b[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b.exe
Size

16.8MB
MD5

8063dcb1e2a7456be5f5a3bc134f89ed
SHA1

82ae2ddee0f0c49212015e547a5b196e787bfc8d
SHA256

a2accdbfcf5b0115ebf0df885a0b54a6cbc163297788d808f2d0001486c2b209
SHA512

b2ed2f1f6250537fd2d91ee03a22b85e60aedb6738bd84079966a2b99d5caffbe6d5a2e94c9198b1a932455256f342d8862211a1dad20bb25ee17272e19ad600
SSDEEP

393216:c/nWGHk/c6Kd3VTAwX6Fol9Q1l+f3N0ITYaTKxXm1cF2By:c/nWGE0hdD6FE9Y+fKITlKxJwy

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 3 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/grdes6.dll	acprotect
static1/unpack001/gregn6.dll	acprotect
static1/unpack001/npgrweb6.dll	acprotect

UPX packed file 4 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/grdes6.dll	upx
static1/unpack001/gregn6.dll	upx
static1/unpack001/grwebapp6.exe	upx
static1/unpack001/npgrweb6.dll	upx

Unsigned PE 32 IoCs

Checks for missing Authenticode signature.

resource
b.exe
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/Lang/grcht6.dll
unpack001/Lang/grdeu6.dll
unpack001/Lang/gren6.dll
unpack001/Lang/gresp6.dll
unpack001/Lang/grfra6.dll
unpack001/Lang/grita6.dll
unpack001/Lang/grjpn6.dll
unpack001/Lang/grkor6.dll
unpack001/Lang/grptg6.dll
unpack001/Lang/grrus6.dll
unpack001/grdes6.dll
unpack002/out.upx
unpack001/grdes6x64.dll
unpack001/grdesigner6.exe
unpack001/grdviewer6.exe
unpack001/gregn6.dll
unpack003/out.upx
unpack001/gregn6x64.dll
unpack001/grmysql6.dll
unpack001/grmysql6x64.dll
unpack001/grwebapp6.exe
unpack004/out.upx
unpack001/npgrcom6.dll
unpack001/npgrweb6.dll
unpack005/out.upx
unpack001/npgrweb6x64.dll
unpack001/uninst.exe
unpack006/$PLUGINSDIR/System.dll

Files

b.exe
.exe windows:5 windows x86 arch:x86

b729b61eb1515fcf7b3e511e4e66258b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 564KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:5 windows x86 arch:x86

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GetModuleHandleW
GlobalLock
GlobalUnlock
GetCurrentDirectoryW
SetCurrentDirectoryW
GetPrivateProfileIntW
GetPrivateProfileStringW
lstrcatW
WritePrivateProfileStringW
lstrcpynW
lstrlenW
lstrcpyW
GlobalFree
GlobalAlloc

user32

OpenClipboard
DestroyIcon
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
SetWindowLongW
GetClientRect
SetWindowRgn
LoadIconW
LoadImageW
CreateWindowExW
MapDialogRect
GetClipboardData
GetWindowRect
CreateDialogParamW
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
SetCursor
DrawTextW
GetWindowLongW
DrawFocusRect
CallWindowProcW
PostMessageW
wsprintfW
CharNextW
MessageBoxW
CloseClipboard
GetDlgCtrlID
MapWindowPoints
SetWindowPos
PtInRect
GetWindowTextW
SetWindowTextW
SendMessageW
DestroyWindow

gdi32

SelectObject
CreateRectRgn
GetObjectW
CombineRgn
DeleteObject
CreateCompatibleDC
GetDIBits
SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHGetDesktopFolder

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:5 windows x86 arch:x86

e981c0ab92cb1f191bb5e23392e14796

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrlenW
GlobalAlloc
lstrcmpW
GetModuleHandleW
MulDiv
lstrcpyW
lstrcpynW

user32

SetWindowTextW
SetDlgItemTextW
EndDialog
SendDlgItemMessageW
DialogBoxParamW
LoadIconW
SendMessageW
ShowWindow
GetDC

gdi32

CreateFontIndirectW
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 729B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 350B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

039bcbc605477e8e87ec550c2e60e748

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
lstrlenW
lstrcmpiW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
Lang/grcht6.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Lang/grdeu6.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Lang/gren6.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Lang/gresp6.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Lang/grfra6.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Lang/grita6.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Lang/grjpn6.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Lang/grkor6.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Lang/grptg6.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Lang/grrus6.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
grdes6.dll
.dll regsvr32 windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxImageTIF@@QAE@ABV0@@Z
??0CxImageTIF@@QAE@XZ
??0CxMemFile@@QAE@ABV0@@Z
??1CxFile@@UAE@XZ
??1CxIOFile@@UAE@XZ
??1CxImage@@UAE@XZ
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxIOFile@@QAEAAV0@ABV0@@Z
??4CxImageTIF@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxImageTIF@@6B@
??_7CxMemFile@@6B@
??_FCxIOFile@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXAAV0@@Z
?Close@CxIOFile@@UAE_NXZ
?Decode@CxImageTIF@@QAE_NPAU_iobuf@@@Z
?Encode@CxImageTIF@@QAE_NPAU_iobuf@@PAPAVCxImage@@H@Z
?Encode@CxImageTIF@@QAE_NPAU_iobuf@@_N@Z
?Eof@CxIOFile@@UAE_NXZ
?Error@CxIOFile@@UAEHXZ
?Flush@CxIOFile@@UAE_NXZ
?GetC@CxIOFile@@UAEHXZ
?GetS@CxIOFile@@UAEPADPADH@Z
?Open@CxIOFile@@QAE_NPB_W0@Z
?PutC@CxFile@@UAE_NE@Z
?PutC@CxIOFile@@UAE_NE@Z
?Read@CxIOFile@@UAEIPAXII@Z
?Scanf@CxIOFile@@UAEHPBDPAX@Z
?Seek@CxIOFile@@UAE_NHH@Z
?Size@CxIOFile@@UAEHXZ
?Tell@CxIOFile@@UAEHXZ
?Write@CxIOFile@@UAEIPBXII@Z
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

UPX0
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 428KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 247KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
grdes6x64.dll
.dll regsvr32 windows:6 windows x64 arch:x64

0ad9bc6bec265dd0ff96bdbe80cbfa38

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
VirtualQuery
VirtualProtect
GetSystemInfo
InterlockedFlushSList
RtlUnwindEx
RtlPcToFileHeader
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
OutputDebugStringW
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
GetACP
ResetEvent
SetEvent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
LCMapStringW
CompareStringW
GetStringTypeW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
GetStdHandle
GetFileType
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
GetConsoleMode
ReadConsoleW
FlushFileBuffers
GetConsoleCP
SetFilePointerEx
SetStdHandle
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
SetEndOfFile
GetSystemTimeAsFileTime
ExitProcess
GetProfileStringW
LocalFree
LocalHandle
LocalAlloc
GlobalFree
EncodePointer
lstrcmpW
lstrcmpiW
LoadLibraryExW
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentProcessId
WriteFile
InitializeCriticalSectionEx
DecodePointer
FindClose
CreateDirectoryW
VerifyVersionInfoW
GetCurrentProcess
VerSetConditionMask
MulDiv
GetLocalTime
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetSystemDefaultLCID
SetThreadLocale
GetThreadLocale
GetLocaleInfoW
WideCharToMultiByte
MultiByteToWideChar
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
FindResourceW
LoadLibraryW
lstrlenW
SizeofResource
LockResource
LoadResource
GetProcAddress
GetModuleHandleExW
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
FindResourceExW
GetTickCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
CreateFileW
SetLastError
GetLastError
CloseHandle
OutputDebugStringA
ReadFile
GetFileSize
WaitForSingleObjectEx

