1732a9dbaea2266a368bbc0f85a1553d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1732a9dbaea2266a368bbc0f85a1553d_JaffaCakes118
Size

8.7MB
MD5

1732a9dbaea2266a368bbc0f85a1553d
SHA1

1e7ee83449a05f1dc395b1006a97b1ff39261e4b
SHA256

5ed97453be92c324567e6d0baf4bc7d001b5925e71ad957e495463893ed1af1d
SHA512

ff7e97666406c90df33afce24334427561e3d514d5bba2b9ac4ac2dac15c051fd3b9214f74f7de994310ff8cf98861c65deea007c36bd8dc3ee1a7b011a6bab9
SSDEEP

196608:pw5j8wsOABpFucADqe/t5x/4g3jsVdfzA7E+F9yQW+0PgSaj4wgDlVhVd1oqi:pIjgn2DfxZQfUEeFTNSaj4r7d10

Score

3^/10

Malware Config

Signatures

Unsigned PE 25 IoCs

Checks for missing Authenticode signature.

resource
unpack001/karaokeplayersetup.exe
unpack002/$PLUGINSDIR/BrandingURL.dll
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/LangDLL.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/ToolTips.dll
unpack002/$SYSDIR/AlphaDIB.dll
unpack002/AlphaDIB.dll
unpack002/Effect.ocx
unpack002/Karaoke Player.exe
unpack002/MSVBVM60.DLL
unpack002/Mp3Enc.ocx
unpack002/Mp3Play.ocx
unpack002/Plugins/sanhex.exe
unpack002/VB6CHS.DLL
unpack002/asycfilt.dll
unpack002/comcat.dll
unpack002/dx7vb.dll
unpack002/msdxm.oca
unpack002/msdxm.ocx
unpack002/oleaut32.dll
unpack002/olepro32.dll
unpack002/stdole2.tlb
unpack002/uninst.exe
unpack003/$PLUGINSDIR/FindProcDLL.dll

Files

1732a9dbaea2266a368bbc0f85a1553d_JaffaCakes118
.rar
karaokeplayersetup.exe
.exe windows:4 windows x86 arch:x86

dd1742eadfc6df18ded3c26ae64ad610

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
CloseHandle
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
ExitProcess

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/BrandingURL.dll
.dll windows:4 windows x86 arch:x86

711c893e4d8189fd14b6563a4e35e663

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GlobalFree

user32

GetWindowRect
SetCapture
InvalidateRect
SendMessageA
GetCapture
ClientToScreen
GetDlgItem
RedrawWindow
EnableWindow
LoadImageA
SetPropA
GetWindowLongA
PtInRect
ReleaseCapture
SetCursor
GetPropA
CallWindowProcA
SetWindowLongA

gdi32

GetObjectA
SetTextColor
CreateFontIndirectA

shell32

ShellExecuteA

Exports

Exports

Set
Unload

Sections

.text
Size: 1024B - Virtual size: 994B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 871B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

946eb0a1e85c9ade4acaf634eb5a64f1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetACP
GlobalFree
lstrcpynA
lstrcmpA
lstrlenA
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc

user32

SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
LoadIconA
SendMessageA
ShowWindow
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ToolTips.dll
.dll windows:4 windows x86 arch:x86

04338c58e26f4ac6ae89608ac6276429

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
GlobalFree
HeapAlloc

user32

GetClientRect
SendMessageA
CreateWindowExA

comctl32

ord17

Exports

Exports

Author
Classic
Modern

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 409B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$SYSDIR/AlphaDIB.dll
.dll regsvr32 windows:4 windows x86 arch:x86

6b0f4a05975086caea71c4c6b4544455

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
__vbaVarSub
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaVarVargNofree
__vbaCyMul
__vbaAryMove
__vbaFreeVar
ord588
__vbaAptOffset
__vbaLenBstr
__vbaStrVarMove
__vbaPut3
__vbaFreeVarList
_adj_fdiv_m64
__vbaPut4
EVENT_SINK_Invoke
__vbaRaiseEvent
__vbaFreeObjList
ord516
_adj_fprem1
__vbaRecAnsiToUni
__vbaCopyBytes
__vbaStrCat
__vbaLsetFixstr
__vbaRecDestruct
__vbaSetSystemError
__vbaLenBstrB
__vbaHresultCheckObj
_adj_fdiv_m32
Zombie_GetTypeInfo
__vbaVarCmpGe
__vbaAryDestruct
__vbaLateMemSt
EVENT_SINK2_Release
__vbaForEachCollObj
ord593
__vbaExitProc
__vbaFileCloseAll
ord594
ord301
__vbaObjSet
__vbaOnError
ord595
_adj_fdiv_m16i
ord303
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaVarIndexLoad
ord598
ord305
__vbaStrFixstr
__vbaBoolVar
ord307
ord309
__vbaVarTstLt
__vbaRefVarAry
__vbaBoolVarNull
_CIsin
ord631
__vbaErase
ord525
__vbaLateMemStAd
__vbaNextEachCollObj
__vbaVargVarMove
ord632
__vbaChkstk
__vbaCyVar
__vbaFileClose
EVENT_SINK_AddRef
__vbaStrCmp
__vbaGet3
ord529
__vbaVarTstEq
__vbaGet4
__vbaAryConstruct2
__vbaCyI4
__vbaPutOwner4
ord561
__vbaObjVar
ord562
DllFunctionCall
ord563
__vbaVarOr
__vbaFpUI1
__vbaLbound
__vbaRedimPreserve
_adj_fpatan
__vbaR4Var
__vbaFixstrConstruct
__vbaLateIdCallLd
Zombie_GetTypeInfoCount
__vbaR8Cy
__vbaRedim
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
_CIsqrt
__vbaVarAnd
__vbaObjIs
ord311
EVENT_SINK_QueryInterface
__vbaStr2Vec
__vbaVarMul
__vbaStrUI1
__vbaExceptHandler
ord313
__vbaStrToUnicode
ord606
_adj_fprem
_adj_fdivr_m64
__vbaVarDiv
ord607
ord714
__vbaFailedFriend
ord608
__vbaFPException
__vbaInStrVar
ord717
ord319
__vbaUbound
__vbaStrVarVal
__vbaGetOwner4
__vbaVarCat
ord535
__vbaI2Var
ord537
__vbaStopExe
ord644
_CIlog
__vbaFileOpen
__vbaR8Str
ord648
ord570
__vbaInStr
__vbaVar2Vec
__vbaNew2
__vbaCyMulI2
_adj_fdiv_m32i
_adj_fdivr_m32i
ord573
__vbaStrCopy
EVENT_SINK2_AddRef
__vbaI4Str
ord681
__vbaVarNot
__vbaFreeStrList
_adj_fdivr_m32
__vbaPowerR8
_adj_fdiv_r
ord685
__vbaVarTstNe
ord101
ord102
__vbaI4Var
ord103
__vbaVarCmpEq
ord104
ord105
__vbaLateMemCall
__vbaAryLock
__vbaVarAdd
ord320
__vbaVarDup
__vbaStrToAnsi
ord321
ord616
__vbaFpI4
__vbaVarCopy
__vbaRecDestructAnsi
__vbaLateMemCallLd
ord617
_CIatan
__vbaUI1Str
__vbaCastObj
__vbaStrMove
__vbaI4Cy
__vbaStrVarCopy
__vbaR8IntI4
_allmul
__vbaLateIdSt
_CItan
__vbaAryUnlock
__vbaUI1Var
__vbaFPInt
_CIexp
__vbaRecAssign
__vbaI4ErrVar
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 368KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 332KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/COMDLG32.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

988f29c1eb8054253091352741683c76

Code Sign

03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

09-04-1996 00:00

Not After

07-01-2004 23:59

Subject

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

fc:a4:a5:9f:2c:0f:c0:b9:03:98:33:1b:7b:54:54:1d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

16-11-1999 00:00

Not After

06-01-2004 23:59

Subject

CN=VeriSign Time Stamping Service CA SW1,OU=VeriSign Trust Network+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

75:f2:8e:f8:a8:fb:ea:6d:11:52:97:14:95:4b:65:5c
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

04-04-2000 00:00

Not After

17-04-2001 23:59

Subject

CN=Microsoft Corporation,OU=VeriSign Commercial Software Publishers CA+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98+OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Microsoft Corporation,O=VeriSign\, Inc.,L=Internet+L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

HeapReAlloc
GetLastError
LockResource
GetWindowsDirectoryA
InterlockedDecrement
InterlockedIncrement
IsDBCSLeadByte
CompareStringA
CompareStringW
lstrcmpA
GetLocaleInfoA
GetVersion
GetModuleFileNameA
GetFileAttributesA
IsBadWritePtr
DisableThreadLibraryCalls
GlobalAlloc
lstrcmpiA
LoadLibraryA
GetProcAddress
lstrcatA
lstrlenA
lstrcpyA
WriteProfileStringA
GlobalLock
GlobalUnlock
LoadResource
FindResourceA
lstrcpynA
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
HeapAlloc
GetProfileStringA
EnterCriticalSection
GetProcessHeap
GetCurrentThreadId
MultiByteToWideChar
InitializeCriticalSection
GlobalFree

user32

SetWindowRgn
IntersectRect
EqualRect
PtInRect
IsDialogMessageA
IsChild
GetKeyState
CreateDialogIndirectParamA
MessageBeep
PostMessageA
ClientToScreen
wsprintfA
SendMessageTimeoutA
CharNextA
GetActiveWindow
GetWindowThreadProcessId
LoadCursorA
MessageBoxA
GetWindowLongA
GetWindowRect
CreateWindowExA
SetWindowLongA
ShowWindow
DialogBoxParamA
EnableWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
OffsetRect
GetParent
GetDlgItem
SendMessageA
SetFocus
SetParent
SetDlgItemInt
EndPaint
SetActiveWindow
IsWindowVisible
WinHelpA
GetDlgItemInt
EndDialog
GetDlgItemTextA
DestroyWindow
SetDlgItemTextA
GetWindowTextA
GetNextDlgTabItem
SendDlgItemMessageA
RegisterClassA
GetDC
ReleaseDC
LoadIconA
DrawIcon
DestroyIcon
GetSystemMetrics
RegisterWindowMessageA
LoadStringA
DefWindowProcA
UnregisterClassA
GetClientRect
BeginPaint
RegisterClipboardFormatA
SetWindowPos
MoveWindow

ole32

CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
ReleaseStgMedium

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

LoadRegTypeLi
OleCreatePropertyFrame
SetErrorInfo
UnRegisterTypeLi
LoadTypeLi
LoadTypeLibEx
OleLoadPicture
VariantChangeType
RegisterTypeLi
VariantInit
GetErrorInfo
VariantClear
SysStringLen
SysAllocStringLen
OleTranslateColor
SysFreeString
SysAllocString
CreateErrorInfo

comdlg32

CommDlgExtendedError
PrintDlgA
ChooseFontA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameA

gdi32

GetDIBits
CreateCompatibleDC
CreateBitmap
GetSystemPaletteEntries
StretchDIBits
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetMapMode
LPtoDP
SetViewportExtEx
GetViewportExtEx
CreateRectRgnIndirect
GetWindowExtEx
CreateDCA
GetObjectA
EnumFontFamiliesA
DeleteDC
DeleteObject
GetDeviceCaps
SelectObject

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AlphaDIB.dll
.dll regsvr32 windows:4 windows x86 arch:x86

6b0f4a05975086caea71c4c6b4544455

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
__vbaVarSub
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaVarVargNofree
__vbaCyMul
__vbaAryMove
__vbaFreeVar
ord588
__vbaAptOffset
__vbaLenBstr
__vbaStrVarMove
__vbaPut3
__vbaFreeVarList
_adj_fdiv_m64
__vbaPut4
EVENT_SINK_Invoke
__vbaRaiseEvent
__vbaFreeObjList
ord516
_adj_fprem1
__vbaRecAnsiToUni
__vbaCopyBytes
__vbaStrCat
__vbaLsetFixstr
__vbaRecDestruct
__vbaSetSystemError
__vbaLenBstrB
__vbaHresultCheckObj
_adj_fdiv_m32
Zombie_GetTypeInfo
__vbaVarCmpGe
__vbaAryDestruct
__vbaLateMemSt
EVENT_SINK2_Release
__vbaForEachCollObj
ord593
__vbaExitProc
__vbaFileCloseAll
ord594
ord301
__vbaObjSet
__vbaOnError
ord595
_adj_fdiv_m16i
ord303
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaVarIndexLoad
ord598
ord305
__vbaStrFixstr
__vbaBoolVar
ord307
ord309
__vbaVarTstLt
__vbaRefVarAry
__vbaBoolVarNull
_CIsin
ord631
__vbaErase
ord525
__vbaLateMemStAd
__vbaNextEachCollObj
__vbaVargVarMove
ord632
__vbaChkstk
__vbaCyVar
__vbaFileClose
EVENT_SINK_AddRef
__vbaStrCmp
__vbaGet3
ord529
__vbaVarTstEq
__vbaGet4
__vbaAryConstruct2
__vbaCyI4
__vbaPutOwner4
ord561
__vbaObjVar
ord562
DllFunctionCall
ord563
__vbaVarOr
__vbaFpUI1
__vbaLbound
__vbaRedimPreserve
_adj_fpatan
__vbaR4Var
__vbaFixstrConstruct
__vbaLateIdCallLd
Zombie_GetTypeInfoCount
__vbaR8Cy
__vbaRedim
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
_CIsqrt
__vbaVarAnd
__vbaObjIs
ord311
EVENT_SINK_QueryInterface
__vbaStr2Vec
__vbaVarMul
__vbaStrUI1
__vbaExceptHandler
ord313
__vbaStrToUnicode
ord606
_adj_fprem
_adj_fdivr_m64
__vbaVarDiv
ord607
ord714
__vbaFailedFriend
ord608
__vbaFPException
__vbaInStrVar
ord717
ord319
__vbaUbound
__vbaStrVarVal
__vbaGetOwner4
__vbaVarCat
ord535
__vbaI2Var
ord537
__vbaStopExe
ord644
_CIlog
__vbaFileOpen
__vbaR8Str
ord648
ord570
__vbaInStr
__vbaVar2Vec
__vbaNew2
__vbaCyMulI2
_adj_fdiv_m32i
_adj_fdivr_m32i
ord573
__vbaStrCopy
EVENT_SINK2_AddRef
__vbaI4Str
ord681
__vbaVarNot
__vbaFreeStrList
_adj_fdivr_m32
__vbaPowerR8
_adj_fdiv_r
ord685
__vbaVarTstNe
ord101
ord102
__vbaI4Var
ord103
__vbaVarCmpEq
ord104
ord105
__vbaLateMemCall
__vbaAryLock
__vbaVarAdd
ord320
__vbaVarDup
__vbaStrToAnsi
ord321
ord616
__vbaFpI4
__vbaVarCopy
__vbaRecDestructAnsi
__vbaLateMemCallLd
ord617
_CIatan
__vbaUI1Str
__vbaCastObj
__vbaStrMove
__vbaI4Cy
__vbaStrVarCopy
__vbaR8IntI4
_allmul
__vbaLateIdSt
_CItan
__vbaAryUnlock
__vbaUI1Var
__vbaFPInt
_CIexp
__vbaRecAssign
__vbaI4ErrVar
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 368KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 332KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
COMDLG32.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

