
WideCharToMultiByte
GetWindowsDirectoryW
_lopen
_llseek
_lclose
GetFileAttributesW
GetVersionExW
GetModuleFileNameW
LoadLibraryW
CloseHandle
CreateThread
FreeLibrary
FreeLibraryAndExitThread
SearchPathW
GetLastError
InterlockedDecrement
InterlockedIncrement
GetThreadLocale
GetTickCount
GetComputerNameW
GetVolumeInformationW
FormatMessageW
lstrlenW
lstrcpyW
lstrcatW
lstrcmpiW
GetUserDefaultLCID
LoadLibraryA
RaiseException
InterlockedExchange
GetCurrentProcess
OpenMutexW
GetCurrentThreadId
GetLocaleInfoW
IsBadStringPtrW

advapi32

RegQueryInfoKeyW
RegOpenKeyExW
RegCloseKey
RegEnumKeyExW
RegEnumValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyW
RegQueryValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyW
RegQueryValueW

ole32

OleLoadFromStream
OleSaveToStream
WriteClassStm
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoUninitialize
CoCreateGuid
StringFromCLSID
CoRevokeClassObject
CoRegisterClassObject
CreateItemMoniker
GetRunningObjectTable
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
CreateBindCtx
OleLockRunning
DoDragDrop
CoDisconnectObject
ProgIDFromCLSID
OleUninitialize
CreateOleAdviseHolder
OleInitialize
CLSIDFromString
StringFromGUID2
CoTaskMemFree

oleaut32

SafeArrayAccessData
OleCreatePropertyFrame
SafeArrayCreate
SafeArrayUnaccessData
CreateErrorInfo
LoadTypeLi
RegisterTypeLi
SysStringByteLen
SetErrorInfo
LoadRegTypeLi
SysAllocStringLen
VarI4FromStr
VariantChangeType
SysStringLen
VariantInit
VariantClear
SysFreeString
SysAllocString
SysAllocStringByteLen

user32

GetWindowRect
EnableWindow
EndDialog
DialogBoxParamW
IsWindowVisible
SetWindowTextW
SetWindowPos
CreateWindowExW
RegisterClassW
GetClassInfoW
CreateDialogParamW
CloseDesktop
OpenDesktopW
SystemParametersInfoA
SetForegroundWindow
IsIconic
FindWindowExW
PostMessageW
GetMessageW
IsWindow
SetWindowRgn
IntersectRect
EndPaint
GetClientRect
BeginPaint
ReleaseDC
GetDC
GetWindow
GetDlgItem
MapWindowPoints
SystemParametersInfoW
GetWindowLongW
SetWindowLongW
MsgWaitForMultipleObjects
SetDlgItemTextW
RegisterClassExW
GetClassInfoExW
CallWindowProcW
SendDlgItemMessageW
GetDlgItemInt
IsDlgButtonChecked
SetDlgItemInt
CheckDlgButton
MoveWindow
SetTimer
KillTimer
LoadIconW
DestroyIcon
GetDlgItemTextW
CharUpperW
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
FillRect
PostQuitMessage
WinHelpW
IsDialogMessageW
GetDialogBaseUnits
PtInRect
UnionRect
DestroyCursor
GetKeyState
ClientToScreen
ScreenToClient
GetUpdateRect
GetAsyncKeyState
TranslateAcceleratorW
SendNotifyMessageW
SetClassLongW
GetWindowTextW
PeekMessageW
AdjustWindowRectEx
ReleaseCapture
SetCapture
GetCapture
InvalidateRgn
ValidateRect
GetDlgCtrlID
ChildWindowFromPoint
LoadBitmapW
DrawIconEx
GetDesktopWindow
WindowFromPoint
GetCursor
wsprintfA
SetParent
SetWindowPlacement
GetWindowPlacement
InsertMenuItemW
RemoveMenu
TrackPopupMenuEx
RemovePropW
SetPropW
GetPropW
GetClassNameW
EnumChildWindows
CheckRadioButton
DeleteMenu
CreateMenu
DrawTextW
GetMenu
GetMenuItemRect
GetMenuItemCount
DrawEdge
LoadStringA
CharPrevW
SendMessageTimeoutW
GetMenuStringW
EnumWindows
EnumDesktopWindows
GetThreadDesktop
GetMenuState
MenuItemFromPoint
GetMenuItemInfoW
AppendMenuW
DrawMenuBar
CheckMenuRadioItem
EnableMenuItem
CheckMenuItem
EqualRect
MessageBoxW
LoadImageW
GetIconInfo
LoadStringW
UpdateWindow
CharNextW
GetActiveWindow
GetLastActivePopup
ShowWindow
SetFocus
IsWindowEnabled
SendMessageW
GetSysColor
LoadAcceleratorsW
LoadCursorW
DestroyWindow
DestroyMenu
DefWindowProcW
SetRect
TrackPopupMenu
GetSubMenu
InsertMenuW
wsprintfW
TranslateMessage
DispatchMessageW
InvalidateRect
GetParent
GetSystemMetrics
LoadMenuW
GetCursorPos
SetCursor
GetNextDlgTabItem
GetClassLongW
SetRectEmpty
CreatePopupMenu

gdi32

CreateRectRgn
Polyline
GetTextAlign
Polygon
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateHalftonePalette
SelectClipRgn
GetDIBColorTable
RealizePalette
GetClipBox
SelectPalette
OffsetWindowOrgEx
StretchDIBits
CreatePalette
GetTextMetricsW
SetTextAlign
CreateFontIndirectW
Rectangle
GetTextExtentPointW
SelectObject
SetBkMode
MoveToEx
LineTo
TextOutW
SetBkColor
SetTextColor
LPtoDP
CreateDCW
GetDeviceCaps
DeleteDC
SetMapMode
SetViewportOrgEx
SetWindowOrgEx
CreateMetaFileW
SaveDC
CloseMetaFile
SetWindowExtEx
RestoreDC
GetStockObject
DeleteMetaFile
CreateRectRgnIndirect
CreatePen
GetObjectW
CreateSolidBrush
GetTextExtentPoint32W
GetBkMode
ExtTextOutW
PatBlt
CreateDIBitmap
DeleteObject
GetOutlineTextMetricsW

shell32

SHChangeNotify
ExtractIconExW
SHFileOperationW
DragAcceptFiles
SHLoadInProc
DragFinish
DragQueryFileW
SHGetFileInfoW
SHGetMalloc
SHGetDesktopFolder
ShellExecuteW

quartz

AmpFactorToDB
DBToAmpFactor

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
RunDll
RunDllW

Sections

.text
Size: 493KB - Virtual size: 492KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/msvbvm60.dll
.dll regsvr32 windows:4 windows x86 arch:x86

ce5958d8adf86078d58c0c6f95621ee9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTimeZoneInformation
CreateThread
ExitThread
FlushFileBuffers
CreateDirectoryA
RemoveDirectoryA
MoveFileA
LockFile
UnlockFile
TerminateProcess
SetEnvironmentVariableA
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
GetStringTypeW
RaiseException
LCMapStringW
GetStringTypeA
GetModuleFileNameW
GetUserDefaultLangID
GetComputerNameA
SetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
SetFileTime
GetLocalTime
SetLocalTime
RtlUnwind
OpenFile
CreateProcessW
IsValidCodePage
FormatMessageW
GetStartupInfoA
UnhandledExceptionFilter
ExitProcess
SetCurrentDirectoryA
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindNextFileA
FindClose
VirtualFree
GetSystemInfo
VirtualAlloc
VirtualProtect
FlushInstructionCache
FindResourceExA
GetShortPathNameA
WinExec
lstrlenW
lstrcpyW
WriteFile
SetEndOfFile
SetFilePointer
GetSystemTime
SystemTimeToFileTime
WaitForMultipleObjects
ReleaseMutex
CreateMutexA
GetCurrentProcess
DuplicateHandle
ResumeThread
GetCommandLineA
TlsSetValue
TlsFree
TlsAlloc
GetVersion
CompareStringW
lstrcmpiW
MulDiv
CreateProcessA
GetExitCodeProcess
LoadLibraryExA
WaitForSingleObject
ResetEvent
SetEvent
CreateEventA
GetTickCount
GetEnvironmentVariableA
FreeResource
GetSystemDefaultLCID
GetPrivateProfileIntA
IsBadCodePtr
GetUserDefaultLCID
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
Sleep
GlobalDeleteAtom
HeapDestroy
SetErrorMode
GlobalAddAtomA
ReleaseSemaphore
LCMapStringA
CreateSemaphoreA
VirtualQuery
GetCurrentProcessId
MultiByteToWideChar
GetProfileStringA
WideCharToMultiByte
HeapReAlloc
GetDriveTypeA
CompareStringA
GetFileAttributesA
GetCurrentDirectoryA
GetModuleFileNameA
SetLastError
GetFullPathNameA
SearchPathA
GetFileType
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
SizeofResource
GlobalAlloc
GlobalSize
GlobalHandle
GlobalReAlloc
GlobalLock
_lwrite
_lread
LockResource
GetTempPathA
GetTempFileNameA
lstrcpynA
_lclose
_llseek
FreeLibrary
GetLocaleInfoA
lstrcmpiA
GetLastError
GetModuleHandleA
GetSystemDefaultLangID
FormatMessageA
HeapCreate
GetWindowsDirectoryA
GetPrivateProfileStringA
lstrcatA
CreateFileA
ReadFile
CloseHandle
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
IsDBCSLeadByte
IsBadReadPtr
TlsGetValue
lstrcpyA
DeleteFileA
lstrcmpA
GetCurrentThreadId
GetVersionExA
HeapAlloc
HeapFree
HeapSize
lstrlenA

user32

DdeClientTransaction
DdeAbandonTransaction
DdeGetData
DdeGetLastError
DdeCreateDataHandle
DdeCmpStringHandles
SetCursorPos
EnumClipboardFormats
DestroyCursor
GetAsyncKeyState
WaitForInputIdle
GetForegroundWindow
VkKeyScanW
SetWindowsHookExW
keybd_event
CharUpperBuffW
CharUpperBuffA
CharLowerBuffW
FindWindowW
FindWindowA
SetActiveWindow
GetClassInfoExA
LoadIconA
LoadImageA
RegisterClassExA
FrameRect
CreateDialogParamA
IsDialogMessageA
EnableMenuItem
ShowCursor
OemToCharA
CharToOemBuffA
GetWindowTextA
EndDialog
DrawTextA
SendDlgItemMessageA
SetDlgItemTextA
GetWindowPlacement
GetSystemMetrics
LoadBitmapA
TranslateMessage
DispatchMessageA
MsgWaitForMultipleObjects
WaitMessage
PostQuitMessage
UnhookWindowsHookEx
RegisterClipboardFormatA
CreateCursor
CreateIcon
PostMessageW
PeekMessageW
EnumWindows
EnumChildWindows
GetPropA
RemovePropA
SetPropA
SetForegroundWindow
ClipCursor
CallWindowProcA
DefFrameProcA
GetKeyState
GetDlgItem
IsWindow
UnregisterClassA
RegisterClassA
AdjustWindowRect
GetTabbedTextExtentA
TabbedTextOutA
FillRect
CharToOemA
MessageBoxA
wsprintfA
WinHelpA
GetDesktopWindow
SetRect
GetWindowDC
DestroyIcon
GetClassInfoA
AdjustWindowRectEx
GetMenuItemCount
RemoveMenu
GetMenuStringA
GetMenuState
DdePostAdvise
GetCaretPos
CharPrevA
CharNextA
GetUpdateRgn
GetUpdateRect
PtInRect
ChildWindowFromPointEx
ReleaseCapture
SetCapture
InflateRect
GetWindowRect
ClientToScreen
MoveWindow
IsWindowEnabled
IsChild
SetParent
IsIconic
IsZoomed
DefMDIChildProcA
MessageBeep
PeekMessageA
PostMessageA
LoadStringA
AppendMenuA
DestroyMenu
CreatePopupMenu
GetMessageTime
GetMessagePos
DrawFocusRect
CopyAcceleratorTableA
GetWindowRgn
CharUpperA
TranslateMDISysAccel
SubtractRect
IsRectEmpty
InvalidateRgn
InvalidateRect
CopyRect
GetDCEx
IntersectRect
LoadAcceleratorsA
BringWindowToTop
GetWindowThreadProcessId
AttachThreadInput
EqualRect
EnableWindow
SetFocus
SendMessageA
SetWindowsHookExA
GetClassNameA
LoadCursorA
SetCursor
SetWindowLongA
GetWindow
GetFocus
GetKeyboardLayout
GetSystemMenu
CallNextHookEx
GetParent
DestroyWindow
SetWindowTextA
SetWindowPos
UpdateWindow
CreateWindowExA
SystemParametersInfoA
GetCapture
WindowFromPoint
ScreenToClient
SetTimer
IsWindowVisible
ShowWindow
KillTimer
GetDC
ReleaseDC
MapWindowPoints
GetCursorPos
GetCursor
OffsetRect
GetIconInfo
DefWindowProcA
BeginPaint
GetClientRect
EndPaint
GetSysColor
GetActiveWindow
GetWindowLongA
DdeDisconnect
DdeConnect
DdeSetUserHandle
DdeNameService
DdeCreateStringHandleA
DdeUninitialize
DdeInitializeA
DdeFreeStringHandle
DdeQueryConvInfo
DdeQueryStringA
DdeFreeDataHandle
SetScrollRange
SetScrollPos
DrawFrameControl
LockWindowUpdate
CharLowerBuffA
IsClipboardFormatAvailable
SetClipboardData
GetClipboardData
OpenClipboard
EmptyClipboard
CloseClipboard
GetCaretBlinkTime
SetCaretPos
GetWindowTextLengthA
CreateCaret
ShowCaret
HideCaret
DestroyCaret
GetScrollPos
GetClipboardFormatNameA
DrawTextExA
SetWindowRgn
ToAscii
CreateAcceleratorTableA
DestroyAcceleratorTable
ShowScrollBar
GetScrollInfo
GetLastActivePopup
GetMenuItemInfoA
SetMenuItemInfoA
SetKeyboardState
GetKeyboardState
GetQueueStatus
GetDoubleClickTime
SetWindowContextHelpId
TrackPopupMenu
SetMenuDefaultItem
DrawMenuBar
DeleteMenu
InsertMenuA
GetSubMenu
GetMenuItemID
GetMenu
SetMenu
CreateMenu
ModifyMenuA
CheckMenuItem
BeginDeferWindowPos
EndDeferWindowPos
DeferWindowPos
PostThreadMessageA
VkKeyScanA
CharLowerA
DrawIcon
MessageBoxIndirectA
DialogBoxParamA
IsCharAlphaA
EnumThreadWindows
SetScrollInfo

gdi32

RestoreDC
RealizePalette
SetROP2
SaveDC
GetClipBox
SetWindowOrgEx
ExcludeClipRect
CreateHalftonePalette
GetTextMetricsA
PatBlt
EnumFontsA
TranslateCharsetInfo
GetROP2
SetBrushOrgEx
GetDeviceCaps
GetObjectType
CreatePenIndirect
CreateBrushIndirect
Rectangle
GetStockObject
Arc
LineTo
MoveToEx
Pie
Ellipse
SetStretchBltMode
GetPixel
GetTextExtentPoint32A
SetPixelV
StretchDIBits
GetCurrentObject
TextOutA
GetBkColor
StretchBlt
CreateDIBitmap
CloseMetaFile
SetWindowExtEx
CreateMetaFileA
EndDoc
AbortDoc
StartPage
CreateCompatibleBitmap
StartDocA
CreateDCA
ResetDCA
Escape
ScaleViewportExtEx
SetViewportExtEx
SetMapMode
DeleteMetaFile
PlayMetaFile
SetAbortProc
DeleteEnhMetaFile
PlayEnhMetaFile
CreateICA
GetEnhMetaFileHeader
ScaleWindowExtEx
GetWindowOrgEx
GetPaletteEntries
CreateDIBSection
CloseEnhMetaFile
CreateEnhMetaFileA
LPtoDP
EqualRgn
ExtCreateRegion
GetDIBits
SetTextAlign
GetWindowExtEx
GetViewportExtEx
CopyMetaFileA
CopyEnhMetaFileA
PathToRegion
EndPath
BeginPath
WidenPath
GetTextColor
GetMapMode
SetDIBColorTable
RoundRect
CreateEllipticRgnIndirect
CreateRoundRectRgn
GetSystemPaletteEntries
GetNearestColor
CreateCompatibleDC
SetViewportOrgEx
BitBlt
DeleteDC
IntersectClipRect
OffsetWindowOrgEx
SelectClipRgn
SelectPalette
CreatePalette
PtInRegion
OffsetRgn
ExtSelectClipRgn
CreateRectRgnIndirect
CreateRectRgn
SetRectRgn
CombineRgn
CreateFontIndirectA
GetTextExtentPointA
GetObjectA
GetBitmapBits
SetBkMode
SelectObject
ExtTextOutA
CreateBitmap
CreatePatternBrush
SetTextColor
SetBkColor
CreatePen
CreateHatchBrush
UnrealizeObject
CreateSolidBrush
EndPage
DeleteObject

