DllCheckKey
DllEntry
DllLeftDays
DllPurchase
DllReadFlag
DllReadLicense
DllReadWebUrl
DllUpgradeEnd
DllWriteLicense
ShowModalWordWebWEx
Overview
overview
3Static
static
3Public/1.bat
windows7-x64
1Public/1.bat
windows10-2004-x64
1Public/GBP...ol.exe
windows7-x64
1Public/GBP...ol.exe
windows10-2004-x64
1Public/GBP...32.dll
windows7-x64
1Public/GBP...32.dll
windows10-2004-x64
1Public/GBP...ns.exe
windows7-x64
3Public/GBP...ns.exe
windows10-2004-x64
3Public/GBP...ns.exe
windows7-x64
1Public/GBP...ns.exe
windows10-2004-x64
1Public/GBP...rk.dll
windows7-x64
1Public/GBP...rk.dll
windows10-2004-x64
1Public/GBP...er.exe
windows7-x64
1Public/GBP...er.exe
windows10-2004-x64
1Public/GBP...an.dll
windows7-x64
1Public/GBP...an.dll
windows10-2004-x64
1Public/GSW32.exe
windows7-x64
1Public/GSW32.exe
windows10-2004-x64
1Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
Public/1.bat
Resource
win7-20240508-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
Public/1.bat
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral3
Sample
Public/GBPPKVJOT/DAQDeviceControl.exe
Resource
win7-20240215-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral4
Sample
Public/GBPPKVJOT/DAQDeviceControl.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral5
Sample
Public/GBPPKVJOT/KTEMain32.dll
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral6
Sample
Public/GBPPKVJOT/KTEMain32.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral7
Sample
Public/GBPPKVJOT/KTEPerUserOptions.exe
Resource
win7-20231129-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral8
Sample
Public/GBPPKVJOT/KTEPerUserOptions.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral9
Sample
Public/GBPPKVJOT/Permissions.exe
Resource
win7-20240220-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral10
Sample
Public/GBPPKVJOT/Permissions.exe
Resource
win10v2004-20240426-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral11
Sample
Public/GBPPKVJOT/RBGUIFramework.dll
Resource
win7-20240215-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral12
Sample
Public/GBPPKVJOT/RBGUIFramework.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral13
Sample
Public/GBPPKVJOT/Transfer.exe
Resource
win7-20240508-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral14
Sample
Public/GBPPKVJOT/Transfer.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral15
Sample
Public/GBPPKVJOT/drivespan.dll
Resource
win7-20240508-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral16
Sample
Public/GBPPKVJOT/drivespan.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral17
Sample
Public/GSW32.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral18
Sample
Public/GSW32.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
9a61c57f23a4ecccfd1983070889742fc80854ce5673ebb6707ea77d86c2fc29.rar
-
Size
3.8MB
-
MD5
828a5f98d9c2fef404b069e55848286f
-
SHA1
b80cb8661da10513b040e09645f1671747048631
-
SHA256
9a61c57f23a4ecccfd1983070889742fc80854ce5673ebb6707ea77d86c2fc29
-
SHA512
f6d1a9c660ed39f3a1f5216956c47c4098487addccfaa21d8b9d374298453d92d58cb32866cae21e95b6bdaec20cee106a8dc4fb7be2a235733d9cd268cf2106
-
SSDEEP
98304:FPJJMnKJ/+Du+Rvja8x82Z7Fbhi5kWrgKp4vV+4v4:FPJCnU/+vRr5y08Txp49+44
Score
3/10
Malware Config
Signatures
-
Unsigned PE 4 IoCs
Checks for missing Authenticode signature.
resource unpack001/Public/GBPPKVJOT/DAQDeviceControl.exe unpack001/Public/GBPPKVJOT/KTEMain32.dll unpack001/Public/GBPPKVJOT/RBGUIFramework.dll unpack001/Public/GBPPKVJOT/drivespan.dll
Files
-
9a61c57f23a4ecccfd1983070889742fc80854ce5673ebb6707ea77d86c2fc29.rar.rar
-
Public/1.bat
-
Public/GBPPKVJOT/DAQDeviceControl.exe.exe windows:6 windows x86 arch:x86
56626ddf0065025d17621e29f280f6b5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CloseHandle
OpenEventW
GetFileAttributesW
GetModuleFileNameW
lstrlenW
CreateFileW
SetFilePointerEx
WriteFile
GetTempPathW
WaitForSingleObject
GetCurrentProcess
TerminateProcess
GetExitCodeProcess
GetExitCodeThread
CreateProcessW
VirtualAlloc
GetModuleHandleW
LoadResource
LockResource
SizeofResource
FindResourceW
LoadLibraryW
lstrcatW
K32GetModuleBaseNameW
ReadConsoleW
ReadFile
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
GetFileSizeEx
HeapQueryInformation
HeapSize
HeapReAlloc
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
GetCurrentThreadId
IsDebuggerPresent
RaiseException
MultiByteToWideChar
WideCharToMultiByte
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetLastError
HeapAlloc
HeapFree
GetProcessHeap
VirtualQuery
FreeLibrary
GetProcAddress
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
