b4e26311fbe63ad656a96fa8d9c94274_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b4e26311fbe63ad656a96fa8d9c94274_JaffaCakes118
Size

6.8MB
MD5

b4e26311fbe63ad656a96fa8d9c94274
SHA1

62b74cdb79c945b9fab16560047a02ebe92ba449
SHA256

f8a7421e8b85325c9b01b23c5b2b0b1fd774fcd4b10b747e4e91cd789c936654
SHA512

ebb32a9e73000759d4f62e915cc4db9df342e8e63c18f7245a7349ea5451f86f7e1026bf1ebe10cbcbc928d8b8e1429bd28c8e386b60c4c24cb6b6f6fe377706
SSDEEP

196608:uNruDcl9vcRYQ7Y+hKLknBF2Ea2MX7ayw:uBqcl9vcRfZhKLknqEa3Dw

Score

3^/10

Malware Config

Signatures

Unsigned PE 45 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Doublepulsar-1.3.1.exe
unpack001/Eternalblue-2.2.0.exe
unpack001/_pytrch.pyd
unpack001/adfw-2.dll
unpack001/adfw.dll
unpack001/cnli-0.dll
unpack001/cnli-1.dll
unpack001/coli-0.dll
unpack001/crli-0.dll
unpack001/dmgd-1.dll
unpack001/dmgd-4.dll
unpack001/esco-0.dll
unpack001/exma-1.dll
unpack001/exma.dll
unpack001/iconv.dll
unpack001/libcurl.dll
unpack001/libeay32.dll
unpack001/libiconv-2.dll
unpack001/libxml2.dll
unpack001/payload32.dll
unpack001/payload64.dll
unpack001/pcla-0.dll
unpack001/pcre-0.dll
unpack001/pcrecpp-0.dll
unpack001/pcreposix-0.dll
unpack001/posh-0.dll
unpack001/posh.dll
unpack001/riar-2.dll
unpack001/riar.dll
unpack001/ssleay32.dll
unpack001/tibe-1.dll
unpack001/tibe-2.dll
unpack001/tibe.dll
unpack001/trch-0.dll
unpack001/trch-1.dll
unpack001/trch.dll
unpack001/trfo-0.dll
unpack001/trfo-2.dll
unpack001/trfo.dll
unpack001/tucl-1.dll
unpack001/tucl.dll
unpack001/ucl.dll
unpack001/xdvl-0.dll
unpack001/zibe.dll
unpack001/zlib1.dll

Files

b4e26311fbe63ad656a96fa8d9c94274_JaffaCakes118
.zip
Doublepulsar-1.3.1.exe
.exe windows:5 windows x86 arch:x86

2ef98d303937b8d317d5ce3aea3e144e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetTickCount
GetLastError

trfo-2

TfReadFileIntoBuffer
TfFree
TfWriteBufferIntoFile
TfStrICmp

trch-1

Parameter_U32_getValue
Parameter_LocalFile_getValue
Parameter_Port_getValue
Parameter_IPv4_getValue
Params_findParameter
Parameter_S16_getValue
Params_findParamchoice
Paramchoice_getValue
Parameter_String_getValue

tucl-1

TcLog

ws2_32

inet_addr
inet_ntoa
htons

coli-0

mainWrapper
coli_setProcess
coli_setID
coli_setCleanup
coli_delete
coli_create
coli_setValidate

tibe-2

TbPutAlign
TbPutLong
TbPutBuff
TbWinsockStartup
TbFreeStructBuffers
TbFinishSocket
TbCleanSB
TbDoSmbPacket
TbMakeSmbHeader
TbPutTransact
TbPutShort
TbPutByte
TbSetRemoteSocketData
TbMakeSocket
TbSetAuthenticationData
TbDoSmbStartup
TbInitStruct

cnli-1

CNEString_strstr
CNEString_vsnprintf
byteSwapShort
CNEMem_cleanNClearNDestroyPointer
CNESocket_close
CNEMem_cleanNClear
CNESocket_send
CNESocket_recv
CNESocket_getOSError
CNESocket_create
byteSwapLong
CNE_allocateCleanMemoryFunc
CNEString_strlen
CNESystemWin_sleep
CNESocket_connect

xdvl-0

XDevLib_generateRandomSequence
XDevLib_xorMask

ssleay32

ord96
ord172
ord12
ord21
ord75
ord87
ord43
ord48
ord8
ord108
ord78
ord58
ord183

msvcrt

_controlfp
?terminate@@YAXXZ
_unlink
memset
memcpy
srand
memmove
__getmainargs
_cexit
_exit
_XcptFilter
exit
_initterm
_amsg_exit
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Eternalblue-2.2.0.exe
.exe windows:5 windows x86 arch:x86

43ab0829235f0f3299a0baee637645e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
Sleep
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetSystemTime
SystemTimeToFileTime
GetTickCount
InitializeCriticalSection
CreateEventW
CreateThread
GetLastError
GetExitCodeThread
DeleteCriticalSection
CloseHandle
WaitForMultipleObjects
WaitForSingleObject
SetEvent
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId

trch-1

Parameter_Port_getValue
Params_findParameter
Parameter_Boolean_setValue
Params_findParamchoice
Paramchoice_hasValue
Paramchoice_getValue
Parameter_hasValue
Parameter_U32_getValue
Parameter_S16_getValue
Parameter_IPv4_getValue
Parameter_Boolean_getValue

tucl-1

TcLogBuffer
TcLog

ws2_32

inet_ntoa
WSAStartup
socket
WSAGetLastError
setsockopt
htonl
connect
recvfrom
select
sendto
ntohs
send
recv
WSACleanup
closesocket
accept
listen
bind
htons
inet_addr

coli-0

coli_setCleanup
coli_create
coli_delete
mainWrapper
coli_setValidate
coli_setID
coli_setProcess

msvcrt

srand
strcmp
time
_snprintf
strncpy
rand
gmtime
sscanf
tolower
toupper
islower
strncat
pow
strlen
memcmp
strtoul
memmove
__getmainargs
_cexit
_exit
_XcptFilter
exit
_initterm
_amsg_exit
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_controlfp
memcpy
realloc
free
memset
malloc
_iob
fprintf
abort
printf

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_pytrch.pyd
.dll windows:5 windows x86 arch:x86

1c7426faaa158f59a13ac3b5eb32ea6f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

trch-1

Parameter_LocalFile_setValue
Parameter_LocalFile_List_create
Parameter_LocalFile_List_getSize
Parameter_LocalFile_List_getValue
Parameter_LocalFile_List_setValue
Parameter_Port_setValue
Parameter_Port_List_getSize
Parameter_Port_List_getValue
Parameter_S8_create
Parameter_S8_setValue
Parameter_S8_List_create
Parameter_S8_List_getSize
Parameter_S8_List_getValue
Parameter_S16_create
Parameter_S16_setValue
Parameter_S16_List_create
Parameter_S16_List_getSize
Parameter_S16_List_getValue
Parameter_S32_create
Parameter_S32_setValue
Parameter_S32_List_create
Parameter_S32_List_getSize
Parameter_S32_List_getValue
Parameter_S64_create
Parameter_S64_setValue
Parameter_S64_List_create
Parameter_S64_List_getSize
Parameter_S64_List_getValue
Parameter_Socket_create
Parameter_Socket_setValue
Parameter_Socket_List_create
Parameter_Socket_List_getSize
Parameter_Socket_List_getValue
Parameter_String_create
Parameter_String_setValue
Parameter_String_List_create
Parameter_String_List_getSize
Parameter_String_List_getValue
Parameter_String_List_setValue
Parameter_TcpPort_create
Parameter_TcpPort_List_create
Parameter_U8_create
Parameter_U8_setValue
Parameter_U8_List_create
Parameter_U8_List_getSize
Parameter_U8_List_getValue
Parameter_U16_create
Parameter_U16_setValue
Parameter_U16_List_create
Parameter_U16_List_getSize
Parameter_U16_List_getValue
Parameter_U32_create
Parameter_U32_setValue
Parameter_U32_List_create
Parameter_U32_List_getSize
Parameter_U32_List_getValue
Parameter_U64_create
Parameter_U64_setValue
Parameter_U64_List_create
Parameter_U64_List_getSize
Parameter_U64_List_getValue
Parameter_UdpPort_create
Parameter_UdpPort_List_create
Parameter_UString_create
Parameter_UString_setValue
Parameter_UString_List_create
Parameter_UString_List_getSize
Parameter_UString_List_getValue
Parameter_UString_List_setValue
Paramgroup_addParamchoice
Paramgroup_addParameter
Paramgroup_create
Paramgroup_delete
Parameter_LocalFile_create
Paramgroup_getName
Paramgroup_getNumParamchoices
Paramgroup_getNumParameters
Paramgroup_getParamchoice
Paramgroup_getParameter
Paramgroup_isValid
Paramgroup_matchName
Paramgroup_removeParameter
List_format
Scalar_format
Boolean_type
Buffer_type
IPv4_type
IPv6_type
LocalFile_type
S8_type
S16_type
S32_type
S64_type
Socket_type
String_type
TcpPort_type
U8_type
U16_type
U32_type
U64_type
UdpPort_type
UString_type
Boolean_marshal
Buffer_marshal
Buffer_List_marshal
IPv4_marshal
IPv4_List_marshal
IPv6_marshal
IPv6_List_marshal
LocalFile_marshal
LocalFile_List_marshal
Port_marshal
S8_marshal
S16_marshal
S32_marshal
S64_marshal
Socket_marshal
String_marshal
String_List_marshal
U8_marshal
U16_marshal
U32_marshal
U64_marshal
UString_marshal
UString_List_marshal
Parameter_Boolean_List_setValue
Parameter_Port_List_setValue
Parameter_S8_List_setValue
Parameter_S16_List_setValue
Parameter_S32_List_setValue
Parameter_S64_List_setValue
Parameter_Socket_List_setValue
Parameter_U8_List_setValue
Parameter_U16_List_setValue
Parameter_U32_List_setValue
Parameter_U64_List_setValue
Boolean_List_marshal
Port_List_marshal
S8_List_marshal
S16_List_marshal
S32_List_marshal
S64_List_marshal
Socket_List_marshal
U8_List_marshal
U16_List_marshal
U32_List_marshal
U64_List_marshal
Parameter_IPv6_List_setValue
Parameter_IPv6_List_getValue
Parameter_IPv6_List_getSize
Parameter_IPv6_List_create
Parameter_IPv6_setValue
Parameter_IPv6_create
Parameter_IPv4_List_setValue
Parameter_IPv4_List_getValue
Parameter_IPv4_List_getSize
Parameter_IPv4_List_create
Parameter_IPv4_setValue
Parameter_IPv4_create
Parameter_Buffer_List_setValue
Parameter_Buffer_List_getValue
Parameter_Buffer_List_getSize
Parameter_Buffer_List_create
Parameter_Buffer_setValue
Parameter_Buffer_create
Parameter_Boolean_List_getValue
Parameter_Boolean_List_getSize
Parameter_Boolean_List_create
Parameter_Boolean_setValue
Parameter_Boolean_create
Parameter_setMarshalledValue
Parameter_resetValue
Parameter_matchType
Parameter_matchName
Parameter_matchFormatAndType
Parameter_matchFormat
Parameter_markInvalidWithReason
Parameter_markInvalid
Parameter_isValid
Parameter_isRequired
Parameter_isHidden
Parameter_hide
Parameter_hasValidValue
Parameter_hasValue
Parameter_getType
Parameter_getName
Parameter_getMarshalledValue
Parameter_getMarshalledDefault
Parameter_getInvalidReason
Parameter_getFormat
Parameter_getDescription
Parameter_delete
Paramchoice_setValue
Paramchoice_matchName
Paramchoice_isValid
Paramchoice_hasValue
Paramchoice_hasValidValue
Paramchoice_getParamgroup
Paramchoice_getNumParamgroups
Paramchoice_getName
Paramchoice_getDescription
Paramchoice_getDefaultValue
Paramchoice_delete
Paramchoice_create
Paramchoice_addParamgroup
Params_validateCallbackPorts
Params_getCallbackPortValues
Params_getCallbackIPv6Values
Params_getCallbackIPv4Values
Params_removeParameter
Params_printInvalid
Params_parseCommandLine
Params_isValid
Params_getParameter
Params_getParamchoice
Params_getNumParameters
Params_getNumParamchoices
Params_getName
Params_findParameter
Params_duplicate
Params_findParamchoice
Params_delete
Params_create
Params_addParameter
Params_addParamchoice
Config_unmarshal
Config_setOutputParams
Config_setInputParams
Config_setConstants
Config_printUsage
Config_marshal
freeMarshalledValue
Config_getVersion
Config_getSchemaVersion
Config_getOutputParams
Config_getNamespaceUri
Config_getName
Config_getInputParams
Config_getID
Config_getConstants
Config_getConfigVersion
Config_duplicate
Config_delete
Config_create
Paramchoice_getValue
Parameter_Buffer_getValue
Parameter_UString_getValue
Parameter_String_getValue
Parameter_U64_getValue
Parameter_Socket_getValue
Parameter_U32_getValue
Parameter_U16_getValue
Parameter_U8_getValue
Parameter_S64_getValue
Parameter_S32_getValue
Parameter_S16_getValue
Parameter_S8_getValue
Parameter_Port_getValue
Parameter_LocalFile_getValue
Parameter_IPv6_getValue
Parameter_IPv4_getValue
Parameter_Boolean_getValue
InitializeXMLUnmarshal
Paramgroup_getDescription
FinalizeXMLUnmarshal

python26

PyDict_SetItemString
PyList_Size
PyList_GetItem
PyString_Size
PyList_New
PyList_Append
PyString_FromStringAndSize
PyString_AsStringAndSize
PyInstance_Type
_PyInstance_Lookup
PyDict_GetItem
_PyWeakref_ProxyType
_PyWeakref_CallableProxyType
PyObject_GetAttr
PyObject_Malloc
PyObject_Init
PyArg_ParseTuple
PyLong_AsUnsignedLongLong
PyLong_AsLongLong
PyLong_AsUnsignedLong
PyInt_AsLong
PyLong_AsLong
PyImport_AddModule
PyModule_GetDict
PyDict_GetItemString
PyErr_Format
PyInt_FromLong
PyLong_FromLongLong
PyLong_FromUnsignedLong
PyLong_FromUnsignedLongLong
Py_InitModule4
PyCObject_FromVoidPtr
PyModule_AddObject
PyCObject_Import
PyErr_Occurred
PyErr_Clear
PyObject_Call
_PyObject_GetDictPtr
PyDict_New
PyDict_SetItem
PyInstance_NewRaw
PyObject_GenericGetAttr
PyType_Type
PyArg_UnpackTuple
PyBool_FromLong
PyObject_IsTrue
PyObject_CallFunctionObjArgs
PyObject_Free
_Py_NotImplementedStruct
_Py_TrueStruct
_Py_ZeroStruct
PyString_FromFormat
PyString_ConcatAndDel
PyTuple_New
PyTuple_SetItem
PyString_Format
PyLong_FromVoidPtr
Py_BuildValue
PyErr_SetString
PyExc_MemoryError
PyExc_IOError
PyExc_IndexError
PyExc_TypeError
PyExc_ZeroDivisionError
PyExc_OverflowError
PyExc_SyntaxError
PyExc_ValueError
PyExc_SystemError
PyExc_AttributeError
PyExc_RuntimeError
PyString_FromString
PyString_AsString
PyErr_NewException

msvcr90

_except_handler4_common
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
memset
memcpy
strstr
malloc
free
strncmp
printf
fputs
strncpy
strcpy
strcmp
strlen
_onexit

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

Exports

Exports

init_pytrch

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
adfw-2.dll
.dll windows:5 windows x86 arch:x86

8b7d25d38cf306a79459f3847affe0c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

exma-1

disconnectRendezvous
closeRendezvous
sendSockets
readParamsFromEM
writeParamsToEM
recvSocket
connectRendezvous
getDefaultEMFile
bindRendezvous
closeEM
openEMForWriting

tibe-2

TbWinsockCleanup
TbWinsockStartup

trch-1

Socket_type
Paramgroup_getNumParamchoices
Parameter_matchType
Config_getID
Config_getInputParams
Config_getNamespaceUri
Config_getSchemaVersion
Config_getOutputParams
Parameter_U16_setValue
Parameter_String_create
Parameter_Boolean_create
Parameter_hasValue
Parameter_String_getValue
Parameter_markInvalid
Parameter_Boolean_getValue
Params_findParamchoice
Config_create
Params_create
Config_setInputParams
Parameter_LocalFile_create
Params_parseCommandLine
Config_delete
Params_isValid
Config_printUsage
Params_printInvalid
Parameter_LocalFile_getValue
Parameter_hasValidValue
Parameter_U16_getValue
Paramgroup_getParameter
Scalar_format
Parameter_matchFormat
Parameter_Socket_getValue
Parameter_Socket_setValue
Parameter_Socket_List_getValue
Parameter_Socket_List_setValue
Params_removeParameter
Params_getNumParameters
Params_getParameter
Params_getNumParamchoices
Params_getParamchoice
Paramchoice_hasValidValue
Paramchoice_getValue
Paramchoice_getNumParamgroups
Paramchoice_getParamgroup
Paramgroup_matchName
Config_marshal
Config_unmarshal
Params_findParameter
Parameter_U16_create
Params_addParameter
Parameter_delete
Paramgroup_getNumParameters
Paramgroup_getParamchoice

tucl-1

TcLog
TcLogClose
TcLogOpen

msvcrt

_adjust_fdiv
_amsg_exit
_initterm
_XcptFilter
malloc
strncpy
strcat
exit
strrchr
strlen
memcpy
tolower
free
calloc

Exports

Exports

adfw_create
adfw_delete
adfw_setID
adfw_setProcess
adfw_setValidate
mainWrapper

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
adfw.dll
.dll windows:4 windows x86 arch:x86

715742f34145e42b16e3c177441ea1bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

exma

openEMForWriting
bindRendezvous
getDefaultEMFile
connectRendezvous
disconnectRendezvous
recvSocket
writeParamsToEM
readParamsFromEM
sendSockets
closeRendezvous

tibe

TbWinsockCleanup
TbWinsockStartup

trch

Params_getParamchoice
Params_getNumParamchoices
Params_getParameter
Params_getNumParameters
Parameter_Socket_List_setValue
Parameter_Socket_List_getValue
Parameter_Socket_setValue
Parameter_Socket_getValue
Parameter_matchFormat
Scalar_format
Params_removeParameter
Socket_type
Paramchoice_getParamgroup
Parameter_hasValidValue
Parameter_LocalFile_getValue
Params_printInvalid
Config_printUsage
Paramchoice_hasValidValue
Params_parseCommandLine
Parameter_LocalFile_create
Config_setInputParams
Config_delete
Params_create
Config_create
Params_findParamchoice
Parameter_Boolean_getValue
Parameter_markInvalid
Parameter_String_getValue
Parameter_hasValue
Parameter_Boolean_create
Parameter_String_create
Parameter_U16_setValue
Config_getOutputParams
Config_getInputParams
Paramchoice_getValue
Params_isValid
Paramchoice_getNumParamgroups
Paramgroup_getParamchoice
Paramgroup_matchName
Config_marshal
Config_unmarshal
Params_findParameter
Parameter_U16_create
Params_addParameter
Parameter_delete
Paramgroup_getNumParameters
Paramgroup_getParameter
Parameter_matchType
Paramgroup_getNumParamchoices
Parameter_U16_getValue

tucl

TcLogClose
TcLogOpen
TcLog

msvcr71

strrchr
exit
strncpy
_initterm
calloc
_adjust_fdiv
__CppXcptFilter
_except_handler3
malloc
_close
_onexit
__dllonexit
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

mainWrapper

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 380B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cnli-0.dll
.dll windows:4 windows x86 arch:x86

c30180a2e3a81b71b6d916caad631d31

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
CreateFileA
CreateFileW
CloseHandle
GetFileAttributesA
GetFileAttributesW
FlushFileBuffers
WriteFile
ReadFile
SetEndOfFile
FileTimeToLocalFileTime
GetFileTime
SetFileTime
LocalFileTimeToFileTime
GetFileSize
DeleteFileA
DeleteFileW
MoveFileExA
MoveFileExW
CopyFileA
CopyFileW
FindClose
CreateDirectoryA
CreateDirectoryW
RemoveDirectoryA
RemoveDirectoryW
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
GetFullPathNameW
GetCurrentDirectoryA
GetCurrentDirectoryW
ExpandEnvironmentStringsW
GetWindowsDirectoryW
GetSystemDirectoryW
ExpandEnvironmentStringsA
GetWindowsDirectoryA
GetTempPathA
GetSystemDirectoryA
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
SetFilePointer
GetLastError
GetSystemTimeAsFileTime
GetTimeZoneInformation
FileTimeToSystemTime
GetLocalTime
SystemTimeToFileTime
CreateThread
GetExitCodeThread
WaitForSingleObject
SetThreadPriority
TerminateThread
GetCurrentThreadId
GetCurrentThread
ExitThread
CreateMutexA
ReleaseMutex
CreateSemaphoreA
ReleaseSemaphore
InitializeCriticalSection
CreateEventA
DeleteCriticalSection
ResetEvent
LeaveCriticalSection
EnterCriticalSection
SetEvent
InterlockedDecrement
InterlockedIncrement
TlsAlloc
TlsSetValue
TlsGetValue
TlsFree
ResumeThread
GetSystemTime
GetTempPathW
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
RtlUnwind
GetCurrentProcessId

advapi32

RegQueryValueExA
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegOpenKeyExA

ws2_32

WSACleanup
socket
bind
listen
accept
connect
closesocket
WSAStartup
select
send
sendto
recv
recvfrom
inet_addr
inet_ntoa
gethostbyname
gethostbyaddr
getsockopt
setsockopt
htonl
htons
ntohs
ntohl
__WSAFDIsSet
WSAGetLastError
getsockname
getpeername
ioctlsocket
shutdown

msvcrt

_vsnwprintf
wcschr
_vsnprintf
strchr
malloc
free
_except_handler3
realloc
strrchr
wcsrchr
wcslen
_stricmp
wcscmp
_wcsicmp
wcsncmp
strncmp
towupper
towlower
toupper
tolower
iswctype
isspace
_snprintf
atoi
isdigit
wcstombs
_snwprintf
wcstol
atol
strtok
wcstoul
wcstok
strtoul
sscanf
strstr
memmove
wcsstr
strpbrk
wcspbrk
strncpy
wcsncpy
_wcsnicmp
_strnicmp
_strdup
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
wcscpy

Exports

Exports

CNEBlob_append
CNEBlob_appendByte
CNEBlob_appendRandomData
CNEBlob_copy
CNEBlob_createFunc
CNEBlob_createNU32Func
CNEBlob_flushMemorySurplus
CNEBlob_formattedStrAppend
CNEBlob_formattedStrWAppend
CNEBlob_free
CNEBlob_freeBuffer
CNEBlob_increaseAllocatedSize
CNEBlob_initializeFunc
CNEBlob_pop
CNEBlob_remove
CNEBlob_strAppend
CNEBlob_strWAppend
CNEDate_daysInMonth
CNEDate_daysOfYear
CNEDate_getCNEDateDiffFromTimeStampDiff
CNEDate_getCNEDateFromTimeStamp
CNEDate_getCNEDateTimeFromFileTime
CNEDate_getCurrentDate
CNEDate_getCurrentTimeAndDate
CNEDate_getFileTimeFromCNEDateTime
CNEDate_getTimeStamp
CNEDate_getTimeStampFromCNEDate
CNEDate_getTimeZone
CNEDate_isLeapYear
CNEFileIO_dirClose
CNEFileIO_dirCreate
CNEFileIO_dirCreateW
CNEFileIO_dirInstall
CNEFileIO_dirInstallW
CNEFileIO_dirNext
CNEFileIO_dirNextDirectory
CNEFileIO_dirNextEx
CNEFileIO_dirNextExW
CNEFileIO_dirNextW
CNEFileIO_dirOpen
CNEFileIO_dirOpenW
CNEFileIO_dirRemove
CNEFileIO_dirRemoveW
CNEFileIO_dirReset
CNEFileIO_expendFilenameA
CNEFileIO_expendFilenameW
CNEFileIO_fileClose
CNEFileIO_fileCopy
CNEFileIO_fileCopyW
CNEFileIO_fileExists
CNEFileIO_fileExistsW
CNEFileIO_fileFlush
CNEFileIO_fileGetDir
CNEFileIO_fileGetDirExW
CNEFileIO_fileGetDirW
CNEFileIO_fileGetPos
CNEFileIO_fileGetSize
CNEFileIO_fileGetSizeByNameExWWithFileAccess
CNEFileIO_fileGetSizeByNameExWithFileAccess
CNEFileIO_fileGetSizeByNameWWithFileAccess
CNEFileIO_fileGetSizeByNameWithFileAccess
CNEFileIO_fileGetSizeEx
CNEFileIO_fileGetTimesFromHandle
CNEFileIO_fileGetTimesWWithFileAccess
CNEFileIO_fileGetTimesWithFileAccess
CNEFileIO_fileIsOpen
CNEFileIO_fileMap
CNEFileIO_fileMove
CNEFileIO_fileMoveW
CNEFileIO_fileOpen
CNEFileIO_fileOpenExpend
CNEFileIO_fileOpenExpendW
CNEFileIO_fileOpenW
CNEFileIO_fileRead
CNEFileIO_fileReadChar
CNEFileIO_fileSetEndOfFile
CNEFileIO_fileSetPos
CNEFileIO_fileSetPosEx
CNEFileIO_fileSetTimesFromHandle
CNEFileIO_fileSetTimesWWithFileAccess
CNEFileIO_fileSetTimesWithFileAccess
CNEFileIO_fileUnMap
CNEFileIO_fileUnlink
CNEFileIO_fileUnlinkW
CNEFileIO_fileWipe
CNEFileIO_fileWipeExpend
CNEFileIO_fileWipeExpendW
CNEFileIO_fileWipeW
CNEFileIO_fileWrite
CNEFileIO_fileWriteChar
CNEFileIO_fixLongPath
CNEFileIO_freeExpendFilename
CNEFileIO_getPathFromFileSpecW
CNEFileIO_getWorkingDir
CNEFileIO_getWorkingDirW
CNEHeap_CreateEmptyFunc
CNEHeap_CreateFunc
CNEHeap_Empty
CNEHeap_FlushMemorySurplus
CNEHeap_Free
CNEHeap_HeadPeek
CNEHeap_Pop
CNEHeap_Push
CNELAList_allocateFromList
CNELAList_create
CNELAList_free
CNELAList_freeToList
CNEListAddBack
CNEListAddFront
CNEListCreate_func
CNEListFree
CNEListGetBack
CNEListGetFront
CNEListInit_func
CNEListIsEmpty
CNEListIterator_equal
CNEListIterator_get
CNEListIterator_getPrev
CNEListIterator_getPrevReference
CNEListIterator_getReference
CNEListIterator_next
CNEListIterator_notEqual
CNEListIterator_prev
CNEListMap
CNEListPeekBack
CNEListPeekFront
CNEList_at
CNEList_begin
CNEList_clear
CNEList_clearWithDestructor
CNEList_destroy
CNEList_destroyWithDestructor
CNEList_end
CNEList_erase
CNEList_filter
CNEList_filterWithContext
CNEList_find
CNEList_findWithContext
CNEList_forEach
CNEList_forEachWithContext
CNEList_insert
CNEList_isEmpty
CNEList_peekBack
CNEList_peekFront
CNEList_popBack
CNEList_popFront
CNEList_pushBack
CNEList_pushFront
CNEList_size
CNEList_sort
CNEMem_cleanNClear
CNEMem_cleanNClearNDestroyPointer
CNENetwork_Checksum16
CNENetwork_CreateEthernetHeader
CNENetwork_CreateIcmpHeader
CNENetwork_CreateIpHeader
CNENetwork_CreateUdpHeader
CNENetwork_DisplayEthernetHeader
CNENetwork_DisplayIcmpHeader
CNENetwork_DisplayIpHeader
CNENetwork_DisplayUdpHeader
CNENetwork_IsIpValidA
CNENetwork_IsIpValidW
CNENetwork_IsPortValidA
CNENetwork_IsPortValidW
CNENetwork_addrToWPIDFunc
CNENetwork_addrToWPIDWFunc
CNENetwork_ipToAddr
CNENetwork_ipToAddrW
CNENetwork_stripMACSpacers
CNENetwork_wpidToAddr
CNEPqs_CreateEmptyFunc
CNEPqs_CreateFunc
CNEPqs_Empty
CNEPqs_FlushMemorySurplus
CNEPqs_Free
CNEPqs_HeadPeek
CNEPqs_Pop
CNEPqs_Push
CNERBTree_createTreeFunc
CNERBTree_delete
CNERBTree_deleteNode
CNERBTree_destroyTree
CNERBTree_executeNodeEx
CNERBTree_getFirst
CNERBTree_getLast
CNERBTree_getNext
CNERBTree_getPrev
CNERBTree_insert
CNERBTree_retrieve
CNERBTree_retrieveNode
CNESocket_accept
CNESocket_addressToIPString
CNESocket_bind
CNESocket_cleanup
CNESocket_close
CNESocket_connect
CNESocket_create
CNESocket_disable
CNESocket_fastAccept
CNESocket_fastConnect
CNESocket_getLocal
CNESocket_getNative
CNESocket_getOSError
CNESocket_getRemote
CNESocket_getSocketOption
CNESocket_getSocketOption_bCast
CNESocket_getSocketOption_exclusive
CNESocket_getSocketOption_keepAlive
CNESocket_getSocketOption_linger
CNESocket_getSocketOption_noDelay
CNESocket_getSocketOption_noLinger
CNESocket_getSocketOption_recvBuff
CNESocket_getSocketOption_reuseAddr
CNESocket_getSocketOption_sendBuff
CNESocket_getSocketOption_ttl
CNESocket_getString
CNESocket_ipStringToAddress
CNESocket_isSocketReady
CNESocket_isValidIP
CNESocket_listen
CNESocket_lookupIP
CNESocket_lookupName
CNESocket_peek
CNESocket_putString
CNESocket_recv
CNESocket_recvExact
CNESocket_recvFrom
CNESocket_select
CNESocket_selectEx
CNESocket_send
CNESocket_sendExpect
CNESocket_sendTo
CNESocket_setBlockingMode
CNESocket_setLineEnding
CNESocket_setSocketOption
CNESocket_setSocketOption_bCast
CNESocket_setSocketOption_exclusive
CNESocket_setSocketOption_keepAlive
CNESocket_setSocketOption_linger
CNESocket_setSocketOption_noDelay
CNESocket_setSocketOption_noLinger
CNESocket_setSocketOption_recvBuff
CNESocket_setSocketOption_reuseAddr
CNESocket_setSocketOption_sendBuff
CNESocket_setSocketOption_ttl
CNESocket_setThrottle
CNESocket_shutdown
CNESocket_startup
CNEStaticArray_clear
CNEStaticArray_createFunc
CNEStaticArray_delete
CNEStaticArray_forEach
CNEStaticArray_forEachWithArgument
CNEStaticArray_get
CNEStaticArray_getReference
CNEStaticArray_push
CNEStaticArray_remove
CNEStaticArray_removeAt
CNEStaticArray_removeIf
CNEStaticArray_removeIfWithArgument
CNEStaticArray_set
CNEStaticArray_size
CNEString_VAFree
CNEString_append
CNEString_appendA
CNEString_appendFunc
CNEString_appendW
CNEString_compare
CNEString_compareA
CNEString_compareCSStringFunc
CNEString_compareFunc
CNEString_compareIgnoreCase
CNEString_compareIgnoreCaseA
CNEString_compareIgnoreCaseW
CNEString_compareW
CNEString_concat
CNEString_copy
CNEString_copySafeAFunc
CNEString_copySafeWFunc
CNEString_createA
CNEString_createFunc
CNEString_createW
CNEString_endsWith
CNEString_endsWithA
CNEString_endsWithW
CNEString_findLastCharacterIndexWith
CNEString_findStringInBufferFunc
CNEString_free
CNEString_getStringBufferA
CNEString_getStringBufferW
CNEString_getStringType
CNEString_indexOfStringA
CNEString_indexOfStringFunc
CNEString_indexOfStringW
CNEString_lastIndexOfStringA
CNEString_lastIndexOfStringW
CNEString_length
CNEString_lengthSafeA
CNEString_lengthSafeW
CNEString_radix10itoa
CNEString_remove
CNEString_replaceAll
CNEString_replaceAllA
CNEString_replaceAllFunc
CNEString_replaceAllW
CNEString_split
CNEString_splitA
CNEString_splitFunc
CNEString_splitW
CNEString_sprintf
CNEString_sprintfA
CNEString_sprintfW
CNEString_startsWith
CNEString_startsWithA
CNEString_startsWithFunc
CNEString_startsWithW
CNEString_strToLower
CNEString_strToUpper
CNEString_strWToLower
CNEString_strWToUpper
CNEString_substring
CNEString_toLower
CNEString_toLowerUpperCaseFunc
CNEString_toStringA
CNEString_toStringFunc
CNEString_toStringW
CNEString_toUpper
CNEString_trim
CNEString_wideCharacterStringToSingleByteString
CNESystemWin_getMicroSecondsSinceEpoch
CNESystemWin_sleep
CNEThread_TlsAlloc
CNEThread_TlsFree
CNEThread_TlsGetValue
CNEThread_TlsSetValue
CNEThread_cvBroadcast
CNEThread_cvCreate
CNEThread_cvDestroy
CNEThread_cvSignal
CNEThread_cvTimedWait
CNEThread_cvWait
CNEThread_eventCreate
CNEThread_eventDestroy
CNEThread_eventSet
CNEThread_eventUnSet
CNEThread_eventWait
CNEThread_getCurrentThread
CNEThread_inverseSemaphoreCreate
CNEThread_inverseSemaphoreGetHolderCount
CNEThread_inverseSemaphoreHold
CNEThread_inverseSemaphoreRelease
CNEThread_isCurrentThread
CNEThread_mutexCreateFunc
CNEThread_mutexDestroy
CNEThread_mutexHold
CNEThread_mutexHoldNoBlock
CNEThread_mutexRelease
CNEThread_priorityTable
CNEThread_rwLockCreate
CNEThread_rwLockDestroy
CNEThread_rwLockLock
CNEThread_rwLockUnlock
CNEThread_semaphoreCreate
CNEThread_semaphoreDestroy
CNEThread_semaphorePost
CNEThread_semaphoreWait
CNEThread_semaphoreWaitNoBlock
CNEThread_threadCancel
CNEThread_threadClose
CNEThread_threadCreate
CNEThread_threadCreateWithPriority
CNEThread_threadExit
CNEThread_threadJoin
CNEThread_threadSetPriority
CNEVector_At
CNEVector_Capacity
CNEVector_Clear
CNEVector_CreateEmptyFunc
CNEVector_CreateFunc
CNEVector_Erase
CNEVector_EraseFast
CNEVector_FlushMemorySurplus
CNEVector_Free
CNEVector_Get
CNEVector_GetFast
CNEVector_PopBack
CNEVector_PushBack
CNEVector_Resize
CNEVector_Size
CNEVector_SizeType
CNEVector_Swap
CNEVirtualArray_do
CNEVirtualArray_doWithParam
CNEVirtualArray_findFirstElementWith
CNEVirtualArray_findLastElementWith
CNEVirtualArray_freeAllElements
CNEVirtualArray_freeArrayPointersAndElements
CNEVirtualArray_freeVA
CNEVirtualArray_freeVAAndElements
CNEVirtualArray_getElementAt
CNEVirtualArray_getLastElement
CNEVirtualArray_getSize
CNEVirtualArray_increasePreAllocateArraySize
CNEVirtualArray_insertAtIndex
CNEVirtualArray_pop
CNEVirtualArray_positionOfFirstElementFoundWith
CNEVirtualArray_positionOfLastElementFoundWith
CNEVirtualArray_push
CNEVirtualArray_removeAllElementsFoundWith
CNEVirtualArray_removeAtIndex
CNEVirtualArray_removeFirstElementFoundWith
CNEVirtualArray_search
CNEVirtualArray_setElementAt
CNEVirtualArray_sort
CNEVirtualArray_swapElements
CNE_allocateCleanMemoryFunc
CNE_compareMemoryFunc
CNE_poisonAllocatedMemoryFunc
CNE_poisonFreeMemoryFunc
CNE_reallocateCleanMemoryFunc
CNE_reallocateMemoryFunc
SafeVirtualArray_GetArrayFromBlob
SafeVirtualArray_GetBlobFromArray
SafeVirtualArray_GetBlobFromStaticElems
SafeVirtualArray_createFunc
SafeVirtualArray_do
SafeVirtualArray_doWithParam
SafeVirtualArray_findFirstElementWith
SafeVirtualArray_findLastElementWith
SafeVirtualArray_freeAllElements
SafeVirtualArray_freeArrayPointersAndElements
SafeVirtualArray_freeVA
SafeVirtualArray_freeVAAndElements
SafeVirtualArray_getElementAt
SafeVirtualArray_getLastElement
SafeVirtualArray_getLock
SafeVirtualArray_getSize
SafeVirtualArray_getVAAndLock
SafeVirtualArray_increasePreAllocateArraySize
SafeVirtualArray_initializeFunc
SafeVirtualArray_insertAtIndex
SafeVirtualArray_pop
SafeVirtualArray_positionOfFirstElementFoundWith
SafeVirtualArray_positionOfLastElementFoundWith
SafeVirtualArray_push
SafeVirtualArray_pushAndBlob
SafeVirtualArray_pushAndBlobStatic
SafeVirtualArray_releaseLock
SafeVirtualArray_removeAllElementsFoundWith
SafeVirtualArray_removeAndBlob
SafeVirtualArray_removeAndBlobStatic
SafeVirtualArray_removeAtIndex
SafeVirtualArray_removeFirstElementFoundWith
SafeVirtualArray_search
SafeVirtualArray_setElementAt
SafeVirtualArray_sort
SafeVirtualArray_swapElements
SafeVirtualArray_updateElement
VAMarshal_GetArrayFromBlob
VAMarshal_GetBlobFromArray
VAMarshal_GetBlobFromStaticElems
VirtualArray_createFunc
VirtualArray_initializeFunc
VirtualBuffer_addBytesToBuffer
VirtualBuffer_freeBuffer
VirtualBuffer_initializeBuffer
VirtualBuffer_makeRoomIfNeeded
byteSwapLong
byteSwapLongLong
byteSwapShort