user32

TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
EnableMenuItem
CheckMenuItem
DestroyMenu
CreatePopupMenu
GetSystemMetrics
PostQuitMessage
FillRect
IntersectRect
InflateRect
UnionRect
InvalidateRect
SetWindowRgn
CharNextW
IsChild
EqualRect
IsClipboardFormatAvailable
EmptyClipboard
RegisterClipboardFormatW
GetClipboardData
SetClipboardData
MonitorFromPoint
CreateDialogParamW
OffsetRect
IsRectEmpty
PtInRect
SetRect
GetSysColor
DrawFrameControl
SendMessageW
DefWindowProcW
CallWindowProcW
UnregisterClassW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
CheckDlgButton
DestroyWindow
ShowWindow
SetWindowPos
IsWindowVisible
SetFocus
GetFocus
GetKeyState
GetCapture
RegisterWindowMessageW
GetMessagePos
CreateAcceleratorTableW
DestroyAcceleratorTable
LoadMenuW
DrawStateW
UpdateWindow
GetWindowDC
InvalidateRgn
RedrawWindow
SetCursorPos
ClientToScreen
SetRectEmpty
SetParent
GetClassNameW
LoadBitmapW
SystemParametersInfoW
SetDlgItemInt
GetDlgItemInt
PostMessageW
SetMenuDefaultItem
DrawFocusRect
FrameRect
SetTimer
KillTimer
SetScrollPos
GetScrollPos
SetScrollInfo
GetScrollInfo
AppendMenuW
InsertMenuItemW
IsWindowEnabled
ScrollWindowEx
LoadIconW
IsDlgButtonChecked
GetDialogBaseUnits
AdjustWindowRectEx
IsDialogMessageW
WinHelpW
DrawEdge
GetMenu
IsWindow
RemoveMenu
SetCapture
ReleaseCapture
EnableWindow
GetDC
ReleaseDC
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
GetClientRect
GetWindowRect
SetCursor
GetCursorPos
ScreenToClient
SetWindowLongW
GetWindowLongPtrW
SetWindowLongPtrW
CloseClipboard
OpenClipboard
GetSysColorBrush
GetDlgItem
EndDialog
DialogBoxParamW
MoveWindow
EndPaint
BeginPaint
GetMonitorInfoW
MonitorFromWindow
GetWindow
GetParent
GetWindowLongW
CopyRect
MapWindowPoints
MessageBoxW
DrawTextExW
DrawTextW
MessageBeep
ModifyMenuW
SetDlgItemTextW
GetActiveWindow
LoadCursorW
GetDesktopWindow

gdi32

ArcTo
SetWorldTransform
GetWorldTransform
AngleArc
GetTextMetricsW
SetPixel
SetMapMode
SelectClipRgn
SaveDC
RoundRect
RestoreDC
Rectangle
LineTo
GetWindowExtEx
GetStockObject
Ellipse
DeleteObject
CreateSolidBrush
CreateRectRgn
CreateFontIndirectW
TextOutW
SetTextColor
SelectObject
GetTextFaceW
DeleteDC
GetTextExtentPoint32W
EnumFontsW
BitBlt
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
GetPixel
SetBkColor
StretchBlt
GetObjectW
GetCurrentObject
GetDeviceCaps
CloseEnhMetaFile
BeginPath
DeleteEnhMetaFile
PlayEnhMetaFile
ExtCreatePen
CloseMetaFile
CreateDCW
CreateMetaFileW
CreateRectRgnIndirect
DeleteMetaFile
SetViewportOrgEx
SetWindowOrgEx
GetTextExtentPointW
CreatePatternBrush
PatBlt
SetBkMode
CreatePen
SetROP2
SetViewportExtEx
Polyline
GetClipRgn
CloseFigure
EndPath
FillPath
StrokeAndFillPath
StrokePath
MoveToEx
ExtTextOutW
LPtoDP
PolyBezierTo
CreateEnhMetaFileW
SetArcDirection
SetWindowExtEx

winspool.drv

OpenPrinterW
GetPrinterW
ClosePrinter
DeviceCapabilitiesW
EnumPrintersW

advapi32

RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegQueryInfoKeyW

shell32

ShellExecuteW

ole32

OleRegGetMiscStatus
OleRegGetUserType
CreateOleAdviseHolder
OleSaveToStream
WriteClassStm
ReadClassStm
CreateDataAdviseHolder
CreateStreamOnHGlobal
OleRun
CoTaskMemRealloc
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoGetClassObject
StringFromGUID2
OleInitialize
OleUninitialize
OleLockRunning
OleRegEnumVerbs

oleaut32

SafeArrayUnaccessData
UnRegisterTypeLi
RegisterTypeLi
OleCreatePropertyFrame
LoadRegTypeLi
LoadTypeLi
VarUI4FromStr
VariantChangeType
VarBstrCat
VarDateFromStr
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
VariantCopy
SafeArrayGetVartype
SafeArrayCopy
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayDestroy
SafeArrayCreate
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VarUdateFromDate
VarBstrCmp
SysStringLen
SysFreeString
VarCyMulI4
VariantClear
VariantInit
SysAllocString

shlwapi

PathFindExtensionW
StrCmpIW
StrCmpNIW
StrCpyW
PathFileExistsW
StrCatW
StrCmpW

msimg32

GradientFill

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Exports

Exports

??0CxFile@@QEAA@AEBV0@@Z
??0CxFile@@QEAA@XZ
??0CxIOFile@@QEAA@AEBV0@@Z
??0CxIOFile@@QEAA@PEAU_iobuf@@@Z
??0CxImageTIF@@QEAA@AEBV0@@Z
??0CxImageTIF@@QEAA@XZ
??0CxMemFile@@QEAA@AEBV0@@Z
??1CxFile@@UEAA@XZ
??1CxIOFile@@UEAA@XZ
??1CxImage@@UEAA@XZ
??4CxFile@@QEAAAEAV0@AEBV0@@Z
??4CxIOFile@@QEAAAEAV0@AEBV0@@Z
??4CxImageTIF@@QEAAAEAV0@AEBV0@@Z
??4CxMemFile@@QEAAAEAV0@AEBV0@@Z
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxImageTIF@@6B@
??_7CxMemFile@@6B@
??_FCxIOFile@@QEAAXXZ
??_FCxImage@@QEAAXXZ
??_FCxMemFile@@QEAAXXZ
??_OCxImage@@QEAAXAEAV0@@Z
?Close@CxIOFile@@UEAA_NXZ
?Decode@CxImageTIF@@QEAA_NPEAU_iobuf@@@Z
?Encode@CxImageTIF@@QEAA_NPEAU_iobuf@@PEAPEAVCxImage@@H@Z
?Encode@CxImageTIF@@QEAA_NPEAU_iobuf@@_N@Z
?Eof@CxIOFile@@UEAA_NXZ
?Error@CxIOFile@@UEAAHXZ
?Flush@CxIOFile@@UEAA_NXZ
?GetC@CxIOFile@@UEAAHXZ
?GetS@CxIOFile@@UEAAPEADPEADH@Z
?Open@CxIOFile@@QEAA_NPEB_W0@Z
?PutC@CxFile@@UEAA_NE@Z
?PutC@CxIOFile@@UEAA_NE@Z
?Read@CxIOFile@@UEAA_KPEAX_K1@Z
?Scanf@CxIOFile@@UEAAHPEBDPEAX@Z
?Seek@CxIOFile@@UEAA_NHH@Z
?Size@CxIOFile@@UEAAHXZ
?Tell@CxIOFile@@UEAAHXZ
?Write@CxIOFile@@UEAA_KPEBX_K1@Z
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 699KB - Virtual size: 699KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 247KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
grdesigner6.exe
.exe windows:5 windows x86 arch:x86