988f29c1eb8054253091352741683c76

Code Sign

03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

09-04-1996 00:00

Not After

07-01-2004 23:59

Subject

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

fc:a4:a5:9f:2c:0f:c0:b9:03:98:33:1b:7b:54:54:1d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

16-11-1999 00:00

Not After

06-01-2004 23:59

Subject

CN=VeriSign Time Stamping Service CA SW1,OU=VeriSign Trust Network+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

75:f2:8e:f8:a8:fb:ea:6d:11:52:97:14:95:4b:65:5c
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

04-04-2000 00:00

Not After

17-04-2001 23:59

Subject

CN=Microsoft Corporation,OU=VeriSign Commercial Software Publishers CA+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98+OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Microsoft Corporation,O=VeriSign\, Inc.,L=Internet+L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

HeapReAlloc
GetLastError
LockResource
GetWindowsDirectoryA
InterlockedDecrement
InterlockedIncrement
IsDBCSLeadByte
CompareStringA
CompareStringW
lstrcmpA
GetLocaleInfoA
GetVersion
GetModuleFileNameA
GetFileAttributesA
IsBadWritePtr
DisableThreadLibraryCalls
GlobalAlloc
lstrcmpiA
LoadLibraryA
GetProcAddress
lstrcatA
lstrlenA
lstrcpyA
WriteProfileStringA
GlobalLock
GlobalUnlock
LoadResource
FindResourceA
lstrcpynA
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
HeapAlloc
GetProfileStringA
EnterCriticalSection
GetProcessHeap
GetCurrentThreadId
MultiByteToWideChar
InitializeCriticalSection
GlobalFree

user32

SetWindowRgn
IntersectRect
EqualRect
PtInRect
IsDialogMessageA
IsChild
GetKeyState
CreateDialogIndirectParamA
MessageBeep
PostMessageA
ClientToScreen
wsprintfA
SendMessageTimeoutA
CharNextA
GetActiveWindow
GetWindowThreadProcessId
LoadCursorA
MessageBoxA
GetWindowLongA
GetWindowRect
CreateWindowExA
SetWindowLongA
ShowWindow
DialogBoxParamA
EnableWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
OffsetRect
GetParent
GetDlgItem
SendMessageA
SetFocus
SetParent
SetDlgItemInt
EndPaint
SetActiveWindow
IsWindowVisible
WinHelpA
GetDlgItemInt
EndDialog
GetDlgItemTextA
DestroyWindow
SetDlgItemTextA
GetWindowTextA
GetNextDlgTabItem
SendDlgItemMessageA
RegisterClassA
GetDC
ReleaseDC
LoadIconA
DrawIcon
DestroyIcon
GetSystemMetrics
RegisterWindowMessageA
LoadStringA
DefWindowProcA
UnregisterClassA
GetClientRect
BeginPaint
RegisterClipboardFormatA
SetWindowPos
MoveWindow

ole32

CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
ReleaseStgMedium

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

LoadRegTypeLi
OleCreatePropertyFrame
SetErrorInfo
UnRegisterTypeLi
LoadTypeLi
LoadTypeLibEx
OleLoadPicture
VariantChangeType
RegisterTypeLi
VariantInit
GetErrorInfo
VariantClear
SysStringLen
SysAllocStringLen
OleTranslateColor
SysFreeString
SysAllocString
CreateErrorInfo

comdlg32

CommDlgExtendedError
PrintDlgA
ChooseFontA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameA

gdi32

GetDIBits
CreateCompatibleDC
CreateBitmap
GetSystemPaletteEntries
StretchDIBits
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetMapMode
LPtoDP
SetViewportExtEx
GetViewportExtEx
CreateRectRgnIndirect
GetWindowExtEx
CreateDCA
GetObjectA
EnumFontFamiliesA
DeleteDC
DeleteObject
GetDeviceCaps
SelectObject

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Effect.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

05cf1f3294a9c1fd7a473dace83fd620

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

waveOutGetDevCapsA
waveInGetNumDevs
waveOutGetNumDevs
waveOutPause
waveOutOpen
waveOutRestart
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutClose
waveOutReset
waveOutSetVolume

kernel32

GetFileTime
RtlUnwind
GetFileSize
CreateThread
GetFileAttributesA
HeapAlloc
HeapFree
RaiseException
ExitProcess
TerminateProcess
FileTimeToLocalFileTime
HeapReAlloc
GetACP
GetCommandLineA
ExitThread
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GlobalSize
FileTimeToSystemTime
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
GetTimeZoneInformation
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
CopyFileA
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetShortPathNameA
FindFirstFileA
GetFullPathNameA
GetVolumeInformationA
FindClose
LockFile
SetEndOfFile
UnlockFile
GetStartupInfoA
FreeEnvironmentStringsA
FlushFileBuffers
GetModuleHandleA
GetProcAddress
lstrcatA
GlobalLock
lstrcpynA
GlobalUnlock
GlobalGetAtomNameA
GlobalAddAtomA
GetVersion
lstrcpyA
lstrlenA
GetProfileIntA
GetSystemTime
ResumeThread
Sleep
SetFilePointer
GetCurrentProcess
ReadFile
CreateFileA
DuplicateHandle
FormatMessageA
GetCPInfo
SizeofResource
GetOEMCP
GetProcessVersion
GetLastError
GlobalFlags
LocalReAlloc
SetErrorMode
TlsGetValue
GlobalReAlloc
TlsSetValue
EnterCriticalSection
GlobalHandle
LeaveCriticalSection
TlsFree
InitializeCriticalSection
DeleteCriticalSection
TlsAlloc
MulDiv
LocalFree
LocalAlloc
IsDBCSLeadByte
SetLastError
GetUserDefaultLCID
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
InterlockedIncrement
GlobalAlloc
CloseHandle
GetModuleFileNameA
WritePrivateProfileStringA
lstrcmpA
GetCurrentThread
InterlockedDecrement
FreeLibrary
GlobalFree
LoadLibraryA
LockResource
FindResourceA
LoadResource
GlobalFindAtomA
GetCurrentThreadId
lstrcmpiA
GlobalDeleteAtom
VirtualAlloc
UnhandledExceptionFilter
GetStringTypeW

user32

DrawTextA
SetRect
GetClassNameA
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
EnumChildWindows
LockWindowUpdate
IsZoomed
AppendMenuA
DeleteMenu
GetSystemMenu
KillTimer
WindowFromPoint
UnregisterClassA
GetSysColorBrush
LoadStringA
GetDialogBaseUnits
InsertMenuA
GetMenuStringA
DestroyIcon
CharUpperA
RemoveMenu
GetTabbedTextExtentA
InvertRect
GetDCEx
InflateRect
DrawEdge
SetParent
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
ShowOwnedPopups
PostQuitMessage
EndDialog
CreateDialogIndirectParamA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
MoveWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
DispatchMessageA
ScreenToClient
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
TabbedTextOutA
GrayStringA
IsChild
RegisterClassA
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
PtInRect
SetCapture
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetLastActivePopup
IsWindowVisible
IsIconic
GetFocus
EqualRect
CopyRect
GetDlgItem
GetKeyState
GetDlgCtrlID
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
LoadIconA
GetClassInfoA
LoadMenuA
DestroyMenu
SetFocus
ShowWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
GetActiveWindow
wsprintfA
GetParent
GetMenuItemID
AdjustWindowRectEx
RedrawWindow
SetWindowPos
GetClientRect
GetWindowLongA
SetWindowLongA
IsWindow
DefMDIChildProcA
DrawMenuBar
TranslateAcceleratorA
TranslateMDISysAccel
DefFrameProcA
CreateWindowExA
GetDC
ReleaseDC
GetTopWindow
MessageBoxA
RegisterClipboardFormatA
BringWindowToTop
GetMenu
GetMenuItemCount
GetSubMenu
SetTimer
LoadCursorA
UpdateWindow
InvalidateRect
PostMessageA
LoadBitmapA
FillRect
EnableWindow
GetScrollRange
GetScrollPos
SetScrollRange
SetScrollPos
SendMessageA
IsRectEmpty
CreateMenu
DestroyWindow
SetWindowsHookExA
UnhookWindowsHookEx

gdi32

CloseMetaFile
DeleteMetaFile
LPtoDP
GetDeviceCaps
DeleteDC
CreateBitmap
GetStockObject
SetTextColor
GetClipBox
GetObjectA
CreateCompatibleDC
SetBkColor
SetWindowExtEx
ExcludeClipRect
IntersectClipRect
SelectClipRgn
MoveToEx
SetTextAlign
GetCurrentPositionEx
SetWindowOrgEx
CreateRectRgn
DeleteObject
CreatePen
CreateSolidBrush
GetTextExtentPoint32A
CreatePatternBrush
StretchDIBits
CreateCompatibleBitmap
GetTextMetricsA
CreateFontA
CreateFontIndirectA
GetCharWidthA
CreateDCA
GetTextAlign
CopyMetaFileA
PatBlt
SetRectRgn
UnrealizeObject
CreateRectRgnIndirect
ScaleViewportExtEx
Rectangle
OffsetViewportOrgEx
SetViewportOrgEx
SetViewportExtEx
SetROP2
SetMapMode
SelectObject
SetBkMode
SaveDC
RestoreDC
ExtTextOutA
TextOutA
Escape
PtVisible
CombineRgn
RectVisible
CreateMetaFileA
ScaleWindowExtEx
BitBlt

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegEnumKeyA
RegQueryValueA
RegCreateKeyA
RegSetValueA
RegOpenKeyA
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyExA

shell32

ExtractIconA
DragQueryFileA
DragFinish

comctl32

ord17

ole32

StringFromCLSID
CoTaskMemFree
OleSaveToStream
ReleaseStgMedium
CoDisconnectObject
ReadFmtUserTypeStg
CreateOleAdviseHolder
CreateDataCache
StringFromGUID2
CoRevokeClassObject
CoRegisterClassObject
CoCreateInstance
OleDuplicateData
OleCreateMenuDescriptor
OleLoadFromStream
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
ReadClassStm
OleDestroyMenuDescriptor
CreateDataAdviseHolder
CoTaskMemAlloc

olepro32

ord250
ord253
ord251
ord252

oleaut32

VariantClear
SysAllocStringByteLen
SysAllocStringLen
VariantCopy
SysAllocString
VariantChangeType
LoadTypeLi
RegisterTypeLi
SysStringByteLen
SysFreeString
LoadRegTypeLi
SysStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Karaoke Player.exe
.exe windows:4 windows x86 arch:x86

87a5c64e016dbf84a0a21baa1f191af7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
ord582
__vbaVarSub
__vbaVarTstGt
__vbaStrI2
ord583
ord690
ord584
_CIcos
_adj_fptan
ord585
__vbaVarMove
__vbaStrI4
__vbaVarVargNofree
__vbaFreeVar
__vbaStrVarMove
__vbaLenBstr
__vbaLateIdCall
ord588
__vbaLineInputStr
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
EVENT_SINK_Invoke
__vbaRaiseEvent
__vbaFreeObjList
ord516
_adj_fprem1
ord518
__vbaRecAnsiToUni
ord519
__vbaI2Abs
__vbaResume
__vbaCopyBytes
__vbaStrCat
__vbaVarCmpNe
__vbaError
ord660
ord553
__vbaWriteFile
__vbaLsetFixstr
__vbaSetSystemError
__vbaRecDestruct
__vbaHresultCheckObj
ord662
__vbaNameFile
__vbaLenVar
_adj_fdiv_m32
Zombie_GetTypeInfo
__vbaAryDestruct
ord591
__vbaLateMemSt
__vbaExitProc
ord593
__vbaBoolStr
ord594
__vbaI4Abs
__vbaObjSet
ord595
__vbaOnError
ord596
_adj_fdiv_m16i
ord702
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaFpR4
__vbaStrFixstr
__vbaBoolVar
ord520
__vbaFPFix
__vbaBoolVarNull
__vbaFpR8
_CIsin
ord631
__vbaErase
ord709
__vbaVargVarMove
ord632
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
ord528
__vbaStrCmp
ord529
__vbaAryConstruct2
__vbaVarTstEq
__vbaGet4
__vbaObjVar
__vbaI2I4
ord561
__vbaPrintObj
DllFunctionCall
ord670
__vbaVarOr
__vbaFpUI1
__vbaCastObjVar
__vbaStrR4
__vbaRedimPreserve
_adj_fpatan
__vbaR4Var
ord567
__vbaFixstrConstruct
__vbaLateIdCallLd
Zombie_GetTypeInfoCount
__vbaRedim
__vbaStrR8
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
ord600
__vbaUI1I2
_CIsqrt
__vbaObjIs
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaUI1I4
__vbaVarMul
__vbaExceptHandler
ord712
__vbaPrintFile
__vbaStrToUnicode
__vbaInputFile
ord606
ord713
__vbaDateStr
_adj_fprem
_adj_fdivr_m64
__vbaVarDiv
ord607
__vbaR8ErrVar
ord608
ord716
ord531
__vbaFPException
__vbaInStrVar
ord717
ord319
__vbaUbound
__vbaStrVarVal
__vbaVarCat
__vbaDateVar
__vbaI2Var
ord537
ord644
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaNew2
__vbaInStr
ord570
__vbaR8Str
ord571
_adj_fdiv_m32i
ord572
_adj_fdivr_m32i
__vbaStrCopy
ord573
__vbaI4Str
ord681
__vbaFreeStrList
ord576
_adj_fdivr_m32
__vbaPowerR8
ord577
__vbaR8Var
_adj_fdiv_r
ord578
ord685
ord100
__vbaVarTstNe
__vbaVarSetVar
__vbaI4Var
__vbaVarCmpEq
ord689
ord610
__vbaAryLock
__vbaVarAdd
ord320
__vbaVarDup
__vbaStrToAnsi
ord321
ord614
__vbaFpI2
ord616
__vbaVarLateMemCallLd
__vbaFpI4
__vbaVarCopy
__vbaLateMemCallLd
ord617
__vbaRecDestructAnsi
_CIatan
__vbaCastObj
__vbaStrMove
ord619
__vbaR8IntI4
__vbaStrVarCopy
ord542
ord650
ord543
_allmul
__vbaLateIdSt
ord544
ord545
_CItan
ord546
__vbaAryUnlock
ord547
__vbaFPInt
_CIexp
__vbaFreeObj
__vbaFreeStr
__vbaRecAssign
ord581

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MSCOMCTL.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

50ccb1d881ea89a41a10cced45c79649

Code Sign

03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

09-04-1996 00:00

Not After

07-01-2004 23:59

Subject

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

fc:a4:a5:9f:2c:0f:c0:b9:03:98:33:1b:7b:54:54:1d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

16-11-1999 00:00

Not After

06-01-2004 23:59

Subject

CN=VeriSign Time Stamping Service CA SW1,OU=VeriSign Trust Network+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

75:f2:8e:f8:a8:fb:ea:6d:11:52:97:14:95:4b:65:5c
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

04-04-2000 00:00

Not After

17-04-2001 23:59

Subject

CN=Microsoft Corporation,OU=VeriSign Commercial Software Publishers CA+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98+OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Microsoft Corporation,O=VeriSign\, Inc.,L=Internet+L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
LocalReAlloc
GetProfileIntA
RtlMoveMemory
LocalSize
FreeResource
GetCurrentProcessId
MulDiv
GetTickCount
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
GlobalReAlloc
IsBadReadPtr
Sleep
WaitForSingleObject
GlobalHandle
GetThreadLocale
LocalFree
LocalAlloc
GlobalAddAtomA
SetFilePointer
SetStdHandle
FlushFileBuffers
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentProcess
TerminateProcess
ExitProcess
RtlUnwind
GetCommandLineA
CompareStringW
GlobalSize
CreateFileA
GetFileSize
GlobalUnlock
GlobalLock
ReadFile
CloseHandle
GlobalFree
IsDBCSLeadByte
GetModuleHandleA
FindResourceA
LoadResource
LockResource
GetLastError
GetFileAttributesA
GetVersion
DisableThreadLibraryCalls
GetProcAddress
GetLocaleInfoA
LoadLibraryA
GetWindowsDirectoryA
lstrcatA
GetModuleFileNameA
IsBadWritePtr
lstrcmpiA
GetLocalTime
GetTimeFormatA
GetDateFormatA
lstrcmpA
GlobalAlloc
GetVersionExA
GetCurrentThreadId
MultiByteToWideChar
CompareStringA
lstrcpyA
InterlockedExchange
lstrlenA
GetSystemDefaultLCID
lstrcpynA
HeapAlloc
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
InterlockedIncrement
InterlockedDecrement
HeapReAlloc

user32

DrawFocusRect
AdjustWindowRect
DrawFrameControl
TrackPopupMenu
GetMessageA
AdjustWindowRectEx
CopyRect
GetKeyNameTextA
ShowCaret
SetCaretPos
GrayStringA
HideCaret
DestroyCaret
CreateCaret
SetWindowTextA
SetScrollInfo
DrawTextExA
InvertRect
SetRectEmpty
GetShellWindow
SetKeyboardState
GetKeyboardState
GetScrollInfo
GetKeyboardLayout
DestroyCursor
GetUpdateRgn
GetUpdateRect
GetWindowRgn
ValidateRect
CallMsgFilterA
LockWindowUpdate
IsZoomed
GetDesktopWindow
GetIconInfo
GetCursor
GetForegroundWindow
InvalidateRgn
EndDeferWindowPos
EnumChildWindows
GetDoubleClickTime
FindWindowA
GetMessageTime
GetWindowThreadProcessId
RemovePropA
SendNotifyMessageA
SetScrollPos
SetScrollRange
GetWindowTextLengthA
EnableScrollBar
ChildWindowFromPoint
GetDlgItemInt
EndDialog
GetActiveWindow
GetWindow
GetPropA
GetCursorPos
WindowFromPoint
GetClassNameA
GetDlgCtrlID
IsWindow
SetPropA
IsWindowEnabled
IsWindowVisible
UnregisterClassA
CharNextA
MessageBoxA
SetActiveWindow
CheckRadioButton
SetFocus
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
CheckDlgButton
GetDlgItem
GetDCEx
DrawIconEx
CreateIconIndirect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetClipboardFormatNameA
SetCursorPos
RegisterClipboardFormatA
MessageBeep
RegisterWindowMessageA
PeekMessageA
PostMessageW
PeekMessageW
VkKeyScanA
SetParent
CharUpperA
GetDlgItemTextA
SetCursor
CreateDialogIndirectParamA
GetNextDlgTabItem
IsDialogMessageA
ScrollWindowEx
SendDlgItemMessageA
SetWindowRgn
IntersectRect
EqualRect
MoveWindow
BeginPaint
EndPaint
DeferWindowPos
BeginDeferWindowPos
CharNextExA
SetTimer
KillTimer
DrawIcon
DestroyIcon
MapWindowPoints
CreatePopupMenu
AppendMenuA
TrackPopupMenuEx
DestroyMenu
WinHelpA
PtInRect
DefWindowProcA
GetWindowDC
SetRect
LoadCursorA
IsRectEmpty
ClientToScreen
GetWindowRect
MapVirtualKeyA
DestroyWindow
CreateWindowExA
GetSysColorBrush
GetAsyncKeyState
EnableWindow
PostMessageA
TranslateMessage
DispatchMessageA
wsprintfA
DialogBoxParamA
UpdateWindow
GetWindowLongA
SetWindowLongA
GetDC
ReleaseDC
GetParent
OffsetRect
UnionRect
GetFocus
IsChild
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetMessagePos
ScreenToClient
SetWindowPos
SetCapture
GetWindowTextA
WindowFromDC
GetClientRect
CallWindowProcA
DrawEdge
GetSysColor
FrameRect
InflateRect
FillRect
DrawTextA
GetKeyState
GetCapture
ReleaseCapture
GetClassInfoA
RegisterClassA
InvalidateRect
LoadIconA
GetSystemMetrics
CopyImage
SendMessageA
LoadStringA
RedrawWindow
ShowWindow
CreateAcceleratorTableA

ole32

ReleaseStgMedium
DoDragDrop
RegisterDragDrop
RevokeDragDrop
CreateStreamOnHGlobal
OleLoadFromStream
OleSaveToStream
CreateOleAdviseHolder
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

advapi32

RegDeleteKeyA
RegOpenKeyA
RegQueryValueA
RegQueryValueExA
RegEnumKeyExA
RegCreateKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegDeleteValueA

oleaut32

SafeArrayRedim
SafeArrayPutElement
SafeArrayGetElement
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
GetErrorInfo
OleCreateFontIndirect
OleCreatePropertyFrame
LoadTypeLibEx
UnRegisterTypeLi
RegisterTypeLi
CreateErrorInfo
SetErrorInfo
LoadRegTypeLi
LoadTypeLi
VariantChangeTypeEx
SysStringByteLen
SysAllocStringByteLen
OleLoadPicture
SysAllocStringLen
VariantCopy
OleTranslateColor
VariantChangeType
OleCreatePictureIndirect
VariantCopyInd
SysStringLen
SysFreeString
VariantInit
VariantClear
SysAllocString
SafeArrayCopy

comdlg32

GetOpenFileNameA

gdi32

Arc
GetTextExtentPointA
GetCharWidthA
OffsetWindowOrgEx
ExtTextOutW
GetTextExtentPointW
Polyline
GetTextAlign
SetTextAlign
OffsetRgn
GetTextColor
CombineRgn
GetTextMetricsA
MoveToEx
LineTo
Ellipse
DeleteObject
SelectObject
CreateSolidBrush
SetViewportOrgEx
SetWindowOrgEx
SetViewportExtEx
SetWindowExtEx
SetMapMode
GetDeviceCaps
CreateFontIndirectA
GetObjectA
SelectClipRgn
ExcludeClipRect
RectVisible
GetClipBox
IntersectClipRect
GetClipRgn
CreateRectRgnIndirect
RealizePalette
SelectPalette
PatBlt
CreateCompatibleBitmap
CreateBitmap
CreateCompatibleDC
GetTextExtentPoint32A
TextOutA
SetBkColor
SetTextColor
SetBkMode
Rectangle
CreatePen
GetStockObject
GetViewportExtEx
GetWindowExtEx
LPtoDP
DeleteDC
CreateDCA
CreateRectRgn
StretchBlt
CreateICA
CopyMetaFileA
CopyEnhMetaFileA
GetPaletteEntries
GetDIBits
CreateDIBitmap
GetBitmapBits
CreatePalette
GetNearestColor
CreatePatternBrush
CreateDIBSection
CreateHalftonePalette
BitBlt
SetDIBColorTable
GetDIBColorTable
GetPixel
StretchDIBits
SetBrushOrgEx
GetBkColor
ExtTextOutA
RestoreDC
SaveDC
CreateFontA

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 687KB - Virtual size: 687KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 279KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSVBVM60.DLL
.dll regsvr32 windows:4 windows x86 arch:x86

6a66fb523666c583cb87c4630ccedf7a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

MoveFileA
LockFile
UnlockFile
RemoveDirectoryA
TerminateProcess
HeapSize
SetHandleCount
ExitThread
GetCPInfo
lstrlenA
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
GetStringTypeW
GetTempFileNameA
lstrcpynA
_lclose
_llseek
FlushFileBuffers
CreateDirectoryA
lstrcmpiA
GetLastError
GetModuleHandleA
GetSystemDefaultLangID
FormatMessageA
HeapCreate
GetWindowsDirectoryA
GetPrivateProfileStringA
lstrcatA
CreateFileA
ReadFile
CloseHandle
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
IsDBCSLeadByte
IsBadReadPtr
TlsGetValue
lstrcpyA
DeleteFileA
lstrcmpA
GetCurrentThreadId
HeapAlloc
HeapFree
CreateThread
GetTimeZoneInformation
SetEnvironmentVariableA
RaiseException
LCMapStringW
GetStringTypeA
GetModuleFileNameW
GetUserDefaultLangID
GetComputerNameA
SetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
SetFileTime
GetLocalTime
SetLocalTime
RtlUnwind
CreateProcessW
IsValidCodePage
FormatMessageW
GetStartupInfoA
UnhandledExceptionFilter
ExitProcess
GetShortPathNameA
SetCurrentDirectoryA
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindNextFileA
FindClose
VirtualFree
GetSystemInfo
VirtualAlloc
VirtualProtect
FlushInstructionCache
WinExec
lstrlenW
lstrcpyW
WriteFile
SetEndOfFile
SetFilePointer
GetSystemTime
SystemTimeToFileTime
GetCurrentProcess
DuplicateHandle
ResumeThread
GetCommandLineA
TlsSetValue
TlsFree
TlsAlloc
GetVersion
CompareStringW
lstrcmpiW
MulDiv
CreateProcessA
GetExitCodeProcess
LoadLibraryExA
MultiByteToWideChar
WaitForSingleObject
ResetEvent
SetEvent
CreateEventA
GetCurrentProcessId
GetTickCount
GetEnvironmentVariableA
FreeResource
GetSystemDefaultLCID
IsBadCodePtr
GetUserDefaultLCID
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
GetVersionExA
Sleep
GlobalDeleteAtom
HeapDestroy
SetErrorMode
GlobalAddAtomA
ReleaseSemaphore
LCMapStringA
CreateSemaphoreA
VirtualQuery
GetProfileStringA
WideCharToMultiByte
HeapReAlloc
GetDriveTypeA
CompareStringA
GetFileAttributesA
GetCurrentDirectoryA
GetModuleFileNameA
SetLastError
GetFullPathNameA
SearchPathA
GetFileType
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
SizeofResource
GlobalAlloc
GlobalSize
GlobalHandle
GlobalReAlloc
GlobalLock
_lwrite
_lread
LockResource
GetTempPathA
FreeLibrary
GetLocaleInfoA
GetStdHandle
GetACP