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cnli-1.dll
.dll windows:5 windows x86 arch:x86

a482b407319dc74133dc3d7a0212f626

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTimeAsFileTime
GetTimeZoneInformation
FileTimeToSystemTime
GetLocalTime
SystemTimeToFileTime
GetLastError
CreateFileA
CloseHandle
GetFileAttributesA
FlushFileBuffers
WriteFile
ReadFile
SetEndOfFile
FileTimeToLocalFileTime
GetFileTime
SetFileTime
LocalFileTimeToFileTime
GetFileSize
DeleteFileA
MoveFileExA
CopyFileA
MapViewOfFileEx
CreateFileMappingA
UnmapViewOfFile
FindClose
CreateDirectoryA
RemoveDirectoryA
FindNextFileA
FindFirstFileA
GetCurrentDirectoryA
GetCurrentDirectoryW
ExpandEnvironmentStringsW
GetTempPathW
GetSystemDirectoryW
CreateFileW
GetFileAttributesW
SetFilePointer
DeleteFileW
MoveFileExW
CopyFileW
GetFullPathNameW
CreateDirectoryW
RemoveDirectoryW
FindNextFileW
FindFirstFileW
GetSystemTime
Sleep
CreateThread
GetExitCodeThread
WaitForSingleObject
SetThreadPriority
TerminateThread
ExitThread
GetCurrentThreadId
GetCurrentThread
CreateMutexA
ReleaseMutex
CreateSemaphoreA
ReleaseSemaphore
InitializeCriticalSection
CreateEventA
DeleteCriticalSection
LeaveCriticalSection
SetEvent
EnterCriticalSection
ResetEvent
InterlockedDecrement
InterlockedIncrement
TlsAlloc
TlsSetValue
TlsGetValue
TlsFree
ResumeThread
GetWindowsDirectoryW
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
RtlUnwind
GetCurrentProcessId

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

ws2_32

accept
connect
closesocket
shutdown
select
send
sendto
recv
recvfrom
gethostbyname
gethostbyaddr
getsockopt
setsockopt
listen
gethostname
__WSAFDIsSet
WSAGetLastError
getsockname
getpeername
ioctlsocket
WSAStartup
WSACleanup
socket
bind

msvcrt

_vsnwprintf
wcschr
_vsnprintf
strchr
malloc
memcpy
realloc
free
sscanf
memmove
strlen
wcslen
mbstowcs
wcstombs
vsprintf
strcpy
wcscpy
strncpy
wcsncpy
_strdup
_wcsdup
strcmp
wcscmp
_stricmp
_wcsicmp
strncmp
wcsncmp
_strnicmp
_wcsnicmp
strcat
wcscat
strncat
strrchr
wcsrchr
strpbrk
wcspbrk
memchr
strspn
wcsspn
strstr
wcsstr
isspace
iswctype
isalnum
isdigit
isxdigit
isgraph
toupper
towupper
tolower
towlower
strtol
wcstol
strtoul
wcstoul
memset
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
wcsncat

Exports

Exports

CNEBlob_append
CNEBlob_appendByte
CNEBlob_appendRandomData
CNEBlob_copy
CNEBlob_createFunc
CNEBlob_createNU32Func
CNEBlob_flushMemorySurplus
CNEBlob_formattedStrAppend
CNEBlob_formattedStrWAppend
CNEBlob_free
CNEBlob_freeBuffer
CNEBlob_increaseAllocatedSize
CNEBlob_initializeFunc
CNEBlob_pop
CNEBlob_remove
CNEBlob_strAppend
CNEBlob_strWAppend
CNEDate_daysInMonth
CNEDate_daysOfYear
CNEDate_getCNEDateDiffFromTimeStampDiff
CNEDate_getCNEDateFromTimeStamp
CNEDate_getCNEDateTimeFromFileTime
CNEDate_getCurrentDate
CNEDate_getCurrentTimeAndDate
CNEDate_getFileTimeFromCNEDateTime
CNEDate_getTimeStamp
CNEDate_getTimeStampFromCNEDate
CNEDate_getTimeStampFromTimeval
CNEDate_getTimeZone
CNEDate_isLeapYear
CNEFileIO_dirClose
CNEFileIO_dirCreate
CNEFileIO_dirCreateW
CNEFileIO_dirInstall
CNEFileIO_dirInstallW
CNEFileIO_dirNext
CNEFileIO_dirNextDirectory
CNEFileIO_dirNextEx
CNEFileIO_dirNextExW
CNEFileIO_dirNextW
CNEFileIO_dirOpen
CNEFileIO_dirOpenW
CNEFileIO_dirRemove
CNEFileIO_dirRemoveW
CNEFileIO_dirReset
CNEFileIO_expendFilenameA
CNEFileIO_expendFilenameW
CNEFileIO_fileClose
CNEFileIO_fileCopy
CNEFileIO_fileCopyW
CNEFileIO_fileExists
CNEFileIO_fileExistsW
CNEFileIO_fileFlush
CNEFileIO_fileGetDir
CNEFileIO_fileGetDirExW
CNEFileIO_fileGetDirW
CNEFileIO_fileGetPos
CNEFileIO_fileGetPosEx
CNEFileIO_fileGetSize
CNEFileIO_fileGetSizeByNameExWWithFileAccess
CNEFileIO_fileGetSizeByNameExWithFileAccess
CNEFileIO_fileGetSizeByNameWWithFileAccess
CNEFileIO_fileGetSizeByNameWithFileAccess
CNEFileIO_fileGetSizeEx
CNEFileIO_fileGetTimesFromHandle
CNEFileIO_fileGetTimesWWithFileAccess
CNEFileIO_fileGetTimesWithFileAccess
CNEFileIO_fileIsOpen
CNEFileIO_fileMap
CNEFileIO_fileMove
CNEFileIO_fileMoveW
CNEFileIO_fileOpen
CNEFileIO_fileOpenExpend
CNEFileIO_fileOpenExpendW
CNEFileIO_fileOpenW
CNEFileIO_fileReadChar
CNEFileIO_fileReadEx
CNEFileIO_fileSetEndOfFile
CNEFileIO_fileSetPos
CNEFileIO_fileSetPosEx
CNEFileIO_fileSetTimesFromHandle
CNEFileIO_fileSetTimesWWithFileAccess
CNEFileIO_fileSetTimesWithFileAccess
CNEFileIO_fileUnMap
CNEFileIO_fileUnlink
CNEFileIO_fileUnlinkW
CNEFileIO_fileWipe
CNEFileIO_fileWipeExpend
CNEFileIO_fileWipeExpendW
CNEFileIO_fileWipeW
CNEFileIO_fileWriteChar
CNEFileIO_fileWriteEx
CNEFileIO_fixLongPath
CNEFileIO_freeExpendFilename
CNEFileIO_getPathFromFileSpecW
CNEFileIO_getWorkingDir
CNEFileIO_getWorkingDirW
CNEHashMapIterator_begin
CNEHashMapIterator_next
CNEHashMap_setPVoidKeyCopyBehaviour
CNEHashMap_setPVoidKeyHashBehaviour
CNEHashMap_setPVoidValueFreeBehaviour
CNEHeap_CreateEmptyFunc
CNEHeap_CreateFunc
CNEHeap_Empty
CNEHeap_FlushMemorySurplus
CNEHeap_Free
CNEHeap_HeadPeek
CNEHeap_Pop
CNEHeap_Push
CNELAList_allocateFromList
CNELAList_create
CNELAList_free
CNELAList_freeToList
CNEListAddBack
CNEListAddFront
CNEListCreate_func
CNEListFree
CNEListGetBack
CNEListGetFront
CNEListInit_func
CNEListIsEmpty
CNEListIterator_equal
CNEListIterator_get
CNEListIterator_getPrev
CNEListIterator_getPrevReference
CNEListIterator_getReference
CNEListIterator_next
CNEListIterator_notEqual
CNEListIterator_prev
CNEListMap
CNEListPeekBack
CNEListPeekFront
CNEList_at
CNEList_begin
CNEList_clear
CNEList_clearWithDestructor
CNEList_destroy
CNEList_destroyWithDestructor
CNEList_end
CNEList_erase
CNEList_filter
CNEList_filterWithContext
CNEList_find
CNEList_findWithContext
CNEList_forEach
CNEList_forEachWithContext
CNEList_insert
CNEList_isEmpty
CNEList_peekBack
CNEList_peekFront
CNEList_popBack
CNEList_popFront
CNEList_pushBack
CNEList_pushFront
CNEList_size
CNEList_sort
CNEMem_cleanNClear
CNEMem_cleanNClearNDestroyPointer
CNEMem_set
CNENetwork_Checksum16
CNENetwork_CreateEthernetHeader
CNENetwork_CreateIcmpHeader
CNENetwork_CreateIpHeader
CNENetwork_CreateUdpHeader
CNENetwork_DisplayEthernetHeader
CNENetwork_DisplayIcmpHeader
CNENetwork_DisplayIpHeader
CNENetwork_DisplayUdpHeader
CNENetwork_IsIpValidA
CNENetwork_IsIpValidW
CNENetwork_IsPortValidA
CNENetwork_IsPortValidW
CNENetwork_addrToWPIDFunc
CNENetwork_addrToWPIDWFunc
CNENetwork_ipToAddr
CNENetwork_ipToAddrW
CNENetwork_stripMACSpacers
CNENetwork_wpidToAddr
CNEPqs_CreateEmptyFunc
CNEPqs_CreateFunc
CNEPqs_Empty
CNEPqs_FlushMemorySurplus
CNEPqs_Free
CNEPqs_HeadPeek
CNEPqs_Pop
CNEPqs_Push
CNERBTree_createTreeFunc
CNERBTree_delete
CNERBTree_deleteNode
CNERBTree_destroyTree
CNERBTree_executeNodeEx
CNERBTree_getFirst
CNERBTree_getLast
CNERBTree_getNext
CNERBTree_getPrev
CNERBTree_insertEx
CNERBTree_retrieve
CNERBTree_retrieveNode
CNESocket_accept
CNESocket_addressToIPString
CNESocket_bind
CNESocket_cleanup
CNESocket_close
CNESocket_connect
CNESocket_create
CNESocket_disable
CNESocket_fastAccept
CNESocket_fastConnect
CNESocket_getLocal
CNESocket_getNative
CNESocket_getOSError
CNESocket_getRemote
CNESocket_getSocketOption
CNESocket_getSocketOption_bCast
CNESocket_getSocketOption_exclusive
CNESocket_getSocketOption_keepAlive
CNESocket_getSocketOption_linger
CNESocket_getSocketOption_noDelay
CNESocket_getSocketOption_noLinger
CNESocket_getSocketOption_recvBuff
CNESocket_getSocketOption_reuseAddr
CNESocket_getSocketOption_sendBuff
CNESocket_getSocketOption_ttl
CNESocket_getString
CNESocket_gethostname
CNESocket_ipStringToAddress
CNESocket_isSocketReady
CNESocket_isValidIP
CNESocket_listen
CNESocket_lookupIP
CNESocket_lookupName
CNESocket_peek
CNESocket_putString
CNESocket_recv
CNESocket_recvExact
CNESocket_recvFrom
CNESocket_select
CNESocket_selectEx
CNESocket_send
CNESocket_sendExpect
CNESocket_sendTo
CNESocket_setBlockingMode
CNESocket_setLineEnding
CNESocket_setSocketOption
CNESocket_setSocketOption_bCast
CNESocket_setSocketOption_exclusive
CNESocket_setSocketOption_keepAlive
CNESocket_setSocketOption_linger
CNESocket_setSocketOption_noDelay
CNESocket_setSocketOption_noLinger
CNESocket_setSocketOption_recvBuff
CNESocket_setSocketOption_reuseAddr
CNESocket_setSocketOption_sendBuff
CNESocket_setSocketOption_ttl
CNESocket_setThrottle
CNESocket_shutdown
CNESocket_startup
CNEStaticArray_clear
CNEStaticArray_createFunc
CNEStaticArray_delete
CNEStaticArray_forEach
CNEStaticArray_forEachWithArgument
CNEStaticArray_get
CNEStaticArray_getReference
CNEStaticArray_push
CNEStaticArray_remove
CNEStaticArray_removeAt
CNEStaticArray_removeIf
CNEStaticArray_removeIfWithArgument
CNEStaticArray_set
CNEStaticArray_size
CNEString_VAFree
CNEString_append
CNEString_appendA
CNEString_appendFunc
CNEString_appendFuncEx
CNEString_appendW
CNEString_atoi
CNEString_axtoi
CNEString_buildFormattedString
CNEString_buildFormattedStringA
CNEString_buildFormattedStringW
CNEString_compare
CNEString_compareA
CNEString_compareCSStringFunc
CNEString_compareFunc
CNEString_compareIgnoreCase
CNEString_compareIgnoreCaseA
CNEString_compareIgnoreCaseW
CNEString_compareW
CNEString_concat
CNEString_copy
CNEString_copySafeAFunc
CNEString_copySafeWFunc
CNEString_createA
CNEString_createFunc
CNEString_createW
CNEString_endsWith
CNEString_endsWithA
CNEString_endsWithW
CNEString_findLastCharacterIndexWith
CNEString_findStringInBufferFunc
CNEString_free
CNEString_getStringBufferA
CNEString_getStringBufferW
CNEString_getStringType
CNEString_indexOfStringA
CNEString_indexOfStringFunc
CNEString_indexOfStringW
CNEString_isalnum
CNEString_isdigit
CNEString_isgraph
CNEString_isspace
CNEString_iswalnum
CNEString_iswdigit
CNEString_iswgraph
CNEString_iswspace
CNEString_iswxdigit
CNEString_isxdigit
CNEString_lastIndexOfStringA
CNEString_lastIndexOfStringW
CNEString_length
CNEString_lengthSafeA
CNEString_lengthSafeW
CNEString_mbstowcs
CNEString_memchr
CNEString_radix10itoa
CNEString_remove
CNEString_replaceAll
CNEString_replaceAllA
CNEString_replaceAllFunc
CNEString_replaceAllW
CNEString_snprintf
CNEString_snwprintf
CNEString_split
CNEString_splitA
CNEString_splitFunc
CNEString_splitW
CNEString_sprintf
CNEString_startsWith
CNEString_startsWithA
CNEString_startsWithFunc
CNEString_startsWithW
CNEString_strcat
CNEString_strchr
CNEString_strcmp
CNEString_strcpy
CNEString_strdup
CNEString_stricmp
CNEString_strlen
CNEString_strlwr
CNEString_strncat
CNEString_strncmp
CNEString_strncpy
CNEString_strnicmp
CNEString_strpbrk
CNEString_strrchr
CNEString_strstr
CNEString_strtok3
CNEString_strtol
CNEString_strtoul
CNEString_strupr
CNEString_substring
CNEString_swprintf
CNEString_toLower
CNEString_toLowerUpperCaseFunc
CNEString_toStringA
CNEString_toStringFunc
CNEString_toStringW
CNEString_toUpper
CNEString_trim
CNEString_vsnprintf
CNEString_vsnwprintf
CNEString_vsprintf
CNEString_vswprintf
CNEString_wcscat
CNEString_wcschr
CNEString_wcscmp
CNEString_wcscpy
CNEString_wcsdup
CNEString_wcsicmp
CNEString_wcslen
CNEString_wcslwr
CNEString_wcsncat
CNEString_wcsncmp
CNEString_wcsncpy
CNEString_wcsnicmp
CNEString_wcspbrk
CNEString_wcsrchr
CNEString_wcsstr
CNEString_wcstok3
CNEString_wcstol
CNEString_wcstombs
CNEString_wcstoul
CNEString_wcstoull
CNEString_wcsupr
CNEString_wideCharacterStringToSingleByteString
CNEString_wmemchr
CNEString_wxtoi
CNEString_wxtonu64
CNESystemWin_getMicroSecondsSinceEpoch
CNESystemWin_sleep
CNEThread_TlsAlloc
CNEThread_TlsFree
CNEThread_TlsGetValue
CNEThread_TlsSetValue
CNEThread_cvBroadcast
CNEThread_cvCreate
CNEThread_cvDestroy
CNEThread_cvSignal
CNEThread_cvTimedWait
CNEThread_cvWait
CNEThread_eventCreate
CNEThread_eventDestroy
CNEThread_eventSet
CNEThread_eventUnSet
CNEThread_eventWait
CNEThread_getCurrentThread
CNEThread_inverseSemaphoreCreate
CNEThread_inverseSemaphoreGetHolderCount
CNEThread_inverseSemaphoreHold
CNEThread_inverseSemaphoreRelease
CNEThread_isCurrentThread
CNEThread_mutexCreateFunc
CNEThread_mutexDestroy
CNEThread_mutexHold
CNEThread_mutexHoldNoBlock
CNEThread_mutexRelease
CNEThread_priorityTable
CNEThread_rwLockCreate
CNEThread_rwLockDestroy
CNEThread_rwLockLock
CNEThread_rwLockUnlock
CNEThread_semaphoreCreate
CNEThread_semaphoreDestroy
CNEThread_semaphorePost
CNEThread_semaphoreWait
CNEThread_semaphoreWaitNoBlock
CNEThread_threadCancel
CNEThread_threadClose
CNEThread_threadCreate
CNEThread_threadCreateWithPriority
CNEThread_threadExit
CNEThread_threadJoin
CNEThread_threadMicroSleep
CNEThread_threadSetPriority
CNEThread_threadSleep
CNEVector_At
CNEVector_Capacity
CNEVector_Clear
CNEVector_CreateEmptyFunc
CNEVector_CreateFunc
CNEVector_Erase
CNEVector_EraseFast
CNEVector_FlushMemorySurplus
CNEVector_Free
CNEVector_Get
CNEVector_GetFast
CNEVector_PopBack
CNEVector_PushBack
CNEVector_Resize
CNEVector_Size
CNEVector_SizeType
CNEVector_Swap
CNEVirtualArray_do
CNEVirtualArray_doWithParam
CNEVirtualArray_findFirstElementWith
CNEVirtualArray_findLastElementWith
CNEVirtualArray_findNextElementWith
CNEVirtualArray_freeAllElements
CNEVirtualArray_freeArrayPointersAndElements
CNEVirtualArray_freeVA
CNEVirtualArray_freeVAAndElements
CNEVirtualArray_getElementAt
CNEVirtualArray_getLastElement
CNEVirtualArray_getSize
CNEVirtualArray_increasePreAllocateArraySize
CNEVirtualArray_insertAtIndex
CNEVirtualArray_insertSorted
CNEVirtualArray_pop
CNEVirtualArray_positionOfFirstElementFoundWith
CNEVirtualArray_positionOfLastElementFoundWith
CNEVirtualArray_positionOfNextElementFoundWith
CNEVirtualArray_push
CNEVirtualArray_removeAllElementsFoundWith
CNEVirtualArray_removeAtIndex
CNEVirtualArray_removeFirstElementFoundWith
CNEVirtualArray_search
CNEVirtualArray_setElementAt
CNEVirtualArray_sort
CNEVirtualArray_swapElements
CNE_allocateCleanMemoryFunc
CNE_compareMemoryFunc
CNE_poisonAllocatedMemoryFunc
CNE_poisonFreeMemoryFunc
CNE_reallocateCleanMemoryFunc
CNE_reallocateMemoryFunc
SafeVirtualArray_GetArrayFromBlob
SafeVirtualArray_GetBlobFromArray

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
coli-0.dll
.dll windows:5 windows x86 arch:x86

3bdaf0330fb6625e9822b4db8158a8ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

exma-1

disconnectRendezvous
closeRendezvous
sendSockets
readParamsFromEM
writeParamsToEM
recvSocket
connectRendezvous
getDefaultEMFile
bindRendezvous
closeEM
openEMForWriting

tibe-2

TbWinsockCleanup
TbWinsockStartup

trch-1

Parameter_U16_getValue
Paramgroup_getNumParamchoices
Parameter_matchType
Config_getID
Config_getInputParams
Config_getNamespaceUri
Config_getSchemaVersion
Config_getConstants
Config_getOutputParams
Parameter_U16_setValue
Parameter_String_create
Parameter_Boolean_create
Parameter_hasValue
Parameter_String_getValue
Parameter_markInvalid
Parameter_Boolean_getValue
Params_findParamchoice
Config_create
Params_create
Config_setInputParams
Parameter_LocalFile_create
Params_parseCommandLine
Config_delete
Params_isValid
Config_printUsage
Params_printInvalid
Parameter_LocalFile_getValue
Parameter_hasValidValue
Paramgroup_getParamchoice
Socket_type
Scalar_format
Parameter_matchFormat
Parameter_Socket_getValue
Parameter_Socket_setValue
Parameter_Socket_List_getValue
Parameter_Socket_List_setValue
Params_removeParameter
Params_getNumParameters
Params_getParameter
Params_getNumParamchoices
Params_getParamchoice
Paramchoice_hasValidValue
Paramchoice_getValue
Paramchoice_getNumParamgroups
Paramchoice_getParamgroup
Paramgroup_matchName
Config_marshal
Config_unmarshal
Params_findParameter
Parameter_U16_create
Params_addParameter
Parameter_delete
Paramgroup_getNumParameters
Paramgroup_getParameter

tucl-1

TcLog
TcLogClose
TcLogOpen

msvcrt

_adjust_fdiv
_amsg_exit
_initterm
_XcptFilter
malloc
strncpy
strcat
exit
strrchr
strlen
memcpy
tolower
free
calloc

Exports

Exports

coli_create
coli_delete
coli_setCleanup
coli_setID
coli_setProcess
coli_setValidate
mainWrapper

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
crli-0.dll
.dll windows:5 windows x86 arch:x86

31a3d927d0773eea73787c46f29a287b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

cnli-1

CNE_allocateCleanMemoryFunc
byteSwapLong
CNEMem_cleanNClearNDestroyPointer

msvcrt

memcpy
malloc
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
free

Exports

Exports

CryptoLibV2_decryptRequestBuffer
CryptoLibV2_deletePrivateKey
CryptoLibV2_deletePublicKey
CryptoLibV2_encryptRequestBuffer
CryptoLibV2_freeBuffer
CryptoLibV2_getRandom
CryptoLibV2_installPrivateKey
CryptoLibV2_installPublicKey
CryptoLibV2_lookupPrivateKey
CryptoLibV2_lookupPublicKey
CryptoLibV2_md5Digest
CryptoLibV2_md5DigestFile
CryptoLibV2_md5DigestFileW
CryptoLibV2_pubDecrypt
CryptoLibV2_pubDecryptFor
CryptoLibV2_pubEncrypt
CryptoLibV2_pubEncryptFor
CryptoLibV2_queryPrivateKey
CryptoLibV2_queryPublicKey
CryptoLibV2_sign
CryptoLibV2_signFrom
CryptoLibV2_symDecrypt
CryptoLibV2_symEncrypt
CryptoLibV2_symGenKey
CryptoLibV2_verify
CryptoLibV2_verifyFrom
CryptoLib_freeBuffer
CryptoLib_md5Digest
CryptoLib_pubDecrypt
CryptoLib_pubEncrypt
CryptoLib_symDecrypt
CryptoLib_symEncrypt
CryptoLib_symGenKey

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dmgd-1.dll
.dll windows:5 windows x86 arch:x86

c09b9940e60b0e64cc45f00fe08e942f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

trfo-2

TfNrvCompress
TfRandomByte
TfFillRandom
TfNrvCalculateMaxExpansion

msvcrt

memcpy
malloc
free
calloc
realloc
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv

Exports

Exports

DgCalloc
DgFree
DgMalloc
DgRealloc
pkgtype1
pkgtype2

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dmgd-4.dll
.dll windows:5 windows x86 arch:x86

4edfb3614d85009edda4e6c7c687371e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

trfo-2

TfNrvCompress
TfRandomByte
TfFillRandom
TfNrvCalculateMaxExpansion

msvcrt

memcpy
strlen
calloc
malloc
free
realloc
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv

Exports

Exports

DgCalloc
DgFree
DgMalloc
DgRealloc
noargs
pkgtype1
pkgtype1export
pkgtype2

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 444KB - Virtual size: 445KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
esco-0.dll
.dll windows:5 windows x86 arch:x86

d58bd2f98f48b8865d93d6cc74357287

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

tibe-2

TbMalloc
TbPutBuff

trch-1

Parameter_UString_getValue
Params_findParameter

msvcrt

_adjust_fdiv
_amsg_exit
_initterm
_XcptFilter
free
malloc
fwrite
fread
memcpy
sprintf
strncat
isprint
memset
_snprintf
strncpy