8d5fc215396e8ef026ed8fd0a7580909

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
CreateProcessW
GetCommandLineW
SetCurrentDirectoryW
GetCurrentDirectoryW
CopyFileW
SetEndOfFile
WriteConsoleW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
GetConsoleCP
FlushFileBuffers
ReadConsoleW
GetConsoleMode
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileType
GetACP
GetStdHandle
GlobalFree
ExitProcess
RtlUnwind
LocalFree
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
OutputDebugStringW
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
WaitForSingleObjectEx
ResetEvent
SetEvent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetLocaleInfoW
LCMapStringW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
EncodePointer
GetStringTypeW
GlobalHandle
LoadLibraryExW
lstrcmpiW
FindNextFileW
GetFullPathNameW
lstrcmpW
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
InterlockedDecrement
InterlockedIncrement
WriteFile
GetCurrentProcessId
DecodePointer
FindFirstFileW
CreateDirectoryW
FindClose
GetVersionExW
GetCurrentProcess
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetLastError
GetCurrentThreadId
RaiseException
WideCharToMultiByte
MultiByteToWideChar
CreateFileW
FindResourceExW
FindResourceW
GetModuleHandleW
GetModuleFileNameW
LoadLibraryW
lstrlenW
GetTickCount
CloseHandle
ReadFile
SizeofResource
LoadResource
GetProcessHeap
HeapSize
HeapFree
LockResource
HeapReAlloc
HeapAlloc
HeapDestroy
GetProcAddress
FreeLibrary
GetModuleHandleExW

user32

DialogBoxParamW
CheckDlgButton
IsDlgButtonChecked
CharLowerW
IsWindowEnabled
TranslateAcceleratorW
FillRect
DrawFrameControl
SendMessageW
DefWindowProcW
CallWindowProcW
UnregisterClassW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
IsWindow
DestroyWindow
ShowWindow
GetMenu
SetMenu
GetMenuStringW
CreatePopupMenu
DestroyMenu
EnableMenuItem
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
DeleteMenu
TrackPopupMenuEx
GetMenuItemInfoW
SetMenuItemInfoW
SetMenuDefaultItem
UpdateWindow
GetWindowDC
MessageBeep
WindowFromPoint
GetSysColorBrush
FrameRect
SetRectEmpty
InflateRect
OffsetRect
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
CheckMenuRadioItem
LoadBitmapW
LoadStringA
SystemParametersInfoW
PostQuitMessage
CreateDialogIndirectParamW
IsZoomed
IsMenu
GetMessagePos
DrawEdge
LoadStringW
LoadImageW
LoadMenuW
GetSystemMetrics
LoadAcceleratorsW
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
SetWindowPos
IsWindowVisible
SetFocus
GetFocus
GetKeyState
GetCapture
SetCapture
ReleaseCapture
EnableWindow
GetDC
ReleaseDC
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
GetClientRect
GetWindowRect
MapDialogRect
IsDialogMessageW
GetClassNameW
GetSysColor
ClientToScreen
SetWindowContextHelpId
RedrawWindow
InvalidateRgn
InvalidateRect
EndPaint
BeginPaint
DestroyAcceleratorTable
CreateAcceleratorTableW
CharNextW
SendDlgItemMessageW
GetDlgItem
EndDialog
IsChild
PostMessageW
RegisterWindowMessageW
GetWindowThreadProcessId
MoveWindow
GetMonitorInfoW
MonitorFromWindow
GetWindow
GetParent
MapWindowPoints
MessageBoxW
DrawTextW
ModifyMenuW
SetDlgItemTextW
GetActiveWindow
LoadCursorW
GetDesktopWindow
SetWindowLongW
GetWindowLongW
PtInRect
ScreenToClient
GetCursorPos
SetCursor
MonitorFromPoint

gdi32

SetBrushOrgEx
CreateDIBSection
SetBkMode
SetBkColor
PatBlt
GetCurrentObject
CreatePatternBrush
CreateBitmap
GetObjectW
CreateSolidBrush
CreateCompatibleBitmap
BitBlt
GetTextFaceW
GetTextMetricsW
GetStockObject
GetDeviceCaps
DeleteObject
CreateFontIndirectW
EnumFontsW
GetTextExtentPoint32W
DeleteDC
SetTextColor
CreateCompatibleDC
SelectObject

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW

ole32

CoUninitialize
CoInitialize
CreateStreamOnHGlobal
OleLockRunning
OleUninitialize
OleInitialize
StringFromGUID2
CoGetClassObject
OleRun
CoTaskMemRealloc
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc

oleaut32

GetErrorInfo
SysAllocString
VariantInit
VariantClear
SysAllocStringLen
SysFreeString
VarUI4FromStr
OleCreateFontIndirect
DispCallFunc
LoadRegTypeLi
LoadTypeLi
SafeArrayDestroy
SysAllocStringByteLen
SysStringLen

shlwapi

PathFileExistsW
StrCpyNW
wnsprintfW
StrCpyW
StrCmpW
StrCatW
PathFindExtensionW
StrCmpNIW

comctl32

ImageList_GetImageCount
ImageList_Draw
ImageList_Create
InitCommonControlsEx
ImageList_AddMasked
ImageList_DrawIndirect
ImageList_LoadImageW
ord8
CreateStatusWindowW
CreatePropertySheetPageW
DestroyPropertySheetPage
PropertySheetW
ImageList_Destroy

Sections

.text
Size: 581KB - Virtual size: 580KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
grdviewer6.exe
.exe windows:5 windows x86 arch:x86

15e64aadb3fe347ac9fe6ffe21706efd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\rubylong\DragonReport6.0\Source\Win32\Release\grdviewer6.pdb

Imports

kernel32

FindResourceExW
CreateFileW
InterlockedIncrement
InterlockedDecrement
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
GetCurrentThreadId
SetLastError
EnterCriticalSection
LeaveCriticalSection
MulDiv
lstrcmpW
FreeLibrary
GetProcAddress
lstrcmpiW
LoadLibraryExW
GetModuleHandleW
GetVersionExW
lstrlenW
GetCommandLineW
InitializeCriticalSectionAndSpinCount
GetLastError
FindResourceW
WriteConsoleW
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetStdHandle
CreateThread
OutputDebugStringA
SetConsoleCtrlHandler
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
RaiseException
FindNextFileA
GetModuleFileNameW
FindFirstFileExA
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetFileType
GetStringTypeW
GetCurrentThread
GetACP
GetStdHandle
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
InterlockedFlushSList
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
LocalFree
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
EncodePointer
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
GetProcessHeap
HeapSize
CloseHandle
ReadFile
WriteFile
GetFileSize
SizeofResource
LoadResource
GetCurrentProcessId
LockResource
FindFirstFileExW
DeleteCriticalSection
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
WideCharToMultiByte
MultiByteToWideChar
FindFirstFileW
CreateDirectoryW
FindNextFileW
FindClose

user32

InsertMenuW
EnableMenuItem
GetMenu
GetActiveWindow
UnregisterClassW
SendMessageW
MoveWindow
GetWindowTextW
GetWindowRect
ScreenToClient
GetWindowLongW
GetParent
EnumWindows
GetWindowThreadProcessId
SetWindowPos
EndDialog
GetClientRect
DeleteMenu
GetWindow
MonitorFromWindow
DialogBoxParamW
BringWindowToTop
IsWindowVisible
PostMessageW
IsDialogMessageW
SendDlgItemMessageW
MonitorFromPoint
DefFrameProcW
LoadStringW
LoadStringA
LoadImageW
CheckMenuRadioItem
PtInRect
MessageBeep
SetMenuDefaultItem
SetMenuItemInfoW
AdjustWindowRectEx
MapDialogRect
DefMDIChildProcW
TranslateMDISysAccel
MapWindowPoints
GetMonitorInfoW
RegisterWindowMessageW
DefWindowProcW
CallWindowProcW
GetMenuItemInfoW
TrackPopupMenuEx
RemoveMenu
AppendMenuW
GetMenuItemCount
DestroyMenu
CreatePopupMenu
DrawMenuBar
GetMenuStringW
LoadMenuW
GetSystemMetrics
LoadAcceleratorsW
ShowWindow
PostQuitMessage
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
LoadCursorW
GetClassNameW
GetDesktopWindow
SetWindowLongW
FillRect
GetSysColor
ClientToScreen
GetWindowTextLengthW
SetWindowTextW
RedrawWindow
InvalidateRgn
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
GetSubMenu
TranslateAcceleratorW
DestroyAcceleratorTable
CreateAcceleratorTableW
ReleaseCapture
SetCapture
GetFocus
SetFocus
CharNextW
GetDlgItem
CreateDialogIndirectParamW
DestroyWindow
IsChild
IsWindow
CreateWindowExW
GetClassInfoExW
RegisterClassExW
SetWindowContextHelpId

gdi32

BitBlt
CreateCompatibleDC
CreateSolidBrush
DeleteDC
DeleteObject
GetDeviceCaps
GetStockObject
SelectObject
GetObjectW
CreateCompatibleBitmap

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

ole32

OleRun
CoTaskMemRealloc
CoUninitialize
CoInitialize
CreateStreamOnHGlobal
OleUninitialize
OleInitialize
StringFromGUID2
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoGetClassObject
CoTaskMemFree
CoTaskMemAlloc
OleLockRunning

oleaut32

SysFreeString
CreateErrorInfo
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VarDateFromStr
VarBstrCat
SysAllocString
VariantInit
VariantClear
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VarUI4FromStr
DispCallFunc
GetErrorInfo
VariantChangeType
SetErrorInfo
SysAllocStringLen

shlwapi

StrCpyW
StrCmpW
PathFindExtensionW
PathFileExistsW
StrCpyNW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

comctl32

InitCommonControlsEx

Sections

.text
Size: 421KB - Virtual size: 421KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
gregn6.dll
.dll regsvr32 windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxImageTIF@@QAE@ABV0@@Z
??0CxImageTIF@@QAE@XZ
??0CxMemFile@@QAE@ABV0@@Z
??1CxFile@@UAE@XZ
??1CxIOFile@@UAE@XZ
??1CxImage@@UAE@XZ
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxIOFile@@QAEAAV0@ABV0@@Z
??4CxImageTIF@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxImageTIF@@6B@
??_7CxMemFile@@6B@
??_FCxIOFile@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXAAV0@@Z
?Close@CxIOFile@@UAE_NXZ
?Decode@CxImageTIF@@QAE_NPAU_iobuf@@@Z
?Encode@CxImageTIF@@QAE_NPAU_iobuf@@PAPAVCxImage@@H@Z
?Encode@CxImageTIF@@QAE_NPAU_iobuf@@_N@Z
?Eof@CxIOFile@@UAE_NXZ
?Error@CxIOFile@@UAEHXZ
?Flush@CxIOFile@@UAE_NXZ
?GetC@CxIOFile@@UAEHXZ
?GetS@CxIOFile@@UAEPADPADH@Z
?Open@CxIOFile@@QAE_NPB_W0@Z
?PutC@CxFile@@UAE_NE@Z
?PutC@CxIOFile@@UAE_NE@Z
?Read@CxIOFile@@UAEIPAXII@Z
?Scanf@CxIOFile@@UAEHPBDPAX@Z
?Seek@CxIOFile@@UAE_NHH@Z
?Size@CxIOFile@@UAEHXZ
?Tell@CxIOFile@@UAEHXZ
?Write@CxIOFile@@UAEIPBXII@Z
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

UPX0
Size: - Virtual size: 5.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 259KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 331KB - Virtual size: 482KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 448KB - Virtual size: 447KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
gregn6x64.dll
.dll regsvr32 windows:6 windows x64 arch:x64

3e84432ed810bf80ca7e865822dca5c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetACP
WriteConsoleW
GetModuleFileNameA
GetFileType
GetStdHandle
VirtualQuery
VirtualProtect
GetSystemInfo
InterlockedFlushSList
RtlUnwindEx
RtlPcToFileHeader
QueryPerformanceFrequency
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
SetVolumeLabelW
MoveFileW
SetFileTime
SetFileAttributesW
GetShortPathNameW
GetFileTime
GetFileAttributesW
GetDriveTypeW
GetDiskFreeSpaceExW
DeleteFileW
LoadLibraryExA
SetEnvironmentVariableA
InterlockedPushEntrySList
InterlockedPopEntrySList
OutputDebugStringW
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
WaitForSingleObjectEx
ResetEvent
SetEvent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
LCMapStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
FormatMessageW
GetStringTypeW
SetEndOfFile
FlushFileBuffers
SetStdHandle
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFilePointerEx
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetFileAttributesExW
GetSystemTimeAsFileTime
lstrlenA
ExitProcess
EncodePointer
IsDBCSLeadByte
CompareStringW
lstrcmpW
GlobalHandle
GetTempPathW
GetCurrentDirectoryW
VirtualFree
VirtualAlloc
GetProfileStringW
GlobalFree
GlobalSize
GlobalAlloc
LocalFree
LocalHandle
LocalAlloc
GlobalUnlock
GlobalLock
lstrcmpiW
LoadLibraryExW
GetCurrentProcessId
WriteFile
InitializeCriticalSectionEx
DecodePointer
FindFirstFileW
FindClose
CreateDirectoryW
CreateThread
Sleep
VerifyVersionInfoW
GetCurrentProcess
VerSetConditionMask
MulDiv
GetComputerNameW
GetLocalTime
FreeResource
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetSystemDefaultLCID
SetThreadLocale
GetThreadLocale
GetLocaleInfoW
WideCharToMultiByte
MultiByteToWideChar
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
FindResourceW
LoadLibraryW
lstrlenW
SizeofResource
LockResource
LoadResource
GetProcAddress
GetModuleHandleExW
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
FindResourceExW
GetTickCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
CreateFileW
HeapAlloc
HeapDestroy
SetLastError
GetLastError
CloseHandle
OutputDebugStringA
ReadFile
GetFileSize
FlushInstructionCache

user32

FillRect
IntersectRect
InflateRect
OffsetRect
IsRectEmpty
PtInRect
SetRect
GetSysColor
DrawFrameControl
SendMessageW
DefWindowProcW
CallWindowProcW
UnregisterClassW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
RedrawWindow
SetWindowContextHelpId
ClientToScreen
DrawFocusRect
SetRectEmpty
GetClassNameW
IsWindow
DestroyWindow
ShowWindow
SetWindowPos
IsWindowVisible
SetFocus
LoadImageW
MapDialogRect
SystemParametersInfoW
PostQuitMessage
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
IsDialogMessageW
DrawEdge
SetWindowRgn
FrameRect
UnionRect
EqualRect
GetDialogBaseUnits
WinHelpW
LoadMenuW
DestroyMenu
GetSubMenu
RemoveMenu
TrackPopupMenu
SetMenuDefaultItem
SetScrollPos
GetScrollPos
SetParent
GetScrollInfo
MonitorFromPoint
KillTimer
ScrollWindowEx
SetScrollInfo
SetScrollRange
EnableScrollBar
CheckMenuItem
EnableMenuItem
GetWindowDC
SetCursorPos
LoadBitmapW
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
GetSysColorBrush
MessageBoxW
GetActiveWindow
DestroyAcceleratorTable
GetSystemMetrics
UpdateWindow
InvalidateRect
GetMessagePos
InvalidateRgn
InvertRect
GetFocus
GetKeyState
GetCapture
SetCapture
ReleaseCapture
EnableWindow
GetDC
ReleaseDC
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
GetClientRect
GetWindowRect
SetCursor
GetCursorPos
ScreenToClient
SetWindowLongW
GetWindowLongPtrW
SetWindowLongPtrW
GetDesktopWindow
CreateAcceleratorTableW
IsWindowEnabled
GetDlgCtrlID
SendDlgItemMessageW
GetDlgItemInt
SetDlgItemInt
DialogBoxIndirectParamW
CreateDialogIndirectParamW
IsChild
PostMessageW
RegisterWindowMessageW
IsDlgButtonChecked
CheckDlgButton
CharNextW
GetWindowThreadProcessId
EnumWindows
SetTimer
CreateDialogParamW
BringWindowToTop
PeekMessageW
DispatchMessageW
TranslateMessage
LoadIconW
GetDlgItem
EndDialog
DialogBoxParamW
EndPaint
BeginPaint
GetMonitorInfoW
MonitorFromWindow
GetWindow
GetParent
GetWindowLongW
CopyRect
MapWindowPoints
DrawTextExW
DrawTextW
MoveWindow
MessageBeep
ModifyMenuW
SetDlgItemTextW
LoadCursorW

gdi32

StretchBlt
SetBkColor
GetPixel
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
BitBlt
GetTextExtentPoint32W
DeleteDC
CreatePolygonRgn
PtInRegion
GetTextFaceW
SetWindowExtEx
PolyBezierTo
LPtoDP
ExtTextOutW
MoveToEx
StrokePath
StrokeAndFillPath
SetArcDirection
FillPath
EndPath
CloseFigure
BeginPath
ArcTo
SetWorldTransform
GetWorldTransform
AngleArc
GetTextMetricsW
SetPixel
SetMapMode
SelectClipRgn
SaveDC
RoundRect
RestoreDC
Rectangle
LineTo
GetWindowExtEx
GetStockObject
Ellipse
DeleteObject
CreateSolidBrush
CreateRectRgn
CreateFontIndirectW
TextOutW
SetTextColor
GetObjectW
GetViewportOrgEx
CreateDCW
CreateICW
ResetDCW
SetBkMode
StartDocW
EndDoc
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
SetViewportOrgEx
SetWindowOrgEx
GetTextExtentPointW
CreatePen
SetROP2
TranslateCharsetInfo
GetCharABCWidthsW
GetFontData
GetOutlineTextMetricsW
SetGraphicsMode
SetViewportExtEx
StartPage
EndPage
CreatePatternBrush
PatBlt
CreateFontW
GetDIBits
RealizePalette
StretchDIBits
SetStretchBltMode
CreateDIBSection
GetObjectA
CreatePalette
SelectPalette
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
SetEnhMetaFileBits
SetWinMetaFileBits
ExtTextOutA
GetCurrentObject
CloseEnhMetaFile
CreateEnhMetaFileW
DeleteEnhMetaFile
PlayEnhMetaFile
ExtCreatePen
CombineRgn
CreateRectRgnIndirect
GetClipRgn
SelectObject
GetDeviceCaps
GetViewportExtEx

winspool.drv

DeviceCapabilitiesW
GetPrinterW
EnumPrintersW
ClosePrinter
OpenPrinterW

advapi32

RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
GetUserNameW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegQueryInfoKeyW

shell32

SHGetSpecialFolderPathW
SHBrowseForFolderW
SHGetPathFromIDListW
SHFileOperationW
ShellExecuteW

ole32

OleRegEnumVerbs
OleRegGetMiscStatus
OleRegGetUserType
CreateOleAdviseHolder
OleSaveToStream
ReadClassStm
CreateDataAdviseHolder
OleLockRunning
OleUninitialize
OleInitialize
CoGetClassObject
StringFromGUID2
CreateStreamOnHGlobal
OleRun
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
WriteClassStm

oleaut32

VarBstrFromR8
UnRegisterTypeLi
RegisterTypeLi
OleTranslateColor
OleCreatePropertyFrame
VarR8FromDec
DispCallFunc
VarBstrFromDate
VarBstrFromCy
VarBstrFromI4
VarCyFromStr
VarCyFromR8
VarCyFromI4
VarCyFromI2
VarR8FromStr
VarR8FromCy
VarI4FromStr
VarI4FromCy
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetDim
VarCyCmp
VarUI4FromStr
VariantChangeType
VarBstrCat
VarDateFromStr
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
OleLoadPicture
LoadRegTypeLi
LoadTypeLi
VariantCopy
SafeArrayGetVartype
SafeArrayCopy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayDestroy
SafeArrayCreate
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VarUdateFromDate
VarBstrCmp
SysStringLen
SysFreeString
VarCyMulI4
VariantClear
VariantInit
SysAllocString

shlwapi

StrCmpNW
StrCatW
StrCpyNW
PathFileExistsW
StrCmpW
PathFindExtensionW
StrCmpNIW
StrCpyW
StrCmpIW

msimg32

GradientFill

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ws2_32

closesocket
connect
htons
send
setsockopt
shutdown
socket
gethostbyname
WSAStartup
WSACleanup
recv