LoadLibraryExW
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
GetModuleHandleExW
GetStdHandle
HeapValidate
GetSystemInfo
GetCurrentThread
GetFileType
OutputDebugStringW
WriteConsoleW
SetConsoleCtrlHandler
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
DecodePointer
user32
CreateWindowExW
ShowWindow
DefWindowProcW
GetWindow
GetDesktopWindow
GetWindowTextA
PostMessageW
RegisterClassW
shell32
ShellExecuteW
shlwapi
PathFileExistsW
Sections
.text Size: 773KB - Virtual size: 772KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 159KB - Virtual size: 158KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.msvcjmc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.Version Size: 1024B - Virtual size: 563B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.00cfg Size: 512B - Virtual size: 270B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 4.3MB - Virtual size: 4.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 36KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Public/GBPPKVJOT/KTEMain32.dll.dll windows:6 windows x86 arch:x86
af1d71d0dd22e314f4c1a138d42fc1a1
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
WaitForSingleObject
SetFileAttributesW
Sleep
TerminateThread
CreateThread
GetTickCount
EnterCriticalSection
WriteFile
LeaveCriticalSection
CloseHandle
GetCommandLineW
GetLastError
lstrlenW
GetModuleFileNameW
DeleteFileW
GetModuleHandleW
CreateEventA
WriteConsoleW
CreateFileW
HeapReAlloc
HeapSize
SetFilePointerEx
GetFileSizeEx
SetStdHandle
GetConsoleMode
GetConsoleOutputCP
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
RtlUnwind
RaiseException
InterlockedFlushSList
SetLastError
EncodePointer
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
HeapAlloc
HeapFree
LCMapStringW
GetStdHandle
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
FlushFileBuffers
DecodePointer
user32
ShowWindow
RegisterClassW
MessageBoxA
DefWindowProcW
CreateWindowExW
shell32
CommandLineToArgvW
SHCreateDirectoryExW
shlwapi
StrStrIW
Exports
Exports
Sections
.text Size: 78KB - Virtual size: 78KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 30KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Public/GBPPKVJOT/KTEPerUserOptions.exe.exe windows:5 windows x86 arch:x86
6eaa9d16ca44b2a8b56491470bd76442
Code Sign
48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate
IssuerCN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before25/05/2021, 00:00Not After31/12/2028, 23:59SubjectCN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2022, 00:00Not After09/11/2031, 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6eCertificate
IssuerCN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GBNot Before22/03/2021, 00:00Not After21/03/2036, 23:59SubjectCN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14/07/2023, 00:00Not After13/10/2034, 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
20:ec:b5:63:ba:ec:4e:2c:1c:dd:75:95:82:55:11:09Certificate
IssuerCN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GBNot Before28/01/2022, 00:00Not After27/01/2025, 23:59SubjectSERIALNUMBER=91469005MA5T8LUR55,CN=ExtendOffice Technology Inc.,O=ExtendOffice Technology Inc.,ST=海南省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#1302434eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate
IssuerCN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before25/05/2021, 00:00Not After31/12/2028, 23:59SubjectCN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6eCertificate
IssuerCN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GBNot Before22/03/2021, 00:00Not After21/03/2036, 23:59SubjectCN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
20:ec:b5:63:ba:ec:4e:2c:1c:dd:75:95:82:55:11:09Certificate
IssuerCN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GBNot Before28/01/2022, 00:00Not After27/01/2025, 23:59SubjectSERIALNUMBER=91469005MA5T8LUR55,CN=ExtendOffice Technology Inc.,O=ExtendOffice Technology Inc.,ST=海南省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#1302434eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14/07/2023, 00:00Not After13/10/2034, 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2022, 00:00Not After09/11/2031, 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
26:03:ef:12:eb:e6:bc:86:dd:86:3d:aa:cf:3e:e0:c9:b6:e0:2d:e3:23:55:04:22:9b:38:81:e6:12:35:a3:bfSigner
Actual PE Digest26:03:ef:12:eb:e6:bc:86:dd:86:3d:aa:cf:3e:e0:c9:b6:e0:2d:e3:23:55:04:22:9b:38:81:e6:12:35:a3:bfDigest Algorithmsha256PE Digest Matchestruec9:00:7c:2c:a0:c8:6c:36:3b:9b:c8:db:20:da:13:e4:61:da:76:9fSigner