Exports

Exports

HexDumpShort
HexStr
ReadSizedBufferFromFile
ReadSizedBufferFromParameter
TbUniStrToSizedBuffer
WriteSizedBufferToFile
isAscii

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
exma-1.dll
.dll windows:5 windows x86 arch:x86

38335bfed05954b26590a75c4458da60

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

ws2_32

__WSAFDIsSet
select
accept
closesocket
getsockname
listen
bind
htons
inet_addr
socket
send
connect
WSASocketA
recv
ntohs
WSADuplicateSocketA

msvcrt

_iob
strcmp
free
calloc
_fstat
strlen
memset
malloc
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
_read
_write
_fileno
_close
_open

Exports

Exports

bindRendezvous
closeEM
closeRendezvous
connectRendezvous
disconnectRendezvous
getDefaultEMFile
openEMForWriting
readParamsFromEM
recvSocket
sendSockets
writeParamsToEM

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
exma.dll
.dll windows:4 windows x86 arch:x86

a40a7e84d80ee58f1d9b367ea65775d3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

accept
select
__WSAFDIsSet
WSADuplicateSocketA
recv
WSASocketA
connect
send
socket
inet_addr
htons
bind
listen
getsockname
closesocket
ntohs

msvcr71

_unlink
_close
_read
_fstat
_write
_except_handler3
_open
_onexit
__dllonexit
sprintf
getenv
free
calloc
__security_error_handler
_getpid
_initterm
malloc
_adjust_fdiv
__CppXcptFilter

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
ExitProcess

Exports

Exports

bindRendezvous
closeRendezvous
connectRendezvous
disconnectRendezvous
getDefaultEMFile
openEMForWriting
readParamsFromEM
recvSocket
sendSockets
writeParamsToEM

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 338B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
iconv.dll
.dll windows:5 windows x86 arch:x86

b1120ee66ca68cd85b2a07dc10563ac4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
FreeLibrary
GetACP
GetModuleHandleA
IsDBCSLeadByteEx
MultiByteToWideChar
GetLastError
WideCharToMultiByte
GetCPInfoExA
IsValidCodePage
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

msvcrt

strchr
free
_stricmp
atoi
_strnicmp
strcmp
strncmp
memcpy
malloc
memmove
getenv
calloc
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
_errno
strlen

Exports

Exports

iconv
iconv_close
iconv_open
iconvctl
libiconv
libiconv_close
libiconv_open
libiconvctl

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libcurl.dll
.dll windows:5 windows x86 arch:x86

30d6e82d613a55c4e1fac27ebbaa1757

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

gethostbyname
inet_ntoa
htonl
getservbyname
gethostbyaddr
getservbyport
gethostname
WSACleanup
WSAStartup
accept
listen
ioctlsocket
__WSAFDIsSet
WSAGetLastError
select
send
sendto
recvfrom
inet_addr
WSASetLastError
recv
socket
connect
setsockopt
getpeername
getsockopt
htons
bind
ntohs
getsockname
closesocket

libeay32

ord654
ord66
ord52
ord2431
ord78
ord95
ord657
ord1015
ord2291
ord3212
ord2604
ord298
ord224
ord223
ord227
ord222
ord254
ord181
ord2442
ord188
ord1951
ord566
ord578
ord579
ord1216
ord2023
ord2075
ord1653
ord1654
ord1958
ord2596
ord958
ord625
ord556
ord248
ord979
ord18
ord1180
ord542
ord544
ord421
ord120
ord151
ord656
ord7
ord653
ord680
ord2454
ord391
ord641
ord1
ord466
ord2254
ord464
ord341
ord342
ord340
ord2437
ord2436
ord2435
ord784
ord809
ord808
ord281
ord280
ord467

ssleay32

ord96
ord58
ord78
ord86
ord87
ord90
ord45
ord21
ord141
ord15
ord6
ord243
ord12
ord172
ord113
ord116
ord110
ord130
ord127
ord43
ord60
ord157
ord61
ord242
ord77
ord108
ord5
ord48
ord126
ord49
ord8
ord76
ord75
ord24
ord222
ord30
ord31
ord17
ord235
ord183
ord74

zlib1

inflateInit_
inflate
inflateInit2_
inflateEnd
zlibVersion

msvcrt

getenv
memcmp
memchr
memmove
sprintf
fputc
gmtime
fflush
strerror
_sys_nerr
fseek
tolower
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
isleadbyte
_snprintf
_itoa
wctomb
__badioinfo
__pioinfo
_read
_fileno
_write
_isatty
strcat
strncpy
_errno
strstr
strcpy
fread
_stati64
_lseeki64
_fstati64
fwrite
realloc
malloc
_beginthreadex
isxdigit
isspace
isgraph
isprint
isdigit
isalnum
isalpha
islower
strtoul
free
calloc
fputs
qsort
_iob
fopen
fgets
fclose
time
strchr
sscanf
strtol
strrchr
strncmp
strcmp
memset
strlen
memcpy
_strdup
_close
_open
_stricmp
isupper
_strnicmp

kernel32

GetCurrentThreadId
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
RtlUnwind
OutputDebugStringA
GetTickCount
GetStdHandle
GetFileType
ReadFile
WaitForMultipleObjects
PeekNamedPipe
FormatMessageA
Sleep
SetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
ExpandEnvironmentStringsA
WaitForSingleObject
CloseHandle
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
GetLastError
SleepEx
GetSystemTimeAsFileTime
GetCurrentProcessId

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_maprintf
curl_mfprintf
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_version
curl_version_info

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libeay32.dll
.dll windows:5 windows x86 arch:x86

ab3711ec11b2005ba9f89a2f4ae2937b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

sendto
recvfrom
bind
listen
accept
ntohl
inet_ntoa
WSACancelBlockingCall
WSACleanup
WSAStartup
getsockopt
getservbyname
ntohs
htons
htonl
socket
setsockopt
connect
send
WSASetLastError
recv
WSAGetLastError
shutdown
gethostbyname
closesocket

gdi32

CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
SelectObject
GetObjectA
BitBlt
GetBitmapBits
DeleteObject
DeleteDC
CreateDCA

advapi32

ReportEventA
DeregisterEventSource
RegisterEventSourceA

user32

MessageBoxA
GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW

zlib1

zError
inflate
deflate
inflateEnd
deflateEnd
inflateInit_
deflateInit_

msvcrt

localtime
gmtime
strncpy
_lrotl
memcmp
_lrotr
memmove
_read
_write
isxdigit
isdigit
fprintf
strlen
fputs
fclose
ferror
fread
fwrite
_setmode
_fileno
fopen
strcat
fseek
ftell
feof
fflush
fgets
strcmp
atoi
perror
_ftime
qsort
_stat
_chmod
strerror
isalnum
isspace
strncmp
tolower
isupper
strrchr
sscanf
exit
strtol
signal
_getch
printf
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
memset
time
memchr
memcpy
malloc
realloc
free
abort
vfprintf
wcsstr
getenv
strtoul
sprintf
strcpy
_iob
strchr
_vsnprintf
_errno
strstr

kernel32

GetCurrentThreadId
GetLastError
GetFileType
GetStdHandle
GetCurrentThread
GetModuleHandleA
FindNextFileA
FindFirstFileA
FindClose
FreeLibrary
LoadLibraryA
ExitProcess
GetVersion
GetProcAddress
GetThreadTimes
SetLastError
GetTickCount
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
FlushConsoleInputBuffer
GetVersionExA
CloseHandle
GlobalMemoryStatus

Exports

Exports

ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
AES_bi_ige_encrypt
AES_cbc_encrypt
AES_cfb128_encrypt
AES_cfb1_encrypt
AES_cfb8_encrypt
AES_cfbr_encrypt_block
AES_ctr128_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_ige_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
AES_unwrap_key
AES_wrap_key
ASN1_ANY_it
ASN1_BIT_STRING_asn1_meth
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_HEADER_free
ASN1_HEADER_new
ASN1_IA5STRING_asn1_meth
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_to_BN
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SEQUENCE_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_cmp
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_encode
ASN1_STRING_free
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set0
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_check
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_print
ASN1_TIME_set
ASN1_TIME_to_generalizedtime
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_set
ASN1_TYPE_set1
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_fp
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_pack
ASN1_item_sign
ASN1_item_unpack
ASN1_item_verify
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_pack_string
ASN1_parse
ASN1_parse_dump
ASN1_primitive_free
ASN1_primitive_new
ASN1_put_eoc
ASN1_put_object
ASN1_seq_pack
ASN1_seq_unpack
ASN1_sign
ASN1_tag2bit
ASN1_tag2str
ASN1_template_d2i
ASN1_template_free
ASN1_template_i2d
ASN1_template_new
ASN1_unpack_string
ASN1_verify
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_accept
BIO_callback_ctrl
BIO_clear_flags
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_get_read_request
BIO_ctrl_get_write_guarantee
BIO_ctrl_pending
BIO_ctrl_reset_read_request
BIO_ctrl_wpending
BIO_debug_callback
BIO_dgram_non_fatal_error
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
BIO_f_md
BIO_f_nbio_test
BIO_f_null
BIO_f_reliable
BIO_fd_non_fatal_error
BIO_fd_should_retry
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_callback
BIO_get_callback_arg
BIO_get_ex_data
BIO_get_ex_new_index
BIO_get_host_ip
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_gethostbyname
BIO_gets
BIO_indent
BIO_int_ctrl
BIO_method_name
BIO_method_type
BIO_new
BIO_new_accept
BIO_new_bio_pair
BIO_new_connect
BIO_new_dgram
BIO_new_fd
BIO_new_file
BIO_new_fp
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_s_accept
BIO_s_bio
BIO_s_connect
BIO_s_datagram
BIO_s_fd
BIO_s_file
BIO_s_mem
BIO_s_null
BIO_s_socket
BIO_set
BIO_set_callback
BIO_set_callback_arg
BIO_set_cipher
BIO_set_ex_data
BIO_set_flags
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_cleanup
BIO_sock_error
BIO_sock_init
BIO_sock_non_fatal_error
BIO_sock_should_retry
BIO_socket_ioctl
BIO_socket_nbio
BIO_test_flags
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_write
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_get_thread_id
BN_BLINDING_invert
BN_BLINDING_invert_ex
BN_BLINDING_new
BN_BLINDING_set_flags
BN_BLINDING_set_thread_id
BN_BLINDING_update
BN_CTX_end
BN_CTX_free
BN_CTX_get
BN_CTX_init
BN_CTX_new
BN_CTX_start
BN_GENCB_call
BN_GF2m_add
BN_GF2m_arr2poly
BN_GF2m_mod
BN_GF2m_mod_arr
BN_GF2m_mod_div
BN_GF2m_mod_div_arr
BN_GF2m_mod_exp
BN_GF2m_mod_exp_arr
BN_GF2m_mod_inv
BN_GF2m_mod_inv_arr
BN_GF2m_mod_mul
BN_GF2m_mod_mul_arr
BN_GF2m_mod_solve_quad
BN_GF2m_mod_solve_quad_arr
BN_GF2m_mod_sqr
BN_GF2m_mod_sqr_arr
BN_GF2m_mod_sqrt
BN_GF2m_mod_sqrt_arr
BN_GF2m_poly2arr
BN_MONT_CTX_copy
BN_MONT_CTX_free
BN_MONT_CTX_init
BN_MONT_CTX_new
BN_MONT_CTX_set
BN_MONT_CTX_set_locked
BN_RECP_CTX_free
BN_RECP_CTX_init
BN_RECP_CTX_new
BN_RECP_CTX_set
BN_X931_derive_prime_ex
BN_X931_generate_Xpq
BN_X931_generate_prime_ex
BN_add
BN_add_word
BN_bin2bn
BN_bn2bin
BN_bn2dec
BN_bn2hex
BN_bn2mpi
BN_bntest_rand
BN_clear
BN_clear_bit
BN_clear_free
BN_cmp
BN_copy
BN_dec2bn
BN_div
BN_div_recp
BN_div_word
BN_dup
BN_exp
BN_free
BN_from_montgomery
BN_gcd
BN_generate_prime
BN_generate_prime_ex
BN_get0_nist_prime_192
BN_get0_nist_prime_224
BN_get0_nist_prime_256
BN_get0_nist_prime_384
BN_get0_nist_prime_521
BN_get_params
BN_get_word
BN_hex2bn
BN_init
BN_is_bit_set
BN_is_prime
BN_is_prime_ex
BN_is_prime_fasttest
BN_is_prime_fasttest_ex
BN_kronecker
BN_lshift
BN_lshift1
BN_mask_bits
BN_mod_add
BN_mod_add_quick
BN_mod_exp
BN_mod_exp2_mont
BN_mod_exp_mont
BN_mod_exp_mont_consttime
BN_mod_exp_mont_word
BN_mod_exp_recp
BN_mod_exp_simple
BN_mod_inverse
BN_mod_lshift
BN_mod_lshift1
BN_mod_lshift1_quick
BN_mod_lshift_quick
BN_mod_mul
BN_mod_mul_montgomery
BN_mod_mul_reciprocal
BN_mod_sqr
BN_mod_sqrt
BN_mod_sub
BN_mod_sub_quick
BN_mod_word
BN_mpi2bn
BN_mul
BN_mul_word
BN_new
BN_nist_mod_192
BN_nist_mod_224
BN_nist_mod_256
BN_nist_mod_384
BN_nist_mod_521
BN_nnmod
BN_num_bits
BN_num_bits_word
BN_options
BN_print
BN_print_fp
BN_pseudo_rand
BN_pseudo_rand_range
BN_rand
BN_rand_range
BN_reciprocal
BN_rshift
BN_rshift1
BN_set_bit
BN_set_negative
BN_set_params
BN_set_word
BN_sqr
BN_sub
BN_sub_word
BN_swap
BN_to_ASN1_ENUMERATED
BN_to_ASN1_INTEGER
BN_uadd
BN_ucmp
BN_usub
BN_value_one
BUF_MEM_free
BUF_MEM_grow
BUF_MEM_grow_clean
BUF_MEM_new
BUF_memdup
BUF_strdup
BUF_strlcat
BUF_strlcpy
BUF_strndup
CAST_cbc_encrypt
CAST_cfb64_encrypt
CAST_decrypt
CAST_ecb_encrypt
CAST_encrypt
CAST_ofb64_encrypt
CAST_set_key
CBIGNUM_it
CERTIFICATEPOLICIES_free
CERTIFICATEPOLICIES_it
CERTIFICATEPOLICIES_new
COMP_CTX_free
COMP_CTX_new
COMP_compress_block
COMP_expand_block
COMP_rle
COMP_zlib
COMP_zlib_cleanup
CONF_dump_bio
CONF_dump_fp
CONF_free
CONF_get1_default_config_file
CONF_get_number

Sections

.text
Size: 533KB - Virtual size: 533KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libiconv-2.dll
.dll windows:4 windows x86 arch:x86

dd86f097485a761cdaf285b0f147c8fc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetACP
GetAtomNameA
GetModuleFileNameA
IsDBCSLeadByteEx
MultiByteToWideChar
WideCharToMultiByte

msvcrt

_strdup
__dllonexit
__lc_codepage
__mb_cur_max
_assert
_errno
abort
fflush
free
malloc
memcpy
memset
qsort
sprintf
strchr
strcmp
strcpy
strlen
strncmp

Exports

Exports

_libiconv_version
aliases2_lookup
aliases_lookup
iconv_canonicalize
libiconv
libiconv_close
libiconv_open
libiconv_relocate
libiconv_set_relocation_prefix
libiconvctl
libiconvlist
locale_charset

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 815KB - Virtual size: 815KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 656B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 370B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libxml2.dll
.dll windows:5 windows x86 arch:x86

c17f3a8fe5a31151ab2da99abee9c23c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

inet_ntoa
__WSAFDIsSet
getsockopt
WSASetLastError
getservbyport
ntohs
gethostbyaddr
getservbyname
htonl
inet_addr
WSAGetLastError
ioctlsocket
WSAStartup
getsockname
bind
listen
gethostbyname
htons
socket
connect
send
select
recv
closesocket
WSACleanup

kernel32

GetSystemTimeAsFileTime
RtlUnwind
InterlockedExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetVersion
GetVersionExA
MultiByteToWideChar
TlsGetValue
GetModuleFileNameA
GetModuleHandleA
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
CreateMutexA
CloseHandle
WaitForSingleObject
ReleaseMutex
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedCompareExchange
GetCurrentThreadId
TlsFree
Sleep
TlsAlloc
InterlockedIncrement
TlsSetValue
OutputDebugStringA

msvcrt

fopen
free
sscanf
strcmp
toupper
memmove
vfprintf
_vsnprintf
fclose
malloc
strcat
strcpy
strchr
strncmp
calloc
strtoul
strtol
_errno
fwrite
_wfopen
_wstat
fread
ferror
fflush
printf
floor
fabs
labs
_isnan
_fpclass
log10
pow
fmod
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
isleadbyte
_itoa
wctomb
__badioinfo
__pioinfo
_read
_fileno
_lseeki64
_write
_isatty
fputc
_iob
strlen
_snprintf
strncpy
getenv
_stat
fprintf
memset
memcpy
realloc
_close
_open
_getcwd

Exports

Exports

UTF8ToHtml
UTF8Toisolat1
__docbDefaultSAXHandler
__htmlDefaultSAXHandler
__oldXMLWDcompatibility
__xmlBufferAllocScheme
__xmlDefaultBufferSize
__xmlDefaultSAXHandler
__xmlDefaultSAXLocator
__xmlDeregisterNodeDefaultValue
__xmlDoValidityCheckingDefaultValue
__xmlErrEncoding
__xmlGenericError
__xmlGenericErrorContext
__xmlGetWarningsDefaultValue
__xmlIndentTreeOutput
__xmlKeepBlanksDefaultValue
__xmlLastError
__xmlLineNumbersDefaultValue
__xmlLoadExtDtdDefaultValue
__xmlOutputBufferCreateFilenameValue
__xmlParserDebugEntities
__xmlParserInputBufferCreateFilenameValue
__xmlParserVersion
__xmlPedanticParserDefaultValue
__xmlRaiseError
__xmlRegisterNodeDefaultValue
__xmlSaveNoEmptyTags
__xmlSimpleError
__xmlStructuredError
__xmlStructuredErrorContext
__xmlSubstituteEntitiesDefaultValue
__xmlTreeIndentString
attribute
attributeDecl
cdataBlock
characters
checkNamespace
comment
docbCreateFileParserCtxt
docbCreatePushParserCtxt
docbDefaultSAXHandlerInit
docbEncodeEntities
docbFreeParserCtxt
docbParseChunk
docbParseDoc
docbParseDocument
docbParseFile
docbSAXParseDoc
docbSAXParseFile
elementDecl
emptyExp
endDocument
endElement
entityDecl
externalSubset
forbiddenExp
getColumnNumber
getEntity
getLineNumber
getNamespace
getParameterEntity
getPublicId
getSystemId
globalNamespace
hasExternalSubset
hasInternalSubset
htmlAttrAllowed
htmlAutoCloseTag
htmlCreateFileParserCtxt
htmlCreateMemoryParserCtxt
htmlCreatePushParserCtxt
htmlCtxtReadDoc
htmlCtxtReadFd
htmlCtxtReadFile
htmlCtxtReadIO
htmlCtxtReadMemory
htmlCtxtReset
htmlCtxtUseOptions
htmlDefaultSAXHandlerInit
htmlDocContentDumpFormatOutput
htmlDocContentDumpOutput
htmlDocDump
htmlDocDumpMemory
htmlDocDumpMemoryFormat
htmlElementAllowedHere
htmlElementStatusHere
htmlEncodeEntities
htmlEntityLookup
htmlEntityValueLookup
htmlFreeParserCtxt
htmlGetMetaEncoding
htmlHandleOmittedElem
htmlInitAutoClose
htmlIsAutoClosed
htmlIsBooleanAttr
htmlIsScriptAttribute
htmlNewDoc
htmlNewDocNoDtD
htmlNewParserCtxt
htmlNodeDump
htmlNodeDumpFile
htmlNodeDumpFileFormat
htmlNodeDumpFormatOutput
htmlNodeDumpOutput
htmlNodeStatus
htmlParseCharRef
htmlParseChunk
htmlParseDoc
htmlParseDocument
htmlParseElement
htmlParseEntityRef
htmlParseFile
htmlReadDoc
htmlReadFd
htmlReadFile
htmlReadIO
htmlReadMemory
htmlSAXParseDoc
htmlSAXParseFile
htmlSaveFile
htmlSaveFileEnc
htmlSaveFileFormat
htmlSetMetaEncoding
htmlTagLookup
ignorableWhitespace
initGenericErrorDefaultFunc
initdocbDefaultSAXHandler
inithtmlDefaultSAXHandler
initxmlDefaultSAXHandler
inputPop
inputPush
internalSubset
isStandalone
isolat1ToUTF8
namePop
namePush
namespaceDecl
nodePop
nodePush
notationDecl
processingInstruction
reference
resolveEntity
setDocumentLocator
setNamespace
startDocument
startElement
unparsedEntityDecl
valuePop
valuePush
xlinkGetDefaultDetect
xlinkGetDefaultHandler
xlinkIsLink
xlinkSetDefaultDetect
xlinkSetDefaultHandler
xmlACatalogAdd
xmlACatalogDump
xmlACatalogRemove
xmlACatalogResolve
xmlACatalogResolvePublic
xmlACatalogResolveSystem
xmlACatalogResolveURI
xmlAddAttributeDecl
xmlAddChild
xmlAddChildList
xmlAddDocEntity
xmlAddDtdEntity
xmlAddElementDecl
xmlAddEncodingAlias
xmlAddID
xmlAddNextSibling
xmlAddNotationDecl
xmlAddPrevSibling
xmlAddRef
xmlAddSibling
xmlAllocOutputBuffer
xmlAllocParserInputBuffer
xmlAttrSerializeTxtContent
xmlAutomataCompile
xmlAutomataGetInitState
xmlAutomataIsDeterminist
xmlAutomataNewAllTrans
xmlAutomataNewCountTrans
xmlAutomataNewCountTrans2
xmlAutomataNewCountedTrans
xmlAutomataNewCounter
xmlAutomataNewCounterTrans
xmlAutomataNewEpsilon
xmlAutomataNewNegTrans
xmlAutomataNewOnceTrans
xmlAutomataNewOnceTrans2
xmlAutomataNewState
xmlAutomataNewTransition
xmlAutomataNewTransition2
xmlAutomataSetFinalState
xmlBoolToText
xmlBufferAdd
xmlBufferAddHead
xmlBufferCCat
xmlBufferCat
xmlBufferContent
xmlBufferCreate
xmlBufferCreateSize
xmlBufferCreateStatic
xmlBufferDump
xmlBufferEmpty
xmlBufferFree
xmlBufferGrow
xmlBufferLength
xmlBufferResize
xmlBufferSetAllocationScheme
xmlBufferShrink
xmlBufferWriteCHAR
xmlBufferWriteChar
xmlBufferWriteQuotedString
xmlBuildQName
xmlBuildRelativeURI
xmlBuildURI
xmlByteConsumed
xmlC14NDocDumpMemory
xmlC14NDocSave
xmlC14NDocSaveTo
xmlC14NExecute
xmlCanonicPath
xmlCatalogAdd
xmlCatalogAddLocal
xmlCatalogCleanup
xmlCatalogConvert
xmlCatalogDump
xmlCatalogFreeLocal
xmlCatalogGetDefaults
xmlCatalogGetPublic
xmlCatalogGetSystem
xmlCatalogIsEmpty
xmlCatalogLocalResolve
xmlCatalogLocalResolveURI
xmlCatalogRemove
xmlCatalogResolve
xmlCatalogResolvePublic
xmlCatalogResolveSystem
xmlCatalogResolveURI
xmlCatalogSetDebug
xmlCatalogSetDefaultPrefer
xmlCatalogSetDefaults
xmlCharEncCloseFunc
xmlCharEncFirstLine
xmlCharEncInFunc
xmlCharEncOutFunc
xmlCharInRange
xmlCharStrdup
xmlCharStrndup
xmlCheckFilename
xmlCheckHTTPInput
xmlCheckLanguageID
xmlCheckUTF8
xmlCheckVersion
xmlChildElementCount
xmlCleanupCharEncodingHandlers
xmlCleanupEncodingAliases
xmlCleanupGlobals
xmlCleanupInputCallbacks
xmlCleanupMemory
xmlCleanupOutputCallbacks
xmlCleanupParser
xmlCleanupPredefinedEntities
xmlCleanupThreads
xmlClearNodeInfoSeq
xmlClearParserCtxt
xmlConvertSGMLCatalog
xmlCopyAttributeTable
xmlCopyChar
xmlCopyCharMultiByte
xmlCopyDoc
xmlCopyDocElementContent
xmlCopyDtd
xmlCopyElementContent
xmlCopyElementTable
xmlCopyEntitiesTable
xmlCopyEnumeration
xmlCopyError
xmlCopyNamespace
xmlCopyNamespaceList
xmlCopyNode
xmlCopyNodeList
xmlCopyNotationTable
xmlCopyProp
xmlCopyPropList
xmlCreateDocParserCtxt
xmlCreateEntitiesTable
xmlCreateEntityParserCtxt
xmlCreateEnumeration
xmlCreateFileParserCtxt
xmlCreateIOParserCtxt
xmlCreateIntSubset
xmlCreateMemoryParserCtxt
xmlCreatePushParserCtxt
xmlCreateURI
xmlCreateURLParserCtxt
xmlCtxtGetLastError
xmlCtxtReadDoc
xmlCtxtReadFd
xmlCtxtReadFile
xmlCtxtReadIO
xmlCtxtReadMemory
xmlCtxtReset
xmlCtxtResetLastError
xmlCtxtResetPush
xmlCtxtUseOptions
xmlCurrentChar
xmlDOMWrapAdoptNode
xmlDOMWrapCloneNode
xmlDOMWrapFreeCtxt
xmlDOMWrapNewCtxt
xmlDOMWrapReconcileNamespaces
xmlDOMWrapRemoveNode
xmlDebugCheckDocument
xmlDebugDumpAttr
xmlDebugDumpAttrList
xmlDebugDumpDTD
xmlDebugDumpDocument
xmlDebugDumpDocumentHead
xmlDebugDumpEntities
xmlDebugDumpNode
xmlDebugDumpNodeList
xmlDebugDumpOneNode
xmlDebugDumpString
xmlDecodeEntities
xmlDefaultSAXHandlerInit
xmlDelEncodingAlias
xmlDeregisterNodeDefault
xmlDetectCharEncoding
xmlDictCleanup
xmlDictCreate
xmlDictCreateSub
xmlDictExists
xmlDictFree
xmlDictLookup
xmlDictOwns
xmlDictQLookup
xmlDictReference
xmlDictSize
xmlDocCopyNode
xmlDocCopyNodeList
xmlDocDump
xmlDocDumpFormatMemory
xmlDocDumpFormatMemoryEnc
xmlDocDumpMemory
xmlDocDumpMemoryEnc
xmlDocFormatDump
xmlDocGetRootElement
xmlDocSetRootElement
xmlDumpAttributeDecl
xmlDumpAttributeTable
xmlDumpElementDecl
xmlDumpElementTable
xmlDumpEntitiesTable
xmlDumpEntityDecl
xmlDumpNotationDecl
xmlDumpNotationTable
xmlElemDump
xmlEncodeEntities
xmlEncodeEntitiesReentrant
xmlEncodeSpecialChars
xmlErrMemory
xmlExpCtxtNbCons
xmlExpCtxtNbNodes
xmlExpDump
xmlExpExpDerive
xmlExpFree
xmlExpFreeCtxt
xmlExpGetLanguage
xmlExpGetStart
xmlExpIsNillable
xmlExpMaxToken
xmlExpNewAtom
xmlExpNewCtxt
xmlExpNewOr
xmlExpNewRange
xmlExpNewSeq
xmlExpParse
xmlExpRef
xmlExpStringDerive
xmlExpSubsume
xmlFileClose
xmlFileMatch
xmlFileOpen
xmlFileRead
xmlFindCharEncodingHandler
xmlFirstElementChild
xmlFree
xmlFreeAttributeTable
xmlFreeAutomata
xmlFreeCatalog
xmlFreeDoc
xmlFreeDocElementContent
xmlFreeDtd
xmlFreeElementContent
xmlFreeElementTable
xmlFreeEntitiesTable
xmlFreeEnumeration
xmlFreeIDTable
xmlFreeInputStream
xmlFreeMutex
xmlFreeNode
xmlFreeNodeList
xmlFreeNotationTable
xmlFreeNs
xmlFreeNsList
xmlFreeParserCtxt
xmlFreeParserInputBuffer
xmlFreePattern
xmlFreePatternList
xmlFreeProp
xmlFreePropList
xmlFreeRMutex
xmlFreeRefTable
xmlFreeStreamCtxt
xmlFreeTextReader
xmlFreeTextWriter
xmlFreeURI
xmlFreeValidCtxt
xmlGcMemGet
xmlGcMemSetup
xmlGetBufferAllocationScheme
xmlGetCharEncodingHandler
xmlGetCharEncodingName
xmlGetCompressMode
xmlGetDocCompressMode
xmlGetDocEntity
xmlGetDtdAttrDesc
xmlGetDtdElementDesc
xmlGetDtdEntity
xmlGetDtdNotationDesc
xmlGetDtdQAttrDesc
xmlGetDtdQElementDesc
xmlGetEncodingAlias
xmlGetExternalEntityLoader
xmlGetFeature
xmlGetFeaturesList
xmlGetGlobalState
xmlGetID
xmlGetIntSubset
xmlGetLastChild
xmlGetLastError
xmlGetLineNo
xmlGetNoNsProp
xmlGetNodePath
xmlGetNsList
xmlGetNsProp
xmlGetParameterEntity
xmlGetPredefinedEntity
xmlGetProp
xmlGetRefs
xmlGetThreadId
xmlGetUTF8Char
xmlHandleEntity
xmlHasFeature
xmlHasNsProp
xmlHasProp
xmlHashAddEntry
xmlHashAddEntry2
xmlHashAddEntry3
xmlHashCopy
xmlHashCreate
xmlHashCreateDict
xmlHashFree
xmlHashLookup
xmlHashLookup2
xmlHashLookup3
xmlHashQLookup
xmlHashQLookup2
xmlHashQLookup3
xmlHashRemoveEntry
xmlHashRemoveEntry2
xmlHashRemoveEntry3
xmlHashScan
xmlHashScan3
xmlHashScanFull
xmlHashScanFull3
xmlHashSize
xmlHashUpdateEntry
xmlHashUpdateEntry2
xmlHashUpdateEntry3
xmlIOFTPClose
xmlIOFTPMatch
xmlIOFTPOpen
xmlIOFTPRead
xmlIOHTTPClose
xmlIOHTTPMatch
xmlIOHTTPOpen
xmlIOHTTPOpenW
xmlIOHTTPRead
xmlIOParseDTD
xmlInitCharEncodingHandlers
xmlInitGlobals
xmlInitMemory
xmlInitNodeInfoSeq
xmlInitParser
xmlInitParserCtxt

