8507ce0a8e439a98906fa1ebbff6017b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8507ce0a8e439a98906fa1ebbff6017b_JaffaCakes118
Size

11.8MB
MD5

8507ce0a8e439a98906fa1ebbff6017b
SHA1

10cc10f8e58aa88a00bd080a47f3c5676f67e1f7
SHA256

209e259d2efa76f8317ed82762ab569e2cdaaad0377db88415b6c42147a75f3a
SHA512

62354a42beee76d4f04bf5ce752df5eed831617856b5cf4b466d4eccd2f7272a2823eb13cd017e83ed45bd2c8fc1ec0a209c81fda362c8800a85d8eef902aa6b
SSDEEP

196608:wR6H8cp6dXM88gq17s0vDRo4TUW94qc63j9yTH/V4c1ALoa1/5eDOxDasFdB:wROoMHH5HLRo4TUhqyJNC4DQP

Score

5^/10

pdf link

Malware Config

Signatures

Malformed data in PDF
A PDF can contain malformed data to evade detection
pdf
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Unsigned PE 19 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Common/InstallShield/UpdateService/ISDM.exe
unpack001/Common/InstallShield/UpdateService/ISUSPM.exe
unpack001/Common/InstallShield/UpdateService/_ispmres.dll
unpack001/Common/InstallShield/UpdateService/_isusres.dll
unpack001/Common/InstallShield/UpdateService/agent.exe
unpack001/Common/InstallShield/UpdateService/issch.exe
unpack001/System32/ISUSPM.cpl
unpack001/System32/Redist/MS/System/msvcrt.dll
unpack001/Windows/Downloaded Program Files/dwusplay.dll
unpack001/Windows/Downloaded Program Files/dwusplay.exe
unpack001/Windows/Downloaded Program Files/isusweb.dll
unpack001/program files/HyperNiche 2/CreateDesktopShortcut.exe
unpack001/program files/HyperNiche 2/Dforrt.dll
unpack001/program files/HyperNiche 2/DistrHN.dll
unpack001/program files/HyperNiche 2/MSVCRT.DLL
unpack001/program files/HyperNiche 2/Model.dll
unpack001/program files/HyperNiche 2/Niche2.dll
unpack001/program files/HyperNiche 2/ShuffNiche.dll
unpack001/program files/HyperNiche 2/Therm4.dll

Files

8507ce0a8e439a98906fa1ebbff6017b_JaffaCakes118
.zip
0x0409.ini
Autorun.inf
Common/InstallShield/UpdateService/ISDM.exe
.exe windows:4 windows x86 arch:x86

b5558fce337c1e97773643800b7ef9dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
EnterCriticalSection
lstrcpyA
LocalFree
FormatMessageA
DeleteFileA
WriteFile
Sleep
InterlockedDecrement
QueryPerformanceFrequency
GetPrivateProfileStringA
FreeLibrary
GetProcAddress
LoadLibraryA
CreateFileA
ReadFile
CopyFileA
GetTempFileNameA
GetTempPathA
SetFilePointer
GetFileSize
GetDiskFreeSpaceA
GetModuleHandleA
lstrcatA
SetLastError
CompareStringA
CompareStringW
GetVersionExA
LoadResource
FindResourceExA
CreateProcessA
FlushInstructionCache
GetCurrentProcess
GetShortPathNameA
GetModuleFileNameA
SizeofResource
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
SetUnhandledExceptionFilter
GetCommandLineA
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
SetEndOfFile
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
TerminateProcess
IsBadWritePtr
InterlockedIncrement
lstrlenW
WideCharToMultiByte
GetTickCount
GetCurrentThreadId
lstrlenA
MultiByteToWideChar
ResetEvent
GetLastError
SetEvent
WaitForSingleObject
CreateEventA
CreateThread
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
ExitProcess
GetVersion
GetStartupInfoA
HeapAlloc
HeapReAlloc
HeapFree
RaiseException
RtlUnwind
SystemTimeToFileTime
QueryPerformanceCounter
GetWindowsDirectoryA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
SearchPathA
FindFirstFileA
VirtualProtect
VirtualQuery
FindClose
CloseHandle

user32

CreateWindowExA
RegisterClassExA
LoadCursorA
CharLowerBuffA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageA
PostMessageA
IsWindow
MessageBoxA
LoadStringA
wsprintfA
GetClassInfoExA
GetDesktopWindow
DefWindowProcA
SendMessageA
GetMessageA
PostThreadMessageA
CharNextA
SetWindowLongA
CallWindowProcA
GetWindowLongA
DestroyWindow

advapi32

RegDeleteKeyA
RegEnumKeyA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegDeleteValueA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ole32

CoInitialize
CoUninitialize
ProgIDFromCLSID
StringFromGUID2
CoCreateGuid
CLSIDFromProgID
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemFree

oleaut32

RegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysAllocStringLen
VarUI4FromStr
DispCallFunc
GetErrorInfo
CreateErrorInfo
SetErrorInfo
LoadRegTypeLi
SysStringLen
VariantClear

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Common/InstallShield/UpdateService/ISUSPM.exe
.exe windows:4 windows x86 arch:x86

67af66ba0443aed8fc5e024dc8ee29b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetProcAddress
GetSystemTime
lstrcmpiA
GetPrivateProfileStringA
WritePrivateProfileStringA
CreateProcessA
GetModuleFileNameA
CloseHandle
CreateMutexA
GetCurrentThreadId
CreateEventA
WaitForSingleObject
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
lstrcmpA
LockResource
FreeResource
GlobalHandle
GetShortPathNameA
GetModuleHandleA
MulDiv
TerminateThread
CreateThread
ExitThread
GetDateFormatA
lstrcpynA
CreateDirectoryA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GlobalFree
GetCPInfo
LCMapStringW
LCMapStringA
WriteFile
TlsGetValue
TlsAlloc
TlsSetValue
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
RtlUnwind
HeapCreate
GetEnvironmentVariableA
VirtualAlloc
VirtualFree
HeapSize
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
HeapFree
HeapAlloc
HeapReAlloc
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentProcess
FlushInstructionCache
EnterCriticalSection
LeaveCriticalSection
SetEvent
CopyFileA
GetFileAttributesA
GetTickCount
CompareStringW
CompareStringA
lstrlenW
LoadLibraryA
FindResourceExA
FindResourceA
LoadResource
GetVersionExA
GetUserDefaultLangID
lstrcpyA
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
GetLastError
SetLastError
GetWindowsDirectoryA

user32

IsWindow
BeginPaint
FillRect
EndPaint
GetFocus
IsChild
SetFocus
GetSysColor
RedrawWindow
GetClassNameA
GetDesktopWindow
CreateAcceleratorTableA
ReleaseCapture
SetCapture
GetParent
ReleaseDC
ScreenToClient
SetWindowPos
DrawTextA
SendMessageA
GetDC
CopyRect
GetClientRect
GetWindowRect
InvalidateRect
ShowWindow
SetWindowTextA
InvalidateRgn
AppendMenuA
GetSystemMenu
SetForegroundWindow
UpdateWindow
SetCursor
PtInRect
SetTimer
LoadBitmapA
GetSysColorBrush
CreateWindowExA
GetDlgItem
wsprintfA
EndDialog
CallWindowProcA
GetWindowTextLengthA
GetWindowTextA
RegisterWindowMessageA
GetClassInfoExA
RegisterClassExA
DialogBoxIndirectParamA
DialogBoxParamA
CreateDialogIndirectParamA
CreateDialogParamA
GetMessageA
MsgWaitForMultipleObjects
GetActiveWindow
FindWindowA
DefWindowProcA
CharLowerA
MessageBoxA
DestroyWindow
EnableWindow
LoadCursorA
SetClassLongA
PostQuitMessage
GetSystemMetrics
LoadImageA
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetWindowLongA
GetWindow
SystemParametersInfoA
MapWindowPoints
SetWindowLongA
GetDlgCtrlID

gdi32

SetBkMode
CreateFontIndirectA
SetTextColor
GetStockObject
GetObjectA
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
DeleteDC
SelectObject
GetDeviceCaps

advapi32

RegCloseKey
RegOpenKeyExA
RegOpenKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueExA

shell32

Shell_NotifyIconA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA

ole32

OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoCreateInstance
CLSIDFromString

oleaut32

VariantCopy
VariantChangeType
OleCreateFontIndirect
DispCallFunc
LoadRegTypeLi
VariantClear
SysAllocStringLen
SysFreeString
SysAllocString
SysStringLen

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

comctl32

ImageList_Create
ImageList_Destroy
ImageList_AddMasked
ord17

Sections

.text
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Common/InstallShield/UpdateService/ISUSPM.exe.manifest
.xml
Common/InstallShield/UpdateService/_ispmres.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 4KB - Virtual size: 6B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 364KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Common/InstallShield/UpdateService/_isusres.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 352KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Common/InstallShield/UpdateService/agent.exe
.exe windows:4 windows x86 arch:x86

41c854ae4a642c567f1b793f7fac60cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
lstrcmpiA
InterlockedDecrement
Sleep
SetUnhandledExceptionFilter
CreateProcessA
GetCommandLineA
FreeLibrary
SizeofResource
LoadLibraryExA
lstrcpynA
IsDBCSLeadByte
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
GetProcAddress
lstrcatA
InterlockedIncrement
GetPrivateProfileStringA
GetFileAttributesA
WritePrivateProfileStringA
CreateDirectoryA
CopyFileA
FindClose
FindNextFileA
FindFirstFileA
LocalAlloc
WritePrivateProfileSectionA
GetPrivateProfileSectionNamesA
RemoveDirectoryA
DeleteFileA
GetTempPathA
ResetEvent
CreateFileA
GetWindowsDirectoryA
OutputDebugStringA
GetLocalTime
QueryPerformanceFrequency
GetTempFileNameA
WriteFile
GetModuleHandleA
SetEnvironmentVariableA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
GetShortPathNameA
SetStdHandle
SetFilePointer
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
LCMapStringW
LCMapStringA
TlsGetValue
TlsAlloc
TlsSetValue
HeapSize
TerminateProcess
ExitProcess
GetVersion
GetStartupInfoA
GetSystemTime
GetTimeZoneInformation
HeapReAlloc
HeapAlloc
HeapFree
RaiseException
RtlUnwind
SystemTimeToFileTime
QueryPerformanceCounter
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetFileSize
ReadFile
SearchPathA
VirtualProtect
VirtualQuery
InterlockedExchange
GlobalFree
GlobalAlloc
GlobalUnlock
GetCurrentProcess
FlushInstructionCache
CompareStringW
CompareStringA
GetVersionExA
MultiByteToWideChar
GetUserDefaultLangID
FormatMessageA
LocalFree
LoadLibraryA
FindResourceExA
FindResourceA
LoadResource
LockResource
GlobalLock
GetLastError
SetLastError
GetTickCount
OpenEventA
WideCharToMultiByte
lstrlenW
lstrcmpA
CreateThread
SetEvent
WaitForSingleObject
CloseHandle
CreateEventA
lstrcpyA
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
lstrlenA
FlushFileBuffers

user32

GetDlgItem
LoadCursorA
SendDlgItemMessageA
GetWindowLongA
GetSysColor
PtInRect
EndDialog
LoadStringA
CharLowerBuffA
GetActiveWindow
GetWindowRect
ClientToScreen
DialogBoxParamA
GetPropA
IsDialogMessageA
KillTimer
IsDlgButtonChecked
SetCursor
UpdateWindow
InvalidateRect
ScreenToClient
FillRect
SetPropA
RemovePropA
EnableMenuItem
SetWindowRgn
ExitWindowsEx
SetWindowTextA
GetDesktopWindow
CallWindowProcA
GetClassInfoExA
RegisterClassExA
DefWindowProcA
PostMessageA
DestroyCursor
CreateWindowExA
GetMessageA
CharNextA
PostThreadMessageA
GetDC
ReleaseDC
CharLowerA
CreateDialogIndirectParamA
CreateDialogParamA
GetDlgCtrlID
SetWindowLongA
GetSysColorBrush
DialogBoxIndirectParamA
MessageBoxA
GetParent
GetWindow
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
PeekMessageA
MsgWaitForMultipleObjects
TranslateMessage
DispatchMessageA
DestroyWindow
EnableWindow
wsprintfA
SetDlgItemTextA
LoadImageA
SendMessageA
GetSystemMenu
AppendMenuA
ShowWindow
SetForegroundWindow
BeginPaint
IsWindow
EndPaint

gdi32

BitBlt
CreateCompatibleBitmap
GetDeviceCaps
SaveDC
SelectObject
SetBkMode
TextOutA
RestoreDC
GetObjectA
CreateFontIndirectA
SetBkColor
CreateSolidBrush
DeleteObject
CreateBitmap
CreateCompatibleDC
GetStockObject
CreateRectRgn
SetTextColor
DeleteDC

