S:\LibRelease\AMDContainer.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
387b9eb1be6a3f07b4867b5e0e6dc07d370d9625526d4b3036406beae7672c30_NeikiAnalytics.dll
Resource
win7-20240220-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
387b9eb1be6a3f07b4867b5e0e6dc07d370d9625526d4b3036406beae7672c30_NeikiAnalytics.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
387b9eb1be6a3f07b4867b5e0e6dc07d370d9625526d4b3036406beae7672c30_NeikiAnalytics.exe
-
Size
188KB
-
MD5
1c61a15f6c9defa0195afd1db6e5ce40
-
SHA1
28c08193b1d216c3b7954e305f88130bb5bcb561
-
SHA256
387b9eb1be6a3f07b4867b5e0e6dc07d370d9625526d4b3036406beae7672c30
-
SHA512
52d0389a5f0ee9e477c69a833216c3a272344966a4e26ea87419a12989a54b2ce92ba522cc401ba24b76759e39e390a9388af064c4693e3bd1c63a4a0e9e307f
-
SSDEEP
3072:3GvnIQfNodcSRCfwz6stPR67ZgGzU4fVOgzD98ZyhlSz:2vQcMPRNGzU4fVOg15k
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 387b9eb1be6a3f07b4867b5e0e6dc07d370d9625526d4b3036406beae7672c30_NeikiAnalytics.exe
Files
-
387b9eb1be6a3f07b4867b5e0e6dc07d370d9625526d4b3036406beae7672c30_NeikiAnalytics.exe.dll regsvr32 windows:4 windows x86 arch:x86
244d2884df962a8317a8131ed0380a78
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
channelinfoprovider
?GetMostRecent@CATMChannelInfoProvider@@UAGJPA_WPAFPAJPAPA_W@Z
??1CATMChannelInfoProvider@@UAE@XZ
??0CATMChannelInfoProvider@@QAE@XZ
tmdomains
?Restore@CQualityInfoProvider@@UAEXXZ
?Freeze@CQualityInfoProvider@@UAEXXZ
?Finished@CQualityInfoProvider@@UAEXXZ
?Populate@CQualityInfoProvider@@UAEXPAUIAbstractData@@J@Z
?GetConversionVector@CQualityInfoProvider@@UAEJAAPAJJ_N@Z
?Clone@CQualityInfoProvider@@UAEPAVCCustomSortHelper@@XZ
?GetAdditionalStream@CPreemptionInfoProvider@@UAE_NPAPAEAAI@Z
?GetStructureSize@CPreemptionInfoProvider@@UAEJXZ
?GetNextItem@CPreemptionInfoProvider@@UAE_NPAPAEAAI@Z
?GetFirstItem@CPreemptionInfoProvider@@UAE_NPAPAEAAI@Z
?AddItem@CPreemptionInfoProvider@@UAEXPAEI@Z
?Load@CPreemptionInfoProvider@@UAEJPAUIStorage@@PBD@Z
?Save@CPreemptionInfoProvider@@UAEJPAUIStorage@@PBD@Z
?GetUtilityInterface@CPreemptionInfoProvider@@UAEPAXXZ
?Clean@CPreemptionInfoProvider@@UAEXXZ
?Compare@CPreemptionInfoProvider@@UAEFJJ@Z
?GetValueAsString@CPreemptionInfoProvider@@UAEPBDJ@Z
?FindItem@CPreemptionInfoProvider@@UAEJPBUIAbstractData@@@Z
?GetValue@CQualityInfoProvider@@UAEPBUIAbstractData@@J@Z
?Restore@CPreemptionInfoProvider@@UAEXXZ
?Compare@CQualityInfoProvider@@UAEFJJ@Z
?Clean@CQualityInfoProvider@@UAEXXZ
?GetUtilityInterface@CQualityInfoProvider@@UAEPAXXZ
?Save@CQualityInfoProvider@@UAEJPAUIStorage@@PBD@Z
?Load@CQualityInfoProvider@@UAEJPAUIStorage@@PBD@Z
?AddItem@CQualityInfoProvider@@UAEXPAEI@Z
?GetFirstItem@CQualityInfoProvider@@UAE_NPAPAEAAI@Z
?GetNextItem@CQualityInfoProvider@@UAE_NPAPAEAAI@Z
?GetStructureSize@CQualityInfoProvider@@UAEJXZ
?GetAdditionalStream@CQualityInfoProvider@@UAE_NPAPAEAAI@Z
??1CDescriptionSortHelper@@UAE@XZ
??1CTimesSortHelper@@UAE@XZ
??1CCableTrackageSortHelper@@UAE@XZ
??1CTrendInfoDecoder@@UAE@XZ
??1CCoordSeriesSortHelper@@UAE@XZ
??1CPreemptionInfoProvider@@UAE@XZ
??1CQualityInfoProvider@@UAE@XZ
?FindItem@CQualityInfoProvider@@UAEJPBUIAbstractData@@@Z
?GetValue@CPreemptionInfoProvider@@UAEPBUIAbstractData@@J@Z
?GetValueAsString@CQualityInfoProvider@@UAEPBDJ@Z
??0CQualityInfoProvider@@QAE@XZ
??0CPreemptionInfoProvider@@QAE@XZ
??0CCoordSeriesSortHelper@@QAE@XZ
??0CCableTrackageSortHelper@@QAE@XZ
??0CTrendInfoDecoder@@QAE@XZ
??0CTimesSortHelper@@QAE@XZ
??0CDescriptionSortHelper@@QAE@XZ
?ResetFlushCode@CCustomSortHelper@@UAEXXZ
?SetFlushCode@CCustomSortHelper@@UAEXJJ@Z
?GetFlushCode@CCustomSortHelper@@UAEJJ@Z
?Clone@CDescriptionSortHelper@@UAEPAVCCustomSortHelper@@XZ
?GetConversionVector@CDescriptionSortHelper@@UAEJAAPAJJ_N@Z
?Populate@CDescriptionSortHelper@@UAEXPAUIAbstractData@@J@Z
?Finished@CDescriptionSortHelper@@UAEXXZ
?Freeze@CDescriptionSortHelper@@UAEXXZ
?Restore@CDescriptionSortHelper@@UAEXXZ
?GetValue@CDescriptionSortHelper@@UAEPBUIAbstractData@@J@Z
?FindItem@CDescriptionSortHelper@@UAEJPBUIAbstractData@@@Z
?GetValueAsString@CDescriptionSortHelper@@UAEPBDJ@Z
?Compare@CDescriptionSortHelper@@UAEFJJ@Z
?Clean@CDescriptionSortHelper@@UAEXXZ
?GetUtilityInterface@CCustomSortHelper@@UAEPAXXZ
?GetItem@CCustomSortHelper@@UAEJPAUIAbstractData@@@Z
?Save@CDescriptionSortHelper@@UAEJPAUIStorage@@PBD@Z
?Load@CDescriptionSortHelper@@UAEJPAUIStorage@@PBD@Z
?PopulateItem@CDescriptionSortHelper@@UAEJPAUIAbstractData@@@Z
?SetSaveCheckInterface@CCustomSortHelper@@UAEJPAVIAQueryToReportBridge@@@Z
?AddChannel@CDescriptionSortHelper@@UAEXJJ@Z
?GetChannels@CDescriptionSortHelper@@UAEXJAAV?$set@JU?$less@J@stlp_std@@V?$allocator@J@2@@stlp_std@@@Z
?Clone@CTimesSortHelper@@UAEPAVCCustomSortHelper@@XZ
?GetConversionVector@CTimesSortHelper@@UAEJAAPAJJ_N@Z
?Populate@CTimesSortHelper@@UAEXPAUIAbstractData@@J@Z
?Finished@CTimesSortHelper@@UAEXXZ
?Freeze@CTimesSortHelper@@UAEXXZ
?Restore@CTimesSortHelper@@UAEXXZ
?GetValue@CTimesSortHelper@@UAEPBUIAbstractData@@J@Z
?FindItem@CTimesSortHelper@@UAEJPBUIAbstractData@@@Z
?GetValueAsString@CTimesSortHelper@@UAEPBDJ@Z
?Compare@CTimesSortHelper@@UAEFJJ@Z
?Clean@CTimesSortHelper@@UAEXXZ
?Save@CTimesSortHelper@@UAEJPAUIStorage@@PBD@Z
?Load@CTimesSortHelper@@UAEJPAUIStorage@@PBD@Z
?PopulateItem@CTimesSortHelper@@UAEJPAUIAbstractData@@@Z
?Freeze@CPreemptionInfoProvider@@UAEXXZ
?Finished@CPreemptionInfoProvider@@UAEXXZ
?Populate@CPreemptionInfoProvider@@UAEXPAUIAbstractData@@J@Z
?GetConversionVector@CPreemptionInfoProvider@@UAEJAAPAJJ_N@Z
?Clone@CPreemptionInfoProvider@@UAEPAVCCustomSortHelper@@XZ
?PopulateItem@CCustomSortHelper@@UAEJPAUIAbstractData@@@Z
?Load@CCoordSeriesSortHelper@@UAEJPAUIStorage@@PBD@Z
?Save@CCoordSeriesSortHelper@@UAEJPAUIStorage@@PBD@Z
?Clean@CCoordSeriesSortHelper@@UAEXXZ
?Compare@CCoordSeriesSortHelper@@UAEFJJ@Z
?GetValueAsString@CCoordSeriesSortHelper@@UAEPBDJ@Z
?FindItem@CCoordSeriesSortHelper@@UAEJPBUIAbstractData@@@Z
?GetValue@CCoordSeriesSortHelper@@UAEPBUIAbstractData@@J@Z
?Restore@CCoordSeriesSortHelper@@UAEXXZ
?Freeze@CCoordSeriesSortHelper@@UAEXXZ
?Finished@CCoordSeriesSortHelper@@UAEXXZ
?Populate@CCoordSeriesSortHelper@@UAEXPAUIAbstractData@@J@Z
?GetConversionVector@CCoordSeriesSortHelper@@UAEJAAPAJJ_N@Z
?Clone@CCoordSeriesSortHelper@@UAEPAVCCustomSortHelper@@XZ
?PopulateItem@CCableTrackageSortHelper@@UAEJPAUIAbstractData@@@Z
?Load@CCableTrackageSortHelper@@UAEJPAUIStorage@@PBD@Z
?Save@CCableTrackageSortHelper@@UAEJPAUIStorage@@PBD@Z
?Clean@CCableTrackageSortHelper@@UAEXXZ
?Compare@CCableTrackageSortHelper@@UAEFJJ@Z
?GetValueAsString@CCableTrackageSortHelper@@UAEPBDJ@Z
?FindItem@CCableTrackageSortHelper@@UAEJPBUIAbstractData@@@Z
?GetValue@CCableTrackageSortHelper@@UAEPBUIAbstractData@@J@Z
?Restore@CCableTrackageSortHelper@@UAEXXZ
?Freeze@CCableTrackageSortHelper@@UAEXXZ
?Finished@CCableTrackageSortHelper@@UAEXXZ
?Populate@CCableTrackageSortHelper@@UAEXPAUIAbstractData@@J@Z
?GetConversionVector@CCableTrackageSortHelper@@UAEJAAPAJJ_N@Z
?Clone@CCableTrackageSortHelper@@UAEPAVCCustomSortHelper@@XZ
?PopulateItem@CTrendInfoDecoder@@UAEJPAUIAbstractData@@@Z
?Load@CTrendInfoDecoder@@UAEJPAUIStorage@@PBD@Z
?Save@CTrendInfoDecoder@@UAEJPAUIStorage@@PBD@Z
?GetUtilityInterface@CTrendInfoDecoder@@UAEPAXXZ
?Clean@CTrendInfoDecoder@@UAEXXZ
?Compare@CTrendInfoDecoder@@UAEFJJ@Z
?GetValueAsString@CTrendInfoDecoder@@UAEPBDJ@Z
?FindItem@CTrendInfoDecoder@@UAEJPBUIAbstractData@@@Z
?GetValue@CTrendInfoDecoder@@UAEPBUIAbstractData@@J@Z
?Restore@CTrendInfoDecoder@@UAEXXZ
?Freeze@CTrendInfoDecoder@@UAEXXZ
?Finished@CTrendInfoDecoder@@UAEXXZ
?Populate@CTrendInfoDecoder@@UAEXPAUIAbstractData@@J@Z
?GetConversionVector@CTrendInfoDecoder@@UAEJAAPAJJ_N@Z
?Clone@CTrendInfoDecoder@@UAEPAVCCustomSortHelper@@XZ
?GetChannels@CCustomSortHelper@@UAEXJAAV?$set@JU?$less@J@stlp_std@@V?$allocator@J@2@@stlp_std@@@Z
?AddChannel@CCustomSortHelper@@UAEXJJ@Z
recdb
??1CRecDBReaderFactory@@QAE@XZ
??0CRecDBReaderFactory@@QAE@H@Z
stlport.5.0
??1?$_Osentry@DV?$char_traits@D@stlp_std@@@stlp_std@@QAE@XZ
?setstate@?$basic_ios@DV?$char_traits@D@stlp_std@@@stlp_std@@QAEXH@Z
?sputn@?$basic_streambuf@DV?$char_traits@D@stlp_std@@@stlp_std@@QAE_JPBD_J@Z
?_M_put_nowiden@?$basic_ostream@DV?$char_traits@D@stlp_std@@@stlp_std@@QAEXPBD@Z
?setf@ios_base@stlp_std@@QAEHHH@Z
?_M_decrement@?$_Rb_global@_N@stlp_std@@SAPAU_Rb_tree_node_base@2@PAU32@@Z
?length@?$char_traits@D@stlp_std@@SAIPBD@Z
?sputc@?$basic_streambuf@DV?$char_traits@D@stlp_std@@@stlp_std@@QAEHD@Z
?erase@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAEPADPAD@Z
?compare@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBEHPBD@Z
?append@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAEAAV12@PBD@Z
?rfind@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBEIPBDI@Z
?empty@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBE_NXZ
?c_str@?$basic_string@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@QBEPB_WXZ
??A?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAEAADI@Z
??A?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBEABDI@Z
?substr@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBE?AV12@II@Z
??Y?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAEAAV01@PBD@Z
?find_first_not_of@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBEIPBDI@Z
?erase@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAEAAV12@II@Z
??0?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAE@PBDABV?$allocator@D@1@@Z
?get_allocator@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBE?AV?$allocator@D@2@XZ
?width@ios_base@stlp_std@@QAE_J_J@Z
?flags@ios_base@stlp_std@@QBEHXZ
??0?$_Osentry@DV?$char_traits@D@stlp_std@@@stlp_std@@QAE@AAV?$basic_ostream@DV?$char_traits@D@stlp_std@@@1@@Z
??6?$basic_ostream@DV?$char_traits@D@stlp_std@@@stlp_std@@QAEAAV01@J@Z
??6?$basic_ostream@DV?$char_traits@D@stlp_std@@@stlp_std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??_D?$basic_ostringstream@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAEXXZ
?str@?$basic_ostringstream@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBE?AV?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@2@XZ
??6?$basic_ostream@DV?$char_traits@D@stlp_std@@@stlp_std@@QAEAAV01@H@Z
??0?$basic_ostringstream@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAE@H@Z
??Y?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAEAAV01@ABV01@@Z
?find_last_of@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBEIPBDI@Z
?_Rebalance@?$_Rb_global@_N@stlp_std@@SAXPAU_Rb_tree_node_base@2@AAPAU32@@Z
?assign@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAEAAV12@ID@Z
??Y?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAEAAV01@D@Z
?at@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAEAADI@Z
?erase@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAEPADPAD0@Z
??0?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAE@ABV01@@Z
?size@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBEIXZ
?data@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBEPBDXZ
?compare@?$char_traits@D@stlp_std@@SAHPBD0I@Z
?end@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBEPBDXZ
?begin@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBEPBDXZ
?_M_compare@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@SAHPBD000@Z
?deallocate@?$__node_alloc@$00$0A@@stlp_std@@SAXPAXI@Z
??4?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAEAAV01@ABV01@@Z
??0?$allocator@D@stlp_std@@QAE@XZ
??0?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAE@ABV?$allocator@D@1@@Z
??1?$allocator@D@stlp_std@@QAE@XZ
??0?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAE@U_String_reserve_t@1@IABV?$allocator@D@1@@Z
?append@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAEAAV12@ABV12@@Z
??1?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAE@XZ
?c_str@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBEPBDXZ
??4?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAEAAV01@PBD@Z
?resize@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAEXI@Z
?begin@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAEPADXZ
?length@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBEIXZ
??0?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAE@V?$__move_source@V?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@@1@@Z
?allocate@?$__node_alloc@$00$0A@@stlp_std@@SAPAXI@Z
mfc80
ord1209
ord1177
ord1175
ord1201
ord1120
ord1167
ord371
ord1098
ord1208
ord1206
ord1092
ord1037
ord1084
ord315
ord765
ord372
ord581
ord265
ord1917
ord1049
ord2248
ord3830
ord757
ord4038
ord4014
ord6278
ord3801
ord6276
ord4326
ord2063
ord2018
ord5583
ord3806
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord2931
ord5224
ord5226
ord3948
ord4568
ord5230
ord5213
ord5566
ord2537
ord2731
ord2835
ord4307
ord2714
ord2838
ord2540
ord2646
ord2533
ord3718
ord3719
ord3709
ord2644
ord3949
ord4481
ord4261
ord3333
ord566
ord3683
ord1191
ord1185
ord1187
ord314
ord6754
ord762
ord266
ord764
msvcr80
fopen
__CxxFrameHandler3
_stricmp
memcmp
malloc
free
_ltoa
memmove_s
wcscpy_s
calloc
_recalloc
_resetstkoflw
wcslen
_purecall
memmove
??0exception@std@@QAE@ABQBDH@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_except_handler4_common
?terminate@@YAXXZ
sprintf
memcpy
fgets
fclose
??0exception@std@@QAE@XZ
_makepath_s
isspace
strtol
isdigit
wcstombs
strncmp
_strlwr
strcat
strncpy
strcpy
atol
strlen
strstr
strchr
_access_s
_vsnprintf_s
sprintf_s
strcpy_s
memcpy_s
_splitpath_s
atoi
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
memset
kernel32
lstrcmpiW
lstrlenA
GetEnvironmentVariableA
CompareStringW
CompareStringA
InterlockedIncrement
lstrlenW
GetVersion
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
InterlockedDecrement
GetACP
GetThreadLocale
lstrcmpiA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
LocalAlloc
GetPrivateProfileIntA
FindNextFileA
CreateFileA
GetFileTime
GetVersionExA
LoadLibraryA
GetProcAddress
GetProcessHeap
HeapFree
HeapAlloc
OpenProcess
CloseHandle
FreeLibrary
FindFirstFileA
FindFirstFileW
FindClose
GetLocaleInfoA
FormatMessageA
LocalFree
RaiseException
GetWindowsDirectoryA
GetPrivateProfileStringA
GetModuleFileNameA
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
DeleteCriticalSection
user32
UnregisterClassA
CharUpperW
CharUpperA
CharLowerW
CharLowerA
LoadStringA
advapi32
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
ole32
CoUninitialize
CoInitialize
StringFromCLSID
StgOpenStorage
StgCreateDocfile
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
oleaut32
SysFreeString
SysAllocString
SysStringLen
LoadRegTypeLi
LoadTypeLi
SysAllocStringLen
SysAllocStringByteLen
SafeArrayLock
SafeArrayUnlock
GetErrorInfo
VariantClear
VariantChangeType
VariantInit
SetErrorInfo
CreateErrorInfo
atl80
ord15
ord31
ord30
ord18
ord22
ord64
ord58
ord32
ord49
ord23
ord61
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 88KB - Virtual size: 87KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 64KB - Virtual size: 62KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 12KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