Exports

Exports

??0CxFile@@QEAA@AEBV0@@Z
??0CxFile@@QEAA@XZ
??0CxIOFile@@QEAA@AEBV0@@Z
??0CxIOFile@@QEAA@PEAU_iobuf@@@Z
??0CxImageTIF@@QEAA@AEBV0@@Z
??0CxImageTIF@@QEAA@XZ
??0CxMemFile@@QEAA@AEBV0@@Z
??1CxFile@@UEAA@XZ
??1CxIOFile@@UEAA@XZ
??1CxImage@@UEAA@XZ
??4CxFile@@QEAAAEAV0@AEBV0@@Z
??4CxIOFile@@QEAAAEAV0@AEBV0@@Z
??4CxImageTIF@@QEAAAEAV0@AEBV0@@Z
??4CxMemFile@@QEAAAEAV0@AEBV0@@Z
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxImageTIF@@6B@
??_7CxMemFile@@6B@
??_FCxIOFile@@QEAAXXZ
??_FCxImage@@QEAAXXZ
??_FCxMemFile@@QEAAXXZ
??_OCxImage@@QEAAXAEAV0@@Z
?Close@CxIOFile@@UEAA_NXZ
?Decode@CxImageTIF@@QEAA_NPEAU_iobuf@@@Z
?Encode@CxImageTIF@@QEAA_NPEAU_iobuf@@PEAPEAVCxImage@@H@Z
?Encode@CxImageTIF@@QEAA_NPEAU_iobuf@@_N@Z
?Eof@CxIOFile@@UEAA_NXZ
?Error@CxIOFile@@UEAAHXZ
?Flush@CxIOFile@@UEAA_NXZ
?GetC@CxIOFile@@UEAAHXZ
?GetS@CxIOFile@@UEAAPEADPEADH@Z
?Open@CxIOFile@@QEAA_NPEB_W0@Z
?PutC@CxFile@@UEAA_NE@Z
?PutC@CxIOFile@@UEAA_NE@Z
?Read@CxIOFile@@UEAA_KPEAX_K1@Z
?Scanf@CxIOFile@@UEAAHPEBDPEAX@Z
?Seek@CxIOFile@@UEAA_NHH@Z
?Size@CxIOFile@@UEAAHXZ
?Tell@CxIOFile@@UEAAHXZ
?Write@CxIOFile@@UEAA_KPEBX_K1@Z
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 7.4MB - Virtual size: 7.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 373KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 560KB - Virtual size: 559KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
grmysql6.dll
.dll windows:5 windows x86 arch:x86

19e3a769c804ec45feb136eae467306d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\rubylong\DragonReport6.0\Source\Win32\Release\grmysql6.pdb

Imports

kernel32

FindClose
MultiByteToWideChar
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
DecodePointer
DeleteCriticalSection
ReadFile
WriteFile
CreateFileW
CloseHandle
GetCurrentProcessId
CreateFileA
SetNamedPipeHandleState
SetEvent
ReleaseMutex
WaitForSingleObject
CreateMutexA
OpenEventA
GetCurrentThreadId
MapViewOfFile
UnmapViewOfFile
OpenFileMappingA
WaitNamedPipeA
GetConsoleCP
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryExA
FormatMessageA
GetFullPathNameA
GetLocaleInfoA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleHandleA
CreateEventA
FindFirstFileA
FindNextFileA
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
Sleep
SetLastError
DisconnectNamedPipe
PeekNamedPipe
GetOverlappedResult
CancelIo
WaitForMultipleObjects
GetStdHandle
FlushFileBuffers
GetFileAttributesExA
SetEndOfFile
SetFilePointerEx
GetCurrentProcess
GetLogicalDrives
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
GetCPInfo
ReadConsoleW
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetModuleFileNameA
LCMapStringW
CompareStringW
GetStringTypeW
GetACP
GetCurrentDirectoryW
SetEnvironmentVariableW
SetEnvironmentVariableA
GetFullPathNameW
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
GetDriveTypeW
GetFileType
SetStdHandle
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileW
FindFirstFileExW
SetConsoleCtrlHandler
GetTimeZoneInformation
GetModuleHandleExW
ExitProcess
InterlockedFlushSList
LoadLibraryExW
RtlUnwind
EncodePointer
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleHandleW
CreateEventW
OutputDebugStringW
IsDebuggerPresent

advapi32

CryptReleaseContext
CryptAcquireContextA
RegOpenKeyExA
RegEnumValueA
RegCloseKey
CryptGenRandom

ole32

CoTaskMemFree
CoTaskMemAlloc

oleaut32

SystemTimeToVariantTime
SafeArrayCreate
SafeArrayUnlock
SafeArrayLock
SafeArrayCopy
SafeArrayGetVartype
VariantInit
VariantClear
SysAllocString
SysFreeString
VarDateFromStr
VariantTimeToSystemTime
SysAllocStringLen
SafeArrayDestroy

secur32

InitializeSecurityContextW
AcquireCredentialsHandleA
FreeCredentialsHandle
CompleteAuthToken
DeleteSecurityContext
FreeContextBuffer

ws2_32

bind
closesocket
getsockname
socket
WSAGetLastError
getaddrinfo
freeaddrinfo
ntohs
getservbyname
__WSAFDIsSet
connect
setsockopt
shutdown
WSASetLastError
ioctlsocket
getpeername
getsockopt
htonl
recv
select
WSACleanup
WSAStartup
getnameinfo
WSAIoctl
send

Exports

Exports

Close
Connect
Disconnect
FetchRow
FieldAsBSTR
FieldAsBlob
FieldAsBoolean
FieldAsDateTime
FieldAsDouble
FieldAsInt64
FieldAsVariant
FieldCount
FieldName
FieldType
IsNull
Open

Sections

.text
Size: 511KB - Virtual size: 510KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 390KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
grmysql6x64.dll
.dll windows:5 windows x64 arch:x64

927ec4a600b4fbd2a68b8246737860dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\rubylong\DragonReport6.0\Source\x64\Release\grmysql6x64.pdb

Imports

kernel32

FindClose
MultiByteToWideChar
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
DeleteCriticalSection
ReadFile
WriteFile
CreateFileW
CloseHandle
GetCurrentProcessId
CreateFileA
SetNamedPipeHandleState
SetEvent
ReleaseMutex
WaitForSingleObject
CreateMutexA
OpenEventA
GetCurrentThreadId
MapViewOfFile
UnmapViewOfFile
OpenFileMappingA
WaitNamedPipeA
GetConsoleCP
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryExA
FormatMessageA
GetFullPathNameA
GetLocaleInfoA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleHandleA
CreateEventA
FindFirstFileA
FindNextFileA
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
Sleep
SetLastError
DisconnectNamedPipe
PeekNamedPipe
GetOverlappedResult
CancelIo
WaitForMultipleObjects
GetStdHandle
FlushFileBuffers
GetFileAttributesExA
SetEndOfFile
SetFilePointerEx
GetCurrentProcess
GetLogicalDrives
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
GetCPInfo
ReadConsoleW
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetModuleFileNameA
LCMapStringW
CompareStringW
GetStringTypeW
GetACP
GetCurrentDirectoryW
SetEnvironmentVariableW
SetEnvironmentVariableA
GetFullPathNameW
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
GetDriveTypeW
GetFileType
SetStdHandle
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileW
FindFirstFileExW
SetConsoleCtrlHandler
GetTimeZoneInformation
GetModuleHandleExW
ExitProcess
InterlockedFlushSList
LoadLibraryExW
RtlUnwindEx
EncodePointer
RtlPcToFileHeader
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
CreateEventW
OutputDebugStringW
IsDebuggerPresent

advapi32

CryptReleaseContext
CryptAcquireContextA
RegOpenKeyExA
RegEnumValueA
RegCloseKey
CryptGenRandom

ole32

CoTaskMemFree
CoTaskMemAlloc

oleaut32

VariantClear
SafeArrayCreate
SafeArrayUnlock
SafeArrayLock
SafeArrayCopy
SafeArrayGetVartype
VariantInit
SysAllocString
SystemTimeToVariantTime
SysFreeString
VarDateFromStr
VariantTimeToSystemTime
SysAllocStringLen
SafeArrayDestroy

secur32

InitializeSecurityContextW
AcquireCredentialsHandleA
FreeCredentialsHandle
CompleteAuthToken
DeleteSecurityContext
FreeContextBuffer

ws2_32

bind
closesocket
getsockname
socket
WSAGetLastError
getaddrinfo
freeaddrinfo
ntohs
getservbyname
__WSAFDIsSet
connect
getnameinfo
WSAStartup
WSACleanup
ioctlsocket
getpeername
getsockopt
htonl
recv
select
send
setsockopt
shutdown
WSASetLastError
WSAIoctl