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegDeleteValueA
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegEnumKeyA
RegQueryValueA

shell32

ShellExecuteA

ole32

CLSIDFromString
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateGuid
StringFromGUID2
CLSIDFromProgID
CoCreateInstance
CoFreeUnusedLibraries
CoInitialize
CoUninitialize
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

oleaut32

VariantClear
DispCallFunc
SysStringByteLen
SysAllocStringByteLen
SafeArrayGetElement
SafeArrayCreate
SafeArrayPutElement
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
VariantCopy
VariantChangeType
VariantInit
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
GetErrorInfo
CreateErrorInfo
SetErrorInfo
SysFreeString
SysAllocString
SysAllocStringLen
SysStringLen

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Common/InstallShield/UpdateService/images/File16.gif
.gif
Common/InstallShield/UpdateService/images/HelpDoc16.gif
.gif
Common/InstallShield/UpdateService/images/background.jpg
.jpg
Common/InstallShield/UpdateService/images/left_task.gif
.gif
Common/InstallShield/UpdateService/images/left_task2.gif
.gif
Common/InstallShield/UpdateService/issch.exe
.exe windows:4 windows x86 arch:x86

06f92f95d6c22bf59f41fc161357f85b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
GetProcAddress
CompareStringW
CreateProcessA
OpenMutexA
CreateMutexA
LoadLibraryA
CloseHandle
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetLastError
GetFullPathNameA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
RaiseException
HeapAlloc
HeapReAlloc
HeapSize
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCurrentDirectoryA
GetDriveTypeA
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
SetEnvironmentVariableA

user32

GetMessageA
TranslateMessage
DispatchMessageA
SetTimer

advapi32

RegSetValueExA
RegQueryValueExA
RegCreateKeyA
RegCloseKey
RegOpenKeyExA
RegDeleteValueA

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Common/InstallShield/UpdateService/pm.css
Common/InstallShield/UpdateService/pm.html
.html
HyperNiche 2.msi
.msi
Personal/HyperNiche/Example Data/Climate200.wk1
Personal/HyperNiche/Example Data/Default.npj
Personal/HyperNiche/Example Data/Larix200.wk1
Personal/HyperNiche/Example Data/LarixAndClimate200.xlsx
.xlsx office2007
Personal/HyperNiche/Example Data/Readme.txt
Personal/HyperNiche/Example Data/SigmGaus.mjm
Personal/HyperNiche/Example Data/SigmGaus.spx
Personal/HyperNiche/Example Data/SigmGaus.wk1
Personal/HyperNiche/Example Data/SigmGaus.xls
.xls windows office2003
Personal/HyperNiche/Example Data/SigmGaus2.mjm
Personal/HyperNiche/Example Data/SigmGaus2.wk1
Setup.ini
System32/ISUSPM.cpl
.dll windows:4 windows x86 arch:x86

7660b46a9b95303e64e1fd87820b1651

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatA
WinExec
GetCommandLineA
GetVersion
HeapFree
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

user32

SendMessageA
LoadIconA
LoadStringA
FindWindowA

advapi32

RegQueryValueExA
RegOpenKeyA

Exports

Exports

??0CISUSPMApplet@@QAE@XZ
??4CISUSPMApplet@@QAEAAV0@ABV0@@Z
?fnISUSPMApplet@@YAHXZ
?nISUSPMApplet@@3HA
CPlApplet

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
System32/Redist/MS/System/msvcrt.dll
.dll windows:4 windows x86 arch:x86

8d26773106ed39fbb89a157d19d8aa89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
RtlUnwind
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetUnhandledExceptionFilter
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
ResumeThread
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapFree
HeapAlloc
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
SetEnvironmentVariableW
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
RaiseException
SetStdHandle
Sleep
CompareStringA
CompareStringW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
GetTimeZoneInformation
SetEnvironmentVariableA
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
HeapSize
ReadConsoleA
SetConsoleMode
GetConsoleMode
SetEndOfFile
WriteConsoleA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
GetSystemTimeAsFileTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime
GetSystemTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__argc
__argv
__badioinfo
__crtCompareStringA
__crtGetLocaleInfoW
__crtLCMapStringA
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__isascii
__iscsym
__iscsymf
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pioinfo
__pxcptinfoptrs
__set_app_type
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__unguarded_readlc_active
__wargv
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_creat
_cscanf
_ctype
_cwait
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirsti64
_findnext
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstati64
_ftime
_ftol
_fullpath
_futime
_gcvt
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getws
_global_unwind2
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putws
_pwctype
_read
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_searchenv
_seh_longjmp_unwind
_set_error_mode
_set_sbh_threshold
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snwprintf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_splitpath
_stat
_stati64
_statusfp
_strcmpi
_strdate
_strdup
_strerror
_stricmp
_stricoll
_strlwr
_strncoll
_strnicmp
_strnicoll
_strnset
_strrev
_strset
_strtime
_strupr
_swab
_sys_errlist
_sys_nerr
_tell
_telli64
_tempnam
_timezone
_tolower
_toupper
_tzname
_tzset
_ui64toa
_ui64tow
_ultoa
_ultow
_umask
_ungetch
_unlink
_unloaddll
_unlock
_utime
_vsnprintf
_vsnwprintf
_waccess
_wasctime
_wchdir
_wchmod
_wcmdln
_wcreat
_wcsdup
_wcsicmp
_wcsicoll
_wcslwr
_wcsncoll
_wcsnicmp
_wcsnicoll
_wcsnset
_wcsrev
_wcsset
_wcsupr

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Windows/Downloaded Program Files/dwusplay.dll
.dll regsvr32 windows:4 windows x86 arch:x86

20c1e5775eb662eff59e2cb64ab94f42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
CreateProcessA
lstrcatA
lstrcpyA
lstrlenA
WaitForSingleObject
GetLastError

ole32

CoGetClassObject

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 4KB - Virtual size: 482B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 467B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 564B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Windows/Downloaded Program Files/dwusplay.exe
.exe windows:4 windows x86 arch:x86

44a3ea2f229e01c32eec53eb29e8e0ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

FlushInstructionCache
InterlockedIncrement
GetCurrentThreadId
GetCurrentProcess
GetDiskFreeSpaceA
FindClose
LocalFileTimeToFileTime
QueryPerformanceFrequency
DosDateTimeToFileTime
GetFileAttributesA
InterlockedDecrement
lstrcmpA
FreeLibrary
LoadLibraryA
HeapAlloc
CreateFileA
GetFileSize
FindFirstFileA
SetFilePointer
GetModuleFileNameA
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
GetProcAddress
lstrcatA
ReadFile
CreateMutexA
ReleaseMutex
GetTickCount
WriteFile
MoveFileA
GetTempFileNameA
GetTempPathA
LockResource
CreateThread
GetSystemInfo
HeapCreate
GetShortPathNameA
MapViewOfFile
CreateFileMappingA
GetModuleHandleA
GetUserDefaultLangID
OpenEventA
CreateDirectoryA
lstrcpynA
SetFileAttributesA
GetSystemDirectoryA
GetStartupInfoA
ExitProcess
GetCommandLineA
DebugBreak
HeapReAlloc
HeapFree
GetWindowsDirectoryA
GetDriveTypeA
GlobalSize
GlobalLock
GlobalAlloc
FreeResource
LocalFree
FormatMessageA
GlobalFree
GlobalUnlock
IsBadReadPtr
VirtualQuery
VirtualProtect
SearchPathA
ResetEvent
QueryPerformanceCounter
SystemTimeToFileTime
RtlUnwind
GetStringTypeA
GetStringTypeW
WaitForSingleObject
EnterCriticalSection
lstrlenW
CreateEventA
LoadResource
GetCurrentProcessId
Sleep
lstrlenA
lstrcpyA
CloseHandle
GetVersionExA
CompareStringW
WideCharToMultiByte
CompareStringA
MultiByteToWideChar
GetLastError
SetLastError
LeaveCriticalSection
AddAtomA
SetFileTime
SetEvent
RemoveDirectoryA
lstrcmpiA
DeleteFileA
GetAtomNameA
GetFileTime
CreateProcessA
SizeofResource
FindResourceA
UnmapViewOfFile

user32

GetWindow
SystemParametersInfoA
GetClientRect
GetParent
MapWindowPoints
SetWindowLongA
BeginPaint
IsWindow
EndPaint
PostThreadMessageA
GetDesktopWindow
ScreenToClient
ShowWindow
LoadImageA
SendMessageA
SendDlgItemMessageA
LoadStringA
TranslateMessage
LoadCursorA
SetDlgItemTextA
GetWindowLongA
MessageBoxA
GetMessageA
SetWindowTextA
FillRect
WaitForInputIdle
InvalidateRect
UpdateWindow
GetWindowRect
PtInRect
EndDialog
DestroyCursor
GetSysColor
GetActiveWindow
DialogBoxParamA
GetForegroundWindow
MsgWaitForMultipleObjects
PeekMessageA
DispatchMessageA
wsprintfA
CharNextA
KillTimer
SetTimer
IsDlgButtonChecked
CheckDlgButton
IsDialogMessageA
SetForegroundWindow
GetPropA
EnableMenuItem
SetPropA
RemovePropA
CreateDialogIndirectParamA
SetWindowRgn
DestroyWindow
GetDlgItem
EnableWindow
ClientToScreen
SetCursor
SetWindowPos
DrawTextA
GetWindowDC
GetWindowTextA
PostMessageA
ReleaseDC
GetDialogBaseUnits
GetClassNameA
SetFocus
CallWindowProcA
DefWindowProcA
MoveWindow
CharLowerBuffA
GetAsyncKeyState
RegisterClassA
CreateWindowExA

gdi32

GetObjectA
RestoreDC
TextOutA
SetBkMode
SelectObject
GetDeviceCaps
CreateRectRgn
SaveDC
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
SetBkColor
BitBlt
SetTextColor
CreateFontIndirectA
GetStockObject
CreateSolidBrush
PatBlt

comdlg32

GetSaveFileNameA

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegQueryValueA
RegCreateKeyA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA

shell32

SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA

ole32

CoInitialize
CoFreeUnusedLibraries
StgOpenStorage
CoCreateInstance
CoMarshalInterThreadInterfaceInStream
CoReleaseMarshalData
CoTaskMemAlloc
CoRegisterClassObject
CoRevokeClassObject
GetRunningObjectTable
CoGetInterfaceAndReleaseStream
CoUninitialize
StringFromCLSID
CoTaskMemFree
StringFromGUID2
CoCreateGuid

oleaut32

RegisterTypeLi
SafeArrayGetLBound
SafeArrayGetUBound
LoadTypeLi
SafeArrayCreate
SafeArrayPutElement
SafeArrayCopy
VariantChangeType
LoadRegTypeLi
SafeArrayGetElement
VariantCopy
SysStringLen
SysFreeString
SysAllocString
SysAllocStringLen
VariantClear

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows/Downloaded Program Files/isusweb.dll
.dll regsvr32 windows:4 windows x86 arch:x86

65990736aa502070200088a9d7f82aea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GetProcAddress
FreeLibrary
GetFileAttributesA
FindNextFileA
lstrcpynA
lstrcmpiA
GetModuleHandleA
GetWindowsDirectoryA
GetSystemDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
CopyFileA
CreateFileA
QueryPerformanceFrequency
CreateEventA
WriteFile
Sleep
GetTempFileNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetShortPathNameA
GetModuleFileNameA
DisableThreadLibraryCalls
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
lstrcatA
FlushInstructionCache
GetCurrentProcess
LockResource
FindResourceA
GetUserDefaultLangID
SystemTimeToFileTime
QueryPerformanceCounter
ResetEvent
SetEvent
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetFileSize
SearchPathA
VirtualProtect
VirtualQuery
ReadFile
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
SetFilePointer
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
LCMapStringW
LCMapStringA
HeapSize
TerminateProcess
SetUnhandledExceptionFilter
ExitProcess
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
GetVersion
GlobalAlloc
GlobalLock
GlobalUnlock
LoadLibraryA
FindResourceExA
LoadResource
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
SetLastError
GetTickCount
GetCurrentThreadId
FindFirstFileA
FindClose
lstrlenA
DeleteFileA
RemoveDirectoryA
CloseHandle
WaitForSingleObject
lstrcpyA
GetCommandLineA
HeapReAlloc
HeapFree
HeapAlloc
RaiseException
WideCharToMultiByte
RtlUnwind
InterlockedExchange
lstrlenW
MultiByteToWideChar
CompareStringA
CompareStringW
GetVersionExA
InterlockedDecrement
GetLastError
CreateDirectoryA
GetTempPathA
LocalFree
FormatMessageA
GetExitCodeProcess
CreateProcessA

