9ffc6b1e24677631cf254d79266c6ff2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9ffc6b1e24677631cf254d79266c6ff2_JaffaCakes118
Size

6.0MB
MD5

9ffc6b1e24677631cf254d79266c6ff2
SHA1

57c8834e39c833e57e2c7d2f78dd76dd9a4d3e9d
SHA256

45f29e8a5e539d3e69f16099c40ac2e209be375b8358d6e888c974f3364124b4
SHA512

c9cd211e3f87b3f943aa04db6b8c75cbc1663561d9ebe180f1e4e6807fbdb8f01a62beeb74340a50e57b8e09cd659b56cbf48221c5288e04245019be6a2d9382
SSDEEP

98304:MLgdJJsMpvvFVQfXpVMsS4zdpmUlQ6sQEWlE+yr8ELyCv+IKsODCi:Mk2MpvvFgX8bL7W3y8Eri

Score

3^/10

Malware Config

Signatures

Unsigned PE 21 IoCs

Checks for missing Authenticode signature.

resource
9ffc6b1e24677631cf254d79266c6ff2_JaffaCakes118
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/98DDKDll.dll
unpack001/Driver/98_Mass/UMSS.sys
unpack001/Driver/InstallDriver.exe
unpack001/Driver/Installer.dll
unpack001/Driver/installdrv64.exe
unpack001/LNHandler.dll
unpack001/Lang404.dll
unpack001/Lang804.dll
unpack001/NTDDKDll.dll
unpack001/OL2KHandler.dll
unpack001/PhoneSuite.exe
unpack001/WABHandler.dll
unpack001/iconv.dll
unpack001/lcppn22.dll
unpack001/libexpat.dll
unpack001/libxml2.dll
unpack001/uninst.exe
unpack001/zlib1.dll

Files

9ffc6b1e24677631cf254d79266c6ff2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bf95d1fc1d10de18b32654b123ad5e1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
lstrcpynA
CloseHandle
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
CreateFileW
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrlenW

user32

ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 564KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:5 windows x86 arch:x86

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GetModuleHandleW
GlobalLock
GlobalUnlock
GetCurrentDirectoryW
SetCurrentDirectoryW
GetPrivateProfileIntW
GetPrivateProfileStringW
lstrcatW
WritePrivateProfileStringW
lstrcpynW
lstrlenW
lstrcpyW
GlobalFree
GlobalAlloc

user32

OpenClipboard
DestroyIcon
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
SetWindowLongW
GetClientRect
SetWindowRgn
LoadIconW
LoadImageW
CreateWindowExW
MapDialogRect
GetClipboardData
GetWindowRect
CreateDialogParamW
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
SetCursor
DrawTextW
GetWindowLongW
DrawFocusRect
CallWindowProcW
PostMessageW
wsprintfW
CharNextW
MessageBoxW
CloseClipboard
GetDlgCtrlID
MapWindowPoints
SetWindowPos
PtInRect
GetWindowTextW
SetWindowTextW
SendMessageW
DestroyWindow

gdi32

SelectObject
CreateRectRgn
GetObjectW
CombineRgn
DeleteObject
CreateCompatibleDC
GetDIBits
SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHGetDesktopFolder

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:5 windows x86 arch:x86

e981c0ab92cb1f191bb5e23392e14796

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrlenW
GlobalAlloc
lstrcmpW
GetModuleHandleW
MulDiv
lstrcpyW
lstrcpynW

user32

SetWindowTextW
SetDlgItemTextW
EndDialog
SendDlgItemMessageW
DialogBoxParamW
LoadIconW
SendMessageW
ShowWindow
GetDC

gdi32

CreateFontIndirectW
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 729B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 350B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
98DDKDll.dll
.dll windows:4 windows x86 arch:x86

6ab72ceb43711bcd8bede6b1acd0d245

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
RtlUnwind
RaiseException
HeapAlloc
HeapFree
HeapSize
HeapReAlloc
FlushFileBuffers
TerminateProcess
GetACP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetFilePointer
WriteFile
GetCurrentProcess
GetOEMCP
GetCPInfo
GlobalFlags
lstrcmpA
GetProcessVersion
LoadLibraryA
FreeLibrary
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
GetLastError
SetLastError
GetVersion
lstrcpynA
GetModuleFileNameA
lstrcpyA
lstrcatA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalAlloc
GlobalReAlloc
GlobalLock
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetCurrentThreadId
CloseHandle
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
SearchPathA
GetWindowsDirectoryA
ExitProcess
CopyFileA

advapi32

RegCloseKey
RegSetValueExA

cfgmgr32

CM_Create_DevNodeA
CM_Locate_DevNodeA
CM_Open_DevNode_Key
CM_Set_DevNode_Registry_PropertyA

comctl32

ord17

user32

EnableWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
IsWindowEnabled
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
GetTopWindow
MessageBoxA
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowRect
GetSystemMetrics
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
LoadStringA
UnregisterClassA
UnhookWindowsHookEx
DispatchMessageA
SendMessageA
GetKeyState
SetWindowsHookExA
PeekMessageA
CallNextHookEx
GetWindowPlacement

gdi32

SaveDC
RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
OffsetViewportOrgEx
DeleteDC
SetTextColor
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
DeleteObject
GetDeviceCaps
GetObjectA
CreateBitmap
GetClipBox
SetBkColor

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

Exports

Exports

DDK98_InstallModem

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DialUpSetting.ini
Driver/2K_XP_COM/usb2ser_2kXP.inf
Driver/2K_XP_COM/usb2ser_2kxp.cat
Driver/2K_XP_COM/usb2ser_XP64.inf
Driver/98ME_COM/GPRS_USB_Modem.inf
Driver/98ME_COM/USBCDC.INF
Driver/98_Mass/MTKUMSS.INF
Driver/98_Mass/UMSS.sys
.dll windows:4 windows x86 arch:x86

b9dbc9579fe06c914154a65471b4d8e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntoskrnl.exe

KeSetEvent
InterlockedDecrement
ExAllocatePoolWithTag
IoBuildDeviceIoControlRequest
ExFreePool
RtlQueryRegistryValues
IoOpenDeviceRegistryKey
IoDeleteDevice
ZwClose
InterlockedIncrement
KeWaitForSingleObject
RtlInitUnicodeString
PoRequestPowerIrp
PoCallDriver
PoStartNextPowerIrp
IoFreeIrp
IoAllocateIrp
ExQueueWorkItem
IoCreateDevice
KeInitializeEvent
KeInitializeSpinLock
IofCallDriver
ObfReferenceObject
IoDetachDevice
IofCompleteRequest
IoAttachDeviceToDeviceStack

hal

KeStallExecutionProcessor
KfAcquireSpinLock
KfReleaseSpinLock

usbd.sys

USBD_GetUSBDIVersion
_USBD_CreateConfigurationRequestEx@8
_USBD_ParseConfigurationDescriptorEx@28

Exports

Exports

UMSS_GetMaxLun
UMSS_GetNextPDO
UMSS_RegisterCompletionHandler
UMSS_StartRequest

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 192B - Virtual size: 169B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 960B - Virtual size: 960B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 960B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 384B - Virtual size: 374B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver/98_Mass/UMSSPDR.pdr
Driver/InstallDriver.exe
.exe windows:4 windows x86 arch:x86

0fffb7b96a363fbcc430e955c992d9bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupCopyOEMInfA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiCallClassInstaller
SetupDiSetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList

kernel32

GetFileTime
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetFileSize
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileAttributesA
GetTickCount
FileTimeToLocalFileTime
GetProfileStringA
SearchPathA
GetVersionExA
SetLastError
LocalFree
FormatMessageA
GetLastError
lstrlenA
LocalAlloc
CopyFileA
GetWindowsDirectoryA
GetProcAddress
LoadLibraryA
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
GlobalLock
GetModuleFileNameA
CloseHandle
LoadResource
FindResourceA
LockResource
GlobalFree
GlobalUnlock
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleA
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
SetErrorMode
GetOEMCP
GetCPInfo
GetThreadLocale
SizeofResource
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
MulDiv
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA

user32

SetRect
GetNextDlgGroupItem
MessageBeep
InvalidateRect
CharUpperA
InflateRect
RegisterClipboardFormatA
PostThreadMessageA
PtInRect
GetClassNameA
GetDesktopWindow
LoadCursorA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
DestroyMenu
LoadStringA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
AdjustWindowRectEx
ScreenToClient
CopyAcceleratorTableA
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
LoadIconA
PostMessageA
SendMessageA
SetFocus
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
CharNextA
GetSysColorBrush
SetActiveWindow
IsWindow
DrawFocusRect
DefDlgProcA
IsWindowUnicode
AppendMenuA
GetSystemMenu
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
ExitWindowsEx
EnableWindow
PostQuitMessage
SetCursor
MessageBoxA
GetWindowLongA
IsWindowEnabled
GetLastActivePopup
GetParent
SetWindowsHookExA
GetCursorPos
PeekMessageA
IsWindowVisible
ValidateRect
CallNextHookEx
GetKeyState
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
GetNextDlgTabItem
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
CoRegisterMessageFilter
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleUninitialize

olepro32

ord253

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysStringLen

Sections

.text
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Driver/Installer.dll
.dll windows:4 windows x86 arch:x86

08d3eeea38f87161edb725a4c3e18c2e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
SetStdHandle
RtlUnwind
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers

newdev

UpdateDriverForPlugAndPlayDevicesA

setupapi

SetupCopyOEMInfA

Exports

Exports

WRAP_UpdateDriverForPlugAndPlayDevices

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver/ReadMe.txt
Driver/Vista/usb2ser_Vista.inf
Driver/Vista/usb2ser_Vista64.inf
Driver/installdrv64.exe
.exe windows:5 windows x64 arch:x64

75a8eb7796a56bfb0dac67a5e1e64b98

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\winddk\3790~1.183\src\setup\installdrv64\objfre_wnet_AMD64\amd64\installdrv64.pdb

Imports

kernel32

GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
ExitProcess
GetProcAddress
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
RtlUnwindEx
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapSetInformation
HeapCreate
LoadLibraryA
Sleep
GetACP
GetOEMCP
GetCPInfo
SetFilePointer
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
SetStdHandle
GetLocaleInfoA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
CloseHandle
RtlLookupFunctionEntry
RtlVirtualUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
RtlCaptureContext

newdev

UpdateDriverForPlugAndPlayDevicesA

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
EMSSound/EMS0.mid
EMSSound/EMS1.mid
EMSSound/EMS2.mid
EMSSound/EMS3.mid
EMSSound/EMS4.mid
EMSSound/EMS5.mid
EMSSound/EMS6.mid
EMSSound/EMS7.mid
EMSSound/EMS8.mid
EMSSound/EMS9.mid
LNHandler.dll
.dll windows:4 windows x86 arch:x86

44648a31b319f03409ccf7a9740cf0d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