user32

DdeAbandonTransaction
DdeGetLastError
DdeCreateDataHandle
DdeCmpStringHandles
SetCursorPos
EnumClipboardFormats
DestroyCursor
GetAsyncKeyState
WaitForInputIdle
GetForegroundWindow
keybd_event
VkKeyScanW
SetWindowsHookExW
CharUpperBuffW
CharUpperBuffA
CharLowerBuffW
FindWindowW
FindWindowA
MessageBoxIndirectA
DialogBoxParamA
EnumThreadWindows
GetLastActivePopup
SetActiveWindow
LoadImageA
RegisterClassExA
FrameRect
CreateDialogParamA
IsDialogMessageA
EnableMenuItem
ShowCursor
OemToCharA
CharToOemBuffA
GetWindowTextA
EndDialog
DrawTextA
SendDlgItemMessageA
SetDlgItemTextA
GetWindowPlacement
GetSystemMetrics
LoadBitmapA
TranslateMessage
DispatchMessageA
MsgWaitForMultipleObjects
WaitMessage
PostQuitMessage
GetKeyboardLayout
UnhookWindowsHookEx
RegisterClipboardFormatA
CreateCursor
CreateIcon
PostMessageW
PeekMessageW
GetPropA
RemovePropA
SetPropA
SetForegroundWindow
ClipCursor
CallWindowProcA
DefFrameProcA
GetKeyState
GetDlgItem
IsWindow
UnregisterClassA
RegisterClassA
AdjustWindowRect
GetTabbedTextExtentA
TabbedTextOutA
FillRect
CharToOemA
MessageBoxA
wsprintfA
WinHelpA
GetDesktopWindow
SetRect
GetWindowDC
DestroyIcon
GetClassInfoA
AdjustWindowRectEx
GetMenuItemCount
RemoveMenu
GetMenuStringA
DdeClientTransaction
DdeGetData
GetCaretPos
CharPrevA
CharNextA
GetUpdateRgn
GetUpdateRect
PtInRect
ChildWindowFromPointEx
ReleaseCapture
SetCapture
InflateRect
GetWindowRect
ClientToScreen
MoveWindow
IsWindowEnabled
IsChild
SetParent
IsIconic
IsZoomed
DefMDIChildProcA
MessageBeep
PeekMessageA
PostMessageA
LoadStringA
AppendMenuA
DestroyMenu
CreatePopupMenu
GetMessageTime
GetMessagePos
DrawFocusRect
CopyAcceleratorTableA
GetWindowRgn
CharUpperA
TranslateMDISysAccel
SubtractRect
IsRectEmpty
InvalidateRgn
InvalidateRect
CopyRect
GetDCEx
IntersectRect
LoadAcceleratorsA
BringWindowToTop
GetWindowThreadProcessId
AttachThreadInput
EqualRect
EnableWindow
SetFocus
SendMessageA
SetWindowsHookExA
GetClassNameA
LoadCursorA
SetCursor
SetWindowLongA
GetWindow
GetFocus
GetSystemMenu
CallNextHookEx
GetParent
DestroyWindow
SetWindowTextA
SetWindowPos
UpdateWindow
CreateWindowExA
SystemParametersInfoA
GetCapture
WindowFromPoint
ScreenToClient
SetTimer
IsWindowVisible
ShowWindow
KillTimer
GetDC
ReleaseDC
MapWindowPoints
GetCursorPos
GetCursor
OffsetRect
GetIconInfo
DefWindowProcA
BeginPaint
GetClientRect
EndPaint
GetSysColor
GetActiveWindow
GetWindowLongA
DdeConnect
DdePostAdvise
DdeDisconnect
DdeCreateStringHandleA
DdeSetUserHandle
DdeNameService
DdeFreeStringHandle
DdeUninitialize
DdeInitializeA
DdeFreeDataHandle
DdeQueryConvInfo
DdeQueryStringA
DrawFrameControl
SetScrollRange
SetScrollPos
IsClipboardFormatAvailable
LockWindowUpdate
CharLowerBuffA
OpenClipboard
SetClipboardData
GetClipboardData
GetCaretBlinkTime
EmptyClipboard
CloseClipboard
CreateCaret
SetCaretPos
GetWindowTextLengthA
DestroyCaret
ShowCaret
HideCaret
DrawTextExA
GetScrollPos
GetClipboardFormatNameA
SetWindowRgn
ToAscii
GetScrollInfo
DestroyAcceleratorTable
ShowScrollBar
SetMenuItemInfoA
SetScrollInfo
GetMenuItemInfoA
GetQueueStatus
SetKeyboardState
GetKeyboardState
TrackPopupMenu
GetDoubleClickTime
SetWindowContextHelpId
DeleteMenu
SetMenuDefaultItem
DrawMenuBar
GetMenuItemID
InsertMenuA
GetSubMenu
CreateMenu
GetMenu
SetMenu
BeginDeferWindowPos
ModifyMenuA
CheckMenuItem
PostThreadMessageA
EndDeferWindowPos
DeferWindowPos
VkKeyScanA
CharLowerA
GetMenuState
DrawIcon
IsCharAlphaA
LoadIconA
GetClassInfoExA
CreateAcceleratorTableA

gdi32

UnrealizeObject
CreatePen
SetBkColor
CreateSolidBrush
DeleteObject
SetTextColor
CreatePatternBrush
CreateBitmap
ExtTextOutA
SelectObject
SetBkMode
GetBitmapBits
GetObjectA
GetTextExtentPointA
CreateFontIndirectA
CombineRgn
SetRectRgn
CreateRectRgn
CreateRectRgnIndirect
ExtSelectClipRgn
OffsetRgn
PtInRegion
CreatePalette
SelectPalette
SelectClipRgn
OffsetWindowOrgEx
IntersectClipRect
DeleteDC
BitBlt
SetViewportOrgEx
CreateCompatibleDC
CreateCompatibleBitmap
RestoreDC
RealizePalette
SetROP2
SaveDC
GetClipBox
SetWindowOrgEx
ExcludeClipRect
CreateHalftonePalette
GetTextMetricsA
PatBlt
EnumFontsA
TranslateCharsetInfo
GetROP2
SetBrushOrgEx
GetDeviceCaps
GetObjectType
CreatePenIndirect
CreateBrushIndirect
Rectangle
GetStockObject
Arc
LineTo
MoveToEx
Pie
Ellipse
SetStretchBltMode
GetPixel
GetTextExtentPoint32A
SetPixelV
StretchDIBits
GetCurrentObject
TextOutA
GetBkColor
StretchBlt
CreateDIBitmap
CloseMetaFile
SetWindowExtEx
CreateMetaFileA
EndDoc
AbortDoc
StartPage
EndPage
StartDocA
CreateDCA
ResetDCA
Escape
ScaleViewportExtEx
SetViewportExtEx
SetMapMode
DeleteMetaFile
PlayMetaFile
SetAbortProc
DeleteEnhMetaFile
PlayEnhMetaFile
CreateICA
GetEnhMetaFileHeader
ScaleWindowExtEx
GetWindowOrgEx
GetPaletteEntries
CreateDIBSection
CloseEnhMetaFile
CreateEnhMetaFileA
LPtoDP
EqualRgn
ExtCreateRegion
GetDIBits
SetTextAlign
GetWindowExtEx
GetViewportExtEx
CopyMetaFileA
CopyEnhMetaFileA
PathToRegion
EndPath
BeginPath
WidenPath
GetTextColor
GetMapMode
SetDIBColorTable
RoundRect
CreateEllipticRgnIndirect
CreateRoundRectRgn
GetSystemPaletteEntries
GetNearestColor
CreateHatchBrush

advapi32

ReportEventA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegOpenKeyA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueA
RegDeleteKeyA
RegEnumKeyA
RegSetValueExA
RegCreateKeyA
RegSetValueA
RegDeleteValueA
RegisterEventSourceA
DeregisterEventSource
RegQueryInfoKeyA
RegEnumKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegSetValueExW
RegOpenKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegEnumValueA
RegQueryValueExW
RegCreateKeyW

ole32

OleCreateLinkToFile
CoTaskMemFree
BindMoniker
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
DoDragDrop
CreateILockBytesOnHGlobal
OleFlushClipboard
OleIsCurrentClipboard
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
CreateDataAdviseHolder
CreateOleAdviseHolder
CoRegisterClassObject
CoRevokeClassObject
CLSIDFromString
OleDoAutoConvert
OleRegGetUserType
OleSaveToStream
ReadClassStg
ReadClassStm
OleConvertIStorageToOLESTREAM
OleConvertOLESTREAMToIStorage
StgIsStorageILockBytes
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
OleCreateFromData
OleCreateLinkFromData
OleGetIconOfClass
OleGetClipboard
OleSetClipboard
OleCreateLink
CoTaskMemAlloc
OleGetAutoConvert
OleCreateFromFile
CoMarshalInterface
CoUnmarshalInterface
CreateStreamOnHGlobal
StringFromCLSID
StringFromGUID2
CLSIDFromProgID
ProgIDFromCLSID
CoGetClassObject
CoCreateInstance
MkParseDisplayName
CoIsOle1Class
OleQueryLinkFromData
OleQueryCreateFromData
GetClassFile
CreateBindCtx
OleDuplicateData
ReleaseStgMedium
OleSetMenuDescriptor
CoRegisterMessageFilter
OleUninitialize
OleInitialize
CoGetMalloc
OleRegGetMiscStatus
CoCreateGuid
IIDFromString
CoFreeUnusedLibraries
CoDisconnectObject
IsAccelerator
OleIsRunning
OleRun
OleLockRunning
StgCreateDocfile
WriteClassStg
OleSave
StgOpenStorage
OleLoad

oleaut32

OleCreatePropertyFrame
OleTranslateColor
SysStringLen
VariantClear
SysAllocString
VariantInit
OleCreateFontIndirect
OleCreatePictureIndirect
SysFreeString
OaBuildVersion
SysAllocStringLen
SysAllocStringByteLen
SetErrorInfo
CreateErrorInfo
VariantChangeType
DispGetParam
LoadTypeLi
GetErrorInfo
LoadRegTypeLi
RegisterTypeLi
SysStringByteLen
UnRegisterTypeLi
LHashValOfNameSys
LoadTypeLibEx
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayUnaccessData
SafeArrayCreate
OleLoadPicture
SafeArrayGetDim
VariantCopy
VariantCopyInd
SafeArrayDestroy
VariantChangeTypeEx
CreateDispTypeInfo
SafeArrayDestroyData
DispInvoke
SafeArrayGetUBound
DispGetIDsOfNames
SafeArrayGetElement
SafeArrayPutElement
SafeArrayGetLBound
SafeArrayCopy
OleIconToCursor
SafeArrayRedim
SafeArrayAllocDescriptor
SafeArrayDestroyDescriptor
RevokeActiveObject
SafeArrayLock
SafeArrayUnlock
SafeArrayAllocData
SysReAllocStringLen
GetActiveObject
VarDateFromStr
VarCyFromI4
VarR8FromStr
VarBstrFromI4
VarBstrFromR4
VarBstrFromI2
VarBstrFromDate
VarBstrFromCy
VarBstrFromR8
VarI4FromStr
VarI4FromR8
VarI2FromStr
VarCyFromStr
VarR4FromStr
LHashValOfNameSysA
SysReAllocString

Exports

Exports

BASIC_CLASS_AddRef
BASIC_CLASS_GetIDsOfNames
BASIC_CLASS_Invoke
BASIC_CLASS_QueryInterface
BASIC_CLASS_Release
BASIC_DISPINTERFACE_GetTICount
BASIC_DISPINTERFACE_GetTypeInfo
CopyRecord
CreateIExprSrvObj
DLLGetDocumentation
DllCanUnloadNow
DllFunctionCall
DllGetClassObject
DllRegisterServer
DllUnregisterServer
EVENT_SINK2_AddRef
EVENT_SINK2_Release
EVENT_SINK_AddRef
EVENT_SINK_GetIDsOfNames
EVENT_SINK_Invoke
EVENT_SINK_QueryInterface
EVENT_SINK_Release
EbCreateContext
EbDestroyContext
EbGetErrorInfo
EbGetHandleOfExecutingProject
EbGetObjConnectionCounts
EbGetVBAObject
EbIsProjectOnStack
EbLibraryLoad
EbLibraryUnload
EbLoadRunTime
EbResetProject
EbResetProjectNormal
EbSetContextWorkerThread
GetMem1
GetMem2
GetMem4
GetMem8
GetMemEvent
GetMemNewObj
GetMemObj
GetMemStr
GetMemVar
IID_IVbaHost
MethCallEngine
ProcCallEngine
PutMem1
PutMem2
PutMem4
PutMem8
PutMemEvent
PutMemNewObj
PutMemObj
PutMemStr
PutMemVar
SetMemEvent
SetMemNewObj
SetMemObj
SetMemVar
ThunRTMain
TipCreateInstanceEx
TipCreateInstanceProject2
TipGetAddressOfPredeclaredInstance
TipInvokeMethod
TipInvokeMethod2
TipSetOption
TipUnloadInstance
TipUnloadProject
UserDllMain
VBDllCanUnloadNow
VBDllGetClassObject
VBDllRegisterServer
VBDllUnRegisterServer
VarPtr
Zombie_AddRef
Zombie_GetIDsOfNames
Zombie_GetTypeInfo
Zombie_GetTypeInfoCount
Zombie_Invoke
Zombie_QueryInterface
Zombie_Release
_CIatan
_CIcos
_CIexp
_CIlog
_CIsin
_CIsqrt
_CItan
__vbaAptOffset
__vbaAryConstruct
__vbaAryConstruct2
__vbaAryCopy
__vbaAryDestruct
__vbaAryLock
__vbaAryMove
__vbaAryRebase1Var
__vbaAryRecCopy
__vbaAryRecMove
__vbaAryUnlock
__vbaAryVar
__vbaAryVarVarg
__vbaBoolErrVar
__vbaBoolStr
__vbaBoolVar
__vbaBoolVarNull
__vbaCVarAryUdt
__vbaCastObj
__vbaCastObjVar
__vbaCheckType
__vbaCheckTypeVar
__vbaChkstk
__vbaCopyBytes
__vbaCopyBytesZero
__vbaCyAbs
__vbaCyAdd
__vbaCyErrVar
__vbaCyFix
__vbaCyForInit
__vbaCyForNext
__vbaCyI2
__vbaCyI4
__vbaCyInt
__vbaCyMul
__vbaCyMulI2
__vbaCySgn
__vbaCyStr
__vbaCySub
__vbaCyUI1
__vbaCyVar
__vbaDateR4
__vbaDateR8
__vbaDateStr
__vbaDateVar
__vbaDerefAry
__vbaDerefAry1
__vbaEnd
__vbaErase
__vbaEraseKeepData
__vbaEraseNoPop
__vbaError
__vbaErrorOverflow
__vbaExceptHandler
__vbaExitEachAry
__vbaExitEachColl
__vbaExitEachVar
__vbaExitProc
__vbaFPException
__vbaFPFix
__vbaFPInt
__vbaFailedFriend
__vbaFileClose
__vbaFileCloseAll
__vbaFileLock
__vbaFileOpen
__vbaFileSeek
__vbaFixstrConstruct
__vbaForEachAry
__vbaForEachCollAd
__vbaForEachCollObj
__vbaForEachCollVar
__vbaForEachVar
__vbaFpCDblR4
__vbaFpCDblR8
__vbaFpCSngR4
__vbaFpCSngR8
__vbaFpCmpCy
__vbaFpCy
__vbaFpI2
__vbaFpI4
__vbaFpR4
__vbaFpR8
__vbaFpUI1
__vbaFreeObj
__vbaFreeObjList
__vbaFreeStr
__vbaFreeStrList
__vbaFreeVar
__vbaFreeVarList
__vbaFreeVarg
__vbaGenerateBoundsError
__vbaGet3
__vbaGet4
__vbaGetFxStr3
__vbaGetFxStr4
__vbaGetOwner3
__vbaGetOwner4
__vbaGosub
__vbaGosubFree
__vbaGosubReturn
__vbaHresultCheck
__vbaHresultCheckNonvirt
__vbaHresultCheckObj
__vbaI2Abs
__vbaI2Cy
__vbaI2ErrVar
__vbaI2ForNextCheck
__vbaI2I4
__vbaI2Sgn
__vbaI2Str
__vbaI2Var
__vbaI4Abs
__vbaI4Cy
__vbaI4ErrVar
__vbaI4ForNextCheck
__vbaI4Sgn
__vbaI4Str
__vbaI4Var
__vbaInStr
__vbaInStrB
__vbaInStrVar
__vbaInStrVarB
__vbaInputFile
__vbaLateIdCall
__vbaLateIdCallLd
__vbaLateIdCallSt
__vbaLateIdNamedCall
__vbaLateIdNamedCallLd
__vbaLateIdNamedCallSt
__vbaLateIdNamedStAd
__vbaLateIdSt
__vbaLateIdStAd
__vbaLateMemCall
__vbaLateMemCallLd
__vbaLateMemCallSt
__vbaLateMemNamedCall
__vbaLateMemNamedCallLd
__vbaLateMemNamedCallSt
__vbaLateMemNamedStAd
__vbaLateMemSt
__vbaLateMemStAd
__vbaLbound
__vbaLdZeroAry
__vbaLenBstr
__vbaLenBstrB
__vbaLenVar
__vbaLenVarB
__vbaLineInputStr
__vbaLineInputVar
__vbaLsetFixstr
__vbaLsetFixstrFree
__vbaMidStmtBstr
__vbaMidStmtBstrB
__vbaMidStmtVar
__vbaMidStmtVarB
__vbaNameFile
__vbaNew
__vbaNew2
__vbaNextEachAry
__vbaNextEachCollAd
__vbaNextEachCollObj
__vbaNextEachCollVar
__vbaNextEachVar
__vbaObjAddref
__vbaObjIs
__vbaObjSet
__vbaObjSetAddref
__vbaObjVar
__vbaOnError
__vbaOnGoCheck
__vbaPowerR8
__vbaPrintFile
__vbaPrintObj
__vbaPut3
__vbaPut4
__vbaPutFxStr3
__vbaPutFxStr4
__vbaPutOwner3
__vbaPutOwner4
__vbaR4Cy
__vbaR4ErrVar
__vbaR4ForNextCheck
__vbaR4Sgn
__vbaR4Str
__vbaR4Var
__vbaR8Cy
__vbaR8ErrVar
__vbaR8FixI2
__vbaR8FixI4
__vbaR8ForNextCheck
__vbaR8IntI2
__vbaR8IntI4
__vbaR8Sgn
__vbaR8Str
__vbaR8Var
__vbaRaiseEvent
__vbaRecAnsiToUni
__vbaRecAssign
__vbaRecDestruct
__vbaRecDestructAnsi
__vbaRecUniToAnsi
__vbaRedim
__vbaRedimPreserve
__vbaRedimPreserveVar
__vbaRedimPreserveVar2
__vbaRedimVar
__vbaRedimVar2
__vbaRefVarAry
__vbaResume
__vbaRsetFixstr
__vbaRsetFixstrFree
__vbaSetSystemError
__vbaStopExe
__vbaStr2Vec
__vbaStrAryToAnsi
__vbaStrAryToUnicode
__vbaStrBool
__vbaStrCat
__vbaStrCmp
__vbaStrComp
__vbaStrCompVar
__vbaStrCopy
__vbaStrCy
__vbaStrDate
__vbaStrErrVarCopy
__vbaStrFixstr
__vbaStrI2
__vbaStrI4
__vbaStrLike
__vbaStrMove
__vbaStrR4
__vbaStrR8
__vbaStrTextCmp
__vbaStrTextLike
__vbaStrToAnsi
__vbaStrToUnicode
__vbaStrUI1
__vbaStrVarCopy
__vbaStrVarMove
__vbaStrVarVal
__vbaUI1Cy
__vbaUI1ErrVar
__vbaUI1I2
__vbaUI1I4
__vbaUI1Sgn
__vbaUI1Str
__vbaUI1Var
__vbaUbound
__vbaUdtVar
__vbaUnkVar
__vbaVar2Vec
__vbaVarAbs
__vbaVarAdd
__vbaVarAnd
__vbaVarCat
__vbaVarCmpEq
__vbaVarCmpGe
__vbaVarCmpGt
__vbaVarCmpLe
__vbaVarCmpLt
__vbaVarCmpNe
__vbaVarCopy
__vbaVarDateVar
__vbaVarDiv
__vbaVarDup
__vbaVarEqv
__vbaVarErrI4
__vbaVarFix
__vbaVarForInit
__vbaVarForNext
__vbaVarIdiv
__vbaVarImp
__vbaVarIndexLoad
__vbaVarIndexLoadRef
__vbaVarIndexLoadRefLock
__vbaVarIndexStore
__vbaVarIndexStoreObj
__vbaVarInt
__vbaVarLateMemCallLd
__vbaVarLateMemCallLdRf
__vbaVarLateMemCallSt
__vbaVarLateMemSt
__vbaVarLateMemStAd
__vbaVarLike
__vbaVarLikeVar
__vbaVarMod
__vbaVarMove
__vbaVarMul
__vbaVarNeg
__vbaVarNot
__vbaVarOr
__vbaVarPow
__vbaVarSetObj
__vbaVarSetObjAddref
__vbaVarSetUnk
__vbaVarSetUnkAddref
__vbaVarSetVar
__vbaVarSetVarAddref
__vbaVarSub
__vbaVarTextCmpEq
__vbaVarTextCmpGe
__vbaVarTextCmpGt
__vbaVarTextCmpLe
__vbaVarTextCmpLt
__vbaVarTextCmpNe
__vbaVarTextLike
__vbaVarTextLikeVar
__vbaVarTextTstEq
__vbaVarTextTstGe
__vbaVarTextTstGt
__vbaVarTextTstLe
__vbaVarTextTstLt
__vbaVarTextTstNe
__vbaVarTstEq
__vbaVarTstGe
__vbaVarTstGt
__vbaVarTstLe
__vbaVarTstLt
__vbaVarTstNe
__vbaVarVargNofree
__vbaVarXor
__vbaVarZero
__vbaVargObj
__vbaVargObjAddref
__vbaVargParmRef
__vbaVargUnk
__vbaVargUnkAddref
__vbaVargVar
__vbaVargVarCopy
__vbaVargVarMove
__vbaVargVarRef
__vbaVerifyVarObj
__vbaWriteFile
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_allmul
rtBoolFromErrVar
rtBstrFromErrVar
rtCyFromErrVar
rtDecFromVar
rtI2FromErrVar
rtI4FromErrVar
rtR4FromErrVar
rtR8FromErrVar
rtUI1FromErrVar
rtcAbsVar
rtcAnsiValueBstr
rtcAppActivate
rtcAppleScript
rtcArray
rtcAtn
rtcBeep
rtcBstrFromAnsi
rtcBstrFromByte
rtcBstrFromChar
rtcBstrFromError
rtcBstrFromFormatVar
rtcByteValueBstr
rtcCVErrFromVar
rtcCallByName
rtcChangeDir
rtcChangeDrive
rtcCharValueBstr
rtcChoose
rtcCommandBstr
rtcCommandVar
rtcCompareBstr
rtcCos
rtcCreateObject
rtcCreateObject2
rtcCurrentDir
rtcCurrentDirBstr
rtcDDB
rtcDateAdd
rtcDateDiff
rtcDateFromVar
rtcDatePart
rtcDeleteSetting
rtcDir
rtcDoEvents
rtcEndOfFile
rtcEnvironBstr
rtcEnvironVar
rtcErrObj
rtcExp
rtcFV
rtcFileAttributes
rtcFileCopy
rtcFileDateTime
rtcFileLen
rtcFileLength
rtcFileLocation
rtcFileReset
rtcFileSeek
rtcFileWidth
rtcFilter
rtcFixVar
rtcFormatCurrency
rtcFormatDateTime

Sections

.text
Size: 1012KB - Virtual size: 1011KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ENGINE
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mp3Enc.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

aec94528de93faae42abd12b8bffdca7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc40

ord5053
ord2754
ord2843
ord3945
ord2744
ord2845
ord2620
ord2696
ord2960
ord3345
ord3346
ord3340
ord2694
ord3580
ord4096
ord3906
ord3192
ord721
ord504
ord5630
ord1075
ord1035
ord1097
ord1085
ord4046
ord4141
ord4302
ord4462
ord4681
ord3859
ord4312
ord4450
ord4176
ord2199
ord5360
ord3578
ord1539
ord3890
ord4657
ord2086
ord4608
ord5644
ord3837
ord4703
ord2617
ord4296
ord3919
ord2323
ord1785
ord5649
ord3268
ord4510
ord1494
ord4677
ord2140
ord1850
ord4691
ord2861
ord4099
ord3907
ord654
ord406
ord729
ord1647
ord265
ord5748
ord5637
ord2894
ord5638
ord3952
ord2860
ord2916
ord3202
ord651
ord403
ord1073
ord1084
ord1986
ord5352
ord1633
ord3738
ord2176
ord2358
ord1043
ord1071
ord2135
ord1464
ord4973
ord881
ord4700
ord3314
ord3579
ord5023
ord1873
ord4314
ord4375
ord5001
ord3611
ord4133
ord4132
ord4230
ord4124
ord4360
ord4024
ord3997
ord4070
ord4441
ord4380
ord4385
ord4390
ord4122
ord4156
ord4473
ord4127
ord4117
ord3838
ord4241
ord4123
ord4111
ord4110
ord4505
ord4060
ord731
ord3844
ord3840
ord4202
ord4204
ord4201
ord3892
ord4079
ord4459
ord3898
ord4444
ord4432
ord2177
ord2963
ord4015
ord5363
ord1540
ord5643
ord4704
ord3922
ord2618
ord2755
ord2844
ord3946
ord2851
ord2621
ord2695
ord3581
ord4098
ord5160
ord632
ord706
ord2293
ord3452
ord486
ord381
ord3110
ord3158
ord3185
ord569
ord2511
ord5121
ord1425
ord1426
ord1014
ord314
ord2115
ord2223
ord2378
ord4403
ord570
ord315
ord5550
ord5341
ord2451
ord762
ord2450
ord3963
ord5648
ord3458
ord2389
ord4719
ord4165
ord2909
ord4715
ord4713
ord965
ord2097
ord4627
ord2197
ord3431
ord5070
ord4154
ord2234
ord4113
ord3827
ord3854
ord5681
ord1367
ord988
ord328
ord1042
ord1046
ord1105
ord1370
ord1369
ord733
ord671
ord711
ord1000
ord999
ord269

msvcrt40

free
_initterm
malloc
_onexit
__dllonexit
_adjust_fdiv
calloc
sscanf
fclose
??1type_info@@UAE@XZ
_EH_prolog
atol
putc
strncpy
vsprintf
_CIpow
fprintf
floor
_HUGE
ldexp
_ftol
_adj_fdiv_r
getc
_beginthreadex
fwrite
fopen
__CxxFrameHandler
_adj_fdiv_m64
_adj_fdivr_m64
exit
_adj_fpatan
modf
fseek
abort
ftell
__p__iob
fscanf
fgets
fflush
fread
frexp
_stat

kernel32

OutputDebugStringA
HeapAlloc
HeapCreate
ExitThread
WaitForSingleObject
CreateMutexA
ReleaseMutex
Sleep
LocalFree
TerminateThread
GetVersion
GlobalFree
LocalAlloc
HeapFree
GlobalAlloc

user32

FillRect
LoadBitmapA
EnableWindow
PostMessageA

gdi32

BitBlt
GetStockObject
CreateCompatibleDC

oleaut32

LoadRegTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mp3Play.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

4e775177760fdc49b633daffe32751cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

waveOutPrepareHeader
waveOutReset
waveOutClose
waveOutWrite
waveOutUnprepareHeader
mmioGetInfo
mmioAscend
mmioOpenA
mmioAdvance
mmioClose
mmioSetInfo
waveOutPause
waveOutRestart
waveOutGetVolume
waveOutSetVolume
mmioCreateChunk
waveOutOpen
mmioWrite

mfc40

ord3431
ord965
ord5070
ord2097
ord2197
ord4627
ord4713
ord4715
ord3579
ord2909
ord4719
ord4703
ord5053
ord4165
ord2754
ord2843
ord3945
ord2744
ord2845
ord2620
ord2617
ord2960
ord3345
ord3346
ord3340
ord2694
ord3580
ord4096
ord2696
ord3192
ord721
ord504
ord5630
ord1075
ord1035
ord1097
ord1085
ord4046
ord4141
ord4302
ord4462
ord4681
ord3906
ord4312
ord4450
ord4176
ord2199
ord5360
ord3578
ord1539
ord3890
ord4657
ord2086
ord4608
ord5644
ord3837
ord4700
ord3314
ord3859
ord3919
ord2323
ord1785
ord5649
ord3268
ord4510
ord1494
ord4677
ord2140
ord1850
ord4691
ord2861
ord4099
ord3907
ord654
ord406
ord1647
ord265
ord5748
ord5637
ord2894
ord5638
ord3952
ord2860
ord2916
ord3202
ord651
ord4296
ord1073
ord1084
ord1986
ord5352
ord1633
ord3738
ord2176
ord5648
ord2234
ord1071
ord2135
ord1464
ord4973
ord881
ord3827
ord4154
ord4113
ord5023
ord1873
ord4314
ord4375
ord5001
ord3611
ord4133
ord4132
ord4230
ord4124
ord4360
ord4024
ord3997
ord4070
ord3963
ord4380
ord4385
ord4390
ord4122
ord4156
ord4473
ord4127
ord4117
ord3838
ord4241
ord4123
ord4111
ord4110
ord4505
ord4060
ord3854
ord3844
ord3840
ord4202
ord4204
ord4201
ord3892
ord4079
ord4459
ord3898
ord4444
ord4432
ord2177
ord2963
ord4015
ord5363
ord1540
ord5643
ord4704
ord3922
ord2618
ord2755
ord2844
ord3946
ord2851
ord2621
ord2695
ord3581
ord4098
ord5160
ord632
ord706
ord2293
ord3452
ord486
ord381
ord3110
ord3158
ord3185
ord569
ord2511
ord5121
ord1425
ord1426
ord1014
ord314
ord2115
ord2223
ord2378
ord4403
ord570
ord315
ord5550
ord483
ord2451
ord2450
ord5341
ord762
ord729
ord3458
ord2389
ord2358
ord731
ord1043
ord403
ord4441
ord1105
ord1369
ord1042
ord328
ord999
ord1046
ord1367
ord5681
ord988
ord1370
ord269
ord733
ord671
ord711
ord1000

msvcrt40

_ftol
strncpy
_CIpow
__CxxFrameHandler
_endthreadex
atol
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
_EH_prolog
_beginthreadex
perror
exit
_adj_fdivr_m32
_adj_fdivr_m64
_purecall
_write

kernel32

lstrcpyA
GlobalAlloc
GlobalFree
GetVersion
LocalAlloc
LocalFree
ResumeThread
CreateMutexA
SetThreadPriority
TerminateThread
Sleep
ExitThread
WaitForSingleObject
ReleaseMutex
lstrcpynA
CreateFileA
lstrcmpiA
SetFilePointer
ReadFile
CloseHandle
lstrlenA
GetFileSize

user32

LoadBitmapA
FillRect
EnableWindow
PostMessageA

gdi32

CreateCompatibleDC
GetStockObject
BitBlt

oleaut32

LoadRegTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/sanhex.exe
.exe windows:4 windows x86 arch:x86

1bed3305885b0ca596d9cbba22baf78a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
ExitProcess
lstrcpynA
SetFileTime
GetWindowsDirectoryA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
GetSystemDirectoryA
CloseHandle
lstrcmpiA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
MulDiv
WriteFile
ReadFile
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetCommandLineA

user32

SystemParametersInfoA
RegisterClassA
EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
CreateWindowExA
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
wvsprintfA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
GetDlgItem
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
CreateDialogParamA
SetClipboardData
DestroyWindow
SetWindowLongA
LoadImageA
GetDC
EnableWindow
PeekMessageA
DispatchMessageA
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 240KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Plugins/wmv9VCMsetup.exe
.exe windows:6 windows x86 arch:x86

c63ba316533609531fac22f3877f847b

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12-05-1997 00:00

Not After

07-01-2004 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28-02-2001 00:00

Not After

06-01-2004 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10-01-1997 07:00

Not After

31-12-2020 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10-12-2000 08:00

Not After

12-11-2005 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:07:11:43:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25-05-2002 00:55

Not After

25-11-2003 01:05

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

7a:4b:c3:f0:ed:52:02:7c:2a:f2:ae:55:c7:d6:56:fd:81:d7:c8:e9
Signer

Actual PE Digest

7a:4b:c3:f0:ed:52:02:7c:2a:f2:ae:55:c7:d6:56:fd:81:d7:c8:e9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

wextract.pdb

Imports

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
GetModuleFileNameA
lstrlenA
GetSystemDirectoryA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
lstrcatA
lstrcpyA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
GlobalFree
GlobalUnlock
GlobalLock
GetProcAddress
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceA
CloseHandle
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
SetUnhandledExceptionFilter
ReadFile
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
GlobalAlloc

gdi32

GetDeviceCaps

user32

ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 633KB - Virtual size: 636KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RICHTX32.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

aaca01ab2cd35af160b8025e9dcfad9f

Code Sign

03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

09-04-1996 00:00

Not After

07-01-2004 23:59

Subject

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

fc:a4:a5:9f:2c:0f:c0:b9:03:98:33:1b:7b:54:54:1d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

16-11-1999 00:00

Not After

06-01-2004 23:59

Subject

CN=VeriSign Time Stamping Service CA SW1,OU=VeriSign Trust Network+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

75:f2:8e:f8:a8:fb:ea:6d:11:52:97:14:95:4b:65:5c
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

04-04-2000 00:00

Not After

17-04-2001 23:59

Subject

CN=Microsoft Corporation,OU=VeriSign Commercial Software Publishers CA+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98+OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Microsoft Corporation,O=VeriSign\, Inc.,L=Internet+L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

shell32

DragAcceptFiles
DragQueryFileA
DragFinish

oledlg

ord1

kernel32

GlobalUnlock
GetVersionExA
GlobalSize
GlobalLock
FindResourceA
GlobalAlloc
GlobalFree
GetLocaleInfoA
LoadResource
LockResource
GetModuleFileNameA
GetWindowsDirectoryA
HeapReAlloc
GetFileAttributesA
lstrcatA
lstrcpynA
DisableThreadLibraryCalls
GetProcAddress
GetVersion
GetAtomNameA
FindAtomA
AddAtomA
IsBadWritePtr
DeleteAtom
InterlockedIncrement
FreeLibrary
LoadLibraryA
InterlockedDecrement
GetProcessHeap
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
WriteFile
GetLastError
ReadFile
LeaveCriticalSection
CreateFileA
lstrcmpA
lstrcpyA
HeapAlloc
lstrlenA
HeapFree
WideCharToMultiByte
lstrlenW
SetFilePointer
MultiByteToWideChar
IsDBCSLeadByte
CloseHandle
lstrcmpiA

user32

SetCursorPos
ScreenToClient
GetClipboardFormatNameA
PeekMessageW
PostMessageW
PeekMessageA
RegisterWindowMessageA
IsDlgButtonChecked
SetDlgItemInt
SetDlgItemTextA
CheckDlgButton
ReleaseCapture
DefWindowProcA
LoadCursorA
SetCursor
CreateDialogIndirectParamA
MapWindowPoints
FillRect
GetDlgItemTextA
GetClientRect
InvalidateRect
ValidateRect
SetRect
GetSysColor
InflateRect
GetClassInfoA
TrackPopupMenu
GetWindow
GetWindowTextA
CharNextA
MessageBoxA
SendDlgItemMessageA
GetDlgItem
PostMessageA
IsChild
TranslateMessage
DispatchMessageA
IsWindowEnabled
GetNextDlgTabItem
IsDialogMessageA
WinHelpA
BeginPaint
MoveWindow
SetFocus
IsWindowVisible
EndPaint
SetParent
ShowWindow
EnableMenuItem
DeleteMenu
EqualRect
SetWindowRgn
IntersectRect
GetWindowRect
OffsetRect
GetDlgItemInt
GetActiveWindow
SetWindowLongA
SetWindowPos
LoadMenuA
UnregisterClassA
DestroyWindow
DestroyMenu
GetSubMenu
RemoveMenu
GetParent
GetMenuItemCount
GetFocus
IsWindow
WindowFromDC
RegisterClassA
LoadStringA
RegisterClipboardFormatA
GetCapture
GetCursorPos
EnableWindow
EndDialog
wsprintfA
GetKeyState
MessageBeep
CallWindowProcA
GetDC
GetSystemMetrics
ReleaseDC
UpdateWindow
SendMessageA
DialogBoxParamA
GetWindowLongA
CreateWindowExA
ClientToScreen
PtInRect

ole32

DoDragDrop
RegisterDragDrop
CreateOleAdviseHolder
OleCreateFromFile
CLSIDFromProgID
OleCreate
OleSetContainedObject
StringFromCLSID
OleGetIconOfClass
CoGetMalloc
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleSaveToStream
OleLoadFromStream
RevokeDragDrop
CoTaskMemRealloc
ReleaseStgMedium
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

advapi32

RegEnumKeyExA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA

oleaut32

SafeArrayGetElement
SafeArrayDestroy
SafeArrayRedim
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayGetLBound
VariantCopyInd
VariantCopy
SafeArrayUnaccessData
SetErrorInfo
OleCreatePropertyFrame
CreateErrorInfo
UnRegisterTypeLi
LoadTypeLi
LoadTypeLibEx
SafeArrayCreate
SafeArrayPutElement
RegisterTypeLi
OleCreatePictureIndirect
LoadRegTypeLi
GetErrorInfo
OleCreateFontIndirect
SysAllocStringLen
OleLoadPicture
OleTranslateColor
SysStringLen
SysFreeString
VariantChangeType
VariantClear
SysAllocString
VariantInit
SafeArrayCopy

comdlg32

GetOpenFileNameA
CommDlgExtendedError

gdi32

GetNearestColor
CreateSolidBrush
DeleteObject
EnumFontFamiliesExA
CreatePalette
GetBitmapBits
StretchBlt
GetObjectA
SelectPalette
CreateDIBitmap
GetDIBits
GetPaletteEntries
RealizePalette
CreateBitmap
CopyEnhMetaFileA
GetStockObject
CreateDCA
LPtoDP
CopyMetaFileA
GetViewportExtEx
CreateRectRgnIndirect
GetWindowExtEx
GetClipBox
SetWindowExtEx
SetBkColor
SelectObject
CreateCompatibleBitmap
SetViewportExtEx
DeleteDC
EndDoc
PatBlt
StartPage
StartDocA
EndPage
SetWindowOrgEx
SetViewportOrgEx
DPtoLP
CreateCompatibleDC
GetMapMode
CreateICA
GetObjectType
SetMapMode
GetDeviceCaps

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
VBFrameworkMapClassObject

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VB6CHS.DLL
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
asycfilt.dll
.dll windows:4 windows x86 arch:x86

28b659576236be75a4bbcbfa9113e470

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ole32

ReleaseStgMedium

user32

UnionRect

gdi32

CreateSolidBrush
SetDIBits
SetMapMode
DeleteObject
PatBlt
GetCurrentObject
SelectObject
SetStretchBltMode
GetObjectA
GetNearestPaletteIndex
SetDIBColorTable
GetNearestColor
SelectPalette
SetDIBitsToDevice
StretchDIBits

kernel32

SetLastError
GetCPInfo
GetACP
GetStartupInfoA
InterlockedIncrement
InitializeCriticalSection
InterlockedDecrement
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetTickCount
lstrlenA
GlobalDeleteAtom
GlobalAddAtomA
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
HeapFree
GetModuleFileNameA
RtlUnwind
HeapAlloc
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetLocaleInfoA
GetLocaleInfoW
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
LoadLibraryA
FlushFileBuffers
SetFilePointer
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CloseHandle
ReadFile

Exports

Exports

DllCanUnloadNow
FilterCreateInstance

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bkground/1.jpg
.jpg
bkground/10.jpg
.jpg
bkground/11.jpg
.jpg
bkground/12.jpg
.jpg
bkground/13.jpg
.jpg
bkground/14.jpg
.jpg
bkground/15.jpg
.jpg
bkground/16.jpg
.jpg
bkground/17.jpg
.jpg
bkground/18.jpg
.jpg
bkground/19.jpg
.jpg
bkground/2.jpg
.jpg
bkground/20.jpg
.jpg
bkground/21.jpg
.jpg
bkground/22.jpg
.jpg
bkground/23.jpg
.jpg
bkground/24.jpg
.jpg
bkground/25.jpg
.jpg
bkground/26.jpg
.jpg
bkground/27.jpg
.jpg
bkground/28.jpg
.jpg
bkground/29.jpg
.jpg
bkground/3.jpg
.jpg
bkground/30.jpg
.jpg
bkground/31.jpg
.jpg
bkground/32.jpg
.jpg
bkground/33.jpg
.jpg
bkground/34.jpg
.jpg
bkground/35.jpg
.jpg
bkground/36.jpg
.jpg
bkground/37.jpg
.jpg
bkground/38.jpg
.jpg
bkground/39.jpg
.jpg
bkground/4.jpg
.jpg
bkground/40.jpg
.jpg
bkground/41.jpg
.jpg
bkground/42.jpg
.jpg
bkground/43.jpg
.jpg
bkground/44.jpg
.jpg
bkground/45.jpg
.jpg
bkground/46.jpg
.jpg
bkground/47.jpg
.jpg
bkground/48.jpg
.jpg
bkground/49.jpg
.jpg
bkground/5.jpg
.jpg
bkground/50.jpg
.jpg
bkground/51.jpg
.jpg
bkground/52.jpg
.jpg
bkground/53.jpg
.jpg
bkground/54.jpg
.jpg
bkground/55.jpg
.jpg
bkground/56.jpg
.jpg
bkground/57.jpg
.jpg
bkground/58.jpg
.jpg
bkground/59.jpg
.jpg
bkground/6.jpg
.jpg
bkground/60.jpg
.jpg
bkground/61.jpg
.jpg
bkground/62.jpg
.jpg
bkground/63.jpg
.jpg
bkground/64.jpg
.jpg
bkground/65.jpg
.jpg
bkground/66.jpg
.jpg
bkground/67.jpg
.jpg
bkground/68.jpg
.jpg
bkground/69.jpg
.jpg
bkground/7.jpg
.jpg
bkground/70.jpg
.jpg
bkground/71.jpg
.jpg
bkground/72.jpg
.jpg
bkground/8.jpg
.jpg
bkground/9.jpg
.jpg
comcat.dll
.dll regsvr32 windows:4 windows x86 arch:x86

5316dd1ba7417f578451f902c4b4f845

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ole32

StringFromCLSID
StringFromGUID2
CoTaskMemAlloc
CLSIDFromString
CoTaskMemFree

kernel32

GetModuleFileNameA
lstrlenA
GlobalAlloc
lstrlenW
GetModuleHandleA
WideCharToMultiByte
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
IsBadReadPtr
GetUserDefaultLCID
IsBadWritePtr
GlobalFree

user32

wsprintfA

advapi32

RegCreateKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyW
RegEnumKeyA
RegOpenKeyA
RegCloseKey
RegDeleteKeyA
RegSetValueExW
RegSetValueExA
RegCreateKeyExW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 906B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
default.pic
.gif
demo.lrc
demo.wmv
dx7vb.dll
.dll regsvr32 windows:5 windows x86 arch:x86

9d6fe46c624752387300b22325c85d83

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dx7vb.pdb

Imports

msvcrt

wcslen
wcscpy
_wcsupr
wcsncmp
_wcsicmp
_except_handler3

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapDestroy
GetCurrentProcess
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
LocalReAlloc
lstrcmpiA
LeaveCriticalSection
EnterCriticalSection
GetLastError
CreateEventA
CreateThread
ResumeThread
GetSystemDefaultLCID
TerminateProcess
CloseHandle
SetEvent
GetTickCount
GetProcAddress
lstrlenW
GetVersionExA
DisableThreadLibraryCalls
FreeLibrary
GetSystemDirectoryA
LoadLibraryA
LocalFree
lstrcpyA
LocalAlloc
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
lstrlenA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
LockResource
_lopen
_lread
_lclose
WriteFile
FindResourceW
OutputDebugStringA
GetModuleHandleA
CreateFileA
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
FindResourceA
LoadResource
SizeofResource
GetModuleFileNameA
lstrcatA
WaitForSingleObject

advapi32

RegEnumKeyExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegSetValueExA

ole32

CoTaskMemFree
CoMarshalInterThreadInterfaceInStream
CoCreateInstance
CoCreateGuid
OleInitialize
CoGetInterfaceAndReleaseStream
OleUninitialize
StringFromCLSID

gdi32

ExtTextOutW
GetTextAlign
SetTextAlign
DeleteDC
GetDeviceCaps
CreateICA
GetPaletteEntries
CreateHalftonePalette
GetSystemPaletteEntries
DeleteObject
StretchBlt
SelectObject
CreateCompatibleDC
GetObjectA
CreatePen
CreateHatchBrush
CreateSolidBrush
CreateBrushIndirect
Polyline
SetBkColor
SetBkMode
Rectangle
RoundRect
Ellipse
SetTextColor

msacm32

acmStreamUnprepareHeader
acmStreamConvert
acmStreamPrepareHeader
acmStreamSize
acmStreamOpen
acmStreamClose

user32

LoadStringA
CharNextA
GetWindowRect
GetDC
ReleaseDC
LoadImageA
wsprintfA

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantInit
SysStringLen
SysStringByteLen
VariantChangeType
LoadTypeLi
RegisterTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 367KB - Virtual size: 366KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
help.chm
.chm
msdxm.oca
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msdxm.ocx
.dll regsvr32 windows:5 windows x86 arch:x86

679896098842047b8c2d59c2fff2c5ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_onexit
__dllonexit
_adjust_fdiv
_initterm
wcstok
strncpy
_pctype
strrchr
tolower
wcspbrk
_wcsdup
memmove
wcsncat
wcsncmp
_ui64tow
_wcslwr
wprintf
iswctype
swprintf
swscanf
_wtoi
_itow
_ltow
wcsstr
malloc
_HUGE
_ftol
_wcsicmp
wcslen
wcsncpy
??2@YAPAXI@Z
wcscmp
??3@YAXPAX@Z
_wtol
_purecall
realloc
rand
srand
_snwprintf
_wcsnicmp
wcsrchr
free
atoi
wcscpy
wcschr
wcstol
wcscat

kernel32

HeapDestroy
InitializeCriticalSection
WaitForSingleObject
DeleteCriticalSection
GlobalAlloc
GlobalUnlock
FindClose
GlobalLock
FindFirstFileW
FindNextFileW
ReadFile
GetNumberFormatW
GetTimeFormatW
GetDateFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
ReleaseMutex
lstrcmpW
GetShortPathNameW
CreateDirectoryW
CreateProcessW
GetSystemDirectoryW
GetPrivateProfileStringW
GetProfileStringW
ExpandEnvironmentStringsW
WriteProfileStringW
DisableThreadLibraryCalls
WriteFile
DeleteFileW
GetCommandLineW
LockResource
MulDiv
CreateMutexW
CreateEventW
SetEvent
TerminateProcess
ResumeThread
FreeResource
WritePrivateProfileStringW
WinExec
LocalFree
LocalAlloc
Sleep
GetSystemDefaultLCID
GetTempPathW
OpenFileMappingW
OpenEventW
WaitForSingleObjectEx
GetModuleHandleW
GetSystemTimeAsFileTime
lstrcpyA
GetCurrentProcessId
GetSystemTime
SystemTimeToFileTime
GetSystemInfo
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
CreateFileW
GetFileSize
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
lstrlenA
lstrcpynW
GetCurrentDirectoryW
GetProcAddress
WideCharToMultiByte
GetWindowsDirectoryW
_lopen
_llseek
_lclose
GetFileAttributesW
GetVersionExW
GetModuleFileNameW
LoadLibraryW
CloseHandle
CreateThread
FreeLibrary
FreeLibraryAndExitThread
SearchPathW
GetLastError
InterlockedDecrement
InterlockedIncrement
GetThreadLocale
GetTickCount
GetComputerNameW
GetVolumeInformationW
FormatMessageW
lstrlenW
lstrcpyW
lstrcatW
lstrcmpiW
GetUserDefaultLCID
LoadLibraryA
RaiseException
InterlockedExchange
GetCurrentProcess
OpenMutexW
GetCurrentThreadId
GetLocaleInfoW
IsBadStringPtrW

advapi32

RegQueryInfoKeyW
RegOpenKeyExW
RegCloseKey
RegEnumKeyExW
RegEnumValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyW
RegQueryValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyW
RegQueryValueW

ole32

OleLoadFromStream
OleSaveToStream
WriteClassStm
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoUninitialize
CoCreateGuid
StringFromCLSID
CoRevokeClassObject
CoRegisterClassObject
CreateItemMoniker
GetRunningObjectTable
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
CreateBindCtx
OleLockRunning
DoDragDrop
CoDisconnectObject
ProgIDFromCLSID
OleUninitialize
CreateOleAdviseHolder
OleInitialize
CLSIDFromString
StringFromGUID2
CoTaskMemFree

oleaut32

SafeArrayAccessData
OleCreatePropertyFrame
SafeArrayCreate
SafeArrayUnaccessData
CreateErrorInfo
LoadTypeLi
RegisterTypeLi
SysStringByteLen
SetErrorInfo
LoadRegTypeLi
SysAllocStringLen
VarI4FromStr
VariantChangeType
SysStringLen
VariantInit
VariantClear
SysFreeString
SysAllocString
SysAllocStringByteLen

user32

GetWindowRect
EnableWindow
EndDialog
DialogBoxParamW
IsWindowVisible
SetWindowTextW
SetWindowPos
CreateWindowExW
RegisterClassW
GetClassInfoW
CreateDialogParamW
CloseDesktop
OpenDesktopW
SystemParametersInfoA
SetForegroundWindow
IsIconic
FindWindowExW
PostMessageW
GetMessageW
IsWindow
SetWindowRgn
IntersectRect
EndPaint
GetClientRect
BeginPaint
ReleaseDC
GetDC
GetWindow
GetDlgItem
MapWindowPoints
SystemParametersInfoW
GetWindowLongW
SetWindowLongW
MsgWaitForMultipleObjects
SetDlgItemTextW
RegisterClassExW
GetClassInfoExW
CallWindowProcW
SendDlgItemMessageW
GetDlgItemInt
IsDlgButtonChecked
SetDlgItemInt
CheckDlgButton
MoveWindow
SetTimer
KillTimer
LoadIconW
DestroyIcon
GetDlgItemTextW
CharUpperW
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
FillRect
PostQuitMessage
WinHelpW
IsDialogMessageW
GetDialogBaseUnits
PtInRect
UnionRect
DestroyCursor
GetKeyState
ClientToScreen
ScreenToClient
GetUpdateRect
GetAsyncKeyState
TranslateAcceleratorW
SendNotifyMessageW
SetClassLongW
GetWindowTextW
PeekMessageW
AdjustWindowRectEx
ReleaseCapture
SetCapture
GetCapture
InvalidateRgn
ValidateRect
GetDlgCtrlID
ChildWindowFromPoint
LoadBitmapW
DrawIconEx
GetDesktopWindow
WindowFromPoint
GetCursor
wsprintfA
SetParent
SetWindowPlacement
GetWindowPlacement
InsertMenuItemW
RemoveMenu
TrackPopupMenuEx
RemovePropW
SetPropW
GetPropW
GetClassNameW
EnumChildWindows
CheckRadioButton
DeleteMenu
CreateMenu
DrawTextW
GetMenu
GetMenuItemRect
GetMenuItemCount
DrawEdge
LoadStringA
CharPrevW
SendMessageTimeoutW
GetMenuStringW
EnumWindows
EnumDesktopWindows
GetThreadDesktop
GetMenuState
MenuItemFromPoint
GetMenuItemInfoW
AppendMenuW
DrawMenuBar
CheckMenuRadioItem
EnableMenuItem
CheckMenuItem
EqualRect
MessageBoxW
LoadImageW
GetIconInfo
LoadStringW
UpdateWindow
CharNextW
GetActiveWindow
GetLastActivePopup
ShowWindow
SetFocus
IsWindowEnabled
SendMessageW
GetSysColor
LoadAcceleratorsW
LoadCursorW
DestroyWindow
DestroyMenu
DefWindowProcW
SetRect
TrackPopupMenu
GetSubMenu
InsertMenuW
wsprintfW
TranslateMessage
DispatchMessageW
InvalidateRect
GetParent
GetSystemMetrics
LoadMenuW
GetCursorPos
SetCursor
GetNextDlgTabItem
GetClassLongW
SetRectEmpty
CreatePopupMenu

gdi32

CreateRectRgn
Polyline
GetTextAlign
Polygon
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateHalftonePalette
SelectClipRgn
GetDIBColorTable
RealizePalette
GetClipBox
SelectPalette
OffsetWindowOrgEx
StretchDIBits
CreatePalette
GetTextMetricsW
SetTextAlign
CreateFontIndirectW
Rectangle
GetTextExtentPointW
SelectObject
SetBkMode
MoveToEx
LineTo
TextOutW
SetBkColor
SetTextColor
LPtoDP
CreateDCW
GetDeviceCaps
DeleteDC
SetMapMode
SetViewportOrgEx
SetWindowOrgEx
CreateMetaFileW
SaveDC
CloseMetaFile
SetWindowExtEx
RestoreDC
GetStockObject
DeleteMetaFile
CreateRectRgnIndirect
CreatePen
GetObjectW
CreateSolidBrush
GetTextExtentPoint32W
GetBkMode
ExtTextOutW
PatBlt
CreateDIBitmap
DeleteObject
GetOutlineTextMetricsW

shell32

SHChangeNotify
ExtractIconExW
SHFileOperationW
DragAcceptFiles
SHLoadInProc
DragFinish
DragQueryFileW
SHGetFileInfoW
SHGetMalloc
SHGetDesktopFolder
ShellExecuteW

quartz

AmpFactorToDB
DBToAmpFactor

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
RunDll
RunDllW

Sections

.text
Size: 493KB - Virtual size: 492KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
oleaut32.dll
.dll regsvr32 windows:4 windows x86 arch:x86

d7112004d3c345a2ed68d74bba3d37f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ole32

StgCreateDocfileOnILockBytes
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
MkParseDisplayName
StgCreateDocfile
CreateBindCtx
CoCreateInstance
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
CoSetState
ReleaseStgMedium
CoGetClassObject
StringFromGUID2
CreateItemMoniker
GetRunningObjectTable
CoGetMalloc
CLSIDFromString
CoUnmarshalInterface
CoMarshalInterface
CoUnmarshalHresult
CoMarshalHresult

user32

CreateWindowExA
RegisterClipboardFormatA
RegisterClassA
GetClassInfoA
GetWindowLongA
IsWindow
DestroyWindow
DefWindowProcA
GetSysColor
SetWindowLongA
SetFocus
SetActiveWindow
GetActiveWindow
PostQuitMessage
PostMessageA
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageW
GetMessageA
SendMessageA
EnableWindow
GetParent
GetFocus
CharNextA
GetWindowTextA
CharLowerA
SendMessageW
GetDlgItem
GetKeyState
ReleaseDC
GetDialogBaseUnits
GetDC
GetClientRect
IsWindowUnicode
GetTopWindow
WinHelpA
wsprintfA
DestroyIcon
CreateIcon
CreateCursor
DrawIcon
GetSystemMetrics
GetIconInfo
CopyIcon
CopyImage

gdi32

GetWindowOrgEx
CreateHalftonePalette
CreateDIBitmap
CreateDIBSection
Escape
SetBitmapBits
SetDIBits
PlayMetaFileRecord
CreatePalette
GetEnhMetaFileBits
GetMetaFileBitsEx
CreateCompatibleDC
BitBlt
DeleteDC
CreateCompatibleBitmap
GetBitmapBits
SetEnhMetaFileBits
SaveDC
IntersectClipRect
GetPaletteEntries
OffsetViewportOrgEx
PlayEnhMetaFile
EnumMetaFile
RestoreDC
SetStretchBltMode
SetBkColor
SetTextColor
SetMapMode
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
GetWinMetaFileBits
GetCurrentObject
GetObjectType
GetStockObject
SelectPalette
RealizePalette
StretchBlt
GetDIBits
StretchDIBits
GetObjectA
GetBitmapDimensionEx
GetEnhMetaFileHeader
SetMetaFileBitsEx
CreateBitmap
PatBlt
DeleteEnhMetaFile
DeleteMetaFile
GetTextExtentPointA
GetDeviceCaps
SelectObject
GetTextMetricsW
GetTextMetricsA
GetTextFaceW
GetTextFaceA
EnumFontFamiliesExA
CreateFontIndirectA
DeleteObject

kernel32

LoadLibraryA
GlobalSize
FreeLibrary
LockResource
FlushFileBuffers
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
GetCurrentDirectoryA
VirtualAlloc
HeapSize
HeapReAlloc
RaiseException
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
ExitProcess
DeleteFileA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
HeapFree
HeapAlloc
SetEnvironmentVariableA
SetFilePointer
GetLocalTime
MultiByteToWideChar
GetProcAddress
SetStdHandle
GetLocaleInfoA
GetSystemDefaultLCID
GetUserDefaultLCID
GetVersionExA
TlsGetValue
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
GetModuleHandleA
CompareStringA
CompareStringW
LCMapStringA
LCMapStringW
GetStringTypeExA
GetStringTypeExW
GetLocaleInfoW
GetLastError
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
IsBadWritePtr
IsBadReadPtr
InterlockedExchange
GetVersion
IsDBCSLeadByte
MulDiv
RtlUnwind
GetDriveTypeA
LoadResource
FindResourceA
_lclose
_lread
_lwrite
_llseek
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
MapViewOfFile
GlobalHandle
GlobalReAlloc
GlobalDeleteAtom
GlobalAddAtomA
lstrlenW
GetDriveTypeW
TlsAlloc
_lopen
lstrcmpiA
UnmapViewOfFile
CloseHandle
TlsSetValue
GetSystemInfo
CreateFileMappingA
GetFileSize
SearchPathA
TlsFree
CreateFileA
SetErrorMode
GetFullPathNameA
SetLastError
GetCommandLineA

advapi32

RegOpenKeyW
RegQueryInfoKeyA
RegDeleteKeyA
RegCreateKeyW
RegQueryValueExW
RegSetValueExW
RegQueryValueW
RegEnumKeyW
RegCloseKey
RegFlushKey
RegSetValueA
RegEnumKeyA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyA
RegSetValueExA

Exports

Exports

BSTR_UserFree
BSTR_UserMarshal
BSTR_UserSize
BSTR_UserUnmarshal
BstrFromVector
ClearCustData
CreateDispTypeInfo
CreateErrorInfo
CreateStdDispatch
CreateTypeLib
CreateTypeLib2
DispCallFunc
DispGetIDsOfNames
DispGetParam
DispInvoke
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
DosDateTimeToVariantTime
GetActiveObject
GetAltMonthNames
GetErrorInfo
GetRecordInfoFromGuids
GetRecordInfoFromTypeInfo
LHashValOfNameSys
LHashValOfNameSysA
LPSAFEARRAY_Marshal
LPSAFEARRAY_Size
LPSAFEARRAY_Unmarshal
LPSAFEARRAY_UserFree
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserSize
LPSAFEARRAY_UserUnmarshal
LoadRegTypeLib
LoadTypeLib
LoadTypeLibEx
OACreateTypeLib2
OaBuildVersion
OleCreateFontIndirect
OleCreatePictureIndirect
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPicture
OleLoadPictureEx
OleLoadPictureFile
OleLoadPictureFileEx
OleLoadPicturePath
OleSavePictureFile
OleTranslateColor
QueryPathOfRegTypeLib
RegisterActiveObject
RegisterTypeLib
RevokeActiveObject
SafeArrayAccessData
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayAllocDescriptorEx
SafeArrayCopy
SafeArrayCopyData
SafeArrayCreate
SafeArrayCreateEx
SafeArrayCreateVector
SafeArrayCreateVectorEx
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayGetDim
SafeArrayGetElement
SafeArrayGetElemsize
SafeArrayGetIID
SafeArrayGetLBound
SafeArrayGetRecordInfo
SafeArrayGetUBound
SafeArrayGetVartype
SafeArrayLock
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SafeArraySetIID
SafeArraySetRecordInfo
SafeArrayUnaccessData
SafeArrayUnlock
SetErrorInfo
SysAllocString
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
SysReAllocString
SysReAllocStringLen
SysStringByteLen
SysStringLen
SystemTimeToVariantTime
UnRegisterTypeLib
UserBSTR_free_inst
UserBSTR_free_local
UserBSTR_from_local
UserBSTR_to_local
UserEXCEPINFO_free_inst
UserEXCEPINFO_free_local
UserEXCEPINFO_from_local
UserEXCEPINFO_to_local
UserHWND_free_inst
UserHWND_free_local
UserHWND_from_local
UserHWND_to_local
UserMSG_free_inst
UserMSG_free_local
UserMSG_from_local
UserMSG_to_local
UserVARIANT_free_inst
UserVARIANT_free_local
UserVARIANT_from_local
UserVARIANT_to_local
VARIANT_UserFree
VARIANT_UserMarshal
VARIANT_UserSize
VARIANT_UserUnmarshal
VarAbs
VarAdd
VarAnd
VarBoolFromCy
VarBoolFromDate
VarBoolFromDec
VarBoolFromDisp
VarBoolFromI1
VarBoolFromI2
VarBoolFromI4
VarBoolFromR4
VarBoolFromR8
VarBoolFromStr
VarBoolFromUI1
VarBoolFromUI2
VarBoolFromUI4
VarBstrCat
VarBstrCmp
VarBstrFromBool
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarBstrFromDisp
VarBstrFromI1
VarBstrFromI2
VarBstrFromI4
VarBstrFromR4
VarBstrFromR8
VarBstrFromUI1
VarBstrFromUI2
VarBstrFromUI4
VarCat
VarCmp
VarCyAbs
VarCyAdd
VarCyCmp
VarCyCmpR8
VarCyFix
VarCyFromBool
VarCyFromDate
VarCyFromDec
VarCyFromDisp
VarCyFromI1
VarCyFromI2
VarCyFromI4
VarCyFromR4
VarCyFromR8
VarCyFromStr
VarCyFromUI1
VarCyFromUI2
VarCyFromUI4
VarCyInt
VarCyMul
VarCyMulI4
VarCyNeg
VarCyRound
VarCySub
VarDateFromBool
VarDateFromCy
VarDateFromDec
VarDateFromDisp
VarDateFromI1
VarDateFromI2
VarDateFromI4
VarDateFromR4
VarDateFromR8
VarDateFromStr
VarDateFromUI1
VarDateFromUI2
VarDateFromUI4
VarDateFromUdate
VarDateFromUdateEx
VarDecAbs
VarDecAdd
VarDecCmp
VarDecCmpR8
VarDecDiv
VarDecFix
VarDecFromBool
VarDecFromCy
VarDecFromDate
VarDecFromDisp
VarDecFromI1
VarDecFromI2
VarDecFromI4
VarDecFromR4
VarDecFromR8
VarDecFromStr
VarDecFromUI1
VarDecFromUI2
VarDecFromUI4
VarDecInt
VarDecMul
VarDecNeg
VarDecRound
VarDecSub
VarDiv
VarEqv
VarFix
VarFormat
VarFormatCurrency
VarFormatDateTime
VarFormatFromTokens
VarFormatNumber
VarFormatPercent
VarI1FromBool
VarI1FromCy
VarI1FromDate
VarI1FromDec
VarI1FromDisp
VarI1FromI2
VarI1FromI4
VarI1FromR4
VarI1FromR8
VarI1FromStr
VarI1FromUI1
VarI1FromUI2
VarI1FromUI4
VarI2FromBool
VarI2FromCy
VarI2FromDate
VarI2FromDec
VarI2FromDisp
VarI2FromI1
VarI2FromI4
VarI2FromR4
VarI2FromR8
VarI2FromStr
VarI2FromUI1
VarI2FromUI2
VarI2FromUI4
VarI4FromBool
VarI4FromCy
VarI4FromDate
VarI4FromDec
VarI4FromDisp
VarI4FromI1
VarI4FromI2
VarI4FromR4
VarI4FromR8
VarI4FromStr
VarI4FromUI1
VarI4FromUI2
VarI4FromUI4
VarIdiv
VarImp
VarInt
VarMod
VarMonthName
VarMul
VarNeg
VarNot
VarNumFromParseNum
VarOr
VarParseNumFromStr
VarPow
VarR4CmpR8
VarR4FromBool
VarR4FromCy
VarR4FromDate
VarR4FromDec
VarR4FromDisp
VarR4FromI1
VarR4FromI2
VarR4FromI4
VarR4FromR8
VarR4FromStr
VarR4FromUI1
VarR4FromUI2
VarR4FromUI4
VarR8FromBool
VarR8FromCy
VarR8FromDate
VarR8FromDec
VarR8FromDisp
VarR8FromI1
VarR8FromI2
VarR8FromI4
VarR8FromR4
VarR8FromStr
VarR8FromUI1
VarR8FromUI2
VarR8FromUI4
VarR8Pow
VarR8Round
VarRound
VarSub
VarTokenizeFormatString
VarUI1FromBool
VarUI1FromCy
VarUI1FromDate
VarUI1FromDec
VarUI1FromDisp
VarUI1FromI1
VarUI1FromI2
VarUI1FromI4
VarUI1FromR4
VarUI1FromR8
VarUI1FromStr
VarUI1FromUI2
VarUI1FromUI4
VarUI2FromBool
VarUI2FromCy
VarUI2FromDate
VarUI2FromDec
VarUI2FromDisp
VarUI2FromI1
VarUI2FromI2
VarUI2FromI4
VarUI2FromR4
VarUI2FromR8
VarUI2FromStr
VarUI2FromUI1
VarUI2FromUI4
VarUI4FromBool
VarUI4FromCy
VarUI4FromDate
VarUI4FromDec
VarUI4FromDisp
VarUI4FromI1
VarUI4FromI2
VarUI4FromI4
VarUI4FromR4
VarUI4FromR8
VarUI4FromStr
VarUI4FromUI1
VarUI4FromUI2
VarUdateFromDate
VarWeekdayName
VarXor
VariantChangeType
VariantChangeTypeEx
VariantClear
VariantCopy
VariantCopyInd
VariantInit
VariantTimeToDosDateTime
VariantTimeToSystemTime
VectorFromBstr

Sections

.text
Size: 520KB - Virtual size: 519KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
olepro32.dll
.dll regsvr32 windows:4 windows x86 arch:x86

8f50e2228a97d0224410529663a78a82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
GlobalAddAtomA
GlobalDeleteAtom
GlobalReAlloc
GlobalHandle
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
LockResource
FreeLibrary
MulDiv
IsDBCSLeadByte
LoadLibraryA
InterlockedDecrement
HeapDestroy
SetFilePointer
SetStdHandle
CloseHandle
FlushFileBuffers
RaiseException
GetLocaleInfoW
InterlockedIncrement
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetProcAddress
WideCharToMultiByte
VirtualAlloc
LCMapStringW
LCMapStringA
WriteFile
VirtualFree
HeapCreate
GetCommandLineA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
ExitProcess
HeapFree
HeapAlloc
GetVersion
GetLastError
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
RtlUnwind

user32

GetMessageA
SendMessageA
EnableWindow
CopyIcon
GetIconInfo
CopyImage
DrawIcon
CreateCursor
GetSystemMetrics
DestroyIcon
wsprintfA
GetSysColor
SetWindowLongA
GetWindowLongA
DestroyWindow
SetFocus
IsWindow
SetActiveWindow
GetActiveWindow
PostQuitMessage
PostMessageA
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageW
RegisterClipboardFormatA
GetDlgItem
CreateIcon
GetParent
GetFocus
CharNextA
GetWindowTextA
CharLowerA
SendMessageW
GetDC
GetKeyState
ReleaseDC
GetDialogBaseUnits
GetClientRect
IsWindowUnicode
GetTopWindow
WinHelpA

gdi32

SetViewportExtEx
SetMapMode
SetTextColor
DeleteDC
CreateCompatibleBitmap
PatBlt
DeleteEnhMetaFile
DeleteMetaFile
GetTextExtentPointA
GetPaletteEntries
DeleteObject
CreateFontIndirectA
EnumFontFamiliesExA
GetTextFaceA
GetTextFaceW
GetTextMetricsA
GetTextMetricsW
SelectObject
GetDeviceCaps
CreateBitmap
SetMetaFileBitsEx
GetEnhMetaFileHeader
GetBitmapDimensionEx
GetObjectA
StretchDIBits
GetDIBits
StretchBlt
RealizePalette
SelectPalette
GetStockObject
GetObjectType
GetCurrentObject
CreateHalftonePalette
CreateDIBitmap
CreateDIBSection
Escape
SetBitmapBits
SetDIBits
PlayMetaFileRecord
CreatePalette
GetEnhMetaFileBits
GetMetaFileBitsEx
CreateCompatibleDC
BitBlt
SetViewportOrgEx
GetWinMetaFileBits
GetBitmapBits
SetEnhMetaFileBits
SaveDC
IntersectClipRect
GetWindowOrgEx
OffsetViewportOrgEx
PlayEnhMetaFile
EnumMetaFile
RestoreDC
SetStretchBltMode
SetBkColor
SetWindowOrgEx
SetWindowExtEx

ole32

ReleaseStgMedium
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
StgCreateDocfile
CoCreateInstance
StringFromGUID2
CoGetMalloc

advapi32

RegFlushKey
RegQueryValueA
RegSetValueA
RegCreateKeyA
RegOpenKeyA
RegCloseKey

oleaut32

SysAllocString
VariantClear
VariantChangeType
SysFreeString
VariantInit
LoadTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
OleCreateFontIndirect
OleCreatePictureIndirect
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPicture
OleTranslateColor

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
res/Default.ico
res/kpl.ico
skins/¾µä½çÃæ.gif
.gif
skins/À¶É«´¿Õý.gif
.gif
skins/À¶É«µÑÅ.gif
.gif
skins/À¶ÑÅÇàÂÌ.gif
.gif
skins/ÂÌÉ«µÑÅ.gif
.gif
skins/ÂÌÒâ°»È».gif
.gif
skins/×ÏÉ«Ë®¾§.gif
.gif
skins/×Øºì±¾É«.gif
.gif
stdole2.tlb
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninst.exe
.exe windows:4 windows x86 arch:x86

dd1742eadfc6df18ded3c26ae64ad610

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
CloseHandle
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
ExitProcess

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/FindProcDLL.dll
.dll windows:4 windows x86 arch:x86

c480ee4d2a64d4a16edee43fdfe35079

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
OpenProcess
LoadLibraryA
CloseHandle
GetProcAddress
GetVersionExA
GlobalFree
lstrcpyA
HeapCreate
VirtualFree
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
FreeLibrary
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
DisableThreadLibraryCalls
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetACP
GetOEMCP
WriteFile
VirtualAlloc
RtlUnwind
GetStringTypeA
GetStringTypeW
GetCPInfo

user32

wsprintfA

Exports

Exports

FindProc

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
Ðí¿ÉÐÒé.txt
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

dd1742eadfc6df18ded3c26ae64ad610

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 56KB

.rsrc Size: 8KB - Virtual size: 7KB

711c893e4d8189fd14b6563a4e35e663

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 994B

.rdata Size: 1024B - Virtual size: 871B

.data Size: - Virtual size: 300B

.reloc Size: 512B - Virtual size: 220B

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 1012B

946eb0a1e85c9ade4acaf634eb5a64f1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 697B

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 352B

.reloc Size: 512B - Virtual size: 264B

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 56KB

.rsrc
Size: 8KB - Virtual size: 7KB

.text
Size: 1024B - Virtual size: 994B

.rdata
Size: 1024B - Virtual size: 871B

.data
Size: - Virtual size: 300B

.reloc
Size: 512B - Virtual size: 220B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 1012B

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 697B

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 264B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 92B

.reloc
Size: 512B - Virtual size: 496B

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 409B

.data
Size: 512B - Virtual size: 68B

.reloc
Size: 512B - Virtual size: 186B

.text
Size: 368KB - Virtual size: 366KB

.data
Size: 4KB - Virtual size: 16KB

.rsrc
Size: 332KB - Virtual size: 329KB

.reloc
Size: 32KB - Virtual size: 28KB

03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10
Certificate

fc:a4:a5:9f:2c:0f:c0:b9:03:98:33:1b:7b:54:54:1d
Certificate

75:f2:8e:f8:a8:fb:ea:6d:11:52:97:14:95:4b:65:5c
Certificate

.text
Size: 69KB - Virtual size: 68KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 51KB - Virtual size: 51KB

.reloc
Size: 5KB - Virtual size: 5KB

.text
Size: 368KB - Virtual size: 366KB

.data
Size: 4KB - Virtual size: 16KB

.rsrc
Size: 332KB - Virtual size: 329KB

.reloc
Size: 32KB - Virtual size: 28KB