user32

DispatchMessageA
TranslateMessage
CharLowerA
PeekMessageA
EnableWindow
GetDlgItem
SetDlgItemTextA
wsprintfA
MessageBoxA
GetDesktopWindow
CharLowerBuffA
MsgWaitForMultipleObjects
IsWindow
SetWindowTextA
GetSysColorBrush
GetParent
GetWindow
SystemParametersInfoA
MapWindowPoints
IsDlgButtonChecked
KillTimer
GetDlgCtrlID
BeginPaint
EndPaint
FillRect
ScreenToClient
GetClientRect
SetWindowPos
GetMessageA
IsDialogMessageA
SetForegroundWindow
GetPropA
SetPropA
RemovePropA
CreateDialogIndirectParamA
CreateDialogParamA
InvalidateRect
UpdateWindow
SetCursor
ClientToScreen
GetWindowRect
PtInRect
LoadCursorA
EndDialog
GetActiveWindow
DialogBoxParamA
EnableMenuItem
GetSystemMenu
AppendMenuA
LoadImageA
GetWindowLongA
SetWindowLongA
SetWindowRgn
ShowWindow
SendMessageA
SendDlgItemMessageA
DestroyWindow
ExitWindowsEx
GetSysColor
CharNextA
LoadStringA
FindWindowA

gdi32

GetStockObject
CreateCompatibleDC
CreateBitmap
CreateCompatibleBitmap
BitBlt
DeleteDC
GetDeviceCaps
SaveDC
SelectObject
SetBkMode
TextOutA
RestoreDC
GetObjectA
CreateFontIndirectA
SetTextColor
SetBkColor
CreateRectRgn
DeleteObject
CreateSolidBrush

comdlg32

GetSaveFileNameA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA

ole32

StgOpenStorage
ProgIDFromCLSID
CoCreateGuid
CoCreateInstance
CLSIDFromString
CoLoadLibrary
CLSIDFromProgID
StringFromGUID2
StringFromCLSID
CoTaskMemFree

oleaut32

SafeArrayDestroy
SysAllocStringByteLen
SysStringByteLen
VariantCopy
SetErrorInfo
CreateErrorInfo
LoadRegTypeLi
SafeArrayGetElement
VariantInit
SafeArrayGetLBound
SafeArrayGetUBound
VariantChangeType
GetErrorInfo
RegisterTypeLi
LoadTypeLi
DispCallFunc
SafeArrayCreate
SafeArrayPutElement
VariantClear
SysStringLen
SysAllocStringLen
SysFreeString
SysAllocString

advapi32

RegQueryValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegEnumKeyA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
instmsia.exe
.exe windows:5 windows x86 arch:x86

1494de9b53e05fc1f40cb92afbdd6ce4

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:06:2a:8d:00:00:00:00:00:0b
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

29/03/2001, 21:27

Not After

29/05/2002, 21:37

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2001 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
GetModuleFileNameA
lstrlenA
GetSystemDirectoryA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
lstrcatA
lstrcpyA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
GetProcAddress
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
CloseHandle
LoadResource
SizeofResource
FindResourceA
ReadFile
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
LockResource
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
GlobalFree

gdi32

GetDeviceCaps

user32

ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
instmsiw.exe
.exe windows:5 windows x86 arch:x86

1494de9b53e05fc1f40cb92afbdd6ce4

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:06:2a:8d:00:00:00:00:00:0b
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

29/03/2001, 21:27

Not After

29/05/2002, 21:37

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2001 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
GetModuleFileNameA
lstrlenA
GetSystemDirectoryA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
lstrcatA
lstrcpyA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
GetProcAddress
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
CloseHandle
LoadResource
SizeofResource
FindResourceA
ReadFile
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
LockResource
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
GlobalFree

gdi32

GetDeviceCaps

user32

ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
program files/HyperNiche 2/CreateDesktopShortcut.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 410KB - Virtual size: 409KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
program files/HyperNiche 2/Dforrt.dll
.dll windows:4 windows x86 arch:x86

f16160446b09f4eec43d41910e3edf2a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_CIfmod
_CIlog
_CIsinh
_CIexp
_CItan
_CItanh
_CIpow
_CIcos
_CIsin
_CIsqrt
_CIlog10
_ftol
fprintf
__p__iob
sprintf
freopen
exit
abort
vsprintf
putchar
_except_handler3
_CIatan2
_CIcosh
fopen
_sys_errlist
_sys_nerr
floor
frexp
realloc
tolower
sscanf
strftime
gmtime
atol
_stricmp
strncat
strcspn
ldexp
strncmp
_initterm
_adjust_fdiv
_CIatan
_CIasin
_CIacos
clock
time
signal
__p___mb_cur_max
_isctype
__p__pctype
_clearfp
__p___argc
__p___argv
_controlfp
localtime
mktime
_searchenv
remove
rename
_utime
_findfirst
_findnext
_findclose
_splitpath
_fullpath
_rmdir
_mkdir
_chdir
_chdrive
_getdcwd
_getdrives
_getdiskfree
system
_spawnlp
bsearch
qsort
_sleep
toupper
strchr
_putenv
_strupr
getenv
strncpy
_kbhit
_getch
_errno
malloc
free
_ltoa
fclose

kernel32

GetFileInformationByHandle
GetFullPathNameA
GetTempPathA
GetTempFileNameA
CreateProcessA
SetThreadPriority
WaitForSingleObject
DeleteFileA
WriteFile
GetFileType
GetFileAttributesA
SetEndOfFile
FileTimeToLocalFileTime
SystemTimeToFileTime
GetProcessTimes
ReadFile
VirtualFree
VirtualAlloc
GetModuleHandleA
CreateFileA
CreateFileMappingA
MapViewOfFile
VirtualQuery
GetModuleFileNameA
GetCurrentThread
FreeLibrary
DebugBreak
FormatMessageA
CloseHandle
GetStdHandle
RaiseException
GetCommandLineA
SetLastError
SetConsoleCtrlHandler
GetACP
SetFileAttributesA
FlushFileBuffers
SetFilePointer
LoadLibraryA
GetProcAddress
GetCurrentProcess
SetLocalTime
GetLocalTime
GetVersionExA
Beep
Sleep
SetErrorMode
GetLastError

Exports

Exports

BEEPQQ
BSEARCHQQ
CHANGEDIRQQ
CHANGEDRIVEQQ
COMMITQQ
DELDIRQQ
DELFILESQQ
FINDFILEQQ
FOCUSQQ
FULLPATHQQ
GETARG
GETCHARQQ
GETCONFIGQQ
GETDAT
GETDRIVEDIRQQ
GETDRIVESIZEQQ
GETDRIVESQQ
GETENVQQ
GETFILEINFOQQ
GETHANDLEQQ
GETHWNDQQ
GETLASTERRORQQ
GETSTRQQ
GETTIM
GETUNITQQ
GETWSIZEQQ
INQFOCUSQQ
LCWRQQ
MAKEDIRQQ
NARGS
PACKTIMEQQ
PEEKCHARQQ
RANDOM
RENAMEFILEQQ
RUNQQ
SCWRQQ
SEED
SETDAT
SETENVQQ
SETERRORMODEQQ
SETFILEACCESSQQ
SETFILETIMEQQ
SETTIM
SETWSIZEQQ
SLEEPQQ
SORTQQ
SPLITPATHQQ
SSWRQQ
SYSTEMQQ
UNPACKTIMEQQ
_FFunusedqq
_FIIacos
_FIIacosd
_FIIaint
_FIIalog10
_FIIamod
_FIIanint
_FIIasin
_FIIasind
_FIIatan
_FIIatan2
_FIIatan2d
_FIIatand
_FIIcabs
_FIIccos
_FIIcdiv
_FIIcexp
_FIIclog
_FIIcosd
_FIIcosh
_FIIcotan
_FIIcpow
_FIIcsin
_FIIcsqrt
_FIIdacosd
_FIIdasind
_FIIdatan2d
_FIIdatand
_FIIdcosd
_FIIdim
_FIIdsind
_FIIdtand
_FIIexp
_FIIfexp
_FIIfexp_
_FIIlog
_FIIsign
_FIIsind
_FIIsinh
_FIItan
_FIItand
_FIItanh
_FIacos
_FIacosd
_FIaint
_FIalog10
_FIamod
_FIanint
_FIasin
_FIasind
_FIatan
_FIatan2
_FIatan2d
_FIatand
_FIcabs
_FIccos
_FIcdiv
_FIcexp
_FIclog
_FIcos
_FIcosd
_FIcosh
_FIcotan
_FIcpow
_FIcsin
_FIcsqrt
_FIdacosd
_FIdasind
_FIdatan2d
_FIdatand
_FIdcosd
_FIdim
_FIdprod
_FIdsind
_FIdtand
_FIexp
_FIfexp
_FIfexp_
_FIibits1
_FIibits2
_FIibits4
_FIizext
_FIjzext
_FIlog
_FIsign
_FIsin
_FIsind
_FIsinh
_FIsqrt
_FItan
_FItand
_FItanh
_FQclearscreen
_FQdisplaycursor
_FQscrolltextwindow
_FXABS
_FXACOS
_FXACOSD4
_FXAIMAG
_FXAINT
_FXALOG
_FXALOG10
_FXAMOD
_FXANINT
_FXAREAL
_FXASIN
_FXASIND4
_FXATAN
_FXATAN2
_FXATAN2D4
_FXATAND4
_FXBTEST2
_FXBTEST4
_FXCABS
_FXCCOS
_FXCDABS
_FXCDCOS
_FXCDEXP
_FXCDLOG
_FXCDSIN
_FXCDSQRT
_FXCEXP
_FXCLOG
_FXCONJG
_FXCOS
_FXCOSD4
_FXCOSH
_FXCOTAN
_FXCSIN
_FXCSQRT
_FXDABS
_FXDACOS
_FXDACOSD4
_FXDASIN
_FXDASIND4
_FXDATAN
_FXDATAN2
_FXDATAN2D4
_FXDATAND4
_FXDBLE
_FXDCONJG
_FXDCOS
_FXDCOSD4
_FXDCOSH
_FXDCOTAN
_FXDDIM
_FXDEXP
_FXDFLOATI
_FXDFLOATJ
_FXDIM
_FXDIMAG
_FXDINT
_FXDLOG
_FXDLOG10
_FXDMOD
_FXDNINT
_FXDPROD
_FXDREAL
_FXDSIGN
_FXDSIN
_FXDSIND4
_FXDSINH
_FXDSQRT
_FXDTAN
_FXDTAND4
_FXDTANH
_FXEXP
_FXFLOATI
_FXFLOATJ
_FXIABS
_FXIABS2
_FXIABS4
_FXIACOS
_FXIACOSD4
_FXIAIMAG
_FXIAINT
_FXIALOG
_FXIALOG10
_FXIAMOD
_FXIAND2
_FXIAND4
_FXIANINT
_FXIAREAL
_FXIASIN
_FXIASIND4
_FXIATAN
_FXIATAN2
_FXIATAN2D4
_FXIATAND4
_FXIBCHNG2
_FXIBCHNG4
_FXIBCLR2
_FXIBCLR4
_FXIBITS2
_FXIBITS4
_FXIBSET2
_FXIBSET4
_FXIBTEST2
_FXIBTEST4
_FXICABS
_FXICCOS
_FXICDABS
_FXICDCOS
_FXICDEXP
_FXICDLOG
_FXICDSIN
_FXICDSQRT
_FXICEXP
_FXICLOG
_FXICONJG
_FXICOS
_FXICOSD4
_FXICOSH
_FXICOTAN
_FXICSIN
_FXICSQRT
_FXIDABS
_FXIDACOS
_FXIDACOSD4
_FXIDASIN
_FXIDASIND4
_FXIDATAN
_FXIDATAN2
_FXIDATAN2D4
_FXIDATAND4
_FXIDBLE
_FXIDCONJG
_FXIDCOS
_FXIDCOSD4
_FXIDCOSH
_FXIDCOTAN
_FXIDDIM
_FXIDEXP
_FXIDFIX2
_FXIDFIX4
_FXIDFLOATI
_FXIDFLOATJ
_FXIDIM
_FXIDIM2
_FXIDIM4
_FXIDIMAG
_FXIDINT
_FXIDLOG
_FXIDLOG10
_FXIDMOD
_FXIDNINT
_FXIDNINT2
_FXIDNINT4
_FXIDPROD
_FXIDREAL
_FXIDSIGN
_FXIDSIN
_FXIDSIND4
_FXIDSINH
_FXIDSQRT
_FXIDTAN
_FXIDTAND4
_FXIDTANH
_FXIEOR2
_FXIEOR4
_FXIEXP
_FXIFIX2
_FXIFIX4
_FXIFLOATI
_FXIFLOATJ
_FXIIABS2
_FXIIABS4
_FXIIAND2
_FXIIAND4
_FXIIBCHNG2
_FXIIBCHNG4
_FXIIBCLR2
_FXIIBCLR4
_FXIIBITS2
_FXIIBITS4
_FXIIBSET2
_FXIIBSET4
_FXIIDFIX2
_FXIIDFIX4
_FXIIDIM2
_FXIIDIM4
_FXIIDNINT2
_FXIIDNINT4
_FXIIEOR2
_FXIIEOR4
_FXIIFIX2
_FXIIFIX4
_FXIIOR2
_FXIIOR4
_FXIISHA2
_FXIISHA4
_FXIISHC2
_FXIISHC4
_FXIISHFT2
_FXIISHFT4
_FXIISHL2
_FXIISHL4
_FXIISIGN2
_FXIISIGN4
_FXIMOD2
_FXIMOD4
_FXININT2
_FXININT4
_FXINOT2
_FXINOT4
_FXIOR2
_FXIOR4
_FXISHA2
_FXISHA4
_FXISHC2
_FXISHC4
_FXISHFT2
_FXISHFT4
_FXISHL2
_FXISHL4
_FXISIGN
_FXISIGN2
_FXISIGN4
_FXISIN
_FXISIND4
_FXISINH
_FXISNGL
_FXISQRT
_FXITAN
_FXITAND4
_FXITANH
_FXMOD2
_FXMOD4
_FXNINT2
_FXNINT4
_FXNOT2
_FXNOT4
_FXSIGN
_FXSIN
_FXSIND4
_FXSINH
_FXSNGL
_FXSQRT
_FXTAN
_FXTAND4
_FXTANH
_OtsFieldExtractSigned
_OtsFieldExtractUnsigned
_OtsFieldInsert
_OtsFill
_OtsMove
_OtsMoveMinimum
_OtsStringCompareEql
_OtsStringCompareEqlPadded
_OtsStringCompareEqlSameLen
_OtsStringCompareLeq
_OtsStringCompareLeqPadded
_OtsStringCompareLeqSameLen
_OtsStringCompareLss
_OtsStringCompareLssPadded
_OtsStringCompareLssSameLen
_OtsStringIndex
_OtsStringIndexChar
_OtsStringSearch
_OtsStringSearchChar
_OtsStringSearchMask
_OtsStringTranslate
_OtsStringVerify
_OtsStringVerifyChar
_OtsStringVerifyMask
_OtsZero
_Ots_Fill
_Ots_Move
_Ots_Move_Minimum
_Ots_String_Index
_Ots_String_Index_Char
_Ots_String_Search
_Ots_String_Search_Char
_Ots_String_Translate
_Ots_String_Verify
_Ots_Zero
__FF_error
__FF_puterr
__FFdrand
__FFfrand
__FFgetseed
__FFirand
__FFresetseed
__FFsetseed
__msportlib_d_curpos
__msportlib_d_fseek
__msportlib_d_gethandle
__msportlib_d_readchar
__msportlib_d_writechar
_fq_gettextposition
_fq_outtext
_fq_settextposition
abs_c
abs_d
abs_dc
abs_i
abs_i1
abs_i2
abs_r
acos_d
acos_r
aimag_r
aint_d
aint_r
amax0
amin0
anint_d
anint_r
asin_d
asin_r
atan2_d
atan2_r
atan_d
atan_r
cdivc
cdivc1
cdivdc
cdivdc1
conjg_r
conjg_r1
cos_c
cos_c1
cos_c77
cos_d
cos_dc
cos_dc1
cos_r
cosh_d
cosh_r
cpowc
cpowc1
cpowd1
cpowdc1
cpowf1
cpowi
cpowi1
creciprocal
cvt_boolean64_to_text
cvt_boolean_to_text
cvt_boolean_to_text_ex
cvt_cray_to_ieee_double
cvt_cray_to_ieee_double_
cvt_cray_to_ieee_single
cvt_cray_to_ieee_single_
cvt_data64_to_text
cvt_data_to_text
cvt_ibm_long_to_ieee_double
cvt_ibm_long_to_ieee_double_
cvt_ibm_short_to_ieee_single
cvt_ibm_short_to_ieee_single_