Actual PE Digestc9:00:7c:2c:a0:c8:6c:36:3b:9b:c8:db:20:da:13:e4:61:da:76:9fDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
winspool.drv
DocumentPropertiesW
ClosePrinter
OpenPrinterW
GetDefaultPrinterW
EnumPrintersW
comctl32
ImageList_GetImageInfo
FlatSB_SetScrollInfo
InitCommonControls
ImageList_DragMove
ImageList_Destroy
_TrackMouseEvent
ImageList_DragShowNolock
ImageList_Add
FlatSB_SetScrollProp
ImageList_GetDragImage
ImageList_Create
ImageList_EndDrag
ImageList_DrawEx
ImageList_SetImageCount
FlatSB_GetScrollPos
FlatSB_SetScrollPos
InitializeFlatSB
ImageList_Copy
FlatSB_GetScrollInfo
ImageList_Write
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_BeginDrag
ImageList_GetIcon
ImageList_Replace
ImageList_GetImageCount
ImageList_DragEnter
ImageList_GetIconSize
ImageList_SetIconSize
ImageList_Read
ImageList_DragLeave
ImageList_LoadImageW
ImageList_Draw
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetOverlayImage
shell32
SHGetSpecialFolderLocation
IsUserAnAdmin
Shell_NotifyIconW
ShellExecuteW
SHGetPathFromIDListW
ShellExecuteExW
user32
CopyImage
MoveWindow
CreateWindowExW
ChildWindowFromPoint
GetMenuItemInfoW
SetMenuItemInfoW
DefFrameProcW
GetDCEx
PeekMessageW
MonitorFromWindow
GetDlgCtrlID
SetTimer
WindowFromPoint
BeginPaint
RegisterClipboardFormatW
FrameRect
MapVirtualKeyW
IsWindowUnicode
RegisterWindowMessageW
FillRect
GetMenuStringW
DispatchMessageW
CreateAcceleratorTableW
SendMessageA
DefMDIChildProcW
EnumWindows
GetClassInfoW
ShowOwnedPopups
GetSystemMenu
GetScrollRange
SetScrollPos
GetScrollPos
GetActiveWindow
SetActiveWindow
DrawEdge
GetKeyboardLayoutList
LoadBitmapW
DrawFocusRect
EnumChildWindows
GetScrollBarInfo
ReleaseCapture
UnhookWindowsHookEx
LoadCursorW
GetCapture
SetCapture
CreatePopupMenu
ScrollWindow
ShowCaret
GetMenuItemID
GetLastActivePopup
CharLowerBuffW
GetSystemMetrics
SetWindowLongW
PostMessageW
DrawMenuBar
SetParent
IsZoomed
CharUpperBuffW
GetClientRect
IsChild
ClientToScreen
GetClipboardData
SetClipboardData
SetWindowPlacement
IsIconic
CallNextHookEx
GetMonitorInfoW
ShowWindow
CheckMenuItem
CharUpperW
DefWindowProcW
GetForegroundWindow
SetForegroundWindow
GetWindowTextW
EnableWindow
DestroyWindow
IsDialogMessageW
EndMenu
RegisterClassW
CharNextW
GetWindowThreadProcessId
RedrawWindow
GetDC
GetFocus
SetFocus
EndPaint
ReleaseDC
MsgWaitForMultipleObjectsEx
LoadKeyboardLayoutW
GetClassLongW
ActivateKeyboardLayout
GetParent
DrawTextW
SetScrollRange
MonitorFromRect
InsertMenuItemW
PeekMessageA
GetPropW
SetClassLongW
MessageBoxW
MessageBeep
SetPropW
RemovePropW
UpdateWindow
GetSubMenu
MsgWaitForMultipleObjects
DestroyMenu
DestroyIcon
SetWindowsHookExW
EmptyClipboard
IsWindowVisible
DispatchMessageA
UnregisterClassW
GetTopWindow
SendMessageW
AdjustWindowRectEx
DrawIcon
IsWindow
EnumThreadWindows
InvalidateRect
GetKeyboardState
DrawFrameControl
ScreenToClient
SetCursor
CreateIcon
CreateMenu
LoadStringW
CharLowerW
SetWindowRgn
SetWindowPos
GetMenuItemCount
RemoveMenu
GetSysColorBrush
GetKeyboardLayoutNameW
GetWindowDC
TranslateMessage
OpenClipboard
DrawTextExW
MapWindowPoints
EnumDisplayMonitors
CallWindowProcW
CloseClipboard
DestroyCursor
GetScrollInfo
SetWindowTextW
GetMessageExtraInfo
EnableScrollBar
GetSysColor
TrackPopupMenu
CopyIcon
DrawIconEx
PostQuitMessage
GetClassNameW
ShowScrollBar
EnableMenuItem
GetIconInfo
GetMessagePos
SetScrollInfo
GetKeyNameTextW
GetDesktopWindow
GetCursorPos
SetCursorPos
HideCaret
GetMenu
GetMenuState
SetMenu
SetRect
GetKeyState
FindWindowExW
MonitorFromPoint
SystemParametersInfoW
LoadIconW
GetCursor
GetWindow
GetWindowLongW
GetWindowRect
InsertMenuW
KillTimer
WaitMessage
IsWindowEnabled
IsDialogMessageA
TranslateMDISysAccel
GetWindowPlacement
FindWindowW
DeleteMenu
GetKeyboardLayout
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
oleaut32
SetErrorInfo
GetErrorInfo
SysFreeString
VariantClear
VariantInit
SysReAllocStringLen
SafeArrayCreate
CreateErrorInfo
GetActiveObject
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
VariantCopy
VariantChangeType
VariantCopyInd
advapi32
RegSetValueExW
RegConnectRegistryW
RegEnumKeyExW
RegLoadKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegUnLoadKeyW
RegSaveKeyW
RegDeleteValueW
RegReplaceKeyW
RegFlushKey
RegQueryValueExW
RegEnumValueW
RegCloseKey
RegCreateKeyExW
RegRestoreKeyW
netapi32
NetWkstaGetInfo
NetApiBufferFree
msvcrt
memcpy
memset
kernel32
SetFileAttributesW
QueryDosDeviceW
GetACP
CloseHandle
LocalFree
GetCurrentProcessId
SizeofResource
VirtualProtect
QueryPerformanceFrequency
IsDebuggerPresent
FindNextFileW
GetFullPathNameW
VirtualFree
ExitProcess
HeapAlloc
GetCPInfoExW
GetLongPathNameW
RtlUnwind
GetCPInfo
EnumSystemLocalesW
GetStdHandle
FileTimeToLocalFileTime
GetModuleHandleW
FreeLibrary
TryEnterCriticalSection
HeapDestroy
FileTimeToDosDateTime
ReadFile
HeapSize
GetLastError
GetModuleFileNameW
SetLastError
GlobalAlloc
GlobalUnlock
FindResourceW
CreateThread
CompareStringW
MapViewOfFile
LoadLibraryA
GetVolumeInformationW
ResetEvent
MulDiv
FreeResource
GetDriveTypeW
GetVersion
RaiseException
MoveFileW
GlobalAddAtomW
FormatMessageW
SwitchToThread
GetExitCodeThread
GetCurrentThread
LoadLibraryExW
LockResource
GetCurrentThreadId
UnhandledExceptionFilter
VirtualQuery
GlobalFindAtomW
VirtualQueryEx
GlobalFree
Sleep
EnterCriticalSection
SetFilePointer
LoadResource
SuspendThread
GetTickCount
GetFileSize
GetStartupInfoW
GlobalDeleteAtom
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
InitializeCriticalSection
GetThreadPriority
GetCurrentProcess
SetThreadPriority
GlobalLock
VirtualAlloc
GetTempPathW
GetSystemInfo
GetCommandLineW
LeaveCriticalSection
GetProcAddress
ResumeThread
GetLogicalDriveStringsW
GetVersionExW
VerifyVersionInfoW
HeapCreate
GetWindowsDirectoryW
LCMapStringW
GetDiskFreeSpaceW
VerSetConditionMask
FindFirstFileW
GetUserDefaultUILanguage
UnmapViewOfFile
lstrlenW
QueryPerformanceCounter
SetEndOfFile
lstrcpyW
lstrcmpW
HeapFree
WideCharToMultiByte
FindClose
MultiByteToWideChar
LoadLibraryW
SetEvent
CreateFileW
GetLocaleInfoW
EnumResourceNamesW
DeleteFileW
GetSystemDefaultLCID
GetLocalTime
WaitForSingleObject
WriteFile
CreateFileMappingW
ExitThread
DeleteCriticalSection
GetDateFormatW
TlsGetValue
SetErrorMode
IsValidLocale
TlsSetValue
CreateDirectoryW
GetSystemDefaultUILanguage
EnumCalendarInfoW
LocalAlloc
RemoveDirectoryW
CreateEventW
WaitForMultipleObjectsEx
GetThreadLocale
SetThreadLocale
shfolder
SHGetFolderPathW
ole32
IsEqualGUID
OleInitialize
CLSIDFromProgID
OleUninitialize
CoInitialize
CoCreateInstance
CoUninitialize
CLSIDFromString
CoTaskMemFree
CoTaskMemAlloc
ktemain32
DllUpgradeEnd
DllPurchase
DllCheckKey
DllReadFlag
DllLeftDays
DllReadWebUrl
DllReadLicense
DllWriteLicense
gdi32
Pie
SetBkMode
CreateCompatibleBitmap
GetEnhMetaFileHeader
RectVisible
AngleArc
ResizePalette
SetAbortProc
SetTextColor
StretchBlt
RoundRect
RestoreDC
SetRectRgn
GetTextMetricsW
GetWindowOrgEx
CreatePalette
PolyBezierTo
CreateICW
CreateDCW
GetStockObject
CreateSolidBrush
GetBkMode
Polygon
MoveToEx
PlayEnhMetaFile
Ellipse
StartPage
GetBitmapBits
StartDocW
AbortDoc
GetSystemPaletteEntries
GetEnhMetaFileBits
GetEnhMetaFilePaletteEntries
CreatePenIndirect
CreateFontIndirectW
PolyBezier
EndDoc
GetObjectW
GetWinMetaFileBits
SetROP2
GetEnhMetaFileDescriptionW
ArcTo
Arc
SelectPalette
ExcludeClipRect
MaskBlt
SetWindowOrgEx
EndPage
DeleteEnhMetaFile
Chord
SetDIBits
SetViewportOrgEx
CreateRectRgn
RealizePalette
SetDIBColorTable
GetDIBColorTable
CreateBrushIndirect
PatBlt
SetEnhMetaFileBits
Rectangle
SaveDC
DeleteDC
FrameRgn
BitBlt
GetDeviceCaps
GetTextExtentPoint32W
GetClipBox
IntersectClipRect
Polyline
CreateBitmap
SetWinMetaFileBits
GetStretchBltMode
CreateDIBitmap
SetStretchBltMode
GetDIBits
CreateDIBSection
LineTo
GetRgnBox
EnumFontsW
CreateHalftonePalette
SelectObject
DeleteObject
ExtFloodFill
UnrealizeObject
CopyEnhMetaFileW
SetBkColor
CreateCompatibleDC
GetBrushOrgEx
GetCurrentPositionEx
GetNearestPaletteIndex
GetTextExtentPointW
ExtTextOutW
SetBrushOrgEx
GetPixel
GdiFlush
SetPixel
EnumFontFamiliesExW
StretchDIBits
GetPaletteEntries
Exports
Exports
TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
Sections
.text Size: 2.5MB - Virtual size: 2.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.itext Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: - Virtual size: 27KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.didata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 512B - Virtual size: 162B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: - Virtual size: 72B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 93B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 218KB - Virtual size: 217KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rsrc Size: 855KB - Virtual size: 855KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
Public/GBPPKVJOT/Permissions.exe.exe windows:5 windows x86 arch:x86
c0abd2a9ced2aff011b95e548be54599
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21/12/2012, 00:00Not After30/12/2020, 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
34:4e:d5:57:20:d5:ed:ec:49:f4:2f:ce:37:db:2b:6dCertificate