Sections

.text
Size: 585KB - Virtual size: 585KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 185KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
payload32.dll
.dll windows:4 windows x86 arch:x86

f77daf22af8cb286826cac53ccc4a812

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateIoCompletionPort
CreateThread
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
ExitProcess
FreeEnvironmentStringsW
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetQueuedCompletionStatus
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
QueryPerformanceCounter
SetConsoleCtrlHandler
SetErrorMode
SetEvent
SetProcessPriorityBoost
SetUnhandledExceptionFilter
SetWaitableTimer
Sleep
SwitchToThread
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WriteConsoleW
WriteFile

msvcrt

__dllonexit
_amsg_exit
_beginthread
_errno
_initterm
_iob
_lock
_onexit
fprintf
free
fwrite
malloc
strlen
strncmp
_unlock
abort
vfprintf
calloc

winmm

timeBeginPeriod
timeEndPeriod

ws2_32

WSAGetOverlappedResult

Exports

Exports

Entrypoint
_cgo_get_context_function
_cgo_is_runtime_initialized
_cgo_maybe_run_preinit
_cgo_panic
_cgo_preinit_init
_cgo_release_context
_cgo_sys_thread_start
_cgo_topofstack
_cgo_wait_runtime_init_done
_cgo_yield
_cgoexp_cf9027b4caf2_Entrypoint
application/winapi.MutexExists
application/winapi.init
application/winapi.init.ializers
application/winapi.initdone·
application/winapi.modadvapi32
application/winapi.modgdi32
application/winapi.modkernel32
application/winapi.modnetapi32
application/winapi.modntdll
application/winapi.modpsapi
application/winapi.modshell32
application/winapi.moduser32
application/winapi.moduserenv
application/winapi.modwintrust
application/winapi.modwtsapi32
application/winapi.procAdjustTokenPrivileges
application/winapi.procBitBlt
application/winapi.procCloseWindow
application/winapi.procCreateCompatibleBitmap
application/winapi.procCreateCompatibleDC
application/winapi.procCreateEnvironmentBlock
application/winapi.procCreateMutex
application/winapi.procCreateProcessAsUserW
application/winapi.procCreateProcessWithLogonW
application/winapi.procCreateProcessWithTokenW
application/winapi.procCreateRemoteThread
application/winapi.procCreateWindowEx
application/winapi.procDefWindowProc
application/winapi.procDeleteDC
application/winapi.procDeleteObject
application/winapi.procDestroyEnvironmentBlock
application/winapi.procDispatchMessage
application/winapi.procDuplicateTokenEx
application/winapi.procEnumProcesses
application/winapi.procEnumThreadWindows
application/winapi.procEnumWindows
application/winapi.procFileTimeToSystemTime
application/winapi.procGetCurrentProcessId
application/winapi.procGetDC
application/winapi.procGetDIBits
application/winapi.procGetDesktopWindow
application/winapi.procGetFileSize
application/winapi.procGetFinalPathNameByHandle
application/winapi.procGetFirmwareEnvironmentVariable
application/winapi.procGetMessage
application/winapi.procGetModuleHandle
application/winapi.procGetOEMCP
application/winapi.procGetProcessImageFileName
application/winapi.procGetSystemInfo
application/winapi.procGetSystemMetrics
application/winapi.procGetSystemTimes
application/winapi.procGetThreadContext
application/winapi.procGetTickCount64
application/winapi.procGetWindowRect
application/winapi.procGetWindowText
application/winapi.procGetWindowThreadProcessID
application/winapi.procImpersonateLoggedOnUser
application/winapi.procIsWow64Process
application/winapi.procLogonUserW
application/winapi.procLookupPrivilegeValueW
application/winapi.procLsaAddAccountRights
application/winapi.procLsaClose
application/winapi.procLsaOpenPolicy
application/winapi.procNetApiBufferFree
application/winapi.procNetUserGetInfo
application/winapi.procNtClose
application/winapi.procNtFilterToken
application/winapi.procNtQueryInformationProcess
application/winapi.procNtReadVirtualMemory
application/winapi.procNtResumeThread
application/winapi.procNtSetContextThread
application/winapi.procNtSetInformationToken
application/winapi.procNtSuspendThread
application/winapi.procNtUnmapViewOfSection
application/winapi.procNtWaitForSingleObject
application/winapi.procNtWow64QueryInformationProcess64
application/winapi.procNtWriteVirtualMemory
application/winapi.procOpenMutex
application/winapi.procOpenThread
application/winapi.procProcessIdToSessionId
application/winapi.procQueryFullProcessImageName
application/winapi.procQueryServiceStatusEx
application/winapi.procReadFile
application/winapi.procReadProcessMemory
application/winapi.procRegisterClassEx
application/winapi.procRegisterPowerSettingNotification
application/winapi.procReleaseDC
application/winapi.procReleaseMutex
application/winapi.procSelectObject
application/winapi.procSetThreadExecutionState
application/winapi.procShellExecuteEx
application/winapi.procSuspendThread
application/winapi.procTerminateThread
application/winapi.procThread32First
application/winapi.procThread32Next
application/winapi.procTranslateMessage
application/winapi.procUnregisterPowerSettingNotification
application/winapi.procVirtualAlloc
application/winapi.procVirtualAllocEx
application/winapi.procVirtualFree
application/winapi.procVirtualQueryEx
application/winapi.procWTSEnumerateSessions
application/winapi.procWTSFreeMemory
application/winapi.procWTSGetActiveConsoleSessionId
application/winapi.procWTSQuerySessionInformation
application/winapi.procWTSQueryUserToken
application/winapi.procWinVerifyTrust
application/winapi.procWriteProcessMemory
application/winapi.statictmp_19
bufio.(*Reader).Discard
bufio.(*Reader).Peek
bufio.(*Reader).Read
bufio.(*Reader).ReadByte
bufio.(*Reader).ReadLine
bufio.(*Reader).ReadSlice
bufio.(*Reader).Size
bufio.(*Reader).UnreadByte
bufio.(*Reader).WriteTo
bufio.(*Reader).fill
bufio.(*Reader).writeBuf
bufio.(*Writer).Flush
bufio.(*Writer).ReadFrom
bufio.(*Writer).Size
bufio.(*Writer).Write
bufio.(*Writer).WriteByte
bufio.(*Writer).WriteString
bufio.ErrAdvanceTooFar
bufio.ErrBufferFull
bufio.ErrFinalToken
bufio.ErrInvalidUnreadByte
bufio.ErrInvalidUnreadRune
bufio.ErrNegativeAdvance
bufio.ErrNegativeCount
bufio.ErrTooLong
bufio.errNegativeRead
bufio.errNegativeWrite
bufio.init
bufio.init.ializers
bufio.initdone·
bufio.statictmp_0
bufio.statictmp_1
bytes.(*Buffer).Len
bytes.(*Buffer).Read
bytes.(*Buffer).ReadByte
bytes.(*Buffer).ReadFrom
bytes.(*Buffer).Reset
bytes.(*Buffer).String
bytes.(*Buffer).UnreadByte
bytes.(*Buffer).Write
bytes.(*Buffer).WriteByte
bytes.(*Buffer).WriteString
bytes.(*Buffer).WriteTo
bytes.(*Buffer).grow
bytes.(*Reader).Len
bytes.(*Reader).Read
bytes.(*Reader).ReadByte
bytes.(*Reader).Size
bytes.(*Reader).UnreadByte
bytes.(*Reader).WriteTo
bytes.ErrTooLarge
bytes.Index
bytes.NewReader
bytes.TrimRight
bytes.TrimRightFunc
bytes.errNegativeRead
bytes.hashStr
bytes.indexRabinKarp
bytes.init
bytes.init.ializers
bytes.initdone·
bytes.lastIndexFunc
bytes.makeASCIISet
bytes.makeCutsetFunc
bytes.makeCutsetFunc.func1
bytes.makeCutsetFunc.func2
bytes.makeCutsetFunc.func3
bytes.makeSlice
bytes.makeSlice.func1
bytes.statictmp_2
bytes.statictmp_6
bytes.statictmp_8
cgo_init
cgo_notify_runtime_init_done
cgo_sys_thread_create
cgo_thread_start
compress/flate.(*CorruptInputError).Error
compress/flate.(*InternalError).Error
compress/flate.(*byFreq).Len
compress/flate.(*byFreq).Less
compress/flate.(*byFreq).Swap
compress/flate.(*byLiteral).Len
compress/flate.(*byLiteral).Less
compress/flate.(*byLiteral).Swap
compress/flate.(*decompressor).Close
compress/flate.(*decompressor).Read
compress/flate.(*decompressor).Reset
compress/flate.(*decompressor).copyData
compress/flate.(*decompressor).dataBlock
compress/flate.(*decompressor).huffSym
compress/flate.(*decompressor).huffmanBlock
compress/flate.(*decompressor).moreBits
compress/flate.(*decompressor).nextBlock
compress/flate.(*decompressor).readHuffman
compress/flate.(*dictDecoder).writeCopy
compress/flate.(*huffmanDecoder).init
compress/flate.(*huffmanEncoder).assignEncodingAndSize
compress/flate.(*huffmanEncoder).bitCounts
compress/flate.(*huffmanEncoder).generate
compress/flate.CorruptInputError.Error
compress/flate.InternalError.Error
compress/flate.NewReader
compress/flate.byFreq.Len
compress/flate.byFreq.Less
compress/flate.byFreq.Swap
compress/flate.byLiteral.Len
compress/flate.byLiteral.Less
compress/flate.byLiteral.Swap
compress/flate.codeOrder
compress/flate.fixedHuffmanDecoder
compress/flate.fixedHuffmanDecoderInit
compress/flate.fixedHuffmanDecoderInit.func1
compress/flate.fixedLiteralEncoding
compress/flate.fixedOffsetEncoding
compress/flate.fixedOnce
compress/flate.generateFixedLiteralEncoding
compress/flate.generateFixedOffsetEncoding
compress/flate.huffOffset
compress/flate.init
compress/flate.init.0
compress/flate.init.ializers
compress/flate.initdone·
compress/flate.statictmp_4
compress/flate.statictmp_5
compress/flate.statictmp_6
compress/flate.statictmp_7
compress/gzip.(*Reader).Close
compress/gzip.(*Reader).Read
compress/gzip.(*Reader).Reset
compress/gzip.(*Reader).readHeader
compress/gzip.(*Reader).readString
compress/gzip.ErrChecksum
compress/gzip.ErrHeader
compress/gzip.NewReader
compress/gzip.init
compress/gzip.init.ializers
compress/gzip.initdone·
container/list.(*List).Len
container/list.(*List).PushFront
context.(*cancelCtx).Deadline
context.(*cancelCtx).Done
context.(*cancelCtx).Err
context.(*cancelCtx).String
context.(*cancelCtx).Value
context.(*cancelCtx).cancel
context.(*deadlineExceededError).Error
context.(*deadlineExceededError).Temporary
context.(*deadlineExceededError).Timeout
context.(*emptyCtx).Deadline
context.(*emptyCtx).Done
context.(*emptyCtx).Err
context.(*emptyCtx).String
context.(*emptyCtx).Value
context.(*timerCtx).Deadline
context.(*timerCtx).Done
context.(*timerCtx).Err
context.(*timerCtx).String
context.(*timerCtx).Value
context.(*timerCtx).cancel
context.(*valueCtx).Deadline
context.(*valueCtx).Done
context.(*valueCtx).Err
context.(*valueCtx).String
context.(*valueCtx).Value
context.Canceled
context.DeadlineExceeded
context.WithCancel
context.WithCancel.func1
context.WithDeadline
context.WithDeadline.func1
context.WithDeadline.func2
context.WithDeadline.func3
context.WithValue
context.background
context.cancelCtx.Deadline
context.cancelCtx.Value
context.closedchan
context.deadlineExceededError.Error
context.deadlineExceededError.Temporary
context.deadlineExceededError.Timeout
context.init
context.init.0
context.init.ializers
context.initdone·
context.parentCancelCtx
context.propagateCancel
context.propagateCancel.func1
context.removeChild
context.statictmp_0
context.statictmp_1
context.statictmp_2
context.statictmp_3
context.statictmp_4
context.timerCtx.Value
context.todo
context.valueCtx.Deadline
context.valueCtx.Done
context.valueCtx.Err
crosscall2
crosscall_386
crypto.(*Hash).HashFunc
crypto.(*Hash).Size
crypto.Hash.HashFunc
crypto.Hash.New
crypto.Hash.New-fm
crypto.Hash.Size
crypto.digestSizes
crypto.hashes
crypto.init
crypto.init.ializers
crypto.initdone·
crypto.statictmp_0
crypto.statictmp_2
crypto.statictmp_3
crypto/aes.(*KeySizeError).Error
crypto/aes.(*aesCipher).BlockSize
crypto/aes.(*aesCipher).Decrypt
crypto/aes.(*aesCipher).Encrypt
crypto/aes.KeySizeError.Error
crypto/aes.NewCipher
crypto/aes.decryptBlockGo
crypto/aes.encryptBlockGo
crypto/aes.expandKeyGo
crypto/aes.init
crypto/aes.initdone·
crypto/aes.newCipherGeneric
crypto/aes.powx
crypto/aes.sbox0
crypto/aes.sbox1
crypto/aes.statictmp_0
crypto/aes.statictmp_1
crypto/aes.statictmp_2
crypto/aes.statictmp_3
crypto/aes.statictmp_4
crypto/aes.statictmp_5
crypto/aes.td0
crypto/aes.td1
crypto/aes.td2
crypto/aes.td3
crypto/aes.te0
crypto/aes.te1
crypto/aes.te2
crypto/aes.te3
crypto/cipher.(*StreamReader).Read
crypto/cipher.(*cbcDecrypter).BlockSize
crypto/cipher.(*cbcDecrypter).CryptBlocks
crypto/cipher.(*cbcDecrypter).SetIV
crypto/cipher.(*cbcEncrypter).BlockSize
crypto/cipher.(*cbcEncrypter).CryptBlocks
crypto/cipher.(*cbcEncrypter).SetIV
crypto/cipher.(*ctr).XORKeyStream
crypto/cipher.(*ctr).refill
crypto/cipher.(*gcm).NonceSize
crypto/cipher.(*gcm).Open
crypto/cipher.(*gcm).Overhead
crypto/cipher.(*gcm).Seal
crypto/cipher.(*gcm).auth
crypto/cipher.(*gcm).counterCrypt
crypto/cipher.(*gcm).deriveCounter
crypto/cipher.(*gcm).mul
crypto/cipher.(*gcm).update
crypto/cipher.(*gcm).updateBlocks
crypto/cipher.NewCBCDecrypter
crypto/cipher.NewCBCEncrypter
crypto/cipher.NewCTR
crypto/cipher.StreamReader.Read
crypto/cipher.errOpen
crypto/cipher.fastXORBytes
crypto/cipher.fastXORWords
crypto/cipher.gcmInc32
crypto/cipher.gcmReductionTable
crypto/cipher.init
crypto/cipher.init.ializers
crypto/cipher.initdone·
crypto/cipher.newCBC
crypto/cipher.newGCMWithNonceAndTagSize
crypto/cipher.statictmp_0
crypto/cipher.statictmp_1
crypto/cipher.statictmp_13
crypto/cipher.statictmp_14
crypto/cipher.statictmp_15
crypto/cipher.statictmp_16
crypto/cipher.statictmp_17
crypto/cipher.statictmp_18
crypto/cipher.statictmp_19
crypto/cipher.statictmp_2
crypto/cipher.statictmp_20
crypto/cipher.statictmp_21
crypto/cipher.statictmp_25
crypto/cipher.statictmp_3
crypto/cipher.statictmp_4
crypto/cipher.statictmp_5
crypto/cipher.statictmp_6
crypto/cipher.statictmp_7
crypto/cipher.statictmp_8
crypto/cipher.statictmp_9
crypto/cipher.xorBytes
crypto/des.(*KeySizeError).Error
crypto/des.(*desCipher).BlockSize
crypto/des.(*desCipher).Decrypt
crypto/des.(*desCipher).Encrypt
crypto/des.(*desCipher).generateSubkeys
crypto/des.(*tripleDESCipher).BlockSize
crypto/des.(*tripleDESCipher).Decrypt
crypto/des.(*tripleDESCipher).Encrypt
crypto/des.KeySizeError.Error
crypto/des.NewTripleDESCipher
crypto/des.cryptBlock
crypto/des.feistel
crypto/des.feistelBox
crypto/des.init
crypto/des.init.0
crypto/des.initdone·
crypto/des.ksRotate
crypto/des.ksRotations
crypto/des.permutationFunction
crypto/des.permuteBlock
crypto/des.permuteFinalBlock
crypto/des.permuteInitialBlock
crypto/des.permutedChoice1
crypto/des.permutedChoice2
crypto/des.sBoxes
crypto/des.statictmp_0
crypto/des.statictmp_1
crypto/des.statictmp_10
crypto/des.statictmp_11
crypto/des.statictmp_2
crypto/des.statictmp_3
crypto/des.statictmp_4
crypto/des.statictmp_5
crypto/des.statictmp_6
crypto/des.statictmp_7
crypto/des.statictmp_8
crypto/des.statictmp_9
crypto/dsa.ErrInvalidPublicKey
crypto/dsa.Verify
crypto/dsa.init
crypto/dsa.init.ializers
crypto/dsa.initdone·
crypto/ecdsa.(*PrivateKey).Add
crypto/ecdsa.(*PrivateKey).Double
crypto/ecdsa.(*PrivateKey).IsOnCurve
crypto/ecdsa.(*PrivateKey).Params
crypto/ecdsa.(*PrivateKey).Public
crypto/ecdsa.(*PrivateKey).ScalarBaseMult
crypto/ecdsa.(*PrivateKey).ScalarMult
crypto/ecdsa.(*PrivateKey).Sign
crypto/ecdsa.(*PublicKey).Add
crypto/ecdsa.(*PublicKey).Double
crypto/ecdsa.(*PublicKey).IsOnCurve
crypto/ecdsa.(*PublicKey).Params
crypto/ecdsa.(*PublicKey).ScalarBaseMult
crypto/ecdsa.(*PublicKey).ScalarMult
crypto/ecdsa.(*zr).Read
crypto/ecdsa.PrivateKey.Add
crypto/ecdsa.PrivateKey.Double
crypto/ecdsa.PrivateKey.IsOnCurve
crypto/ecdsa.PrivateKey.Params
crypto/ecdsa.PrivateKey.ScalarBaseMult
crypto/ecdsa.PrivateKey.ScalarMult
crypto/ecdsa.PublicKey.Add
crypto/ecdsa.PublicKey.Double
crypto/ecdsa.PublicKey.IsOnCurve
crypto/ecdsa.PublicKey.Params
crypto/ecdsa.PublicKey.ScalarBaseMult
crypto/ecdsa.PublicKey.ScalarMult
crypto/ecdsa.Sign
crypto/ecdsa.Verify
crypto/ecdsa.errZeroParam
crypto/ecdsa.fermatInverse
crypto/ecdsa.hashToInt
crypto/ecdsa.init
crypto/ecdsa.init.ializers
crypto/ecdsa.initdone·
crypto/ecdsa.one
crypto/ecdsa.randFieldElement
crypto/ecdsa.statictmp_0
crypto/ecdsa.zeroReader
crypto/elliptic.(*CurveParams).Add

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 85KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 540KB - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
payload64.dll
.dll windows:4 windows x64 arch:x64

aa33181d55eb211fa5baca000bce9ca7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateIoCompletionPort
CreateThread
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
ExitProcess
FreeEnvironmentStringsW
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetQueuedCompletionStatus
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetConsoleCtrlHandler
SetErrorMode
SetEvent
SetProcessPriorityBoost
SetUnhandledExceptionFilter
SetWaitableTimer
Sleep
SwitchToThread
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WriteConsoleW
WriteFile

msvcrt

__dllonexit
__iob_func
_amsg_exit
_beginthread
_errno
_initterm
_lock
_onexit
_unlock
abort
calloc
fprintf
free
fwrite
malloc
memcpy
signal
strlen
strncmp
vfprintf

winmm

timeBeginPeriod
timeEndPeriod

ws2_32

WSAGetOverlappedResult

Exports

Exports

Entrypoint
_cgo_get_context_function
_cgo_init
_cgo_is_runtime_initialized
_cgo_maybe_run_preinit
_cgo_notify_runtime_init_done
_cgo_panic
_cgo_preinit_init
_cgo_release_context
_cgo_sys_thread_create
_cgo_sys_thread_start
_cgo_thread_start
_cgo_topofstack
_cgo_wait_runtime_init_done
_cgo_yield
_cgoexp_cf9027b4caf2_Entrypoint
_rt0_amd64_windows_lib
_rt0_amd64_windows_lib.ptr
_rt0_amd64_windows_lib_go
application/winapi.MutexExists
application/winapi.init
application/winapi.init.ializers
application/winapi.initdone·
application/winapi.modadvapi32
application/winapi.modgdi32
application/winapi.modkernel32
application/winapi.modnetapi32
application/winapi.modntdll
application/winapi.modpsapi
application/winapi.modshell32
application/winapi.moduser32
application/winapi.moduserenv
application/winapi.modwintrust
application/winapi.modwtsapi32
application/winapi.procAdjustTokenPrivileges
application/winapi.procBitBlt
application/winapi.procCloseWindow
application/winapi.procCreateCompatibleBitmap
application/winapi.procCreateCompatibleDC
application/winapi.procCreateEnvironmentBlock
application/winapi.procCreateMutex
application/winapi.procCreateProcessAsUserW
application/winapi.procCreateProcessWithLogonW
application/winapi.procCreateProcessWithTokenW
application/winapi.procCreateRemoteThread
application/winapi.procCreateWindowEx
application/winapi.procDefWindowProc
application/winapi.procDeleteDC
application/winapi.procDeleteObject
application/winapi.procDestroyEnvironmentBlock
application/winapi.procDispatchMessage
application/winapi.procDuplicateTokenEx
application/winapi.procEnumProcesses
application/winapi.procEnumThreadWindows
application/winapi.procEnumWindows
application/winapi.procFileTimeToSystemTime
application/winapi.procGetCurrentProcessId
application/winapi.procGetDC
application/winapi.procGetDIBits
application/winapi.procGetDesktopWindow
application/winapi.procGetFileSize
application/winapi.procGetFinalPathNameByHandle
application/winapi.procGetFirmwareEnvironmentVariable
application/winapi.procGetMessage
application/winapi.procGetModuleHandle
application/winapi.procGetOEMCP
application/winapi.procGetProcessImageFileName
application/winapi.procGetSystemInfo
application/winapi.procGetSystemMetrics
application/winapi.procGetSystemTimes
application/winapi.procGetThreadContext
application/winapi.procGetTickCount64
application/winapi.procGetWindowRect
application/winapi.procGetWindowText
application/winapi.procGetWindowThreadProcessID
application/winapi.procImpersonateLoggedOnUser
application/winapi.procIsWow64Process
application/winapi.procLogonUserW
application/winapi.procLookupPrivilegeValueW
application/winapi.procLsaAddAccountRights
application/winapi.procLsaClose
application/winapi.procLsaOpenPolicy
application/winapi.procNetApiBufferFree
application/winapi.procNetUserGetInfo
application/winapi.procNtClose
application/winapi.procNtFilterToken
application/winapi.procNtQueryInformationProcess
application/winapi.procNtReadVirtualMemory
application/winapi.procNtResumeThread
application/winapi.procNtSetContextThread
application/winapi.procNtSetInformationToken
application/winapi.procNtSuspendThread
application/winapi.procNtUnmapViewOfSection
application/winapi.procNtWaitForSingleObject
application/winapi.procNtWow64QueryInformationProcess64
application/winapi.procNtWriteVirtualMemory
application/winapi.procOpenMutex
application/winapi.procOpenThread
application/winapi.procProcessIdToSessionId
application/winapi.procQueryFullProcessImageName
application/winapi.procQueryServiceStatusEx
application/winapi.procReadFile
application/winapi.procReadProcessMemory
application/winapi.procRegisterClassEx
application/winapi.procRegisterPowerSettingNotification
application/winapi.procReleaseDC
application/winapi.procReleaseMutex
application/winapi.procSelectObject
application/winapi.procSetThreadExecutionState
application/winapi.procShellExecuteEx
application/winapi.procSuspendThread
application/winapi.procTerminateThread
application/winapi.procThread32First
application/winapi.procThread32Next
application/winapi.procTranslateMessage
application/winapi.procUnregisterPowerSettingNotification
application/winapi.procVirtualAlloc
application/winapi.procVirtualAllocEx
application/winapi.procVirtualFree
application/winapi.procVirtualQueryEx
application/winapi.procWTSEnumerateSessions
application/winapi.procWTSFreeMemory
application/winapi.procWTSGetActiveConsoleSessionId
application/winapi.procWTSQuerySessionInformation
application/winapi.procWTSQueryUserToken
application/winapi.procWinVerifyTrust
application/winapi.procWriteProcessMemory
application/winapi.statictmp_19
bufio.(*Reader).Discard
bufio.(*Reader).Peek
bufio.(*Reader).Read
bufio.(*Reader).ReadByte
bufio.(*Reader).ReadLine
bufio.(*Reader).ReadSlice
bufio.(*Reader).Size
bufio.(*Reader).UnreadByte
bufio.(*Reader).WriteTo
bufio.(*Reader).fill
bufio.(*Reader).writeBuf
bufio.(*Writer).Flush
bufio.(*Writer).ReadFrom
bufio.(*Writer).Size
bufio.(*Writer).Write
bufio.(*Writer).WriteByte
bufio.(*Writer).WriteString
bufio.ErrAdvanceTooFar
bufio.ErrBufferFull
bufio.ErrFinalToken
bufio.ErrInvalidUnreadByte
bufio.ErrInvalidUnreadRune
bufio.ErrNegativeAdvance
bufio.ErrNegativeCount
bufio.ErrTooLong
bufio.errNegativeRead
bufio.errNegativeWrite
bufio.init
bufio.init.ializers
bufio.initdone·
bufio.statictmp_0
bufio.statictmp_1
bytes.(*Buffer).Len
bytes.(*Buffer).Read
bytes.(*Buffer).ReadByte
bytes.(*Buffer).ReadFrom
bytes.(*Buffer).Reset
bytes.(*Buffer).String
bytes.(*Buffer).UnreadByte
bytes.(*Buffer).Write
bytes.(*Buffer).WriteByte
bytes.(*Buffer).WriteString
bytes.(*Buffer).WriteTo
bytes.(*Buffer).grow
bytes.(*Reader).Len
bytes.(*Reader).Read
bytes.(*Reader).ReadByte
bytes.(*Reader).Size
bytes.(*Reader).UnreadByte
bytes.(*Reader).WriteTo
bytes.ErrTooLarge
bytes.Index
bytes.NewReader
bytes.TrimRight
bytes.TrimRightFunc
bytes.errNegativeRead
bytes.hashStr
bytes.indexRabinKarp
bytes.init
bytes.init.ializers
bytes.initdone·
bytes.lastIndexFunc
bytes.makeASCIISet
bytes.makeCutsetFunc
bytes.makeCutsetFunc.func1
bytes.makeCutsetFunc.func2
bytes.makeCutsetFunc.func3
bytes.makeSlice
bytes.makeSlice.func1
bytes.statictmp_2
bytes.statictmp_5
compress/flate.(*CorruptInputError).Error
compress/flate.(*InternalError).Error
compress/flate.(*byFreq).Len
compress/flate.(*byFreq).Less
compress/flate.(*byFreq).Swap
compress/flate.(*byLiteral).Len
compress/flate.(*byLiteral).Less
compress/flate.(*byLiteral).Swap
compress/flate.(*decompressor).Close
compress/flate.(*decompressor).Read
compress/flate.(*decompressor).Reset
compress/flate.(*decompressor).copyData
compress/flate.(*decompressor).dataBlock
compress/flate.(*decompressor).huffSym
compress/flate.(*decompressor).huffmanBlock
compress/flate.(*decompressor).moreBits
compress/flate.(*decompressor).nextBlock
compress/flate.(*decompressor).readHuffman
compress/flate.(*dictDecoder).writeCopy
compress/flate.(*huffmanDecoder).init
compress/flate.(*huffmanEncoder).assignEncodingAndSize
compress/flate.(*huffmanEncoder).bitCounts
compress/flate.(*huffmanEncoder).generate
compress/flate.CorruptInputError.Error
compress/flate.InternalError.Error
compress/flate.NewReader
compress/flate.byFreq.Len
compress/flate.byFreq.Less
compress/flate.byFreq.Swap
compress/flate.byLiteral.Len
compress/flate.byLiteral.Less
compress/flate.byLiteral.Swap
compress/flate.codeOrder
compress/flate.fixedHuffmanDecoder
compress/flate.fixedHuffmanDecoderInit
compress/flate.fixedHuffmanDecoderInit.func1
compress/flate.fixedLiteralEncoding
compress/flate.fixedOffsetEncoding
compress/flate.fixedOnce
compress/flate.generateFixedLiteralEncoding
compress/flate.generateFixedOffsetEncoding
compress/flate.huffOffset
compress/flate.init
compress/flate.init.0
compress/flate.init.ializers
compress/flate.initdone·
compress/flate.statictmp_4
compress/flate.statictmp_5
compress/flate.statictmp_6
compress/flate.statictmp_7
compress/gzip.(*Reader).Close
compress/gzip.(*Reader).Read
compress/gzip.(*Reader).Reset
compress/gzip.(*Reader).readHeader
compress/gzip.(*Reader).readString
compress/gzip.ErrChecksum
compress/gzip.ErrHeader
compress/gzip.NewReader
compress/gzip.init
compress/gzip.init.ializers
compress/gzip.initdone·
container/list.(*List).Len
container/list.(*List).PushFront
context.(*cancelCtx).Deadline
context.(*cancelCtx).Done
context.(*cancelCtx).Err
context.(*cancelCtx).String
context.(*cancelCtx).Value
context.(*cancelCtx).cancel
context.(*deadlineExceededError).Error
context.(*deadlineExceededError).Temporary
context.(*deadlineExceededError).Timeout
context.(*emptyCtx).Deadline
context.(*emptyCtx).Done
context.(*emptyCtx).Err
context.(*emptyCtx).String
context.(*emptyCtx).Value
context.(*timerCtx).Deadline
context.(*timerCtx).Done
context.(*timerCtx).Err
context.(*timerCtx).String
context.(*timerCtx).Value
context.(*timerCtx).cancel
context.(*valueCtx).Deadline
context.(*valueCtx).Done
context.(*valueCtx).Err
context.(*valueCtx).String
context.(*valueCtx).Value
context.Canceled
context.DeadlineExceeded
context.WithCancel
context.WithCancel.func1
context.WithDeadline
context.WithDeadline.func1
context.WithDeadline.func2
context.WithDeadline.func3
context.WithValue
context.background
context.cancelCtx.Deadline
context.cancelCtx.Value
context.closedchan
context.deadlineExceededError.Error
context.deadlineExceededError.Temporary
context.deadlineExceededError.Timeout
context.init
context.init.0
context.init.ializers
context.initdone·
context.parentCancelCtx
context.propagateCancel
context.propagateCancel.func1
context.removeChild
context.statictmp_0
context.statictmp_1
context.statictmp_2
context.statictmp_3
context.statictmp_4
context.timerCtx.Value
context.todo
context.valueCtx.Deadline
context.valueCtx.Done
context.valueCtx.Err
crosscall2
crosscall_amd64
crypto.(*Hash).HashFunc
crypto.(*Hash).Size
crypto.Hash.HashFunc
crypto.Hash.New
crypto.Hash.New-fm
crypto.Hash.Size
crypto.digestSizes
crypto.hashes
crypto.init
crypto.init.ializers
crypto.initdone·
crypto.statictmp_0
crypto.statictmp_2
crypto.statictmp_3
crypto/aes.(*KeySizeError).Error
crypto/aes.(*aesCipher).BlockSize
crypto/aes.(*aesCipher).Decrypt
crypto/aes.(*aesCipher).Encrypt
crypto/aes.(*aesCipherAsm).BlockSize
crypto/aes.(*aesCipherAsm).Decrypt
crypto/aes.(*aesCipherAsm).Encrypt
crypto/aes.(*aesCipherGCM).BlockSize
crypto/aes.(*aesCipherGCM).Decrypt
crypto/aes.(*aesCipherGCM).Encrypt
crypto/aes.(*aesCipherGCM).NewGCM
crypto/aes.(*gcmAsm).NonceSize
crypto/aes.(*gcmAsm).Open
crypto/aes.(*gcmAsm).Overhead
crypto/aes.(*gcmAsm).Seal
crypto/aes.KeySizeError.Error
crypto/aes.NewCipher
crypto/aes.decryptBlockAsm
crypto/aes.decryptBlockGo
crypto/aes.encryptBlockAsm
crypto/aes.encryptBlockGo
crypto/aes.errOpen
crypto/aes.expandKeyAsm
crypto/aes.expandKeyGo
crypto/aes.gcmAesData
crypto/aes.gcmAesDec
crypto/aes.gcmAesEnc
crypto/aes.gcmAesFinish
crypto/aes.gcmAesInit
crypto/aes.init
crypto/aes.init.ializers
crypto/aes.initdone·
crypto/aes.newCipher
crypto/aes.newCipherGeneric
crypto/aes.powx
crypto/aes.sbox0
crypto/aes.sbox1
crypto/aes.statictmp_0
crypto/aes.statictmp_1
crypto/aes.statictmp_10
crypto/aes.statictmp_11
crypto/aes.statictmp_12
crypto/aes.statictmp_13
crypto/aes.statictmp_14
crypto/aes.statictmp_15
crypto/aes.statictmp_16
crypto/aes.statictmp_17
crypto/aes.statictmp_2
crypto/aes.statictmp_3
crypto/aes.statictmp_4
crypto/aes.statictmp_5
crypto/aes.statictmp_6
crypto/aes.statictmp_7
crypto/aes.statictmp_8
crypto/aes.statictmp_9
crypto/aes.supportsAES
crypto/aes.supportsGFMUL
crypto/aes.td0
crypto/aes.td1
crypto/aes.td2
crypto/aes.td3
crypto/aes.te0
crypto/aes.te1
crypto/aes.te2
crypto/aes.te3
crypto/cipher.(*StreamReader).Read
crypto/cipher.(*cbcDecrypter).BlockSize
crypto/cipher.(*cbcDecrypter).CryptBlocks
crypto/cipher.(*cbcDecrypter).SetIV
crypto/cipher.(*cbcEncrypter).BlockSize
crypto/cipher.(*cbcEncrypter).CryptBlocks
crypto/cipher.(*cbcEncrypter).SetIV
crypto/cipher.(*ctr).XORKeyStream
crypto/cipher.(*ctr).refill
crypto/cipher.(*gcm).NonceSize
crypto/cipher.(*gcm).Open
crypto/cipher.(*gcm).Overhead
crypto/cipher.(*gcm).Seal
crypto/cipher.(*gcm).auth
crypto/cipher.(*gcm).counterCrypt
crypto/cipher.(*gcm).deriveCounter
crypto/cipher.(*gcm).mul
crypto/cipher.(*gcm).update
crypto/cipher.(*gcm).updateBlocks
crypto/cipher.NewCBCDecrypter
crypto/cipher.NewCBCEncrypter
crypto/cipher.NewCTR
crypto/cipher.StreamReader.Read
crypto/cipher.errOpen
crypto/cipher.gcmInc32
crypto/cipher.gcmReductionTable
crypto/cipher.init
crypto/cipher.init.ializers
crypto/cipher.initdone·
crypto/cipher.newCBC
crypto/cipher.newGCMWithNonceAndTagSize
crypto/cipher.statictmp_0
crypto/cipher.statictmp_1
crypto/cipher.statictmp_13
crypto/cipher.statictmp_14
crypto/cipher.statictmp_15
crypto/cipher.statictmp_16
crypto/cipher.statictmp_17
crypto/cipher.statictmp_18
crypto/cipher.statictmp_19
crypto/cipher.statictmp_2
crypto/cipher.statictmp_20
crypto/cipher.statictmp_21
crypto/cipher.statictmp_25
crypto/cipher.statictmp_3
crypto/cipher.statictmp_4
crypto/cipher.statictmp_5
crypto/cipher.statictmp_6
crypto/cipher.statictmp_7
crypto/cipher.statictmp_8
crypto/cipher.statictmp_9
crypto/cipher.xorBytes
crypto/cipher.xorBytesSSE2
crypto/des.(*KeySizeError).Error
crypto/des.(*desCipher).BlockSize
crypto/des.(*desCipher).Decrypt
crypto/des.(*desCipher).Encrypt
crypto/des.(*desCipher).generateSubkeys
crypto/des.(*tripleDESCipher).BlockSize
crypto/des.(*tripleDESCipher).Decrypt
crypto/des.(*tripleDESCipher).Encrypt
crypto/des.KeySizeError.Error
crypto/des.NewTripleDESCipher
crypto/des.cryptBlock
crypto/des.feistel
crypto/des.feistelBox
crypto/des.init
crypto/des.init.0
crypto/des.initdone·
crypto/des.ksRotate
crypto/des.ksRotations
crypto/des.permutationFunction
crypto/des.permuteBlock
crypto/des.permuteFinalBlock
crypto/des.permuteInitialBlock
crypto/des.permutedChoice1
crypto/des.permutedChoice2
crypto/des.sBoxes
crypto/des.statictmp_0
crypto/des.statictmp_1
crypto/des.statictmp_10
crypto/des.statictmp_11
crypto/des.statictmp_2
crypto/des.statictmp_3
crypto/des.statictmp_4
crypto/des.statictmp_5
crypto/des.statictmp_6
crypto/des.statictmp_7
crypto/des.statictmp_8
crypto/des.statictmp_9
crypto/dsa.ErrInvalidPublicKey
crypto/dsa.Verify
crypto/dsa.init
crypto/dsa.init.ializers
crypto/dsa.initdone·
crypto/ecdsa.(*PrivateKey).Add
crypto/ecdsa.(*PrivateKey).Double
crypto/ecdsa.(*PrivateKey).IsOnCurve