lcppn22

?GetSecond@LNDatetime@@QBEKXZ
?SetTime@LNDatetime@@QAEKKKKK@Z
?SetDate@LNDatetime@@QAEKKKK@Z
??1LNTextElement@@UAE@XZ
??0LNString@@QAE@ABV0@@Z
??BLNTextElement@@QBE?AVLNString@@XZ
??ALNText@@QBE?AVLNTextElement@@K@Z
??4LNText@@QAEAAV0@ABVLNItem@@@Z
?GetType@LNItem@@QBEKXZ
?GetItem@LNNote@@QBEKABVLNString@@PAVLNItem@@@Z
??1LNDatetimesElement@@UAE@XZ
??4LNDatetime@@QAEAAV0@ABV0@@Z
??BLNDatetimesElement@@QBE?AVLNDatetime@@XZ
??ALNDatetimes@@QBE?AVLNDatetimesElement@@K@Z
?GetCount@LNDatetimes@@QBEKXZ
??4LNDatetimes@@QAEAAV0@ABVLNItem@@@Z
??1LNRichText@@QAE@XZ
?GetDetailedDescription@LNCalendarEntry@@QBEKPAVLNRichText@@@Z
?GetText@LNDatetimeRange@@ABEKPAVLNString@@PAVLNDatetimeFormat@@PAVLNInternational@@@Z
?GetLastModified@LNNote@@QBE?AVLNDatetime@@XZ
?GetBriefDescription@LNCalendarEntry@@QBE?AVLNString@@XZ
??4LNDatetimeRange@@QAEAAV0@ABV0@@Z
?GetDatetimeRange@LNCalendarEntry@@QBE?AVLNDatetimeRange@@XZ
?GetIsAlarmEnabled@LNCalendarEntry@@QBEHXZ
??0LNRichText@@QAE@XZ
??0LNDatetime@@QAE@ABUtagTIMEDATE@@@Z
?GetDocument@LNDatabase@@QAEKKPAVLNDocument@@@Z
?CreateEntry@LNCalendar@@QAEKABVLNDatetimeRange@@ABVLNString@@W4LNCALENTRYTYPE@@PAVLNCalendarEntry@@@Z
?GetNoteID@LNNote@@QBEKXZ
?CreateDocument@LNDatabase@@QAEKPAVLNDocument@@ABVLNString@@@Z
?Term@LNNotesSession@@QAEKH@Z
?LNSetThrowAllErrorsGlobal@@YAXH@Z
?Initialize@LNNotesSession@@AAEKKHQAPADHPBD@Z
??ALNCalendarEntryArray@@QBE?AVLNCalendarEntry@@K@Z
?CreateNoteBody@LNNote@@MAEKKKH@Z
?ValidateNoteType@LNDocument@@MBEXK@Z
?ValidateNoteType@LNDocument@@MBEXPBVLNNoteBody@@@Z
?ValidateNoteType@LNDocument@@MBEXABVLNNote@@@Z
??0LNNoteArray@@QAE@XZ
?GetCalendar@LNNotesSession@@QAEKPAVLNCalendar@@ABVLNString@@11@Z
??0LNDatetime@@QAE@ABVLNString@@PAK@Z
?GetEntries@LNCalendar@@QAEKABVLNDatetimeRange@@PAVLNCalendarEntryArray@@HABVLNString@@@Z
?GetCount@LNNoteArray@@QBEKXZ
?GetDatabase@LNNotesSession@@QAEKABVLNString@@PAVLNDatabase@@0@Z
?Open@LNDatabase@@QAEKXZ
?GetDocuments@LNDatabase@@QAEKPAVLNDocumentArray@@@Z
?GetMinute@LNDatetime@@QBEKXZ
??4LNString@@QAEAAV0@ABV0@@Z
??0LNDocument@@QAE@XZ
??ALNDocumentArray@@QBE?AVLNDocument@@K@Z
??4LNDocument@@QAEAAV0@ABV0@@Z
??1LNDocument@@QAE@XZ
?Open@LNDocument@@UAEKK@Z
?GetFormNote@LNDocument@@ABEKPAVLNString@@@Z
?GetPlatformTextPtr@LNString@@QBEPBDXZ
?Close@LNNote@@UAEKXZ
?Close@LNDatabase@@QAEKXZ
??1LNNoteArray@@UAE@XZ
?LNGetErrorMessageText@@YAKKPADKH@Z
?Add@LNNoteArray@@UAEKPAX@Z
?Add@LNNoteArray@@UAEKABVLNVFNavigator@@@Z
?Add@LNNoteArray@@UAEKABVLNViewFolder@@@Z
?Add@LNNoteArray@@UAEKABV1@@Z
?Add@LNNoteArray@@UAEKK@Z
?Add@LNNoteArray@@UAEKABVLNNote@@@Z
?Copy@LNNoteArray@@UBEKPAV1@@Z
?Contains@LNNoteArray@@UBEHK@Z
?Contains@LNNoteArray@@UBEHABVLNNote@@@Z
?Remove@LNNoteArray@@UAEKPAX@Z
?Remove@LNNoteArray@@UAEKABVLNVFNavigator@@@Z
?Remove@LNNoteArray@@UAEKABVLNViewFolder@@@Z
?Remove@LNNoteArray@@UAEKABV1@@Z
?Remove@LNNoteArray@@UAEKK@Z
?Remove@LNNoteArray@@UAEKABVLNNote@@@Z
?RemoveAll@LNNoteArray@@UAEKXZ
?Save@LNNote@@QAEKG@Z
?LNDelete@@YAXPAX@Z
??0LNDatetime@@QAE@XZ
??0LNDatetimeRange@@QAE@XZ
?SetBegin@LNDatetimeRange@@QAEKABVLNDatetime@@@Z
?SetEnd@LNDatetimeRange@@QAEKABVLNDatetime@@@Z
?SetDatetimeRange@LNCalendarEntry@@QAEKABVLNDatetimeRange@@@Z
??0LNDatetime@@QAE@ABV0@@Z
?SetAlarmDatetime@LNCalendarEntry@@QAEKVLNDatetime@@@Z
?SetIsAlarmEnabled@LNCalendarEntry@@QAEXH@Z
?SetBriefDescription@LNCalendarEntry@@QAEKABVLNString@@@Z
?ComputeWithForm@LNDocument@@QBEKH@Z
?Save@LNCalendarEntry@@QAEKGH@Z
??1LNNotesClass@@UAE@XZ
?IsOnHeap@LNNotesClass@@UBEHXZ
?LNGetClassName@@YAPBDW4LNCLASSID@@H@Z
?Setup@LNString@@AAEXPBD@Z
?SetValue@LNText@@QAEKABVLNString@@H@Z
?GetDay@LNDatetime@@QBEKXZ
?GetHour@LNDatetime@@QBEKXZ
?GetMonth@LNDatetime@@QBEKXZ
?GetYear@LNDatetime@@QBEKXZ
?GetTitle@LNDatabase@@QAE?AVLNString@@XZ
?DeleteNote@LNDatabase@@QAEKK@Z
?CreateItem@LNNote@@QBEKABVLNString@@ABVLNItem@@GW4LNITEMOPTION@@PAV3@@Z
??1LNItem@@QAE@XZ
?DeleteAll@LNText@@QAEKXZ
?Assign@LNString@@AAEAAV1@PBD@Z
?GetCount@LNText@@QBEKXZ
?Insert@LNText@@QAEKKABVLNString@@@Z
?DeleteBody@LNSmartPtr@@UAEHXZ
?IsNull@LNString@@UBEHXZ
??1LNString@@QAE@XZ
??1LNItemArray@@QAE@XZ
??0LNItemArray@@QAE@XZ
??0LNString@@QAE@XZ
??1LNNotesSession@@UAE@XZ
??0LNNotesSession@@QAE@XZ

shlwapi

StrToIntA

kernel32

IsBadWritePtr
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
Sleep
GetStringTypeW
GetStringTypeA
InterlockedExchange
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
FindClose
FindFirstFileA
OutputDebugStringA
InterlockedIncrement
InterlockedDecrement
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrcmpA
LocalFree
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
GlobalDeleteAtom
GlobalAlloc
GlobalLock
GetModuleFileNameA
CloseHandle
SetLastError
GetLastError
lstrcpynA
DuplicateHandle
GetCurrentProcess
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetProcAddress
LoadLibraryA
lstrcpyA
GetVolumeInformationA
GetFullPathNameA
LocalAlloc
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalFree
GlobalUnlock
GlobalHandle
TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
lstrcatA
GetVersion
GlobalFlags
WritePrivateProfileStringA
GetModuleHandleA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeLibrary
GetProcessVersion
GetFileAttributesA
GetFileSize
GetFileTime
GetCPInfo
GetOEMCP
RtlUnwind
GetCommandLineA
HeapAlloc
HeapFree
GetTimeZoneInformation
GetACP
RaiseException
ExitProcess
TerminateProcess
HeapSize
HeapReAlloc

user32

DestroyMenu
GetSysColorBrush
LoadCursorA
LoadIconA
MapWindowPoints
GetSysColor
AdjustWindowRectEx
GetClientRect
CopyRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
MessageBoxA
wsprintfA
PostQuitMessage
PostMessageA
SendMessageA
SetCursor
EnableWindow
GetWindowLongA
IsWindowEnabled
GetLastActivePopup
GetParent
SetWindowsHookExA
GetCursorPos
PeekMessageA
IsWindowVisible
ValidateRect
CallNextHookEx
GetKeyState
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
GetNextDlgTabItem
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
CharUpperA
GetSystemMetrics
UnhookWindowsHookEx
UnregisterClassA
LoadStringA
GetClassNameA
PtInRect
GetWindowRect
GetDlgCtrlID
GetWindow
ClientToScreen
SetWindowTextA
GetWindowTextA
GetMenuItemCount
GetDC
ReleaseDC
TabbedTextOutA
DrawTextA
GrayStringA
GetDlgItem
SetWindowLongA
SetWindowPos
ShowWindow
SetFocus
GetWindowPlacement
IsIconic
SystemParametersInfoA
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetMenuItemID
GetSubMenu

gdi32

GetObjectA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetDeviceCaps
CreateBitmap
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA

comctl32

ord17

Exports

Exports

PIMHandler_Deinit
PIMHandler_DeinitAsFakePhone
PIMHandler_DumpSyncObjectStore
PIMHandler_DumpSyncObjectStoreAsFakePhone
PIMHandler_Init
PIMHandler_InitAsFakePhone
PIMHandler_Prepare
PIMHandler_PurgeAll
PIMHandler_QueryObjectCount
PIMHandler_RetrievePIM
PIMHandler_SyncCalAsFakePhone
PIMHandler_SyncCardAsFakePhone
PIMHandler_SyncVCal
PIMHandler_SyncVCard
PIMHandler_UpdatePIM
PIMHandler_UpdateVCalLUID
PIMHandler_UpdateVCardLUID

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Lang404.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Lang804.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NTDDKDll.dll
.dll windows:4 windows x86 arch:x86

a1d76a2b80840f7c85ea178d04345ca1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetOEMCP
GetCurrentProcess
WriteFile
SetFilePointer
FlushFileBuffers
GetCPInfo
RtlUnwind
GetCommandLineA
RaiseException
HeapAlloc
HeapFree
HeapSize
HeapReAlloc
ExitProcess
TerminateProcess
GetACP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GlobalFlags
lstrcmpA
GetProcessVersion
LoadLibraryA
FreeLibrary
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
GetVersion
lstrcpynA
GetModuleFileNameA
lstrcpyA
lstrcatA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalAlloc
GlobalReAlloc
GlobalLock
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
CloseHandle
SetLastError
GetLastError
lstrlenA
SearchPathA

advapi32

RegSetValueExA
RegCloseKey

newdev

UpdateDriverForPlugAndPlayDevicesA

setupapi

SetupDiRegisterDeviceInfo
SetupDiOpenDevRegKey
SetupDiCreateDevRegKeyA
SetupDiGetSelectedDriverA
SetupDiGetINFClassA
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoA
SetupDiSetDeviceRegistryPropertyA
SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList

comctl32

ord17

user32

CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
IsWindowEnabled
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
EnableWindow
GetTopWindow
MessageBoxA
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
LoadStringA
UnregisterClassA
UnhookWindowsHookEx
DispatchMessageA
SendMessageA
GetKeyState
CallNextHookEx
SetWindowsHookExA
PeekMessageA
GetMenuCheckMarkDimensions

gdi32

OffsetViewportOrgEx
GetClipBox
SetTextColor
SetBkColor
GetObjectA
SetViewportExtEx
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
GetDeviceCaps
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetViewportOrgEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetMapMode
CreateBitmap

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

Exports

Exports

NTDDK_InstallModem

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OL2KHandler.dll
.dll windows:4 windows x86 arch:x86

e291cac42f6f14fbb7011525cc8f4095

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
GetCommandLineA
HeapAlloc
HeapFree
RaiseException
ExitProcess
TerminateProcess
HeapSize
HeapReAlloc
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
SetStdHandle
InterlockedExchange
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
GetProcessVersion
LoadLibraryA
FreeLibrary
GlobalAddAtomW
GlobalFindAtomW
GetModuleHandleW
GetModuleHandleA
GetProcAddress
WritePrivateProfileStringW
GlobalFlags
lstrcmpiW
GetLastError
SetLastError
GetVersion
lstrcpynW
lstrcpyW
lstrcatW
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
CloseHandle
GetModuleFileNameW
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
LocalFree
lstrcmpA
GlobalLock
GlobalUnlock
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
lstrlenW
InterlockedIncrement
GetTickCount
InterlockedDecrement
GetStartupInfoA

user32

AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconW
LoadCursorW
GetSysColorBrush
DestroyMenu
GetClientRect
CopyRect
GetTopWindow
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
DestroyWindow
CreateWindowExW
SetPropW
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageW
SystemParametersInfoW
IsIconic
GetWindowPlacement
GetSystemMetrics
ShowWindow
SetWindowPos
SetWindowLongW
GetDlgItem
GrayStringW
DrawTextW
ReleaseDC
GetDC
wsprintfW
SetFocus
GetWindowTextW
PostQuitMessage
PostMessageW
SendMessageW
SetWindowTextW
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameW
GetMenuItemCount
GetSubMenu
GetMenuItemID
LoadStringW
SetCursor
EnableWindow
MessageBoxW
GetWindowLongW
IsWindowEnabled
GetLastActivePopup
GetParent
SetWindowsHookExW
GetCursorPos
PeekMessageW
IsWindowVisible
ValidateRect
CallNextHookEx
GetKeyState
GetActiveWindow
DispatchMessageW
TranslateMessage
GetMessageW
GetNextDlgTabItem
UnregisterClassW
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
TabbedTextOutW

gdi32

PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
GetObjectW
CreateBitmap
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetDeviceCaps

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW

comctl32

ord17

ole32

CoCreateInstance
OleRun
OleUninitialize
OleInitialize

oleaut32

GetErrorInfo
SysAllocString
SysFreeString
VariantClear

Exports

Exports

PIMHandler_DeinitAsFakePhone
PIMHandler_InitAsFakePhone
PIMHandler_Prepare

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PhoneSuite.bin
PhoneSuite.chm
.chm
PhoneSuite.exe
.exe windows:4 windows x86 arch:x86

ec0972170ab3f9fd790bc047368b93c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

ntohs
htons

winmm

mciGetErrorStringW
mciSendCommandW
PlaySoundW

msvfw32

MCIWndCreateW

libxml2

xmlNewDoc
xmlNewNode
xmlDocSetRootElement
xmlCreateIntSubset
xmlNewChild
xmlSaveFormatFileEnc
xmlXPathNewContext
xmlXPathEvalExpression
xmlXPathFreeContext
xmlStrcmp
xmlNodeGetContent
xmlXPathFreeObject
xmlSchemaNewParserCtxt
xmlSchemaSetParserErrors
xmlSchemaParse
xmlSchemaFreeParserCtxt
xmlSchemaNewValidCtxt
xmlSchemaSetValidErrors
xmlSchemaIsValid
xmlSchemaValidateFile
xmlSchemaFreeValidCtxt
xmlSchemaFree
xmlCheckVersion
xmlParseFile
xmlFreeDoc
xmlCleanupParser

mfc42u

ord3995
ord3298
ord1833
ord4583
ord4582
ord4893
ord4364
ord4886
ord4527
ord5070
ord4334
ord4341
ord4714
ord4883
ord4525
ord4539
ord4537
ord4520
ord4523
ord4518
ord4957
ord4954
ord4103
ord6050
ord5236
ord5277
ord3743
ord1718
ord5256
ord2083
ord4426
ord364
ord784
ord4236
ord2706
ord4686
ord5140
ord1834
ord2715
ord2382
ord3054
ord5094
ord5097
ord4461
ord4298
ord3345
ord5006
ord975
ord5468
ord3398
ord2874
ord2873
ord4146
ord4072
ord5233
ord5278
ord2641
ord1658
ord4430
ord5248
ord4421
ord366
ord674
ord4237
ord1172
ord3728
ord810
ord4266
ord2746
ord2966
ord2854
ord1173
ord3649
ord4215
ord2576
ord2430
ord3701
ord6150
ord2522
ord4359
ord4051
ord5467
ord4116
ord2381
ord5079
ord1702
ord1707
ord4398
ord5230
ord6365
ord5275
ord5254
ord2436
ord3717
ord796
ord529
ord4260
ord2442
ord3289
ord2567
ord4390
ord3569
ord609
ord556
ord809
ord5871
ord1165
ord6354
ord1088
ord2114
ord326
ord4294
ord2078
ord2403
ord2015
ord4213
ord4392
ord3577
ord616
ord3568
ord5869
ord2810
ord2447
ord5783
ord1899
ord3605
ord1764
ord6362
ord2405
ord2016
ord4214
ord2573
ord4395
ord3634
ord5155
ord5156
ord5154
ord4899
ord4736
ord4942
ord4352
ord4371
ord4848
ord4829
ord692
ord656
ord768
ord489
ord2362
ord4253
ord6003
ord6898
ord3991
ord4155
ord6655
ord2755
ord3798
ord537
ord4970
ord5283
ord5848
ord5436
ord6379
ord5446
ord6390
ord2440
ord3296
ord5830
ord2036
ord2281
ord6065
ord6279
ord5949
ord942
ord2505
ord3084
ord4470
ord6149
ord3785
ord4028
ord3703
ord3762
ord3481
ord6130
ord4125
ord3758
ord5219
ord6640
ord3867
ord941
ord4126
ord6865
ord3056
ord2385
ord665
ord1971
ord1560
ord268
ord353
ord2570
ord6732
ord6498
ord6776
ord2644
ord1662
ord801
ord541
ord3176
ord4053
ord2773
ord2762
ord668
ord1972
ord356
ord3614
ord2235
ord765
ord5031
ord4078
ord1794
ord1821
ord4272
ord924
ord6867
ord2081
ord6266
ord2858
ord1637
ord2855
ord3288
ord3693
ord2637
ord5142
ord6238
ord6688
ord4335
ord4343
ord4884
ord4958
ord4955
ord1719
ord5785
ord6646
ord2745
ord3291
ord3292
ord6278
ord3688
ord3915
ord2293
ord812
ord5858
ord559
ord3517
ord6399
ord3706
ord783
ord4128
ord4292
ord2104
ord6124
ord4688
ord3748
ord2606
ord6168
ord5790
ord2444
ord3014
ord2508
ord1831
ord361
ord4502
ord4474
ord6373
ord3711
ord790
ord3541
ord6107
ord2836
ord6115
ord5777
ord2099
ord2756
ord2910
ord434
ord5571
ord5647
ord3125
ord3671
ord839
ord433
ord2133
ord350
ord6154
ord1565
ord5929
ord3049
ord3420
ord3875
ord836
ord4670
ord6063
ord5996
ord2109
ord4451
ord1229
ord3476
ord3911
ord2244
ord2879
ord6191
ord3515
ord5024
ord6397
ord3865
ord4331
ord4407
ord2105
ord3747
ord6597
ord6607
ord5755
ord6188
ord5752
ord6182
ord4324
ord6185
ord5674
ord5732
ord5575
ord5567
ord6057
ord5860
ord3591
ord6190
ord6017
ord4524
ord4538
ord5681
ord3269
ord3348
ord4616
ord3574
ord2776
ord3951
ord5978
ord643
ord4131
ord329
ord1863
ord6567
ord1252
ord6004
ord2732
ord882
ord2793
ord5491
ord2070
ord2106
ord4273
ord1933
ord3909
ord3697
ord773
ord2563
ord3749
ord501
ord5603
ord2754
ord1083
ord5596
ord1792
ord293
ord4222
ord5917
ord736
ord430
ord439
ord729
ord4037
ord4519
ord786
ord2605
ord2496
ord1699
ord603
ord2453
ord1961
ord273
ord519
ord703
ord5506
ord2446
ord404
ord3211
ord781
ord2291
ord4199
ord4450
ord6726
ord6654
ord2141
ord4609
ord4606
ord4604
ord4269
ord6371
ord4480
ord2546
ord2504
ord5727
ord3917
ord1089
ord5193
ord2388
ord3341
ord5296
ord5298
ord4074
ord5303
ord5285
ord5710
ord3733
ord815
ord561
ord4282
ord4279
ord617
ord5297
ord5208
ord296
ord986
ord520
ord6433
ord1202
ord4154
ord6113
ord3516
ord2613
ord1131
ord2717
ord4692
ord1817
ord4233
ord4690
ord3053
ord6332
ord2502
ord2534
ord5239
ord5736
ord1739
ord5573
ord3167
ord5649
ord4947
ord4852
ord2391
ord4381
ord3449
ord3193
ord6076
ord6171
ord4617
ord4420
ord1569
ord338
ord4817
ord4414
ord2058
ord6140
ord3173
ord4608
ord4607
ord1937
ord4268
ord813
ord560
ord2527
ord3490
ord4458
ord4717
ord5438
ord3313
ord5180
ord354
ord3253
ord1698
ord1262
ord3278
ord6132
ord6066
ord4602
ord6770
ord6398
ord2101
ord3470
ord1900
ord1683
ord2520

msvcrt

_itoa
_wstat
srand
time
ftell
rand
strtol
_wcsupr
floor
_setjmp3
strerror
_errno
_wremove
_strnicmp
tolower
isdigit
_timezone
_iob
wcsftime
_wcsnicmp
printf
strncmp
wcschr
fwprintf
sprintf
wcsncat
_wcsdup
fwrite
ceil
memmove
toupper
fseek
wcscat
fgetc
fread
swscanf
fopen
fgets
wcsstr
wcsncpy
swprintf
wcstoul
_wtoi
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
_wcsicoll
_wsplitpath
_wfopen
fprintf
fclose
_CIpow
_ftol
wcscpy
wcslen
sscanf
realloc
malloc
free
_wcsicmp
_beginthreadex
_purecall
wcscmp
__CxxFrameHandler
_tzset
strftime
__RTDynamicCast
vsprintf
longjmp
abort
fflush
exit
atoi
fputs
qsort
getenv
calloc
strtod
_exit
_XcptFilter
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_controlfp

kernel32

SizeofResource
LoadResource
FindResourceW
GetExitCodeThread
CreateThread
TerminateThread
GetTickCount
LockResource
HeapAlloc
GetProcessHeap
InitializeCriticalSection
CreateSemaphoreW
DeleteCriticalSection
ReleaseSemaphore
LeaveCriticalSection
EnterCriticalSection
GetVersionExW
GetDefaultCommConfigW
FindClose
GetTempPathW
GetTempFileNameW
LoadLibraryA
GetFileSize
FindResourceA
SetErrorMode
FreeResource
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetCommTimeouts
GetCommProperties
PurgeComm
SetupComm
SetCommState
GetCommState
ClearCommError
ReadFile
LocalFree
FormatMessageW
WriteFile
GetModuleHandleW
GetStartupInfoW
GlobalAlloc
GetEnvironmentVariableW
OutputDebugStringW
SetEnvironmentVariableW
RemoveDirectoryW
SetFileAttributesW
GetUserDefaultLangID
CloseHandle
WaitForSingleObject
Sleep
DeleteFileW
GetLastError
ReleaseMutex
GetCurrentThreadId
CopyFileW
WideCharToMultiByte
SearchPathW
lstrlenW
GetFileInformationByHandle
CreateFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
FreeLibrary
GetProcAddress
LoadLibraryW
CreateDirectoryW
MoveFileW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateEventW
SetEvent
WaitForMultipleObjects
CreateMutexW
FindNextFileW
IsValidLocale
FindFirstFileW
GetLocaleInfoW
CreateProcessW
OpenMutexW
MulDiv
ResetEvent
GetLocalTime
MultiByteToWideChar
GetModuleFileNameW
GetSystemDirectoryW
SystemTimeToFileTime
lstrlenA
InterlockedDecrement
GlobalUnlock
GlobalLock
ResumeThread
GlobalFree
HeapFree
GetSystemDefaultLangID
GlobalSize

user32

IsZoomed
GetCursorPos
GetWindowDC
GetWindowRect
GetClientRect
SetTimer
KillTimer
LoadCursorW
SetCapture
ClientToScreen
SetCursor
ReleaseDC
IsWindow
PostMessageW
EnableWindow
GetParent
SendMessageW
OffsetRect
DestroyMenu
UpdateWindow
ScreenToClient
WindowFromPoint
ReleaseCapture
GetDesktopWindow
GetSysColor
FillRect
InvalidateRect
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
CloseClipboard
EmptyClipboard
SetClipboardData
GetMenuItemID
GetWindow
LoadIconW
GetMenuItemCount
GetUpdateRect
MessageBoxW
FindWindowW
GetLastActivePopup
BringWindowToTop
GetSystemMenu
GetMessageW
DispatchMessageW
SetFocus
GetDlgCtrlID
IsRectEmpty
HideCaret
RegisterClipboardFormatW
GrayStringW
DrawTextW
TabbedTextOutW
GetAsyncKeyState
GetDC
CheckMenuItem
GetFocus
GetClassInfoW
IntersectRect
LoadBitmapW
IsWindowVisible
GetScrollRange
GetScrollPos
SetScrollPos
TranslateAcceleratorW
GetWindowLongW
UnionRect
GetDlgItem
LoadMenuW
GetSubMenu
EnableMenuItem
GetMessagePos
SetRectEmpty
EqualRect
SetRect
LoadAcceleratorsW
GetKeyState
DrawFocusRect
FrameRect
PtInRect
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
ModifyMenuW
CopyRect
DrawFrameControl
RedrawWindow
SetWindowLongW
GetForegroundWindow
GetCapture
IsIconic
SetForegroundWindow
GetSystemMetrics

gdi32

CreateDIBSection
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
SetWinMetaFileBits
SetEnhMetaFileBits
RealizePalette
SetDIBColorTable
DeleteEnhMetaFile
CreatePalette
SelectPalette
SetDIBitsToDevice
StretchDIBits
GetDIBits
SetMapMode
SetBkColor
SetTextColor
DeleteDC
GetTextMetricsW
RoundRect
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
LPtoDP
GetMapMode
GetWindowExtEx
GetViewportExtEx
DPtoLP
GetBkColor
Arc
GetDeviceCaps
SelectObject
CreateBitmap
CreateFontIndirectW
SetPixel
GetPixel
Ellipse
CreatePen
CreateSolidBrush
GetStockObject
StretchBlt
GetTextExtentPoint32W
CreateRectRgnIndirect
FrameRgn
CreateRectRgn
PtInRegion
DeleteObject
GetObjectW
CreateBitmapIndirect
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
Rectangle
PlayEnhMetaFile

advapi32

RegCloseKey
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegQueryValueExA
RegOpenKeyExA

shell32

SHGetSpecialFolderLocation
ShellExecuteW
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetFileInfoW
SHBrowseForFolderW
SHGetMalloc

comctl32

ImageList_Copy
_TrackMouseEvent
ImageList_Draw
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_DragLeave
ImageList_EndDrag
ImageList_DragMove
ImageList_DragShowNolock
ImageList_BeginDrag
ImageList_DragEnter
ImageList_Remove
ord8
ImageList_Add
ImageList_AddMasked

ole32

RevokeDragDrop
CoUninitialize
OleCreateStaticFromData
OleSetContainedObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun

olepro32

ord251

oleaut32

GetErrorInfo
SysAllocString
VariantClear
SysFreeString

msvcp60

??0_Lockit@std@@QAE@XZ
??0logic_error@std@@QAE@ABV01@@Z
??0out_of_range@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0out_of_range@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??_7out_of_range@std@@6B@
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Refcnt@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEAAEPBD@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
??1_Lockit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??Ostd@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??Mstd@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
?_Xran@std@@YAXXZ
?_Split@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXXZ
?move@?$char_traits@G@std@@SAPAGPAGPBGI@Z
?_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ
??8std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
?_Eos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?substr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV12@II@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
??9std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??9std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
?_Grow@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?capacity@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?copy@?$char_traits@D@std@@SAPADPADPBDI@Z
?_Freeze@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXXZ
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IG@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?max_size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?_Copy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??8std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?_Xlen@std@@YAXXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??0Init@ios_base@std@@QAE@XZ

msvcirt

?write@ostream@@QAEAAV1@PBDH@Z
??_Difstream@@QAEXXZ
?close@ifstream@@QAEXXZ
?attach@ifstream@@QAEXH@Z
??1ios@@UAE@XZ
??1ifstream@@UAE@XZ
??0ifstream@@QAE@XZ
??_Dofstream@@QAEXXZ
??1ofstream@@UAE@XZ
?close@ofstream@@QAEXXZ
?attach@ofstream@@QAEXH@Z
??0ofstream@@QAE@XZ
?seekg@istream@@QAEAAV1@JW4seek_dir@ios@@@Z
??_Dfstream@@QAEXXZ
?close@fstream@@QAEXXZ
??1fstream@@UAE@XZ
?attach@fstream@@QAEXH@Z
??0fstream@@QAE@XZ
?tellg@istream@@QAEJXZ
?put@ostream@@QAEAAV1@E@Z
?tellp@ostream@@QAEJXZ
?seekp@ostream@@QAEAAV1@J@Z
?read@istream@@QAEAAV1@PADH@Z

shlwapi

PathRemoveFileSpecW
PathFileExistsW

libexpat

ord52
ord31
ord16
ord21
ord18

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 324KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 28.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PhoneSuite.ini
UDX.xsd
.xml
WABHandler.dll
.dll windows:4 windows x86 arch:x86

1ead67b24a3fdfebf309e2ad2d0a10c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
GetCommandLineA
HeapAlloc
HeapFree
RaiseException
ExitProcess
TerminateProcess
HeapSize
HeapReAlloc
Sleep
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
GetProcessVersion
LoadLibraryA
GlobalAddAtomW
GlobalFindAtomW
GetModuleHandleW
GetModuleHandleA
WritePrivateProfileStringW
GlobalFlags
lstrcmpiW
GetLastError
SetLastError
GetVersion
lstrcpynW
lstrcpyW
lstrcatW
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
CloseHandle
GetModuleFileNameW
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
LocalFree
lstrcmpA
GlobalLock
GlobalUnlock
WideCharToMultiByte
lstrlenA
lstrlenW
InterlockedDecrement
InterlockedIncrement
LoadLibraryW
GetProcAddress
GetTickCount
FreeLibrary
FileTimeToSystemTime
MultiByteToWideChar
GetFileType
InterlockedExchange

user32

CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconW
LoadCursorW
GetSysColorBrush
DestroyMenu
GetTopWindow
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
DestroyWindow
CreateWindowExW
SetPropW
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageW
SystemParametersInfoW
IsIconic
GetWindowPlacement
GetSystemMetrics
ShowWindow
SetWindowPos
SetWindowLongW
GetDlgItem
GrayStringW
DrawTextW
TabbedTextOutW
GetDC
wsprintfW
SetFocus
SetWindowTextW
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetWindowTextW
PostQuitMessage
PostMessageW
SendMessageW
PtInRect
GetClassNameW
GetMenuItemCount
GetSubMenu
GetMenuItemID
LoadStringW
UnregisterClassW
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
SetCursor
EnableWindow
MessageBoxW
GetWindowLongW
IsWindowEnabled
GetLastActivePopup
GetParent
SetWindowsHookExW
GetCursorPos
PeekMessageW
IsWindowVisible
ValidateRect
CallNextHookEx
GetKeyState
GetActiveWindow
DispatchMessageW
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageW
TranslateMessage
ReleaseDC

gdi32

PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
GetObjectW
CreateBitmap
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetDeviceCaps

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW

comctl32

ord17

Exports

Exports

PIMHandler_DeinitAsFakePhone
PIMHandler_InitAsFakePhone
PIMHandler_Prepare

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
iconv.dll
.dll .ps1 windows:4 windows x86 arch:x86 polyglot

5e63e66630a8ecd829ce2cfdcfa121ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetACP
GetAtomNameA
GetModuleFileNameA
GetSystemInfo

msvcrt

_strdup
__dllonexit
_errno
abort
fflush
free
malloc
memcpy
sprintf
strchr
strcmp
strcpy
strlen
strncmp

Exports

Exports

DllGetVersion
_libiconv_version
aliases2_lookup
aliases_lookup
libiconv
libiconv_close
libiconv_open
libiconv_relocate
libiconv_set_relocation_prefix
libiconvctl
libiconvlist
locale_charset

Sections

.text
Size: 945KB - Virtual size: 944KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 656B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 364B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
lcppn22.dll
.dll windows:4 windows x86 arch:x86

4fe2b89a2340ee91a02976670ac6f9e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

nnotes

ord2073
ord2018
ord2013
ord2008
ord2064
ord2141
ord2342
ord2010
ord2162
ord4601
ord4604
ord4610
ord2549
ord2548
ord2256
ord2020
ord2133
ord5742
ord861
ord321
ord2094
ord2802
ord2848
ord2801
ord320
ord2878
ord2856
ord2910
ord4609
ord2711
ord2709
ord232
ord3502
ord3506
ord3510
ord3509
ord3508
ord2019
ord2015
ord521
ord3520
ord2150
ord2638
ord2078
ord2183
ord2087
ord2102
ord2089
ord323
ord2121
ord2140
ord2111
ord2475
ord324
ord357
ord2261
ord2260
ord2441
ord5818
ord628
ord5817
ord2262
ord2264
ord2259
ord969
ord449
ord230
ord223
ord308
ord231
ord210
ord237
ord229
ord167
ord448
ord224
ord165
ord311
ord904
ord903
ord4331
ord533
ord536
ord325
ord733
ord322
ord734
ord327
ord142
ord144
ord2780
ord2154
ord851
ord896
ord853
ord858
ord850
ord852
ord857
ord849
ord2085
ord2303
ord450
ord2118
ord2006
ord439
ord2109
ord5132
ord2164
ord5131
ord2074
ord2147
ord2107
ord2029
ord2145
ord2343
ord2149
ord527
ord5130
ord2714
ord3625
ord1560
ord3626
ord3629
ord3603
ord3636
ord3632
ord416
ord358
ord375
ord376
ord546
ord545
ord23
ord38
ord37
ord35
ord33
ord34
ord36
ord24
ord21
ord32
ord39
ord40
ord549
ord532
ord534
ord535
ord539
ord540
ord541
ord542
ord524
ord529
ord528
ord531
ord530
ord2370
ord2112
ord2398
ord2304
ord2116
ord2110
ord2113
ord3092
ord3093
ord3090
ord140
ord205
ord206
ord2266
ord3089
ord2265
ord2403
ord2039
ord2055
ord2626
ord3088
ord3031
ord2656
ord1559
ord1568
ord2130
ord940
ord708
ord2024
ord2331
ord1562
ord15
ord12
ord16
ord2558
ord4104
ord401
ord245
ord13
ord17
ord2098
ord4606
ord4607
ord4605
ord4612
ord2849
ord3525
ord2806
ord1508
ord2030
ord2032
ord2026
ord2049
ord2034
ord2051
ord2177
ord408
ord2178
ord2179
ord2048
ord2033
ord2124
ord2182
ord4319
ord4315
ord4317
ord4320
ord4326
ord4316
ord4321
ord4314
ord4318
ord2086
ord4484
ord4485
ord4482
ord3604
ord2011
ord4486
ord4487
ord2088
ord4483
ord4480
ord4481
ord2239
ord451
ord438
ord382
ord2137
ord877
ord381
ord880
ord876
ord879
ord387
ord388
ord386
ord629
ord385
ord2198
ord435
ord441
ord525
ord222
ord2040
ord2045
ord2043
ord2412
ord2429
ord2413
ord2047
ord2046
ord2194
ord2027
ord2062
ord707
ord391
ord2050
ord2095
ord2100
ord939
ord938
ord2005
ord2195
ord2001
ord2847
ord182
ord183
ord143
ord2009
ord5799
ord2072

ole32

StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoFileTimeNow

kernel32

CompareStringA
SetEndOfFile
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
CreateFileA
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
InterlockedIncrement
InterlockedDecrement
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
ReadFile
SetFilePointer
CloseHandle
IsBadWritePtr
VirtualAlloc
SetUnhandledExceptionFilter
GetModuleHandleA
GetProcAddress
WriteFile
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
SetLastError
GetCurrentThreadId
DeleteFileA
GetLastError
HeapAlloc
HeapReAlloc
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetCurrentProcess
TerminateProcess
ExitProcess
RaiseException
RtlUnwind
GetVersion
GetCommandLineA
TlsFree
TlsAlloc
TlsSetValue
TlsGetValue
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SystemTimeToFileTime
LocalFileTimeToFileTime
CompareStringW
SetEnvironmentVariableA