Sections

.text
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
program files/HyperNiche 2/DistrHN.dll
.dll windows:4 windows x86 arch:x86

2e129799bfe00d8885124bd205a3fc86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
DisableThreadLibraryCalls

dforrt

_FIalog10
for_trim
for_adjustl
for_read_seq
GETTIM
GETDAT
for_write_seq_fmt
for_write_seq_fmt_xmit
for_open
for_read_seq_fmt
for_read_seq_fmt_xmit
for_read_seq_lis
for_close
_OtsMoveMinimum
_OtsFill
_OtsMove
for_inquire
_FIsqrt
for_write_seq_lis
for_alloc_allocatable
for_write_seq
for_write_seq_xmit
for_deallocate
_FIIfexp_
for_write_seq_lis_xmit
_FIexp
_FIanint
_FIlog
fpowi
dpowi
for_write_int_fmt
for_dealloc_allocatable

msvcrt

malloc
_adjust_fdiv
_initterm
free

Exports

Exports

DISTRHN
_DISTRHN@0

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
program files/HyperNiche 2/HBooklet.pdf
.pdf
- http://centurytel.net
- http://www.pcord.com
- http://www.pcord.com/nichefaq.htm
program files/HyperNiche 2/HHActiveX.dll
.dll regsvr32 windows:4 windows x86 arch:x86

ea87b25b73aba58227954fc8a9578cbc

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:5e:ca:18:bd:54:e5:d4:49:c2:60:d4:00:93:ce:c1
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

17/09/2008, 00:00

Not After

18/09/2009, 23:59

Subject

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft VBA Software Validation v2+OU=Engineering,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

dd:6a:9b:2c:82:70:fb:61:27:31:e7:ea:37:dc:fe:66:5e:c2:f0:95
Signer

Actual PE Digest

dd:6a:9b:2c:82:70:fb:61:27:31:e7:ea:37:dc:fe:66:5e:c2:f0:95

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
HeapReAlloc
GetCommandLineA
GetProcessHeap
ExitProcess
SetStdHandle
GetFileType
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetOEMCP
IsValidCodePage
GetStdHandle
GetModuleFileNameA
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
Sleep
LCMapStringA
LCMapStringW
SetHandleCount
GetStartupInfoA
HeapAlloc
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetCurrentDirectoryA
GetDriveTypeA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
RtlUnwind
WritePrivateProfileStringW
GlobalFlags
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetThreadLocale
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetCurrentProcessId
GetModuleHandleA
GlobalFree
FormatMessageW
InterlockedCompareExchange
IsProcessorFeaturePresent
LocalFree
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
lstrlenA
lstrcmpA
WideCharToMultiByte
GetFileAttributesW
CreateFileW
WriteFile
CloseHandle
IsDBCSLeadByteEx
GetWindowsDirectoryW
GetProcAddress
LoadLibraryW
GetModuleHandleW
LoadLibraryExW
FreeLibrary
SetLastError
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentProcess
FlushInstructionCache
lstrcmpiW
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetACP
MulDiv
lstrlenW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
FreeEnvironmentStringsA
SizeofResource

user32

DestroyMenu
CharUpperW
GetMessageW
TranslateMessage
ValidateRect
PostQuitMessage
GetWindowThreadProcessId
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
EndDialog
IsWindowEnabled
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
RemovePropW
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
SetScrollInfo
GetDlgCtrlID
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetAsyncKeyState
PeekMessageW
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetRectEmpty
IsRectEmpty
CopyRect
EnumChildWindows
MoveWindow
ShowScrollBar
GetSystemMetrics
GetCursorPos
GetSysColor
GetSysColorBrush
UnregisterClassW
GetPropW
WindowFromPoint
KillTimer
SetTimer
InflateRect
CreateWindowExW
SetFocus
GetFocus
IsChild
RegisterClassExW
wsprintfW
InvalidateRect
DestroyWindow
GetKeyState
CallWindowProcW
BeginPaint
GetClientRect
EndPaint
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
GetClassInfoExW
ShowWindow
GetWindowLongW
SetWindowLongW
DefWindowProcW
UnionRect
PtInRect
CharNextW
LoadCursorW
SetCursor
GetClassNameW
IsWindow
ReleaseDC
GetDC
ScreenToClient
GetWindowRect
SendMessageW
EnableWindow
GetParent
GetNextDlgTabItem
MapWindowPoints
UnregisterClassA

gdi32

Escape
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
ScaleWindowExtEx
ExtTextOutW
MoveToEx
LineTo
RectVisible
PtVisible
DeleteObject
CreateFontIndirectW
SetBkMode
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetObjectW
GetTextMetricsW
Polygon
SelectObject
CreateFontW
CreateSolidBrush
CreatePen
GetStockObject
LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
CreateDCW
CreateMetaFileW
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
Rectangle
SetTextAlign
TextOutW
GetTextExtentPoint32W
GetDeviceCaps

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegEnumKeyW
RegQueryValueExW
RegOpenKeyW
IsTextUnicode
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

ole32

CoGetMalloc
StringFromGUID2
CoCreateInstance
WriteClassStm
CreateOleAdviseHolder
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CoTaskMemFree
OleLoadFromStream
CoTaskMemRealloc
CoTaskMemAlloc
OleSaveToStream

oleaut32

SysAllocStringLen
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantClear
VariantChangeType
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
GetErrorInfo
VarUI4FromStr
LoadRegTypeLi
OleCreatePropertyFrame

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
program files/HyperNiche 2/HyperNiche2.chm
.chm
program files/HyperNiche 2/HyperNiche2.exe
.exe windows:4 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

cb:53:6f:d2:59:52:b8:36:f8:cd:b5:cc:2b:74:5b:ea
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/07/2016, 00:00

Not After

25/07/2017, 23:59

Subject

CN=MjM Software Design,O=MjM Software Design,POSTALCODE=97388,STREET=371 Salishan Dr,L=Gleneden Beach,ST=OR,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a1:82:34:27:f3:e2:4c:63:da:9e:e3:99:a7:b4:c5:1a:25:7d:70:5a
Signer

Actual PE Digest

a1:82:34:27:f3:e2:4c:63:da:9e:e3:99:a7:b4:c5:1a:25:7d:70:5a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 65KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 439KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
program files/HyperNiche 2/MSVCRT.DLL
.dll windows:4 windows x86 arch:x86

8d26773106ed39fbb89a157d19d8aa89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
RtlUnwind
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetUnhandledExceptionFilter
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
ResumeThread
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapFree
HeapAlloc
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
SetEnvironmentVariableW
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
RaiseException
SetStdHandle
Sleep
CompareStringA
CompareStringW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
GetTimeZoneInformation
SetEnvironmentVariableA
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
HeapSize
ReadConsoleA
SetConsoleMode
GetConsoleMode
SetEndOfFile
WriteConsoleA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
GetSystemTimeAsFileTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime
GetSystemTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__argc
__argv
__badioinfo
__crtCompareStringA
__crtGetLocaleInfoW
__crtLCMapStringA
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__isascii
__iscsym
__iscsymf
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pioinfo
__pxcptinfoptrs
__set_app_type
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__unguarded_readlc_active
__wargv
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_creat
_cscanf
_ctype
_cwait
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirsti64
_findnext
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstati64
_ftime
_ftol
_fullpath
_futime
_gcvt
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getws
_global_unwind2
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putws
_pwctype
_read
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_searchenv
_seh_longjmp_unwind
_set_error_mode
_set_sbh_threshold
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snwprintf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_splitpath
_stat
_stati64
_statusfp
_strcmpi
_strdate
_strdup
_strerror
_stricmp
_stricoll
_strlwr
_strncoll
_strnicmp
_strnicoll
_strnset
_strrev
_strset
_strtime
_strupr
_swab
_sys_errlist
_sys_nerr
_tell
_telli64
_tempnam
_timezone
_tolower
_toupper
_tzname
_tzset
_ui64toa
_ui64tow
_ultoa
_ultow
_umask
_ungetch
_unlink
_unloaddll
_unlock
_utime
_vsnprintf
_vsnwprintf
_waccess
_wasctime
_wchdir
_wchmod
_wcmdln
_wcreat
_wcsdup
_wcsicmp
_wcsicoll
_wcslwr
_wcsncoll
_wcsnicmp
_wcsnicoll
_wcsnset
_wcsrev
_wcsset
_wcsupr

Sections

.text
Size: 180KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
program files/HyperNiche 2/Microsoft.VC90.CRT.manifest
.xml
program files/HyperNiche 2/Model.dll
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GAUGE
UPDATE

Sections

CODE
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
program files/HyperNiche 2/NPMRintro.pdf
.pdf
program files/HyperNiche 2/Niche2.dll
.dll windows:5 windows x86 arch:x86

2ea701bec5fae2d8af4e05a52e28eb27

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
FreeLibrary
GetProcessHeap
SetFilePointer
GetLastError
GetFileType
WriteFile
EnterCriticalSection
LeaveCriticalSection
GetFileAttributesExA
GetFileSize
GetFileAttributesA
VirtualAlloc
VirtualFree
SetEndOfFile
CloseHandle
InterlockedExchange
Sleep
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
SetLastError
WaitForSingleObject
ReadFile
GetThreadLocale
GetStdHandle
FormatMessageA
IsDebuggerPresent
GetModuleHandleA
CreateFileA
ReleaseMutex
CreateMutexA
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSection
TerminateThread
SetEvent
ExitThread
CreateEventA
GetFileInformationByHandle
GetFullPathNameA
GetTempFileNameA
GetTempPathA
CreateProcessA
SetThreadPriority
GetVersionExA
DeleteFileA
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
IsBadReadPtr
GetHandleInformation
UnmapViewOfFile
SetConsoleCtrlHandler
GetACP
GetCommandLineA
SetErrorMode
FlushFileBuffers
GetSystemTimeAsFileTime
HeapAlloc
HeapReAlloc
HeapFree
GetModuleHandleW
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetStdHandle
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetCurrentProcessId
InterlockedIncrement
InterlockedDecrement
GetCurrentThread
SetHandleCount
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
TerminateProcess
GetCurrentProcess
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringA
MultiByteToWideChar
LCMapStringW
HeapSize
RtlUnwind
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualQuery

imagehlp

SymCleanup
SymInitialize
StackWalk

Exports

Exports

NICHE2
_NICHE2@0

Sections

.text
Size: 1015KB - Virtual size: 1015KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
program files/HyperNiche 2/ShuffNiche.dll
.dll windows:5 windows x86 arch:x86