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
pcla-0.dll
.dll windows:5 windows x86 arch:x86

fd65062fb78dffef07ac3b040945c3c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
FreeLibrary
LoadLibraryA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

tibe-2

TbWinsockCleanup
TbCloseSocket
TbWinsockStartup

trfo-2

TfNrvCompress
TfRandomByte
TfFillRandom
TfXorBuffer
TfReadFileIntoBuffer
TfFree
TfStrICmp
TfNrvCalculateMaxExpansion

trch-1

Parameter_markInvalidWithReason
Params_findParameter
Parameter_Socket_getValue
Parameter_LocalFile_getValue
Parameter_String_getValue
Parameter_U8_getValue
Parameter_S16_getValue
Params_findParamchoice
Paramchoice_getValue
Paramchoice_hasValidValue

tucl-1

TcLogBuffer
TcLog

ws2_32

select
recv
WSASetLastError
send

msvcrt

atoi
memset
free
malloc
memcpy
calloc
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv

Exports

Exports

getID
processParams
validateParams

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
pcre-0.dll
.dll windows:5 windows x86 arch:x86

c04ae93ea53bc16eec23be7c255c7200

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

msvcrt

strchr
strcmp
strncmp
memset
memcpy
memcmp
memmove
strlen
malloc
free
isalpha
iscntrl
ispunct
isprint
isgraph
isxdigit
isalnum
isupper
isdigit
toupper
islower
tolower
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
isspace

Exports

Exports

pcre_callout
pcre_compile
pcre_compile2
pcre_config
pcre_copy_named_substring
pcre_copy_substring
pcre_dfa_exec
pcre_exec
pcre_free
pcre_free_substring
pcre_free_substring_list
pcre_fullinfo
pcre_get_named_substring
pcre_get_stringnumber
pcre_get_stringtable_entries
pcre_get_substring
pcre_get_substring_list
pcre_info
pcre_maketables
pcre_malloc
pcre_refcount
pcre_stack_free
pcre_stack_malloc
pcre_study
pcre_version

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
pcrecpp-0.dll
.dll windows:5 windows x86 arch:x86

b7979a859ceaa2d1b5ac69eb5a7f4ae5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
RtlUnwind
InterlockedExchange
Sleep
InterlockedCompareExchange
TerminateProcess
OutputDebugStringA
GetCurrentProcess
UnhandledExceptionFilter

pcre-0

pcre_fullinfo
pcre_exec
pcre_config
pcre_compile
pcre_free

msvcp60

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDIABV?$allocator@D@1@@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z

msvcrt

memcmp
isdigit
memcpy
isspace
strtol
strtoul
strtod
??0exception@@QAE@XZ
?what@exception@@UBEPBDXZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
free
_CxxThrowException
malloc
_callnewh
_unlock
__dllonexit
_lock
_onexit
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
??1type_info@@UAE@XZ
_errno
__CxxFrameHandler
strlen

Exports

Exports

??0Arg@pcrecpp@@QAE@PAD@Z
??0Arg@pcrecpp@@QAE@PADP6A_NPBDHPAX@Z@Z
??0Arg@pcrecpp@@QAE@PAE@Z
??0Arg@pcrecpp@@QAE@PAEP6A_NPBDHPAX@Z@Z
??0Arg@pcrecpp@@QAE@PAF@Z
??0Arg@pcrecpp@@QAE@PAFP6A_NPBDHPAX@Z@Z
??0Arg@pcrecpp@@QAE@PAG@Z
??0Arg@pcrecpp@@QAE@PAGP6A_NPBDHPAX@Z@Z
??0Arg@pcrecpp@@QAE@PAH@Z
??0Arg@pcrecpp@@QAE@PAHP6A_NPBDHPAX@Z@Z
??0Arg@pcrecpp@@QAE@PAI@Z
??0Arg@pcrecpp@@QAE@PAIP6A_NPBDHPAX@Z@Z
??0Arg@pcrecpp@@QAE@PAJ@Z
??0Arg@pcrecpp@@QAE@PAJP6A_NPBDHPAX@Z@Z
??0Arg@pcrecpp@@QAE@PAK@Z
??0Arg@pcrecpp@@QAE@PAKP6A_NPBDHPAX@Z@Z
??0Arg@pcrecpp@@QAE@PAM@Z
??0Arg@pcrecpp@@QAE@PAMP6A_NPBDHPAX@Z@Z
??0Arg@pcrecpp@@QAE@PAN@Z
??0Arg@pcrecpp@@QAE@PANP6A_NPBDHPAX@Z@Z
??0Arg@pcrecpp@@QAE@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0Arg@pcrecpp@@QAE@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@P6A_NPBDHPAX@Z@Z
??0Arg@pcrecpp@@QAE@PAVStringPiece@1@@Z
??0Arg@pcrecpp@@QAE@PAVStringPiece@1@P6A_NPBDHPAX@Z@Z
??0Arg@pcrecpp@@QAE@PAX@Z
??0Arg@pcrecpp@@QAE@PA_J@Z
??0Arg@pcrecpp@@QAE@PA_JP6A_NPBDHPAX@Z@Z
??0Arg@pcrecpp@@QAE@PA_K@Z
??0Arg@pcrecpp@@QAE@PA_KP6A_NPBDHPAX@Z@Z
??0Arg@pcrecpp@@QAE@XZ
??0RE@pcrecpp@@QAE@ABV01@@Z
??0RE@pcrecpp@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0RE@pcrecpp@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVRE_Options@1@@Z
??0RE@pcrecpp@@QAE@PBD@Z
??0RE@pcrecpp@@QAE@PBDABVRE_Options@1@@Z
??0RE@pcrecpp@@QAE@PBE@Z
??0RE@pcrecpp@@QAE@PBEABVRE_Options@1@@Z
??0RE_Options@pcrecpp@@QAE@H@Z
??0RE_Options@pcrecpp@@QAE@XZ
??0Scanner@pcrecpp@@QAE@ABV01@@Z
??0Scanner@pcrecpp@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0Scanner@pcrecpp@@QAE@XZ
??0StringPiece@pcrecpp@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0StringPiece@pcrecpp@@QAE@PBD@Z
??0StringPiece@pcrecpp@@QAE@PBDH@Z
??0StringPiece@pcrecpp@@QAE@PBE@Z
??0StringPiece@pcrecpp@@QAE@XZ
??1RE@pcrecpp@@QAE@XZ
??1Scanner@pcrecpp@@QAE@XZ
??4Arg@pcrecpp@@QAEAAV01@ABV01@@Z
??4RE@pcrecpp@@QAEABV01@ABV01@@Z
??4RE_Options@pcrecpp@@QAEAAV01@ABV01@@Z
??4Scanner@pcrecpp@@QAEAAV01@ABV01@@Z
??4StringPiece@pcrecpp@@QAEAAV01@ABV01@@Z
??8StringPiece@pcrecpp@@QBE_NABV01@@Z
??9StringPiece@pcrecpp@@QBE_NABV01@@Z
??AStringPiece@pcrecpp@@QBEDH@Z
??MStringPiece@pcrecpp@@QBE_NABV01@@Z
??NStringPiece@pcrecpp@@QBE_NABV01@@Z
??OStringPiece@pcrecpp@@QBE_NABV01@@Z
??PStringPiece@pcrecpp@@QBE_NABV01@@Z
?Cleanup@RE@pcrecpp@@AAEXXZ
?Compile@RE@pcrecpp@@AAEPAUreal_pcre@@W4Anchor@12@@Z
?Consume@RE@pcrecpp@@QBE_NPAVStringPiece@2@ABVArg@2@111111111111111@Z
?Consume@Scanner@pcrecpp@@QAE_NABVRE@2@ABVArg@2@11@Z
?ConsumeSkip@Scanner@pcrecpp@@AAEXXZ
?CopyToString@StringPiece@pcrecpp@@QBEXPAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?DisableSkip@Scanner@pcrecpp@@QAEXXZ
?DoMatch@RE@pcrecpp@@QBE_NABVStringPiece@2@W4Anchor@12@PAHPBQBVArg@2@H@Z
?DoMatchImpl@RE@pcrecpp@@ABE_NABVStringPiece@2@W4Anchor@12@PAHQBQBVArg@2@H2H@Z
?EnableSkip@Scanner@pcrecpp@@QAEXXZ
?Extract@RE@pcrecpp@@QBE_NABVStringPiece@2@0PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?FindAndConsume@RE@pcrecpp@@QBE_NPAVStringPiece@2@ABVArg@2@111111111111111@Z
?FullMatch@RE@pcrecpp@@QBE_NABVStringPiece@2@ABVArg@2@111111111111111@Z
?GetComments@Scanner@pcrecpp@@QAEXHHPAV?$vector@VStringPiece@pcrecpp@@V?$allocator@VStringPiece@pcrecpp@@@std@@@std@@@Z
?GetNextComments@Scanner@pcrecpp@@QAEXPAV?$vector@VStringPiece@pcrecpp@@V?$allocator@VStringPiece@pcrecpp@@@std@@@std@@@Z
?GlobalReplace@RE@pcrecpp@@QBEHABVStringPiece@2@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Init@RE@pcrecpp@@AAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVRE_Options@2@@Z
?LineNumber@Scanner@pcrecpp@@QBEHXZ
?LookingAt@Scanner@pcrecpp@@QBE_NABVRE@2@@Z
?NumberOfCapturingGroups@RE@pcrecpp@@QBEHXZ
?Offset@Scanner@pcrecpp@@QBEHXZ
?Parse@Arg@pcrecpp@@QBE_NPBDH@Z
?PartialMatch@RE@pcrecpp@@QBE_NABVStringPiece@2@ABVArg@2@111111111111111@Z
?QuoteMeta@RE@pcrecpp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVStringPiece@2@@Z
?Replace@RE@pcrecpp@@QBE_NABVStringPiece@2@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Rewrite@RE@pcrecpp@@ABE_NPAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVStringPiece@2@1PAHH@Z
?SetSkipExpression@Scanner@pcrecpp@@QAEXPBD@Z
?Skip@Scanner@pcrecpp@@QAEXPBD@Z
?SkipCXXComments@Scanner@pcrecpp@@QAEXXZ
?TryMatch@RE@pcrecpp@@ABEHABVStringPiece@2@HW4Anchor@12@_NPAHH@Z
?all_options@RE_Options@pcrecpp@@QBEHXZ
?as_string@StringPiece@pcrecpp@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?caseless@RE_Options@pcrecpp@@QBE_NXZ
?clear@StringPiece@pcrecpp@@QAEXXZ
?compare@StringPiece@pcrecpp@@QBEHABV12@@Z
?data@StringPiece@pcrecpp@@QBEPBDXZ
?dollar_endonly@RE_Options@pcrecpp@@QBE_NXZ
?dotall@RE_Options@pcrecpp@@QBE_NXZ
?empty@StringPiece@pcrecpp@@QBE_NXZ
?error@RE@pcrecpp@@QBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?extended@RE_Options@pcrecpp@@QBE_NXZ
?extra@RE_Options@pcrecpp@@QBE_NXZ
?match_limit@RE_Options@pcrecpp@@QBEHXZ
?match_limit_recursion@RE_Options@pcrecpp@@QBEHXZ
?multiline@RE_Options@pcrecpp@@QBE_NXZ
?no_arg@RE@pcrecpp@@2VArg@2@A
?no_auto_capture@RE_Options@pcrecpp@@QBE_NXZ
?parse_char@Arg@pcrecpp@@CA_NPBDHPAX@Z
?parse_double@Arg@pcrecpp@@CA_NPBDHPAX@Z
?parse_float@Arg@pcrecpp@@CA_NPBDHPAX@Z
?parse_int@Arg@pcrecpp@@CA_NPBDHPAX@Z
?parse_int_cradix@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_int_hex@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_int_octal@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_int_radix@Arg@pcrecpp@@CA_NPBDHPAXH@Z
?parse_long@Arg@pcrecpp@@CA_NPBDHPAX@Z
?parse_long_cradix@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_long_hex@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_long_octal@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_long_radix@Arg@pcrecpp@@CA_NPBDHPAXH@Z
?parse_longlong@Arg@pcrecpp@@CA_NPBDHPAX@Z
?parse_longlong_cradix@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_longlong_hex@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_longlong_octal@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_longlong_radix@Arg@pcrecpp@@CA_NPBDHPAXH@Z
?parse_null@Arg@pcrecpp@@CA_NPBDHPAX@Z
?parse_short@Arg@pcrecpp@@CA_NPBDHPAX@Z
?parse_short_cradix@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_short_hex@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_short_octal@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_short_radix@Arg@pcrecpp@@CA_NPBDHPAXH@Z
?parse_string@Arg@pcrecpp@@CA_NPBDHPAX@Z
?parse_stringpiece@Arg@pcrecpp@@CA_NPBDHPAX@Z
?parse_uchar@Arg@pcrecpp@@CA_NPBDHPAX@Z
?parse_uint@Arg@pcrecpp@@CA_NPBDHPAX@Z
?parse_uint_cradix@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_uint_hex@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_uint_octal@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_uint_radix@Arg@pcrecpp@@CA_NPBDHPAXH@Z
?parse_ulong@Arg@pcrecpp@@CA_NPBDHPAX@Z
?parse_ulong_cradix@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_ulong_hex@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_ulong_octal@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_ulong_radix@Arg@pcrecpp@@CA_NPBDHPAXH@Z
?parse_ulonglong@Arg@pcrecpp@@CA_NPBDHPAX@Z
?parse_ulonglong_cradix@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_ulonglong_hex@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_ulonglong_octal@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_ulonglong_radix@Arg@pcrecpp@@CA_NPBDHPAXH@Z
?parse_ushort@Arg@pcrecpp@@CA_NPBDHPAX@Z
?parse_ushort_cradix@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_ushort_hex@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_ushort_octal@Arg@pcrecpp@@SA_NPBDHPAX@Z
?parse_ushort_radix@Arg@pcrecpp@@CA_NPBDHPAXH@Z
?pattern@RE@pcrecpp@@QBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?remove_prefix@StringPiece@pcrecpp@@QAEXH@Z
?remove_suffix@StringPiece@pcrecpp@@QAEXH@Z
?save_comments@Scanner@pcrecpp@@QAE_NXZ
?set@StringPiece@pcrecpp@@QAEXPBD@Z
?set@StringPiece@pcrecpp@@QAEXPBDH@Z
?set@StringPiece@pcrecpp@@QAEXPBXH@Z
?set_all_options@RE_Options@pcrecpp@@QAEAAV12@H@Z
?set_caseless@RE_Options@pcrecpp@@QAEAAV12@_N@Z
?set_dollar_endonly@RE_Options@pcrecpp@@QAEAAV12@_N@Z
?set_dotall@RE_Options@pcrecpp@@QAEAAV12@_N@Z
?set_extended@RE_Options@pcrecpp@@QAEAAV12@_N@Z
?set_extra@RE_Options@pcrecpp@@QAEAAV12@_N@Z
?set_match_limit@RE_Options@pcrecpp@@QAEAAV12@H@Z
?set_match_limit_recursion@RE_Options@pcrecpp@@QAEAAV12@H@Z
?set_multiline@RE_Options@pcrecpp@@QAEAAV12@_N@Z
?set_no_auto_capture@RE_Options@pcrecpp@@QAEAAV12@_N@Z
?set_save_comments@Scanner@pcrecpp@@QAEX_N@Z
?set_ungreedy@RE_Options@pcrecpp@@QAEAAV12@_N@Z
?set_utf8@RE_Options@pcrecpp@@QAEAAV12@_N@Z
?size@StringPiece@pcrecpp@@QBEHXZ
?starts_with@StringPiece@pcrecpp@@QBE_NABV12@@Z
?ungreedy@RE_Options@pcrecpp@@QBE_NXZ
?utf8@RE_Options@pcrecpp@@QBE_NXZ

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
pcreposix-0.dll
.dll windows:5 windows x86 arch:x86

ce65e93ba01df47b38f71d9ec5ed670a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

pcre-0

pcre_compile2
pcre_info
pcre_free
pcre_exec

msvcrt

strncpy
sprintf
strlen
free
malloc
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv

Exports

Exports

regcomp
regerror
regexec
regfree

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
posh-0.dll
.dll windows:5 windows x86 arch:x86

3238dd5467a491407079286b75fed933

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

msvcrt

malloc
free
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv

Exports

Exports

POSH_GetArchString
POSH_ReadI16FromBig
POSH_ReadI16FromLittle
POSH_ReadI32FromBig
POSH_ReadI32FromLittle
POSH_ReadI64FromBig
POSH_ReadI64FromLittle
POSH_ReadU16FromBig
POSH_ReadU16FromLittle
POSH_ReadU32FromBig
POSH_ReadU32FromLittle
POSH_ReadU64FromBig
POSH_ReadU64FromLittle
POSH_SwapI16
POSH_SwapI32
POSH_SwapI64
POSH_SwapU16
POSH_SwapU32
POSH_SwapU64
POSH_WriteI16ToBig
POSH_WriteI16ToLittle
POSH_WriteI32ToBig
POSH_WriteI32ToLittle
POSH_WriteI64ToBig
POSH_WriteI64ToLittle
POSH_WriteU16ToBig
POSH_WriteU16ToLittle
POSH_WriteU32ToBig
POSH_WriteU32ToLittle
POSH_WriteU64ToBig
POSH_WriteU64ToLittle

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
posh.dll
.dll windows:4 windows x86 arch:x86

5baac45eab5a7941d7922ea469693a01

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr71

__dllonexit
__CppXcptFilter
_adjust_fdiv
malloc
_initterm
free
_except_handler3
_onexit
__security_error_handler

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
DisableThreadLibraryCalls

Exports

Exports

POSH_GetArchString
POSH_ReadI16FromBig
POSH_ReadI16FromLittle
POSH_ReadI32FromBig
POSH_ReadI32FromLittle
POSH_ReadU16FromBig
POSH_ReadU16FromLittle
POSH_ReadU32FromBig
POSH_ReadU32FromLittle
POSH_SwapI16
POSH_SwapI32
POSH_SwapU16
POSH_SwapU32
POSH_WriteI16ToBig
POSH_WriteI16ToLittle
POSH_WriteI32ToBig
POSH_WriteI32ToLittle
POSH_WriteU16ToBig
POSH_WriteU16ToLittle
POSH_WriteU32ToBig
POSH_WriteU32ToLittle

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
pytrch.py
pytrch.pyc
riar-2.dll
.dll windows:4 windows x86 arch:x86

26e230dbe5b5143dd3b386c2471fb0e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

trfo-2

TfReadFileIntoBuffer
TfNrvCompress
TfNrvDecompress
TfWriteBufferIntoFile

ws2_32

htons

msvcrt

calloc
malloc
free
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv

Exports

Exports

RaCheckStatusCode
RaCreatePayload
RaInitParms
RaReadInputBuffer
RaReadInputFile
RaValidateParms
RaWriteOutputBuffer
RaWriteOutputFile

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
riar.dll
.dll windows:4 windows x86 arch:x86

a25bf667109022283b937196e906f722

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

htons

trfo

TfWriteBufferIntoFile
TfReadFileIntoBuffer
TfNrvDecompress
TfNrvCompress

msvcr71

free
malloc
__security_error_handler
_except_handler3
_initterm
_adjust_fdiv
__CppXcptFilter
__dllonexit
_onexit
calloc

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess

Exports

Exports

RaCheckStatusCode
RaCreatePayload
RaInitParms
RaReadInputBuffer
RaReadInputFile
RaValidateParms
RaWriteOutputBuffer
RaWriteOutputFile

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 238B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ssleay32.dll
.dll windows:5 windows x86 arch:x86

97a700de1687fd1cc15ee2d6e2e3a134

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libeay32

ord52
ord2201
ord289
ord493
ord911
ord464
ord3836
ord3245
ord354
ord2936
ord3244
ord3844
ord323
ord3067
ord2894
ord961
ord3874
ord3841
ord89
ord109
ord3879
ord202
ord3239
ord866
ord110
ord3422
ord2929
ord3644
ord3570
ord2578
ord111
ord3010
ord3480
ord2924
ord3459
ord3512
ord3608
ord3575
ord3663
ord123
ord201
ord118
ord3666
ord219
ord498
ord285
ord635
ord909
ord912
ord2784
ord965
ord964
ord256
ord274
ord276
ord3899
ord2572
ord3315
ord2927
ord2747
ord3724
ord313
ord495
ord3883
ord120
ord151
ord3178
ord3695
ord3550
ord3418
ord203
ord128
ord31
ord830
ord727
ord2760
ord282
ord572
ord3165
ord3489
ord3719
ord216
ord206
ord497
ord4046
ord3682
ord2877
ord3711
ord205
ord486
ord484
ord763
ord577
ord907
ord87
ord170
ord481
ord3729
ord333
ord2915
ord1096
ord1097
ord3816
ord3888
ord3896
ord2589
ord1145
ord1144
ord1081
ord2292
ord3823
ord3846
ord622
ord679
ord623
ord3922
ord2898
ord3124
ord3925
ord2702
ord264
ord266
ord3288
ord3704
ord85
ord3767
ord3647
ord3766
ord3365
ord4114
ord3857
ord3460
ord3454
ord3754
ord3394
ord187
ord897
ord3414
ord3495
ord67
ord65
ord53
ord78
ord98
ord3826
ord3559
ord3399
ord636
ord914
ord2478
ord626
ord890
ord1004
ord3527
ord364
ord1010
ord2051
ord58
ord66
ord630
ord628
ord1041
ord1007
ord1005
ord1027
ord3378
ord3437
ord541
ord316
ord629
ord892
ord74
ord3866
ord248
ord1655
ord575
ord1025
ord246
ord1100
ord2524
ord3610
ord3505
ord3595
ord1023
ord657
ord401
ord93
ord3396
ord3657
ord4045
ord2475
ord887
ord889
ord891
ord315
ord1147
ord189
ord314
ord1671
ord956
ord280
ord2181
ord399
ord748
ord279
ord283
ord400
ord751
ord750
ord774
ord3205
ord1959
ord37
ord35
ord824
ord822
ord8
ord1091
ord3700
ord3513
ord3623
ord32
ord718
ord7
ord716
ord703
ord680
ord2426
ord86
ord88
ord3313
ord3312
ord3314
ord1101
ord293
ord2996
ord3155
ord325
ord329
ord318
ord304
ord292
ord299
ord955
ord2252
ord91
ord247
ord225
ord169
ord168
ord167
ord3873
ord222
ord490
ord754
ord2411
ord910
ord2630
ord3109
ord269
ord188
ord181
ord654
ord290
ord281
ord2821
ord641
ord176
ord857
ord2206
ord252
ord903
ord1654
ord1653
ord904
ord901
ord3758
ord905

msvcrt

fprintf
strcpy
malloc
free
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
strncmp
strlen
memmove
memset
time
memcmp
memcpy
_iob
_errno
_ftime

kernel32

SetLastError
GetLastError
RtlUnwind
InterlockedExchange
Sleep
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime

Exports

Exports

BIO_f_ssl
BIO_new_buffer_ssl_connect
BIO_new_ssl
BIO_new_ssl_connect
BIO_ssl_copy_session_id
BIO_ssl_shutdown
DTLSv1_client_method
DTLSv1_method
DTLSv1_server_method
ERR_load_SSL_strings
SSL_CIPHER_description
SSL_CIPHER_get_bits
SSL_CIPHER_get_name
SSL_CIPHER_get_version
SSL_COMP_add_compression_method
SSL_COMP_get_compression_methods
SSL_COMP_get_name
SSL_CTX_add_client_CA
SSL_CTX_add_session
SSL_CTX_callback_ctrl
SSL_CTX_check_private_key
SSL_CTX_ctrl
SSL_CTX_flush_sessions
SSL_CTX_free
SSL_CTX_get_cert_store
SSL_CTX_get_client_CA_list
SSL_CTX_get_client_cert_cb
SSL_CTX_get_ex_data
SSL_CTX_get_ex_new_index
SSL_CTX_get_info_callback
SSL_CTX_get_quiet_shutdown
SSL_CTX_get_timeout
SSL_CTX_get_verify_callback
SSL_CTX_get_verify_depth
SSL_CTX_get_verify_mode
SSL_CTX_load_verify_locations
SSL_CTX_new
SSL_CTX_remove_session
SSL_CTX_sess_get_get_cb
SSL_CTX_sess_get_new_cb
SSL_CTX_sess_get_remove_cb
SSL_CTX_sess_set_get_cb
SSL_CTX_sess_set_new_cb
SSL_CTX_sess_set_remove_cb
SSL_CTX_sessions
SSL_CTX_set_cert_store
SSL_CTX_set_cert_verify_callback
SSL_CTX_set_cipher_list
SSL_CTX_set_client_CA_list
SSL_CTX_set_client_cert_cb
SSL_CTX_set_client_cert_engine
SSL_CTX_set_cookie_generate_cb
SSL_CTX_set_cookie_verify_cb
SSL_CTX_set_default_passwd_cb
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_set_default_verify_paths
SSL_CTX_set_ex_data
SSL_CTX_set_generate_session_id
SSL_CTX_set_info_callback
SSL_CTX_set_msg_callback
SSL_CTX_set_purpose
SSL_CTX_set_quiet_shutdown
SSL_CTX_set_session_id_context
SSL_CTX_set_ssl_version
SSL_CTX_set_timeout
SSL_CTX_set_tmp_dh_callback
SSL_CTX_set_tmp_ecdh_callback
SSL_CTX_set_tmp_rsa_callback
SSL_CTX_set_trust
SSL_CTX_set_verify
SSL_CTX_set_verify_depth
SSL_CTX_use_PrivateKey
SSL_CTX_use_PrivateKey_ASN1
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_RSAPrivateKey
SSL_CTX_use_RSAPrivateKey_ASN1
SSL_CTX_use_RSAPrivateKey_file
SSL_CTX_use_certificate
SSL_CTX_use_certificate_ASN1
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_SESSION_cmp
SSL_SESSION_free
SSL_SESSION_get_ex_data
SSL_SESSION_get_ex_new_index
SSL_SESSION_get_id
SSL_SESSION_get_time
SSL_SESSION_get_timeout
SSL_SESSION_hash
SSL_SESSION_new
SSL_SESSION_print
SSL_SESSION_print_fp
SSL_SESSION_set_ex_data
SSL_SESSION_set_time
SSL_SESSION_set_timeout
SSL_accept
SSL_add_client_CA
SSL_add_dir_cert_subjects_to_stack
SSL_add_file_cert_subjects_to_stack
SSL_alert_desc_string
SSL_alert_desc_string_long
SSL_alert_type_string
SSL_alert_type_string_long
SSL_callback_ctrl
SSL_check_private_key
SSL_clear
SSL_connect
SSL_copy_session_id
SSL_ctrl
SSL_do_handshake
SSL_dup
SSL_dup_CA_list
SSL_free
SSL_get1_session
SSL_get_SSL_CTX
SSL_get_certificate
SSL_get_cipher_list
SSL_get_ciphers
SSL_get_client_CA_list
SSL_get_current_cipher
SSL_get_current_compression
SSL_get_current_expansion
SSL_get_default_timeout
SSL_get_error
SSL_get_ex_data
SSL_get_ex_data_X509_STORE_CTX_idx
SSL_get_ex_new_index
SSL_get_fd
SSL_get_finished
SSL_get_info_callback
SSL_get_peer_cert_chain
SSL_get_peer_certificate
SSL_get_peer_finished
SSL_get_privatekey
SSL_get_quiet_shutdown
SSL_get_rbio
SSL_get_read_ahead
SSL_get_rfd
SSL_get_servername
SSL_get_servername_type
SSL_get_session
SSL_get_shared_ciphers
SSL_get_shutdown
SSL_get_ssl_method
SSL_get_verify_callback
SSL_get_verify_depth
SSL_get_verify_mode
SSL_get_verify_result
SSL_get_version
SSL_get_wbio
SSL_get_wfd
SSL_has_matching_session_id
SSL_library_init
SSL_load_client_CA_file
SSL_load_error_strings
SSL_new
SSL_peek
SSL_pending
SSL_read
SSL_renegotiate
SSL_renegotiate_pending
SSL_rstate_string
SSL_rstate_string_long
SSL_set_SSL_CTX
SSL_set_accept_state
SSL_set_bio
SSL_set_cipher_list
SSL_set_client_CA_list
SSL_set_connect_state
SSL_set_ex_data
SSL_set_fd
SSL_set_generate_session_id
SSL_set_info_callback
SSL_set_msg_callback
SSL_set_purpose
SSL_set_quiet_shutdown
SSL_set_read_ahead
SSL_set_rfd
SSL_set_session
SSL_set_session_id_context
SSL_set_shutdown
SSL_set_ssl_method
SSL_set_tmp_dh_callback
SSL_set_tmp_ecdh_callback
SSL_set_tmp_rsa_callback
SSL_set_trust
SSL_set_verify
SSL_set_verify_depth
SSL_set_verify_result
SSL_set_wfd
SSL_shutdown
SSL_state
SSL_state_string
SSL_state_string_long
SSL_use_PrivateKey
SSL_use_PrivateKey_ASN1
SSL_use_PrivateKey_file
SSL_use_RSAPrivateKey
SSL_use_RSAPrivateKey_ASN1
SSL_use_RSAPrivateKey_file
SSL_use_certificate
SSL_use_certificate_ASN1
SSL_use_certificate_file
SSL_version
SSL_want
SSL_write
SSLv23_client_method
SSLv23_method
SSLv23_server_method
SSLv2_client_method
SSLv2_method
SSLv2_server_method
SSLv3_client_method
SSLv3_method
SSLv3_server_method
TLSv1_client_method
TLSv1_method
TLSv1_server_method
d2i_SSL_SESSION
i2d_SSL_SESSION
ssl2_ciphers
ssl3_ciphers

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tibe-1.dll
.dll windows:4 windows x86 arch:x86

005f06312c1d74ecd65c12427c9d642a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SystemTimeToFileTime
GetSystemTime
Sleep
FormatMessageA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

trfo-2

TfCrc32
TfMd4
TfMd5Init
TfMd5Update
TfMd5Final
TfRc4Init
TfRc4Encrypt
TfHmacMd5Init
TfHmacMd5Update
TfHmacMd5Final

ws2_32

inet_ntoa
htonl
htons
WSAStartup
WSACleanup
accept
closesocket
ioctlsocket
WSAGetLastError
send
sendto
recv
select
recvfrom
WSASetLastError
connect
bind
setsockopt
socket
listen
ntohs
ntohl

msvcrt

strchr
_iob
rand
atoi
strncpy
sprintf
time
malloc
realloc
gmtime
mktime
tolower
sscanf
strncmp
_snprintf
toupper
strncat
fflush
fprintf
islower
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
free

Exports

Exports

TbAddInterfacePointer
TbAsnOidToBytes
TbB1size
TbB2size
TbB3size
TbB4size
TbBuffCat
TbBuffCpy
TbBuffnCat
TbBytesToAsnOid
TbCatUniBuff
TbCheckActid
TbCheckSecuritySignature
TbCleanSB
TbCloseSocket
TbCloseStructSockets
TbComputeUtf8Len
TbConnectNonblocking
TbConvAreYouThere_makeresp
TbConvWhoAreYou2_makeresp
TbConvWhoAreYouAuthMore_makeresp
TbConvWhoAreYouAuth_makeresp
TbConvWhoAreYou_makeresp
TbConvWhoAreYou_parserequest
TbCopyBuffStrToUniBuffStr
TbCopyRemoteDomainInfoToLocal
TbCreateActid
TbCreateNonzeroPointer
TbD_P16
TbDealWithAlterContext
TbDealWithAuth3
TbDealWithBind
TbDealWithDecryption
TbDealWithEncryption
TbDealWithNetlogonDecryption
TbDealWithNetlogonEncryption
TbDealWithNtlmDecryption
TbDealWithNtlmEncryption
TbDealWithSnegoDecryption
TbDealWithSnegoEncryption
TbDealWithTcpReq
TbDesDecrypt8
TbDesEncrypt8
TbDoAuth3
TbDoBind
TbDoCoCreateInstance
TbDoCoCreateInstance2
TbDoGetClassObject
TbDoGetClassObject2
TbDoHttpStartup
TbDoNbtSessionRequest
TbDoNetlogonAuth
TbDoRegQueryHklmKey
TbDoRegQueryHklmValue
TbDoRegQueryUsersKey
TbDoRegQueryUsersValue
TbDoRemQI
TbDoRpcBind
TbDoRpcBindEx
TbDoRpcRequest
TbDoRpcRequestEx
TbDoSmbCancelForward
TbDoSmbChangePipe
TbDoSmbChangeShare
TbDoSmbCheckDirectory
TbDoSmbClose
TbDoSmbCloseAndTdisc
TbDoSmbClosePrint
TbDoSmbCopy
TbDoSmbCreate
TbDoSmbCreateDir
TbDoSmbCreateNew
TbDoSmbCreateTemp
TbDoSmbDelete
TbDoSmbDeleteDirectory
TbDoSmbEcho
TbDoSmbFind
TbDoSmbFindClose
TbDoSmbFindClose2
TbDoSmbFindNotifyClose
TbDoSmbFindUnique
TbDoSmbFlush
TbDoSmbForwardUserName
TbDoSmbGeneric
TbDoSmbGetMachineName
TbDoSmbGetPrintQueue
TbDoSmbHalfNtExtSessionSetupAndX
TbDoSmbIoctl
TbDoSmbIoctlSecondary
TbDoSmbLockAndRead
TbDoSmbLockByteRange
TbDoSmbLockingAndX
TbDoSmbLogoffAndX
TbDoSmbMove
TbDoSmbNegotiate
TbDoSmbNtCancel
TbDoSmbNtCreateAndX
TbDoSmbNtExtSessionSetupAndX
TbDoSmbNtLockingAndX
TbDoSmbNtReadAndX
TbDoSmbNtReadRaw
TbDoSmbNtRename
TbDoSmbNtSessionSetupAndX
TbDoSmbNtTransact
TbDoSmbNtTransactSecondary
TbDoSmbNtWriteAndX
TbDoSmbNtWriteRaw
TbDoSmbOpen
TbDoSmbOpenAndX
TbDoSmbOpenPrintFile
TbDoSmbPacket
TbDoSmbPeekNamedPipe
TbDoSmbProcessExit
TbDoSmbQueryInformation
TbDoSmbQueryInformation2
TbDoSmbQueryInformationDisk
TbDoSmbQueryInformationSrv
TbDoSmbRead
TbDoSmbReadAndX
TbDoSmbReadMpx
TbDoSmbReadRaw
TbDoSmbRecvData
TbDoSmbRename
TbDoSmbSearch
TbDoSmbSeek
TbDoSmbSendBroadcastMessage
TbDoSmbSendData
TbDoSmbSendEndMbMessage
TbDoSmbSendMessage
TbDoSmbSendStartMbMessage
TbDoSmbSendTextMbMessage
TbDoSmbSessionSetupAndX
TbDoSmbSetInformation
TbDoSmbSetInformation2
TbDoSmbShutdown
TbDoSmbStartup
TbDoSmbStartupEx
TbDoSmbTransactRemApi
TbDoSmbTransaction
TbDoSmbTransaction2
TbDoSmbTransaction2Secondary
TbDoSmbTransactionMailslot
TbDoSmbTransactionNamedPipe
TbDoSmbTransactionSecondary
TbDoSmbTreeConnect
TbDoSmbTreeConnectAndX
TbDoSmbTreeDisconnect
TbDoSmbUnlockByteRange
TbDoSmbWrite
TbDoSmbWrite103Raw
TbDoSmbWriteAndClose
TbDoSmbWriteAndCloseLong
TbDoSmbWriteAndUnlock
TbDoSmbWriteAndX
TbDoSmbWriteMpx
TbDoSmbWriteMpxComplete
TbDoSmbWriteMpxSecondary
TbDoSmbWritePrintFile
TbDoSmbWriteRaw
TbDoTcpFault
TbDoTcpReply
TbDoTcpReq
TbDoTcpSendRecv
TbDoUdpReq
TbE_P16
TbE_P24
TbE_old_pw_hash
TbEmulateNT
TbEmulateSamba
TbEmulateVista
TbEmulateVista_64
TbEmulateW2K
TbEmulateW2K3SP0
TbEmulateW2K3SP1
TbEmulateW2K3_64
TbEmulateXPSP2
TbEmulateXP_64
TbEmulateXPpre2
TbFillUdpHdr
TbFinishSocket
TbFixSmbSecuritySignature
TbFreeStructBuffers
TbGet32BitJan70Time
TbGet32BitJan80Time
TbGetAllRpcServices
TbGetArg
TbGetAsnDerSize
TbGetAsnOid
TbGetAuth3
TbGetAuthTrailerTcp
TbGetAuthVSize
TbGetAuthVerifier
TbGetBindAckRpc
TbGetBindRpc
TbGetBuff
TbGetByte
TbGetCtxHand
TbGetCurrentTime
TbGetErrString
TbGetErrStringFromList
TbGetFaultHdr
TbGetFaultRpc
TbGetHyper
TbGetIfData
TbGetIpid
TbGetLangStringInfo
TbGetListHdr
TbGetLong
TbGetMgmt0Info
TbGetNSH
TbGetNetlogonAuthVerifier
TbGetNetlogonAuthVerifierSize
TbGetNtlmAuthVerifier
TbGetNtlmAuthVerifierSize
TbGetOxid
TbGetPointer
TbGetProtocolLegCount
TbGetReplyRpc
TbGetRequestRpc
TbGetRpcSize
TbGetSRpc
TbGetShort
TbGetSmbErrString
TbGetSmbHeader
TbGetSmbTransactionData
TbGetSmbTransactionParameters
TbGetSnegoAuthVerifier
TbGetSnegoAuthVerifierSize
TbGetSocketError
TbGetSocketErrorString
TbGetString
TbGetStringValue
TbGetSyntax
TbGetTcpStub
TbGetUdpHdr
TbGetUdpStub
TbGetUuid
TbGoodString
TbHandleNbtError
TbInitCrypto
TbInitNetlogonCrypto
TbInitNtlmCrypto
TbInitSnegoCrypto
TbInitStruct
TbLocateNpRpcPort
TbLocateRpcService
TbLocateTcpRpcPort
TbLocateUdpRpcPort
TbMakeAlterCtx
TbMakeAuth3
TbMakeAuthVerifier
TbMakeBind
TbMakeBindAck
TbMakeBindNak
TbMakeBlob1
TbMakeBlob2
TbMakeBlob3
TbMakeBlob4
TbMakeCancelForward
TbMakeCheckDirectory
TbMakeClose
TbMakeCloseAndTdisc
TbMakeClosePrint
TbMakeCopy
TbMakeCreate
TbMakeCreateDir
TbMakeCreateTemp
TbMakeDelete
TbMakeDeleteDirectory
TbMakeEcho
TbMakeFault
TbMakeFindClose2
TbMakeFindNotifyClose
TbMakeFlush
TbMakeForwardUserName
TbMakeGeneric
TbMakeGetPrintQueue
TbMakeIoctl
TbMakeIoctlSecondary
TbMakeLockByteRange
TbMakeLockingAndX
TbMakeLogoffAndX
TbMakeMove
TbMakeNbtSessionRequest
TbMakeNegotiate
TbMakeNetlogonAuthVerifier
TbMakeNetlogonBlob1
TbMakeNetlogonBlob2
TbMakeNetlogonBlob3
TbMakeNtCreateAndX
TbMakeNtExtSessionSetupAndX
TbMakeNtLockingAndX
TbMakeNtReadAndX
TbMakeNtReadRaw
TbMakeNtRename
TbMakeNtSessionSetupAndX
TbMakeNtTransact
TbMakeNtTransactSecondary
TbMakeNtWriteAndX
TbMakeNtWriteRaw
TbMakeNtlmAuthVerifier
TbMakeNtlmBlob1
TbMakeNtlmBlob2
TbMakeNtlmBlob3
TbMakeOpen
TbMakeOpenAndX
TbMakeOpenPrintFile
TbMakePeekNamedPipe
TbMakeQueryInformation
TbMakeQueryInformation2
TbMakeQueryInformationSrv
TbMakeRead
TbMakeReadAndX
TbMakeReadMpx
TbMakeReadRaw
TbMakeRemQIRequest
TbMakeRename
TbMakeSearch
TbMakeSeek
TbMakeSendEndMbMessage
TbMakeSendMessage
TbMakeSendStartMbMessage
TbMakeSendTextMbMessage
TbMakeServerSocket
TbMakeSessionSetupAndX
TbMakeSetInformation
TbMakeSetInformation2
TbMakeSmbHeader
TbMakeSnegoAuthVerifier
TbMakeSnegoBlob1
TbMakeSnegoBlob2
TbMakeSnegoBlob3
TbMakeSnegoBlob4
TbMakeSocket
TbMakeSysactRequest
TbMakeTcpReply
TbMakeTcpReq
TbMakeTransaction
TbMakeTransactionMailSlot
TbMakeTransactionNamedPipe
TbMakeTransactionRemApi
TbMakeTransactionSecondary
TbMakeTreeConnect
TbMakeTreeConnectAndX
TbMakeUNDHeader
TbMakeUdpFack
TbMakeUdpReq
TbMakeUdpResp
TbMakeUnlockByteRange
TbMakeWrite
TbMakeWrite103Raw
TbMakeWriteAndClose
TbMakeWriteAndCloseLong
TbMakeWriteAndX
TbMakeWriteMpx
TbMakeWriteMpxComplete
TbMakeWriteMpxSecondary
TbMakeWritePrintFile
TbMakeWriteRaw
TbMalloc
TbNTLMSSPOWFencrypt
TbNetlogonB1size
TbNetlogonB2size
TbNetlogonB3size
TbNlMakeCredential
TbNlMakeSessionKey
TbNlMakeWeakSessionKey
TbNtlmB1size
TbNtlmB2size
TbNtlmB3size
TbOutputBuffer
TbParseBlob1
TbParseBlob2
TbParseBlob3
TbParseBlob4
TbParseNegFlags
TbParseNetlogonBlob1
TbParseNetlogonBlob2
TbParseNetlogonBlob3
TbParseNtlmBlob1
TbParseNtlmBlob2
TbParseNtlmBlob3
TbParseRemQIResponse
TbParseSmbCaps
TbParseSmbFlag1
TbParseSmbFlag2
TbParseSmbNativeOS
TbParseSnegoBlob1
TbParseSnegoBlob2
TbParseSnegoBlob3
TbParseSysactResponse
TbPrintBlob2Info
TbPrintIfPtr
TbPrintNetlogonBlob2Info
TbPrintNtTransactResp
TbPrintNtlmBlob2Info
TbPrintSmbNtExtSessionSetupAndXResp
TbPrintSmbSessionSetupAndXResp
TbPrintSnegoBlob2Info
TbPrintSysActReplyData
TbPrintTowerInfo
TbPrintTransactionResp
TbPutARG
TbPutAlign
TbPutArg
TbPutAsnBerShortSize
TbPutAsnDerSize
TbPutAuth3
TbPutAuthTrailerTcp
TbPutAuthVerifier
TbPutBindAckRpc
TbPutBindRpc
TbPutBlob1
TbPutBlob2
TbPutBlob3
TbPutBlob4
TbPutBuff
TbPutBuffCyclic
TbPutByte
TbPutCTH
TbPutContexts
TbPutCtxHand
TbPutDSA
TbPutFackHdr
TbPutFault
TbPutHyper
TbPutIfPtr
TbPutIpid
TbPutListHdr
TbPutLocalThis
TbPutLong
TbPutNSH
TbPutNetlogonAuthVerifier
TbPutNetlogonBlob1
TbPutNetlogonBlob2
TbPutNtCreateX
TbPutNtReadX
TbPutNtWriteX
TbPutNtlmAuthVerifier
TbPutNtlmBlob1
TbPutNtlmBlob2
TbPutNtlmBlob3
TbPutOneArg
TbPutOrpcThat
TbPutOrpcThis
TbPutOxid
TbPutPadding
TbPutPointer
TbPutRequest
TbPutResponse
TbPutResult
TbPutRpcArray
TbPutRpcArrayWithMax
TbPutRpcAsciiString
TbPutRpcSize
TbPutRpcUniString
TbPutSRpc
TbPutShort
TbPutSmbHeader
TbPutSnegoAuthVerifier
TbPutSnegoBlob1
TbPutSnegoBlob2
TbPutSnegoBlob3
TbPutSnegoBlob4
TbPutStr
TbPutStrAsLEUni
TbPutString
TbPutSyntax
TbPutTransInfo
TbPutTransact
TbPutUNISTRContents
TbPutUNISTRHeader
TbPutUdpHdr
TbPutUdpNetbiosHeader
TbPutUniBuff
TbPutUuid
TbRc4Init40
TbReadSmbHeader
TbReadSmbIoctlResp
TbReadSmbNegOldResp
TbReadSmbNegResp
TbReadSmbNtCreateAndXResp
TbReadSmbNtExtSessionSetupAndXResp
TbReadSmbNtNegResp
TbReadSmbNtTransactResp
TbReadSmbPeekResp
TbReadSmbReadAndXResp
TbReadSmbReadMpxResp
TbReadSmbReadResp
TbReadSmbSessionSetupAndXResp
TbReadSmbTransactionResp
TbReadSmbTreeConnectAndXResp
TbReadSmbTreeConnectResp
TbReadSmbWriteAndXResp
TbReadSmbWriteRawResp
TbReadSmbWriteResp
TbRealloc
TbRecv
TbRecvFrom
TbRecvSmb

Sections

.text
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tibe-2.dll
.dll windows:5 windows x86 arch:x86

bf232b241eab6d3f1724ea6a36af0cbb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
SystemTimeToFileTime
GetSystemTime
FormatMessageA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

trfo-2

TfCrc32
TfRc4Init
TfRc4Encrypt
TfMd4
TfMd5Init
TfMd5Update
TfMd5Final
TfHmacMd5Init
TfHmacMd5Update
TfHmacMd5Final

ws2_32

ntohs
ntohl
htons
inet_addr
WSAStartup
WSACleanup
accept
closesocket
ioctlsocket
WSAGetLastError
send
sendto
recv
select
recvfrom
WSASetLastError
connect
listen
getsockname
bind
socket
setsockopt
htonl
inet_ntoa

msvcrt

strchr
toupper
memcpy
memset
memcmp
strlen
strcmp
sscanf
strcpy
atoi
strncpy
strcat
_snprintf
strncmp
islower
strncat
srand
free
malloc
realloc
rand
gmtime
mktime
tolower
sprintf
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
time

Exports

Exports

TbAddInterfacePointer
TbAddSnegoAuthType
TbAsnOidToBytes
TbB1size
TbB2size
TbB3size
TbB4size
TbBuffCat
TbBuffCpy
TbBuffnCat
TbBuildKerbApReply
TbBuildKerbApReq
TbBuildKerbAsReq
TbBuildKerbTgsReq
TbBytesToAsnOid
TbCatUniBuff
TbCheckActid
TbCheckSecuritySignature
TbCleanAuthBlob1
TbCleanAuthBlob2
TbCleanAuthBlob3
TbCleanAuthBlob4
TbCleanDirListContents
TbCleanIdInfo
TbCleanInfoStruct
TbCleanJobListDescription
TbCleanKerbAuthInfo
TbCleanSB
TbCleanSnegoAuthInfo
TbCleanSnegoBlob1
TbCleanSnegoBlob2
TbCleanSnegoBlob3
TbCleanSnegoBlob4
TbClearSmbAuthInfo
TbCloseListenSocket
TbCloseSocket
TbCloseStructSockets
TbComputeUtf8Len
TbConnectNonblocking
TbConvAreYouThere_makeresp
TbConvWhoAreYou2_makeresp
TbConvWhoAreYouAuthMore_makeresp
TbConvWhoAreYouAuth_makeresp
TbConvWhoAreYou_makeresp
TbConvWhoAreYou_parserequest
TbConvertTimeStringToFileTime
TbCopyBuffStrToUniBuffStr
TbCopyRemoteInfoToDest
TbCopySizedBuffer
TbCreateActid
TbCreateInfoStruct
TbCreateNonzeroPointer
TbD_P16
TbDealWithAlterContext
TbDealWithAuth3
TbDealWithBind
TbDealWithDecryption
TbDealWithEncryption
TbDealWithNetlogonDecryption
TbDealWithNetlogonEncryption
TbDealWithNtlmDecryption
TbDealWithNtlmEncryption
TbDealWithSnegoDecryption
TbDealWithSnegoEncryption
TbDealWithTcpReq
TbDeleteFileA
TbDeleteFileU
TbDesDecrypt8
TbDesEncrypt8
TbDisplayJobList
TbDoAuth3
TbDoBind
TbDoCoCreateInstance
TbDoCoCreateInstance2
TbDoGetClassObject
TbDoGetClassObject2
TbDoHttpStartup
TbDoKerbAsRequestReply
TbDoKerbTgsRequestReply
TbDoNbtSessionRequest
TbDoNetlogonAuth
TbDoRegQueryHklmKey
TbDoRegQueryHklmKeyU
TbDoRegQueryHklmValue
TbDoRegQueryHklmValueU
TbDoRegQueryUsersKey
TbDoRegQueryUsersKeyU
TbDoRegQueryUsersValue
TbDoRegQueryUsersValueU
TbDoRemQI
TbDoRemoteJobAddA
TbDoRemoteJobAddU
TbDoRemoteJobDel
TbDoRemoteJobsEnum
TbDoRemoteTOD
TbDoRpcBind
TbDoRpcBindEx
TbDoRpcRequest
TbDoRpcRequestEx
TbDoSmbCancelForward
TbDoSmbChangePipe
TbDoSmbChangeShare
TbDoSmbCheckDirectory
TbDoSmbClose
TbDoSmbCloseAndTdisc
TbDoSmbClosePrint
TbDoSmbCopy
TbDoSmbCreate
TbDoSmbCreateDir
TbDoSmbCreateNew
TbDoSmbCreateTemp
TbDoSmbDelete
TbDoSmbDeleteDirectory
TbDoSmbEcho
TbDoSmbFind
TbDoSmbFindClose
TbDoSmbFindClose2
TbDoSmbFindNotifyClose
TbDoSmbFindUnique
TbDoSmbFlush
TbDoSmbForwardUserName
TbDoSmbGeneric
TbDoSmbGetMachineName
TbDoSmbGetPrintQueue
TbDoSmbHalfNtExtSessionSetupAndX
TbDoSmbIoctl
TbDoSmbIoctlSecondary
TbDoSmbLockAndRead
TbDoSmbLockByteRange
TbDoSmbLockingAndX
TbDoSmbLogoffAndX
TbDoSmbMove
TbDoSmbNegotiate
TbDoSmbNtCancel
TbDoSmbNtCreateAndX
TbDoSmbNtExtSessionSetupAndX
TbDoSmbNtLockingAndX
TbDoSmbNtReadAndX
TbDoSmbNtReadRaw
TbDoSmbNtRename
TbDoSmbNtSessionSetupAndX
TbDoSmbNtTransact
TbDoSmbNtTransactSecondary
TbDoSmbNtWriteAndX
TbDoSmbNtWriteRaw
TbDoSmbOpen
TbDoSmbOpenAndX
TbDoSmbOpenPrintFile
TbDoSmbPacket
TbDoSmbPeekNamedPipe
TbDoSmbProcessExit
TbDoSmbQueryInformation
TbDoSmbQueryInformation2
TbDoSmbQueryInformationDisk
TbDoSmbQueryInformationSrv
TbDoSmbRead
TbDoSmbReadAndX
TbDoSmbReadMpx
TbDoSmbReadRaw
TbDoSmbRecvData
TbDoSmbRename
TbDoSmbSearch
TbDoSmbSeek
TbDoSmbSendBroadcastMessage
TbDoSmbSendData
TbDoSmbSendEndMbMessage
TbDoSmbSendMessage
TbDoSmbSendStartMbMessage
TbDoSmbSendTextMbMessage
TbDoSmbSessionSetupAndX
TbDoSmbSetInformation
TbDoSmbSetInformation2
TbDoSmbShutdown
TbDoSmbStartup
TbDoSmbStartupEx
TbDoSmbTransactRemApi
TbDoSmbTransaction
TbDoSmbTransaction2
TbDoSmbTransaction2Secondary
TbDoSmbTransactionMailslot
TbDoSmbTransactionNamedPipe
TbDoSmbTransactionSecondary
TbDoSmbTreeConnect
TbDoSmbTreeConnectAndX
TbDoSmbTreeDisconnect
TbDoSmbUnlockByteRange
TbDoSmbWrite
TbDoSmbWrite103Raw
TbDoSmbWriteAndClose
TbDoSmbWriteAndCloseLong
TbDoSmbWriteAndUnlock
TbDoSmbWriteAndX
TbDoSmbWriteMpx
TbDoSmbWriteMpxComplete
TbDoSmbWriteMpxSecondary
TbDoSmbWritePrintFile
TbDoSmbWriteRaw
TbDoTcpFault
TbDoTcpReply
TbDoTcpReq
TbDoTcpSendRecv
TbDoUdpReq
TbE_P16
TbE_P24
TbE_old_pw_hash
TbEmulateNT
TbEmulateSamba
TbEmulateVista
TbEmulateVista_64
TbEmulateW2K
TbEmulateW2K3SP0
TbEmulateW2K3SP1
TbEmulateW2K3_64
TbEmulateXPSP2
TbEmulateXP_64
TbEmulateXPpre2
TbFileTimeToSystemTime
TbFillMechOidBuffer
TbFillUdpHdr
TbFinishSocket
TbFixSmbSecuritySignature
TbFreeInt
TbFreeStructBuffers
TbGet32BitJan70Time
TbGet32BitJan80Time
TbGetAllRpcServices
TbGetArg
TbGetAsnDerSize
TbGetAsnOid
TbGetAuth3
TbGetAuthTrailerTcp
TbGetAuthVSize
TbGetAuthVerifier
TbGetBindAckRpc
TbGetBindRpc
TbGetBuff
TbGetBuff2
TbGetByte
TbGetCtxHand
TbGetCurrentTime
TbGetDirectoryListingA
TbGetDirectoryListingU
TbGetErrString
TbGetErrStringFromList
TbGetFaultHdr
TbGetFaultRpc
TbGetHyper
TbGetHyperAligned
TbGetIfData
TbGetIpid
TbGetKerbAuthInfo
TbGetKerberosTicket
TbGetLangStringInfo
TbGetLastKerbError
TbGetListHdr
TbGetListenSocket
TbGetLong
TbGetLongAligned
TbGetMgmt0Info
TbGetMicroseconds
TbGetNSH
TbGetNetlogonAuthItems
TbGetNetlogonAuthVerifier
TbGetNetlogonAuthVerifierSize
TbGetNtlmAuthVerifier
TbGetNtlmAuthVerifierSize
TbGetNtlmInitNegFlags
TbGetNtlmResultNegFlags
TbGetOxid
TbGetPointer
TbGetPointerAligned
TbGetProtocolLegCount
TbGetRemoteIdInfo
TbGetRemoteTime
TbGetReplyRpc
TbGetRequestRpc
TbGetResponseBuffer
TbGetRpcArray
TbGetRpcArrayWithMax
TbGetRpcAsciiString
TbGetRpcSize
TbGetRpcUniString
TbGetSRpc
TbGetSessionKey
TbGetShort
TbGetShortAligned
TbGetSmbErrString
TbGetSmbExtendedSecurityFlag
TbGetSmbHeader
TbGetSmbLocalInfo
TbGetSmbRemoteInfo
TbGetSmbTransactionData
TbGetSmbTransactionParameters
TbGetSnegoAuthInfo
TbGetSnegoAuthVerifier
TbGetSnegoAuthVerifierSize
TbGetSocket
TbGetSocketError
TbGetSocketErrorString
TbGetString
TbGetStringValue
TbGetStubBuffer
TbGetSyntax
TbGetTcpRecvCt
TbGetTcpSendCt
TbGetTcpStub
TbGetTextTimeString
TbGetTimeString
TbGetTimeout
TbGetUdpHdr
TbGetUdpStub
TbGetUuid
TbGoodString
TbHandleNbtError
TbInitCrypto
TbInitNetlogonCrypto
TbInitNtlmCrypto
TbInitSnegoCrypto
TbInitStruct
TbLocateNpRpcPort
TbLocateRpcService
TbLocateTcpRpcPort
TbLocateUdpRpcPort
TbMakeAlterCtx
TbMakeAuth3
TbMakeAuthVerifier
TbMakeBind
TbMakeBindAck
TbMakeBindNak
TbMakeBlob1
TbMakeBlob2
TbMakeBlob3
TbMakeBlob4
TbMakeCancelForward
TbMakeCheckDirectory
TbMakeClose
TbMakeCloseAndTdisc
TbMakeClosePrint
TbMakeCopy
TbMakeCreate
TbMakeCreateDir
TbMakeCreateTemp
TbMakeDelete
TbMakeDeleteDirectory
TbMakeEcho
TbMakeFault
TbMakeFindClose2
TbMakeFindNotifyClose
TbMakeFlush
TbMakeForwardUserName
TbMakeGeneric
TbMakeGetPrintQueue
TbMakeIoctl
TbMakeIoctlSecondary
TbMakeLockByteRange
TbMakeLockingAndX
TbMakeLogoffAndX
TbMakeMove
TbMakeNbtSessionRequest
TbMakeNegotiate
TbMakeNetlogonAuthVerifier
TbMakeNetlogonBlob1
TbMakeNetlogonBlob2
TbMakeNetlogonBlob3
TbMakeNtCreateAndX
TbMakeNtExtSessionSetupAndX
TbMakeNtLockingAndX
TbMakeNtReadAndX
TbMakeNtReadRaw
TbMakeNtRename
TbMakeNtSessionSetupAndX
TbMakeNtTransact
TbMakeNtTransactSecondary
TbMakeNtWriteAndX
TbMakeNtWriteRaw
TbMakeNtlmAuthVerifier
TbMakeNtlmBlob1
TbMakeNtlmBlob2
TbMakeNtlmBlob3
TbMakeOpen
TbMakeOpenAndX
TbMakeOpenPrintFile
TbMakePeekNamedPipe
TbMakeQueryInformation
TbMakeQueryInformation2
TbMakeQueryInformationSrv
TbMakeRead
TbMakeReadAndX
TbMakeReadMpx
TbMakeReadRaw
TbMakeRemQIRequest
TbMakeRename
TbMakeSearch
TbMakeSeek
TbMakeSendEndMbMessage
TbMakeSendMessage
TbMakeSendStartMbMessage
TbMakeSendTextMbMessage
TbMakeServerSocket
TbMakeSessionSetupAndX
TbMakeSetInformation
TbMakeSetInformation2
TbMakeSmbHeader
TbMakeSnegoAuthVerifier
TbMakeSnegoBlob1
TbMakeSnegoBlob2
TbMakeSnegoBlob3
TbMakeSnegoBlob4
TbMakeSocket
TbMakeSocketPair
TbMakeSysactRequest
TbMakeTcpReply
TbMakeTcpReq
TbMakeTransaction
TbMakeTransactionMailSlot
TbMakeTransactionNamedPipe
TbMakeTransactionRemApi
TbMakeTransactionSecondary
TbMakeTreeConnect
TbMakeTreeConnectAndX
TbMakeUNDHeader
TbMakeUdpFack
TbMakeUdpReq
TbMakeUdpResp
TbMakeUnlockByteRange
TbMakeWrite
TbMakeWrite103Raw
TbMakeWriteAndClose
TbMakeWriteAndCloseLong
TbMakeWriteAndX
TbMakeWriteMpx
TbMakeWriteMpxComplete
TbMakeWriteMpxSecondary
TbMakeWritePrintFile
TbMakeWriteRaw
TbMalloc
TbMatchMechOid
TbNTLMSSPOWFencrypt
TbNetlogonB1size
TbNetlogonB2size
TbNetlogonB3size
TbNlMakeCredential
TbNlMakeSessionKey
TbNlMakeWeakSessionKey
TbNtlmB1size
TbNtlmB2size
TbNtlmB3size
TbOutputBuffer
TbParseBlob1
TbParseBlob2
TbParseBlob3
TbParseBlob4
TbParseKerbBlob
TbParseKerbTicketBlob
TbParseNegFlags
TbParseNetlogonBlob1
TbParseNetlogonBlob2
TbParseNetlogonBlob3
TbParseNtlmBlob1
TbParseNtlmBlob2
TbParseNtlmBlob3
TbParseRemQIResponse
TbParseSmbCaps
TbParseSmbFlag1
TbParseSmbFlag2
TbParseSmbNativeOS
TbParseSnegoBlob1
TbParseSnegoBlob2
TbParseSnegoBlob3
TbParseSysactResponse
TbPrintAsnTree
TbPrintAsnTreeNodes
TbPrintBlob2Info
TbPrintIfPtr
TbPrintNetlogonBlob2Info
TbPrintNtTransactResp
TbPrintNtlmBlob2Info
TbPrintSmbNtExtSessionSetupAndXResp
TbPrintSmbSessionSetupAndXResp
TbPrintSnegoBlob2Info
TbPrintSysActReplyData
TbPrintTOD
TbPrintTowerInfo
TbPrintTransactionResp
TbPutARG
TbPutAlign
TbPutArg
TbPutAsnBerShortSize
TbPutAsnDerSize
TbPutAuth3
TbPutAuthTrailerTcp
TbPutAuthVerifier
TbPutBindAckRpc
TbPutBindRpc
TbPutBlob1
TbPutBlob2
TbPutBlob3
TbPutBlob4
TbPutBuff
TbPutBuffCyclic