advapi32

RegQueryInfoKeyA
RegCreateKeyW
RegQueryValueExW
RegEnumValueA
RegEnumValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyW
RegSetValueExW
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegEnumKeyExA
ReportEventA
DeregisterEventSource
RegisterEventSourceA
RegDeleteValueA
RegSetValueA
RegCreateKeyA
RegSetValueExA
RegEnumKeyA
RegDeleteKeyA
RegQueryValueA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA

ole32

CoTaskMemAlloc
CoTaskMemFree
BindMoniker
RegisterDragDrop
RevokeDragDrop
DoDragDrop
CreateILockBytesOnHGlobal
OleFlushClipboard
OleIsCurrentClipboard
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
CreateDataAdviseHolder
CreateOleAdviseHolder
CoRegisterClassObject
CoRevokeClassObject
CLSIDFromString
OleDoAutoConvert
OleRegGetUserType
OleSaveToStream
ReadClassStg
ReadClassStm
OleConvertIStorageToOLESTREAM
OleConvertOLESTREAMToIStorage
StgIsStorageILockBytes
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
OleCreateFromData
OleCreateLinkFromData
OleGetIconOfClass
OleGetClipboard
OleSetClipboard
OleCreateLink
OleCreateLinkToFile
OleGetAutoConvert
OleCreateFromFile
CoMarshalInterface
CoUnmarshalInterface
CreateStreamOnHGlobal
StringFromCLSID
StringFromGUID2
CLSIDFromProgID
ProgIDFromCLSID
CoGetClassObject
CoCreateInstance
MkParseDisplayName
CoIsOle1Class
OleQueryLinkFromData
OleQueryCreateFromData
GetClassFile
CreateBindCtx
OleDuplicateData
ReleaseStgMedium
OleSetMenuDescriptor
CoRegisterMessageFilter
OleUninitialize
OleInitialize
CoGetMalloc
OleRegGetMiscStatus
CoCreateGuid
IIDFromString
CoFreeUnusedLibraries
CoDisconnectObject
IsAccelerator
OleIsRunning
OleRun
OleLockRunning
StgCreateDocfile
WriteClassStg
OleSave
StgOpenStorage
OleLoad
CoLockObjectExternal

oleaut32

OleTranslateColor
OleCreatePropertyFrame
VariantInit
VariantClear
SysAllocString
SysFreeString
OleCreateFontIndirect
OleCreatePictureIndirect
SysAllocStringByteLen
OaBuildVersion
SysAllocStringLen
VariantChangeType
SetErrorInfo
CreateErrorInfo
GetErrorInfo
DispGetParam
LoadTypeLi
SysStringByteLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLibEx
UnRegisterTypeLi
LHashValOfNameSys
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
OleLoadPicture
SafeArrayDestroy
VariantCopy
VariantCopyInd
SafeArrayDestroyData
VariantChangeTypeEx
CreateDispTypeInfo
DispGetIDsOfNames
DispInvoke
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayPutElement
SafeArrayRedim
SafeArrayCopy
OleIconToCursor
RevokeActiveObject
SafeArrayAllocDescriptor
SafeArrayDestroyDescriptor
SafeArrayAllocData
SafeArrayLock
SafeArrayUnlock
VarDateFromStr
SysReAllocStringLen
GetActiveObject
VarR8FromStr
VarCyFromI4
VarBstrFromI2
VarBstrFromI4
VarBstrFromR4
VarBstrFromR8
VarBstrFromDate
VarBstrFromCy
VarI2FromStr
VarI4FromStr
VarI4FromR8
VarR4FromStr
VarCyFromStr
SysReAllocString
LHashValOfNameSysA
SysStringLen

Exports

Exports

BASIC_CLASS_AddRef
BASIC_CLASS_GetIDsOfNames
BASIC_CLASS_Invoke
BASIC_CLASS_QueryInterface
BASIC_CLASS_Release
BASIC_DISPINTERFACE_GetTICount
BASIC_DISPINTERFACE_GetTypeInfo
CopyRecord
CreateIExprSrvObj
DLLGetDocumentation
DllCanUnloadNow
DllFunctionCall
DllGetClassObject
DllRegisterServer
DllUnregisterServer
EVENT_SINK2_AddRef
EVENT_SINK2_Release
EVENT_SINK_AddRef
EVENT_SINK_GetIDsOfNames
EVENT_SINK_Invoke
EVENT_SINK_QueryInterface
EVENT_SINK_Release
EbCreateContext
EbDestroyContext
EbGetErrorInfo
EbGetHandleOfExecutingProject
EbGetObjConnectionCounts
EbGetVBAObject
EbIsProjectOnStack
EbLibraryLoad
EbLibraryUnload
EbLoadRunTime
EbResetProject
EbResetProjectNormal
EbSetContextWorkerThread
GetMem1
GetMem2
GetMem4
GetMem8
GetMemEvent
GetMemNewObj
GetMemObj
GetMemStr
GetMemVar
IID_IVbaHost
MethCallEngine
ProcCallEngine
PutMem1
PutMem2
PutMem4
PutMem8
PutMemEvent
PutMemNewObj
PutMemObj
PutMemStr
PutMemVar
SetMemEvent
SetMemNewObj
SetMemObj
SetMemVar
ThunRTMain
TipCreateInstanceEx
TipCreateInstanceProject2
TipGetAddressOfPredeclaredInstance
TipInvokeMethod
TipInvokeMethod2
TipSetOption
TipUnloadInstance
TipUnloadProject
UserDllMain
VBDllCanUnloadNow
VBDllGetClassObject
VBDllRegisterServer
VBDllUnRegisterServer
VarPtr
Zombie_AddRef
Zombie_GetIDsOfNames
Zombie_GetTypeInfo
Zombie_GetTypeInfoCount
Zombie_Invoke
Zombie_QueryInterface
Zombie_Release
_CIatan
_CIcos
_CIexp
_CIlog
_CIsin
_CIsqrt
_CItan
__vbaAptOffset
__vbaAryConstruct
__vbaAryConstruct2
__vbaAryCopy
__vbaAryDestruct
__vbaAryLock
__vbaAryMove
__vbaAryRebase1Var
__vbaAryRecCopy
__vbaAryRecMove
__vbaAryUnlock
__vbaAryVar
__vbaAryVarVarg
__vbaBoolErrVar
__vbaBoolStr
__vbaBoolVar
__vbaBoolVarNull
__vbaCVarAryUdt
__vbaCastObj
__vbaCastObjVar
__vbaCheckType
__vbaCheckTypeVar
__vbaChkstk
__vbaCopyBytes
__vbaCopyBytesZero
__vbaCyAbs
__vbaCyAdd
__vbaCyErrVar
__vbaCyFix
__vbaCyForInit
__vbaCyForNext
__vbaCyI2
__vbaCyI4
__vbaCyInt
__vbaCyMul
__vbaCyMulI2
__vbaCySgn
__vbaCyStr
__vbaCySub
__vbaCyUI1
__vbaCyVar
__vbaDateR4
__vbaDateR8
__vbaDateStr
__vbaDateVar
__vbaDerefAry
__vbaDerefAry1
__vbaEnd
__vbaErase
__vbaEraseKeepData
__vbaEraseNoPop
__vbaError
__vbaErrorOverflow
__vbaExceptHandler
__vbaExitEachAry
__vbaExitEachColl
__vbaExitEachVar
__vbaExitProc
__vbaFPException
__vbaFPFix
__vbaFPInt
__vbaFailedFriend
__vbaFileClose
__vbaFileCloseAll
__vbaFileLock
__vbaFileOpen
__vbaFileSeek
__vbaFixstrConstruct
__vbaForEachAry
__vbaForEachCollAd
__vbaForEachCollObj
__vbaForEachCollVar
__vbaForEachVar
__vbaFpCDblR4
__vbaFpCDblR8
__vbaFpCSngR4
__vbaFpCSngR8
__vbaFpCmpCy
__vbaFpCy
__vbaFpI2
__vbaFpI4
__vbaFpR4
__vbaFpR8
__vbaFpUI1
__vbaFreeObj
__vbaFreeObjList
__vbaFreeStr
__vbaFreeStrList
__vbaFreeVar
__vbaFreeVarList
__vbaFreeVarg
__vbaGenerateBoundsError
__vbaGet3
__vbaGet4
__vbaGetFxStr3
__vbaGetFxStr4
__vbaGetOwner3
__vbaGetOwner4
__vbaGosub
__vbaGosubFree
__vbaGosubReturn
__vbaHresultCheck
__vbaHresultCheckNonvirt
__vbaHresultCheckObj
__vbaI2Abs
__vbaI2Cy
__vbaI2ErrVar
__vbaI2ForNextCheck
__vbaI2I4
__vbaI2Sgn
__vbaI2Str
__vbaI2Var
__vbaI4Abs
__vbaI4Cy
__vbaI4ErrVar
__vbaI4ForNextCheck
__vbaI4Sgn
__vbaI4Str
__vbaI4Var
__vbaInStr
__vbaInStrB
__vbaInStrVar
__vbaInStrVarB
__vbaInputFile
__vbaLateIdCall
__vbaLateIdCallLd
__vbaLateIdCallSt
__vbaLateIdNamedCall
__vbaLateIdNamedCallLd
__vbaLateIdNamedCallSt
__vbaLateIdNamedStAd
__vbaLateIdSt
__vbaLateIdStAd
__vbaLateMemCall
__vbaLateMemCallLd
__vbaLateMemCallSt
__vbaLateMemNamedCall
__vbaLateMemNamedCallLd
__vbaLateMemNamedCallSt
__vbaLateMemNamedStAd
__vbaLateMemSt
__vbaLateMemStAd
__vbaLbound
__vbaLdZeroAry
__vbaLenBstr
__vbaLenBstrB
__vbaLenVar
__vbaLenVarB
__vbaLineInputStr
__vbaLineInputVar
__vbaLsetFixstr
__vbaLsetFixstrFree
__vbaMidStmtBstr
__vbaMidStmtBstrB
__vbaMidStmtVar
__vbaMidStmtVarB
__vbaNameFile
__vbaNew
__vbaNew2
__vbaNextEachAry
__vbaNextEachCollAd
__vbaNextEachCollObj
__vbaNextEachCollVar
__vbaNextEachVar
__vbaObjAddref
__vbaObjIs
__vbaObjSet
__vbaObjSetAddref
__vbaObjVar
__vbaOnError
__vbaOnGoCheck
__vbaPowerR8
__vbaPrintFile
__vbaPrintObj
__vbaPut3
__vbaPut4
__vbaPutFxStr3
__vbaPutFxStr4
__vbaPutOwner3
__vbaPutOwner4
__vbaR4Cy
__vbaR4ErrVar
__vbaR4ForNextCheck
__vbaR4Sgn
__vbaR4Str
__vbaR4Var
__vbaR8Cy
__vbaR8ErrVar
__vbaR8FixI2
__vbaR8FixI4
__vbaR8ForNextCheck
__vbaR8IntI2
__vbaR8IntI4
__vbaR8Sgn
__vbaR8Str
__vbaR8Var
__vbaRaiseEvent
__vbaRecAnsiToUni
__vbaRecAssign
__vbaRecDestruct
__vbaRecDestructAnsi
__vbaRecUniToAnsi
__vbaRedim
__vbaRedimPreserve
__vbaRedimPreserveVar
__vbaRedimPreserveVar2
__vbaRedimVar
__vbaRedimVar2
__vbaRefVarAry
__vbaResume
__vbaRsetFixstr
__vbaRsetFixstrFree
__vbaSetSystemError
__vbaStopExe
__vbaStr2Vec
__vbaStrAryToAnsi
__vbaStrAryToUnicode
__vbaStrBool
__vbaStrCat
__vbaStrCmp
__vbaStrComp
__vbaStrCompVar
__vbaStrCopy
__vbaStrCy
__vbaStrDate
__vbaStrErrVarCopy
__vbaStrFixstr
__vbaStrI2
__vbaStrI4
__vbaStrLike
__vbaStrMove
__vbaStrR4
__vbaStrR8
__vbaStrTextCmp
__vbaStrTextLike
__vbaStrToAnsi
__vbaStrToUnicode
__vbaStrUI1
__vbaStrVarCopy
__vbaStrVarMove
__vbaStrVarVal
__vbaUI1Cy
__vbaUI1ErrVar
__vbaUI1I2
__vbaUI1I4
__vbaUI1Sgn
__vbaUI1Str
__vbaUI1Var
__vbaUbound
__vbaUdtVar
__vbaUnkVar
__vbaVar2Vec
__vbaVarAbs
__vbaVarAdd
__vbaVarAnd
__vbaVarCat
__vbaVarCmpEq
__vbaVarCmpGe
__vbaVarCmpGt
__vbaVarCmpLe
__vbaVarCmpLt
__vbaVarCmpNe
__vbaVarCopy
__vbaVarDateVar
__vbaVarDiv
__vbaVarDup
__vbaVarEqv
__vbaVarErrI4
__vbaVarFix
__vbaVarForInit
__vbaVarForNext
__vbaVarIdiv
__vbaVarImp
__vbaVarIndexLoad
__vbaVarIndexLoadRef
__vbaVarIndexLoadRefLock
__vbaVarIndexStore
__vbaVarIndexStoreObj
__vbaVarInt
__vbaVarLateMemCallLd
__vbaVarLateMemCallLdRf
__vbaVarLateMemCallSt
__vbaVarLateMemSt
__vbaVarLateMemStAd
__vbaVarLike
__vbaVarLikeVar
__vbaVarMod
__vbaVarMove
__vbaVarMul
__vbaVarNeg
__vbaVarNot
__vbaVarOr
__vbaVarPow
__vbaVarSetObj
__vbaVarSetObjAddref
__vbaVarSetUnk
__vbaVarSetUnkAddref
__vbaVarSetVar
__vbaVarSetVarAddref
__vbaVarSub
__vbaVarTextCmpEq
__vbaVarTextCmpGe
__vbaVarTextCmpGt
__vbaVarTextCmpLe
__vbaVarTextCmpLt
__vbaVarTextCmpNe
__vbaVarTextLike
__vbaVarTextLikeVar
__vbaVarTextTstEq
__vbaVarTextTstGe
__vbaVarTextTstGt
__vbaVarTextTstLe
__vbaVarTextTstLt
__vbaVarTextTstNe
__vbaVarTstEq
__vbaVarTstGe
__vbaVarTstGt
__vbaVarTstLe
__vbaVarTstLt
__vbaVarTstNe
__vbaVarVargNofree
__vbaVarXor
__vbaVarZero
__vbaVargObj
__vbaVargObjAddref
__vbaVargParmRef
__vbaVargUnk
__vbaVargUnkAddref
__vbaVargVar
__vbaVargVarCopy
__vbaVargVarMove
__vbaVargVarRef
__vbaVerifyVarObj
__vbaWriteFile
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_allmul
rtBoolFromErrVar
rtBstrFromErrVar
rtCyFromErrVar
rtDecFromVar
rtI2FromErrVar
rtI4FromErrVar
rtR4FromErrVar
rtR8FromErrVar
rtUI1FromErrVar
rtcAbsVar
rtcAnsiValueBstr
rtcAppActivate
rtcAppleScript
rtcArray
rtcAtn
rtcBeep
rtcBstrFromAnsi
rtcBstrFromByte
rtcBstrFromChar
rtcBstrFromError
rtcBstrFromFormatVar
rtcByteValueBstr
rtcCVErrFromVar
rtcCallByName
rtcChangeDir
rtcChangeDrive
rtcCharValueBstr
rtcChoose
rtcCommandBstr
rtcCommandVar
rtcCompareBstr
rtcCos
rtcCreateObject
rtcCreateObject2
rtcCurrentDir
rtcCurrentDirBstr
rtcDDB
rtcDateAdd
rtcDateDiff
rtcDateFromVar
rtcDatePart
rtcDeleteSetting
rtcDir
rtcDoEvents
rtcEndOfFile
rtcEnvironBstr
rtcEnvironVar
rtcErrObj
rtcExp
rtcFV
rtcFileAttributes
rtcFileCopy
rtcFileDateTime
rtcFileLen
rtcFileLength
rtcFileLocation
rtcFileReset
rtcFileSeek
rtcFileWidth
rtcFilter
rtcFixVar
rtcFormatCurrency
rtcFormatDateTime

Sections

.text
Size: 1008KB - Virtual size: 1007KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ENGINE
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/oleaut32.dll
.dll regsvr32 windows:5 windows x86 arch:x86

30726b6195cf2c5d6738ab441dab2ae2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

oleaut32.pdb

Imports

advapi32

RegFlushKey
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
RegOpenKeyExA
RegEnumKeyW
RegCreateKeyW
RegQueryValueExW
RegSetValueExW
RegDeleteKeyA
RegQueryInfoKeyA
RegCloseKey
RegQueryValueW
RegSetValueA
RegOpenKeyW
RegEnumKeyA
RegNotifyChangeKeyValue
RegQueryValueExA

gdi32

SetBitmapBits
CreateFontIndirectA
CreateHalftonePalette
Escape
CreateDIBSection
CreateDIBitmap
GetTextExtentPointA
SetDIBits
GetBitmapBits
SetStretchBltMode
SetBkColor
SetTextColor
GetCurrentObject
GetObjectType
GetStockObject
RealizePalette
StretchBlt
GetDIBits
StretchDIBits
SaveDC
IntersectClipRect
GetWindowOrgEx
OffsetViewportOrgEx
PlayEnhMetaFile
EnumMetaFile
RestoreDC
DeleteEnhMetaFile
DeleteMetaFile
PlayMetaFileRecord
SelectPalette
GetPaletteEntries
CreatePalette
GetEnhMetaFileBits
GetMetaFileBitsEx
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteDC
SetEnhMetaFileBits
SetMapMode
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
GetWinMetaFileBits
GetEnhMetaFileHeader
GetObjectW
GetBitmapDimensionEx
SetMetaFileBitsEx
CreateBitmap
PatBlt
DeleteObject
CreateFontIndirectW
GetDeviceCaps
SelectObject
GetTextFaceW
GetTextMetricsW
EnumFontFamiliesExW

kernel32

FreeLibrary
SetEvent
Sleep
WaitForMultipleObjects
TerminateThread
CompareStringW
CompareStringA
GetLocaleInfoW
GetStringTypeExW
GetStringTypeExA
LCMapStringW
LCMapStringA
LoadLibraryA
GetDateFormatA
GetTimeFormatA
GetDateFormatW
GetTimeFormatW
GetCurrentThread
GetCurrentProcess
CloseHandle
InterlockedExchange
IsBadReadPtr
IsBadWritePtr
GetLocalTime
GetSystemDirectoryA
GetCurrencyFormatA
GetCurrencyFormatW
CreateEventW
WaitForSingleObject
CreateThread
OutputDebugStringA
GetVersionExW
GetVersion
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
GlobalSize
GlobalHandle
GlobalReAlloc
LockResource
IsDBCSLeadByte
LoadResource
FindResourceW
_lclose
_lread
_lwrite
_llseek
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
lstrlenW
GlobalDeleteAtom
GlobalAddAtomW
DebugBreak
TlsAlloc
InterlockedCompareExchange
TlsFree
TlsSetValue
CreateFileA
CreateFileW
lstrcmpiA
LoadLibraryW
SearchPathA
GetFullPathNameA
SetLastError
SearchPathW
GetFullPathNameW
UnmapViewOfFile
MapViewOfFile
GetSystemInfo
CreateFileMappingA
GetFileSize
GetDriveTypeW
GetDriveTypeA
SetErrorMode
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
SetUnhandledExceptionFilter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetThreadPriority
GetLastError
GetProcAddress
GetModuleHandleA
TlsGetValue
GetSystemDefaultLCID
GetUserDefaultLCID
GetLocaleInfoA
InterlockedIncrement
HeapAlloc
GetProcessHeap
HeapFree
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
GetNumberFormatW
MultiByteToWideChar
GetNumberFormatA
WideCharToMultiByte

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_clearfp
_errno
strncpy
strchr
_wsplitpath
_wmakepath
_stat
getenv
wcstoul
_ultow
remove
_ultoa
free
calloc
_abnormal_termination
_wcslwr
wcsncat
wcsrchr
strrchr
_CxxThrowException
__CxxFrameHandler
_CIfmod
wcsncpy
strtoul
memmove
iswspace
_wcsnicmp
wcscpy
wcsncmp
wcschr
_itoa
atol
atoi
_strcmpi
_strnicmp
_CIpow
ceil
floor
_stricmp
_ui64tow
_i64toa
swprintf
_i64tow
_ftol
modf
wcslen
_wtoi
_wcsicmp
wcscmp
_itow
?terminate@@YAXXZ
malloc
_except_handler3

ole32

CoUnmarshalInterface
CoReleaseMarshalData
ReleaseStgMedium
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
CoCreateInstance
StgCreateDocfile
CreateBindCtx
ReadClassStg
WriteFmtUserTypeStg
WriteClassStg
MkParseDisplayName
HWND_UserFree
HWND_UserUnmarshal
HWND_UserMarshal
HWND_UserSize
CoUnmarshalHresult
CoMarshalHresult
CLSIDFromString
CoSetState
CoGetMalloc
CoGetClassObject
StringFromGUID2
CreateItemMoniker
GetRunningObjectTable
CoMarshalInterface

rpcrt4

NdrClientCall2

user32

GetSysColor
WinHelpW
EnableWindow
GetMessageA
DispatchMessageA
PostQuitMessage
GetActiveWindow
SetActiveWindow
SetFocus
wsprintfW
wsprintfA
GetTopWindow
IsWindowUnicode
GetClientRect
GetDialogBaseUnits
GetKeyState
GetDlgItem
GetFocus
SendMessageW
GetParent
CharLowerA
GetWindowTextA
RegisterClipboardFormatA
SetWindowLongW
CopyImage
CopyIcon
CreateCursor
CreateIcon
DestroyIcon
GetIconInfo
GetSystemMetrics
DrawIcon
ReleaseDC
GetDC
RegisterWindowMessageA
PostMessageW
GetMessageW
TranslateMessage
DispatchMessageW
GetClassInfoW
RegisterClassW
DefWindowProcW
IsWindow
GetWindowLongW
DestroyWindow
CreateWindowExW
CharNextA