08e9efce79d12ed2b51ae3f16bf95ba2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
FreeLibrary
Sleep
InterlockedCompareExchange
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
InterlockedExchange

libifcoremd

for_open
for_write_seq_lis
for_read_seq
for_write_seq
for_deallocate
for_alloc_allocatable
for_check_mult_overflow
for_inquire
for_read_seq_fmt_xmit
for_read_seq_fmt
for_write_seq_fmt_xmit
for_write_seq_fmt
for_close
for_cpstr
for_cpystr
for_trim
for_adjustl
for_write_seq_lis_xmit

libifportmd

GETTIMI2
GETDATI2
GETTIM

msvcr90

memset
_crt_debugger_hook
_encode_pointer
_malloc_crt
free
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common

Exports

Exports

SHUFFNICHE
_SHUFFNICHE@0

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
program files/HyperNiche 2/SummarySheetForBasics.pdf
.pdf
program files/HyperNiche 2/Therm4.dll
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GAUGE
UPDATE

Sections

CODE
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
program files/HyperNiche 2/TipsNiche2.txt
program files/HyperNiche 2/libifcoremd.dll
.dll windows:4 windows x86 arch:x86

bbbec8edf7fc4170fd5605980b535292

Code Sign

05:b0:ff
Certificate

Issuer

OU=Equifax Secure Certificate Authority,O=Equifax,C=US

Not Before

16/02/2006, 18:01

Not After

19/02/2016, 18:01

Subject

CN=Intel External Basic Policy CA,O=Intel Corporation,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2d:a6:66:52:00:00:00:00:1d:ff
Certificate

Issuer

CN=Intel External Basic Issuing CA 3A,O=Intel Corporation,C=US

Not Before

12/03/2008, 18:12

Not After

12/03/2011, 18:12

Subject

CN=Compiler Tools and Quality Engineering,O=Intel Corporation

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:2c:94:89:00:00:00:00:00:05
Certificate

Issuer

CN=Intel External Basic Policy CA,O=Intel Corporation,C=US

Not Before

22/03/2006, 22:22

Not After

22/03/2012, 22:32

Subject

CN=Intel External Basic Issuing CA 3A,O=Intel Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

21:41:b7:68:83:96:03:ec:b3:14:36:5d:bf:6c:7d:18:bc:65:ec:6e
Signer

Actual PE Digest

21:41:b7:68:83:96:03:ec:b3:14:36:5d:bf:6c:7d:18:bc:65:ec:6e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libmmd

__j0q
__j1q
__jnq
__y0q
__y1q
__ynq
__log10q
__log2q
__logq
__erfcq
__erfq
__fmodq
__powq
__powiq
__cpowq
__sinhq
__sinq
__sqrtq
__tanhq
__tanq
__acosdq
__asindq
__atand2q
__cosdq
__sindq
__tandq
__gammaq
__ccosq
__ccoshq
__cexpq
__cexp10q
__clogq
__clog10q
__csqrtq
__csinq
__csinhq
__ctanq
__ctanhq
fetestexcept
feraiseexcept
feclearexcept
fegetround
remainderf
remainder
__remainderq
rintf
rint
__rintq
scalbnf
scalbn
__scalbnq
fesetround
__floorq
__ceilq
__expq
__exp2q
__exp10q
__cotdq
__cotq
__cosq
__coshq
__cbrtq
__atan2q
__atandq
__atanq
__atanhq
__asinq
__asinhq
__acosq
__acoshq
__fabsq
__ldexpq
__nextafterq
__truncq
__nintq
__frexpq
ctan
csqrt
csin
clog10
clog
cexp10
cexp
ccos
creal
cabs
cbrt
exp10
sind
tand
atand
asind
tanh
tan
asinh
sinh
sin
pow
log
log10
exp
erfc
erf
cotd
cot
acosh
cosh
cosd
cos
yn
y1
y0
jn
j1
j0
atanh
atan
asin
acosd
acos
ctanf
csqrtf
csinf
clog10f
clogf
cexp10f
cexpf
ccosf
cabsf
cbrtf
exp10f
sindf
tandf
atandf
asindf
tanhf
tanf
asinhf
sinhf
sinf
powf
logf
log10f
expf
erfcf
erff
cotdf
cotf
acoshf
coshf
cosdf
cosf
ynf
y1f
y0f
jnf
j1f
j0f
atan2
atan2f
atanhf
atanf
asinf
acosdf
acosf
ldexp
nextafter
nextafterf
llround
lround
llroundf
lroundf
trunc
truncf
frexp
__cabsq
frexpf

kernel32

GetFileInformationByHandle
GetLastError
SetFilePointer
GetLocaleInfoW
GetTickCount
QueryPerformanceCounter
GetExitCodeProcess
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCPInfo
GetSystemInfo
VirtualProtect
GetTimeZoneInformation
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
UnhandledExceptionFilter
GetStartupInfoA
SetHandleCount
WideCharToMultiByte
HeapCreate
HeapDestroy
RtlUnwind
SetStdHandle
GetNumberOfConsoleInputEvents
PeekConsoleInputA
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
GetCurrentProcessId
GetDateFormatA
GetTimeFormatA
HeapReAlloc
GetSystemTimeAsFileTime
TerminateProcess
ExitProcess
HeapFree
HeapAlloc
GetCurrentThread
GetModuleFileNameA
VirtualQuery
GetTempPathA
GetTempFileNameA
GetFullPathNameA
ReadFile
UnmapViewOfFile
GetHandleInformation
IsBadReadPtr
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
CreateThread
CreateEventA
ExitThread
SetEvent
TerminateThread
InitializeCriticalSection
DeleteCriticalSection
FlushFileBuffers
SystemTimeToFileTime
FileTimeToLocalFileTime
VirtualFree
VirtualAlloc
GetProcessTimes
GetCurrentProcess
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
GetCurrentThreadId
CreateMutexA
ReleaseMutex
GetFileAttributesA
GetFileSize
GetFileAttributesExA
LeaveCriticalSection
EnterCriticalSection
SetErrorMode
GetACP
SetConsoleCtrlHandler
InterlockedExchange
GetCommandLineA
SetLastError
GetFileType
Sleep
SetEndOfFile
FreeLibrary
CreateFileA
GetProcAddress
GetModuleHandleA
IsDebuggerPresent
FormatMessageA
LoadLibraryA
GetThreadLocale
WriteFile
GetLocalTime
DeleteFileA
WaitForSingleObject
GetVersionExA
SetThreadPriority
CreateProcessA
CloseHandle
GetStdHandle

imagehlp

SymCleanup
SymInitialize
StackWalk

Exports

Exports

COMMITQQ
FLUSHQQ
FOCUSQQ
GETCHARQQ
GETEXCEPTIONPTRSQQ
GETHANDLEQQ
GETHWNDQQ
GETSTRQQ
GETUNITQQ
GETWSIZEQQ
INQFOCUSQQ
MCLOCK
PEEKCHARQQ
RANDOM
SEED
SETWSIZEQQ
TRACEBACKQQ
_FQclearscreen
_FQdisplaycursor
_FQscrolltextwindow
_FTN_ALLOC
__FFdrand
__FFfrand
__FFgetseed
__FFirand
__FFresetseed
__FFsetseed
__for_ieee_get_flag_
__for_ieee_get_halting_mode_
__for_ieee_get_rounding_mode_
__for_ieee_get_status_
__for_ieee_next_after_k16_
__for_ieee_next_after_k4_
__for_ieee_next_after_k8_
__for_ieee_rem_k16_
__for_ieee_rem_k4_
__for_ieee_rem_k8_
__for_ieee_restore_env_
__for_ieee_rint_k16_
__for_ieee_rint_k4_
__for_ieee_rint_k8_
__for_ieee_scalb_k164_
__for_ieee_scalb_k44_
__for_ieee_scalb_k84_
__for_ieee_set_flag_
__for_ieee_set_halting_mode_
__for_ieee_set_rounding_mode_
__for_ieee_set_status_
__for_ieee_store_env_
__msportlib_d_curpos
__msportlib_d_curpos_i8
__msportlib_d_fseek
__msportlib_d_fseek_i8
__msportlib_d_get_POSIX_fd
__msportlib_d_gethandle
__msportlib_d_readchar
__msportlib_d_writechar
__msportlib_set_posix_io_flag
_f90_alloc_private
_f90_dope_vector_init
_f90_firstprivate_copy
_f90_free_private
_f90_lastprivate_copy
_f90_reduction_final
_f90_reduction_init
_fq_gettextposition
_fq_outtext
_fq_settextposition
a_intq
a_nintq
b_abs
b_btest
b_dim
b_dnnt
b_iand
b_ibclr
b_ibits
b_ibset
b_ieor
b_ior
b_ishft
b_ishftc
b_mod
b_nint
b_not
b_sign
cvt_boolean64_to_text
cvt_boolean_to_text
cvt_boolean_to_text_ex
cvt_cray_to_ieee_double
cvt_cray_to_ieee_double_
cvt_cray_to_ieee_single
cvt_cray_to_ieee_single_
cvt_data64_to_text
cvt_data_to_text
cvt_ibm_long_to_ieee_double
cvt_ibm_long_to_ieee_double_
cvt_ibm_short_to_ieee_single
cvt_ibm_short_to_ieee_single_
cvt_ieee_double_to_cray
cvt_ieee_double_to_cray_
cvt_ieee_double_to_ibm_long
cvt_ieee_double_to_ibm_long_
cvt_ieee_double_to_vax_d
cvt_ieee_double_to_vax_d_
cvt_ieee_double_to_vax_g
cvt_ieee_double_to_vax_g_
cvt_ieee_double_to_vax_h
cvt_ieee_double_to_vax_h_
cvt_ieee_s_to_text
cvt_ieee_s_to_text_ex
cvt_ieee_single_to_cray
cvt_ieee_single_to_cray_
cvt_ieee_single_to_ibm_short
cvt_ieee_single_to_ibm_short_
cvt_ieee_single_to_vax_f
cvt_ieee_single_to_vax_f_
cvt_ieee_t_to_text
cvt_ieee_t_to_text_ex
cvt_integer64_to_text
cvt_integer_to_text
cvt_text_to_boolean
cvt_text_to_boolean64
cvt_text_to_data
cvt_text_to_data64
cvt_text_to_ieee_s_ex
cvt_text_to_ieee_t_ex
cvt_text_to_integer
cvt_text_to_integer64
cvt_text_to_unsigned
cvt_text_to_unsigned64
cvt_unsigned64_to_text
cvt_unsigned_to_text
cvt_vax_d_to_ieee_double
cvt_vax_d_to_ieee_double_
cvt_vax_f_to_ieee_single
cvt_vax_f_to_ieee_single_
cvt_vax_g_to_ieee_double
cvt_vax_g_to_ieee_double_
cvt_vax_h_to_ieee_double
cvt_vax_h_to_ieee_double_
d_int
d_int_val
d_nint
f90_dyncom
f_ibits1
f_ibits2
f_lanint_val
f_ldnint_val
f_lqint
f_lqnint
f_qnint
for__nt_signal_handler
for__raise
for__rtc_uninit_use
for__setlocale
for__signal
for_abort
for_active_processes
for_adjustl
for_adjustr
for_alloc_allocatable
for_alloc_copy
for_allocate
for_array_copy_in
for_array_copy_out
for_asynchronous
for_backspace
for_bitest
for_bitest_msf
for_bjtest
for_bjtest_msf
for_bktest
for_bktest_msf
for_bmvbits
for_c_conjg_a
for_c_cos_a
for_c_cos_v
for_c_exp10_a
for_c_exp_a
for_c_exp_v
for_c_log10_a
for_c_log_a
for_c_sin_a
for_c_sqrt_a
for_c_tan_a
for_cd_conjg_a
for_cd_cos_a
for_cd_cos_v
for_cd_exp10_a
for_cd_exp_a
for_cd_exp_v
for_cd_log10_a
for_cd_log_a
for_cd_sin_a
for_cd_sqrt_a
for_cd_tan_a
for_ceil4_v
for_ceil8_v
for_ceilh4_v
for_ceilh8_v
for_ceilk4_v
for_ceilk8_v
for_char
for_check_env_name
for_check_mult_overflow
for_check_mult_overflow64
for_close
for_concat
for_contig_array
for_cpstr
for_cpstr_eq
for_cpstr_ge
for_cpstr_gt
for_cpstr_le
for_cpstr_lt
for_cpstr_ne
for_cpusec
for_cpusec_t
for_cpystr
for_cq_abs_a
for_cq_conjg_a
for_cq_conjg_v
for_cq_cos_a
for_cq_cosh_a
for_cq_exp10_a
for_cq_exp_a
for_cq_ipow_av
for_cq_kpow_av
for_cq_log10_a
for_cq_log_a
for_cq_pow_a
for_cq_sin_a
for_cq_sinh_a
for_cq_sqrt_a
for_cq_tan_a
for_cq_tanh_a
for_d_abs_a
for_d_acos_a
for_d_acosd_a
for_d_acosh_a
for_d_asin_a
for_d_asind_a
for_d_asinh_a
for_d_atan2_a
for_d_atan2d_a
for_d_atan2d_v
for_d_atan_a
for_d_atand_a
for_d_atanh_a
for_d_besj0_a
for_d_besj1_a
for_d_besjn_a
for_d_besy0_a
for_d_besy1_a
for_d_besyn_a
for_d_cabs_a
for_d_cbrt_a
for_d_cdabs_a
for_d_cdimag_a
for_d_cos_a
for_d_cosd_a
for_d_cosh_a
for_d_cotan_a
for_d_cotand_a
for_d_creal_a
for_d_creal_v
for_d_dim_a
for_d_erf_a
for_d_erfc_a
for_d_exp10_a
for_d_exp_a
for_d_fabs_a
for_d_int_a
for_d_int_v
for_d_ipow_a
for_d_ipow_v
for_d_log10_a
for_d_log_a
for_d_mod_a
for_d_nint_a
for_d_nint_v
for_d_pow_a
for_d_pow_v
for_d_prod_a
for_d_sign_a
for_d_sin_a
for_d_sind_a
for_d_sinh_a
for_d_sqrt_a
for_d_tan_a
for_d_tand_a
for_d_tanh_a
for_date
for_date_and_time
for_date_numeric
for_dealloc_allocatable
for_deallocate
for_deallocate_all
for_define_file
for_delete
for_delete_i8
for_descriptor_assign
for_dnum
for_emit_diagnostic
for_enable_underflow
for_endfile
for_eof
for_errmsg
for_errsns
for_errsns_load
for_errsns_w
for_exit
for_exponent16_a
for_exponent16_v
for_exponent4_v
for_exponent8_v
for_f90_index
for_f90_scan
for_f90_verify
for_fdopen
for_find
for_find_i8
for_floor4_v
for_floor8_v
for_floorh4_v
for_floorh8_v
for_floork4_v
for_floork8_v
for_flush
for_fp_class_s_
for_fp_class_t_
for_fp_class_x_
for_fraction16_a
for_fraction16_v
for_fraction4_v
for_fraction8_v
for_gerror_
for_get_command
for_get_fpe_
for_get_fpe_counts_
for_getarg
for_getarg_i2
for_getcmd_arg
for_getenv
for_h_qint_a
for_i1ilen
for_i1leadz
for_i1popcnt
for_i1poppar
for_i1shftc
for_i1trailz
for_i_qint_a
for_iargc
for_ichar
for_idate
for_iibclr
for_iibits
for_iibset
for_iiilen
for_iileadz
for_iipopcnt
for_iipoppar
for_iishft
for_iishftc
for_iitrailz
for_imvbits
for_index
for_index_back
for_index_ssll
for_inquire
for_inum
for_iran2_
for_is_nan_s_
for_is_nan_t_
for_is_nan_x_
for_jdate
for_jibclr
for_jibits
for_jibset
for_jiilen
for_jileadz
for_jipopcnt
for_jipoppar
for_jishft
for_jishftc
for_jitrailz
for_jmvbits
for_jnum
for_jran2_
for_k_qint_a
for_kdate
for_kibclr
for_kibits
for_kibset
for_kiilen
for_kileadz
for_kipopcnt
for_kipoppar
for_kishft
for_kishftc
for_kitrailz
for_kmvbits
for_knum
for_len_trim
for_length
for_lge
for_lge_msf_slsl
for_lge_msf_ssll
for_lge_ssll
for_lgt
for_lgt_msf_slsl
for_lgt_msf_ssll
for_lgt_ssll
for_lle
for_lle_msf_slsl
for_lle_msf_ssll
for_lle_ssll
for_llt
for_llt_msf_slsl
for_llt_msf_ssll
for_llt_ssll
for_nargs
for_nearest16_a
for_nearest16_v
for_nearest4_v
for_nearest8_v
for_open
for_pause
for_perror_
for_q_abs_a
for_q_acos_a
for_q_acosd_a
for_q_acosh_a
for_q_asin_a
for_q_asind_a
for_q_asinh_a
for_q_atan2_a
for_q_atan2d_a
for_q_atan_a
for_q_atand_a
for_q_atanh_a
for_q_besj0_a
for_q_besj1_a
for_q_besjn_a
for_q_besjn_av
for_q_besy0_a
for_q_besy1_a
for_q_besyn_a
for_q_besyn_av
for_q_cbrt_a
for_q_ceil_a
for_q_cos_a
for_q_cosd_a
for_q_cosh_a
for_q_cotan_a
for_q_cotand_a
for_q_cqabs_a
for_q_cqimag_a
for_q_cqimag_v
for_q_cqreal_a
for_q_cqreal_v
for_q_dim_a
for_q_erf_a
for_q_erfc_a
for_q_exp10_a
for_q_exp2_a
for_q_exp_a
for_q_fabs_a
for_q_floor_a
for_q_fmod_a
for_q_frexp_a
for_q_gamma_a
for_q_ipow_a
for_q_ipow_av
for_q_kpow_a
for_q_kpow_av
for_q_ldexp_a
for_q_ldexp_av
for_q_log10_a
for_q_log2_a
for_q_log_a
for_q_mod_a
for_q_pow_a
for_q_prod_a
for_q_sign_a
for_q_sin_a
for_q_sind_a
for_q_sinh_a
for_q_sqrt_a
for_q_tan_a
for_q_tand_a
for_q_tanh_a
for_qnum
for_r_abs_a
for_r_acos_a
for_r_acosd_a
for_r_acosh_a
for_r_asin_a
for_r_asind_a

Sections

.text
Size: 772KB - Virtual size: 768KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 4KB - Virtual size: 80B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
program files/HyperNiche 2/libifportmd.dll
.dll windows:4 windows x86 arch:x86

cf7a53394f2c77250f12c3894cf1fdf1

Code Sign

05:b0:ff
Certificate

Issuer

OU=Equifax Secure Certificate Authority,O=Equifax,C=US

Not Before

16/02/2006, 18:01

Not After

19/02/2016, 18:01

Subject

CN=Intel External Basic Policy CA,O=Intel Corporation,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2d:a6:66:52:00:00:00:00:1d:ff
Certificate

Issuer

CN=Intel External Basic Issuing CA 3A,O=Intel Corporation,C=US

Not Before

12/03/2008, 18:12

Not After

12/03/2011, 18:12

Subject

CN=Compiler Tools and Quality Engineering,O=Intel Corporation

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:2c:94:89:00:00:00:00:00:05
Certificate

Issuer

CN=Intel External Basic Policy CA,O=Intel Corporation,C=US

Not Before

22/03/2006, 22:22

Not After

22/03/2012, 22:32

Subject

CN=Intel External Basic Issuing CA 3A,O=Intel Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bf:7c:ee:aa:8f:8f:dc:7c:1c:78:e0:66:21:3e:db:a9:27:ad:7e:65
Signer

Actual PE Digest

bf:7c:ee:aa:8f:8f:dc:7c:1c:78:e0:66:21:3e:db:a9:27:ad:7e:65

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

advapi32

GetUserNameA
RegCloseKey
OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA

kernel32

GetStdHandle
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
GetTickCount
ReleaseSemaphore
CreateSemaphoreA
CreateThread
SetThreadPriority
InitializeCriticalSection
GetLastError
GetSystemInfo
GetCurrentProcess
GetProcessTimes
GetCurrentProcessId
GetComputerNameA
GetFileType
OpenProcess
TerminateProcess
DeleteFileA
GetSystemTimeAsFileTime
GetEnvironmentStrings
GetLocalTime
SetLocalTime
SleepEx
GetFileInformationByHandle
SystemTimeToFileTime
GetSystemDirectoryA
CreateProcessA
GetExitCodeProcess
CloseHandle
GetVersionExA
Sleep
Beep
SetCurrentDirectoryA
GetDriveTypeA
GetFullPathNameA
GetCurrentDirectoryA
GetDiskFreeSpaceA
GetLogicalDrives
FindFirstFileA
FindNextFileA
FindClose
GetEnvironmentVariableA
SearchPathA
SetErrorMode
SetFileAttributesA
GetCommTimeouts
SetCommTimeouts
CreateEventA
ReadFile
GetOverlappedResult
SetEvent
ExitThread
CreateFileA
PurgeComm
GetProcessHeap
HeapAlloc
GetCurrentThreadId
HeapFree
ResumeThread
GetExitCodeThread
TerminateThread
IsBadWritePtr
GetCommState
SetCommState
EscapeCommFunction
WriteFile
RaiseException
ResetEvent
GetModuleHandleA
GetProcAddress
lstrcmpiA
GlobalMemoryStatus
LoadLibraryA
GetVolumeInformationA
GetConsoleCP
IsDBCSLeadByteEx
GetUserDefaultLCID
CompareStringA
GetCPInfo
GetACP
MultiByteToWideChar
WideCharToMultiByte
IsValidCodePage
GetLocaleInfoA
SetConsoleCP
SetConsoleOutputCP
EnumSystemCodePagesA
EnumSystemLocalesA
GetCurrencyFormatA
GetDateFormatA
GetNumberFormatA
GetTimeFormatA
GetFileAttributesA
SetEnvironmentVariableA
GetTimeZoneInformation
ExitProcess
MoveFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
RemoveDirectoryA
CreateDirectoryA
SetFileTime
LocalFileTimeToFileTime
SetConsoleCtrlHandler
PeekNamedPipe
CreatePipe
GetOEMCP
HeapReAlloc
GetCommandLineA
DuplicateHandle
SetFilePointer
LCMapStringA
LCMapStringW
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
VirtualProtect
VirtualAlloc
VirtualQuery
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetStartupInfoA
SetEnvironmentVariableW
SetStdHandle
UnhandledExceptionFilter
RtlUnwind
GetStringTypeA
GetStringTypeW
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetEndOfFile
QueryPerformanceCounter
InterlockedExchange
CompareStringW
HeapSize
FlushFileBuffers

Exports

Exports

$$MSPORTLIB$RANDOM
ABORT
ACCESS
ALARM
BEEPQQ
BESJ0
BESJ1
BESJN
BESY0
BESY1
BESYN
BIC
BICI8
BIS
BISI8
BIT
BITI8
BSEARCHQQ
CDFLOAT
CHANGEDIRQQ
CHANGEDRIVEQQ
CHDIR
CHMOD
CLEARSTATUSFPQQ
CLOCK
CLOCKX
COMPLINT
COMPLLOG
COMPLREAL
CSMG
CTIME
DATE
DATE4
DBESJ0
DBESJ1
DBESJN
DBESY0
DBESY1
DBESYN
DCLOCK
DDIM
DELDIRQQ
DELFILESQQ
DFLOATI
DFLOATJ
DFLOATK
DIM
DRAND
DRANDM
DRANSET
DSHIFTL
DSHIFTR
DTIME
DTIMER8
ETIME
EXIT
FDATE
FGETC
FINDFILEQQ
FLUSH
FPUTC
FSEEK
FSEEKI8
FSTAT
FSTATI8
FTELL
FTELLI8
FULLPATHQQ
F_IDATE4
GETC
GETCONTROLFPQQ
GETCWD
GETDAT
GETDATI2
GETDRIVEDIRQQ
GETDRIVESIZEQQ
GETDRIVESIZEQQI8
GETDRIVESQQ
GETENV
GETENVQQ
GETFILEINFOQQ
GETFILEINFOQQI8
GETGID
GETLASTERROR
GETLASTERRORQQ
GETLOG
GETPID
GETPOS
GETPOSI8
GETSTATUSFPQQ
GETTIM
GETTIMEOFDAY
GETTIMI2
GETUID
GMTIME
HOSTNAM
HOSTNM
IDATE
IDATE1
IDATE4
IDFLOAT
IEEE_FLAGS
IEEE_HANDLER
IERRNO
IFLOATI
IFLOATJ
INMAX
INTC
IPXFARGC
IPXFCONST
IPXFLENTRIM
IRAND
IRANDM
IRANGET
IRANSET
ISATTY
ITIME
JABS
JDATE
JDATE4
JDIM
JMOD
KILL
LCWRQQ
LNBLNK
LONG
LSHIFT
LSTAT
LSTATI8
LTIME
MAKEDIRQQ
MATHERRQQ
MBCHARLEN
MBCONVERTMBTOUNICODE
MBCONVERTUNICODETOMB
MBCURMAX
MBINDEX
MBLEAD
MBLEN
MBLEN_TRIM
MBLEQ
MBLGE
MBLGT
MBLLE
MBLLT
MBLNE
MBNEXT
MBPREV
MBSCAN
MBSTRLEAD
MBVERIFY
NLSENUMCODEPAGES
NLSENUMLOCALES
NLSFORMATCURRENCY
NLSFORMATDATE
NLSFORMATNUMBER
NLSFORMATTIME
NLSGETENVIRONMENTCODEPAGE
NLSGETLOCALE
NLSGETLOCALEINFO
NLSSETENVIRONMENTCODEPAGE
NLSSETLOCALE
PACKTIMEQQ
PUTC
PXFACCESS
PXFACHARGET
PXFACHARSET
PXFADBLGET
PXFADBLSET
PXFAINT8GET
PXFAINT8SET
PXFAINTGET
PXFAINTSET
PXFALARM
PXFALGCLGET
PXFALGCLSET
PXFAREALGET
PXFAREALSET
PXFASTRGET
PXFASTRSET
PXFCALLSUBHANDLE
PXFCHARGET
PXFCHARSET
PXFCHDIR
PXFCHMOD
PXFCLEARENV
PXFCLOSE
PXFCLOSEDIR
PXFCONST
PXFCREAT
PXFDBLGET
PXFDBLSET
PXFDUP
PXFDUP2
PXFECHARGET
PXFECHARSET
PXFEDBLGET
PXFEDBLSET
PXFEINT8GET
PXFEINT8SET
PXFEINTGET
PXFEINTSET
PXFELGCLGET
PXFELGCLSET
PXFEREALGET
PXFEREALSET
PXFESTRGET
PXFESTRSET
PXFEXECV
PXFEXECVE
PXFEXECVP
PXFEXIT
PXFFASTEXIT
PXFFDOPEN
PXFFFLUSH
PXFFGETC
PXFFILENO
PXFFPATHCONF
PXFFPUTC
PXFFSEEK
PXFFSTAT
PXFFTELL
PXFGETARG
PXFGETC
PXFGETCWD
PXFGETENV
PXFGETLOGIN
PXFGETPID
PXFGETPPID
PXFGETSUBHANDLE
PXFINT8GET
PXFINT8SET
PXFINTGET
PXFINTSET
PXFISATTY
PXFISBLK
PXFISCHR
PXFISCONST
PXFISDIR
PXFISFIFO
PXFISREG
PXFKILL
PXFLGCLGET
PXFLGCLSET
PXFLINK
PXFLOCALTIME
PXFLSEEK
PXFMKDIR
PXFOPEN
PXFOPENDIR
PXFPATHCONF
PXFPAUSE
PXFPIPE
PXFPOSIXIO
PXFPUTC
PXFREAD
PXFREADDIR
PXFREALGET
PXFREALSET
PXFRENAME
PXFREWINDDIR
PXFRMDIR
PXFSETENV
PXFSIGACTION
PXFSLEEP
PXFSTAT
PXFSTRGET
PXFSTRSET
PXFSTRUCTCOPY
PXFSTRUCTCREATE
PXFSTRUCTFREE
PXFSYSCONF
PXFTIME
PXFTIMES
PXFUCOMPARE
PXFUMASK
PXFUNAME
PXFUNLINK
PXFUTIME
PXFWRITE
QSORT
RAISEQQ
RAN
RAND
RANF
RANGET
RANSET
RENAME
RENAMEFILEQQ
RINDEX
RSHIFT
RTC
RUNQQ
SCANENV
SCWRQQ
SECNDS
SETCONTROLFPQQ
SETDAT
SETDATI2
SETENVQQ
SETERRORMODEQQ
SETFILEACCESSQQ
SETFILETIMEQQ
SETTIM
SETTIMI2
SHIFTL
SHIFTR
SHORT
SIGNAL
SIGNALQQ
SLEEP
SLEEPQQ
SORTQQ
SPLITPATHQQ
SPORT_CANCEL_IO
SPORT_CONNECT
SPORT_CONNECT_EX
SPORT_GET_HANDLE
SPORT_GET_STATE
SPORT_GET_STATE_EX
SPORT_GET_TIMEOUTS
SPORT_PEEK_DATA
SPORT_PEEK_LINE
SPORT_PURGE
SPORT_READ_DATA
SPORT_READ_LINE
SPORT_RELEASE
SPORT_SET_STATE
SPORT_SET_STATE_EX
SPORT_SET_TIMEOUTS
SPORT_SHOW_STATE
SPORT_SPECIAL_FUNC
SPORT_WRITE_DATA
SPORT_WRITE_LINE
SRAND
SSWRQQ
STAT
STATI8
SYSTEM
SYSTEMQQ
TIME
TIME2
TIMEF
TTYNAM
UNLINK
UNPACKTIMEQQ

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
program files/HyperNiche 2/libmmd.dll
.dll windows:4 windows x86 arch:x86

66caac194d09d81bd5f631338f9c997c

Code Sign

05:b0:ff
Certificate

Issuer

OU=Equifax Secure Certificate Authority,O=Equifax,C=US

Not Before

16/02/2006, 18:01

Not After

19/02/2016, 18:01

Subject

CN=Intel External Basic Policy CA,O=Intel Corporation,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2d:a6:66:52:00:00:00:00:1d:ff
Certificate

Issuer

CN=Intel External Basic Issuing CA 3A,O=Intel Corporation,C=US

Not Before

12/03/2008, 18:12

Not After

12/03/2011, 18:12

Subject

CN=Compiler Tools and Quality Engineering,O=Intel Corporation

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:2c:94:89:00:00:00:00:00:05
Certificate

Issuer

CN=Intel External Basic Policy CA,O=Intel Corporation,C=US

Not Before

22/03/2006, 22:22

Not After

22/03/2012, 22:32

Subject

CN=Intel External Basic Issuing CA 3A,O=Intel Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

25:ff:e1:a3:10:83:83:7f:ff:a1:51:4b:d4:34:de:86:41:0a:9d:e1
Signer

Actual PE Digest

25:ff:e1:a3:10:83:83:7f:ff:a1:51:4b:d4:34:de:86:41:0a:9d:e1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress
FormatMessageA
GetThreadLocale
LoadLibraryA
GetCurrentThreadId
GetCommandLineA
GetVersionExA
ExitProcess
TerminateProcess
GetCurrentProcess
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
HeapFree
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
LeaveCriticalSection
EnterCriticalSection
SetFilePointer
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
LCMapStringA
MultiByteToWideChar
LCMapStringW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetStdHandle
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
FlushFileBuffers
VirtualProtect
GetSystemInfo
CloseHandle

Exports

Exports

_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_LIB_VERSIONIMF
__acosdq
__acoshq
__acosq
__annuityq
__asindq
__asinhq
__asinq
__atan2dq
__atan2q
__atand2q
__atandq
__atanhq
__atanq
__cabsq
__cacoshq
__cacosq
__cargq
__casinhq
__casinq
__catanhq
__catanq
__cbrtq
__ccoshq
__ccosq
__ceilq
__cexp10q
__cexp2q
__cexpm1q
__cexpq
__cimagq
__cisdq
__cisq
__clog10q
__clog1pq
__clog2q
__clog_f90
__clogf_f90
__clogq
__clogq_f90
__compoundq
__conjq
__copysignq
__cosdq
__coshq
__cosq
__cotdq
__cotq
__cpowq
__cprojq
__crealq
__csinhq
__csinq
__csqrt_f90
__csqrtf_f90
__csqrtq
__csqrtq_f90
__ctanhq
__ctanq
__dremq
__erfcq
__erfq
__exp10q
__exp2q
__expm1q
__expq
__fabsq
__fdimq
__finite
__finited
__finitef
__finitel
__floorq
__fmaq
__fmaxq
__fminq
__fmodq
__fpclassify
__fpclassifyd
__fpclassifyf
__fpclassifyl
__frexpq
__gammaq
__gammaq_r
__hypotq
__ilogbq
__invsqrtq
__isfinite
__isfinited
__isfinitef
__isfinitel
__isgreater
__isgreaterequal
__isgreaterequalf
__isgreaterequall
__isgreaterf
__isgreaterl
__isinf
__isinfd
__isinff
__isinfl
__isless
__islessequal
__islessequalf
__islessequall
__islessf
__islessgreater
__islessgreaterf
__islessgreaterl
__islessl
__isnan
__isnand
__isnanf
__isnanl
__isnormal
__isnormald
__isnormalf
__isnormall
__isunordered
__isunorderedf
__isunorderedl
__j0q
__j1q
__jnq
__ldexpq
__lgammaq
__lgammaq_r
__libm_f_pow2i
__libm_f_powc16i8
__libm_f_powc32i8
__libm_f_powc8i8
__libm_f_powcc
__libm_f_powci
__libm_f_powdd
__libm_f_powdi
__libm_f_powi8i4
__libm_f_powi8i8
__libm_f_powii
__libm_f_powji
__libm_f_powr16i8
__libm_f_powr4i8
__libm_f_powr8i8
__libm_f_powri
__libm_f_powrr
__libm_f_powzi
__libm_f_powzz
__libm_pow_bb
__libm_pow_cc_val
__libm_pow_ci
__libm_pow_ci_val
__libm_pow_cr_val
__libm_pow_dd
__libm_pow_di_val
__libm_pow_dz_val
__libm_pow_hh
__libm_pow_ii_val
__libm_pow_rc_val
__libm_pow_ri_val
__libm_pow_zd_val
__libm_pow_zi_val
__libm_pow_zz_val
__libm_setusermatherr
__libm_setusermatherrf
__libm_setusermatherrl
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atan2f
__libm_sse2_atanf
__libm_sse2_cbrt
__libm_sse2_cbrtf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_exp10
__libm_sse2_exp10f
__libm_sse2_exp2
__libm_sse2_exp2f
__libm_sse2_expf
__libm_sse2_expm1
__libm_sse2_expm1f
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_log1p
__libm_sse2_log1pf
__libm_sse2_log2
__libm_sse2_log2f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sincos
__libm_sse2_sincosf
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__llrintq
__llroundq
__log10q
__log1pq
__log2q
__logbq
__logq
__lrintq
__lroundq
__modfq
__nearbyintq
__nextafterq
__nexttowardq
__nintq
__pow_eq
__powc16i4
__powc16i8
__powc32i4
__powc32i8
__powc8i4
__powc8i8
__powi4i4
__powi8i8
__powi_eq
__powiq
__powq
__powr10i4
__powr10i8
__powr16i4
__powr16i8
__powr4i4
__powr4i8
__powr8i4
__powr8i8
__remainderq
__remquoq
__rintq
__roundq
__rsqrtq
__scalblnq
__scalbnq
__scalbq
__signbit
__signbitd
__signbitf
__signbitl
__signgamq
__significandq
__sincosdq
__sincosq
__sindq
__sinhcoshq
__sinhq
__sinq
__sqrtq
__tandq
__tanhq
__tanq
__tgammaq
__truncq
__y0q
__y1q
__ynq
_cvtsh_ss
_cvtss_sh
_mm_cvtph_ps
_mm_cvtps_ph
acos
acos.J
acosd
acosdf
acosdl
acosf
acosf.J
acosh
acoshf
acoshl
acosl
annuity
annuityf
annuityl
asin
asin.J
asind
asindf
asindl
asinf
asinf.J
asinh
asinhf
asinhl
asinl
atan
atan.J
atan2
atan2.J
atan2d
atan2df
atan2dl
atan2f
atan2l
atand
atand2
atand2f
atand2l
atandf
atandl
atanf
atanf.J
atanh
atanhf
atanhl
atanl
cabs
cabsf
cabsl
cacos
cacosf
cacosh
cacoshf
cacoshl
cacosl
carg
cargf
cargl
casin
casinf
casinh
casinhf
casinhl
casinl
catan
catanf
catanh
catanhf
catanhl
catanl
cbrt
cbrtf
cbrtl
ccos
ccosf
ccosh
ccoshf
ccoshl
ccosl
ceil
ceilf
ceill
cexp
cexp.J
cexp10
cexp10f
cexp10l
cexp2
cexp2f
cexp2l
cexpf
cexpf.J
cexpl
cimag
cimagf
cimagl
cis
cisd
cisdf
cisdl
cisf
cisl
clog
clog.J
clog10
clog10f
clog10l
clog2
clog2f
clog2l
clogf
clogf.J
clogl
compound
compoundf
compoundl
conj
conjf
conjl
copysign
copysignf
copysignl
cos
cos.J
cosd
cosdf
cosdl
cosf
cosf.J
cosh
coshf
coshl
cosl
cot
cotd
cotdf
cotdl
cotf
cotl
cpow
cpowf
cpowl
cproj
cprojf
cprojl
creal
crealf
creall
csin
csinf
csinh
csinhf
csinhl
csinl
csqrt
csqrt.J
csqrtf
csqrtf.J
csqrtl
ctan
ctanf
ctanh
ctanhf
ctanhl
ctanl
erf
erfc
erfcf
erfcl
erff
erfinv
erfinvf
erfinvl
erfl
exp
exp.J
exp10
exp10f
exp10l
exp2
exp2f
exp2l
expf
expf.J
expl
expm1
expm1f
expm1l
f_pow2i
f_powc16i8
f_powc32i8
f_powc8i8
f_powcc
f_powci
f_powdd
f_powdi
f_powi8i4
f_powi8i8
f_powii
f_powji
f_powr16i8
f_powr4i8
f_powr8i8
f_powri
f_powrr
f_powzi
f_powzz
fabs
fabsf
fabsl
fdim
fdimf
fdiml
feclearexcept
fedisableexcept
feenableexcept
fegetenv