Sections

.text
Size: 199KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tibe.dll
.dll windows:4 windows x86 arch:x86

b8d8296e73d3c629533f993549af998f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

ioctlsocket
WSAGetLastError
recv
send
sendto
WSACleanup
WSAStartup
htons
ntohl
ntohs
inet_ntoa
accept
listen
socket
setsockopt
bind
connect
WSASetLastError
recvfrom
select
closesocket
htonl

trfo

TfCrc32
TfMd4
TfRc4Init
TfRc4Encrypt
TfMd5Init
TfMd5Update
TfMd5Final
TfHmacMd5Init
TfHmacMd5Update
TfHmacMd5Final

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
DisableThreadLibraryCalls
FormatMessageA
GetSystemTime
SystemTimeToFileTime
Sleep

msvcr71

sscanf
_except_handler3
__security_error_handler
tolower
srand
mktime
gmtime
realloc
malloc
fprintf
fflush
strncat
_iob
islower
_snprintf
strncmp
strchr
_onexit
__dllonexit
__CppXcptFilter
_adjust_fdiv
strncpy
atoi
free
time
_initterm
rand
toupper
sprintf

Exports

Exports

TbAddInterfacePointer
TbAsnOidToBytes
TbB1size
TbB2size
TbB3size
TbB4size
TbBuffCat
TbBuffCpy
TbBuffnCat
TbBytesToAsnOid
TbCatUniBuff
TbCheckActid
TbCheckSecuritySignature
TbCleanSB
TbCloseSocket
TbCloseStructSockets
TbComputeUtf8Len
TbConnectNonblocking
TbConvAreYouThere_makeresp
TbConvWhoAreYou2_makeresp
TbConvWhoAreYouAuthMore_makeresp
TbConvWhoAreYouAuth_makeresp
TbConvWhoAreYou_makeresp
TbConvWhoAreYou_parserequest
TbCopyBuffStrToUniBuffStr
TbCopyRemoteDomainInfoToLocal
TbCreateActid
TbCreateNonzeroPointer
TbD_P16
TbDealWithAlterContext
TbDealWithAuth3
TbDealWithBind
TbDealWithDecryption
TbDealWithEncryption
TbDealWithNetlogonDecryption
TbDealWithNetlogonEncryption
TbDealWithNtlmDecryption
TbDealWithNtlmEncryption
TbDealWithSnegoDecryption
TbDealWithSnegoEncryption
TbDealWithTcpReq
TbDesDecrypt8
TbDesEncrypt8
TbDoAuth3
TbDoBind
TbDoCoCreateInstance
TbDoCoCreateInstance2
TbDoGetClassObject
TbDoGetClassObject2
TbDoHttpStartup
TbDoNbtSessionRequest
TbDoNetlogonAuth
TbDoRegQueryHklmKey
TbDoRegQueryHklmValue
TbDoRegQueryUsersKey
TbDoRegQueryUsersValue
TbDoRemQI
TbDoRpcBind
TbDoRpcBindEx
TbDoRpcRequest
TbDoRpcRequestEx
TbDoSmbCancelForward
TbDoSmbChangePipe
TbDoSmbChangeShare
TbDoSmbCheckDirectory
TbDoSmbClose
TbDoSmbCloseAndTdisc
TbDoSmbClosePrint
TbDoSmbCopy
TbDoSmbCreate
TbDoSmbCreateDir
TbDoSmbCreateNew
TbDoSmbCreateTemp
TbDoSmbDelete
TbDoSmbDeleteDirectory
TbDoSmbEcho
TbDoSmbFind
TbDoSmbFindClose
TbDoSmbFindClose2
TbDoSmbFindNotifyClose
TbDoSmbFindUnique
TbDoSmbFlush
TbDoSmbForwardUserName
TbDoSmbGeneric
TbDoSmbGetMachineName
TbDoSmbGetPrintQueue
TbDoSmbHalfNtExtSessionSetupAndX
TbDoSmbIoctl
TbDoSmbIoctlSecondary
TbDoSmbLockAndRead
TbDoSmbLockByteRange
TbDoSmbLockingAndX
TbDoSmbLogoffAndX
TbDoSmbMove
TbDoSmbNegotiate
TbDoSmbNtCancel
TbDoSmbNtCreateAndX
TbDoSmbNtExtSessionSetupAndX
TbDoSmbNtLockingAndX
TbDoSmbNtReadAndX
TbDoSmbNtReadRaw
TbDoSmbNtRename
TbDoSmbNtSessionSetupAndX
TbDoSmbNtTransact
TbDoSmbNtTransactSecondary
TbDoSmbNtWriteAndX
TbDoSmbNtWriteRaw
TbDoSmbOpen
TbDoSmbOpenAndX
TbDoSmbOpenPrintFile
TbDoSmbPacket
TbDoSmbPeekNamedPipe
TbDoSmbProcessExit
TbDoSmbQueryInformation
TbDoSmbQueryInformation2
TbDoSmbQueryInformationDisk
TbDoSmbQueryInformationSrv
TbDoSmbRead
TbDoSmbReadAndX
TbDoSmbReadMpx
TbDoSmbReadRaw
TbDoSmbRecvData
TbDoSmbRename
TbDoSmbSearch
TbDoSmbSeek
TbDoSmbSendBroadcastMessage
TbDoSmbSendData
TbDoSmbSendEndMbMessage
TbDoSmbSendMessage
TbDoSmbSendStartMbMessage
TbDoSmbSendTextMbMessage
TbDoSmbSessionSetupAndX
TbDoSmbSetInformation
TbDoSmbSetInformation2
TbDoSmbShutdown
TbDoSmbStartup
TbDoSmbStartupEx
TbDoSmbTransactRemApi
TbDoSmbTransaction
TbDoSmbTransaction2
TbDoSmbTransaction2Secondary
TbDoSmbTransactionMailslot
TbDoSmbTransactionNamedPipe
TbDoSmbTransactionSecondary
TbDoSmbTreeConnect
TbDoSmbTreeConnectAndX
TbDoSmbTreeDisconnect
TbDoSmbUnlockByteRange
TbDoSmbWrite
TbDoSmbWrite103Raw
TbDoSmbWriteAndClose
TbDoSmbWriteAndCloseLong
TbDoSmbWriteAndUnlock
TbDoSmbWriteAndX
TbDoSmbWriteMpx
TbDoSmbWriteMpxComplete
TbDoSmbWriteMpxSecondary
TbDoSmbWritePrintFile
TbDoSmbWriteRaw
TbDoTcpFault
TbDoTcpReply
TbDoTcpReq
TbDoTcpSendRecv
TbDoUdpReq
TbE_P16
TbE_P24
TbE_old_pw_hash
TbEmulateNT
TbEmulateSamba
TbEmulateVista
TbEmulateVista_64
TbEmulateW2K
TbEmulateW2K3SP0
TbEmulateW2K3SP1
TbEmulateW2K3_64
TbEmulateXPSP2
TbEmulateXP_64
TbEmulateXPpre2
TbFillUdpHdr
TbFinishSocket
TbFixSmbSecuritySignature
TbFreeStructBuffers
TbGet32BitJan70Time
TbGet32BitJan80Time
TbGetAllRpcServices
TbGetArg
TbGetAsnDerSize
TbGetAsnOid
TbGetAuth3
TbGetAuthTrailerTcp
TbGetAuthVSize
TbGetAuthVerifier
TbGetBindAckRpc
TbGetBindRpc
TbGetBuff
TbGetByte
TbGetCtxHand
TbGetCurrentTime
TbGetErrString
TbGetErrStringFromList
TbGetFaultHdr
TbGetFaultRpc
TbGetHyper
TbGetIfData
TbGetIpid
TbGetLangStringInfo
TbGetListHdr
TbGetLong
TbGetMgmt0Info
TbGetNSH
TbGetNetlogonAuthVerifier
TbGetNetlogonAuthVerifierSize
TbGetNtlmAuthVerifier
TbGetNtlmAuthVerifierSize
TbGetOxid
TbGetPointer
TbGetProtocolLegCount
TbGetReplyRpc
TbGetRequestRpc
TbGetRpcSize
TbGetSRpc
TbGetShort
TbGetSmbErrString
TbGetSmbHeader
TbGetSmbTransactionData
TbGetSmbTransactionParameters
TbGetSnegoAuthVerifier
TbGetSnegoAuthVerifierSize
TbGetSocketError
TbGetSocketErrorString
TbGetString
TbGetStringValue
TbGetSyntax
TbGetTcpStub
TbGetUdpHdr
TbGetUdpStub
TbGetUuid
TbGetUuid64BitTime
TbGoodString
TbHandleNbtError
TbInitCrypto
TbInitNetlogonCrypto
TbInitNtlmCrypto
TbInitSnegoCrypto
TbInitStruct
TbInitializeRandSeed
TbLocateNpRpcPort
TbLocateRpcService
TbLocateTcpRpcPort
TbLocateUdpRpcPort
TbMakeAlterCtx
TbMakeAuth3
TbMakeAuthVerifier
TbMakeBind
TbMakeBindAck
TbMakeBindNak
TbMakeBlob1
TbMakeBlob2
TbMakeBlob3
TbMakeBlob4
TbMakeCancelForward
TbMakeCheckDirectory
TbMakeClose
TbMakeCloseAndTdisc
TbMakeClosePrint
TbMakeCopy
TbMakeCreate
TbMakeCreateDir
TbMakeCreateTemp
TbMakeDelete
TbMakeDeleteDirectory
TbMakeEcho
TbMakeFault
TbMakeFindClose2
TbMakeFindNotifyClose
TbMakeFlush
TbMakeForwardUserName
TbMakeGeneric
TbMakeGetPrintQueue
TbMakeIoctl
TbMakeIoctlSecondary
TbMakeLockByteRange
TbMakeLockingAndX
TbMakeLogoffAndX
TbMakeMove
TbMakeNbtSessionRequest
TbMakeNegotiate
TbMakeNetlogonAuthVerifier
TbMakeNetlogonBlob1
TbMakeNetlogonBlob2
TbMakeNetlogonBlob3
TbMakeNtCreateAndX
TbMakeNtExtSessionSetupAndX
TbMakeNtLockingAndX
TbMakeNtReadAndX
TbMakeNtReadRaw
TbMakeNtRename
TbMakeNtSessionSetupAndX
TbMakeNtTransact
TbMakeNtTransactSecondary
TbMakeNtWriteAndX
TbMakeNtWriteRaw
TbMakeNtlmAuthVerifier
TbMakeNtlmBlob1
TbMakeNtlmBlob2
TbMakeNtlmBlob3
TbMakeOpen
TbMakeOpenAndX
TbMakeOpenPrintFile
TbMakePeekNamedPipe
TbMakeQueryInformation
TbMakeQueryInformation2
TbMakeQueryInformationSrv
TbMakeRead
TbMakeReadAndX
TbMakeReadMpx
TbMakeReadRaw
TbMakeRemQIRequest
TbMakeRename
TbMakeSearch
TbMakeSeek
TbMakeSendEndMbMessage
TbMakeSendMessage
TbMakeSendStartMbMessage
TbMakeSendTextMbMessage
TbMakeServerSocket
TbMakeSessionSetupAndX
TbMakeSetInformation
TbMakeSetInformation2
TbMakeSmbHeader
TbMakeSnegoAuthVerifier
TbMakeSnegoBlob1
TbMakeSnegoBlob2
TbMakeSnegoBlob3
TbMakeSnegoBlob4
TbMakeSocket
TbMakeSysactRequest
TbMakeTcpReply
TbMakeTcpReq
TbMakeTransaction
TbMakeTransactionMailSlot
TbMakeTransactionNamedPipe
TbMakeTransactionRemApi
TbMakeTransactionSecondary
TbMakeTreeConnect
TbMakeTreeConnectAndX
TbMakeUNDHeader
TbMakeUdpFack
TbMakeUdpReq
TbMakeUdpResp
TbMakeUnlockByteRange
TbMakeWrite
TbMakeWrite103Raw
TbMakeWriteAndClose
TbMakeWriteAndCloseLong
TbMakeWriteAndX
TbMakeWriteMpx
TbMakeWriteMpxComplete
TbMakeWriteMpxSecondary
TbMakeWritePrintFile
TbMakeWriteRaw
TbMalloc
TbNTLMSSPOWFencrypt
TbNetlogonB1size
TbNetlogonB2size
TbNetlogonB3size
TbNlMakeCredential
TbNlMakeSessionKey
TbNlMakeWeakSessionKey
TbNtlmB1size
TbNtlmB2size
TbNtlmB3size
TbOutputBuffer
TbParseBlob1
TbParseBlob2
TbParseBlob3
TbParseBlob4
TbParseNegFlags
TbParseNetlogonBlob1
TbParseNetlogonBlob2
TbParseNetlogonBlob3
TbParseNtlmBlob1
TbParseNtlmBlob2
TbParseNtlmBlob3
TbParseRemQIResponse
TbParseSmbCaps
TbParseSmbFlag1
TbParseSmbFlag2
TbParseSmbNativeOS
TbParseSnegoBlob1
TbParseSnegoBlob2
TbParseSnegoBlob3
TbParseSysactResponse
TbPrintBlob2Info
TbPrintIfPtr
TbPrintNetlogonBlob2Info
TbPrintNtTransactResp
TbPrintNtlmBlob2Info
TbPrintSmbNtExtSessionSetupAndXResp
TbPrintSmbSessionSetupAndXResp
TbPrintSnegoBlob2Info
TbPrintSysActReplyData
TbPrintTowerInfo
TbPrintTransactionResp
TbPutARG
TbPutAlign
TbPutArg
TbPutAsnBerShortSize
TbPutAsnDerSize
TbPutAuth3
TbPutAuthTrailerTcp
TbPutAuthVerifier
TbPutBindAckRpc
TbPutBindRpc
TbPutBlob1
TbPutBlob2
TbPutBlob3
TbPutBlob4
TbPutBuff
TbPutBuffCyclic
TbPutByte
TbPutCTH
TbPutContexts
TbPutCtxHand
TbPutDSA
TbPutFackHdr
TbPutFault
TbPutHyper
TbPutIfPtr
TbPutIpid
TbPutListHdr
TbPutLocalThis
TbPutLong
TbPutNSH
TbPutNetlogonAuthVerifier
TbPutNetlogonBlob1
TbPutNetlogonBlob2
TbPutNtCreateX
TbPutNtReadX
TbPutNtWriteX
TbPutNtlmAuthVerifier
TbPutNtlmBlob1
TbPutNtlmBlob2
TbPutNtlmBlob3
TbPutOneArg
TbPutOrpcThat
TbPutOrpcThis
TbPutOxid
TbPutPadding
TbPutPointer
TbPutRequest
TbPutResponse
TbPutResult
TbPutRpcArray
TbPutRpcArrayWithMax
TbPutRpcAsciiString
TbPutRpcSize
TbPutRpcUniString
TbPutSRpc
TbPutShort
TbPutSmbHeader
TbPutSnegoAuthVerifier
TbPutSnegoBlob1
TbPutSnegoBlob2
TbPutSnegoBlob3
TbPutSnegoBlob4
TbPutStr
TbPutStrAsLEUni
TbPutString
TbPutSyntax
TbPutTransInfo
TbPutTransact
TbPutUNISTRContents
TbPutUNISTRHeader
TbPutUdpHdr
TbPutUdpNetbiosHeader
TbPutUniBuff
TbPutUuid
TbRc4Init40
TbReadSmbHeader
TbReadSmbIoctlResp
TbReadSmbNegOldResp
TbReadSmbNegResp
TbReadSmbNtCreateAndXResp
TbReadSmbNtExtSessionSetupAndXResp
TbReadSmbNtNegResp
TbReadSmbNtTransactResp
TbReadSmbPeekResp
TbReadSmbReadAndXResp
TbReadSmbReadMpxResp
TbReadSmbReadResp
TbReadSmbSessionSetupAndXResp
TbReadSmbTransactionResp
TbReadSmbTreeConnectAndXResp
TbReadSmbTreeConnectResp
TbReadSmbWriteAndXResp
TbReadSmbWriteRawResp
TbReadSmbWriteResp
TbRealloc
TbRecv

Sections

.text
Size: 212KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
trch-0.dll
.dll windows:4 windows x86 arch:x86

9275408cb68bb6751faa4933679e970e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

libxml2

xmlCleanupParser
xmlFreeMutex
xmlInitParser
xmlFree
xmlStrcmp
xmlGetProp
xmlMutexUnlock
xmlFreeDoc
xmlSearchNsByHref
xmlDocGetRootElement
xmlParseMemory
xmlMutexLock
xmlNewMutex

tucl-1

TcLog

ws2_32

inet_addr

msvcrt

free
calloc
strspn
strcspn
_access
realloc
malloc
sprintf
strncmp
strtol
tolower
memmove
strtoul
strncpy
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
_errno

Exports

Exports

Boolean_List_marshal
Boolean_marshal
Boolean_type
Config_create
Config_delete
Config_duplicate
Config_getID
Config_getInputParams
Config_getOutputParams
Config_marshal
Config_printUsage
Config_setInputParams
Config_setOutputParams
Config_unmarshal
FinalizeXMLUnmarshal
IPv4_List_marshal
IPv4_marshal
IPv4_type
InitializeXMLUnmarshal
List_format
LocalFile_List_marshal
LocalFile_marshal
LocalFile_type
Paramchoice_addParamgroup
Paramchoice_create
Paramchoice_delete
Paramchoice_getDefaultValue
Paramchoice_getDescription
Paramchoice_getName
Paramchoice_getNumParamgroups
Paramchoice_getParamgroup
Paramchoice_getValue
Paramchoice_hasValidValue
Paramchoice_hasValue
Paramchoice_isValid
Paramchoice_matchName
Paramchoice_setValue
Parameter_Boolean_List_create
Parameter_Boolean_List_getSize
Parameter_Boolean_List_getValue
Parameter_Boolean_List_setValue
Parameter_Boolean_create
Parameter_Boolean_getValue
Parameter_Boolean_setValue
Parameter_IPv4_List_create
Parameter_IPv4_List_getSize
Parameter_IPv4_List_getValue
Parameter_IPv4_List_setValue
Parameter_IPv4_create
Parameter_IPv4_getValue
Parameter_IPv4_setValue
Parameter_LocalFile_List_create
Parameter_LocalFile_List_getSize
Parameter_LocalFile_List_getValue
Parameter_LocalFile_List_setValue
Parameter_LocalFile_create
Parameter_LocalFile_getValue
Parameter_LocalFile_setValue
Parameter_Port_List_getSize
Parameter_Port_List_getValue
Parameter_Port_List_setValue
Parameter_Port_getValue
Parameter_Port_setValue
Parameter_S16_List_create
Parameter_S16_List_getSize
Parameter_S16_List_getValue
Parameter_S16_List_setValue
Parameter_S16_create
Parameter_S16_getValue
Parameter_S16_setValue
Parameter_S32_List_create
Parameter_S32_List_getSize
Parameter_S32_List_getValue
Parameter_S32_List_setValue
Parameter_S32_create
Parameter_S32_getValue
Parameter_S32_setValue
Parameter_S8_List_create
Parameter_S8_List_getSize
Parameter_S8_List_getValue
Parameter_S8_List_setValue
Parameter_S8_create
Parameter_S8_getValue
Parameter_S8_setValue
Parameter_Socket_List_create
Parameter_Socket_List_getSize
Parameter_Socket_List_getValue
Parameter_Socket_List_setValue
Parameter_Socket_create
Parameter_Socket_getValue
Parameter_Socket_setValue
Parameter_String_List_create
Parameter_String_List_getSize
Parameter_String_List_getValue
Parameter_String_List_setValue
Parameter_String_create
Parameter_String_getValue
Parameter_String_setValue
Parameter_TcpPort_List_create
Parameter_TcpPort_create
Parameter_U16_List_create
Parameter_U16_List_getSize
Parameter_U16_List_getValue
Parameter_U16_List_setValue
Parameter_U16_create
Parameter_U16_getValue
Parameter_U16_setValue
Parameter_U32_List_create
Parameter_U32_List_getSize
Parameter_U32_List_getValue
Parameter_U32_List_setValue
Parameter_U32_create
Parameter_U32_getValue
Parameter_U32_setValue
Parameter_U8_List_create
Parameter_U8_List_getSize
Parameter_U8_List_getValue
Parameter_U8_List_setValue
Parameter_U8_create
Parameter_U8_getValue
Parameter_U8_setValue
Parameter_UString_List_create
Parameter_UString_List_getSize
Parameter_UString_List_getValue
Parameter_UString_List_setValue
Parameter_UString_create
Parameter_UString_getValue
Parameter_UString_setValue
Parameter_UdpPort_List_create
Parameter_UdpPort_create
Parameter_delete
Parameter_getDescription
Parameter_getFormat
Parameter_getMarshalledDefault
Parameter_getMarshalledValue
Parameter_getName
Parameter_getType
Parameter_hasValidValue
Parameter_hasValue
Parameter_hide
Parameter_isRequired
Parameter_isValid
Parameter_markInvalid
Parameter_markInvalidWithReason
Parameter_matchFormat
Parameter_matchFormatAndType
Parameter_matchName
Parameter_matchType
Parameter_resetValue
Parameter_setMarshalledValue
Paramgroup_addParamchoice
Paramgroup_addParameter
Paramgroup_create
Paramgroup_delete
Paramgroup_getDescription
Paramgroup_getName
Paramgroup_getNumParamchoices
Paramgroup_getNumParameters
Paramgroup_getParamchoice
Paramgroup_getParameter
Paramgroup_isValid
Paramgroup_matchName
Paramgroup_removeParameter
Params_addParamchoice
Params_addParameter
Params_create
Params_delete
Params_duplicate
Params_findParamchoice
Params_findParameter
Params_getCallbackIPv4Values
Params_getCallbackPortValues
Params_getNumParamchoices
Params_getNumParameters
Params_getParamchoice
Params_getParameter
Params_isValid
Params_parseCommandLine
Params_printInvalid
Params_removeParameter
Params_validateCallbackPorts
Port_List_marshal
Port_marshal
S16_List_marshal
S16_marshal
S16_type
S32_List_marshal
S32_marshal
S32_type
S8_List_marshal
S8_marshal
S8_type
Scalar_format
Socket_type
String_List_marshal
String_marshal
String_type
TcpPort_type
U16_List_marshal
U16_marshal
U16_type
U32_List_marshal
U32_marshal
U32_type
U8_List_marshal
U8_marshal
U8_type
UString_List_marshal
UString_marshal
UString_type
UdpPort_type

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
trch-1.dll
.dll windows:5 windows x86 arch:x86

e566b5e1afbaca6e9905feda4cf65fa9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
OutputDebugStringA
GetSystemTimeAsFileTime

libxml2

xmlNewNs
xmlNewDoc
xmlSaveToBuffer
xmlBufferCreate
xmlCleanupParser
xmlFreeMutex
xmlNewMutex
xmlInitParser
xmlStrcmp
xmlFree
xmlNodeGetContent
xmlGetProp
xmlMutexUnlock
xmlSearchNsByHref
xmlDocGetRootElement
xmlParseMemory
xmlMutexLock
xmlFreeNode
xmlNodeSetContent
xmlNewProp
xmlNewNode
xmlFreeDoc
xmlBufferFree
xmlSaveClose
xmlFreeNs
xmlBufferContent
xmlBufferLength
xmlSaveFlush
xmlSaveDoc
xmlAddChild
xmlReconciliateNs

tucl-1

TcLog

msvcrt

strchr
strcmp
strcat
sprintf
calloc
free
strlen
strncpy
tolower
memset
strspn
_access
memmove
realloc
malloc
strncmp
strtol
isspace
strtoul
strcpy
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
_errno
strcspn