IssuerCN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=USNot Before17/11/2006, 00:00Not After16/07/2036, 23:59SubjectCN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=USKey Usages
KeyUsageCertSign
KeyUsageCRLSign
71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cbCertificate
IssuerCN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=USNot Before10/12/2013, 00:00Not After09/12/2023, 23:59SubjectCN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18/10/2012, 00:00Not After29/12/2020, 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
52:65:0e:12:20:7b:d6:9b:81:cd:54:b8:7f:2a:db:87Certificate
IssuerCN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=USNot Before02/09/2015, 00:00Not After01/09/2017, 23:59SubjectCN=Silhouette Research & Technology Ltd,O=Silhouette Research & Technology Ltd,L=Plymouth,ST=Devon,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
77:64:09:22:34:f2:5b:a6:ef:62:2b:36:e7:74:f7:9b:77:b4:a5:d1Signer
Actual PE Digest77:64:09:22:34:f2:5b:a6:ef:62:2b:36:e7:74:f7:9b:77:b4:a5:d1Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
c:\DevelBuildSlave\QuickStableVS\build\REALbasic\REALbasic Visual Studio\Release\GUIStubWin32.pdb
Imports
kernel32
FindResourceW
LoadResource
SetDllDirectoryW
LoadLibraryW
GetModuleFileNameW
MultiByteToWideChar
GetProcAddress
LoadLibraryA
LockResource
GetStringTypeW
LCMapStringW
GetLastError
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
EncodePointer
DecodePointer
HeapAlloc
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
RtlUnwind
IsProcessorFeaturePresent
HeapSize
HeapReAlloc
user32
MessageBoxA
Sections
.text Size: 18KB - Virtual size: 18KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 291KB - Virtual size: 291KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Public/GBPPKVJOT/RBGUIFramework.dll.dll windows:6 windows x86 arch:x86
3e834f4db3962679f0ce6d72c4cbd693
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetCommandLineW
OutputDebugStringA
CloseHandle
GetLastError
WaitForSingleObject
CreateEventW
CreateThread
TerminateThread
GetLocalTime
GetNativeSystemInfo
SetUnhandledExceptionFilter
GetCurrentProcess
GetModuleHandleW
lstrcatW
K32GetModuleBaseNameW
CreateFileW
SetFilePointerEx
GetStringTypeW
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetCurrentThreadId
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
RaiseException
MultiByteToWideChar
WideCharToMultiByte
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
GetStartupInfoW
HeapAlloc
HeapFree
GetProcessHeap
VirtualQuery
FreeLibrary
GetProcAddress
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetTickCount
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
GetModuleFileNameW
LoadLibraryExW
EncodePointer
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
HeapValidate
GetSystemInfo
GetCurrentThread
GetStdHandle
GetFileType
WriteFile
OutputDebugStringW
WriteConsoleW
SetConsoleCtrlHandler
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetACP
HeapSize
HeapReAlloc
HeapQueryInformation
FindClose
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
DecodePointer
user32
ShowWindow
DefWindowProcW
MessageBoxA
wsprintfW
RegisterClassW
CreateWindowExW
shell32
CommandLineToArgvW
Exports
Exports
AutoInitDate
BooleanToVariant
ConvertPtrToMemoryBlock
CreateArray
DateCompare
DateFinalizer
DragItemAddItem
DragItemConstructorWithRectControl
DragItemConstructorWithWindow
DragItemDestinationGetter
DragItemDrag
DragItemDragPictureGetter
DragItemDragPictureSetter
DragItemDropHeightSetter
DragItemDropLeftSetter
DragItemDropTopSetter
DragItemDropWidthSetter
DragItemFinalizer
DragItemFolderItemAvailable
DragItemGetMacData
DragItemInitializer
DragItemMacDataAvailable
DragItemMouseCursorGetter
DragItemMouseCursorSetter
DragItemNextItem
DragItemPictureAvailable
DragItemSetMacData
DragItemSetPrivateMacData
DragItemTextAvailable
MDBBooleanGetter
MDBBooleanSetter
MDBCaptionGetter
MDBCaptionSetter
MDButtonGetter
MDIconSetter
MainExport
MemoryBlockAddOperator
MemoryBlockCompareOperator
MemoryBlockFinalizer
MemoryBlockFromStringOperator
MemoryBlockInitializer
MemoryBlockLeftB
MemoryBlockLittleEndianGetter
MemoryBlockLittleEndianSetter
MemoryBlockMidB2
MemoryBlockMidB3
MemoryBlockRightB
MemoryBlockToStringOperator
MessageDialogExplanationGetter
MessageDialogExplanationSetter
MessageDialogFinalizer
MessageDialogIconGetter
MessageDialogInitializer
MessageDialogMessageGetter
MessageDialogMessageSetter
MessageDialogShowModal
MessageDialogShowModalWithin
MessageDialogTitleGetter
MessageDialogTitleSetter
RaiseNilObjectException
RegisterWeakRef
ResolveWeakRef