Exports

Exports

BSTR_UserFree
BSTR_UserMarshal
BSTR_UserSize
BSTR_UserUnmarshal
BstrFromVector
ClearCustData
CreateDispTypeInfo
CreateErrorInfo
CreateStdDispatch
CreateTypeLib
CreateTypeLib2
DispCallFunc
DispGetIDsOfNames
DispGetParam
DispInvoke
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
DosDateTimeToVariantTime
GetActiveObject
GetAltMonthNames
GetErrorInfo
GetRecordInfoFromGuids
GetRecordInfoFromTypeInfo
GetVarConversionLocaleSetting
LHashValOfNameSys
LHashValOfNameSysA
LPSAFEARRAY_Marshal
LPSAFEARRAY_Size
LPSAFEARRAY_Unmarshal
LPSAFEARRAY_UserFree
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserSize
LPSAFEARRAY_UserUnmarshal
LoadRegTypeLib
LoadTypeLib
LoadTypeLibEx
OACreateTypeLib2
OaBuildVersion
OleCreateFontIndirect
OleCreatePictureIndirect
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPicture
OleLoadPictureEx
OleLoadPictureFile
OleLoadPictureFileEx
OleLoadPicturePath
OleSavePictureFile
OleTranslateColor
QueryPathOfRegTypeLib
RegisterActiveObject
RegisterTypeLib
RegisterTypeLibForUser
RevokeActiveObject
SafeArrayAccessData
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayAllocDescriptorEx
SafeArrayCopy
SafeArrayCopyData
SafeArrayCreate
SafeArrayCreateEx
SafeArrayCreateVector
SafeArrayCreateVectorEx
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayGetDim
SafeArrayGetElement
SafeArrayGetElemsize
SafeArrayGetIID
SafeArrayGetLBound
SafeArrayGetRecordInfo
SafeArrayGetUBound
SafeArrayGetVartype
SafeArrayLock
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SafeArraySetIID
SafeArraySetRecordInfo
SafeArrayUnaccessData
SafeArrayUnlock
SetErrorInfo
SetOaNoCache
SetVarConversionLocaleSetting
SysAllocString
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
SysReAllocString
SysReAllocStringLen
SysStringByteLen
SysStringLen
SystemTimeToVariantTime
UnRegisterTypeLib
UnRegisterTypeLibForUser
VARIANT_UserFree
VARIANT_UserMarshal
VARIANT_UserSize
VARIANT_UserUnmarshal
VarAbs
VarAdd
VarAnd
VarBoolFromCy
VarBoolFromDate
VarBoolFromDec
VarBoolFromDisp
VarBoolFromI1
VarBoolFromI2
VarBoolFromI4
VarBoolFromI8
VarBoolFromR4
VarBoolFromR8
VarBoolFromStr
VarBoolFromUI1
VarBoolFromUI2
VarBoolFromUI4
VarBoolFromUI8
VarBstrCat
VarBstrCmp
VarBstrFromBool
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarBstrFromDisp
VarBstrFromI1
VarBstrFromI2
VarBstrFromI4
VarBstrFromI8
VarBstrFromR4
VarBstrFromR8
VarBstrFromUI1
VarBstrFromUI2
VarBstrFromUI4
VarBstrFromUI8
VarCat
VarCmp
VarCyAbs
VarCyAdd
VarCyCmp
VarCyCmpR8
VarCyFix
VarCyFromBool
VarCyFromDate
VarCyFromDec
VarCyFromDisp
VarCyFromI1
VarCyFromI2
VarCyFromI4
VarCyFromI8
VarCyFromR4
VarCyFromR8
VarCyFromStr
VarCyFromUI1
VarCyFromUI2
VarCyFromUI4
VarCyFromUI8
VarCyInt
VarCyMul
VarCyMulI4
VarCyMulI8
VarCyNeg
VarCyRound
VarCySub
VarDateFromBool
VarDateFromCy
VarDateFromDec
VarDateFromDisp
VarDateFromI1
VarDateFromI2
VarDateFromI4
VarDateFromI8
VarDateFromR4
VarDateFromR8
VarDateFromStr
VarDateFromUI1
VarDateFromUI2
VarDateFromUI4
VarDateFromUI8
VarDateFromUdate
VarDateFromUdateEx
VarDecAbs
VarDecAdd
VarDecCmp
VarDecCmpR8
VarDecDiv
VarDecFix
VarDecFromBool
VarDecFromCy
VarDecFromDate
VarDecFromDisp
VarDecFromI1
VarDecFromI2
VarDecFromI4
VarDecFromI8
VarDecFromR4
VarDecFromR8
VarDecFromStr
VarDecFromUI1
VarDecFromUI2
VarDecFromUI4
VarDecFromUI8
VarDecInt
VarDecMul
VarDecNeg
VarDecRound
VarDecSub
VarDiv
VarEqv
VarFix
VarFormat
VarFormatCurrency
VarFormatDateTime
VarFormatFromTokens
VarFormatNumber
VarFormatPercent
VarI1FromBool
VarI1FromCy
VarI1FromDate
VarI1FromDec
VarI1FromDisp
VarI1FromI2
VarI1FromI4
VarI1FromI8
VarI1FromR4
VarI1FromR8
VarI1FromStr
VarI1FromUI1
VarI1FromUI2
VarI1FromUI4
VarI1FromUI8
VarI2FromBool
VarI2FromCy
VarI2FromDate
VarI2FromDec
VarI2FromDisp
VarI2FromI1
VarI2FromI4
VarI2FromI8
VarI2FromR4
VarI2FromR8
VarI2FromStr
VarI2FromUI1
VarI2FromUI2
VarI2FromUI4
VarI2FromUI8
VarI4FromBool
VarI4FromCy
VarI4FromDate
VarI4FromDec
VarI4FromDisp
VarI4FromI1
VarI4FromI2
VarI4FromI8
VarI4FromR4
VarI4FromR8
VarI4FromStr
VarI4FromUI1
VarI4FromUI2
VarI4FromUI4
VarI4FromUI8
VarI8FromBool
VarI8FromCy
VarI8FromDate
VarI8FromDec
VarI8FromDisp
VarI8FromI1
VarI8FromI2
VarI8FromR4
VarI8FromR8
VarI8FromStr
VarI8FromUI1
VarI8FromUI2
VarI8FromUI4
VarI8FromUI8
VarIdiv
VarImp
VarInt
VarMod
VarMonthName
VarMul
VarNeg
VarNot
VarNumFromParseNum
VarOr
VarParseNumFromStr
VarPow
VarR4CmpR8
VarR4FromBool
VarR4FromCy
VarR4FromDate
VarR4FromDec
VarR4FromDisp
VarR4FromI1
VarR4FromI2
VarR4FromI4
VarR4FromI8
VarR4FromR8
VarR4FromStr
VarR4FromUI1
VarR4FromUI2
VarR4FromUI4
VarR4FromUI8
VarR8FromBool
VarR8FromCy
VarR8FromDate
VarR8FromDec
VarR8FromDisp
VarR8FromI1
VarR8FromI2
VarR8FromI4
VarR8FromI8
VarR8FromR4
VarR8FromStr
VarR8FromUI1
VarR8FromUI2
VarR8FromUI4
VarR8FromUI8
VarR8Pow
VarR8Round
VarRound
VarSub
VarTokenizeFormatString
VarUI1FromBool
VarUI1FromCy
VarUI1FromDate
VarUI1FromDec
VarUI1FromDisp
VarUI1FromI1
VarUI1FromI2
VarUI1FromI4
VarUI1FromI8
VarUI1FromR4
VarUI1FromR8
VarUI1FromStr
VarUI1FromUI2
VarUI1FromUI4
VarUI1FromUI8
VarUI2FromBool
VarUI2FromCy
VarUI2FromDate
VarUI2FromDec
VarUI2FromDisp
VarUI2FromI1
VarUI2FromI2
VarUI2FromI4
VarUI2FromI8
VarUI2FromR4
VarUI2FromR8
VarUI2FromStr
VarUI2FromUI1
VarUI2FromUI4
VarUI2FromUI8
VarUI4FromBool
VarUI4FromCy
VarUI4FromDate
VarUI4FromDec
VarUI4FromDisp
VarUI4FromI1
VarUI4FromI2
VarUI4FromI4
VarUI4FromI8
VarUI4FromR4
VarUI4FromR8
VarUI4FromStr
VarUI4FromUI1
VarUI4FromUI2
VarUI4FromUI8
VarUI8FromBool
VarUI8FromCy
VarUI8FromDate
VarUI8FromDec
VarUI8FromDisp
VarUI8FromI1
VarUI8FromI2
VarUI8FromI8
VarUI8FromR4
VarUI8FromR8
VarUI8FromStr
VarUI8FromUI1
VarUI8FromUI2
VarUI8FromUI4
VarUdateFromDate
VarWeekdayName
VarXor
VariantChangeType
VariantChangeTypeEx
VariantClear
VariantCopy
VariantCopyInd
VariantInit
VariantTimeToDosDateTime
VariantTimeToSystemTime
VectorFromBstr

Sections

.text
Size: 506KB - Virtual size: 506KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 1024B - Virtual size: 703B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/olepro32.dll
.dll regsvr32 windows:5 windows x86 arch:x86

320e088ac1c8676d17073aabfe6a53ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

olepro32.pdb

Imports

user32

DrawIcon
GetSysColor
WinHelpW
IsWindow
EnableWindow
GetMessageA
GetMessageW
TranslateMessage
DispatchMessageW
DispatchMessageA
PostMessageW
PostQuitMessage
GetActiveWindow
SetActiveWindow
SetFocus
DestroyWindow
GetSystemMetrics
wsprintfA
GetTopWindow
IsWindowUnicode
GetClientRect
GetDialogBaseUnits
GetDC
ReleaseDC
GetKeyState
GetWindowLongW
CharNextA
GetWindowTextA
CharLowerA
GetParent
SendMessageW
GetFocus
GetDlgItem
GetIconInfo
DestroyIcon
SetWindowLongW
CreateIcon
CreateCursor
CopyIcon
CopyImage
RegisterClipboardFormatA
wsprintfW

gdi32

GetBitmapBits
SetDIBits
SetBitmapBits
EnumFontFamiliesExW
GetTextFaceW
CreateHalftonePalette
Escape
CreateDIBSection
CreateDIBitmap
SetStretchBltMode
SetBkColor
SetTextColor
GetCurrentObject
GetObjectType
GetStockObject
RealizePalette
StretchBlt
GetDIBits
StretchDIBits
SaveDC
IntersectClipRect
GetWindowOrgEx
OffsetViewportOrgEx
PlayEnhMetaFile
EnumMetaFile
RestoreDC
DeleteEnhMetaFile
DeleteMetaFile
PlayMetaFileRecord
SelectPalette
CreatePalette
GetEnhMetaFileBits
GetMetaFileBitsEx
CreateCompatibleDC
CreateFontIndirectW
CreateFontIndirectA
GetDeviceCaps
DeleteObject
GetTextExtentPointA
GetTextMetricsW
SelectObject
GetPaletteEntries
PatBlt
CreateBitmap
SetMetaFileBitsEx
GetBitmapDimensionEx
GetObjectW
GetEnhMetaFileHeader
GetWinMetaFileBits
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetMapMode
SetEnhMetaFileBits
DeleteDC
BitBlt
CreateCompatibleBitmap

kernel32

MultiByteToWideChar
IsDBCSLeadByte
FreeLibrary
MulDiv
LockResource
LoadResource
FindResourceW
InterlockedIncrement
InterlockedDecrement
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
EnterCriticalSection
lstrlenW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GlobalDeleteAtom
GlobalAddAtomW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WideCharToMultiByte
GetProcAddress
GetModuleHandleA
GetVersion
GetSystemDirectoryA
GetLastError
LoadLibraryA

advapi32

RegOpenKeyA
RegOpenKeyW
RegCreateKeyA
RegSetValueA
RegQueryValueW
RegFlushKey
RegCloseKey

msvcrt

free
_initterm
malloc
_adjust_fdiv
??1type_info@@UAE@XZ
?terminate@@YAXXZ
wcslen
wcscpy
wcsrchr
??3@YAXPAX@Z
wcsncat
??2@YAPAXI@Z
__CxxFrameHandler
_CxxThrowException
wcsncpy
calloc
_wcslwr
wcscmp
_wcsicmp
_ftol
_CIfmod
_except_handler3

ole32

StgCreateDocfile
StringFromGUID2
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
ReleaseStgMedium
CoCreateInstance
CoGetMalloc

oleaut32

LoadTypeLi
VariantInit
VariantClear
SysFreeString
SysAllocString
VariantChangeType

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
OleCreateFontIndirect
OleCreatePictureIndirect
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPicture
OleTranslateColor

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/scrrun.dll
.dll regsvr32 windows:5 windows x86 arch:x86

76bf102dcf614f8d99ab18ac4d00b159

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
GetModuleHandleA
GetDriveTypeA
GetDriveTypeW
GetLastError
GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetVolumeInformationA
GetVolumeInformationW
SetErrorMode
SetVolumeLabelA
SetVolumeLabelW
GetLogicalDrives
FindClose
FindFirstFileA
FindFirstFileW
CreateFileA
CreateFileW
CloseHandle
ReadFile
PeekNamedPipe
WriteFile
WriteConsoleW
SetFilePointer
GetFileInformationByHandle
GetFileType
GetTickCount
GetProcAddress
LoadLibraryA
GetVersionExA
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrcpyA
GetLocaleInfoA
GetVersion
GetUserDefaultLCID
SetFileAttributesA
FreeLibrary
InterlockedIncrement
InterlockedDecrement
GetStdHandle
GetFileAttributesA
DeleteFileA
CopyFileA
GetTempPathA
GetWindowsDirectoryA
GetSystemDirectoryA
FindNextFileA
lstrcatA
GetFullPathNameA
GetShortPathNameA
RemoveDirectoryA
MoveFileA
CreateDirectoryA
GetFileAttributesW
DeleteFileW
CopyFileW
GetTempPathW
GetWindowsDirectoryW
GetSystemDirectoryW
FindNextFileW
lstrcatW
GetFullPathNameW
lstrcpyW
GetShortPathNameW
RemoveDirectoryW
MoveFileW
CreateDirectoryW
TerminateProcess
GetCurrentProcess
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CompareStringA
Sleep
CompareStringW
SetLastError
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
SetFileAttributesW
LCMapStringW

mfc42

ord825
ord823

msvcrt

towlower
_itow
_wcsicmp
rand
towupper
iswalpha
_mbctolower
_wcsnicmp
_mbctoupper
_ismbblead
_mbsdec
_mbsnbicmp
_mbsnbcpy
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
__dllonexit
_onexit
_itoa
wcscpy
wcsncpy
__CxxFrameHandler
_purecall
wcscmp
sprintf
memmove
malloc
free
isalpha
strncpy
srand
?terminate@@YAXXZ
_mbsicmp
_except_handler3
wcslen

oleaut32

VarR4FromDec
LHashValOfNameSys
LHashValOfNameSysA
VarCyFromR8
VariantChangeTypeEx
SysAllocString
LoadTypeLi
SysReAllocStringLen
VarCyFromI4
VarDecFromI4
VarCyFromR4
VarR4FromCy
SafeArrayDestroy
SafeArrayCreate
SafeArrayLock
SafeArrayUnlock
VariantClear
VariantCopy
LoadTypeLibEx
LoadRegTypeLi
SysStringLen
UnRegisterTypeLi
SysAllocStringLen
SysFreeString

ole32

CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoGetMalloc
StringFromGUID2
StringFromCLSID
CoTaskMemFree

advapi32

RegCloseKey
RegDeleteKeyA
RegOpenKeyA
RegSetValueExA
RegSetValueA
RegQueryValueA
RegEnumKeyA
RegQueryInfoKeyA
RegOpenKeyExA
IsTextUnicode
RegCreateKeyA

user32

wsprintfA
LoadStringA
CharNextA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
DoOpenPipeStream

Sections

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/stdole2.tlb
.dll windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$SYSDIR/uninstall.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$SYSDIR/winmm.dll
.dll windows:5 windows x86 arch:x86

15d0285df727f3bc7dea26870f1b127c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

winmm.pdb

Imports

advapi32

RegQueryInfoKeyW
OpenSCManagerW
RegCloseKey
CloseServiceHandle
QueryServiceConfigW
QueryServiceStatus
RegDeleteValueW
ImpersonateSelf
RegEnumKeyExW
OpenServiceW
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegOpenKeyA
RegQueryValueExA

gdi32

GetObjectW
GetBkMode

kernel32

LocalFree
WaitForSingleObject
CreateEventW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
HeapReAlloc
TlsGetValue
TlsSetValue
DisableThreadLibraryCalls
TlsAlloc
TlsFree
OpenFileMappingW
MapViewOfFile
WaitForSingleObjectEx
InterlockedExchange
UnmapViewOfFile
SleepEx
VerifyVersionInfoW
HeapSize
MultiByteToWideChar
GetACP
PulseEvent
LoadLibraryA
GetTickCount
GetModuleFileNameW
Beep
GetFileSize
GetFileTime
CompareFileTime
GlobalHandle
GlobalFree
MoveFileW
_lclose
GetTempPathW
GetTempFileNameW
DeleteFileW
GetFileAttributesW
GetFullPathNameW
_llseek
_lwrite
_lread
CreateEventA
GetCurrentThread
SetEvent
ExitThread
FindResourceW
LoadLibraryExW
LoadResource
LockResource
FreeResource
SetCurrentDirectoryW
GetCurrentDirectoryW
lstrcmpW
lstrcpyA
WideCharToMultiByte
CreateThread
SetThreadPriority
LocalAlloc
OpenEventW
EnterCriticalSection
HeapAlloc
HeapFree
Sleep
GetLastError
GetCurrentProcessId
IsBadWritePtr
IsBadStringPtrW
SetLastError
IsBadReadPtr
IsBadCodePtr
ExpandEnvironmentStringsW
lstrlenW
lstrcpyW
lstrcatW
lstrcmpiW
GetPrivateProfileStringW
CloseHandle
SearchPathW
CreateFileW
GetProfileStringW
GetProcAddress
GetModuleHandleW
LeaveCriticalSection
lstrcmpiA
lstrcpynA
FileTimeToSystemTime
GlobalUnlock
GlobalLock
GetFileAttributesExA
GetModuleFileNameA
lstrcpynW
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
LoadLibraryW
SetErrorMode
FreeLibrary
GlobalReAlloc
GlobalAlloc
InitializeCriticalSection
GetCurrentThreadId
GetThreadPriority
ResetEvent

ntdll

NtQueryVirtualMemory
RtlUnwind
RtlDeleteResource
RtlImageNtHeader
RtlInitializeResource
mbstowcs
VerSetConditionMask
NtCreateEvent
NtWaitForMultipleObjects
NtCreateTimer
NtSetTimer
NtCancelTimer
NtSetEvent
NtSetTimerResolution
NtQueryTimerResolution
memmove
RtlUnicodeToMultiByteN
RtlMultiByteToUnicodeN
wcsrchr
towlower
isdigit
wcscpy
wcscat
strncpy
strspn
strncmp
strstr
RtlReleaseResource
RtlAcquireResourceShared
RtlAcquireResourceExclusive
NtCreateSection
NtMapViewOfSection
NtUnmapViewOfSection
atoi
wcschr
wcstol
swprintf
RtlCreateUserThread
NtResumeThread
wcsncpy
wcsncmp
_wcsnicmp
wcslen
wcsncat
NtSetValueKey
RtlOpenCurrentUser
NtQueryValueKey
RtlInitUnicodeString
NtOpenKey
NtClose

rpcrt4

RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcBindingFree
NdrClientCall2
RpcStringFreeW

user32

GetWinStationInfo
GetSystemMetrics
SystemParametersInfoW
CharUpperA
LoadIconA
RegisterClassA
CreateWindowExA
GetMessageA
DispatchMessageA
DestroyWindow
DefWindowProcA
PostThreadMessageA
PeekMessageA
UnregisterClassA
PeekMessageW
MessageBoxW
GetAsyncKeyState
LoadStringA
SendMessageA
CharLowerBuffA
PostMessageA
SetTimer
LoadStringW
PostMessageW
KillTimer
RegisterWindowMessageW
IsWindow
wsprintfA
wsprintfW

Exports

Exports

CloseDriver
DefDriverProc
DriverCallback
DrvGetModuleHandle
GetDriverModuleHandle
MigrateAllDrivers
MigrateSoundEvents
NotifyCallbackData
OpenDriver
PlaySound
PlaySoundA
PlaySoundW
SendDriverMessage
WOW32DriverCallback
WOW32ResolveMultiMediaHandle
WOWAppExit
WinmmLogoff
WinmmLogon
_gfxLogoff@0
_gfxLogon@4
aux32Message
auxGetDevCapsA
auxGetDevCapsW
auxGetNumDevs
auxGetVolume
auxOutMessage
auxSetVolume
gfxAddGfx
gfxBatchChange
gfxCreateGfxFactoriesList
gfxCreateZoneFactoriesList
gfxDestroyDeviceInterfaceList
gfxEnumerateGfxs
gfxModifyGfx
gfxOpenGfx
gfxRemoveGfx
joy32Message
joyConfigChanged
joyGetDevCapsA
joyGetDevCapsW
joyGetNumDevs
joyGetPos
joyGetPosEx
joyGetThreshold
joyReleaseCapture
joySetCapture
joySetThreshold
mci32Message
mciDriverNotify
mciDriverYield
mciExecute
mciFreeCommandResource
mciGetCreatorTask
mciGetDeviceIDA
mciGetDeviceIDFromElementIDA
mciGetDeviceIDFromElementIDW
mciGetDeviceIDW
mciGetDriverData
mciGetErrorStringA
mciGetErrorStringW
mciGetYieldProc
mciLoadCommandResource
mciSendCommandA
mciSendCommandW
mciSendStringA
mciSendStringW
mciSetDriverData
mciSetYieldProc
mid32Message
midiConnect
midiDisconnect
midiInAddBuffer
midiInClose
midiInGetDevCapsA
midiInGetDevCapsW
midiInGetErrorTextA
midiInGetErrorTextW
midiInGetID
midiInGetNumDevs
midiInMessage
midiInOpen
midiInPrepareHeader
midiInReset
midiInStart
midiInStop
midiInUnprepareHeader
midiOutCacheDrumPatches
midiOutCachePatches
midiOutClose
midiOutGetDevCapsA
midiOutGetDevCapsW
midiOutGetErrorTextA
midiOutGetErrorTextW
midiOutGetID
midiOutGetNumDevs
midiOutGetVolume
midiOutLongMsg
midiOutMessage
midiOutOpen
midiOutPrepareHeader
midiOutReset
midiOutSetVolume
midiOutShortMsg
midiOutUnprepareHeader
midiStreamClose
midiStreamOpen
midiStreamOut
midiStreamPause
midiStreamPosition
midiStreamProperty
midiStreamRestart
midiStreamStop
mixerClose
mixerGetControlDetailsA
mixerGetControlDetailsW
mixerGetDevCapsA
mixerGetDevCapsW
mixerGetID
mixerGetLineControlsA
mixerGetLineControlsW
mixerGetLineInfoA
mixerGetLineInfoW
mixerGetNumDevs
mixerMessage
mixerOpen
mixerSetControlDetails
mmDrvInstall
mmGetCurrentTask
mmTaskBlock
mmTaskCreate
mmTaskSignal
mmTaskYield
mmioAdvance
mmioAscend
mmioClose
mmioCreateChunk
mmioDescend
mmioFlush
mmioGetInfo
mmioInstallIOProcA
mmioInstallIOProcW
mmioOpenA
mmioOpenW
mmioRead
mmioRenameA
mmioRenameW
mmioSeek
mmioSendMessage
mmioSetBuffer
mmioSetInfo
mmioStringToFOURCCA
mmioStringToFOURCCW
mmioWrite
mmsystemGetVersion
mod32Message
mxd32Message
sndPlaySoundA
sndPlaySoundW
tid32Message
timeBeginPeriod
timeEndPeriod
timeGetDevCaps
timeGetSystemTime
timeGetTime
timeKillEvent
timeSetEvent
waveInAddBuffer
waveInClose
waveInGetDevCapsA
waveInGetDevCapsW
waveInGetErrorTextA
waveInGetErrorTextW
waveInGetID
waveInGetNumDevs
waveInGetPosition
waveInMessage
waveInOpen
waveInPrepareHeader
waveInReset
waveInStart
waveInStop
waveInUnprepareHeader
waveOutBreakLoop
waveOutClose
waveOutGetDevCapsA
waveOutGetDevCapsW
waveOutGetErrorTextA
waveOutGetErrorTextW
waveOutGetID
waveOutGetNumDevs
waveOutGetPitch
waveOutGetPlaybackRate
waveOutGetPosition
waveOutGetVolume
waveOutMessage
waveOutOpen
waveOutPause
waveOutPrepareHeader
waveOutReset
waveOutRestart
waveOutSetPitch
waveOutSetPlaybackRate
waveOutSetVolume
waveOutUnprepareHeader
waveOutWrite
wid32Message
winmmDbgOut
winmmSetDebugLevel
wod32Message

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Web Screen Saver Builder.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 341KB - Virtual size: 340KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Web Screen Saver Builder.scr
.exe windows:4 windows x86 arch:x86

32c719f0738a4948e54976cdd17ee70b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord517
ord519
ord660
ord669
ord593
ord594
ord595
ord598
ord520
ord709
ord631
ord525
ord632
ord526
EVENT_SINK_AddRef
ord527
ord528
ord529
ord560
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord714
ord607
ord608
ord717
ProcCallEngine
ord537
ord645
ord648
ord572
ord573
ord681
ord576
ord577
ord578
ord685
ord100
ord579
ord614
ord616
ord617
ord618
ord619
ord546
ord581

Sections

.text
Size: 332KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
help.chm
.chm
htmlssb/1.htm
.html
htmlssb/2.htm
.html
webssb.xml
.xml
webssb.xml
.xml

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 7KB - Virtual size: 7KB

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

6b3b1878ee54569f3a5883e897c2543b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

user32

gdi32

kernel32

advapi32

ole32

version

setupapi

shlwapi

Exports

Exports

Sections

.text Size: 110KB - Virtual size: 109KB

.data Size: 2KB - Virtual size: 55KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 6KB

988f29c1eb8054253091352741683c76

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

oleaut32

comdlg32

gdi32

Exports

Exports

Sections

.text Size: 69KB - Virtual size: 68KB

.data Size: 4KB - Virtual size: 3KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 7KB - Virtual size: 7KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 110KB - Virtual size: 109KB

.data
Size: 2KB - Virtual size: 55KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 6KB

.text
Size: 69KB - Virtual size: 68KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 51KB - Virtual size: 51KB

.reloc
Size: 67KB - Virtual size: 80KB

.text
Size: 69KB - Virtual size: 68KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 51KB - Virtual size: 51KB

.reloc
Size: 67KB - Virtual size: 80KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 15KB - Virtual size: 31KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 5KB

.text
Size: 68KB - Virtual size: 67KB

.data
Size: - Virtual size: 11KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 59KB - Virtual size: 58KB

.data
Size: 512B - Virtual size: 156B

.rsrc
Size: 1024B - Virtual size: 984B

.reloc
Size: 2KB - Virtual size: 1KB