Exports

Exports

??0LNACL@@AAE@ABV0@@Z
??0LNACL@@QAE@XZ
??0LNACLEntry@@QAE@ABV0@@Z
??0LNACLEntry@@QAE@XZ
??0LNACLEntryArray@@AAE@ABV0@@Z
??0LNACLEntryArray@@AAE@PAXPAKW4LNACLLEVEL@@@Z
??0LNACLEntryArray@@QAE@XZ
??0LNACLRoleArray@@AAE@ABV0@@Z
??0LNACLRoleArray@@AAE@PAXPAK@Z
??0LNACLRoleArray@@AAE@PAXPAUACL_PRIVILEGES@@PAK@Z
??0LNACLRoleArray@@QAE@XZ
??0LNAction@@IAE@PAVLNActionBody@@@Z
??0LNAction@@QAE@ABV0@@Z
??0LNAction@@QAE@ABVLNString@@ABVLNFormula@@@Z
??0LNAction@@QAE@ABVLNString@@ABVLNJavaScript@@@Z
??0LNAction@@QAE@ABVLNString@@ABVLNLotusScript@@@Z
??0LNAction@@QAE@ABVLNString@@ABVLNSimpleAction@@@Z
??0LNAction@@QAE@ABVLNString@@ABVLNSimpleActions@@@Z
??0LNAction@@QAE@XZ
??0LNActionHotspot@@IAE@ABVLNFormula@@@Z
??0LNActionHotspot@@IAE@ABVLNJavaScript@@@Z
??0LNActionHotspot@@IAE@ABVLNLotusScript@@@Z
??0LNActionHotspot@@IAE@ABVLNSimpleAction@@@Z
??0LNActionHotspot@@IAE@ABVLNSimpleActions@@@Z
??0LNActionHotspot@@QAE@ABV0@@Z
??0LNActionHotspot@@QAE@ABVLNFormula@@ABVLNGraphic@@@Z
??0LNActionHotspot@@QAE@ABVLNFormula@@ABVLNString@@@Z
??0LNActionHotspot@@QAE@ABVLNJavaScript@@ABVLNGraphic@@@Z
??0LNActionHotspot@@QAE@ABVLNJavaScript@@ABVLNString@@@Z
??0LNActionHotspot@@QAE@ABVLNLotusScript@@ABVLNGraphic@@@Z
??0LNActionHotspot@@QAE@ABVLNLotusScript@@ABVLNString@@@Z
??0LNActionHotspot@@QAE@ABVLNRTObject@@@Z
??0LNActionHotspot@@QAE@ABVLNSimpleAction@@ABVLNGraphic@@@Z
??0LNActionHotspot@@QAE@ABVLNSimpleAction@@ABVLNString@@@Z
??0LNActionHotspot@@QAE@ABVLNSimpleActions@@ABVLNGraphic@@@Z
??0LNActionHotspot@@QAE@ABVLNSimpleActions@@ABVLNString@@@Z
??0LNActionHotspot@@QAE@XZ
??0LNActions@@AAE@PAVLNNoteBody@@PAVLNActionsBody@@@Z
??0LNActions@@QAE@ABV0@@Z
??0LNActions@@QAE@ABVLNItem@@@Z
??0LNActions@@QAE@ABVLNNote@@@Z
??0LNActions@@QAE@XZ
??0LNActiveObject@@IAE@PAVLNActiveObjectBody@@@Z
??0LNActiveObject@@QAE@ABV0@@Z
??0LNActiveObject@@QAE@ABVLNRTObject@@@Z
??0LNActiveObject@@QAE@XZ
??0LNActiveObjectParameter@@IAE@PAVLNActiveObjectParameterBody@@@Z
??0LNActiveObjectParameter@@QAE@ABV0@@Z
??0LNActiveObjectParameter@@QAE@ABVLNString@@@Z
??0LNActiveObjectParameter@@QAE@XZ
??0LNActiveObjectParameters@@IAE@PAVLNActiveObjectParametersBody@@@Z
??0LNActiveObjectParameters@@QAE@ABV0@@Z
??0LNActiveObjectParameters@@QAE@XZ
??0LNAddinStatusLine@@AAE@ABV0@@Z
??0LNAddinStatusLine@@AAE@ABVLNString@@0@Z
??0LNAddinStatusLine@@AAE@PAX@Z
??0LNAdministrationProcess@@QAE@ABV0@@Z
??0LNAdministrationProcess@@QAE@XZ
??0LNAgent@@AAE@PAVLNDatabaseBody@@K@Z
??0LNAgent@@QAE@ABV0@@Z
??0LNAgent@@QAE@ABVLNNote@@@Z
??0LNAgent@@QAE@XZ
??0LNAgentArray@@QAE@ABV0@@Z
??0LNAgentArray@@QAE@XZ
??0LNAgentJava@@AAE@ABVLNString@@00PAVLNNoteBody@@PBV1@2PBVLNText@@@Z
??0LNAgentJava@@AAE@ABVLNString@@0ABVLNText@@PAVLNNoteBody@@PBV2@@Z
??0LNAgentJava@@AAE@PAVLNNoteBody@@@Z
??0LNAgentJava@@QAE@ABV0@@Z
??0LNAgentJava@@QAE@XZ
??0LNAgentRunData@@AAE@ABUODS_ASSISTRUNINFO@@PBD@Z
??0LNAgentRunData@@QAE@ABV0@@Z
??0LNAgentRunData@@QAE@XZ
??0LNAnchorLink@@QAE@ABV0@@Z
??0LNAnchorLink@@QAE@ABVLNRTObject@@@Z
??0LNAnchorLink@@QAE@ABVLNViewFolder@@ABVLNAnchorLocation@@@Z
??0LNAnchorLink@@QAE@ABVLNViewFolder@@ABVLNDocument@@ABVLNString@@@Z
??0LNAnchorLink@@QAE@UtagTIMEDATE@@PBUUNIVERSALNOTEID_tag@@1ABVLNString@@2PBVLNNotesSession@@@Z
??0LNAnchorLink@@QAE@XZ
??0LNAnchorLocation@@QAE@ABV0@@Z
??0LNAnchorLocation@@QAE@ABVLNRTObject@@@Z
??0LNAnchorLocation@@QAE@ABVLNString@@@Z
??0LNAnchorLocation@@QAE@XZ
??0LNAppletResource@@AAE@PAVLNDatabaseBody@@K@Z
??0LNAppletResource@@QAE@ABV0@@Z
??0LNAppletResource@@QAE@ABVLNNote@@@Z
??0LNAppletResource@@QAE@XZ
??0LNAppletResourceArray@@QAE@ABV0@@Z
??0LNAppletResourceArray@@QAE@XZ
??0LNAttachment@@QAE@ABV0@@Z
??0LNAttachment@@QAE@ABVLNItem@@@Z
??0LNAttachment@@QAE@XZ
??0LNAttachmentArray@@QAE@ABV0@@Z
??0LNAttachmentArray@@QAE@XZ
??0LNBitmap@@QAE@ABV0@@Z
??0LNBitmap@@QAE@ABVLNRTObject@@@Z
??0LNBitmap@@QAE@XZ
??0LNBitmapColorTable@@QAE@ABV0@@Z
??0LNBitmapColorTable@@QAE@ABVLNRTObject@@@Z
??0LNBitmapColorTable@@QAE@XZ
??0LNBitmapPatternTable@@QAE@ABV0@@Z
??0LNBitmapPatternTable@@QAE@ABVLNRTObject@@@Z
??0LNBitmapPatternTable@@QAE@XZ
??0LNBitmapSegment@@QAE@ABV0@@Z
??0LNBitmapSegment@@QAE@ABVLNRTObject@@@Z
??0LNBitmapSegment@@QAE@XZ
??0LNBitmapTransparencyTable@@QAE@ABV0@@Z
??0LNBitmapTransparencyTable@@QAE@ABVLNRTObject@@@Z
??0LNBitmapTransparencyTable@@QAE@XZ
??0LNButton@@QAE@ABV0@@Z
??0LNButton@@QAE@ABVLNRTObject@@@Z
??0LNButton@@QAE@ABVLNString@@ABVLNFormula@@@Z
??0LNButton@@QAE@ABVLNString@@ABVLNJavaScript@@@Z
??0LNButton@@QAE@ABVLNString@@ABVLNLotusScript@@@Z
??0LNButton@@QAE@ABVLNString@@ABVLNSimpleAction@@@Z
??0LNButton@@QAE@ABVLNString@@ABVLNSimpleActions@@@Z
??0LNButton@@QAE@XZ
??0LNCGMMetafile@@QAE@ABV0@@Z
??0LNCGMMetafile@@QAE@ABVLNRTObject@@@Z
??0LNCGMMetafile@@QAE@XZ
??0LNCalendar@@QAE@ABV0@@Z
??0LNCalendar@@QAE@XZ
??0LNCalendarEntry@@AAE@PAVLNDatabaseBody@@K@Z
??0LNCalendarEntry@@QAE@ABV0@@Z
??0LNCalendarEntry@@QAE@ABVLNDocument@@@Z
??0LNCalendarEntry@@QAE@XZ
??0LNCalendarEntryArray@@AAE@ABVLNDatabase@@@Z
??0LNCalendarEntryArray@@QAE@ABV0@@Z
??0LNCalendarEntryArray@@QAE@XZ
??0LNCalendarProfileDocument@@QAE@ABV0@@Z
??0LNCalendarProfileDocument@@QAE@XZ
??0LNCertifier@@QAE@XZ
??0LNChar@@QAE@ABV0@@Z
??0LNChar@@QAE@D@Z
??0LNChar@@QAE@PAVLNStringBody@@K@Z
??0LNColor@@QAE@ABUCOLOR_VALUE@@@Z
??0LNColor@@QAE@ABV0@@Z
??0LNColor@@QAE@G@Z
??0LNColor@@QAE@KKK@Z
??0LNCompositeContainer@@IAE@PAVLNRTContainerBody@@@Z
??0LNCompositeContainer@@QAE@ABV0@@Z
??0LNCompositeContainer@@QAE@ABVLNRTObject@@@Z
??0LNCompositeContainer@@QAE@XZ
??0LNCompositeData@@QAE@ABV0@@Z
??0LNCompositeData@@QAE@ABVLNRTObject@@@Z
??0LNCompositeData@@QAE@XZ
??0LNCompositeDataArray@@QAE@ABV0@@Z
??0LNCompositeDataArray@@QAE@ABVLNRTContainer@@@Z
??0LNCompositeDataArray@@QAE@XZ
??0LNComputedText@@IAE@PAVLNComputedTextBody@@@Z
??0LNComputedText@@QAE@ABV0@@Z
??0LNComputedText@@QAE@ABVLNFormula@@@Z
??0LNComputedText@@QAE@ABVLNRTObject@@@Z
??0LNComputedText@@QAE@XZ
??0LNCreateDatabaseOptions@@QAE@ABV0@@Z
??0LNCreateDatabaseOptions@@QAE@XZ
??0LNDatabase@@QAE@ABV0@@Z
??0LNDatabase@@QAE@XZ
??0LNDatabaseArray@@QAE@ABV0@@Z
??0LNDatabaseArray@@QAE@XZ
??0LNDatabaseLink@@QAE@ABV0@@Z
??0LNDatabaseLink@@QAE@ABVLNDatabase@@@Z
??0LNDatabaseLink@@QAE@ABVLNRTObject@@@Z
??0LNDatabaseLink@@QAE@UtagTIMEDATE@@ABVLNString@@PBVLNNotesSession@@@Z
??0LNDatabaseLink@@QAE@XZ
??0LNDatetime@@QAE@ABUtagTIMEDATE@@@Z
??0LNDatetime@@QAE@ABV0@@Z
??0LNDatetime@@QAE@ABVLNString@@PAK@Z
??0LNDatetime@@QAE@W4LNDATETIMESPECIAL@@@Z
??0LNDatetime@@QAE@XZ
??0LNDatetimeFormat@@QAE@ABUTFMT@@@Z
??0LNDatetimeFormat@@QAE@ABV0@@Z
??0LNDatetimeFormat@@QAE@XZ
??0LNDatetimeRange@@QAE@ABUTIMEDATE_PAIR@@@Z
??0LNDatetimeRange@@QAE@ABUtagTIMEDATE@@@Z
??0LNDatetimeRange@@QAE@ABV0@@Z
??0LNDatetimeRange@@QAE@ABVLNDatetime@@@Z
??0LNDatetimeRange@@QAE@ABVLNDatetimesElement@@@Z
??0LNDatetimeRange@@QAE@XZ
??0LNDatetimes@@QAE@ABV0@@Z
??0LNDatetimes@@QAE@ABVLNItem@@@Z
??0LNDatetimes@@QAE@XZ
??0LNDatetimesElement@@AAE@PAVLNDatetimesBody@@K@Z
??0LNDatetimesElement@@QAE@ABV0@@Z
??0LNDocument@@IAE@PAVLNDatabaseBody@@KK@Z
??0LNDocument@@QAE@ABV0@@Z
??0LNDocument@@QAE@ABVLNNote@@K@Z
??0LNDocument@@QAE@XZ
??0LNDocumentArray@@QAE@ABV0@@Z
??0LNDocumentArray@@QAE@XZ
??0LNDocumentLink@@QAE@ABV0@@Z
??0LNDocumentLink@@QAE@ABVLNRTObject@@@Z
??0LNDocumentLink@@QAE@ABVLNViewFolder@@ABVLNDocument@@@Z
??0LNDocumentLink@@QAE@UtagTIMEDATE@@PBUUNIVERSALNOTEID_tag@@1ABVLNString@@PBVLNNotesSession@@@Z
??0LNDocumentLink@@QAE@XZ
??0LNFTIndexStatistics@@QAE@ABV0@@Z
??0LNFTIndexStatistics@@QAE@XZ
??0LNFTSearchOptions@@QAE@ABV0@@Z
??0LNFTSearchOptions@@QAE@XZ
??0LNFontStyle@@IAE@KPAVLNNoteBody@@@Z
??0LNFontStyle@@IAE@PAVLNFontStyleBody@@@Z
??0LNFontStyle@@QAE@ABV0@@Z
??0LNFontStyle@@QAE@EEABVLNString@@HH@Z
??0LNFontStyle@@QAE@KPBVLNFontTable@@@Z
??0LNFontStyle@@QAE@XZ
??0LNFontTable@@IAE@PAVLNFontTableBody@@@Z
??0LNFontTable@@QAE@ABV0@@Z
??0LNFontTable@@QAE@ABVLNItem@@@Z
??0LNFontTable@@QAE@XZ
??0LNForm@@AAE@PAVLNDatabaseBody@@K@Z
??0LNForm@@QAE@ABV0@@Z
??0LNForm@@QAE@ABVLNNote@@@Z
??0LNForm@@QAE@XZ
??0LNFormArray@@QAE@ABV0@@Z
??0LNFormArray@@QAE@XZ
??0LNFormField@@AAE@PAVLNFormFieldBody@@@Z
??0LNFormField@@QAE@ABV0@@Z
??0LNFormField@@QAE@ABVLNRTObject@@@Z
??0LNFormField@@QAE@ABVLNString@@W4LNRTTYPE@@@Z
??0LNFormField@@QAE@XZ
??0LNFormFieldArray@@QAE@ABV0@@Z
??0LNFormFieldArray@@QAE@XZ
??0LNFormula@@QAE@ABV0@@Z
??0LNFormula@@QAE@ABVLNString@@@Z
??0LNFormula@@QAE@PBD@Z
??0LNFormula@@QAE@PBDKH@Z
??0LNFormula@@QAE@XZ
??0LNFormulaPopup@@IAE@ABVLNFormula@@@Z
??0LNFormulaPopup@@IAE@PAVLNFormulaPopupBody@@@Z
??0LNFormulaPopup@@QAE@ABV0@@Z
??0LNFormulaPopup@@QAE@ABVLNFormula@@ABVLNGraphic@@@Z
??0LNFormulaPopup@@QAE@ABVLNFormula@@ABVLNString@@@Z
??0LNFormulaPopup@@QAE@ABVLNRTObject@@@Z
??0LNFormulaPopup@@QAE@XZ
??0LNFrame@@AAE@PAVLNFrameBody@@@Z
??0LNFrame@@QAE@ABV0@@Z
??0LNFrame@@QAE@XZ
??0LNFrameSplitOptions@@QAE@ABV0@@Z
??0LNFrameSplitOptions@@QAE@XZ
??0LNFrameset@@AAE@PAVLNDatabaseBody@@K@Z
??0LNFrameset@@QAE@ABV0@@Z
??0LNFrameset@@QAE@ABVLNNote@@@Z
??0LNFrameset@@QAE@XZ
??0LNFramesetArray@@QAE@ABV0@@Z
??0LNFramesetArray@@QAE@XZ
??0LNGraphic@@IAE@PAVLNGraphicBody@@@Z
??0LNGraphic@@QAE@ABV0@@Z
??0LNGraphic@@QAE@ABVLNFormula@@@Z
??0LNGraphic@@QAE@ABVLNRTObject@@@Z
??0LNGraphic@@QAE@XZ
??0LNHTMLTags@@QAE@ABV0@@Z
??0LNHTMLTags@@QAE@G@Z
??0LNHTMLTags@@QAE@XZ
??0LNHorizontalRule@@QAE@ABV0@@Z
??0LNHorizontalRule@@QAE@ABVLNRTObject@@@Z
??0LNHorizontalRule@@QAE@NN@Z
??0LNHorizontalRule@@QAE@XZ
??0LNHotspot@@IAE@PAVLNHotspotBody@@@Z
??0LNHotspot@@QAE@ABV0@@Z
??0LNHotspot@@QAE@ABVLNRTObject@@@Z
??0LNHotspot@@QAE@XZ
??0LNIDFile@@AAE@PBVLNNotesSession@@ABVLNString@@@Z
??0LNIDFile@@QAE@ABV0@@Z
??0LNIDFile@@QAE@XZ
??0LNImageResource@@AAE@PAVLNDatabaseBody@@K@Z
??0LNImageResource@@QAE@ABV0@@Z
??0LNImageResource@@QAE@ABVLNNote@@@Z
??0LNImageResource@@QAE@XZ
??0LNImageResourceArray@@QAE@ABV0@@Z
??0LNImageResourceArray@@QAE@XZ
??0LNInternational@@AAE@PBVLNNotesSession@@PAUINTLFORMAT@@@Z
??0LNInternational@@QAE@ABUINTLFORMAT@@@Z
??0LNInternational@@QAE@ABV0@@Z
??0LNInternational@@QAE@XZ
??0LNItem@@IAE@PAVLNNoteBody@@PAVLNItemBody@@@Z
??0LNItem@@QAE@ABV0@@Z
??0LNItem@@QAE@XZ
??0LNItemArray@@QAE@ABV0@@Z
??0LNItemArray@@QAE@XZ
??0LNJavaScript@@QAE@ABV0@@Z
??0LNJavaScript@@QAE@XZ
??0LNKeywordsField@@IAE@PAVLNFormFieldBody@@@Z
??0LNKeywordsField@@QAE@ABV0@@Z
??0LNKeywordsField@@QAE@ABVLNRTObject@@@Z
??0LNKeywordsField@@QAE@ABVLNString@@@Z
??0LNKeywordsField@@QAE@XZ
??0LNLinkHotspot@@IAE@ABVLNDatabaseLink@@@Z
??0LNLinkHotspot@@IAE@ABVLNNamedElement@@@Z
??0LNLinkHotspot@@IAE@PAVLNResourceLinkBody@@@Z
??0LNLinkHotspot@@QAE@ABV0@@Z
??0LNLinkHotspot@@QAE@ABVLNDatabaseLink@@ABVLNGraphic@@@Z
??0LNLinkHotspot@@QAE@ABVLNDatabaseLink@@ABVLNString@@@Z
??0LNLinkHotspot@@QAE@ABVLNNamedElement@@ABVLNGraphic@@@Z
??0LNLinkHotspot@@QAE@ABVLNNamedElement@@ABVLNString@@@Z
??0LNLinkHotspot@@QAE@ABVLNRTObject@@@Z
??0LNLinkHotspot@@QAE@XZ
??0LNLinks@@IAE@PAVLNItemBody@@@Z
??0LNLinks@@QAE@ABV0@@Z
??0LNLinks@@QAE@ABVLNItem@@@Z
??0LNLinks@@QAE@XZ
??0LNLogEntry@@AAE@ABV0@@Z
??0LNLogEntry@@QAE@XZ
??0LNLotusScript@@IAE@PAVLNLotusScriptBody@@@Z
??0LNLotusScript@@QAE@ABV0@@Z
??0LNLotusScript@@QAE@ABVLNString@@@Z
??0LNLotusScript@@QAE@ABVLNString@@PADK@Z
??0LNLotusScript@@QAE@PADK0K@Z
??0LNLotusScript@@QAE@PADK@Z
??0LNLotusScript@@QAE@XZ
??0LNMacMetafile@@QAE@ABV0@@Z
??0LNMacMetafile@@QAE@ABVLNRTObject@@@Z
??0LNMacMetafile@@QAE@XZ
??0LNMacMetafileSegment@@QAE@ABV0@@Z
??0LNMacMetafileSegment@@QAE@ABVLNRTObject@@@Z
??0LNMacMetafileSegment@@QAE@XZ
??0LNMailMessage@@QAE@ABV0@@Z
??0LNMailMessage@@QAE@ABVLNDocument@@@Z
??0LNMailMessage@@QAE@XZ
??0LNMessageQueue@@AAE@ABV0@@Z
??0LNMessageQueue@@QAE@XZ
??0LNMetafile@@QAE@ABV0@@Z
??0LNMetafile@@QAE@ABVLNRTObject@@@Z
??0LNMetafile@@QAE@XZ
??0LNNamedElement@@QAE@ABV0@@Z
??0LNNamedElement@@QAE@ABVLNFormula@@W4LNNAMEDELEMENT@@@Z
??0LNNamedElement@@QAE@ABVLNString@@W4LNNAMEDELEMENT@@AAVLNDatabase@@@Z
??0LNNamedElement@@QAE@ABVLNString@@W4LNNAMEDELEMENT@@PAUtagTIMEDATE@@@Z
??0LNNamedElement@@QAE@ABVLNString@@W4LNNAMEDELEMENT@@W4LNNAMEDELEMENTDB@@@Z
??0LNNamedElement@@QAE@XZ
??0LNNamedStyle@@IAE@PAVLNNamedStyleBody@@@Z
??0LNNamedStyle@@QAE@ABV0@@Z
??0LNNamedStyle@@QAE@ABVLNParagraphStyle@@@Z
??0LNNamedStyle@@QAE@ABVLNString@@@Z
??0LNNamedStyle@@QAE@ABVLNString@@ABVLNParagraphStyle@@@Z
??0LNNamedStyle@@QAE@ABVLNString@@ABVLNParagraphStyle@@ABVLNFontStyle@@@Z
??0LNNamedStyle@@QAE@XZ
??0LNNamesField@@IAE@PAVLNFormFieldBody@@@Z
??0LNNamesField@@QAE@ABV0@@Z
??0LNNamesField@@QAE@ABVLNRTObject@@@Z
??0LNNamesField@@QAE@ABVLNString@@W4LNRTTYPE@@@Z
??0LNNamesField@@QAE@XZ
??0LNNavigator@@AAE@PAVLNDatabaseBody@@K@Z
??0LNNavigator@@QAE@ABV0@@Z
??0LNNavigator@@QAE@ABVLNNote@@@Z
??0LNNavigator@@QAE@XZ
??0LNNavigatorArray@@QAE@ABV0@@Z
??0LNNavigatorArray@@QAE@XZ
??0LNNote@@IAE@PAVLNDatabaseBody@@K@Z
??0LNNote@@QAE@ABV0@@Z
??0LNNote@@QAE@XZ
??0LNNoteArray@@QAE@ABV0@@Z
??0LNNoteArray@@QAE@ABVLNDatabase@@@Z
??0LNNoteArray@@QAE@ABVLNVFNavigator@@@Z
??0LNNoteArray@@QAE@ABVLNViewFolder@@@Z
??0LNNoteArray@@QAE@XZ
??0LNNotesClass@@IAE@ABV0@@Z
??0LNNotesClass@@IAE@PBVLNNotesSession@@@Z
??0LNNotesClass@@IAE@XZ
??0LNNotesSession@@QAE@XZ
??0LNNumber@@QAE@ABN@Z
??0LNNumber@@QAE@ABV0@@Z
??0LNNumber@@QAE@ABVLNString@@ABVLNNumberFormat@@ABVLNInternational@@PAK@Z
??0LNNumber@@QAE@ABVLNString@@PAK@Z
??0LNNumber@@QAE@XZ
??0LNNumberFormat@@QAE@ABUNFMT@@@Z
??0LNNumberFormat@@QAE@ABV0@@Z
??0LNNumberFormat@@QAE@XZ
??0LNNumbers@@QAE@ABV0@@Z
??0LNNumbers@@QAE@ABVLNItem@@@Z
??0LNNumbers@@QAE@XZ
??0LNNumbersElement@@AAE@PAVLNNumbersBody@@K@Z
??0LNNumbersElement@@QAE@ABV0@@Z
??0LNOLEObject@@QAE@ABV0@@Z
??0LNOLEObject@@QAE@ABVLNItem@@@Z
??0LNOLEObject@@QAE@XZ
??0LNOLEObjectArray@@QAE@ABV0@@Z
??0LNOLEObjectArray@@QAE@XZ
??0LNObjectList@@QAE@XZ
??0LNOutline@@AAE@PAVLNDatabaseBody@@K@Z
??0LNOutline@@QAE@ABV0@@Z
??0LNOutline@@QAE@ABVLNNote@@@Z
??0LNOutline@@QAE@XZ
??0LNOutlineArray@@QAE@ABV0@@Z
??0LNOutlineArray@@QAE@XZ
??0LNPMMetafile@@QAE@ABV0@@Z
??0LNPMMetafile@@QAE@ABVLNRTObject@@@Z
??0LNPMMetafile@@QAE@XZ
??0LNPMMetafileSegment@@QAE@ABV0@@Z
??0LNPMMetafileSegment@@QAE@ABVLNRTObject@@@Z
??0LNPMMetafileSegment@@QAE@XZ
??0LNPage@@AAE@PAVLNDatabaseBody@@K@Z
??0LNPage@@QAE@ABV0@@Z
??0LNPage@@QAE@ABVLNNote@@@Z
??0LNPage@@QAE@XZ
??0LNPageArray@@QAE@ABV0@@Z
??0LNPageArray@@QAE@XZ
??0LNParagraphStyle@@IAE@PAVLNParagraphStyleBody@@@Z
??0LNParagraphStyle@@QAE@ABV0@@Z
??0LNParagraphStyle@@QAE@XZ
??0LNProfileDocument@@QAE@ABV0@@Z
??0LNProfileDocument@@QAE@XZ
??0LNProfileDocumentArray@@QAE@ABV0@@Z
??0LNProfileDocumentArray@@QAE@XZ
??0LNRTAttachment@@IAE@ABVLNAttachment@@@Z
??0LNRTAttachment@@IAE@ABVLNString@@0@Z
??0LNRTAttachment@@QAE@ABV0@@Z
??0LNRTAttachment@@QAE@ABVLNRTObject@@@Z
??0LNRTAttachment@@QAE@XZ
??0LNRTComputedSubform@@IAE@PAVLNRTSubformBody@@@Z
??0LNRTComputedSubform@@QAE@ABV0@@Z
??0LNRTComputedSubform@@QAE@ABVLNFormula@@@Z
??0LNRTComputedSubform@@QAE@ABVLNRTObject@@@Z
??0LNRTComputedSubform@@QAE@XZ
??0LNRTContainer@@IAE@PAVLNRTContainerBody@@@Z
??0LNRTContainer@@QAE@ABV0@@Z
??0LNRTContainer@@QAE@ABVLNRTObject@@@Z
??0LNRTContainer@@QAE@XZ
??0LNRTCursor@@IAE@ABVLNRTElement@@H@Z
??0LNRTCursor@@IAE@PAVLNStylizedTextBody@@KH@Z
??0LNRTCursor@@QAE@ABV0@@Z
??0LNRTCursor@@QAE@XZ
??0LNRTElement@@IAE@PAVLNRTElementBody@@@Z
??0LNRTElement@@QAE@ABV0@@Z
??0LNRTElement@@QAE@ABVLNRTObject@@@Z
??0LNRTElement@@QAE@XZ
??0LNRTEmbeddedObject@@IAE@ABV0@@Z
??0LNRTEmbeddedObject@@IAE@ABVLNRTObject@@@Z
??0LNRTEmbeddedObject@@IAE@XZ
??0LNRTJavaApplet@@IAE@PAVLNRTJavaAppletBody@@@Z
??0LNRTJavaApplet@@QAE@ABV0@@Z
??0LNRTJavaApplet@@QAE@ABVLNRTObject@@@Z
??0LNRTJavaApplet@@QAE@XZ
??0LNRTOLEObject@@IAE@ABVLNNote@@W4LNOLECLIPBOARDFORMAT@@ABVLNString@@PAV3@@Z
??0LNRTOLEObject@@IAE@PAVLNRTOLEObjectBody@@@Z
??0LNRTOLEObject@@QAE@ABV0@@Z
??0LNRTOLEObject@@QAE@ABVLNRTObject@@@Z
??0LNRTOLEObject@@QAE@XZ
??0LNRTObject@@IAE@PAVLNRTObjectBody@@@Z
??0LNRTObject@@IAE@PAVLNStylizedTextBody@@K@Z
??0LNRTObject@@QAE@ABV0@@Z
??0LNRTObject@@QAE@XZ
??0LNRTSubform@@AAE@ABVLNString@@@Z
??0LNRTSubform@@AAE@ABVLNSubform@@@Z
??0LNRTSubform@@AAE@PAVLNRTSubformBody@@@Z
??0LNRTSubform@@QAE@ABV0@@Z
??0LNRTSubform@@QAE@ABVLNRTObject@@@Z
??0LNRTSubform@@QAE@XZ
??0LNRegistrationOptions@@QAE@ABV0@@Z
??0LNRegistrationOptions@@QAE@XZ
??0LNReplicationFileStatistics@@AAE@PAUREPLFILESTATS@@@Z
??0LNReplicationFileStatistics@@QAE@ABV0@@Z
??0LNReplicationFileStatistics@@QAE@XZ
??0LNReplicationOptions@@QAE@ABV0@@Z
??0LNReplicationOptions@@QAE@XZ
??0LNReplicationStatistics@@AAE@PAUREPLSERVSTATS@@@Z
??0LNReplicationStatistics@@QAE@ABV0@@Z
??0LNReplicationStatistics@@QAE@XZ
??0LNRichText@@IAE@PAVLNRichTextBody@@@Z
??0LNRichText@@QAE@ABV0@@Z
??0LNRichText@@QAE@ABVLNItem@@@Z
??0LNRichText@@QAE@ABVLNString@@@Z
??0LNRichText@@QAE@XZ
??0LNScriptLibrary@@AAE@PAVLNDatabaseBody@@K@Z
??0LNScriptLibrary@@QAE@ABV0@@Z
??0LNScriptLibrary@@QAE@ABVLNNote@@@Z
??0LNScriptLibrary@@QAE@XZ
??0LNScriptLibraryArray@@QAE@ABV0@@Z
??0LNScriptLibraryArray@@QAE@XZ
??0LNSearch@@IAE@PAVLNSearchBody@@@Z
??0LNSearch@@IAE@W4LNSEARCHTYPE@@@Z
??0LNSearch@@QAE@ABV0@@Z
??0LNSearch@@QAE@XZ
??0LNSearchByAuthor@@QAE@ABV0@@Z
??0LNSearchByAuthor@@QAE@ABVLNSearch@@@Z
??0LNSearchByAuthor@@QAE@ABVLNText@@H@Z
??0LNSearchByAuthor@@QAE@XZ
??0LNSearchByDate@@QAE@ABV0@@Z
??0LNSearchByDate@@QAE@ABVLNSearch@@@Z
??0LNSearchByDate@@QAE@HW4LNSEARCHDATECOND@@ABVLNDatetime@@1K@Z
??0LNSearchByDate@@QAE@XZ
??0LNSearchByDateInField@@QAE@ABV0@@Z
??0LNSearchByDateInField@@QAE@ABVLNSearch@@@Z
??0LNSearchByDateInField@@QAE@ABVLNString@@W4LNSEARCHDATECOND@@ABVLNDatetime@@2@Z
??0LNSearchByDateInField@@QAE@XZ
??0LNSearchByFieldsInForm@@QAE@ABV0@@Z
??0LNSearchByFieldsInForm@@QAE@ABVLNSearch@@@Z
??0LNSearchByFieldsInForm@@QAE@ABVLNString@@ABVLNText@@1@Z
??0LNSearchByFieldsInForm@@QAE@XZ
??0LNSearchByFormUsed@@QAE@ABV0@@Z
??0LNSearchByFormUsed@@QAE@ABVLNSearch@@@Z
??0LNSearchByFormUsed@@QAE@ABVLNText@@@Z
??0LNSearchByFormUsed@@QAE@XZ
??0LNSearchByNumberInField@@QAE@ABV0@@Z
??0LNSearchByNumberInField@@QAE@ABVLNSearch@@@Z
??0LNSearchByNumberInField@@QAE@ABVLNString@@W4LNSEARCHNUMBERCOND@@ABN2@Z
??0LNSearchByNumberInField@@QAE@XZ
??0LNSearchByPlainText@@QAE@ABV0@@Z
??0LNSearchByPlainText@@QAE@ABVLNSearch@@@Z
??0LNSearchByPlainText@@QAE@ABVLNString@@@Z
??0LNSearchByPlainText@@QAE@XZ
??0LNSearchByTextInField@@QAE@ABV0@@Z

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 492KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libexpat.dll
.dll windows:4 windows x86 arch:x86

77490ab734edfa7a4db2fa3d897f18f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileType
HeapReAlloc
HeapAlloc
GetCommandLineA
GetVersion
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
RtlUnwind
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
HeapFree
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Exports

Exports

XML_DefaultCurrent
XML_ErrorString
XML_ExpatVersion
XML_ExpatVersionInfo
XML_ExternalEntityParserCreate
XML_FreeContentModel
XML_GetBase
XML_GetBuffer
XML_GetCurrentByteCount
XML_GetCurrentByteIndex
XML_GetCurrentColumnNumber
XML_GetCurrentLineNumber
XML_GetErrorCode
XML_GetFeatureList
XML_GetIdAttributeIndex
XML_GetInputContext
XML_GetSpecifiedAttributeCount
XML_MemFree
XML_MemMalloc
XML_MemRealloc
XML_Parse
XML_ParseBuffer
XML_ParserCreate
XML_ParserCreateNS
XML_ParserCreate_MM
XML_ParserFree
XML_ParserReset
XML_SetAttlistDeclHandler
XML_SetBase
XML_SetCdataSectionHandler
XML_SetCharacterDataHandler
XML_SetCommentHandler
XML_SetDefaultHandler
XML_SetDefaultHandlerExpand
XML_SetDoctypeDeclHandler
XML_SetElementDeclHandler
XML_SetElementHandler
XML_SetEncoding
XML_SetEndCdataSectionHandler
XML_SetEndDoctypeDeclHandler
XML_SetEndElementHandler
XML_SetEndNamespaceDeclHandler
XML_SetEntityDeclHandler
XML_SetExternalEntityRefHandler
XML_SetExternalEntityRefHandlerArg
XML_SetNamespaceDeclHandler
XML_SetNotStandaloneHandler
XML_SetNotationDeclHandler
XML_SetParamEntityParsing
XML_SetProcessingInstructionHandler
XML_SetReturnNSTriplet
XML_SetSkippedEntityHandler
XML_SetStartCdataSectionHandler
XML_SetStartDoctypeDeclHandler
XML_SetStartElementHandler
XML_SetStartNamespaceDeclHandler
XML_SetUnknownEncodingHandler
XML_SetUnparsedEntityDeclHandler
XML_SetUserData
XML_SetXmlDeclHandler
XML_UseForeignDTD
XML_UseParserAsHandlerArg

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libxml2.dll
.dll windows:4 windows x86 arch:x86

beb206990ace73d28461bedfc99714bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

inet_ntoa
WSACleanup
__WSAFDIsSet
getsockopt
WSAGetLastError
WSAStartup
getsockname
bind
listen
gethostbyname
htons
socket
connect
send
select
recv
closesocket

iconv

libiconv
libiconv_open
libiconv_close

zlib1

inflateEnd
inflateInit2_
inflate
gzopen
gzdopen
gzread
gzwrite
gzclose
deflateEnd
crc32
deflateInit2_
deflate
gzrewind

kernel32

TlsSetValue
WaitForSingleObject
CloseHandle
CreateMutexA
GetModuleHandleA
GetModuleFileNameA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedCompareExchange
GetCurrentThreadId
TlsFree
Sleep
TlsAlloc
InterlockedIncrement
TlsGetValue
MultiByteToWideChar
GetProcAddress
FreeLibrary
LoadLibraryA
GetVersionExA
ReleaseMutex

msvcrt

_read
_close
_open
_adjust_fdiv
_initterm
_CIfmod
_CIpow
_write
_dup
vfprintf
fprintf
getenv
strncpy
_snprintf
_iob
fputc
fclose
fopen
sscanf
free
toupper
memmove
_errno
_getcwd
_vsnprintf
realloc
malloc
strchr
strncmp
strtol
fwrite
_wfopen
_stat
_wstat
fread
fflush
printf
floor
_isnan
_fpclass