RuntimeAllocateAttributeTable
RuntimeBackgroundTask
RuntimeCheckCast
RuntimeCloseWindow
RuntimeControlArrayItemReference
RuntimeControlReference
RuntimeCreateDelegate
RuntimeCreateWindow
RuntimeExit
RuntimeHideWindow
RuntimeInit
RuntimeLockObject
RuntimeLockString
RuntimeLockUnlockObjects
RuntimeLockUnlockStrings
RuntimeNewClass
RuntimeNewObject
RuntimeNewVtable
RuntimeObjectIsa
RuntimeReraiseException
RuntimeShowModal
RuntimeShowModalWithinWindow
RuntimeShowWindow
RuntimeShowWithinWindow
RuntimeStackCheck
RuntimeUnlockObject
RuntimeUnlockString
RuntimeViewDestructor
StringToVariant
UnregisterWeakRef
VariantToString
WindowAddControl
WindowAddMenuHandler
WindowAllocateObject
WindowCompositeGetter
WindowCompositeSetter
WindowDefaultConstructor
WindowDockItemGetter
WindowFocusGetter
WindowFocusNext
WindowFocusPrevious
WindowFocusSetter
WindowForceUpdateFrontBuffer
WindowGetContentsChanged
WindowGetFrameBounds
WindowHandleGetter
WindowMacProcIDGetter
WindowMacProcIDSetter
WindowMaximize
WindowMenuBarGetter
WindowMenuBarSetter
WindowMinimize
WindowMinimizeButtonGetter
WindowMinimizeButtonSetter
WindowMouseCursorGetter
WindowMove
WindowRestore
WindowSetContentsChanged
WindowSetFrameBounds
WindowToWindowPtr
WindowVisibleGetter
WindowVisibleSetter
dateFieldGetter
dateFieldSetter
dateGMTOffsetGetter
dateGMTOffsetSetter
dateSQLDateGetter
dateSQLDateSetter
dateSQLDateTimeGetter
dateSQLDateTimeSetter
dateStringGetter
dateTotalSecondsGetter
dateTotalSecondsSetter
dictionaryConstructor
dictionaryDestructor
dictionaryHasKey
dictionaryKey
dictionaryRemove
dictionaryRemoveAll
dictionaryValueGetter
dragItemDropHeight
dragItemDropLeft
dragItemDropTop
dragItemDropWidth
dragItemFolderItemGetter
dragItemFolderItemSetter
dragItemGetHandle
dragItemPictureGetter
dragItemPictureSetter
dragItemTextGetter
dragItemTextSetter
formAcceptFileDrop
formAcceptMacDataDrop
formAcceptPictureDrop
formAcceptTextDrop
formDrawBackground
formDrawInto
formMouseCursorSetter
formRefresh
formRefreshRect
formSetFocus
memoryBlockGetPtr
memoryBlockGetSize
memoryBlockNewConstructor
memoryBlockSetSize
memoryGetBoolean
memoryGetByte
memoryGetCString
memoryGetColor
memoryGetCurrency
memoryGetDouble
memoryGetInt16
memoryGetInt64
memoryGetInt8
memoryGetLong
memoryGetPString
memoryGetPtr
memoryGetShort
memoryGetSingle
memoryGetString
memoryGetUInt16
memoryGetUInt32
memoryGetUInt64
memoryGetUInt8
memoryGetUShort
memoryGetWString
memorySetBoolean
memorySetByte
memorySetCString
memorySetColor
memorySetCurrency
memorySetDouble
memorySetInt16
memorySetInt64
memorySetInt8
memorySetLong
memorySetPString
memorySetPtr
memorySetShort
memorySetSingle
memorySetString
memorySetUInt16
memorySetUInt32
memorySetUInt64
memorySetUInt8
memorySetWString
windowBackColorGetter
windowBackColorSetter
windowBackdropGetter
windowBackdropSetter
windowCloseBoxGetter
windowCloseBoxSetter
windowControl
windowControlCountGetter
windowFrameGetter
windowFrameSetter
windowFullScreenGetter
windowFullScreenSetter
windowGraphicsGetter
windowGrowIconGetter
windowGrowIconSetter
windowHWNDGetter
windowHasBackColorGetter
windowHasBackColorSetter
windowLiveResizeGetter
windowLiveResizeSetter
windowMenusVisibleGetter
windowMenusVisibleSetter
windowMinMaxWidthHeightGetter
windowMinMaxWidthHeightSetter
windowMouseXGetter
windowMouseYGetter
windowPlacementGetter
windowPlacementSetter
windowPosGetter
windowPosSetter
windowTitleGetter
windowTitleSetter
windowWindowPtrGetter
windowZoomIconGetter
windowZoomIconSetter
Sections
.text Size: 705KB - Virtual size: 705KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 156KB - Virtual size: 155KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.msvcjmc Size: 1024B - Virtual size: 648B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.00cfg Size: 512B - Virtual size: 260B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 806B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Public/GBPPKVJOT/Transfer.exe.exe windows:6 windows x86 arch:x86
862cdd542b2c508d29e672ca6eb2f235
Code Sign
0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/01/2021, 00:00Not After06/01/2031, 00:00SubjectCN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07/01/2016, 12:00Not After07/01/2031, 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29/04/2021, 00:00Not After28/04/2036, 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0a:5c:4d:f7:38:d9:91:d8:ce:03:ba:96:89:74:d9:a9Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before14/06/2021, 00:00Not After11/06/2024, 23:59SubjectCN=Nero AG,O=Nero AG,L=Karlsruhe,ST=Baden-Württemberg,C=DEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29/04/2021, 00:00Not After28/04/2036, 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0a:5c:4d:f7:38:d9:91:d8:ce:03:ba:96:89:74:d9:a9Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before14/06/2021, 00:00Not After11/06/2024, 23:59SubjectCN=Nero AG,O=Nero AG,L=Karlsruhe,ST=Baden-Württemberg,C=DEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate
IssuerCN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before12/01/2016, 00:00Not After11/01/2031, 23:59SubjectCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate
IssuerCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USNot Before23/12/2017, 00:00Not After22/03/2029, 23:59SubjectCN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
ec:09:91:3f:24:64:b0:b4:e3:fc:64:31:6c:d2:83:69:4f:d4:10:5b:9c:7e:f6:7c:54:00:c5:0f:c8:7a:71:a9Signer
Actual PE Digestec:09:91:3f:24:64:b0:b4:e3:fc:64:31:6c:d2:83:69:4f:d4:10:5b:9c:7e:f6:7c:54:00:c5:0f:c8:7a:71:a9Digest Algorithmsha256PE Digest Matchestrue7c:eb:a2:eb:ad:f2:dd:e9:24:5b:1e:9e:28:00:e0:04:51:f7:65:0aSigner
Actual PE Digest7c:eb:a2:eb:ad:f2:dd:e9:24:5b:1e:9e:28:00:e0:04:51:f7:65:0aDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\builds\workspace\Applications\Transfer_green\src\Release\Transfer.pdb
Imports
comctl32
InitCommonControlsEx
kernel32
MoveFileExW
LoadLibraryW
GetProcAddress
FreeLibrary
GetModuleFileNameW
GetCurrentProcessId
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
Sleep
CloseHandle
DecodePointer
WriteConsoleW
SetFilePointerEx
GetConsoleMode
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
EncodePointer
RaiseException
GetLastError
SetLastError
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetStdHandle
WriteFile
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetACP
HeapFree
HeapAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
SetStdHandle
GetFileType
GetStringTypeW
GetProcessHeap
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleCP
CreateFileW
shell32
SHGetFolderPathW
shlwapi
PathFileExistsW
Sections
.text Size: 52KB - Virtual size: 52KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 512B - Virtual size: 284B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 570KB - Virtual size: 569KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Public/GBPPKVJOT/drivespan.dll.dll windows:6 windows x86 arch:x86
882f067a9a1019605bc13c8475af6955
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
ReadFile
FindFirstFileW
FindNextFileW
WriteFile
FindClose
CreateFileW
Sleep
GetDiskFreeSpaceExW
lstrcatW
DeleteFileW
CloseHandle
SetFilePointerEx
lstrcmpW
EnterCriticalSection
LeaveCriticalSection
CreateEventW
GetLastError
lstrlenW
GetModuleFileNameW
GetModuleHandleW
CreateEventA
WriteConsoleW
HeapReAlloc
HeapSize
GetStringTypeW
GetFileSizeEx
SetStdHandle
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
RtlUnwind
RaiseException
InterlockedFlushSList
SetLastError
EncodePointer
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
HeapAlloc
HeapFree
LCMapStringW
GetStdHandle
GetFileType
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
DecodePointer
user32
ShowWindow
RegisterClassW
wsprintfW
CreateWindowExW
DefWindowProcW
Exports
Exports
run
Sections
.text Size: 82KB - Virtual size: 82KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 29KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Public/GSW32.EXE.exe windows:4 windows x86 arch:x86
480ca9923928b660a5bf7c5366538ccf
Code Sign
02:b4:00:00:01Certificate
IssuerOU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=InternetNot Before09/04/1996, 09:35Not After31/12/1999, 09:35SubjectOU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet13:89:b4:d1:8a:e8:a7:c4:bd:35:c7:9b:8d:88:ca:1f:ca:53:56:91Certificate
IssuerOU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust NetworkNot Before12/05/1997, 07:00Not After31/12/1999, 07:00SubjectOU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Networkbd:11:9a:da:43:ed:21:fb:46:58:84:89:ca:46:88:90:25:ee:14:60Certificate
IssuerOU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust NetworkNot Before12/05/1997, 07:00Not After31/12/1999, 07:00SubjectOU=VeriSign Time Stamping Service+OU=VeriSign Trust Network+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign\, Inc.,L=Internet16:2d:fd:73:14:51:61:ee:c3:ba:7e:43:cc:d8:3a:d5Certificate
IssuerOU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=InternetNot Before04/08/1997, 00:00Not After04/08/1998, 23:59SubjectCN=Bits Per Second Ltd,OU=VeriSign Commercial Software Publishers CA+OU=www.verisign.com/repository/CPS Incorp. by Ref.\,LIAB.LTD(c)96+OU=Digital ID Class 3 - Microsoft Software Validation v2,O=VeriSign\, Inc.,L=Internet+L=Brighton,ST=Sussex,C=GBKey Usages