Exports

Exports

Close
Connect
Disconnect
FetchRow
FieldAsBSTR
FieldAsBlob
FieldAsBoolean
FieldAsDateTime
FieldAsDouble
FieldAsInt64
FieldAsVariant
FieldCount
FieldName
FieldType
IsNull
Open

Sections

.text
Size: 548KB - Virtual size: 548KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 469KB - Virtual size: 925KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
grwebapp6.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 256KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 248KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 336KB - Virtual size: 336KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
npgrcom6.dll
.dll regsvr32 windows:5 windows x86 arch:x86

5a71044072fdd4358dbc888bfc425c9d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetThreadLocale
FlushInstructionCache
GetCurrentProcess
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentThreadId
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetConsoleMode
SetThreadLocale
LeaveCriticalSection
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
OutputDebugStringA
GetModuleFileNameW
SetLastError
LoadLibraryW
lstrcmpiW
GetLastError
DeleteCriticalSection
GetConsoleCP
InitializeCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
GetVersion
GetFileAttributesW
GetProcAddress
GetModuleHandleA
GetModuleHandleW
SetFilePointer
GetFileType
FlushFileBuffers
CloseHandle
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetHandleCount
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetModuleFileNameA
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
RtlUnwind
GetCommandLineA
HeapReAlloc
HeapCreate
HeapDestroy
Sleep
ExitProcess
WriteFile
GetStdHandle
SetStdHandle

user32

InvalidateRect
IsWindow
GetKeyState
GetParent
GetFocus
IsChild
SetFocus
CreateWindowExW
UnregisterClassA
RegisterClassExW
CallWindowProcW
BeginPaint
GetClientRect
EndPaint
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
GetDC
ReleaseDC
LoadCursorW
ShowWindow
GetWindowLongW
SetWindowLongW
UnionRect
PtInRect
DefWindowProcW
DestroyWindow
CharNextW
GetClassInfoExW

gdi32

SetMapMode
SetViewportOrgEx
DeleteDC
CreateDCW
CreateMetaFileW
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
SetTextAlign
TextOutW
GetDeviceCaps
LPtoDP

advapi32

RegQueryInfoKeyW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

ole32

CreateOleAdviseHolder
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

OleCreatePropertyFrame
LoadRegTypeLi
VariantClear
VariantInit
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
npgrweb6.dll
.dll regsvr32 windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer
NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

UPX0
Size: - Virtual size: 6.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 6.8MB - Virtual size: 6.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 609KB - Virtual size: 783KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 917KB - Virtual size: 917KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
npgrweb6x64.dll
.dll regsvr32 windows:5 windows x64 arch:x64

d4c6ee2aa78d998e3543bd9e7bd0a962

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

MoveFileW
DeleteFileW
GetShortPathNameW
SetVolumeLabelW
GetDiskFreeSpaceExW
GetDriveTypeW
GetFileTime
GetFileAttributesW
SetFileAttributesW
SetFileTime
FormatMessageW
SetEndOfFile
SetEnvironmentVariableA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
SetStdHandle
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
IsValidCodePage
MapViewOfFile
GetACP
HeapCreate
HeapSetInformation
FlsAlloc
FlsFree
FlsGetValue
DecodePointer
EncodePointer
GetModuleFileNameA
GetStdHandle
CompareStringA
GetTimeFormatA
GetDateFormatA
GetStringTypeW
GetCPInfo
LCMapStringW
LCMapStringA
GetCommandLineA
FlsSetValue
VirtualQuery
VirtualProtect
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwindEx
RtlLookupFunctionEntry
RtlPcToFileHeader
GetLocaleInfoA
HeapSize
HeapReAlloc
HeapDestroy
InterlockedPopEntrySList
InterlockedPushEntrySList
CreateFileMappingW
UnmapViewOfFile
QueryPerformanceFrequency
DuplicateHandle
lstrcpyA
DeleteFileA
ExitProcess
LoadLibraryExW
FormatMessageA
CreateWaitableTimerW
GetSystemInfo
GetSystemTimeAsFileTime
HeapFree
ResetEvent
HeapAlloc
GetProcessHeap
OpenEventA
SystemTimeToFileTime
WaitForMultipleObjects
InitializeCriticalSectionAndSpinCount
TlsSetValue
SetWaitableTimer
TlsGetValue
TlsFree
TlsAlloc
CreateSemaphoreA
ReleaseSemaphore
WriteFile
GetCurrentProcessId
CreateFileW
GetFileSize
ReadFile
CreateThread
FindFirstFileW
FindClose
GetModuleHandleW
FreeLibrary
GetSystemDefaultLCID
SetThreadLocale
GetLocaleInfoW
IsDBCSLeadByte
FreeResource
Sleep
GetTickCount
GetTempPathW
GetCurrentDirectoryW
lstrcmpiW
CompareStringW
GetVersionExW
GetThreadLocale
VirtualFree
VirtualAlloc
GetProfileStringW
CreateDirectoryW
GlobalFree
GlobalSize
GlobalAlloc
WideCharToMultiByte
GetProcAddress
MulDiv
LocalAlloc
LocalHandle
LocalFree
GlobalLock
GlobalUnlock
GetCurrentProcess
FlushInstructionCache
RaiseException
OutputDebugStringA
GetModuleHandleExW
SetLastError
GetLastError
LoadLibraryW
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
lstrlenA
GetLocalTime
CreateEventA
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetModuleFileNameW
lstrlenW
MultiByteToWideChar
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
WaitForSingleObject
SetEvent
CloseHandle
GetOEMCP

user32

IsWindowVisible
IsWindow
EndPaint
BeginPaint
DestroyWindow
CallWindowProcW
SetWindowLongPtrW
DefWindowProcW
GetWindowLongPtrW
SetWindowRgn
UnionRect
GetSubMenu
SetTimer
KillTimer
ScrollWindowEx
SetScrollInfo
IsRectEmpty
IntersectRect
SetScrollRange
EnableScrollBar
SetRect
BringWindowToTop
TranslateMessage
DispatchMessageW
PeekMessageW
InvalidateRect
UnregisterClassA
CheckMenuItem
EnableMenuItem
SetCursorPos
GetWindowDC
LoadBitmapW
InvalidateRgn
OpenClipboard
InvertRect
GetSysColorBrush
SetClipboardData
CloseClipboard
EmptyClipboard
ModifyMenuW
DrawTextExW
EqualRect
GetClipboardData
IsClipboardFormatAvailable
RegisterClipboardFormatW
GetMenuItemCount
GetMenuItemID
CreatePopupMenu
GetMenu
AdjustWindowRectEx
DrawStateW
RedrawWindow
AppendMenuW
InsertMenuItemW
IsChild
RegisterWindowMessageW
SendMessageW
PtInRect
CopyRect
LoadCursorW
DialogBoxParamW
EndDialog
GetWindowLongW
SetWindowTextW
GetWindowTextW
CheckDlgButton
IsDlgButtonChecked
GetParent
GetDlgItem
SetWindowPos
MapWindowPoints
GetClientRect
GetMonitorInfoW
MonitorFromWindow
GetWindowRect
GetWindow
LoadIconW
GetKeyState
GetActiveWindow
TrackPopupMenu
MonitorFromPoint
DestroyMenu
LoadMenuW
SetMenuDefaultItem
RemoveMenu
DrawFrameControl
FrameRect
DrawEdge
GetScrollInfo
SetParent
SetScrollPos
GetScrollPos
ClientToScreen
MoveWindow
InflateRect
GetMessagePos
MessageBeep
SetWindowsHookExW
UnhookWindowsHookEx
IsDialogMessageW
CallNextHookEx
GetDesktopWindow
GetSystemMetrics
LoadImageW
GetClassNameW
SetDlgItemInt
GetDlgItemInt
OffsetRect
GetCapture
ReleaseCapture
GetSysColor
GetFocus
GetCursorPos
DrawFocusRect
DrawTextW
SystemParametersInfoW
SetWindowLongW
GetDlgCtrlID
SetFocus
SetCapture
IsWindowEnabled
UpdateWindow
ScreenToClient
SetRectEmpty
CreateWindowExW
GetClassInfoExW
RegisterClassExW
SetCursor
ShowWindow
PostMessageW
CreateDialogParamW
MessageBoxW
EnableWindow
GetDC
CharNextW
ReleaseDC
SetDlgItemTextW
GetWindowTextLengthW
FillRect