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 832KB - Virtual size: 829KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 296KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
program files/HyperNiche 2/msvcr90.dll
.dll windows:5 windows x86 arch:x86

0fda4497453286b1daa098623dfc53ce

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0f:78:4d:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2007, 00:23

Not After

23/02/2009, 00:33

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:14:2c:a7:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/06/2007, 23:54

Not After

13/06/2012, 00:04

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:27F4-D440-54F3,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:14:2c:a7:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/06/2007, 23:54

Not After

13/06/2012, 00:04

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:27F4-D440-54F3,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4e:a2:0c:d7:08:3c:6d:9c:9c:e7:11:07:12:85:b9:f7:4e:10:16:d8
Signer

Actual PE Digest

4e:a2:0c:d7:08:3c:6d:9c:9c:e7:11:07:12:85:b9:f7:4e:10:16:d8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr90.i386.pdb

Imports

kernel32

GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetSystemWindowsDirectoryW
GetSystemDirectoryW
GetLongPathNameW
GetCurrentThreadId
TlsGetValue
DebugBreak
OutputDebugStringA
GetCommandLineA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
GetLogicalDrives
GetDiskFreeSpaceA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
Beep
GetFileAttributesA
SetFileAttributesA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
MoveFileA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
SetEnvironmentVariableW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
FreeLibrary
CreateProcessW
ReadFile
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
WideCharToMultiByte
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetProcessHeap
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapSize
HeapReAlloc
VirtualAlloc
HeapValidate
HeapCompact
HeapWalk
VirtualProtect
GetSystemInfo
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
CreateFileA
FlushFileBuffers
CreatePipe
CreateFileW
SetStdHandle
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
IsDBCSLeadByteEx
ReadConsoleA
ReadConsoleW
SetEndOfFile
GetFileInformationByHandle
PeekNamedPipe
InterlockedExchange
LockFile
UnlockFile
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
QueryPerformanceCounter
GetTickCount
GetStringTypeW
GetStringTypeA
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
GetLocaleInfoW
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LoadLibraryW
GetModuleHandleA

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1exception@std@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?unexpected@@YAXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_app_type
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lc_clike
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p
_cprintf_p_l
_cprintf_s
_cprintf_s_l
_cputs
_cputws
_creat
_create_locale
_crt_debugger_hook
_cscanf
_cscanf_l
_cscanf_s
_cscanf_s_l
_ctime32
_ctime32_s
_ctime64
_ctime64_s
_cwait
_cwprintf
_cwprintf_l
_cwprintf_p
_cwprintf_p_l
_cwprintf_s
_cwprintf_s_l
_cwscanf
_cwscanf_l
_cwscanf_s
_cwscanf_s_l
_daylight
_decode_pointer
_difftime32
_difftime64
_dosmaperr
_dstbias
_dup
_dup2
_dupenv_s
_ecvt
_ecvt_s
_encode_pointer
_encoded_null
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_except_handler4_common
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fclose_nolock
_fcloseall
_fcvt
_fcvt_s
_fdopen
_fflush_nolock
_fgetchar
_fgetwc_nolock
_fgetwchar
_filbuf
_filelength
_filelengthi64
_fileno
_findclose
_findfirst32
_findfirst32i64
_findfirst64
_findfirst64i32
_findnext32
_findnext32i64
_findnext64
_findnext64i32
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fprintf_l
_fprintf_p
_fprintf_p_l
_fprintf_s_l
_fputchar
_fputwc_nolock
_fputwchar
_fread_nolock
_fread_nolock_s
_free_locale
_freea
_freea_s
_freefls
_fscanf_l
_fscanf_s_l
_fseek_nolock
_fseeki64
_fseeki64_nolock
_fsopen
_fstat32
_fstat32i64
_fstat64
_fstat64i32
_ftell_nolock
_ftelli64
_ftelli64_nolock
_ftime32
_ftime32_s
_ftime64
_ftime64_s
_ftol
_fullpath
_futime32
_futime64
_fwprintf_l
_fwprintf_p
_fwprintf_p_l
_fwprintf_s_l
_fwrite_nolock
_fwscanf_l
_fwscanf_s_l
_gcvt
_gcvt_s
_get_amblksiz
_get_current_locale
_get_daylight
_get_doserrno
_get_dstbias
_get_errno
_get_fmode
_get_heap_handle
_get_invalid_parameter_handler
_get_osfhandle
_get_output_format
_get_pgmptr
_get_printf_count_output
_get_purecall_handler
_get_sbh_threshold
_get_terminate
_get_timezone
_get_tzname
_get_unexpected
_get_wpgmptr
_getc_nolock
_getch
_getch_nolock
_getche
_getche_nolock
_getcwd
_getdcwd
_getdcwd_nolock
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getptd
_getsystime
_getw
_getwch
_getwch_nolock
_getwche
_getwche_nolock
_getws
_getws_s
_global_unwind2
_gmtime32

Sections

.text
Size: 598KB - Virtual size: 598KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup.exe
.exe windows:4 windows x86 arch:x86

de43819f6987002d63a5772e7e87ff4d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

a8:58:86:da:25:5f:3f:04:8d:18:75:8c:51:bd:a5:c5
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/06/2015, 00:00

Not After

01/06/2016, 23:59

Subject

CN=MjM Software Design,O=MjM Software Design,POSTALCODE=97388,STREET=371 Salishan Dr,L=Gleneden Beach,ST=Oregon,C=US,2.5.4.18=#1303313239

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

25:34:96:bb:61:fd:6f:47:b8:41:72:45:3d:3c:61:90:6f:1d:0d:b0
Signer

Actual PE Digest

25:34:96:bb:61:fd:6f:47:b8:41:72:45:3d:3c:61:90:6f:1d:0d:b0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shell32

SHBrowseForFolderA
SHGetMalloc
SHGetPathFromIDListA

comctl32

ord17

kernel32

GetLastError
WideCharToMultiByte
DeleteFileA
lstrlenW
InterlockedIncrement
InterlockedDecrement
QueryPerformanceFrequency
CreateEventA
Sleep
lstrcatA
CompareStringA
CompareStringW
GetVersionExA
SetFilePointer
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
FreeLibrary
GetProcAddress
LoadLibraryA
LockResource
LoadResource
SizeofResource
FindResourceA
CreateProcessA
GetSystemDefaultLCID
GlobalHandle
VerLanguageNameA
SetCurrentDirectoryA
WaitForSingleObject
GetSystemInfo
MulDiv
GetModuleFileNameA
IsValidCodePage
GetVersion
FlushFileBuffers
SetEndOfFile
LocalFree
FormatMessageA
GetDiskFreeSpaceA
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
GetExitCodeProcess
GetCurrentProcess
GetCurrentThread
GetLocaleInfoA
UnhandledExceptionFilter
lstrlenA
GetACP
GetCPInfo
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
SetLastError
HeapDestroy
GetEnvironmentVariableA
LCMapStringW
LCMapStringA
DeleteCriticalSection
InitializeCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
HeapSize
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
TerminateProcess
ExitProcess
RaiseException
RtlUnwind
SystemTimeToFileTime
QueryPerformanceCounter
ResetEvent
SetEvent
GetShortPathNameA
SearchPathA
FindFirstFileA
VirtualProtect
VirtualQuery
FindClose
GetStdHandle
GetFileType
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CreateFileA
GetFileSize
GlobalAlloc
CloseHandle
GlobalLock
ReadFile
GlobalUnlock
GlobalFree
CopyFileA
MultiByteToWideChar
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
CreateThread
GetExitCodeThread
GetTickCount
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GetTempPathA
SetErrorMode
GetWindowsDirectoryA
GetTempFileNameA
GetFileAttributesA
GetProcessHeap
HeapAlloc
HeapFree
WriteFile
lstrcpynA
lstrcpyA
CreateFileMappingA
MapViewOfFile
HeapCreate
UnmapViewOfFile
SetHandleCount
GetOEMCP

user32

GetParent
GetWindowTextLengthA
GetWindowTextA
MoveWindow
GetWindowPlacement
DrawIcon
DestroyIcon
GetDlgCtrlID
SetWindowTextA
FillRect
GetSysColor
GetSysColorBrush
IsDialogMessageA
SendMessageA
EnableWindow
GetDlgItemTextA
GetWindow
SetCursor
UpdateWindow
GetClassInfoA
wvsprintfA
LoadStringA
GetSystemMetrics
SetRect
FindWindowA
IntersectRect
SubtractRect
CharPrevA
DestroyWindow
CreateDialogParamA
MessageBoxIndirectA
CharNextA
MessageBoxA
WaitForInputIdle
GetWindowLongA
BeginPaint
EndPaint
SetWindowLongA
GetClientRect
ClientToScreen
SetWindowPos
GetWindowDC
EndDialog
GetDlgItem
ShowWindow
DialogBoxParamA
GetDesktopWindow
wsprintfA
MsgWaitForMultipleObjects
PeekMessageA
DefWindowProcA
PostMessageA
KillTimer
PostQuitMessage
SetTimer
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
GetDC
ReleaseDC
ExitWindowsEx
SendDlgItemMessageA
IsWindow
CharLowerBuffA
GetWindowRect

gdi32

GetTextExtentPoint32A
SetBkMode
SetTextColor
GetObjectA
CreateFontIndirectA
CreateSolidBrush
CreateCompatibleDC
SelectObject
CreateFontA
DeleteDC
DeleteObject
GetStockObject
GetSystemPaletteEntries
CreatePalette
GetDeviceCaps
SelectPalette
RealizePalette
CreateDIBitmap
BitBlt
TranslateCharsetInfo

advapi32

RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegEnumValueA
RegDeleteKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenThreadToken
RegOpenKeyExA

ole32

StringFromCLSID
CoTaskMemFree
CoCreateGuid
CoCreateInstance
GetRunningObjectTable
StgIsStorageFile
StgOpenStorage
CoUninitialize
CoInitialize
CreateItemMoniker

oleaut32

VariantChangeType
SysAllocString
SysAllocStringLen
SysStringLen
SysReAllocStringLen
SysFreeString
VariantClear

Sections

.text
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5558fce337c1e97773643800b7ef9dc

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

version

Sections

.text Size: 136KB - Virtual size: 132KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 20KB - Virtual size: 24KB

.rsrc Size: 28KB - Virtual size: 26KB

67af66ba0443aed8fc5e024dc8ee29b6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

comctl32

Sections

.text Size: 104KB - Virtual size: 102KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 16KB - Virtual size: 16KB

.rsrc Size: 80KB - Virtual size: 76KB

Headers

File Characteristics

Sections

.text Size: 4KB - Virtual size: 6B

.rsrc Size: 364KB - Virtual size: 362KB

.reloc Size: 4KB - Virtual size: 12B

Headers

File Characteristics

Sections

.rsrc Size: 352KB - Virtual size: 350KB

.reloc Size: 4KB - Virtual size: 12B

41c854ae4a642c567f1b793f7fac60cb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

Sections

.text Size: 280KB - Virtual size: 279KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 28KB - Virtual size: 30KB

.rsrc Size: 92KB - Virtual size: 88KB

06f92f95d6c22bf59f41fc161357f85b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 2KB

7660b46a9b95303e64e1fd87820b1651

Headers

.text
Size: 136KB - Virtual size: 132KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 20KB - Virtual size: 24KB

.rsrc
Size: 28KB - Virtual size: 26KB

.text
Size: 104KB - Virtual size: 102KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 80KB - Virtual size: 76KB

.text
Size: 4KB - Virtual size: 6B

.rsrc
Size: 364KB - Virtual size: 362KB

.reloc
Size: 4KB - Virtual size: 12B

.rsrc
Size: 352KB - Virtual size: 350KB

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 280KB - Virtual size: 279KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 28KB - Virtual size: 30KB

.rsrc
Size: 92KB - Virtual size: 88KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 28KB - Virtual size: 26KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 192KB - Virtual size: 190KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 28KB - Virtual size: 28KB

.rsrc
Size: 4KB - Virtual size: 936B

.reloc
Size: 12KB - Virtual size: 9KB

.text
Size: 4KB - Virtual size: 482B

.rdata
Size: 4KB - Virtual size: 467B

.data
Size: 4KB - Virtual size: 564B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 100B

.text
Size: 104KB - Virtual size: 100KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 64KB - Virtual size: 63KB