KeyUsageDigitalSignature
KeyUsageKeyEncipherment
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
gswdll32
ord2
ord1
kernel32
ExitProcess
TerminateProcess
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
SetHandleCount
GetFileType
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetStdHandle
LCMapStringA
LCMapStringW
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalLock
GlobalFree
GlobalHandle
lstrcatA
lstrcpyA
lstrlenA
_lclose
OpenFile
GetTempFileNameA
GetTempPathA
FreeLibrary
GetProcAddress
LoadLibraryA
MulDiv
_lread
_llseek
_hread
GlobalReAlloc
_lwrite
_hwrite
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetVersion
CreateMutexA
LocalFree
LocalAlloc
GetProfileStringA
LocalHandle
SetLastError
GetLastError
lstrcpynA
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
DuplicateHandle
GetCurrentProcess
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DeleteFileA
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GlobalUnlock
lstrcmpiA
GetModuleFileNameA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
LocalReAlloc
lstrcmpA
GlobalFlags
GetFileSize
GetFileTime
GetProcessVersion
GetCurrentThreadId
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
RaiseException
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapFree
HeapSize
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
GlobalAlloc
GetTimeZoneInformation
user32
GetTopWindow
GetCapture
AdjustWindowRectEx
GetClipboardData
SystemParametersInfoA
DestroyMenu
GetNextDlgTabItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetClassInfoA
CallNextHookEx
SetWindowsHookExA
SetPropA
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetPropA
RemovePropA
CallWindowProcA
GetMessageTime
GetMessagePos
GetDlgItem
GetKeyState
SetWindowPos
ScreenToClient
IsWindowEnabled
GetFocus
GetParent
ClientToScreen
GetDlgCtrlID
GetWindow
GetClassNameA
EnableWindow
WinHelpA
UnregisterClassA
UnhookWindowsHookEx
CharUpperA
GrayStringA
DrawTextA
TabbedTextOutA
GetSysColor
PostThreadMessageA
SetRectEmpty
PeekMessageA
SetDlgItemTextA
CreateDialogParamA
GetWindowRect
SetWindowTextA
GetWindowTextA
LoadIconA
RegisterClassA
RegisterWindowMessageA
EnableMenuItem
GetMessageA
TranslateMessage
DispatchMessageA
InvalidateRect
ScrollWindow
SetScrollPos
GetUpdateRect
ValidateRect
BeginPaint
EndPaint
SetScrollRange
GetClassLongA
GetScrollRange
GetSystemMetrics
GetMenuItemCount
GetMenuItemID
DeleteMenu
GetWindowLongA
DialogBoxParamA
PostQuitMessage
MessageBoxA
GetSystemMenu
AppendMenuA
DefWindowProcA
GetCursorPos
WindowFromPoint
PtInRect
SetCursor
PostMessageA
LoadCursorA
SetRect
CreateWindowExA
SetWindowLongA
GetClientRect
IsWindow
ShowWindow
SetFocus
UpdateWindow
DestroyWindow
MessageBeep
SetClipboardData
EmptyClipboard
OpenClipboard
GetDC
EnumClipboardFormats
SendMessageA
ReleaseDC
CloseClipboard
EndDialog
LoadStringA
MapWindowPoints
GetMenu
GetSubMenu
MoveWindow
OffsetRect
IsDialogMessageA
gdi32
SetTextAlign
ExtTextOutA
RectVisible
PtVisible
GetClipBox
ScaleWindowExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
CreateICA
CreatePolygonRgn
CombineRgn
EndPage
StartPage
EndDoc
SetAbortProc
StartDocA
CreateDCA
GetDIBits
SetPolyFillMode
Escape
CreateRectRgn
SelectClipRgn
SetWindowOrgEx
PtInRegion
SetBkColor
SetROP2
GetTextExtentPointA
GetPaletteEntries
SetTextColor
TextOutA
CreateFontIndirectA
GetTextMetricsA
CreateHatchBrush
CreateCompatibleBitmap
CreateSolidBrush
CreateDIBPatternBrush
SetBkMode
GetStockObject
CreatePen
FloodFill
Polyline
Polygon
Ellipse
Pie
Arc
MoveToEx
LineTo
Rectangle
GetViewportExtEx
GetObjectA
GetDeviceCaps
CreateBitmap
PatBlt
SetBitmapDimensionEx
GetViewportOrgEx
SetMapMode
SetWindowExtEx
SetViewportExtEx
SetViewportOrgEx
LPtoDP
DPtoLP
SaveDC
IntersectClipRect
StretchDIBits
RestoreDC
CreatePalette
DeleteObject
CreateCompatibleDC
GetWindowExtEx
SelectObject
BitBlt
DeleteDC
SetMetaFileBitsEx
GetMetaFileBitsEx
CreateMetaFileA
SelectPalette
RealizePalette
EnumMetaFile
CloseMetaFile
PlayMetaFileRecord
PlayMetaFile
DeleteMetaFile
comdlg32
GetFileTitleA
winspool.drv
OpenPrinterA
DocumentPropertiesA
ClosePrinter
comctl32
ord17
Exports
Exports
DrawingWndProc
PrintAbortProc
PrintDialogProc
ServerWndProc
Sections
.text Size: 371KB - Virtual size: 371KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 29KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 14KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