gdi32

GetTextFaceW
TranslateCharsetInfo
CreateBitmap
CreatePatternBrush
PatBlt
EndPage
StartPage
SaveDC
Rectangle
DeleteEnhMetaFile
CloseEnhMetaFile
CreateEnhMetaFileW
SetGraphicsMode
SetWorldTransform
SetMapMode
SetWindowExtEx
SetViewportExtEx
SetViewportOrgEx
PlayEnhMetaFile
SetBkColor
CreatePen
LineTo
MoveToEx
SetROP2
GetTextExtentPoint32W
EndDoc
ResetDCW
StartDocW
GetStockObject
SetTextColor
SetBkMode
GetObjectW
CreateFontIndirectW
GetDeviceCaps
CreateICW
CreateDCW
GetClipRgn
CreateCompatibleBitmap
DeleteDC
DeleteObject
CreateSolidBrush
CombineRgn
CreateRectRgnIndirect
CreateRectRgn
SelectObject
CreateCompatibleDC
LPtoDP
GetWindowExtEx
GetViewportExtEx
GetViewportOrgEx
GetPixel
GetTextMetricsW
CloseFigure
EndPath
FillPath
StrokeAndFillPath
StrokePath
ArcTo
GetWorldTransform
CreatePolygonRgn
PtInRegion
EnumFontsW
BitBlt
StretchBlt
ExtCreatePen
GetCurrentObject
Polyline
SetWindowOrgEx
SetTextAlign
GetObjectA
CreateDIBSection
GetDIBits
RealizePalette
StretchDIBits
SetStretchBltMode
SetWinMetaFileBits
GetEnhMetaFileHeader
SetEnhMetaFileBits
SelectPalette
CreatePalette
GetEnhMetaFilePaletteEntries
ExtTextOutA
GetCharABCWidthsW
GetOutlineTextMetricsW
GetFontData
AngleArc
SetArcDirection
PolyBezierTo
Ellipse
RoundRect
CreateFontW
SetPixel
TextOutW
ExtTextOutW
SelectClipRgn
RestoreDC
BeginPath

winspool.drv

GetPrinterW
EnumPrintersW
DeviceCapabilitiesW
ClosePrinter
OpenPrinterW

advapi32

RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW

shell32

ShellExecuteW
SHGetSpecialFolderPathW
SHBrowseForFolderW
SHFileOperationW
SHGetPathFromIDListW

ole32

CoTaskMemRealloc
OleRegGetMiscStatus
OleRegEnumVerbs
OleRegGetUserType
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
CLSIDFromProgID
OleRun
CLSIDFromString
CreateStreamOnHGlobal
CreateOleAdviseHolder

oleaut32

RegisterTypeLi
UnRegisterTypeLi
SafeArrayRedim
SysFreeString
SysAllocStringByteLen
VariantCopyInd
VarR8FromStr
SysStringByteLen
VariantInit
VariantClear
VariantChangeType
VarBstrCmp
SysStringLen
LoadRegTypeLi
LoadTypeLi
VarBstrCat
SysAllocStringLen
VariantCopy
VarUI4FromStr
OleCreatePropertyFrame
VarDateFromStr
OleLoadPicture
SafeArrayAccessData
SafeArrayUnaccessData
VarCyMulI4
OleTranslateColor
VarR8FromDec
VarI4FromCy
VarBstrFromR8
VarBstrFromI4
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
SysAllocString
VarI4FromStr
SafeArrayDestroy
SafeArrayCreate
VarCyFromI4
VarCyFromR8
VarCyFromI2
VarR8FromCy
SafeArrayUnlock
SafeArrayLock
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayCopy
SafeArrayGetVartype
OleCreateFontIndirect
VarCyCmp
VarUdateFromDate
VariantTimeToSystemTime
SystemTimeToVariantTime

shlwapi

StrCatW
PathFileExistsW
StrCmpIW
StrCmpW
StrCmpNA
PathFindExtensionW
StrCmpNIW
StrCpyW
StrCmpNW
StrCpyNW

msimg32

GradientFill

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

ws2_32

WSAStartup
WSACleanup

urlmon

IsValidURL
CreateURLMonikerEx
CreateAsyncBindCtx

wininet

InternetQueryOptionW

psapi

EnumProcessModules

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer
NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 9.7MB - Virtual size: 9.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 676KB - Virtual size: 913KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 766KB - Virtual size: 766KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninst.exe
.exe windows:5 windows x86 arch:x86

b729b61eb1515fcf7b3e511e4e66258b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 564KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

039bcbc605477e8e87ec550c2e60e748

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
lstrlenW
lstrcmpiW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b729b61eb1515fcf7b3e511e4e66258b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 409KB

.ndata Size: - Virtual size: 564KB

.rsrc Size: 18KB - Virtual size: 17KB

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 17KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

e981c0ab92cb1f191bb5e23392e14796

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 729B

.data Size: - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 352B

.reloc Size: 512B - Virtual size: 350B

039bcbc605477e8e87ec550c2e60e748

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 963B

.data Size: 512B - Virtual size: 64B

.reloc Size: 1024B - Virtual size: 588B

Headers

DLL Characteristics

File Characteristics

Sections

.rsrc Size: 52KB - Virtual size: 51KB

Headers

DLL Characteristics

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 409KB

.ndata
Size: - Virtual size: 564KB

.rsrc
Size: 18KB - Virtual size: 17KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 17KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 729B

.data
Size: - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 350B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 963B

.data
Size: 512B - Virtual size: 64B

.reloc
Size: 1024B - Virtual size: 588B

.rsrc
Size: 52KB - Virtual size: 51KB

.rsrc
Size: 80KB - Virtual size: 80KB

.rsrc
Size: 80KB - Virtual size: 80KB

.rsrc
Size: 80KB - Virtual size: 80KB

.rsrc
Size: 80KB - Virtual size: 80KB

.rsrc
Size: 80KB - Virtual size: 80KB

.rsrc
Size: 80KB - Virtual size: 79KB

.rsrc
Size: 80KB - Virtual size: 79KB

.rsrc
Size: 80KB - Virtual size: 80KB

.rsrc
Size: 80KB - Virtual size: 80KB

UPX0
Size: - Virtual size: 1.3MB

UPX1
Size: 1.0MB - Virtual size: 1.0MB

.rsrc
Size: 45KB - Virtual size: 48KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 428KB - Virtual size: 428KB