Exports

Exports

UTF8ToHtml
UTF8Toisolat1
__docbDefaultSAXHandler
__htmlDefaultSAXHandler
__oldXMLWDcompatibility
__xmlBufferAllocScheme
__xmlDefaultBufferSize
__xmlDefaultSAXHandler
__xmlDefaultSAXLocator
__xmlDeregisterNodeDefaultValue
__xmlDoValidityCheckingDefaultValue
__xmlErrEncoding
__xmlGenericError
__xmlGenericErrorContext
__xmlGetWarningsDefaultValue
__xmlIndentTreeOutput
__xmlKeepBlanksDefaultValue
__xmlLastError
__xmlLineNumbersDefaultValue
__xmlLoadExtDtdDefaultValue
__xmlOutputBufferCreateFilenameValue
__xmlParserDebugEntities
__xmlParserInputBufferCreateFilenameValue
__xmlParserVersion
__xmlPedanticParserDefaultValue
__xmlRaiseError
__xmlRegisterNodeDefaultValue
__xmlSaveNoEmptyTags
__xmlSimpleError
__xmlStructuredError
__xmlSubstituteEntitiesDefaultValue
__xmlTreeIndentString
attribute
attributeDecl
cdataBlock
characters
checkNamespace
comment
docbCreateFileParserCtxt
docbCreatePushParserCtxt
docbDefaultSAXHandlerInit
docbEncodeEntities
docbFreeParserCtxt
docbParseChunk
docbParseDoc
docbParseDocument
docbParseFile
docbSAXParseDoc
docbSAXParseFile
elementDecl
emptyExp
endDocument
endElement
entityDecl
externalSubset
forbiddenExp
getColumnNumber
getEntity
getLineNumber
getNamespace
getParameterEntity
getPublicId
getSystemId
globalNamespace
hasExternalSubset
hasInternalSubset
htmlAttrAllowed
htmlAutoCloseTag
htmlCreateFileParserCtxt
htmlCreateMemoryParserCtxt
htmlCreatePushParserCtxt
htmlCtxtReadDoc
htmlCtxtReadFd
htmlCtxtReadFile
htmlCtxtReadIO
htmlCtxtReadMemory
htmlCtxtReset
htmlCtxtUseOptions
htmlDefaultSAXHandlerInit
htmlDocContentDumpFormatOutput
htmlDocContentDumpOutput
htmlDocDump
htmlDocDumpMemory
htmlDocDumpMemoryFormat
htmlElementAllowedHere
htmlElementStatusHere
htmlEncodeEntities
htmlEntityLookup
htmlEntityValueLookup
htmlFreeParserCtxt
htmlGetMetaEncoding
htmlHandleOmittedElem
htmlInitAutoClose
htmlIsAutoClosed
htmlIsBooleanAttr
htmlIsScriptAttribute
htmlNewDoc
htmlNewDocNoDtD
htmlNewParserCtxt
htmlNodeDump
htmlNodeDumpFile
htmlNodeDumpFileFormat
htmlNodeDumpFormatOutput
htmlNodeDumpOutput
htmlNodeStatus
htmlParseCharRef
htmlParseChunk
htmlParseDoc
htmlParseDocument
htmlParseElement
htmlParseEntityRef
htmlParseFile
htmlReadDoc
htmlReadFd
htmlReadFile
htmlReadIO
htmlReadMemory
htmlSAXParseDoc
htmlSAXParseFile
htmlSaveFile
htmlSaveFileEnc
htmlSaveFileFormat
htmlSetMetaEncoding
htmlTagLookup
ignorableWhitespace
initGenericErrorDefaultFunc
initdocbDefaultSAXHandler
inithtmlDefaultSAXHandler
initxmlDefaultSAXHandler
inputPop
inputPush
internalSubset
isStandalone
isolat1ToUTF8
namePop
namePush
namespaceDecl
nodePop
nodePush
notationDecl
processingInstruction
reference
resolveEntity
setDocumentLocator
setNamespace
startDocument
startElement
unparsedEntityDecl
valuePop
valuePush
xlinkGetDefaultDetect
xlinkGetDefaultHandler
xlinkIsLink
xlinkSetDefaultDetect
xlinkSetDefaultHandler
xmlACatalogAdd
xmlACatalogDump
xmlACatalogRemove
xmlACatalogResolve
xmlACatalogResolvePublic
xmlACatalogResolveSystem
xmlACatalogResolveURI
xmlAddAttributeDecl
xmlAddChild
xmlAddChildList
xmlAddDocEntity
xmlAddDtdEntity
xmlAddElementDecl
xmlAddEncodingAlias
xmlAddID
xmlAddNextSibling
xmlAddNotationDecl
xmlAddPrevSibling
xmlAddRef
xmlAddSibling
xmlAllocOutputBuffer
xmlAllocParserInputBuffer
xmlAttrSerializeTxtContent
xmlAutomataCompile
xmlAutomataGetInitState
xmlAutomataIsDeterminist
xmlAutomataNewAllTrans
xmlAutomataNewCountTrans
xmlAutomataNewCountTrans2
xmlAutomataNewCountedTrans
xmlAutomataNewCounter
xmlAutomataNewCounterTrans
xmlAutomataNewEpsilon
xmlAutomataNewNegTrans
xmlAutomataNewOnceTrans
xmlAutomataNewOnceTrans2
xmlAutomataNewState
xmlAutomataNewTransition
xmlAutomataNewTransition2
xmlAutomataSetFinalState
xmlBoolToText
xmlBufferAdd
xmlBufferAddHead
xmlBufferCCat
xmlBufferCat
xmlBufferContent
xmlBufferCreate
xmlBufferCreateSize
xmlBufferCreateStatic
xmlBufferDump
xmlBufferEmpty
xmlBufferFree
xmlBufferGrow
xmlBufferLength
xmlBufferResize
xmlBufferSetAllocationScheme
xmlBufferShrink
xmlBufferWriteCHAR
xmlBufferWriteChar
xmlBufferWriteQuotedString
xmlBuildQName
xmlBuildRelativeURI
xmlBuildURI
xmlByteConsumed
xmlC14NDocDumpMemory
xmlC14NDocSave
xmlC14NDocSaveTo
xmlC14NExecute
xmlCanonicPath
xmlCatalogAdd
xmlCatalogAddLocal
xmlCatalogCleanup
xmlCatalogConvert
xmlCatalogDump
xmlCatalogFreeLocal
xmlCatalogGetDefaults
xmlCatalogGetPublic
xmlCatalogGetSystem
xmlCatalogIsEmpty
xmlCatalogLocalResolve
xmlCatalogLocalResolveURI
xmlCatalogRemove
xmlCatalogResolve
xmlCatalogResolvePublic
xmlCatalogResolveSystem
xmlCatalogResolveURI
xmlCatalogSetDebug
xmlCatalogSetDefaultPrefer
xmlCatalogSetDefaults
xmlCharEncCloseFunc
xmlCharEncFirstLine
xmlCharEncInFunc
xmlCharEncOutFunc
xmlCharInRange
xmlCharStrdup
xmlCharStrndup
xmlCheckFilename
xmlCheckHTTPInput
xmlCheckLanguageID
xmlCheckUTF8
xmlCheckVersion
xmlCleanupCharEncodingHandlers
xmlCleanupEncodingAliases
xmlCleanupGlobals
xmlCleanupInputCallbacks
xmlCleanupMemory
xmlCleanupOutputCallbacks
xmlCleanupParser
xmlCleanupPredefinedEntities
xmlCleanupThreads
xmlClearNodeInfoSeq
xmlClearParserCtxt
xmlConvertSGMLCatalog
xmlCopyAttributeTable
xmlCopyChar
xmlCopyCharMultiByte
xmlCopyDoc
xmlCopyDocElementContent
xmlCopyDtd
xmlCopyElementContent
xmlCopyElementTable
xmlCopyEntitiesTable
xmlCopyEnumeration
xmlCopyError
xmlCopyNamespace
xmlCopyNamespaceList
xmlCopyNode
xmlCopyNodeList
xmlCopyNotationTable
xmlCopyProp
xmlCopyPropList
xmlCreateDocParserCtxt
xmlCreateEntitiesTable
xmlCreateEntityParserCtxt
xmlCreateEnumeration
xmlCreateFileParserCtxt
xmlCreateIOParserCtxt
xmlCreateIntSubset
xmlCreateMemoryParserCtxt
xmlCreatePushParserCtxt
xmlCreateURI
xmlCreateURLParserCtxt
xmlCtxtGetLastError
xmlCtxtReadDoc
xmlCtxtReadFd
xmlCtxtReadFile
xmlCtxtReadIO
xmlCtxtReadMemory
xmlCtxtReset
xmlCtxtResetLastError
xmlCtxtResetPush
xmlCtxtUseOptions
xmlCurrentChar
xmlDOMWrapAdoptNode
xmlDOMWrapCloneNode
xmlDOMWrapFreeCtxt
xmlDOMWrapNewCtxt
xmlDOMWrapReconcileNamespaces
xmlDOMWrapRemoveNode
xmlDebugCheckDocument
xmlDebugDumpAttr
xmlDebugDumpAttrList
xmlDebugDumpDTD
xmlDebugDumpDocument
xmlDebugDumpDocumentHead
xmlDebugDumpEntities
xmlDebugDumpNode
xmlDebugDumpNodeList
xmlDebugDumpOneNode
xmlDebugDumpString
xmlDecodeEntities
xmlDefaultSAXHandlerInit
xmlDelEncodingAlias
xmlDeregisterNodeDefault
xmlDetectCharEncoding
xmlDictCleanup
xmlDictCreate
xmlDictCreateSub
xmlDictExists
xmlDictFree
xmlDictLookup
xmlDictOwns
xmlDictQLookup
xmlDictReference
xmlDictSize
xmlDocCopyNode
xmlDocCopyNodeList
xmlDocDump
xmlDocDumpFormatMemory
xmlDocDumpFormatMemoryEnc
xmlDocDumpMemory
xmlDocDumpMemoryEnc
xmlDocFormatDump
xmlDocGetRootElement
xmlDocSetRootElement
xmlDumpAttributeDecl
xmlDumpAttributeTable
xmlDumpElementDecl
xmlDumpElementTable
xmlDumpEntitiesTable
xmlDumpEntityDecl
xmlDumpNotationDecl
xmlDumpNotationTable
xmlElemDump
xmlEncodeEntities
xmlEncodeEntitiesReentrant
xmlEncodeSpecialChars
xmlErrMemory
xmlExpCtxtNbCons
xmlExpCtxtNbNodes
xmlExpDump
xmlExpExpDerive
xmlExpFree
xmlExpFreeCtxt
xmlExpGetLanguage
xmlExpGetStart
xmlExpIsNillable
xmlExpMaxToken
xmlExpNewAtom
xmlExpNewCtxt
xmlExpNewOr
xmlExpNewRange
xmlExpNewSeq
xmlExpParse
xmlExpRef
xmlExpStringDerive
xmlExpSubsume
xmlFileClose
xmlFileMatch
xmlFileOpen
xmlFileRead
xmlFindCharEncodingHandler
xmlFree
xmlFreeAttributeTable
xmlFreeAutomata
xmlFreeCatalog
xmlFreeDoc
xmlFreeDocElementContent
xmlFreeDtd
xmlFreeElementContent
xmlFreeElementTable
xmlFreeEntitiesTable
xmlFreeEnumeration
xmlFreeIDTable
xmlFreeInputStream
xmlFreeMutex
xmlFreeNode
xmlFreeNodeList
xmlFreeNotationTable
xmlFreeNs
xmlFreeNsList
xmlFreeParserCtxt
xmlFreeParserInputBuffer
xmlFreePattern
xmlFreePatternList
xmlFreeProp
xmlFreePropList
xmlFreeRMutex
xmlFreeRefTable
xmlFreeStreamCtxt
xmlFreeTextReader
xmlFreeTextWriter
xmlFreeURI
xmlFreeValidCtxt
xmlGcMemGet
xmlGcMemSetup
xmlGetBufferAllocationScheme
xmlGetCharEncodingHandler
xmlGetCharEncodingName
xmlGetCompressMode
xmlGetDocCompressMode
xmlGetDocEntity
xmlGetDtdAttrDesc
xmlGetDtdElementDesc
xmlGetDtdEntity
xmlGetDtdNotationDesc
xmlGetDtdQAttrDesc
xmlGetDtdQElementDesc
xmlGetEncodingAlias
xmlGetExternalEntityLoader
xmlGetFeature
xmlGetFeaturesList
xmlGetGlobalState
xmlGetID
xmlGetIntSubset
xmlGetLastChild
xmlGetLastError
xmlGetLineNo
xmlGetNoNsProp
xmlGetNodePath
xmlGetNsList
xmlGetNsProp
xmlGetParameterEntity
xmlGetPredefinedEntity
xmlGetProp
xmlGetRefs
xmlGetThreadId
xmlGetUTF8Char
xmlHandleEntity
xmlHasFeature
xmlHasNsProp
xmlHasProp
xmlHashAddEntry
xmlHashAddEntry2
xmlHashAddEntry3
xmlHashCopy
xmlHashCreate
xmlHashCreateDict
xmlHashFree
xmlHashLookup
xmlHashLookup2
xmlHashLookup3
xmlHashQLookup
xmlHashQLookup2
xmlHashQLookup3
xmlHashRemoveEntry
xmlHashRemoveEntry2
xmlHashRemoveEntry3
xmlHashScan
xmlHashScan3
xmlHashScanFull
xmlHashScanFull3
xmlHashSize
xmlHashUpdateEntry
xmlHashUpdateEntry2
xmlHashUpdateEntry3
xmlIOFTPClose
xmlIOFTPMatch
xmlIOFTPOpen
xmlIOFTPRead
xmlIOHTTPClose
xmlIOHTTPMatch
xmlIOHTTPOpen
xmlIOHTTPOpenW
xmlIOHTTPRead
xmlIOParseDTD
xmlInitCharEncodingHandlers
xmlInitGlobals
xmlInitMemory
xmlInitNodeInfoSeq
xmlInitParser
xmlInitParserCtxt
xmlInitThreads
xmlInitializeCatalog
xmlInitializeGlobalState

Sections

.text
Size: 721KB - Virtual size: 720KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modem_inf.inf
modem_inf64.inf
temppb.vcf
uninst.exe
.exe windows:5 windows x86 arch:x86

bf95d1fc1d10de18b32654b123ad5e1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
lstrcpynA
CloseHandle
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
CreateFileW
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrlenW

user32

ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 564KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/DIALOG/103
.rsrc/DIALOG/105
.rsrc/DIALOG/106
.rsrc/DIALOG/111
.rsrc/DIALOG/203
.rsrc/DIALOG/205
.rsrc/DIALOG/206
.rsrc/DIALOG/211
.rsrc/DIALOG/303
.rsrc/DIALOG/305
.rsrc/DIALOG/306
.rsrc/DIALOG/311
.rsrc/GROUP_ICON/103
.rsrc/ICON/1.ico
.rsrc/ICON/2.ico
.rsrc/MANIFEST/1
.xml
.text
zlib1.dll
.dll windows:4 windows x86 arch:x86

07761085e6d5abbc4cbf0976d6b9a264

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetAtomNameA

msvcrt

_fdopen
__dllonexit
_errno
_filelengthi64
_vsnprintf
abort
clearerr
fclose
fflush
fgetpos
fopen
fprintf
fputc
fread
free
fsetpos
fwrite
malloc
memcpy
memset
sprintf
strcat
strcpy
strerror
strlen

Exports

Exports

DllGetVersion
_dist_code
_length_code
_tr_align
_tr_flush_block
_tr_init
_tr_stored_block
_tr_tally
adler32
adler32_combine
compress
compress2
compressBound
crc32
crc32_combine
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePrime
deflateReset
deflateSetDictionary
deflateSetHeader
deflateTune
deflate_copyright
get_crc_table
gzclearerr
gzclose
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgets
gzopen
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzsetparams
gztell
gzungetc
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCopy
inflateEnd
inflateGetHeader
inflateInit2_
inflateInit_
inflatePrime
inflateReset
inflateSetDictionary
inflateSync
inflateSyncPoint
inflate_copyright
inflate_fast
inflate_table
uncompress
zError
z_errmsg
zcalloc
zcfree
zlibCompileFlags
zlibVersion

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 144B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
手机编辑器.chm
.chm
手機編輯器.chm
.chm

Sharing

General

Malware Config

Signatures

Files

bf95d1fc1d10de18b32654b123ad5e1f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 452KB

.ndata Size: - Virtual size: 564KB

.rsrc Size: 6KB - Virtual size: 6KB

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 17KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

e981c0ab92cb1f191bb5e23392e14796

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 729B

.data Size: - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 352B

.reloc Size: 512B - Virtual size: 350B

6ab72ceb43711bcd8bede6b1acd0d245

Headers

File Characteristics

Imports

kernel32

advapi32

cfgmgr32

comctl32

user32

gdi32

winspool.drv

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 60KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 27KB

.reloc Size: 12KB - Virtual size: 10KB

b9dbc9579fe06c914154a65471b4d8e2

Headers

File Characteristics

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 452KB

.ndata
Size: - Virtual size: 564KB

.rsrc
Size: 6KB - Virtual size: 6KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 17KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 729B

.data
Size: - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 350B

.text
Size: 64KB - Virtual size: 60KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 27KB

.reloc
Size: 12KB - Virtual size: 10KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 32B - Virtual size: 8B

.edata
Size: 192B - Virtual size: 169B

INIT
Size: 960B - Virtual size: 960B

.rsrc
Size: 960B - Virtual size: 960B

.reloc
Size: 384B - Virtual size: 374B

.text
Size: 140KB - Virtual size: 137KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 20KB - Virtual size: 33KB

.rsrc
Size: 12KB - Virtual size: 9KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 17KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 27KB - Virtual size: 26KB

.data
Size: 2KB - Virtual size: 10KB

.pdata
Size: 2KB - Virtual size: 1KB