Exports

Exports

Boolean_List_marshal
Boolean_marshal
Boolean_type
Buffer_List_marshal
Buffer_marshal
Buffer_type
Config_create
Config_delete
Config_duplicate
Config_getConfigVersion
Config_getConstants
Config_getID
Config_getInputParams
Config_getName
Config_getNamespaceUri
Config_getOutputParams
Config_getSchemaVersion
Config_getVersion
Config_marshal
Config_printUsage
Config_setConstants
Config_setInputParams
Config_setOutputParams
Config_unmarshal
FinalizeXMLUnmarshal
IPv4_List_marshal
IPv4_marshal
IPv4_type
IPv6_List_marshal
IPv6_marshal
IPv6_type
InitializeXMLUnmarshal
List_format
LocalFile_List_marshal
LocalFile_marshal
LocalFile_type
Paramchoice_addParamgroup
Paramchoice_create
Paramchoice_delete
Paramchoice_getDefaultValue
Paramchoice_getDescription
Paramchoice_getName
Paramchoice_getNumParamgroups
Paramchoice_getParamgroup
Paramchoice_getValue
Paramchoice_hasValidValue
Paramchoice_hasValue
Paramchoice_isValid
Paramchoice_matchName
Paramchoice_setValue
Parameter_Boolean_List_create
Parameter_Boolean_List_getSize
Parameter_Boolean_List_getValue
Parameter_Boolean_List_setValue
Parameter_Boolean_create
Parameter_Boolean_getValue
Parameter_Boolean_setValue
Parameter_Buffer_List_create
Parameter_Buffer_List_getSize
Parameter_Buffer_List_getValue
Parameter_Buffer_List_setValue
Parameter_Buffer_create
Parameter_Buffer_getValue
Parameter_Buffer_setValue
Parameter_IPv4_List_create
Parameter_IPv4_List_getSize
Parameter_IPv4_List_getValue
Parameter_IPv4_List_setValue
Parameter_IPv4_create
Parameter_IPv4_getValue
Parameter_IPv4_setValue
Parameter_IPv6_List_create
Parameter_IPv6_List_getSize
Parameter_IPv6_List_getValue
Parameter_IPv6_List_setValue
Parameter_IPv6_create
Parameter_IPv6_getValue
Parameter_IPv6_setValue
Parameter_LocalFile_List_create
Parameter_LocalFile_List_getSize
Parameter_LocalFile_List_getValue
Parameter_LocalFile_List_setValue
Parameter_LocalFile_create
Parameter_LocalFile_getValue
Parameter_LocalFile_setValue
Parameter_Port_List_getSize
Parameter_Port_List_getValue
Parameter_Port_List_setValue
Parameter_Port_getValue
Parameter_Port_setValue
Parameter_S16_List_create
Parameter_S16_List_getSize
Parameter_S16_List_getValue
Parameter_S16_List_setValue
Parameter_S16_create
Parameter_S16_getValue
Parameter_S16_setValue
Parameter_S32_List_create
Parameter_S32_List_getSize
Parameter_S32_List_getValue
Parameter_S32_List_setValue
Parameter_S32_create
Parameter_S32_getValue
Parameter_S32_setValue
Parameter_S64_List_create
Parameter_S64_List_getSize
Parameter_S64_List_getValue
Parameter_S64_List_setValue
Parameter_S64_create
Parameter_S64_getValue
Parameter_S64_setValue
Parameter_S8_List_create
Parameter_S8_List_getSize
Parameter_S8_List_getValue
Parameter_S8_List_setValue
Parameter_S8_create
Parameter_S8_getValue
Parameter_S8_setValue
Parameter_Socket_List_create
Parameter_Socket_List_getSize
Parameter_Socket_List_getValue
Parameter_Socket_List_setValue
Parameter_Socket_create
Parameter_Socket_getValue
Parameter_Socket_setValue
Parameter_String_List_create
Parameter_String_List_getSize
Parameter_String_List_getValue
Parameter_String_List_setValue
Parameter_String_create
Parameter_String_getValue
Parameter_String_setValue
Parameter_TcpPort_List_create
Parameter_TcpPort_create
Parameter_U16_List_create
Parameter_U16_List_getSize
Parameter_U16_List_getValue
Parameter_U16_List_setValue
Parameter_U16_create
Parameter_U16_getValue
Parameter_U16_setValue
Parameter_U32_List_create
Parameter_U32_List_getSize
Parameter_U32_List_getValue
Parameter_U32_List_setValue
Parameter_U32_create
Parameter_U32_getValue
Parameter_U32_setValue
Parameter_U64_List_create
Parameter_U64_List_getSize
Parameter_U64_List_getValue
Parameter_U64_List_setValue
Parameter_U64_create
Parameter_U64_getValue
Parameter_U64_setValue
Parameter_U8_List_create
Parameter_U8_List_getSize
Parameter_U8_List_getValue
Parameter_U8_List_setValue
Parameter_U8_create
Parameter_U8_getValue
Parameter_U8_setValue
Parameter_UString_List_create
Parameter_UString_List_getSize
Parameter_UString_List_getValue
Parameter_UString_List_setValue
Parameter_UString_create
Parameter_UString_getValue
Parameter_UString_setValue
Parameter_UdpPort_List_create
Parameter_UdpPort_create
Parameter_delete
Parameter_getDescription
Parameter_getFormat
Parameter_getInvalidReason
Parameter_getMarshalledDefault
Parameter_getMarshalledValue
Parameter_getName
Parameter_getType
Parameter_hasValidValue
Parameter_hasValue
Parameter_hide
Parameter_isHidden
Parameter_isRequired
Parameter_isValid
Parameter_markInvalid
Parameter_markInvalidWithReason
Parameter_matchFormat
Parameter_matchFormatAndType
Parameter_matchName
Parameter_matchType
Parameter_resetValue
Parameter_setMarshalledValue
Paramgroup_addParamchoice
Paramgroup_addParameter
Paramgroup_create
Paramgroup_delete
Paramgroup_getDescription
Paramgroup_getName
Paramgroup_getNumParamchoices
Paramgroup_getNumParameters
Paramgroup_getParamchoice
Paramgroup_getParameter
Paramgroup_isValid
Paramgroup_matchName
Paramgroup_removeParameter
Params_addParamchoice
Params_addParameter
Params_create
Params_delete
Params_duplicate
Params_findParamchoice
Params_findParameter
Params_getCallbackIPv4Values
Params_getCallbackIPv6Values
Params_getCallbackPortValues
Params_getName
Params_getNumParamchoices
Params_getNumParameters
Params_getParamchoice
Params_getParameter
Params_isValid
Params_parseCommandLine
Params_printInvalid
Params_removeParameter
Params_validateCallbackPorts
Port_List_marshal
Port_marshal
S16_List_marshal
S16_marshal
S16_type
S32_List_marshal
S32_marshal
S32_type
S64_List_marshal
S64_marshal
S64_type
S8_List_marshal
S8_marshal
S8_type
Scalar_format
Socket_List_marshal
Socket_marshal
Socket_type
String_List_marshal
String_marshal
String_type
TcpPort_type
U16_List_marshal
U16_marshal
U16_type
U32_List_marshal
U32_marshal
U32_type
U64_List_marshal
U64_marshal
U64_type
U8_List_marshal
U8_marshal
U8_type
UString_List_marshal
UString_marshal
UString_type
UdpPort_type
freeMarshalledValue

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
trch.dll
.dll windows:4 windows x86 arch:x86

82522dcb71a53795c59c7027026f6528

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

inet_addr

libxml2

xmlParseMemory
xmlDocGetRootElement
xmlFreeDoc
xmlSearchNsByHref
xmlGetProp
xmlStrcmp
xmlFree

tucl

TcLog

msvcr71

_onexit
__dllonexit
__CppXcptFilter
free
calloc
strspn
strncpy
strcspn
_access
realloc
malloc
sprintf
strncmp
_errno
strtol
tolower
memmove
strtoul
__security_error_handler
_except_handler3
_initterm
_adjust_fdiv

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess

Exports

Exports

Boolean_List_marshal
Boolean_marshal
Boolean_type
Config_create
Config_delete
Config_getInputParams
Config_getOutputParams
Config_marshal
Config_printUsage
Config_setInputParams
Config_setOutputParams
Config_unmarshal
IPv4_List_marshal
IPv4_marshal
IPv4_type
List_format
LocalFile_List_marshal
LocalFile_marshal
LocalFile_type
Paramchoice_addParamgroup
Paramchoice_create
Paramchoice_delete
Paramchoice_getDefaultValue
Paramchoice_getDescription
Paramchoice_getName
Paramchoice_getNumParamgroups
Paramchoice_getParamgroup
Paramchoice_getValue
Paramchoice_hasValidValue
Paramchoice_isValid
Paramchoice_matchName
Paramchoice_setValue
Parameter_Boolean_List_create
Parameter_Boolean_List_getSize
Parameter_Boolean_List_getValue
Parameter_Boolean_List_setValue
Parameter_Boolean_create
Parameter_Boolean_getValue
Parameter_Boolean_setValue
Parameter_IPv4_List_create
Parameter_IPv4_List_getSize
Parameter_IPv4_List_getValue
Parameter_IPv4_List_setValue
Parameter_IPv4_create
Parameter_IPv4_getValue
Parameter_IPv4_setValue
Parameter_LocalFile_List_create
Parameter_LocalFile_List_getSize
Parameter_LocalFile_List_getValue
Parameter_LocalFile_List_setValue
Parameter_LocalFile_create
Parameter_LocalFile_getValue
Parameter_LocalFile_setValue
Parameter_Port_List_getSize
Parameter_Port_List_getValue
Parameter_Port_List_setValue
Parameter_Port_getValue
Parameter_Port_setValue
Parameter_S16_List_create
Parameter_S16_List_getSize
Parameter_S16_List_getValue
Parameter_S16_List_setValue
Parameter_S16_create
Parameter_S16_getValue
Parameter_S16_setValue
Parameter_S32_List_create
Parameter_S32_List_getSize
Parameter_S32_List_getValue
Parameter_S32_List_setValue
Parameter_S32_create
Parameter_S32_getValue
Parameter_S32_setValue
Parameter_S8_List_create
Parameter_S8_List_getSize
Parameter_S8_List_getValue
Parameter_S8_List_setValue
Parameter_S8_create
Parameter_S8_getValue
Parameter_S8_setValue
Parameter_Socket_List_create
Parameter_Socket_List_getSize
Parameter_Socket_List_getValue
Parameter_Socket_List_setValue
Parameter_Socket_create
Parameter_Socket_getValue
Parameter_Socket_setValue
Parameter_String_List_create
Parameter_String_List_getSize
Parameter_String_List_getValue
Parameter_String_List_setValue
Parameter_String_create
Parameter_String_getValue
Parameter_String_setValue
Parameter_TcpPort_List_create
Parameter_TcpPort_create
Parameter_U16_List_create
Parameter_U16_List_getSize
Parameter_U16_List_getValue
Parameter_U16_List_setValue
Parameter_U16_create
Parameter_U16_getValue
Parameter_U16_setValue
Parameter_U32_List_create
Parameter_U32_List_getSize
Parameter_U32_List_getValue
Parameter_U32_List_setValue
Parameter_U32_create
Parameter_U32_getValue
Parameter_U32_setValue
Parameter_U8_List_create
Parameter_U8_List_getSize
Parameter_U8_List_getValue
Parameter_U8_List_setValue
Parameter_U8_create
Parameter_U8_getValue
Parameter_U8_setValue
Parameter_UString_List_create
Parameter_UString_List_getSize
Parameter_UString_List_getValue
Parameter_UString_List_setValue
Parameter_UString_create
Parameter_UString_getValue
Parameter_UString_setValue
Parameter_UdpPort_List_create
Parameter_UdpPort_create
Parameter_delete
Parameter_getDescription
Parameter_getFormat
Parameter_getMarshalledDefault
Parameter_getMarshalledValue
Parameter_getName
Parameter_getType
Parameter_hasValidValue
Parameter_hasValue
Parameter_hide
Parameter_isRequired
Parameter_isValid
Parameter_markInvalid
Parameter_matchFormat
Parameter_matchFormatAndType
Parameter_matchName
Parameter_matchType
Parameter_setMarshalledValue
Paramgroup_addParamchoice
Paramgroup_addParameter
Paramgroup_create
Paramgroup_delete
Paramgroup_getDescription
Paramgroup_getName
Paramgroup_getNumParamchoices
Paramgroup_getNumParameters
Paramgroup_getParamchoice
Paramgroup_getParameter
Paramgroup_isValid
Paramgroup_matchName
Paramgroup_removeParameter
Params_addParamchoice
Params_addParameter
Params_create
Params_delete
Params_findParamchoice
Params_findParameter
Params_getCallbackIPv4Values
Params_getCallbackPortValues
Params_getNumParamchoices
Params_getNumParameters
Params_getParamchoice
Params_getParameter
Params_isValid
Params_parseCommandLine
Params_printInvalid
Params_removeParameter
Params_validateCallbackPorts
Port_List_marshal
Port_marshal
S16_List_marshal
S16_marshal
S16_type
S32_List_marshal
S32_marshal
S32_type
S8_List_marshal
S8_marshal
S8_type
Scalar_format
Socket_type
String_List_marshal
String_marshal
String_type
TcpPort_type
U16_List_marshal
U16_marshal
U16_type
U32_List_marshal
U32_marshal
U32_type
U8_List_marshal
U8_marshal
U8_type
UString_List_marshal
UString_marshal
UString_type
UdpPort_type

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
trfo-0.dll
.dll windows:4 windows x86 arch:x86

3260c253d9440b22219a68c1b89be3f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

ucl

ucl_nrv2d_decompress_8
__ucl_init2
ucl_nrv2d_99_compress
ucl_crc32

ws2_32

htonl

msvcrt

_iob
free
calloc
malloc
fread
ftell
fclose
fseek
fopen
fwrite
fgets
tolower
srand
floor
_ftime
_CIpow
time
sscanf
strcspn
strncmp
sprintf
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
rand

Exports

Exports

TfBase64Decode
TfBase64Encode
TfBuildPatternString
TfBuildPatternUnicodeString
TfBuildRandomString
TfBuildRandomUnicodeString
TfCrc32
TfDulEncoder
TfFillPattern
TfFillRandom
TfFillRandomUnicode
TfFree
TfGetUserInput
TfHasBadBytes
TfHmacMd5Final
TfHmacMd5Init
TfHmacMd5Update
TfLzCompress
TfLzDecompress
TfMakeGfaHash
TfMd4
TfMd5Final
TfMd5Init
TfMd5Update
TfNrvCalculateMaxExpansion
TfNrvCompress
TfNrvDecompress
TfRandomAscii
TfRandomBase64
TfRandomByte
TfRandomByteFromAlphabet
TfRandomByteFromRange
TfRandomInt
TfRandomizeBuffer
TfRc4Encrypt
TfRc4Init
TfReadFileIntoBuffer
TfSeedRandom
TfStrICmp
TfStrcasecmp
TfStrncasecmp
TfUuDecode
TfUuEncode
TfWriteBufferIntoFile
TfXorBuffer
TfXorw2Encoder
TfXorwEncoder

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
trfo-2.dll
.dll windows:5 windows x86 arch:x86

5f4323fd2ad75a83e642205dc50294b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

posh-0

POSH_SwapU32

ucl

ucl_crc32
ucl_nrv2d_99_compress
__ucl_init2
ucl_nrv2d_decompress_8

ws2_32

htonl

msvcrt

_iob
calloc
memcpy
memset
tolower
memmove
pow
free
srand
time
fread
ftell
fclose
fseek
fwrite
fgets
_snprintf
floor
rand
_ftime
malloc
sscanf
strcspn
strcat
sprintf
strlen
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
strncmp
fopen

Exports

Exports

TfBase64Decode
TfBase64Encode
TfBuildPatternString
TfBuildPatternUnicodeString
TfBuildRandomString
TfBuildRandomUnicodeString
TfChecksumXor32
TfCrc32
TfDulEncoder
TfEscapeJavaScriptBuffer
TfFillPattern
TfFillRandom
TfFillRandomUnicode
TfFree
TfGetUserInput
TfHasBadBytes
TfHmacMd5Final
TfHmacMd5Init
TfHmacMd5Update
TfLzCompress
TfLzDecompress
TfMakeGfaHash
TfMd4
TfMd5Final
TfMd5Init
TfMd5Update
TfNrvCalculateMaxExpansion
TfNrvCompress
TfNrvDecompress
TfRandomAscii
TfRandomBase64
TfRandomByte
TfRandomByteFromAlphabet
TfRandomByteFromRange
TfRandomInt
TfRandomizeBuffer
TfRc4Encrypt
TfRc4Init
TfReadFileIntoBuffer
TfRollingXorDecode
TfRollingXorEncode
TfSeedRandom
TfStrICmp
TfStrcasecmp
TfStrncasecmp
TfUuDecode
TfUuEncode
TfWriteBufferIntoFile
TfXorBuffer
TfXorw2Encoder
TfXorwEncoder

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
trfo.dll
.dll windows:4 windows x86 arch:x86

59fe168152c123880010c5a1b5bcb148

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

htonl

msvcr71

fread
ftell
fclose
fseek
fopen
fwrite
fgets
_iob
floor
rand
sscanf
time
_ftime
sprintf
malloc
__security_error_handler
_except_handler3
_initterm
_adjust_fdiv
__CppXcptFilter
__dllonexit
_onexit
srand
free
_CIpow
tolower
calloc
strcspn
strncmp

kernel32

DisableThreadLibraryCalls
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
GetSystemTimeAsFileTime

Exports

Exports

TfBase64Decode
TfBase64Encode
TfBuildPatternString
TfBuildPatternUnicodeString
TfBuildRandomString
TfBuildRandomUnicodeString
TfCrc32
TfDulEncoder
TfFillPattern
TfFillRandom
TfFillRandomUnicode
TfGetUserInput
TfHasBadBytes
TfHmacMd5Final
TfHmacMd5Init
TfHmacMd5Update
TfLzCompress
TfLzDecompress
TfMakeGfaHash
TfMd4
TfMd5Final
TfMd5Init
TfMd5Update
TfNrvCalculateMaxExpansion
TfNrvCompress
TfNrvDecompress
TfRandomAscii
TfRandomBase64
TfRandomByte
TfRandomByteFromAlphabet
TfRandomByteFromRange
TfRandomInt
TfRandomizeBuffer
TfRc4Encrypt
TfRc4Init
TfReadFileIntoBuffer
TfSeedRandom
TfStrICmp
TfStrcasecmp
TfStrncasecmp
TfUuDecode
TfUuEncode
TfWriteBufferIntoFile
TfXorBuffer
TfXorwEncoder

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tucl-1.dll
.dll windows:5 windows x86 arch:x86

b0f67a582b3891cfaf10698b6300d855

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

msvcrt

_iob
memmove
malloc
strlen
fflush
vfprintf
isprint
memcpy
sprintf
memset
fprintf
fclose
free
fopen
calloc
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
_errno
perror

Exports

Exports

DEBUG_TcLog
TcLog
TcLogBuffer
TcLogClose
TcLogOpen
TcLogSetMask

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tucl.dll
.dll windows:4 windows x86 arch:x86

374a65694dcbdf9256b8b76b3fae34f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr71

free
_errno
perror
fopen
calloc
__security_error_handler
fclose
_initterm
_adjust_fdiv
__CppXcptFilter
__dllonexit
_onexit
fprintf
sprintf
isprint
_iob
vfprintf
fflush
_except_handler3
malloc

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
DisableThreadLibraryCalls

Exports

Exports

TcLog
TcLogBuffer
TcLogClose
TcLogOpen
TcLogSetMask

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ucl.dll
.dll windows:5 windows x86 arch:x86

33ac1cb1711de5488c50eafd916d2ad2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
memmove
memcmp
memset
memcpy
free
malloc

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

Exports

Exports

__ucl_align_gap
__ucl_init2
__ucl_ptr_linear
_ucl_config_check
_ucl_cpuid_asm
_ucl_crc32_asm
_ucl_crc32_asm_small
_ucl_nrv2b_decompress_asm_8
_ucl_nrv2b_decompress_asm_fast_8
_ucl_nrv2b_decompress_asm_fast_le16
_ucl_nrv2b_decompress_asm_fast_le32
_ucl_nrv2b_decompress_asm_fast_safe_8
_ucl_nrv2b_decompress_asm_fast_safe_le16
_ucl_nrv2b_decompress_asm_fast_safe_le32
_ucl_nrv2b_decompress_asm_le16
_ucl_nrv2b_decompress_asm_le32
_ucl_nrv2b_decompress_asm_safe_8
_ucl_nrv2b_decompress_asm_safe_le16
_ucl_nrv2b_decompress_asm_safe_le32
_ucl_nrv2b_decompress_asm_small_8
_ucl_nrv2b_decompress_asm_small_le16
_ucl_nrv2b_decompress_asm_small_le32
_ucl_nrv2b_decompress_asm_small_safe_8
_ucl_nrv2b_decompress_asm_small_safe_le16
_ucl_nrv2b_decompress_asm_small_safe_le32
_ucl_nrv2d_decompress_asm_8
_ucl_nrv2d_decompress_asm_fast_8
_ucl_nrv2d_decompress_asm_fast_le16
_ucl_nrv2d_decompress_asm_fast_le32
_ucl_nrv2d_decompress_asm_fast_safe_8
_ucl_nrv2d_decompress_asm_fast_safe_le16
_ucl_nrv2d_decompress_asm_fast_safe_le32
_ucl_nrv2d_decompress_asm_le16
_ucl_nrv2d_decompress_asm_le32
_ucl_nrv2d_decompress_asm_safe_8
_ucl_nrv2d_decompress_asm_safe_le16
_ucl_nrv2d_decompress_asm_safe_le32
_ucl_nrv2d_decompress_asm_small_8
_ucl_nrv2d_decompress_asm_small_le16
_ucl_nrv2d_decompress_asm_small_le32
_ucl_nrv2d_decompress_asm_small_safe_8
_ucl_nrv2d_decompress_asm_small_safe_le16
_ucl_nrv2d_decompress_asm_small_safe_le32
_ucl_nrv2e_decompress_asm_8
_ucl_nrv2e_decompress_asm_fast_8
_ucl_nrv2e_decompress_asm_fast_le16
_ucl_nrv2e_decompress_asm_fast_le32
_ucl_nrv2e_decompress_asm_fast_safe_8
_ucl_nrv2e_decompress_asm_fast_safe_le16
_ucl_nrv2e_decompress_asm_fast_safe_le32
_ucl_nrv2e_decompress_asm_le16
_ucl_nrv2e_decompress_asm_le32
_ucl_nrv2e_decompress_asm_safe_8
_ucl_nrv2e_decompress_asm_safe_le16
_ucl_nrv2e_decompress_asm_safe_le32
_ucl_nrv2e_decompress_asm_small_8
_ucl_nrv2e_decompress_asm_small_le16
_ucl_nrv2e_decompress_asm_small_le32
_ucl_nrv2e_decompress_asm_small_safe_8
_ucl_nrv2e_decompress_asm_small_safe_le16
_ucl_nrv2e_decompress_asm_small_safe_le32
_ucl_rdtsc_add_asm
_ucl_rdtsc_asm
_ucl_version_date
_ucl_version_string
ucl_adler32
ucl_alloc
ucl_assert
ucl_copyright
ucl_crc32
ucl_free
ucl_get_crc32_table
ucl_get_malloc_hooks
ucl_malloc
ucl_memcmp
ucl_memcpy
ucl_memmove
ucl_memset
ucl_nrv2b_99_compress
ucl_nrv2b_decompress_8
ucl_nrv2b_decompress_le16
ucl_nrv2b_decompress_le32
ucl_nrv2b_decompress_safe_8
ucl_nrv2b_decompress_safe_le16
ucl_nrv2b_decompress_safe_le32
ucl_nrv2b_test_overlap_8
ucl_nrv2b_test_overlap_le16
ucl_nrv2b_test_overlap_le32
ucl_nrv2d_99_compress
ucl_nrv2d_decompress_8
ucl_nrv2d_decompress_le16
ucl_nrv2d_decompress_le32
ucl_nrv2d_decompress_safe_8
ucl_nrv2d_decompress_safe_le16
ucl_nrv2d_decompress_safe_le32
ucl_nrv2d_test_overlap_8
ucl_nrv2d_test_overlap_le16
ucl_nrv2d_test_overlap_le32
ucl_nrv2e_99_compress
ucl_nrv2e_decompress_8
ucl_nrv2e_decompress_le16
ucl_nrv2e_decompress_le32
ucl_nrv2e_decompress_safe_8
ucl_nrv2e_decompress_safe_le16
ucl_nrv2e_decompress_safe_le32
ucl_nrv2e_test_overlap_8
ucl_nrv2e_test_overlap_le16
ucl_nrv2e_test_overlap_le32
ucl_set_malloc_hooks
ucl_version
ucl_version_date
ucl_version_string

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
xdvl-0.dll
.dll .js windows:5 windows x86 arch:x86 polyglot

477c8eaf510bb0844ff2d9435002bda8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetTickCount
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

cnli-1

VirtualArray_createFunc
CNEVirtualArray_freeVAAndElements
CNEVirtualArray_removeAtIndex
CNEBlob_appendRandomData
CNEMem_cleanNClearNDestroyPointer
CNEMem_cleanNClear
CNEString_snprintf
byteSwapLong
CNE_compareMemoryFunc
CNEVirtualArray_getElementAt
CNEVirtualArray_getSize
CNEVirtualArray_push
CNEBlob_free
CNEBlob_append
CNEBlob_createFunc
CNE_allocateCleanMemoryFunc
CNEVirtualArray_freeVA

crli-0

CryptoLibV2_freeBuffer
CryptoLibV2_getRandom

msvcrt

pow
memset
srand
time
free
floor
malloc
rand
strlen
tolower
realloc
strcmp
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
memcpy

Exports

Exports

XDevEncodePNG_GenerateChunkType
XDevEncodePNG_InsertChunk
XDevEncode_ConcatBlobs
XDevEncode_DUL
XDevEncode_JSShift
XDevEncode_PayloadXORW
XDevEncode_TEADecrypt
XDevEncode_TEAEncrypt
XDevEncode_TEARandomKey
XDevEncode_UnconcatBlobs
XDevEncode_XOR
XDevEncode_XORW
XDevEncode_XTEADecrypt
XDevEncode_XTEAEncrypt
XDevEncode_XXTEADecrypt
XDevEncode_XXTEAEncrypt
XDevLib_blobAppendRandomData
XDevLib_blobXORMangler
XDevLib_blobXORManglerEx
XDevLib_generateRandomSequence
XDevLib_pseudoRand
XDevLib_pseudoRandEx
XDevLib_pseudoRandSeed
XDevLib_pseudoRandSeedEx
XDevLib_xorMask
XDevParam_addNewParamToList
XDevParam_callNextRoutingEntry
XDevParam_callNextRoutingEntryWithCallback
XDevParam_copyParamArray
XDevParam_createListFromBlob
XDevParam_createListFromBuffer
XDevParam_createNewParam
XDevParam_findNextParamInList
XDevParam_findPreviousParamInList
XDevParam_freeParamAndData
XDevParam_freeParamList
XDevParam_getNextParamDataInList
XDevParam_getPreviousParamDataInList
XDevParam_popNextParamDataFromList
XDevParam_popNextParamFromList
XDevParam_popRequestParam
XDevParam_popRequestParamList
XDevParam_popResponseParam
XDevParam_popResponseParamList
XDevParam_pushRequestParam
XDevParam_pushRequestParamAsList
XDevParam_pushRequestParamList
XDevParam_pushResponseParam
XDevParam_pushResponseParamAsList
XDevParam_pushResponseParamList
XDevParam_pushRoutingEntryToList
XDevParam_pushStatusRoutingEntryToList
XDevParam_sendNotificationEvent
XDevParam_storeListInBlob
XDevParam_stripRoutingEntriesFromList
XDevShellcode_append
XDevShellcode_freeShellcode
XDevShellcode_getShellcodeString
XDevShellcode_loadShellcode
XDevShellcode_setVar
badrand
toHex

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zibe.dll
.dll windows:5 windows x86 arch:x86

5168f45ae568a7d685ab2d696b88a528

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
Sleep
GetProcAddress
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
RtlUnwind
OutputDebugStringA
GetSystemTime
SystemTimeToFileTime
GetSystemDirectoryA
LoadLibraryA
FreeLibrary
GetSystemTimeAsFileTime

advapi32

CryptEncrypt
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptAcquireContextA
CryptImportKey
CryptGenRandom

ws2_32

select
connect
ioctlsocket
send
recv
inet_addr
WSAGetLastError
gethostbyname
inet_ntoa
htonl
getservbyname
gethostbyaddr
ntohs
getservbyport
WSASetLastError
WSAStartup
listen
bind
closesocket
setsockopt
htons
socket

msvcrt

free
memset
memcpy
_snprintf
atoi
memmove
memcmp
sprintf
strtoul
strlen
toupper
tolower
memchr
sscanf
strcmp
time
malloc
realloc
gmtime
_ftime
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
isleadbyte
_itoa
wctomb
__badioinfo
__pioinfo
_fileno
_lseeki64
_write
_isatty
strchr
_errno
calloc
_iob

Exports

Exports

CM_CreateContext
CM_GetContextManager
CM_ReleaseContextManager
CTX_FinishSession
CTX_GetRegData
CTX_GetRpcData
CTX_ReleaseContext
CTX_SetAuthenticationProvider
CTX_SetDAPUKey
CTX_SetDomainName
CTX_SetKDCLocation
CTX_SetPassword
CTX_SetPasswordHash
CTX_SetTargetName
CTX_SetUsername
CTX_StartSession
JOB_AddJob
JOB_AddJobNow
JOB_DeleteJob
JOB_EnumerateJobs
MEM_FreeBuffer
PROC_EnumProcesses
PROC_TerminateProcess
REG_ChangeCWK
REG_ChangeHive
REG_CreateKey
REG_DeleteKey
REG_DeleteValue
REG_DeleteValueProtect
REG_GetCWK
REG_GetSubKeys
REG_GetValue
REG_GetValueNames
REG_GetValues
REG_SetValue
REG_SetValueProtect
SAM_AddUser
SAM_DeleteUser
SAM_GetRemoteUserInfoByRID
SAM_GetRemoteUserList
SCM_EnumServices
SCM_QueryServiceConfig
SCM_QueryServiceStatus
SCM_StartService
SCM_StopService
SMB_AddShare
SMB_ChangeDirectory
SMB_CreateDirectory
SMB_DeleteFile
SMB_DeleteShare
SMB_DirList
SMB_EnumerateShares
SMB_GetDirectory
SMB_GetFile
SMB_GetFileDetails
SMB_GetNativeVersionStrings
SMB_PutFile
SMB_RemoveDirectory
SMB_UseShare
TUN_AddTunnel
TUN_DeleteTunnel
TUN_EnumRemoteTunnels
UTIL_FileTimeToString

Sections

.text
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zlib1.dll
.dll windows:5 windows x86 arch:x86

78d12b81ee403179e41a0e557321f4fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
_read
_write
_vsnprintf
memchr
_errno
strerror
sprintf
free
strlen
malloc
strcpy
strcat
memset
memcpy
_lseek
_open
_close

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime

Exports

Exports

adler32
adler32_combine
compress
compress2
compressBound
crc32
crc32_combine
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePrime
deflateReset
deflateSetDictionary
deflateSetHeader
deflateTune
get_crc_table
gzbuffer
gzclearerr
gzclose
gzclose_r
gzclose_w
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgets
gzoffset
gzopen
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzsetparams
gztell
gzungetc
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCopy
inflateEnd
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
uncompress
zError
zlibCompileFlags
zlibVersion

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ef98d303937b8d317d5ce3aea3e144e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

trfo-2

trch-1

tucl-1

ws2_32

coli-0

tibe-2

cnli-1

xdvl-0

ssleay32

msvcrt

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 19KB - Virtual size: 20KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 2KB - Virtual size: 2KB

43ab0829235f0f3299a0baee637645e2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

trch-1

tucl-1

ws2_32

coli-0

msvcrt

Sections

.text Size: 94KB - Virtual size: 93KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 10KB - Virtual size: 11KB

.reloc Size: 4KB - Virtual size: 4KB

1c7426faaa158f59a13ac3b5eb32ea6f

Headers

DLL Characteristics

File Characteristics

Imports

trch-1

python26

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 71KB - Virtual size: 71KB

.rdata Size: 62KB - Virtual size: 61KB

.data Size: 7KB - Virtual size: 9KB

.reloc Size: 8KB - Virtual size: 7KB

8b7d25d38cf306a79459f3847affe0c7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

exma-1

tibe-2

trch-1

tucl-1

msvcrt

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

715742f34145e42b16e3c177441ea1bf

Headers

File Characteristics

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 19KB - Virtual size: 20KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 94KB - Virtual size: 93KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 10KB - Virtual size: 11KB

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 71KB - Virtual size: 71KB

.rdata
Size: 62KB - Virtual size: 61KB

.data
Size: 7KB - Virtual size: 9KB

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 40B

.reloc
Size: 512B - Virtual size: 380B

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 1024B - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB