24e98be52d4119c1130bd13b5eb36aed_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

24e98be52d4119c1130bd13b5eb36aed_JaffaCakes118
Size

5.0MB
MD5

24e98be52d4119c1130bd13b5eb36aed
SHA1

197f2b1ba00216d707a7cc1434378c76da266031
SHA256

f3f4ba0e2c39672f5218088bf2b136bfb81753e7ef2338c74f43d47e6a69ee5d
SHA512

cb343741d1071552766944b5b90d805cfd576abe61bd3a7e423aa8bc9b498a9929827a45fee8bd3d2e5cd313975114f79770d3e8c2d9320fa39652813e296e4c
SSDEEP

98304:IuMi/jy2Y8DEMxmNYYNe/0VOUmwaFjsmKuz0zWcQ1EjyIZ/FpHoP85+j4ourY:Ia/jy2YWdYNqSOOMjsmZkfQkdyxnurY

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/keygen36.exe	upx

Unsigned PE 87 IoCs

Checks for missing Authenticode signature.

resource
unpack001/keygen36.exe
unpack002/out.upx
unpack003/$PLUGINSDIR/InstallOptions.dll
unpack003/$PLUGINSDIR/StartMenu.dll
unpack003/$PLUGINSDIR/nsis_reg.dll
unpack003/Viewer/MFP.dll
unpack003/Viewer/SCCUT.DLL
unpack003/Viewer/demet.dll
unpack003/Viewer/exgdsf.dll
unpack003/Viewer/exhtml.dll
unpack003/Viewer/ibfpx2.flt
unpack003/Viewer/ibgp42.flt
unpack003/Viewer/ibjpg2.flt
unpack003/Viewer/ibpcd2.flt
unpack003/Viewer/ibxbm2.flt
unpack003/Viewer/ibxpm2.flt
unpack003/Viewer/ibxwd2.flt
unpack003/Viewer/libgfl267.dll
unpack003/Viewer/oswin32.dll
unpack003/Viewer/sccanno.dll
unpack003/Viewer/sccca.dll
unpack003/Viewer/sccch.dll
unpack003/Viewer/sccda.dll
unpack003/Viewer/sccdu.dll
unpack003/Viewer/sccex.dll
unpack003/Viewer/sccfa.dll
unpack003/Viewer/sccfi.dll
unpack003/Viewer/sccfmt.dll
unpack003/Viewer/sccfut.dll
unpack003/Viewer/sccimg.dll
unpack003/Viewer/sccind.dll
unpack003/Viewer/scclo.dll
unpack003/Viewer/sccole2.dll
unpack003/Viewer/vsacs.dll
unpack003/Viewer/vsbdr.dll
unpack003/Viewer/vsbmp.dll
unpack003/Viewer/vscgm.dll
unpack003/Viewer/vsemf.dll
unpack003/Viewer/vsexe2.dll
unpack003/Viewer/vsfax.dll
unpack003/Viewer/vsgdsf.dll
unpack003/Viewer/vsgif.dll
unpack003/Viewer/vsgzip.dll
unpack003/Viewer/vshtml.dll
unpack003/Viewer/vsid3.dll
unpack003/Viewer/vsimg.dll
unpack003/Viewer/vsjbg2.dll
unpack003/Viewer/vslzh.dll
unpack003/Viewer/vsm11.dll
unpack003/Viewer/vsmpp.dll
unpack003/Viewer/vsmsg.dll
unpack003/Viewer/vsmsw.dll
unpack003/Viewer/vspbm.dll
unpack003/Viewer/vspcx.dll
unpack003/Viewer/vspdf.dll
unpack003/Viewer/vspdfi.dll
unpack003/Viewer/vspdx.dll
unpack003/Viewer/vspfs.dll
unpack003/Viewer/vspgl.dll
unpack003/Viewer/vspng.dll
unpack003/Viewer/vspp12.dll
unpack003/Viewer/vspp2.dll
unpack003/Viewer/vspp7.dll
unpack003/Viewer/vspp97.dll
unpack003/Viewer/vsppl.dll
unpack003/Viewer/vspsp6.dll
unpack003/Viewer/vspst.dll
unpack003/Viewer/vspstf.dll
unpack003/Viewer/vsrtf.dll
unpack003/Viewer/vsswf.dll
unpack003/Viewer/vstext.dll
unpack003/Viewer/vstga.dll
unpack003/Viewer/vstif6.dll
unpack003/Viewer/vsvw3.dll
unpack003/Viewer/vsw12.dll
unpack003/Viewer/vsw6.dll
unpack003/Viewer/vsw97.dll
unpack003/Viewer/vswbmp.dll
unpack003/Viewer/vswmf.dll
unpack003/Viewer/vswml.dll
unpack003/Viewer/vsword.dll
unpack003/Viewer/vsxl12.dll
unpack003/Viewer/vsxl5.dll
unpack003/Viewer/vsxml.dll
unpack003/Viewer/vsyim.dll
unpack003/Viewer/vszip.dll
unpack003/Viewer/wvcore.dll

NSIS installer 1 IoCs

installer

resource	yara_rule
static1/unpack001/rsd_en_3-setup.exe	nsis_installer_1

Files

24e98be52d4119c1130bd13b5eb36aed_JaffaCakes118
.rar
keygen36.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
rsd_en_3-setup.exe
.exe windows:4 windows x86 arch:x86

9c523d8653da5455667e3f82274f2f88

Code Sign

01:00:00:00:00:01:11:76:56:e2:55
Certificate

Issuer

CN=GlobalSign ObjectSign CA,OU=ObjectSign CA,O=GlobalSign nv-sa,C=BE

Not Before

21/03/2007, 21:11

Not After

21/03/2009, 21:11

Subject

CN=R-tools technology Inc.,O=R-tools technology Inc.,C=CA,1.2.840.113549.1.9.1=#0c0f6f666669636540722d74742e636f6d

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageKeyEncipherment
KeyUsageDataEncipherment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:08:d9:61:1c:d6
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

28/01/1999, 12:00

Not After

27/01/2014, 11:00

Subject

CN=GlobalSign Primary Object Publishing CA,OU=Primary Object Publishing CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

04:00:00:00:00:01:08:d9:61:24:48
Certificate

Issuer

CN=GlobalSign Primary Object Publishing CA,OU=Primary Object Publishing CA,O=GlobalSign nv-sa,C=BE

Not Before

22/01/2004, 09:00

Not After

27/01/2014, 10:00

Subject

CN=GlobalSign ObjectSign CA,OU=ObjectSign CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

94:85:76:aa:49:17:f7:46:c1:a0:2e:a1:a5:46:53:06:ce:d9:f3:f5
Signer

Actual PE Digest

94:85:76:aa:49:17:f7:46:c1:a0:2e:a1:a5:46:53:06:ce:d9:f3:f5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
lstrcmpiA
CopyFileA
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetCurrentProcess

user32

ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
GetPrivateProfileIntA
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
MultiByteToWideChar
GlobalAlloc

user32

GetDlgCtrlID
GetClientRect
SetWindowRgn
MapWindowPoints
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
PtInRect
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
LoadIconA

gdi32

SetTextColor
GetObjectA
SelectObject
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
CreateCompatibleDC

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/StartMenu.dll
.dll windows:4 windows x86 arch:x86

7d85f9c30f9e87a65fff848de2c96ac1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
GlobalAlloc
MulDiv
GetModuleHandleA
GlobalFree
FindClose
FindNextFileA
FindFirstFileA
lstrcmpiA
lstrcatA
lstrcpyA

user32

GetMessageA
IsDialogMessageA
PostMessageA
CallWindowProcA
TranslateMessage
CheckDlgButton
ShowWindow
LoadIconA
GetClientRect
MoveWindow
ScreenToClient
GetWindowRect
ReleaseDC
GetDC
EnableWindow
SetWindowTextA
SendMessageA
GetWindowTextA
IsDlgButtonChecked
DispatchMessageA
DestroyWindow
GetDlgItem
CreateDialogParamA
SetWindowLongA
wsprintfA
GetWindowLongA

gdi32

GetTextMetricsA
SelectObject

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

Exports

Exports

Init
Select
Show

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 460B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsis_reg.dll
.dll windows:4 windows x86 arch:x86

efb3471654b993a49628943fea0cb973

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
lstrcpyA

user32

wsprintfA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

Exports

Exports

RCheckExpReg

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 594B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/repair.ico
$PLUGINSDIR/rs_tpl_expire.nsi
$PLUGINSDIR/rs_tpl_opts.nsi
$PLUGINSDIR/rs_tpl_repair.nsi
$PLUGINSDIR/rs_tpl_warn.nsi
$PLUGINSDIR/uninstall.ico
RStudio.chm
.chm
Uninstall.exe.nsis
Viewer/MFP.dll
.dll regsvr32 windows:4 windows x86 arch:x86

650a9903062d6f3733f2a76ffe21547e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\main\rsviewer\sources\mfp\release\MFP.pdb

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
RaiseException
GetThreadLocale
SetThreadLocale
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
GetTickCount
InitializeCriticalSection
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetVersionExA
SetUnhandledExceptionFilter

user32

UnregisterClassA

ole32

CoCreateInstance

atl80

ord22
ord18
ord15
ord32
ord61
ord23
ord30
ord64

msvcr80

_except_handler4_common
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
free
??2@YAPAXI@Z
swscanf_s
_purecall
__CxxFrameHandler3
??3@YAXPAX@Z
memset

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/SCCUT.DLL
.dll .ps1 windows:4 windows x86 arch:x86 polyglot

c9fe8becfb2ad4c686b40011a89e2552

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wvcore

SNGetModuleFileName
Win32VRemoveAssertionListener
Win32VOnAssertionFailure
SNLeaveCriticalSection
SNTranslateException
SNEnterCriticalSection
SNCreateCriticalSection
SNDestroyCriticalSection
Win32VGetOutputVtable
Win32VGetOutputSolutionByType
Win32VSetDefaultOutputSolutionForType
Win32VGetOutputSolutionByName
Win32VDebugString
SPStringToBytes
Win32VDeinit
SPStringLength
SNFreeLibrary
SNLoadLibrary
Win32VSetHandleUserData
Win32VAddAssertionListener
Win32VCreateHandle
Win32VDestroyHandle
SNLoadString
SNLoadStringW
Win32VInit
SPBytesToString

kernel32

TlsSetValue
LoadResource
LockResource
DeleteFileW
GetSystemTime
FindResourceExA
GetLastError
TlsAlloc
GetOEMCP
LocalAlloc
TlsGetValue
LocalFree
TlsFree
GetPrivateProfileStringA
GetWindowsDirectoryA
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
GetModuleFileNameA
CreateFileA
CreateFileW
GetVersion
WideCharToMultiByte
DeleteFileA
RaiseException
CloseHandle
SetFilePointer
ReadFile
WriteFile
FileTimeToDosDateTime
GetFileTime
GetFileSize
ExpandEnvironmentStringsA
GetEnvironmentVariableA
GetTempFileNameA
GetTempPathA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
lstrcpyA
MultiByteToWideChar
OpenFile
lstrcmpiA
GetVersionExA
GetACP
GetProfileStringA
GetProfileIntA
lstrcmpA

user32

SetCursor
LoadStringW
wsprintfA
GetSystemMetrics
OemToCharA
LoadCursorA
LoadStringA

advapi32

RegSetValueExW
RegEnumValueA
RegEnumValueW
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

ole32

StgOpenStorage
StgCreateDocfile
CoTaskMemFree

msvcrt

memmove
_adjust_fdiv
malloc
_initterm
free
exit
_iob
qsort
floor
isxdigit
mktime
strstr
_except_handler3
strrchr
sprintf
strncmp
fprintf
fflush
_CIpow
isalnum
wcsrchr
isdigit
_ftol
wcsncpy
_itoa
wcslen

Exports

Exports

?IOObjectOpen@@YAHPAPAXKPAXK@Z
CMGetGlobalUnMappableChar
CMSetGlobalUnMappableChar
IOAllocSpec
IOCloseNP
IOCompressClose
IOCompressGetInfo
IOCompressRead
IOCompressSeek
IOCompressTell
IOCompressWrite
IOCreate
IODelete
IOGetInfoNP
IOGetTempFullFileName
IOGetTempFullUnicodeFileName
IOMapIOERR
IOMemClose
IOMemGetInfo
IOMemRead
IOMemSeek
IOMemTell
IOMemWrite
IOOpen
IOPeekBuf
IORangeClose
IORangeGetInfo
IORangeRead
IORangeSeek
IORangeTell
IORangeWrite
IOReadBuf
IOReadNP
IOSeekBuf
IOSeekNP
IOSetFileTime
IOSetInfo
IOTellBuf
IOTellNP
IOTempMemFileClose
IOTempMemFileGetInfo
IOTempMemFileRead
IOTempMemFileSeek
IOTempMemFileTell
IOTempMemFileWrite
IOWriteNP
IOZNodeClose
IOZNodeGetInfo
IOZNodeRead
IOZNodeSeek
IOZNodeTell
IOZNodeWrite
IOZipClose
IOZipGetInfo
IOZipOpen
IOZipRead
IOZipSeek
IOZipSetInfo
IOZipTell
IOZipWrite
LSAddElement
LSClearList
LSCloseList
LSCreateList
LSGetElementByIndex
LSGetListCount
LSGetListElementSize
LSLockElementByIndex
LSOpenList
LSUnlockElementByIndex
LSWriteList
UTAddDelta
UTApplyClipboardOptionChanges
UTApplyDisplayOptionChanges
UTApplyPrintOptionChanges
UTArcIsContainer
UTAsciiToUTF8StringSize
UTAssertDeInit
UTAssertInit
UTAssertionFailure
UTAssertionLogMessage
UTBailOutDebug
UTBailOutRelease
UTBroadcastChanges
UTCacheAdd
UTCacheEmpty
UTCacheInit
UTCacheLock
UTCacheRemove
UTCacheRetrieve
UTCacheUnlock
UTCharSetFromFileID
UTCharSetFromName
UTCheckOptionTrack
UTCleanupGlobalOptions
UTClearAssertionCallback
UTCloseAssertionLogFile
UTConvertUnicodeToUTF8
UTCopyOptionChanges
UTCreateMap
UTCreateOptionDelta
UTCreateStorage
UTDeInit
UTDestroyOptionDelta
UTDetermineAltFontType
UTFinalInit
UTFreeAllocatedOptions
UTFreeLibraryNP
UTGetAnnoHandle
UTGetCharDirection
UTGetEntryPointNP
UTGetErrorString
UTGetFileNameFromPath
UTGetGlobalData
UTGetGlobalOption
UTGetGlobalOptionSet
UTGetLOHandle
UTGetOIVTPath
UTGetOSCharSet
UTGetOption
UTGetString
UTGetSystemError
UTGetUnknownCharSet
UTGetWideFileNameFromPath
UTGetWordErrorString
UTGetWordString
UTGlobalAllocPtrFunc
UTGlobalFreePtrFunc
UTGlobalReAllocPtrFunc
UTInit
UTInitDefaultOptions
UTInitDynamicOptions
UTIsAsian
UTIsHardOptionSet
UTIsLeadByte
UTIsMidEast
UTIsTrailByte
UTLoadDefaultOptions
UTLoadLibraryNP
UTMD5
UTMakeSpec
UTMapCharRtn
UTMapDBText
UTMapDeInit
UTMapInit
UTMultiToDoubleByte
UTOemToChar
UTOpenStorage
UTPopBailOut
UTPushBailOut
UTRC4
UTReleaseAnno
UTReleaseLO
UTReleaseLONP
UTReleaseMap
UTSO2GDIColor
UTSaveDefaultOptions
UTSetAssertionCallback
UTSetAssertionLogFile
UTSetCursor
UTSetGlobalOption
UTSetGlobalOptionSet
UTSetOption
UTSetOptionsKeyPath
UTSetupDllLoadCallback
UTStripFileNameFromPath
UTUTF8CharacterSize
UTUnicodeToUTF8StringSize
UTXMLAddTagMap
UTXMLDeInit
UTXMLFindStringInMap
UTXMLGetAttribute
UTXMLGetDateTime
UTXMLGetDecDWord
UTXMLGetDouble
UTXMLGetNextAttribute
UTXMLGetRGBColor
UTXMLGetStateInfo
UTXMLHexToDW
UTXMLHexToWord
UTXMLInit
UTXMLReadContent
UTXMLReadNextTag
UTXMLRestoreStateInfo
UTXMLRestoreStateInfoEx
UTXMLSkipContent
UTecvt
UTi64tow
UTitow
UTswstrcpy
UTwsprintf
UTwsstrcmp
UTwsstrcpy
UTwsstrncmp
UTwsstrncpy
UTwstrcat
UTwstrcmp
UTwstrcmpi
UTwstrcpy
UTwstrlen
UTwstrncmp
UTwstrncpy
UTwtoi

Sections

.text
Size: 228KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/adinit.dat
Viewer/cmmap000.bin
Viewer/cmmap000.dbc
Viewer/cmmap000.sbc
Viewer/demet.dll
.dll windows:4 windows x86 arch:x86

97cc303405efad9bbb5d25b2a731c618

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wvcore

SNTranslateException
Win32VDestroyHandle
Win32VGetHandleParentByType
Win32VGetHandleUserData
SPDestroyHandle
Win32VGetOutputVtable
Win32VGetHandlePointerFunc

sccch

CHGetItemId
CHGetItemCount
CHNextItemId
CHLockItemRange
CHGetItem
CHReadAhead
CHGetSectionInfo
CHUnlockItemRange

sccut

UTSetCursor
UTCacheRetrieve
UTCacheEmpty
UTwsstrcpy
UTwstrlen
UTBailOutRelease
UTSO2GDIColor

sccdu

DUGetTextWidth
DUStretchBlt
DUTextOut
DUDestroyFont
DUSetVScrollRange
DUDisplayFrame
DUCreateFrame
DUGetLineInfoHnd
OIColorRectNP
DUSetFrameStateDefaultVal
DUSetVScrollPage
DUSetHScrollRange
DUSetHScrollPage
DUDeInitCounterTrack
DUFreeGlyphWidthTables
DUInitCounterTrack
DUSetHScrollPos
DUEnableHScroll
DUSetVScrollPos
DUEnableVScroll
DUCreateFont
DUFreeFontOSHandles
DUFreeFontCache
DUCreatePalette
DUAddToPalette
DUDrawBorder
DUDestroyFrame
GetCellRefContent
DUGetDCFunc
DUSelectPalette
DUSetStyleDefaultVal
DUInitFrameCache
DUCacheFrame
DUSetTextColor
DUGetStyle
DUDeletePalette

sccfmt

FMTDataValFromUnion
FindTagChangeId
FMTDataVal
FMTFormatNumber

kernel32

HeapAlloc
GetProcessHeap
HeapReAlloc
GetVersion
GetVersionExA
HeapFree
DisableThreadLibraryCalls

user32

ScrollWindow
GetDC
GetSysColor
GetCursorPos
DefWindowProcA
SetCapture
ReleaseDC
ReleaseCapture

gdi32

SetMapMode
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
PlayMetaFileRecord
ScaleViewportExtEx
SetMetaFileBitsEx
SetEnhMetaFileBits
GetObjectA
SelectPalette
RealizePalette
GetDIBits
GetPaletteEntries
CreateEnhMetaFileA
CloseEnhMetaFile
EnumMetaFile
GetMetaFileBitsEx
DeleteMetaFile
SetWinMetaFileBits
RestoreDC
PlayEnhMetaFile
DeleteEnhMetaFile

msvcrt

_adjust_fdiv
malloc
_initterm
free
_except_handler3
memmove
floor
ceil
_ftol

Exports

Exports

DEProc

Sections

.text
Size: 212KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/exgdsf.dll
.dll windows:4 windows x86 arch:x86

56122b32a2a15fabd4d831c2569647b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
DisableThreadLibraryCalls
HeapAlloc

sccimg

VwExportCloseFuncEx
VwExportWriteFuncEx
VwExportOpenFuncEx

msvcrt

free
_adjust_fdiv
_initterm
malloc

Exports

Exports

VwAllocProc
VwExportClose
VwExportOpen
VwExportWrite
VwFreeProc
VwGetInfo
VwGetRtns
VwLocalDown
VwLocalUp
VwSetUser

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 715B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/exhtml.dll
.dll windows:4 windows x86 arch:x86

c8319dc767e2a88667cf8ecb4fbfce6e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wvcore

SNGetFileInfo
SNTranslateException
Win32VLoadOS

kernel32

HeapFree
HeapReAlloc
HeapAlloc
GetProcessHeap
InitializeCriticalSection
lstrcmpiA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection

user32

wsprintfA

sccch

CHNextItemId
CHGetSectionInfo
CHGetItems
CHDoFilterSpecial
CHLockItemRange
CHGetItem
CHUnlockItemRange
CHGetItemId
CHGetItemCount
CHPrevItemId

sccda

DAOpenDocument
DAOpenTreeRecordEx
DAGetErrorString
DAGetHDoc
DAGetOption
DAGetSelection
DAUnlockModuleData
DAGetHFile
DASetOption
DARetrieveDocHandle
DAGetTreeRecord
DAGetAnno
DACloneDocHandle
DACloseTreeRecord
DALockModuleData
DAGetHChunker
DACloseDocument
DAGetFileId
DASetFileSpecOption
DAGetHFilter

sccex

LUGetCounterLevel
LUSaveCounterLevel
EXFillBuf
LUInitCounterTrack
LURemoveExactItem
FUConvertASCIIToASCII
FUConvertUnicodeToUTF8
FUConvertBigUnicodeToASCII
FUConvertLittleUnicodeToASCII
FUConvertUnicodeToOppositeUnicode
FUConvertUnicodeToSameUnicode
FUConvertASCIIToBigUnicode
FUConvertASCIIToLittleUnicode
EXCreate
EXCharTell
EXCharSeek
EXCharToBlock
EXBlockToChar
LUDeInitCounterTrack
EXSetHPROC
EXGetParent
EXGetCallbackData
EXGetCallbackFunc
EXOpenExport
EXGetHPROC
EXRunExport
EXCloseExport
EXDoCallback
LUFindExactItem
LUInsertItem
LUCreateList
LUAddItem
LUFreeList
MUAllocateMemory
MUFreeMemory
LURemoveItem
LUBinarySearchList
LUAddSortedItem

sccut

UTwtoi
UTGetFileNameFromPath
UTGetWideFileNameFromPath
UTCharSetFromName
UTMapCharRtn
UTGetUnknownCharSet
UTCreateMap
UTReleaseMap
UTIsLeadByte
IOCreate
UTGetWordErrorString
UTDetermineAltFontType
UTAsciiToUTF8StringSize
UTwsprintf
UTUnicodeToUTF8StringSize
UTwstrcmp
IOOpen
IOMapIOERR
UTGetWordString
UTitow
UTwstrcat
UTwstrcpy
UTwstrlen
UTwstrcmpi

sccfmt

FMTFormatNumber35
FMTDataVal
FMTFormatNumber
FMTGenerateCounterNumber
FMTGenerateLetterNumeral

sccdu

GAPDUDeInit
GAPDuInit

sccanno

ANCompPos
ANTrackAnno
ANStartAnnoTextTrack
ANIsAnnoTextPos
ANGetAnnoText
ANNextPos
ANStartAnnoTrack
ANMapPosition
ANEndAnnoTextTrack
ANEndAnnoTrack

msvcrt

memmove
_isctype
_pctype
free
realloc
malloc
_except_handler3
_ftol
_initterm
_adjust_fdiv
__mb_cur_max

Exports

Exports

GraphicCallback
VwAllocProc
VwExportClose
VwExportOpen
VwExportWrite
VwFreeProc
VwGetInfo
VwGetRtns
VwLocalDown
VwLocalUp
VwSetUser

Sections

.text
Size: 376KB - Virtual size: 374KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/ibfpx2.flt
.dll windows:4 windows x86 arch:x86

70782b9cf74e957c26ed13a859045faa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

isgdi32

ord260
ord3111
ord3143
ord3109
ord3110
ord3103
ord3142
ord3140
ord769
ord518
ord3113
ord3004
ord2817
ord3122
ord3101
ord3108
ord1146
ord1033
ord3102
ord1147
ord263
ord776
ord637
ord10
ord2831
ord102
ord112
ord114
ord113
ord111
ord2820
ord2822
ord5
ord4
ord639
ord519
ord1314
ord3
ord2821
ord2819
ord2563
ord2562
ord2818
ord3141
ord773
ord110
ord11
ord1031
ord3100
ord2721
ord2725

msvcrt

pow
abs
_adjust_fdiv
malloc
_initterm
free
strrchr
sqrt
strtok
atoi
strlen
memcpy
ceil
strncmp
_ftol
fabs
memset
strcat
sprintf
strcpy
labs
_stricmp

kernel32

GlobalFree
GlobalAlloc
GlobalSize
GetPrivateProfileIntA
OpenFile
GetWindowsDirectoryA
GetModuleFileNameA
LocalAlloc
LocalLock
LocalHandle
LocalUnlock
LocalFree
GetPrivateProfileStringA
GlobalUnlock
GlobalLock
WritePrivateProfileStringA
GlobalReAlloc

user32

GetActiveWindow
LoadStringA
wsprintfA

gdi32

DeleteEnhMetaFile
DeleteMetaFile
GetObjectType
DeleteDC
GetDeviceCaps
CreateDCA

Exports

Exports

CreateSetup
DestroySetup
EditSetup
EscapeSetup
GetFileInfo
GetFilterInfo
GetFilterPref
IMSGetFilterVersion
ImportCB
ImportEmbeddedGR
ImportFile
ImportGR

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/ibgp42.flt
.dll windows:4 windows x86 arch:x86

d9ffa06c0ac0e0dc39a747d336db05b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

isgdi32

ord112
ord114
ord102
ord113
ord111
ord2818
ord518
ord110
ord3101
ord2817
ord3103
ord3108
ord1146
ord1147
ord1033
ord3102
ord3100
ord259
ord3004
ord2819
ord1314
ord3
ord637
ord639
ord4
ord5
ord2821
ord519
ord2822
ord2831
ord2562
ord2563
ord2820

msvcrt

strlen
strcat
strcpy
abs
memset
malloc
_initterm
free
memmove
atol
_adjust_fdiv
_stricmp

kernel32

GlobalSize
GetModuleFileNameA
GlobalFree
GlobalUnlock
GlobalLock
LocalFree
LocalLock
LocalAlloc
LocalUnlock
GlobalAlloc
LocalHandle

user32

LoadStringA
GetActiveWindow

gdi32

DeleteEnhMetaFile
GetObjectType
DeleteMetaFile

Exports

Exports

CreateSetup
DestroySetup
EditSetup
EscapeSetup
GetFileInfo
GetFilterInfo
GetFilterPref
IMSGetFilterVersion
ImportCB
ImportEmbeddedGR
ImportFile
ImportGR

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 518B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/ibjpg2.flt
.dll windows:4 windows x86 arch:x86

39ff449ee5e7b52f64447fc622015cc3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

isgdi32

ord1146
ord3004
ord2817
ord3109
ord3122
ord518
ord3102
ord1033
ord1147
ord3113
ord110
ord102
ord3101
ord112
ord637
ord111
ord2820
ord2822
ord5
ord4
ord639
ord3
ord2821
ord2819
ord2563
ord2562
ord3100
ord3108
ord2818
ord2831
ord114
ord113
ord3103

msvcrt

_initterm
malloc
_adjust_fdiv
free
abs
strcat
memcpy
strlen
strncmp
strcpy
memset
_strupr
_stricmp

kernel32

GetModuleFileNameA
GlobalReAlloc
GlobalSize
GlobalHandle
LocalAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
LocalHandle
LocalUnlock
LocalFree
LocalLock

user32

LoadStringA
GetActiveWindow

gdi32

DeleteMetaFile
CreateDCA
GetObjectType
DeleteEnhMetaFile
DeleteDC
GetDeviceCaps

Exports

Exports

CreateSetup
DestroySetup
EditSetup
EscapeSetup
GetFileInfo
GetFilterInfo
GetFilterPref
IMSGetFilterVersion
ImportCB
ImportEmbeddedGR
ImportFile
ImportGR

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/ibpcd2.flt
.dll windows:4 windows x86 arch:x86

d729f17ff28d4514ee9ee71baeb2e8b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

isgdi32

ord3100
ord112
ord114
ord113
ord111
ord2818
ord1146
ord1033
ord3101
ord102
ord3004
ord2817
ord2721
ord2725
ord3103
ord3102
ord3104
ord2831
ord518
ord1147
ord637
ord2820
ord4
ord2563
ord5
ord2822
ord639
ord3
ord2821
ord2819
ord2562
ord110

msvcrt

_adjust_fdiv
malloc
strrchr
_initterm
_pctype
pow
memcmp
_isctype
realloc
strncmp
memset
__mb_cur_max
time
strncpy
memcpy
_assert
strlen
sprintf
strcat
strcpy
_ftol
ceil
strtok
atoi
abs
tolower
free
_stricmp

kernel32

WritePrivateProfileStringA
GetModuleFileNameA
GetPrivateProfileIntA
OpenFile
GetWindowsDirectoryA
LocalAlloc
LocalLock
LocalHandle
LocalUnlock
LocalFree
GlobalHandle
GetPrivateProfileStringA
GlobalUnlock
GlobalLock
GlobalSize
GlobalFree
GlobalAlloc

user32

GetActiveWindow
LoadStringA
wsprintfA

gdi32

DeleteMetaFile
DeleteEnhMetaFile
GetObjectType

Exports

Exports

CreateSetup
DestroySetup
EditSetup
EscapeSetup
GetFileInfo
GetFilterInfo
GetFilterPref
IMSGetFilterVersion
ImportCB
ImportEmbeddedGR
ImportFile
ImportGR

Sections

.text
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/ibxbm2.flt
.dll windows:4 windows x86 arch:x86

ad1d45032060b2e9bf79973a9a0f66e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

isgdi32

ord111
ord113
ord637
ord518
ord114
ord2818
ord3004
ord259
ord3103
ord3108
ord1146
ord1033
ord2817
ord112
ord2562
ord2563
ord102
ord2821
ord3
ord639
ord4
ord1314
ord519
ord5
ord2822
ord2820
ord3101
ord110
ord3100
ord2831
ord1147
ord3122
ord2819

msvcrt

malloc
_initterm
free
_adjust_fdiv
atoi
_ftol
memset
strlen
strcat
strcpy
_strlwr
_strrev
_stricmp
strstr
abs

kernel32

GetModuleFileNameA
GlobalFree
GlobalAlloc
GlobalLock
GlobalSize
GlobalUnlock
LocalUnlock
LocalAlloc
LocalLock
LocalFree
LocalHandle

user32

LoadStringA
GetActiveWindow

gdi32

GetObjectType
DeleteEnhMetaFile
DeleteDC
GetDeviceCaps
CreateDCA
DeleteMetaFile

Exports

Exports

CreateSetup
DestroySetup
EditSetup
EscapeSetup
GetFileInfo
GetFilterInfo
GetFilterPref
IMSGetFilterVersion
ImportCB
ImportEmbeddedGR
ImportFile
ImportGR

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 554B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/ibxpm2.flt
.dll windows:4 windows x86 arch:x86

66f46dd75d98aa814ec22d1f254de2be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

isgdi32

ord111
ord2818
ord259
ord113
ord3004
ord2817
ord3108
ord1146
ord1033
ord1147
ord637
ord518
ord102
ord114
ord2562
ord1314
ord519
ord639
ord4
ord2819
ord2821
ord3
ord112
ord5
ord2822
ord2820
ord2725
ord2721
ord2831
ord3101
ord3100
ord3103
ord2563
ord110

msvcrt

strncmp
__mb_cur_max
strcpy
strcat
_adjust_fdiv
malloc
_initterm
free
strrchr
atoi
_stricmp
_isctype
_pctype
strtok
abs
memset
sprintf
strlen

kernel32

LocalFree
GetPrivateProfileIntA
WritePrivateProfileStringA
GlobalFree
GetPrivateProfileStringA
GlobalAlloc
GlobalSize
GetModuleFileNameA
GlobalUnlock
LocalUnlock
LocalHandle
LocalLock
LocalAlloc
GetWindowsDirectoryA
OpenFile
GlobalLock

user32

LoadStringA
wsprintfA
GetActiveWindow

gdi32

GetObjectType
DeleteDC
DeleteEnhMetaFile
CreateDCA
GetDeviceCaps
DeleteMetaFile

Exports

Exports

CreateSetup
DestroySetup
EditSetup
EscapeSetup
GetFileInfo
GetFilterInfo
GetFilterPref
IMSGetFilterVersion
ImportCB
ImportEmbeddedGR
ImportFile
ImportGR

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/ibxwd2.flt
.dll windows:4 windows x86 arch:x86

732f74b198507b8bded55cc90021ecf7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

isgdi32

ord111
ord2818
ord113
ord637
ord518
ord259
ord3004
ord102
ord114
ord3122
ord3103
ord3108
ord3110
ord1146
ord1033
ord1147
ord112
ord110
ord3101
ord3100
ord2817
ord3113
ord2819
ord1314
ord3
ord639
ord4
ord2821
ord519
ord5
ord2831
ord2820
ord2822
ord2563
ord2562

msvcrt

floor
abs
memset
strlen
strcat
strcpy
ceil
_ftol
malloc
_initterm
free
_adjust_fdiv
_stricmp

kernel32

GlobalFree
GlobalLock
GlobalAlloc
LocalFree
GlobalUnlock
LocalLock
LocalAlloc
LocalUnlock
GlobalHandle
LocalHandle
GlobalSize
GetModuleFileNameA
GlobalReAlloc

user32

LoadStringA
GetActiveWindow

gdi32

DeleteEnhMetaFile
GetObjectType
DeleteMetaFile
GetDeviceCaps
CreateDCA
DeleteDC

Exports

Exports

CreateSetup
DestroySetup
EditSetup
EscapeSetup
GetFileInfo
GetFilterInfo
GetFilterPref
IMSGetFilterVersion
ImportCB
ImportEmbeddedGR
ImportFile
ImportGR

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/libgfl267.dll
.dll windows:4 windows x86 arch:x86

bf188a444535a43fa7c2882fad623453

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
GetStartupInfoA
GetFileType
WriteFile
SetFilePointer
GetCurrentThreadId
TlsSetValue
ReadFile
TlsAlloc
SetLastError
TlsGetValue
RaiseException
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
TlsFree
GetEnvironmentStringsW
InterlockedIncrement
MultiByteToWideChar
FlushFileBuffers
SetHandleCount
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
GetStringTypeA
GetStringTypeW
Sleep
LCMapStringA
LCMapStringW
SetEndOfFile
IsValidLocale
InterlockedDecrement
GetLocaleInfoA
GetProcAddress
InitializeCriticalSection
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapFree
GetTimeZoneInformation
HeapReAlloc
RtlUnwind
DeleteCriticalSection
SetStdHandle
CreateFileA
WaitForSingleObject
CreateMutexA
ReleaseMutex
FindClose
FindNextFileA
FindFirstFileA
LoadLibraryExA
FreeLibrary
GetFileSize
CreateFileW
GetTempFileNameA
GetTempPathA
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
EnumResourceNamesA
SizeofResource
LockResource
LoadResource
FindResourceA
DeleteFileA
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
GetModuleHandleA
GetVersion
GetCommandLineA
MoveFileA
GetLastError
GetCurrentProcess
TerminateProcess
ExitProcess
GetLocalTime
GetSystemTime
EnumSystemLocalesA
GetUserDefaultLCID
IsValidCodePage
GetLocaleInfoW

user32

DrawIconEx
DestroyIcon
GetIconInfo
CreateIconFromResource
wsprintfA
GetDC
ReleaseDC
CreateIconFromResourceEx
FillRect

gdi32

GetEnhMetaFileHeader
GetSystemPaletteEntries
CreatePalette
CreateDCA
CreateCompatibleDC
DeleteEnhMetaFile
SelectObject
PlayEnhMetaFile
DeleteDC
GetObjectA
GetStockObject
SelectPalette
RealizePalette
GetDIBits
SetWinMetaFileBits
GetEnhMetaFileA
CreateSolidBrush
CloseEnhMetaFile
SetDIBitsToDevice
DeleteObject
CreateCompatibleBitmap
GetDeviceCaps
CreateEnhMetaFileA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyA

shell32

ExtractIconExA

Exports

Exports

EXIFGetDPI
EXIFGetOrientation
EXIFSetOrientation
EXIFThumbGet
crc32
deflate
deflateEnd
deflateInit_
deflateReset
gffAllock
gffAllockEx
gffCleanAndSetBitAtBuffer
gffCopy
gffCopyExtendedData
gffFree
gffGetBitAtBuffer
gffGetClippingRect
gffGetTemporaryFilename
gffResize
gflAllockBitmap
gflAllockBitmapEx
gflApplyLutFile
gflAutoCrop
gflAutoCrop2
gflBitblt
gflBitbltEx
gflBitmapGetEXIF
gflBitmapGetEXIFValue
gflBitmapGetIPTC
gflBitmapGetIPTCValue
gflBitmapHasEXIF
gflBitmapHasIPTC
gflBitmapIsSupportedByIndex
gflBitmapIsSupportedByName
gflBitmapRemoveEXIFThumbnail
gflBitmapRemoveMetaData
gflBitmapSetComment
gflBitmapSetIPTC
gflBitmapSetName
gflBitmapTypeIsSupportedByIndex
gflBitmapTypeIsSupportedByName
gflChangeColorDepth
gflCloneBitmap
gflCombineAlpha
gflCompressionIsSupportedByIndex
gflCompressionIsSupportedByName
gflCrop
gflEnableLZW
gflFileAddPicture
gflFileClose
gflFileCreate
gflFlipHorizontal
gflFlipVertical
gflFormatIsReadableByIndex
gflFormatIsReadableByName
gflFormatIsSupported
gflFormatIsWritableByIndex
gflFormatIsWritableByName
gflFreeBitmap
gflFreeBitmapData
gflFreeEXIF
gflFreeFileInformation
gflFreeIPTC
gflGetColorArray
gflGetColorAt
gflGetColorAtEx
gflGetDefaultFormatSuffixByIndex
gflGetDefaultFormatSuffixByName
gflGetDefaultLoadParams
gflGetDefaultSaveParams
gflGetDefaultThumbnailParams
gflGetErrorString
gflGetFileInformation
gflGetFileInformationFromHandle
gflGetFileInformationFromMemory
gflGetFormatDescriptionByIndex
gflGetFormatDescriptionByName
gflGetFormatIndexByName
gflGetFormatInformationByIndex
gflGetFormatInformationByName
gflGetFormatNameByIndex
gflGetLabelForColorModel
gflGetNumberOfFormat
gflGetVersion
gflGetVersionOfLibformat
gflIsCompatibleLutFile
gflIsLutFile
gflJPEGGetComment
gflJPEGSetComment
gflLibraryExit
gflLibraryInit
gflLibraryInitEx
gflLoadBitmap
gflLoadBitmapFromHandle
gflLoadBitmapFromMemory
gflLoadEXIF
gflLoadIPTC
gflLoadThumbnail
gflLoadThumbnailFromHandle
gflLoadThumbnailFromMemory
gflMemoryAlloc
gflMemoryFree
gflMemoryRealloc
gflMerge
gflNewIPTC
gflPNGGetComment
gflPNGSetComment
gflRemoveIPTCValue
gflReplaceColor
gflResize
gflResizeCanvas
gflRotate
gflRotateFine
gflSaveBitmap
gflSaveBitmapIntoHandle
gflSaveBitmapIntoMemory
gflSaveIPTC
gflSaveParamsIsSupportedByIndex
gflSaveParamsIsSupportedByName
gflScaleToGrey
gflSetColorAt
gflSetColorAtEx
gflSetIPTCValue
gflSetPluginsPathname
gflSetTransparentColor
inflate
inflateEnd
inflateInit_
inflateSync

Sections

.text
Size: 772KB - Virtual size: 768KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/oswin32.dll
.dll windows:4 windows x86 arch:x86

5361d0a5399ad1ddc4800124ed3c2d9f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wvcore

Win32VGetHandleType
Win32VGetOutputVtable
Win32VGetHandleParentByType
Win32VGetHandleParent
Win32VGetOutputSolutionType
Win32VGetHandleUserData
Win32VGetHandlePointerFunc
Win32VGetHandleByUserData
SPStringLength
Win32VCreateHandle
Win32VDestroyHandle
Win32VSetHandleUserData
SPBytesToString

user32

OffsetRect
GetSysColorBrush
PtInRect
BeginPaint
IntersectRect
EndPaint
ClientToScreen
DrawFocusRect
GetDC
GetWindowRect
GetClientRect
EnableWindow
GetWindowLongA
SetWindowLongA
DestroyWindow
ScreenToClient
GetUpdateRgn
InvalidateRect
FillRect
UpdateWindow
ExcludeUpdateRgn
InvertRect
FrameRect
ReleaseDC

gdi32

Rectangle
RealizePalette
GetClipBox
SelectPalette
SelectObject
GetCurrentObject
StartPage
EndDoc
StartDocA
SetRectRgn
RectInRegion
OffsetRgn
CombineRgn
SetPaletteEntries
GetPaletteEntries
EnumFontFamiliesExA
CreateFontIndirectA
GetObjectA
CreateSolidBrush
CreateRectRgn
CreatePolyPolygonRgn
CreatePolygonRgn
CreatePenIndirect
ExtCreatePen
CreatePatternBrush
CreatePalette
CreateHatchBrush
CreateDCA
CreateBrushIndirect
CreateBitmapIndirect
CreateBitmap
GetFontData
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextMetricsA
GetTextFaceA
GetCharWidthA
GetCharWidthW
CreateCompatibleBitmap
GetStockObject
DeleteObject
Arc
BitBlt
Chord
CreateCompatibleDC
CreateDIBitmap
CreateDIBSection
DeleteDC
DPtoLP
Ellipse
ExcludeClipRect
FloodFill
GetBkColor
GetBkMode
GetBrushOrgEx
GetCharWidth32W
GetClipRgn
GetDeviceCaps
GetDIBits
GetMapMode
GetPixel
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextCharacterExtra
GetTextColor
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
IntersectClipRect
LineTo
LPtoDP
MoveToEx
PatBlt
Pie
Polygon
Polyline
PolyPolygon
PolyPolyline
SetROP2
GetCharWidth32A
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBits
SetDIBitsToDevice
SetMapMode
SetPixel
SetPolyFillMode
SetWindowExtEx
SetStretchBltMode
SetTextAlign
SetTextCharacterExtra
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowOrgEx
StretchBlt
StretchDIBits
ExtTextOutW
ExtTextOutA
EndPage

msvcrt

__CxxFrameHandler
_initterm
malloc
??3@YAXPAX@Z
__dllonexit
_adjust_fdiv
??2@YAPAXI@Z
_onexit
free

kernel32

DisableThreadLibraryCalls
GetVersion
HeapFree
HeapAlloc
GetProcessHeap
MultiByteToWideChar
WideCharToMultiByte

Exports

Exports

GNAddPaletteEntry
GNArc
GNBeginPaint
GNBitBlt
GNCancelJob
GNCancelPage
GNChord
GNClientToScreen
GNClosePrinter
GNCombineRgn
GNCreateBitmap
GNCreateBitmapIndirect
GNCreateBrushIndirect
GNCreateCompatibleBitmap
GNCreateCompatibleDC
GNCreateDC
GNCreateDIBSection
GNCreateDIBitmap
GNCreateFont
GNCreateFontBank
GNCreateHatchBrush
GNCreateIC
GNCreatePalette
GNCreatePatternBrush
GNCreatePenIndirect
GNCreatePolyPolygonRgn
GNCreatePolygonRgn
GNCreateRectRgn
GNCreateRectRgnIndirect
GNCreateSolidBrush
GNDPtoLP
GNDStoLS
GNDeInit
GNDeleteDC
GNDeleteObject
GNDestroyWindow
GNDrawFocusRect
GNEllipse
GNEnableWindow
GNEndJob
GNEndPage
GNEndPaint
GNEnumAvailablePaperSizes
GNEnumAvailablePrinters
GNEnumFontFamilies
GNExcludeClipRect
GNExcludeUpdateRgn
GNFillRect
GNFloodFill
GNFlush
GNFrameRect
GNGetBkColor
GNGetBkMode
GNGetBrushOrg
GNGetCharWidth
GNGetClientRect
GNGetClipBox
GNGetClipRgn
GNGetDC
GNGetDIBits
GNGetDeviceCaps
GNGetDeviceOption
GNGetFontData
GNGetFontInfo
GNGetMapMode
GNGetObject
GNGetOutputSolutionCount
GNGetOutputSolutionInfoAt
GNGetPageDimensions
GNGetPageOrientation
GNGetPaletteSize
GNGetPaperSize
GNGetPixel
GNGetPolyFillMode
GNGetPrinterInfo
GNGetROP2
GNGetStockObject
GNGetStretchBltMode
GNGetSysColorBrush
GNGetTextAlign
GNGetTextCharacterExtra
GNGetTextColor
GNGetTextMetrics
GNGetTextWidth
GNGetUpdateRgn
GNGetViewportExt
GNGetViewportOrg
GNGetWindowExt
GNGetWindowLong
GNGetWindowOrg
GNGetWindowRect
GNIntersectClipRect
GNIntersectRect
GNInvalidateRect
GNInvertRect
GNLPtoDP
GNLStoDS
GNLineTo
GNMergePalette
GNMoveTo
GNOffsetRect
GNOffsetRgn
GNOpenPrinter
GNPatBlt
GNPie
GNPolyPolygon
GNPolyPolyline
GNPolygon
GNPolyline
GNProc
GNPtInRect
GNRealizePalette
GNRectInRegion
GNRectangle
GNReleaseDC
GNRestoreDC
GNRoundRect
GNSaveDC
GNScreenToClient
GNSelectClipRgn
GNSelectObject
GNSelectPalette
GNSetBkColor
GNSetBkMode
GNSetBrushOrg
GNSetDIBits
GNSetDIBitsToDevice
GNSetDeviceOption
GNSetMapMode
GNSetPageOrientation
GNSetPaperSize
GNSetPixel
GNSetPolyFillMode
GNSetROP2
GNSetRectRgn
GNSetStretchBltMode
GNSetTextAlign
GNSetTextCharacterExtra
GNSetTextColor
GNSetViewportExt
GNSetViewportOrg
GNSetWindowExt
GNSetWindowLong
GNSetWindowOrg
GNStartJob
GNStartPage
GNStretchBlt
GNStretchDIBits
GNTextOut
GNUpdateWindow
GNWrapDCHandle
GNWrapWindowHandle

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/rsviewer.exe
.exe windows:4 windows x86 arch:x86

bcd2b72ee1aa9c17b20e0dac19110aaf

Code Sign

01:00:00:00:00:01:11:76:56:e2:55
Certificate

Issuer

CN=GlobalSign ObjectSign CA,OU=ObjectSign CA,O=GlobalSign nv-sa,C=BE

Not Before

21/03/2007, 21:11

Not After

21/03/2009, 21:11

Subject

CN=R-tools technology Inc.,O=R-tools technology Inc.,C=CA,1.2.840.113549.1.9.1=#0c0f6f666669636540722d74742e636f6d

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageKeyEncipherment
KeyUsageDataEncipherment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:08:d9:61:1c:d6
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

28/01/1999, 12:00

Not After

27/01/2014, 11:00

Subject

CN=GlobalSign Primary Object Publishing CA,OU=Primary Object Publishing CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

04:00:00:00:00:01:08:d9:61:24:48
Certificate

Issuer

CN=GlobalSign Primary Object Publishing CA,OU=Primary Object Publishing CA,O=GlobalSign nv-sa,C=BE

Not Before

22/01/2004, 09:00

Not After

27/01/2014, 10:00

Subject

CN=GlobalSign ObjectSign CA,OU=ObjectSign CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:2e:cc:72:22:3e:76:92:3a:e5:5c:d3:40:78:71:3d:82:6c:4a:d7
Signer

Actual PE Digest

74:2e:cc:72:22:3e:76:92:3a:e5:5c:d3:40:78:71:3d:82:6c:4a:d7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

olepro32

ord253

ws2_32

WSAStartup

sccex

EXOpenExport
EXRunExport
EXCloseExport

sccda

DACloseDocument
DAOpenDocument
DAInit
DADeInit
DASetOption

urlmon

CoInternetGetSession

kernel32

GetVersionExA
GlobalUnlock
GlobalLock
GlobalAlloc
lstrlenW
GetModuleFileNameA
GetProcAddress
FreeLibrary
LoadLibraryA
lstrcmpiA
IsDBCSLeadByte
LoadLibraryExA
GetModuleHandleA
GetCommandLineA
ExitProcess
InterlockedExchange
CreateEventA
VirtualAlloc
VirtualFree
WaitForMultipleObjectsEx
TerminateThread
CreateSemaphoreA
InterlockedCompareExchange
GetSystemInfo
OpenEventA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
WriteFile
OpenMutexA
ReleaseSemaphore
SetErrorMode
GetTempFileNameA
DeleteFileA
GetTempPathA
CreateEventW
GetModuleHandleW
MultiByteToWideChar
lstrcpynW
lstrcmpW
SetThreadPriority
GetTickCount
CreateThread
CreateSemaphoreW
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetThreadLocale
GetLocaleInfoA
GetACP
VirtualQuery
SetLastError
MulDiv
GetCurrentThreadId
lstrcmpA
lstrlenA
GetCurrentProcess
FlushInstructionCache
WideCharToMultiByte
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetStdHandle
HeapCreate
GetCurrentProcessId
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
RaiseException
CreateFileA
ReadFile
InterlockedExchangeAdd
SetFilePointer
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
GetFileSize
ReleaseMutex
InterlockedDecrement
InterlockedIncrement
Sleep
GetLastError
WaitForMultipleObjects
CloseHandle
ResetEvent
WaitForSingleObject
SetEvent
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetStdHandle
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
IsProcessorFeaturePresent
RtlUnwind
ExitThread
lstrcpyW
VirtualProtect

user32

SetRect
GetWindowPlacement
SetWindowPlacement
GetClassLongA
LoadIconA
DialogBoxParamA
wvsprintfW
TranslateMessage
DispatchMessageA
GetSubMenu
PeekMessageA
PtInRect
SetWindowsHookExA
OffsetRect
CallNextHookEx
GetKeyState
CharLowerA
UnhookWindowsHookEx
InflateRect
SetRectEmpty
GetSysColorBrush
GetWindowDC
WindowFromPoint
MessageBeep
FrameRect
ModifyMenuA
TrackPopupMenuEx
DrawEdge
DrawFrameControl
DrawTextA
GetActiveWindow
GetWindowThreadProcessId
IsWindowEnabled
CreateAcceleratorTableA
LoadStringW
LoadStringA
EndDialog
GetDesktopWindow
GetFocus
DestroyAcceleratorTable
ReleaseCapture
GetClassNameA
IsChild
SetCapture
InvalidateRgn
ReleaseDC
GetDC
ClientToScreen
MoveWindow
GetSysColor
LoadAcceleratorsA
LoadImageA
GetWindowTextLengthA
GetWindowTextA
GetMessagePos
LoadMenuA
LoadBitmapA
IsMenu
DestroyMenu
GetMenuItemCount
GetClassInfoExA
SetMenu
GetMenu
PostMessageA
DestroyIcon
TranslateAcceleratorA
PostQuitMessage
EndPaint
BeginPaint
GetScrollInfo
SetScrollPos
ScrollWindowEx
SystemParametersInfoA
RegisterWindowMessageA
FindWindowA
GetWindow
FillRect
SetScrollInfo
MessageBoxA
GetSystemMetrics
IsRectEmpty
CreateDialogParamA
RedrawWindow
CallWindowProcA
SetMenuDefaultItem
GetMenuItemInfoA
SetMenuItemInfoA
DefWindowProcA
LoadCursorA
SetCursor
KillTimer
SetTimer
IsWindowVisible
ShowWindow
ScreenToClient
InvalidateRect
UpdateWindow
SetForegroundWindow
SetFocus
MapWindowPoints
SetWindowLongA
SetWindowPos
GetDlgItem
EnableWindow
GetClientRect
SetWindowTextA
DestroyWindow
CreateWindowExA
SendMessageA
GetWindowRect
GetParent
IsWindow
GetScrollRange
GetWindowLongA
UnregisterClassA
RegisterClassExA
GetMessageA
CharNextA

gdi32

CreateFontIndirectA
CombineRgn
CreateRectRgnIndirect
ExtTextOutA
CreateDIBSection
SetTextColor
SetBkMode
GetObjectA
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteObject
DeleteDC
CreatePatternBrush
CreateBitmap
SetViewportOrgEx
GetStockObject
PatBlt
SetBkColor
StretchDIBits
ExcludeClipRect
SetBrushOrgEx

comdlg32

GetOpenFileNameA
CommDlgExtendedError

advapi32

RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA

shell32

SHAppBarMessage

ole32

CLSIDFromProgID
CoTaskMemAlloc
OleLockRunning
StringFromGUID2
OleUninitialize
CLSIDFromString
CreateStreamOnHGlobal
CoInitialize
CoCreateInstance
GetRunningObjectTable
CreateItemMoniker
CoTaskMemRealloc
CoTaskMemFree
CoUninitialize
CoFreeUnusedLibraries
CoGetClassObject
OleInitialize

oleaut32

SysStringLen
SysFreeString
SysAllocStringLen
SysAllocString
LoadRegTypeLi
LoadTypeLi
SysStringByteLen
VariantInit
VariantClear
VarUI4FromStr

libgfl267

gflGetDefaultLoadParams
gflFreeBitmap
gflResize
gflLoadBitmapFromMemory
gflCloneBitmap
gflLibraryExit
gflEnableLZW
gflFreeBitmapData
gflSetPluginsPathname
gflLibraryInit

comctl32

InitCommonControlsEx
ImageList_Create
ord8
ImageList_AddMasked
ImageList_Draw
ImageList_GetImageCount
ImageList_Destroy

Sections

.text
Size: 276KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Viewer/sccanno.dll
.dll windows:4 windows x86 arch:x86

eeb3765bfd6d175aa07fb22ad1945d83

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GetProcessHeap
GlobalFree
HeapFree
HeapReAlloc
GlobalUnlock
GlobalLock
HeapAlloc
DisableThreadLibraryCalls

sccda

DACloseDocument
DAGetHChunker
DAGetAnno
DAOpenDocument
DASetOption
DADestroyModuleData
DARetrieveDocHandle
DAGetOption
DALockModuleData
DAUnlockModuleData

sccut

UTGetOSCharSet

sccch

CHGetItemId
CHGetItemCount
CHNextItemId
CHGetRunInfo
CHGetRunFromItemId
CHGetItemCountById
CHGetSectionInfo
CHGetItem

sccca

CAOpenContent
CAReadFirst
CASeek
CAReadNext
CACloseContent

msvcrt

_adjust_fdiv
malloc
_initterm
free

Exports

Exports

ANAddAnno
ANAddGlobalHiliteStyle
ANAddHiliteStyle
ANAnnoEvent
ANBuildAnnos
ANClearAnnos
ANClearUserData
ANCompPos
ANCopyAnnos
ANDeInit
ANDeInitGlobalHiliteStyles
ANEndAnnoTextTrack
ANEndAnnoTrack
ANFindAnno
ANGetAnnoText
ANGetGlobalHiliteStyle
ANGetHiliteStyle
ANInit
ANInitGlobalHiliteStyles
ANIsAnnoTextPos
ANMapPosition
ANNextAnnoTextPos
ANNextChunkerPos
ANNextPos
ANSetCallback
ANStartAnnoTextTrack
ANStartAnnoTrack
ANTrackAnno

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/sccca.dll
.dll windows:4 windows x86 arch:x86

35958d52c3f00e7e4ae5ed1155f1c3e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wvcore

SNTranslateException

sccind

IndFindStyle
IndInitFonts
IndProcessHeight
IndResizeNames
IndApplyStyle
IndPushStyle
IndToggleAttr
IndIsUnMapFont
IndAddStyle
IndInitNames
IndHyperlinkInfo
IndResolveStyles
IndFormatNumber
IndGetSectName
IndInitStyle
IndDeInitFieldFmts
IndPopStyle
IndAddFieldFmt
IndClearFieldFmts
IndFindTagId
IndFindInlineBeginTagId
IndInitStyles
IndCharmapInit
IndDeInitNames
IndDeInitStyles
IndDeInitStyle
IndDeInitFonts

sccda

DADestroyModuleData
DACharmapSetup
DAUnlockModuleData
DAGetHChunker
DAGetSelection
DAGetOption
DASetOption
DAGetFileId
DACreateModuleData
DALockModuleData
DAPreOpenDocument

sccut

UTGetWordString
UTMapCharRtn
UTArcIsContainer
UTwstrlen

sccch

CHLockItemRange
CHGetItem
CHGetItemId
CHUnlockItemRange
CHGetItems
CHNextItemId
CHGetSectionInfo

msvcrt

free
_adjust_fdiv
malloc
_initterm
_except_handler3

kernel32

DisableThreadLibraryCalls

Exports

Exports

CACloseContent
CANameMapDBCS
CANameMapDouble
CANameMapSingle
CAOpenContent
CAReadFirst
CAReadNext
CASeek
CATell

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 466B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/sccch.dll
.dll windows:4 windows x86 arch:x86

1865a5089c15df306a99cd44ace77fcd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

sccut

UTMultiToDoubleByte
UTGetGlobalOptionSet
IOCreate
IOMapIOERR
UTGetOption
UTGetUnknownCharSet
UTBailOutRelease
UTwsstrcpy
UTwstrlen

kernel32

GetProcessHeap
HeapFree
HeapReAlloc
DisableThreadLibraryCalls
HeapAlloc

msvcrt

_adjust_fdiv
malloc
free
_initterm

Exports

Exports

CHDeInit
CHDoFilterSpecial
CHGetFilter
CHGetItem
CHGetItemCount
CHGetItemCountById
CHGetItemId
CHGetItems
CHGetRunFromItemId
CHGetRunInfo
CHGetSectionInfo
CHInit
CHIsWithinCookie
CHLockItemRange
CHNextCookieRange
CHNextItemId
CHPackageRemoteData
CHPrevItemId
CHReadAhead
CHSetOption
CHUnlockItemRange
CHUnpackageRemoteData

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/sccda.dll
.dll windows:4 windows x86 arch:x86

06aabfe304f613ebff530d8837f9b318

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wvcore

Win32VDeinit
SNDestroyCriticalSection
SNGetProcAddress
Win32VInit
SNCreateCriticalSection
SNEnterCriticalSection
SNLeaveCriticalSection
SNTranslateException
SPBytesToString
SNLoadLibrary

sccfi

FIIdHandle

sccch

CHInit
CHDeInit
CHUnlockItemRange
CHLockItemRange
CHGetItem
CHSetOption
CHGetItemId
CHGetSectionInfo
CHGetItemCount
CHDoFilterSpecial
CHGetItems
CHNextItemId
CHGetFilter
CHReadAhead

sccfa

FACloseExport
FAOpenEx
FAOpenComponent
FAInit
FADeInit
FAMapToSCCERR
FAComponentOpenSubdocument
FAClose
FACloseComponent
FAMapIdToFilterInfo
FADoComponentSpecial
FAGetHIOFile
FAGetObjectLocation
FAGetComponentSpec
FASetComponentOutput

sccut

UTwstrcpy
UTFreeLibraryNP
UTGetString
UTMapCharRtn
UTCreateMap
CMGetGlobalUnMappableChar
UTGetUnknownCharSet
UTLoadLibraryNP
UTInit
UTDeInit
IOMapIOERR
IOOpen
UTCharSetFromName
UTswstrcpy
IOCreate
UTSetOption
IOAllocSpec
UTSetGlobalOption
UTGetOption
UTGetGlobalOptionSet
UTDestroyOptionDelta
UTBailOutRelease
UTCreateOptionDelta
UTInitDynamicOptions
UTGetGlobalOption
UTReleaseMap
UTwsstrcpy
IOGetTempFullUnicodeFileName
UTGetErrorString

kernel32

GetProcessHeap
HeapFree
GetModuleFileNameA
GetVersion
HeapAlloc
GetSystemDirectoryA
OpenFile

msvcrt

_except_handler3

Exports

Exports

DAAddPipelineComponent
DACharmapInit
DACharmapSetup
DACloneDocHandle
DACloseDocument
DAClosePipelineComponent
DAClosePipelineComponentAtIndex
DACloseTreeRecord
DACreateModuleData
DADataValFromUnion
DADeInit
DADestroyModuleData
DADramamineInfo1
DADrawOLEObject
DAFindTagChangeId
DAGetAnno
DAGetCurrentPipelineComponentType
DAGetEmbeddedObject
DAGetErrorString
DAGetExceptionError
DAGetFileId
DAGetFileIdNoFallback
DAGetHChunker
DAGetHDoc
DAGetHFile
DAGetHFilter
DAGetHIOFile
DAGetOLEObject
DAGetObjectInfo
DAGetObjectLocator
DAGetObjectOLELocation
DAGetOption
DAGetPipelineComponent
DAGetPipelineComponentAtIndex
DAGetPipelineComponentType
DAGetPipelineLength
DAGetPipelineOutput
DAGetSelection
DAGetStyle
DAGetTreeCount
DAGetTreeRecord
DAInit
DALockModuleData
DAMapFontIdToName
DAOLECopyStorageToFile
DAOLECopyStorageToFileEx
DAOpenDocument
DAOpenPipelineComponent
DAOpenSubdocument
DAOpenSubdocumentById
DAOpenTreeRecord
DAOpenTreeRecordEx
DAPreOpenDocument
DAResetPipeline
DARetrieveDocHandle
DASaveInputObject
DASaveTreeRecord
DASaveTreeRecordToFile
DASetDADefaultOptions
DASetFileSpecOption
DASetOption
DASkipTag
DAUnlockModuleData
ExDAUnLoadOle2

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/sccdu.dll
.dll windows:4 windows x86 arch:x86

980c4dadd9bd888f732ed1f0ef5bdb4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wvcore

Win32VIsValidHandle
SNGetModuleFileName
Win32VGetHandleParent
Win32VGetOutputSolutionByType
Win32VGetHandleParentByType
SNLeaveCriticalSection
SNEnterCriticalSection
SNDestroyCriticalSection
SNCreateCriticalSection
SNFreeLibrary
Win32VCreateHandle
Win32VSetHandleUserData
Win32VDestroyHandle
Win32VGetHandleUserData
Win32VGetOutputVtable
Win32VGetHandlePointerFunc
SPBytesToString
SNLoadLibrary
SNGetProcAddress

sccda

DADrawOLEObject
DAGetEmbeddedObject
DARetrieveDocHandle
DAOpenDocument
DAGetOLEObject
DALockModuleData
ExDAUnLoadOle2
DAGetSelection
DAGetAnno
DAUnlockModuleData
DAFindTagChangeId
DACloseDocument

sccch

CHGetItemCountById
CHReadAhead
CHGetSectionInfo
CHLockItemRange
CHUnlockItemRange
CHGetItem
CHNextItemId
CHPrevItemId
CHGetRunFromItemId
CHGetItemCount
CHGetItems
CHGetItemId
CHGetRunInfo

sccut

UTDestroyOptionDelta
UTCreateOptionDelta
UTGetOption
UTwstrcat
UTInitDefaultOptions
UTInitDynamicOptions
UTMultiToDoubleByte
UTSO2GDIColor
UTFreeLibraryNP
UTSetOption
UTswstrcpy
UTMapDBText
UTwstrcmp
UTBailOutRelease
UTGetCharDirection
UTwstrcpy
UTCacheRetrieve
UTCacheAdd
UTCacheInit
UTCharSetFromName
UTCreateMap
UTGetWordString
UTwstrlen
UTwsstrcpy
UTDetermineAltFontType
UTMapCharRtn
UTReleaseMap
UTGetUnknownCharSet

sccfmt

FindTagChangeId
FMTFormatNumber
FMTFormatNumber35
FMTGenerateDecimalNumeral
FMTGenerateCounterNumber
FMTDataVal

kernel32

GetLastError
HeapReAlloc
GetVersion
HeapAlloc
GetVersionExA
GetProcessHeap
HeapFree

user32

SetScrollPos
GetDC
DrawIconEx
IsWindowEnabled
wsprintfA
GetSysColor
SetScrollInfo
DrawIcon
SetScrollRange
ReleaseDC

gdi32

GetCharABCWidthsA
GetObjectA
GetTextFaceW
ExtSelectClipRgn
DeleteObject
GdiFlush

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

comdlg32

PrintDlgA

msvcrt

_ftol
_initterm
malloc
_adjust_fdiv
free
wcscpy
memmove

Exports

Exports

DUANAnnoEvent
DUANCopyAnnos
DUANEndAnnoTextTrack
DUANEndAnnoTrack
DUANGetAnnoText
DUANIsAnnoTextPos
DUANNextPos
DUANStartAnnoTextTrack
DUANStartAnnoTrack
DUANTrackAnno
DUAddLinkListItem
DUAddLinkListItemAfterCurrent
DUAddToPalette
DUAlphaBlend
DUCacheFrame
DUCleanOutFontCache
DUCleanUpParaStyle
DUCleanupBitStorage
DUCleanupBitmapInfo
DUCopyPaletteNP
DUCreateFont
DUCreateFontBank
DUCreateFrame
DUCreateLinkList
DUCreateLinkListItem
DUCreatePalette
DUCurrentLinkListItem
DUDeInit
DUDeInitCounterTrack
DUDeInitSSFrameShare
DUDeleteCurrentItemFromList
DUDeletePalette
DUDestroyFont
DUDestroyFontBank
DUDestroyFrame
DUDestroyLinkList
DUDestroyLinkListItem
DUDisplayFrame
DUDrawBorder
DUEditFrame
DUEnableHScroll
DUEnableVScroll
DUFDeInitNPData
DUFInitNPData
DUFillBitmapWithBackgroundColor
DUFirstLinkListItem
DUFormatText
DUFrameGetParaLeftEdge
DUFrameGetParaPosition
DUFreeFontCache
DUFreeFontOSHandles
DUFreeGlyphWidthTables
DUGetCellFormatID
DUGetCharInfo
DUGetCharWidthExt
DUGetCharWidthRtn
DUGetDCFunc
DUGetDefaultFont
DUGetDisplayName
DUGetGutterNP
DUGetLineInfoHnd
DUGetLinkListItem
DUGetOutputSolution
DUGetRowFormatID
DUGetSSCell
DUGetStartCellID
DUGetStyle
DUGetTextWidth
DUInit
DUInitCounterTrack
DUInitFrameCache
DUInitSSFrameShare
DUInitializeBitStorage
DUInitializeBitmapInfo
DUInsertAfterLinkListItem
DUInsertBeforeLinkListItem
DULastLinkListItem
DUMapDUCharSetToWin
DUMapVWCharSetToWin
DUMapWinCharSetToDU
DUMapWinCharSetToVW
DUNextLinkListItem
DUPrevLinkListItem
DUResetCurrentPointer
DUSelectPalette
DUSetDefaultTextAttribs
DUSetEmptyPage
DUSetFormatType
DUSetFrameStateDefaultVal
DUSetHScrollPage
DUSetHScrollPos
DUSetHScrollRange
DUSetLinkListItem
DUSetOutputType
DUSetPageTextRange
DUSetStyleDefaultVal
DUSetTextColor
DUSetVScrollPage
DUSetVScrollPos
DUSetVScrollRange
DUStretchBlt
DUStretchDIBits
DUTextOut
DUTextOutNP
DUVWFontToDUFont
EmbeddedDUCreateFrameEx
FlipHorizData
FlipVertData
GABitmapAndTransparencyOnWhiteBKGToDeviceNP
GABitmapAndTransparencyToDeviceNP
GABitmapToDeviceNP
GAPBeginDraw
GAPBeginPaint
GAPDUDeInit
GAPDeinitGADataDU
GAPDuInit
GAPEndDraw
GAPEndPaint
GAPGetOption
GAPInitGADataDU
GAPMetafileToContext
GAPMetafileToDevice
GAPMetafileToHandle
GAPParentFunc
GAPReadMeAhead
GAPReleaseBitmapData
GAPSetOption
GAPStartDrawToRect
GAPTrackPageEmbedded
GAPTrackPageTextRange
GARetrieveContextDeviceNP
GetCellRefContent
OIColorRectNP
OIFreeFrame
Rotate180Data
Rotate270Data
Rotate90Data

Sections

.text
Size: 228KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/sccex.dll
.dll windows:4 windows x86 arch:x86

76a5ecb106a9ecbe6b2fe647903f446c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wvcore

SPBytesToString
SNGetProcAddress
SNTranslateException

kernel32

DisableThreadLibraryCalls
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap

sccda

DALockModuleData
DAGetPipelineComponent
DAResetPipeline
DASetOption
DAGetHFilter
DAUnlockModuleData
DAGetHChunker
DAGetPipelineComponentType
DAGetPipelineLength
DAOpenPipelineComponent
DAGetPipelineComponentAtIndex
DAGetPipelineOutput
DARetrieveDocHandle
DAGetAnno
DAAddPipelineComponent
DAGetOption
DADestroyModuleData
DAClosePipelineComponentAtIndex
DACreateModuleData
DAGetFileId
DAGetHDoc

sccfa

FACloseExport
FAMapToSCCERR
FAOpenExport
FARunExport
FAQueryComponents
FAExecuteComponent
FAOpenComponentAtIndex

sccut

IOMapIOERR
UTGetAnnoHandle
UTwsprintf
UTwstrcpy
IOOpen
UTReleaseAnno
IOCreate
UTGetWideFileNameFromPath
UTwstrlen

msvcrt

_except_handler3
malloc
_adjust_fdiv
_initterm
memmove
free

Exports

Exports

EXBlockClose
EXBlockOpen
EXBlockRead
EXBlockSeek
EXBlockTell
EXBlockToChar
EXBufferedIOClose
EXBufferedIOGetInfo
EXBufferedIORead
EXBufferedIOSeek
EXBufferedIOTell
EXBufferedIOWrite
EXCharBlockClose
EXCharBlockOpen
EXCharSeek
EXCharTell
EXCharToBlock
EXClearAllAnnotations
EXCloseExport
EXCreate
EXDoCallback
EXFillBuf
EXGetCallbackData
EXGetCallbackFunc
EXGetFileExtension
EXGetFilename
EXGetHPROC
EXGetParent
EXHideText
EXHiliteText
EXInsertText
EXOpenExport
EXRunExport
EXSetHPROC
FUConvertASCIIToASCII
FUConvertASCIIToBigUnicode
FUConvertASCIIToLittleUnicode
FUConvertBigUnicodeToASCII
FUConvertLittleUnicodeToASCII
FUConvertUnicodeToOppositeUnicode
FUConvertUnicodeToSameUnicode
FUConvertUnicodeToUTF8
LUAddItem
LUAddSortedItem
LUBinarySearchList
LUCreateList
LUDeInitCounterTrack
LUFindExactItem
LUFreeList
LUGetCounterLevel
LUInitCounterTrack
LUInsertItem
LURemoveExactItem
LURemoveItem
LUResizeList
LUSaveCounterLevel
MUAllocateMemory
MUCacheAdd
MUCacheDeinit
MUCacheInit
MUCacheLock
MUCacheRetrieve
MUCacheUnlock
MUDeInit
MUFreeMemory
MUInit
MULock
MUUnlock

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/sccfa.dll
.dll windows:4 windows x86 arch:x86

85975bb3d001071d81612a3b4bf340fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wvcore

SNGetProcAddress
SPStringConcat
SPStringToBytes
SNFindFirstFile
SPStringCopy
SPBytesToString
SNLoadLibrary
SNFindClose
SNFreeLibrary
SNCompareTimes
SNEnterCriticalSection
SNLeaveCriticalSection
SNDestroyCriticalSection
SNCreateCriticalSection
SNTranslateException
SNFindNextFile

sccut

UTIsHardOptionSet
LSLockElementByIndex
UTGetWordString
LSGetListCount
UTBailOutRelease
UTGetUnknownCharSet
UTGetString
LSClearList
LSAddElement
LSWriteList
LSCreateList
LSOpenList
LSCloseList
LSUnlockElementByIndex

kernel32

MulDiv
DeleteCriticalSection
GetModuleFileNameA
lstrcmpiA
GetTickCount
GetVersion
HeapAlloc
GetProcessHeap
InitializeCriticalSection
HeapFree

user32

UpdateWindow
DrawTextA
GetDC
ReleaseDC
LoadBitmapA
EndPaint
DefWindowProcA
BeginPaint
SendMessageA
DestroyWindow
RegisterClassA
GetSystemMetrics
InvalidateRect
ShowWindow
CreateWindowExA
UnregisterClassA

gdi32

CreateFontA
DeleteObject
GetDeviceCaps
SetBkMode
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC

msvcrt

_adjust_fdiv
free
_initterm
malloc
_except_handler3

Exports

Exports

FABuildFilterList
FAClose
FACloseComponent
FACloseExport
FACloseSupportFilter
FAComponentOpenSubdocument
FAComponentWriteFile
FADeInit
FADoComponentSpecial
FADoFilterListDialog
FAExecuteComponent
FAGetComponentSpec
FAGetHIOFile
FAGetInfo
FAGetObjectLocation
FAInit
FAMapIdToFilterInfo
FAMapToSCCERR
FAOpen
FAOpenComponent
FAOpenComponentAtIndex
FAOpenEx
FAOpenExport
FAOpenSupportFilter
FAQueryComponents
FARunExport
FASetComponentOutput
FASwitchFilterContext

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 842B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/sccfi.dll
.dll windows:4 windows x86 arch:x86

ce566ab813a93410cfb783a48691c41e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

sccut

UTXMLReadNextTag
UTDeInit
UTInit
UTXMLInit
UTXMLAddTagMap
UTGetOption
UTXMLDeInit
IOSetInfo
UTGetString
IOOpen
UTGetGlobalOptionSet

sccfut

PKGOpenFileByType
PKGGetHIOFILE
PKGCloseFile
PKGDeinit
PKGInit

kernel32

DisableThreadLibraryCalls
HeapAlloc
GetProcessHeap
HeapFree
lstrcmpiA

msvcrt

malloc
strncmp
_adjust_fdiv
toupper
free
_initterm
strstr

Exports

Exports

FIDeInit
FIExtTextID
FIGetFirstId
FIGetIDString
FIGetNextId
FIIdFile
FIIdFileEx
FIIdHandle
FIIdSpecial
FIInit

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/sccfmt.dll
.dll windows:4 windows x86 arch:x86

3cd75f49e5d6dba02a355675b4f188f3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
DisableThreadLibraryCalls

user32

wsprintfA

sccda

DAGetOption

sccut

UTCacheAdd
UTGetWordString
UTwstrlen
UTCacheRetrieve
UTGetString
UTecvt

sccch

CHGetItems
CHGetItemCount
CHGetItemId
CHLockItemRange
CHGetItem
CHUnlockItemRange
CHNextItemId

msvcrt

free
memmove
_adjust_fdiv
malloc
_initterm
floor
_fpclass
modf
_ftol

Exports

Exports

FMTConvertBCDToDouble
FMTConvertCompactToDouble
FMTConvertDaysToSeconds
FMTConvertDosDateToSODate
FMTConvertJulianToDate
FMTConvertJulianToSeconds
FMTConvertSecondsToTime
FMTConvertSecondsToTotalTime
FMTDataVal
FMTDataValFromUnion
FMTFormatDateTime
FMTFormatNumber
FMTFormatNumber35
FMTFormatText
FMTGenerateArabianNumeral
FMTGenerateCounterNumber
FMTGenerateDecimalNumeral
FMTGenerateHangulNumeral
FMTGenerateLetterNumeral
FMTGenerateRomanNumeral
FMTGetLOString
FMTGetRoman1To9
FMTInsertCh
FMTInsertChW
FMTRoundCopy
FMTRoundCopyW
FMTSFloat10to8
FMTj2g
FMTj2j
FMTstrcatBtoW
FMTweekday
FindTagChangeId

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 866B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/sccfut.dll
.dll windows:4 windows x86 arch:x86

6a19b8357f7ba2f915f80f3e9d171cc0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

sccut

UTXMLReadContent
UTXMLRestoreStateInfoEx
UTXMLGetStateInfo
UTXMLRestoreStateInfo
UTXMLFindStringInMap
UTXMLHexToDW
UTXMLGetNextAttribute
UTXMLGetDouble
UTwstrncmp
UTwstrncpy
UTXMLGetRGBColor
UTwsstrncmp
IOCreate
IOGetTempFullFileName
UTXMLGetDateTime
UTwsstrcpy
UTXMLGetAttribute
UTswstrcpy
UTwsstrcmp
UTwstrlen
UTwstrcpy
UTwstrcmp
UTXMLInit
UTXMLAddTagMap
UTXMLReadNextTag
UTXMLDeInit
UTXMLGetDecDWord
IOSetInfo

kernel32

HeapFree
HeapAlloc
HeapReAlloc
GetProcessHeap

msvcrt

_initterm
_ftol
malloc
_adjust_fdiv
_CIpow
free

Exports

Exports

FUTAllocImp
FUTDeinitDynamicData
FUTFreeImp
FUTInitDynamicData
FUTRestoreDynamicData
FUTSaveDynamicData
FUTacos
FUTasin
FUTatan2
FUTcos
FUTsin
FUTsqrt
MSOXPutDocPropsImp
Oa12AddPara
Oa12AddShape
Oa12CalculateColor
Oa12DeInit
Oa12DestroyFill
Oa12DestroyShape
Oa12DestroyShapeList
Oa12DestroyStyleList
Oa12FindTheme
Oa12GetCurrentTheme
Oa12GetMapColor
Oa12GetThemeColor
Oa12GetThemeFont
Oa12InheritBulletProps
Oa12InheritCharProps
Oa12InheritFill
Oa12InheritParaProps
Oa12InheritShapeProps
Oa12InheritStyle
Oa12InitFunc
Oa12OutputEmbeddingLocator
Oa12OutputShape
Oa12ParseBLIP
Oa12ParseBLIPFILL
Oa12ParseBODYPR
Oa12ParseCNVPR
Oa12ParseCNVSPPR
Oa12ParseCUSTGEOM
Oa12ParseColorMap
Oa12ParseColorType
Oa12ParseEXT
Oa12ParseFILLREF
Oa12ParseGRADFILL
Oa12ParseGRAPHIC
Oa12ParseHLINKCLICK
Oa12ParseLNREF
Oa12ParseLine
Oa12ParseNOFILL
Oa12ParseOFF
Oa12ParseP
Oa12ParsePATTFILL
Oa12ParsePIC
Oa12ParsePRSTGEOM
Oa12ParseSOLIDFILL
Oa12ParseSPPR
Oa12ParseSRCRECT
Oa12ParseSTYLE
Oa12ParseStyleList
Oa12ParseTILE
Oa12ParseTXBODY
Oa12ParseTXSP
Oa12ParseTableStyles
Oa12ParseTheme
Oa12ParseXFRM
Oa12ProcessChart
Oa12RestoreState
Oa12SaveState
Oa12SetCallback
Oa12SetColorMap
Oa12SetCurrentShape
Oa12SetCurrentTheme
Oa12SetDefaultCharProps
Oa12SetDefaultParaProps
Oa12SetPkgFile
Oa12SetSlideNumber
Oa12SetVmlInfo
Oa12SkipTag
Oa12TagStackPop
Oa12TagStackPush
Oa12TagStackReset
Oa12dtowstr
Oa12ltowstr
Oa12wstrnlen
Oa12wstrtod
Oa12wstrtol
PKGCloseFile
PKGDeinit
PKGGetFileRange
PKGGetHIOFILE
PKGGetRelAttr
PKGGetRelAttrByHandle
PKGGetRelAttrByType
PKGGetZipHIOFILE
PKGInit
PKGOpenFileByRelId
PKGOpenFileByTarget
PKGOpenFileByType
VMLAddTagMaps
VMLBlockPrepDrawing
VMLBlockReadDrawing
VMLDeinit
VMLFileCache
VMLFileGetCommentInfo
VMLFileGetDrawingInfo
VMLFilePrepDrawing
VMLFileReadDrawing
VMLFinishDrawing
VMLGetRealNumber
VMLInitImp
VMLRealToDouble
VMLRealToLong
VMLRestoreData
VMLSaveData

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/sccimg.dll
.dll windows:4 windows x86 arch:x86

6a39ff382410ce85be4a27060cb0fb17

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wvcore

Win32VDestroyHandle
Win32VGetHandleUserData
Win32VLoadOS
Win32VGetOutputSolutionByType
Win32VGetOutputVtable
Win32VGetHandlePointerFunc
SNTranslateException

kernel32

LeaveCriticalSection
HeapFree
HeapAlloc
InitializeCriticalSection
HeapReAlloc
GetProcessHeap
EnterCriticalSection
DeleteCriticalSection

user32

ReleaseDC
wsprintfA

sccut

UTGetFileNameFromPath
UTSetOption
IOOpen
UTGetWideFileNameFromPath
UTwstrlen
UTwstrcpy
UTGetString
IOMapIOERR
IODelete
IOCreate

sccch

CHGetItemId
CHGetItems
CHGetItem
CHGetItemCount
CHUnlockItemRange
CHLockItemRange
CHGetFilter
CHNextItemId

sccda

DAGetHFile
DAGetSelection
DARetrieveDocHandle
DAGetOption
DAUnlockModuleData
DALockModuleData
DASetOption
DAGetHChunker
DACloseDocument
DAGetObjectLocator
DAOpenDocument
DADestroyModuleData
DACreateModuleData
DAPreOpenDocument
DAGetOLEObject
DAGetFileId

sccdu

GAPStartDrawToRect
Rotate90Data
GAPReleaseBitmapData
GAPMetafileToHandle
DUGetDCFunc
GAPMetafileToDevice
GABitmapToDeviceNP
GAPMetafileToContext
GABitmapAndTransparencyToDeviceNP
GABitmapAndTransparencyOnWhiteBKGToDeviceNP
DUSetFormatType
Rotate270Data
FlipHorizData
FlipVertData
Rotate180Data
GARetrieveContextDeviceNP
GAPInitGADataDU
GAPDeinitGADataDU
DUSetOutputType

sccex

FUConvertUnicodeToUTF8
FUConvertBigUnicodeToASCII
EXSetHPROC
EXDoCallback
EXGetParent
FUConvertASCIIToASCII
EXGetHPROC
FUConvertLittleUnicodeToASCII
FUConvertUnicodeToOppositeUnicode
FUConvertUnicodeToSameUnicode
FUConvertASCIIToBigUnicode
FUConvertASCIIToLittleUnicode

msvcrt

_adjust_fdiv
free
_initterm
malloc
_onexit
__dllonexit
_except_handler3
floor
_local_unwind2
_ftol
calloc
ceil
_pctype
__mb_cur_max
_isctype
tolower

Exports

Exports

GACloseGraphic
GAGetGraphicInfo
GAGraphicToContext
GAGraphicToDevice
GAGraphicToHandle
GAOpenGraphic
GraphicCallback
VwExportCloseFuncEx
VwExportOpenFuncEx
VwExportWriteFuncEx
VwImageExportCloseFunc
VwImageExportOpenFunc
VwImageExportWriteFunc

Sections

.text
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/sccind.dll
.dll windows:4 windows x86 arch:x86

54dc6877a172ea4e69dceb8aa7d5cc8f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

sccfmt

FMTFormatNumber
FMTDataVal
FMTFormatNumber35

sccut

UTCreateMap
UTwstrlen
UTMapCharRtn
UTArcIsContainer
UTGetWordString
UTGetUnknownCharSet

sccda

DAGetOption
DACharmapInit
DACharmapSetup
DAGetFileId
DAPreOpenDocument
DAUnlockModuleData
DACreateModuleData
DALockModuleData
DADestroyModuleData
DASetOption
DAGetHChunker

sccch

CHGetItems
CHGetItemCount
CHLockItemRange
CHUnlockItemRange
CHNextItemId
CHGetItem
CHGetItemId

kernel32

DisableThreadLibraryCalls
GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc

msvcrt

_initterm
malloc
bsearch
qsort
_adjust_fdiv
__dllonexit
_onexit
free

Exports

Exports

IndAddDWORDToArray
IndAddFieldFmt
IndAddFont
IndAddMergedCells
IndAddStyle
IndApplyStyle
IndCharmapInit
IndClearFieldFmts
IndClearHandler
IndClearMergedCells
IndColMajor
IndConvert
IndDeInitConv
IndDeInitDWORDArray
IndDeInitDoc
IndDeInitFieldFmts
IndDeInitFonts
IndDeInitMergedCells
IndDeInitNames
IndDeInitStyle
IndDeInitStyles
IndDefaultCharMap
IndFillFileId
IndFindInlineBeginTagId
IndFindStyle
IndFindTagId
IndFormatNumber
IndGetColStr
IndGetLocator
IndGetNameConv
IndGetOffset
IndGetSectName
IndHyperlinkInfo
IndInMergedCell
IndIncDWORDArray
IndIncMergedCells
IndIncrementCell
IndInitConv
IndInitDWORDArray
IndInitDoc
IndInitFonts
IndInitMergedCells
IndInitNames
IndInitStyle
IndInitStyles
IndIsUnMapFont
IndMapUTF8Enc
IndMapUTF8EncAttr
IndMapUTF8EncCont
IndPopStyle
IndProcessHeight
IndPumpCell
IndPushStyle
IndRegHandler
IndResizeNames
IndResolveStyles
IndSpecialChar
IndStartSheet
IndToggleAttr
IndUTF8EncAttr
IndUTF8EncCont
IndValidUnicode

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 621B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/scclo.dll
.dll windows:4 windows x86 arch:x86

e07e00e45407ff0dd6abc9eaa981fa7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_initterm
malloc
_adjust_fdiv
free

Exports

Exports

DummyFunction
LODeInit
LOInit

Sections

.text
Size: 4KB - Virtual size: 414B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 302B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/sccole2.dll
.dll windows:4 windows x86 arch:x86

c1f74c5d657fbac24326398b021d2d11

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wvcore

Win32VGetHandlePointerFunc
Win32VGetHandleParentByType
Win32VGetOutputVtable
Win32VGetHandleUserData

sccut

UTGetOption
UTswstrcpy
IOOpen

sccfa

FAGetHIOFile

sccch

CHGetFilter
CHGetItem
CHGetItems

kernel32

DisableThreadLibraryCalls
GetProcessHeap
HeapFree
MultiByteToWideChar
HeapAlloc

user32

FillRect
GetDC
SendMessageA
RegisterClipboardFormatA
ReleaseDC
wsprintfA

gdi32

DeleteDC
DeleteObject
GetDIBits
GetStockObject
SelectObject
CreateDIBSection
CreateCompatibleDC

ole32

OleSetClipboard
OleInitialize
OleUninitialize
StgOpenStorageOnILockBytes
OleLoad
OleSetContainedObject
DoDragDrop
OleConvertOLESTREAMToIStorage
StgCreateDocfile
StgOpenStorage

msvcrt

_adjust_fdiv
malloc
_initterm
free

Exports

Exports

DAActivateOleObjectNP
DACopyStorageForArchive
DACopyToClipNP
DADeinitOLENP
DADeinitObjectCacheNP
DADragAndDropNP
DADrawOleObjectNP
DAFreeOleObjectNP
DAInitOLENP
DALoadOleObjectNP
OLEActivateOleObjectNP
OLECopyStorageForArchive
OLECopyToClipNP
OLEDeinitOLENP
OLEDeinitObjectCacheNP
OLEDragAndDropNP
OLEDrawOleObjectNP
OLEFreeOleObjectNP
OLEInitOLENP
OLELoadOleObjectNP

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsacs.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 663B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 570B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsbdr.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 671B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 440B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsbmp.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vscgm.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsemf.dll
.dll windows:4 windows x86 arch:x86

79348b9c88018de6eeacb6e538027d68

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc

user32

GetSysColor

Exports

Exports

EmfSpecialClose
EmfSpecialGetInfo
EmfSpecialRead
EmfSpecialSeek
EmfSpecialTell
VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsexe2.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 998B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsfax.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 426B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsgdsf.dll
.dll windows:4 windows x86 arch:x86

0201e1b17b5b8a90357810ef3db60feb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
LoadLibraryA
FreeLibrary
PulseEvent
GetExitCodeThread
HeapReAlloc
ReleaseMutex
SetEvent
WaitForSingleObject
TerminateThread
CloseHandle
GetLastError
CreateFileA
GetVersion
CreateThread
CreateMutexA
CreateEventA
lstrlenA
GetModuleFileNameA

sccut

IOCreate
UTGetGlobalOption
UTGetGlobalOptionSet
UTGetOption
IOCloseNP
IOReadNP
IOWriteNP
IOSeekNP
IOTellNP
IOOpen
IOGetInfoNP

msvcrt

_stricmp
_isctype
__mb_cur_max
_pctype
fopen
fclose
strstr
_except_handler3
strncmp
memmove
_ftol
strncpy
strrchr

Exports

Exports

GDSF_EmbedClose
GDSF_EmbedGetInfo
GDSF_EmbedOpen
GDSF_EmbedRead
GDSF_EmbedSeek
GDSF_EmbedTell
GDSF_IOClose
GDSF_IOCreate
GDSF_IOOpen
VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsgif.dll
.dll windows:4 windows x86 arch:x86

3e7a97bc6801881a5c61b4fea1d2f827

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc

sccut

UTGetGlobalOption

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 430B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsgzip.dll
.dll windows:4 windows x86 arch:x86

95f80adfe17ece5e69d695cfc234eaf3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
lstrcpynA
HeapReAlloc
HeapAlloc

msvcrt

strncmp

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 518B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vshtml.dll
.dll windows:4 windows x86 arch:x86

879312a556769b08abfe7a49213c95a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapReAlloc
lstrcpynA
HeapAlloc

sccfa

FASwitchFilterContext

msvcrt

strchr
strstr

Exports

Exports

IODestroyHtml
IOInitializeHtml
IOParseHtml
VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsid3.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 895B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 690B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsimg.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 663B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 410B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsjbg2.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 478B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vslzh.dll
.dll windows:4 windows x86 arch:x86

50ae06c1c9be845b2bd039c360760842

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc

msvcrt

free
realloc
memmove

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 598B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsm11.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 671B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 530B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsmpp.dll
.dll windows:4 windows x86 arch:x86

8a50cbfbecb83d8ff0cca88d8e4cc3d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc

sccut

UTwstrlen
UTIsLeadByte
UTGetWordString

msvcrt

_ftol

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsmsg.dll
.dll windows:4 windows x86 arch:x86

4f288b76d17977508ecd5c6c17280e41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc

sccut

UTwstrlen
UTwstrcat
UTwsstrcpy
IOCreate
UTIsLeadByte
IOSetInfo

sccfa

FACloseSupportFilter
FAOpenSupportFilter
FASwitchFilterContext

msvcrt

_ftol
_itoa

Exports

Exports

MSGDoClose
MSGDoGetInfo
MSGDoRead
MSGDoSeek
MSGDoTell
VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsmsw.dll
.dll windows:4 windows x86 arch:x86

4284df4b4ce3408477fef10666db75a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vspbm.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

GetPbmHeader
InitProcData
InitSaveData
VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell
dwCalcBytesPerLine
dwGetInt
dwGetPixel
iGetFirstNonWS

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 834B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 450B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vspcx.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 430B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vspdf.dll
.dll windows:4 windows x86 arch:x86

047e80b5c1cb4819005ca5b5bc85cfdc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapReAlloc
lstrcpynA
HeapAlloc

sccut

UTGetGlobalOptionSet
UTGetOption
IOCreate
UTMD5
UTRC4
UTGetGlobalOption
IOGetTempFullFileName

msvcrt

strchr
atoi
memchr
atol
strncmp
memmove
tolower
_ftol
strstr

Exports

Exports

PDFSpecialClose
PDFSpecialGetInfo
PDFSpecialOpen
PDFSpecialRead
PDFSpecialSeek
PDFSpecialTell
VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vspdfi.dll
.dll windows:4 windows x86 arch:x86

fa5ec5593115fb2b1242b79257a584b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

user32

wsprintfA

msvcrt

_ftol

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vspdx.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 663B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vspfs.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vspgl.dll
.dll windows:4 windows x86 arch:x86

a9e935642c633f67316dc18810c12074

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

msvcrt

atoi
atol
_ftol

Exports

Exports

ApplyAbsRel
ApplyFitRatio
ApplyUTPTransform
FitPageRect
GetPlotSize
InitGetPlotSize
PointsInBounds
VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vspng.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

ChunkClose
ChunkRead
ChunkSeek
ChunkTell
VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 578B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vspp12.dll
.dll windows:4 windows x86 arch:x86

2087d0df417d9fcb545127d0e160f242

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc

sccfut

PKGCloseFile
PKGOpenFileByType
Oa12wstrnlen
MSOXPutDocPropsImp
Oa12SetSlideNumber
VMLInitImp
Oa12InitFunc
PKGInit
Oa12SetVmlInfo
Oa12ParseTableStyles
PKGGetHIOFILE
VMLDeinit
PKGDeinit
Oa12ParseTheme
Oa12SetPkgFile
PKGGetRelAttrByType
Oa12SkipTag
Oa12ParseStyleList
Oa12wstrtol
Oa12TagStackPush
Oa12TagStackPop
Oa12TagStackReset
Oa12DestroyShape
Oa12DestroyShapeList
VMLFileCache
Oa12SetCurrentTheme
Oa12DeInit
Oa12DestroyStyleList
Oa12FindTheme
PKGOpenFileByRelId
Oa12ParseBLIPFILL
Oa12ParseSOLIDFILL
Oa12ParseColorMap
Oa12ParsePATTFILL
Oa12InheritFill
Oa12ParseColorType
Oa12ParseSPPR
Oa12ParseSTYLE
Oa12ParseGRAPHIC
Oa12ParseXFRM
Oa12SetCallback
Oa12AddShape
PKGGetRelAttr
Oa12ParseCNVPR
Oa12ParseCNVSPPR
Oa12ParseTXBODY
Oa12ParseTXSP
Oa12SetCurrentShape
Oa12OutputShape
VMLFileGetDrawingInfo
Oa12InheritBulletProps
Oa12InheritStyle
Oa12InheritCharProps
Oa12InheritShapeProps
Oa12SetColorMap
Oa12RestoreState
VMLRestoreData
Oa12SaveState
VMLSaveData
Oa12GetCurrentTheme
Oa12ParseGRADFILL

sccut

UTXMLFindStringInMap
UTXMLGetAttribute
UTXMLReadNextTag
UTwsstrcmp
UTwstrncpy
UTXMLInit
UTwstrncmp
UTXMLAddTagMap
UTXMLDeInit

msvcrt

_ftol

Exports

Exports

Pp12CallbackOLEOBJ
VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vspp2.dll
.dll windows:4 windows x86 arch:x86

4284df4b4ce3408477fef10666db75a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vspp7.dll
.dll windows:4 windows x86 arch:x86

4284df4b4ce3408477fef10666db75a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vspp97.dll
.dll windows:4 windows x86 arch:x86

224a81c04d2ab26b15ff9bc15795cc37

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc

sccut

UTGetWordString

msvcrt

_ftol

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsppl.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 671B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vspsp6.dll
.dll windows:4 windows x86 arch:x86

9e8f4a991b154854b093264727acf4c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
HeapFree
GetProcessHeap
FreeLibrary
GetLastError
GetProcAddress
OutputDebugStringA
HeapAlloc

msvcrt

_ftol
malloc
sprintf
free
_purecall
__CxxFrameHandler
??3@YAXPAX@Z
rand
srand
qsort
strncmp
strncpy
__dllonexit
_onexit

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vspst.dll
.dll windows:4 windows x86 arch:x86

5f06b77c8a22e976c8465be2f84d2d23

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc

sccut

UTwstrcat
UTwstrcpy
UTwstrlen
IOSetInfo
IOCreate
UTwsstrcpy

msvcrt

strstr
_itoa
bsearch
_ftol

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 975B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vspstf.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsrtf.dll
.dll windows:4 windows x86 arch:x86

62eea97c5d1a86b11c3acffc20803ced

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc

sccfa

FAOpenSupportFilter
FACloseSupportFilter
FASwitchFilterContext

msvcrt

strstr
strchr

Exports

Exports

IODestroyRtf
IOInitializeRtf
IOParseRtf
VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsswf.dll
.dll windows:4 windows x86 arch:x86

4284df4b4ce3408477fef10666db75a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 751B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 462B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vstext.dll
.dll windows:4 windows x86 arch:x86

fbcc93e270b88e671897f129b53b2493

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

sccut

UTCharSetFromFileID

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 462B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vstga.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 663B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vstif6.dll
.dll windows:4 windows x86 arch:x86

3e7a97bc6801881a5c61b4fea1d2f827

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc

sccut

UTGetGlobalOption

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsvw3.dll
.dll windows:4 windows x86 arch:x86

09d8a1d056ee350a8f299fabcacc8f2d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

msvcrt

atoi

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 735B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 486B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsw12.dll
.dll windows:4 windows x86 arch:x86

1f30e9993665c39f95530d843a2bd662

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

sccfut

VMLAddTagMaps
PKGGetHIOFILE
FUTAllocImp
PKGOpenFileByType
PKGOpenFileByRelId
PKGCloseFile
Oa12CalculateColor
Oa12GetThemeColor
Oa12OutputShape
Oa12ProcessChart
Oa12DestroyShape
Oa12ParseGRAPHIC
Oa12TagStackPush
PKGGetRelAttr
Oa12SetPkgFile
Oa12GetThemeFont
VMLBlockPrepDrawing
VMLFinishDrawing
VMLBlockReadDrawing
PKGInit
Oa12SaveState
MSOXPutDocPropsImp
VMLInitImp
Oa12ParseTheme
PKGGetRelAttrByHandle
Oa12InitFunc
Oa12RestoreState
FUTFreeImp
PKGDeinit
Oa12DeInit
VMLDeinit
VMLSaveData
VMLRestoreData

sccut

UTXMLGetAttribute
UTXMLGetStateInfo
UTXMLAddTagMap
UTXMLInit
UTXMLRestoreStateInfo
UTXMLDeInit
UTXMLGetDecDWord
UTwstrcmp
UTXMLReadContent
UTXMLFindStringInMap
UTwstrcpy
UTwstrncmp
UTXMLReadNextTag
UTXMLRestoreStateInfoEx
UTwsstrcmp
UTXMLGetNextAttribute
UTXMLHexToDW
UTXMLGetRGBColor
UTwstrlen
UTswstrcpy

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsw6.dll
.dll windows:4 windows x86 arch:x86

ad93d6c2bc87c70154289360e8935bfc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc

sccfa

FACloseSupportFilter
FAOpenSupportFilter

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsw97.dll
.dll windows:4 windows x86 arch:x86

c8a73f71d5f28bff20c6d272043e7ccf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc

sccfa

FAOpenSupportFilter
FACloseSupportFilter
FASwitchFilterContext

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vswbmp.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vswmf.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 775B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 594B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vswml.dll
.dll windows:4 windows x86 arch:x86

21e56de699e02ac3f764b5e84266ccce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc

msvcrt

strtol

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 751B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsword.dll
.dll windows:4 windows x86 arch:x86

4284df4b4ce3408477fef10666db75a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsxl12.dll
.dll windows:4 windows x86 arch:x86

cb41642f2f4a92182489a3d562e0b0c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc

sccfut

Oa12ParseTheme
PKGCloseFile
VMLInitImp
PKGGetHIOFILE
PKGOpenFileByType
Oa12InitFunc
MSOXPutDocPropsImp
PKGGetRelAttrByHandle
Oa12ProcessChart
Oa12RestoreState
VMLSaveData
VMLRestoreData
PKGGetRelAttr
PKGDeinit
VMLDeinit
Oa12DeInit
Oa12DestroyShapeList
Oa12SaveState
Oa12DestroyShape
Oa12AddShape
PKGOpenFileByRelId
Oa12TagStackPush
Oa12SetVmlInfo
Oa12SetPkgFile
Oa12SkipTag
Oa12ParseGRAPHIC
Oa12ParseXFRM
Oa12TagStackPop
VMLFileGetDrawingInfo
VMLFileCache
PKGInit
VMLFileReadDrawing
VMLFilePrepDrawing
Oa12ParseTXBODY
Oa12ParseSTYLE
Oa12ParseBLIPFILL
Oa12ParseSPPR
Oa12SetCurrentShape
Oa12ParseCNVPR
Oa12ParseCNVSPPR
Oa12OutputShape
Oa12CalculateColor
Oa12GetThemeColor
VMLFinishDrawing

sccut

UTXMLGetAttribute
UTXMLAddTagMap
UTXMLInit
UTwstrcmp
UTwtoi
UTXMLReadContent
UTwstrcpy
UTwsstrcmp
UTXMLGetNextAttribute
UTXMLReadNextTag
UTXMLRestoreStateInfoEx
UTXMLDeInit
UTXMLSkipContent
UTXMLHexToDW
UTXMLGetDouble
UTwsstrcpy
UTXMLGetRGBColor
UTXMLFindStringInMap
UTwstrcat
UTwstrlen
UTXMLGetStateInfo
UTXMLRestoreStateInfo

msvcrt

_CIpow
_ftol

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsxl5.dll
.dll windows:4 windows x86 arch:x86

8d261f78dfe007295970423fa3937833

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc

sccfa

FAOpenSupportFilter
FASwitchFilterContext
FACloseSupportFilter

msvcrt

atoi

Exports

Exports

ParseThing
PutPrintArea
SpecialClose
SpecialGetInfo
SpecialOpenBlip
SpecialOpenIMData
SpecialRead
SpecialSeek
SpecialTell
VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionData
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionData
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsxml.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vsyim.dll
.dll windows:4 windows x86 arch:x86

bddfe079422176952d8fbba1dd40df29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 911B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 438B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/vszip.dll
.dll windows:4 windows x86 arch:x86

3215c342e87014e2484f032dbbef820b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
HeapAlloc

sccut

UTGetGlobalOption

msvcrt

_ftol

Exports

Exports

VwAllocProc
VwDoSpecial
VwFreeProc
VwGetData
VwGetInfo
VwGetRtns
VwGetSectionDataFunc
VwLocalDown
VwLocalUp
VwSetData
VwSetSectionDataFunc
VwSetSoRtn
VwSetUser
VwStreamClose
VwStreamOpen
VwStreamRead
VwStreamReadRecord
VwStreamSection
VwStreamSeek
VwStreamTell

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 530B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Viewer/wvcore.dll
.dll windows:4 windows x86 arch:x86

adf9aaeac0113a9ed067bdbf7416e080

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

wsprintfA
LoadStringW
LoadStringA

msvcrt

_onexit
__dllonexit
_adjust_fdiv
malloc
_initterm
free
memmove
wcsncpy
_except_handler3

kernel32

FindNextFileA
GetCurrentDirectoryA
HeapSize
HeapReAlloc
FindResourceExA
LoadResource
LockResource
GetVersion
LoadLibraryExA
LoadLibraryA
GetProcAddress
GetLastError
GetModuleHandleA
HeapAlloc
GetProcessHeap
HeapFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CopyFileA
DeleteFileA
FindClose
FindFirstFileA
GetModuleFileNameA
MoveFileA
CloseHandle
GetFileInformationByHandle
CreateFileA
GetTempFileNameA
GetTempPathA
SetCurrentDirectoryA
FileTimeToSystemTime
FileTimeToLocalFileTime
FreeLibrary
lstrlenA

Exports

Exports

AVAddPaletteEntry
AVArc
AVBeginPaint
AVBitBlt
AVCancelJob
AVCancelPage
AVChord
AVClientToScreen
AVClosePrinter
AVCombineRgn
AVCreateBitmap
AVCreateBitmapIndirect
AVCreateBrushIndirect
AVCreateCompatibleBitmap
AVCreateCompatibleDC
AVCreateCriticalSection
AVCreateDC
AVCreateDIBSection
AVCreateDIBitmap
AVCreateFont
AVCreateFontBank
AVCreateHatchBrush
AVCreateIC
AVCreatePalette
AVCreatePatternBrush
AVCreatePenIndirect
AVCreatePolyPolygonRgn
AVCreatePolygonRgn
AVCreateRectRgn
AVCreateRectRgnIndirect
AVCreateSolidBrush
AVDPtoLP
AVDStoLS
AVDeleteDC
AVDeleteObject
AVDestroyCriticalSection
AVDestroyWindow
AVDrawFocusRect
AVEllipse
AVEnableWindow
AVEndJob
AVEndPage
AVEndPaint
AVEnterCriticalSection
AVEnumAvailableFonts
AVEnumAvailablePaperSizes
AVEnumAvailablePrinters
AVEnumFontFamilies
AVExcludeClipRect
AVExcludeUpdateRgn
AVFillRect
AVFloodFill
AVFlush
AVFrameRect
AVFreeLibrary
AVGetBkColor
AVGetBkMode
AVGetBrushOrg
AVGetCharWidth
AVGetClientRect
AVGetClipBox
AVGetClipRgn
AVGetDC
AVGetDIBits
AVGetDeviceCaps
AVGetDeviceOption
AVGetFontData
AVGetFontInfo
AVGetMapMode
AVGetModuleFileName
AVGetModuleHandle
AVGetObject
AVGetPageDimensions
AVGetPageOrientation
AVGetPaletteSize
AVGetPaperSize
AVGetPixel
AVGetPolyFillMode
AVGetPrinterInfo
AVGetProcAddress
AVGetROP2
AVGetStockObject
AVGetStretchBltMode
AVGetSysColorBrush
AVGetTextAlign
AVGetTextCharacterExtra
AVGetTextColor
AVGetTextMetrics
AVGetTextWidth
AVGetUpdateRgn
AVGetViewportExt
AVGetViewportOrg
AVGetWindowExt
AVGetWindowLong
AVGetWindowOrg
AVGetWindowRect
AVIntersectClipRect
AVIntersectRect
AVInvalidateRect
AVInvertRect
AVLPtoDP
AVLStoDS
AVLeaveCriticalSection
AVLineTo
AVLoadLibrary
AVLoadString
AVLoadStringW
AVMergePalette
AVMoveTo
AVOffsetRect
AVOffsetRgn
AVOpenPrinter
AVPatBlt
AVPie
AVPolyPolygon
AVPolyPolyline
AVPolygon
AVPolyline
AVProc
AVPtInRect
AVRealizePalette
AVRectInRegion
AVRectangle
AVReleaseDC
AVRestoreDC
AVRoundRect
AVSaveDC
AVScreenToClient
AVSelectClipRgn
AVSelectObject
AVSelectPalette
AVSetBkColor
AVSetBkMode
AVSetBrushOrg
AVSetDIBits
AVSetDIBitsToDevice
AVSetDeviceOption
AVSetMapMode
AVSetPageOrientation
AVSetPaperSize
AVSetPixel
AVSetPolyFillMode
AVSetROP2
AVSetRectRgn
AVSetStretchBltMode
AVSetTextAlign
AVSetTextCharacterExtra
AVSetTextColor
AVSetViewportExt
AVSetViewportOrg
AVSetWindowExt
AVSetWindowLong
AVSetWindowOrg
AVStartJob
AVStartPage
AVStretchBlt
AVStretchDIBits
AVTextOut
AVUpdateWindow
AVVectorAddElement
AVVectorAddReference
AVVectorCreate
AVVectorDestroy
AVVectorElementAt
AVVectorFirstElement
AVVectorIndexOf
AVVectorInsertReferenceAt
AVVectorIsEmpty
AVVectorLastElement
AVVectorLastIndexOf
AVVectorRemoveAllElements
AVVectorRemoveElement
AVVectorRemoveElementAt
AVVectorSetReferenceAt
AVVectorSetSize
AVVectorSize
AVWrapDCHandle
AVWrapWindowHandle
GlobalDataDeinit
SNCompareMemory
SNCompareTimes
SNCopyFile
SNCopyMemory
SNCreateCriticalSection
SNDeleteFile
SNDestroyCriticalSection
SNEnterCriticalSection
SNFillMemory
SNFindClose
SNFindFirstFile
SNFindNextFile
SNFreeLibrary
SNGetCurrentDirectory
SNGetFileInfo
SNGetLibrarySpec
SNGetModuleFileName
SNGetModuleHandle
SNGetProcAddress
SNGetTempFileName
SNGetTempPath
SNLeaveCriticalSection
SNLoadLibrary
SNLoadString
SNLoadStringW
SNMoveFile
SNMoveMemory
SNSetCurrentDirectory
SNTranslateException
SPAddAssertionListener
SPAddErrorListener
SPAlloc
SPBytesToString
SPCreateHandle
SPDecrementHandleUseCount
SPDestroyHandle
SPFree
SPGetHandleCustomTypeId
SPGetHandleParent
SPGetHandleUseCount
SPGetHandleUserData
SPGetHandleUserDataSize
SPGetNativeHandle
SPHandle
SPIncrementHandleUseCount
SPLock
SPOnAssertionFailure
SPReAlloc
SPRegisterHandleType
SPRemoveAssertionListener
SPRemoveErrorListener
SPReportErrorEx
SPSize
SPStringCompare
SPStringCompareIgnoreCase
SPStringConcat
SPStringCopy
SPStringLength
SPStringToBytes
SPSubstringCopy
SPSubstringFind
SPSubstringReplace
SPUnlock
SPUnregisterHandleType
SPVectorAddElement
SPVectorAddReference
SPVectorCreate
SPVectorDestroy
SPVectorElementAt
SPVectorFirstElement
SPVectorIndexOf
SPVectorInsertReferenceAt
SPVectorIsEmpty
SPVectorLastElement
SPVectorLastIndexOf
SPVectorRemoveAllElements
SPVectorRemoveElement
SPVectorRemoveElementAt
SPVectorSetReferenceAt
SPVectorSetSize
SPVectorSize
SYSGetGlobalData
SYSSetGlobalData
Win32VAddAssertionListener
Win32VAddErrorListener
Win32VAddListenerToList
Win32VAddTraceListener
Win32VAddValidationListener
Win32VCreateHandle
Win32VDebugString
Win32VDecrementHandleUseCount
Win32VDeinit
Win32VDestroyHandle
Win32VGetDCVtable
Win32VGetFontBankVtable
Win32VGetHandleByUserData
Win32VGetHandleParent
Win32VGetHandleParentByType
Win32VGetHandlePointerFunc
Win32VGetHandleType
Win32VGetHandleUseCount
Win32VGetHandleUserData
Win32VGetListenerAt
Win32VGetListenerCount
Win32VGetOutputSolutionAt
Win32VGetOutputSolutionByName
Win32VGetOutputSolutionByType
Win32VGetOutputSolutionCount
Win32VGetOutputSolutionNameAndDescription
Win32VGetOutputSolutionType
Win32VGetOutputVtable
Win32VGetPaletteVtable
Win32VGetPrinterVtable
Win32VGetRegionVtable
Win32VGetWindowVtable
Win32VIncrementHandleUseCount
Win32VInit
Win32VIsTraceEnabled
Win32VIsValidHandle
Win32VIsValidationEnabled
Win32VLoadOS
Win32VOnAssertionFailure
Win32VRemoveAssertionListener
Win32VRemoveErrorListener
Win32VRemoveListenerFromList
Win32VRemoveTraceListener
Win32VRemoveValidationListener
Win32VReportErrorEx
Win32VSetDefaultOutputSolutionForType
Win32VSetHandleUserData
Win32VSetTraceEnabled
Win32VSetValidationEnabled
Win32VValidationOnBadInput
Win32VValidationOnBadOutput

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
eula.txt
r-studio.exe
.exe windows:4 windows x86 arch:x86

946f29c6999fb5a917ec10aeb22e23ff

Code Sign

01:00:00:00:00:01:11:76:56:e2:55
Certificate

Issuer

CN=GlobalSign ObjectSign CA,OU=ObjectSign CA,O=GlobalSign nv-sa,C=BE

Not Before

21/03/2007, 21:11

Not After

21/03/2009, 21:11

Subject

CN=R-tools technology Inc.,O=R-tools technology Inc.,C=CA,1.2.840.113549.1.9.1=#0c0f6f666669636540722d74742e636f6d

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageKeyEncipherment
KeyUsageDataEncipherment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:08:d9:61:1c:d6
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

28/01/1999, 12:00

Not After

27/01/2014, 11:00

Subject

CN=GlobalSign Primary Object Publishing CA,OU=Primary Object Publishing CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

04:00:00:00:00:01:08:d9:61:24:48
Certificate

Issuer

CN=GlobalSign Primary Object Publishing CA,OU=Primary Object Publishing CA,O=GlobalSign nv-sa,C=BE

Not Before

22/01/2004, 09:00

Not After

27/01/2014, 10:00

Subject

CN=GlobalSign ObjectSign CA,OU=ObjectSign CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

35:fe:74:62:45:e4:64:ed:2e:2c:b4:39:b0:49:48:1c:44:05:82:c5
Signer

Actual PE Digest

35:fe:74:62:45:e4:64:ed:2e:2c:b4:39:b0:49:48:1c:44:05:82:c5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetCommandLineW
CreateProcessW
GetStartupInfoW
lstrcatW
lstrlenW
GetModuleFileNameW
ExitProcess
CloseHandle
CreateProcessA
GetStartupInfoA
lstrcatA
lstrlenA
GetModuleFileNameA
GetVersion

user32

MessageBoxA

Sections

.text
Size: 4KB - Virtual size: 560B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 486B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 98B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
rloginsrv.exe
.exe windows:4 windows x86 arch:x86

974bc30bfabee27b2b7b5f282a9cfc21

Code Sign

01:00:00:00:00:01:11:76:56:e2:55
Certificate

Issuer

CN=GlobalSign ObjectSign CA,OU=ObjectSign CA,O=GlobalSign nv-sa,C=BE

Not Before

21/03/2007, 21:11

Not After

21/03/2009, 21:11

Subject

CN=R-tools technology Inc.,O=R-tools technology Inc.,C=CA,1.2.840.113549.1.9.1=#0c0f6f666669636540722d74742e636f6d

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageKeyEncipherment
KeyUsageDataEncipherment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:08:d9:61:1c:d6
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

28/01/1999, 12:00

Not After

27/01/2014, 11:00

Subject

CN=GlobalSign Primary Object Publishing CA,OU=Primary Object Publishing CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

04:00:00:00:00:01:08:d9:61:24:48
Certificate

Issuer

CN=GlobalSign Primary Object Publishing CA,OU=Primary Object Publishing CA,O=GlobalSign nv-sa,C=BE

Not Before

22/01/2004, 09:00

Not After

27/01/2014, 10:00

Subject

CN=GlobalSign ObjectSign CA,OU=ObjectSign CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

55:04:b1:8f:4b:97:dc:24:a8:b7:ef:5e:01:1b:bc:94:b9:f7:23:04
Signer

Actual PE Digest

55:04:b1:8f:4b:97:dc:24:a8:b7:ef:5e:01:1b:bc:94:b9:f7:23:04

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
WaitForMultipleObjects
ConnectNamedPipe
CreateNamedPipeA
OpenProcess
SetStdHandle
GetOEMCP
GetCurrentProcess
DuplicateHandle
WriteFile
FlushFileBuffers
DisconnectNamedPipe
SetEvent
GetModuleFileNameA
CreateEventA
GetCurrentProcessId
ExitProcess
CloseHandle
Sleep
SetErrorMode
LoadLibraryA
GetProcAddress
FreeLibrary
GetVersionExA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
HeapFree
HeapAlloc
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
TerminateProcess
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStringTypeA
GetStringTypeW
SetFilePointer
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP

user32

MessageBoxA

advapi32

SetServiceStatus
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
ImpersonateNamedPipeClient
RevertToSelf
LogonUserW
StartServiceA
OpenServiceW
DeleteService
ControlService
QueryServiceStatus
CreateServiceW
CloseServiceHandle
OpenSCManagerW
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
RegDeleteValueA
RegSetValueExA
RegConnectRegistryA
RegCreateKeyA
RegOpenKeyExA
RegCloseKey

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
rs-faq.url
rs_an.bin
.exe windows:4 windows x86 arch:x86

9fcba21468a425fb914f5073b63e290c

Code Sign

01:00:00:00:00:01:11:76:56:e2:55
Certificate

Issuer

CN=GlobalSign ObjectSign CA,OU=ObjectSign CA,O=GlobalSign nv-sa,C=BE

Not Before

21/03/2007, 21:11

Not After

21/03/2009, 21:11

Subject

CN=R-tools technology Inc.,O=R-tools technology Inc.,C=CA,1.2.840.113549.1.9.1=#0c0f6f666669636540722d74742e636f6d

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageKeyEncipherment
KeyUsageDataEncipherment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:08:d9:61:1c:d6
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

28/01/1999, 12:00

Not After

27/01/2014, 11:00

Subject

CN=GlobalSign Primary Object Publishing CA,OU=Primary Object Publishing CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

04:00:00:00:00:01:08:d9:61:24:48
Certificate

Issuer

CN=GlobalSign Primary Object Publishing CA,OU=Primary Object Publishing CA,O=GlobalSign nv-sa,C=BE

Not Before

22/01/2004, 09:00

Not After

27/01/2014, 10:00

Subject

CN=GlobalSign ObjectSign CA,OU=ObjectSign CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

95:fd:3c:46:12:e3:b4:6d:39:6d:e3:0b:0a:c0:9b:08:b8:85:90:14
Signer

Actual PE Digest

95:fd:3c:46:12:e3:b4:6d:39:6d:e3:0b:0a:c0:9b:08:b8:85:90:14

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Work\MyProjects\RStudio\Batch\RStudio.pdb

Imports

mpr

WNetCloseEnum
WNetEnumResourceA
WNetOpenEnumA
WNetAddConnection2A
WNetCancelConnection2A

winmm

PlaySoundA

kernel32

GlobalLock
GlobalAlloc
lstrcpynA
GetLocaleInfoA
GetFileAttributesA
GetWindowsDirectoryA
WinExec
lstrcatA
GlobalFree
GetTimeFormatA
TerminateProcess
ReleaseMutex
InterlockedExchangeAdd
CreateProcessA
VirtualFree
VirtualAlloc
InterlockedCompareExchange
WaitForMultipleObjectsEx
FreeResource
ResumeThread
GetLocalTime
GetThreadLocale
GetCommandLineA
CreateThread
SetUnhandledExceptionFilter
GetExitCodeProcess
CreateProcessW
GetEnvironmentStringsW
GetEnvironmentStrings
SetStdHandle
CreatePipe
ReadProcessMemory
GetThreadSelectorEntry
GetThreadContext
GlobalUnlock
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameW
GetFileType
WriteConsoleW
GetStartupInfoA
GetProcessHeap
VirtualQuery
IsDebuggerPresent
UnhandledExceptionFilter
HeapReAlloc
GetSystemTimeAsFileTime
RtlUnwind
HeapFree
HeapAlloc
DosDateTimeToFileTime
GetStringTypeExW
GetStringTypeExA
CompareStringW
CompareStringA
InterlockedExchange
CreateMutexA
ExitProcess
lstrcpyA
GetModuleFileNameA
LoadLibraryExA
IsDBCSLeadByte
InterlockedDecrement
InterlockedIncrement
lstrcmpiA
lstrcmpA
MulDiv
lstrlenW
lstrcpyW
lstrlenA
FlushInstructionCache
FindResourceExA
FindResourceA
LoadResource
TlsFree
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
HeapSize
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetHandleCount
FreeEnvironmentStringsA
FreeEnvironmentStringsW
QueryPerformanceCounter
LoadLibraryW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
LockResource
SizeofResource
RaiseException
BackupRead
BackupWrite
VirtualProtect
GetStdHandle
LocalFileTimeToFileTime
CallNamedPipeA
OpenProcess
GetCurrentProcessId
GetLogicalDrives
GetDiskFreeSpaceA
WaitNamedPipeW
WaitNamedPipeA
GetOverlappedResult
DisconnectNamedPipe
FormatMessageW
FormatMessageA
GetVersionExA
GetVersion
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
GetWindowsDirectoryW
InitializeCriticalSection
FreeLibrary
LoadLibraryA
WaitForMultipleObjects
PulseEvent
ResetEvent
SetEvent
CreateEventA
ReleaseSemaphore
CreateSemaphoreA
SetThreadPriority
GetThreadPriority
TerminateThread
WaitForSingleObject
GetExitCodeThread
GetCurrentProcess
DuplicateHandle
GetCurrentThread
GetCurrentThreadId
ExitThread
GetSystemInfo
WriteConsoleA
GetConsoleOutputCP
SetEndOfFile
GlobalMemoryStatus
FindNextFileW
FindFirstFileW
FindNextFileA
FindFirstFileA
SetFileAttributesW
SetFileTime
SetFileAttributesA
FindClose
GetVolumeInformationW
GetFullPathNameW
GetVolumeInformationA
GetModuleHandleA
GetProcAddress
GetFullPathNameA
RemoveDirectoryW
CreateDirectoryW
DeleteFileW
RemoveDirectoryA
CreateDirectoryA
DeleteFileA
FlushFileBuffers
WriteFile
SetLastError
SetErrorMode
ReadFile
GetFileSize
SetFilePointer
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
WideCharToMultiByte
GetDriveTypeW
CreateFileW
GetDriveTypeA
CreateFileA
GetLastError
DeviceIoControl
CloseHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDateFormatA
GetSystemTime
SystemTimeToFileTime
GetTickCount
Sleep
MultiByteToWideChar
SetEnvironmentVariableA
IsProcessorFeaturePresent
SuspendThread
TlsSetValue

user32

GetLastActivePopup
DialogBoxIndirectParamA
WinHelpA
DrawStateA
GetSystemMenu
EnableMenuItem
DrawIcon
CopyIcon
CreateIconIndirect
GetIconInfo
MessageBoxA
ChildWindowFromPoint
ShowScrollBar
IsChild
BringWindowToTop
FindWindowExA
GetTopWindow
GetNextDlgTabItem
EnumChildWindows
IsDlgButtonChecked
IsClipboardFormatAvailable
GetClipboardData
EmptyClipboard
SetClipboardData
CloseClipboard
GetCaretPos
SetCaretPos
ShowCaret
HideCaret
OpenClipboard
IsRectEmpty
DrawFocusRect
GetClassNameA
LoadBitmapA
AdjustWindowRectEx
SendMessageTimeoutA
SendNotifyMessageA
LockWindowUpdate
FindWindowA
GetWindow
UnionRect
DrawTextExA
ScrollWindowEx
GetCursorPos
TrackPopupMenu
CreatePopupMenu
AppendMenuA
LoadIconA
SetScrollInfo
GetScrollInfo
SetScrollRange
TrackPopupMenuEx
GetScrollPos
GetScrollRange
ScrollWindow
CreateCursor
GetClassLongA
DestroyCursor
ValidateRect
DestroyAcceleratorTable
DrawFrameControl
LoadAcceleratorsA
GetDlgItemTextA
TranslateMessage
EndDialog
SetForegroundWindow
SetParent
CreateDialogParamA
GetMessageA
DispatchMessageA
LoadStringW
PostQuitMessage
GetAsyncKeyState
SetWindowsHookExA
PeekMessageA
CallNextHookEx
GetKeyState
CharNextA
CharLowerA
UnhookWindowsHookEx
RegisterWindowMessageA
GetSysColorBrush
FrameRect
WindowFromPoint
MessageBeep
GetActiveWindow
GetWindowThreadProcessId
IsWindowEnabled
MapWindowPoints
GetMenu
DrawMenuBar
GetDlgItem
EnableWindow
SetMenuDefaultItem
GetCapture
SetCursor
GetMessagePos
ReleaseCapture
ScreenToClient
InflateRect
ModifyMenuA
IsIconic
keybd_event
GetKeyboardState
SetActiveWindow
EnumWindows
SetScrollPos
DestroyCaret
PtInRect
IntersectRect
GetWindowDC
EndPaint
BeginPaint
GetDoubleClickTime
DrawEdge
CharUpperBuffW
CharLowerBuffW
OemToCharBuffA
CharUpperBuffA
CharLowerBuffA
CharToOemBuffA
GetDesktopWindow
CreateCaret
GetDlgCtrlID
SetCapture
KillTimer
SetTimer
BeginDeferWindowPos
EndDeferWindowPos
DialogBoxParamA
CallWindowProcA
OffsetRect
RegisterClassExA
SystemParametersInfoA
SetRectEmpty
ReleaseDC
GetDC
GetSubMenu
IsMenu
GetMenuItemCount
GetMenuItemInfoA
SetMenuItemInfoA
DrawTextA
DefWindowProcA
DeferWindowPos
GetSysColor
LoadImageA
DestroyMenu
TranslateAcceleratorA
CreateWindowExA
EqualRect
CopyRect
SetRect
LoadMenuA
LoadCursorA
GetClassInfoExA
DestroyIcon
FillRect
GetFocus
GetWindowRect
IsWindow
GetParent
SetFocus
RedrawWindow
IsWindowVisible
ShowWindow
InvalidateRect
UpdateWindow
ClientToScreen
GetClientRect
SetWindowPos
MoveWindow
SetMenu
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
PostMessageA
SendMessageA
DestroyWindow
GetWindowLongA
SetWindowLongA
LoadStringA
GetSystemMetrics
MsgWaitForMultipleObjects
SetDlgItemTextA
UnregisterClassA

gdi32

GetStockObject
SetBitmapBits
GetTextExtentPoint32W
TextOutW
OffsetRgn
CreateFontA
GetTextColor
SetROP2
FrameRgn
CreateRoundRectRgn
SetTextJustification
CombineRgn
ExcludeClipRect
TextOutA
StretchBlt
CreateBrushIndirect
FillRgn
GetBkColor
CreatePolygonRgn
CreateDIBSection
SetBrushOrgEx
GetCurrentObject
CreateRectRgnIndirect
Rectangle
CreateRectRgn
GetClipRgn
GetTextMetricsA
LPtoDP
DPtoLP
CreateBitmap
CreatePatternBrush
SetBkColor
ExtTextOutA
PatBlt
Polyline
GetDeviceCaps
IntersectClipRect
SelectClipRgn
RestoreDC
SaveDC
Polygon
LineTo
MoveToEx
CreatePen
SetViewportOrgEx
SetTextColor
SetBkMode
CreateSolidBrush
BitBlt
GetClipBox
CreateCompatibleBitmap
SetWindowOrgEx
CreateFontIndirectA
DeleteDC
SelectObject
GetObjectA
DeleteObject
GetTextExtentPoint32A
CreateCompatibleDC

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegSetValueExA
RevertToSelf
RegCloseKey
LogonUserW
RegDeleteValueA
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegCreateKeyW
RegCreateKeyA
RegConnectRegistryW
RegConnectRegistryA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegDeleteKeyA
RegCreateKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
DeleteService
CreateServiceW
OpenServiceW
StartServiceA
ControlService
QueryServiceStatus
OpenSCManagerW
CloseServiceHandle
OpenThreadToken
ImpersonateLoggedOnUser

shell32

SHGetDesktopFolder
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetFileInfoA
SHGetMalloc
ShellExecuteA
ExtractIconExA

ole32

CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize
CoTaskMemAlloc

oleaut32

VarDecCmp
VarDecFromStr
VarR8FromStr
VarI4FromStr
VarDateFromStr
VarUI4FromStr

wsock32

socket
ioctlsocket
gethostbyname
connect
recv
WSACleanup
WSASetLastError
setsockopt
select
WSAGetLastError
shutdown
closesocket
WSAStartup
send

comctl32

ImageList_Destroy
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_GetIcon
ord6
ImageList_Draw
_TrackMouseEvent
ImageList_Create
ImageList_AddMasked
ImageList_DrawEx
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_DragLeave
ImageList_GetIconSize
ImageList_LoadImageA
ImageList_SetOverlayImage
ord17
InitCommonControlsEx

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 360KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
rs_un.bin
.exe windows:4 windows x86 arch:x86

4c728dec3b7f5cc75f738743cc2b4b06

Code Sign

01:00:00:00:00:01:11:76:56:e2:55
Certificate

Issuer

CN=GlobalSign ObjectSign CA,OU=ObjectSign CA,O=GlobalSign nv-sa,C=BE

Not Before

21/03/2007, 21:11

Not After

21/03/2009, 21:11

Subject

CN=R-tools technology Inc.,O=R-tools technology Inc.,C=CA,1.2.840.113549.1.9.1=#0c0f6f666669636540722d74742e636f6d

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageKeyEncipherment
KeyUsageDataEncipherment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:08:d9:61:1c:d6
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

28/01/1999, 12:00

Not After

27/01/2014, 11:00

Subject

CN=GlobalSign Primary Object Publishing CA,OU=Primary Object Publishing CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

04:00:00:00:00:01:08:d9:61:24:48
Certificate

Issuer

CN=GlobalSign Primary Object Publishing CA,OU=Primary Object Publishing CA,O=GlobalSign nv-sa,C=BE

Not Before

22/01/2004, 09:00

Not After

27/01/2014, 10:00

Subject

CN=GlobalSign ObjectSign CA,OU=ObjectSign CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

9d:be:4a:3f:b5:e6:72:4a:6b:ac:87:ef:89:bc:32:c6:36:8a:fb:53
Signer

Actual PE Digest

9d:be:4a:3f:b5:e6:72:4a:6b:ac:87:ef:89:bc:32:c6:36:8a:fb:53

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Work\MyProjects\RStudio\Batch\RStudio.pdb

Imports

mpr

WNetCloseEnum
WNetEnumResourceW
WNetOpenEnumW
WNetAddConnection2W
WNetCancelConnection2W

winmm

PlaySoundW

kernel32

GetLocaleInfoW
GetFileAttributesW
WinExec
lstrcatW
GlobalFree
FindResourceA
GetModuleFileNameA
GetTimeFormatW
GetDateFormatW
TerminateProcess
ReleaseMutex
InterlockedExchangeAdd
CreateProcessW
VirtualFree
VirtualAlloc
InterlockedCompareExchange
WaitForMultipleObjectsEx
InterlockedExchange
FreeResource
ResumeThread
GetLocalTime
GetThreadLocale
GetCommandLineW
GetCommandLineA
CreateThread
SetUnhandledExceptionFilter
GetExitCodeProcess
CreateProcessA
GetEnvironmentStringsW
SetStdHandle
CreatePipe
ReadProcessMemory
GetThreadSelectorEntry
GetThreadContext
SuspendThread
lstrcpynW
LCMapStringW
LCMapStringA
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetFileType
WriteConsoleW
GetStartupInfoW
GetProcessHeap
IsDebuggerPresent
UnhandledExceptionFilter
HeapReAlloc
GetSystemTimeAsFileTime
RtlUnwind
HeapFree
HeapAlloc
DosDateTimeToFileTime
GlobalAlloc
GlobalLock
GlobalUnlock
CompareStringW
CreateMutexA
ExitProcess
GetModuleFileNameW
LoadLibraryExW
InterlockedDecrement
InterlockedIncrement
LoadLibraryW
lstrcmpiW
lstrcmpW
MulDiv
lstrcpyW
lstrlenW
FlushInstructionCache
GetVersionExW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
RaiseException
GetModuleHandleW
BackupRead
HeapCreate
HeapSize
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStartupInfoA
GetTimeFormatA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
SetEndOfFile
BackupWrite
VirtualProtect
GetStdHandle
LocalFileTimeToFileTime
CallNamedPipeA
CreateEventW
OpenProcess
GetCurrentProcessId
GetLogicalDrives
GetDiskFreeSpaceA
WaitNamedPipeW
WaitNamedPipeA
GetOverlappedResult
DisconnectNamedPipe
FormatMessageW
FormatMessageA
GetVersionExA
GetVersion
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
GetWindowsDirectoryW
InitializeCriticalSection
FreeLibrary
LoadLibraryA
WaitForMultipleObjects
PulseEvent
ResetEvent
SetEvent
CreateEventA
ReleaseSemaphore
CreateSemaphoreA
SetThreadPriority
GetThreadPriority
TerminateThread
WaitForSingleObject
GetExitCodeThread
GetCurrentProcess
DuplicateHandle
GetCurrentThread
GetCurrentThreadId
ExitThread
GetSystemInfo
GlobalMemoryStatus
FindNextFileW
CompareStringA
SetEnvironmentVariableA
IsProcessorFeaturePresent
FindFirstFileW
FindNextFileA
FindFirstFileA
SetFileAttributesW
SetFileTime
SetFileAttributesA
FindClose
GetVolumeInformationW
GetFullPathNameW
GetVolumeInformationA
GetModuleHandleA
GetProcAddress
GetFullPathNameA
RemoveDirectoryW
CreateDirectoryW
DeleteFileW
RemoveDirectoryA
CreateDirectoryA
DeleteFileA
FlushFileBuffers
WriteFile
SetLastError
SetErrorMode
ReadFile
GetFileSize
SetFilePointer
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
WideCharToMultiByte
GetDriveTypeW
CreateFileW
GetDriveTypeA
CreateFileA
GetLastError
DeviceIoControl
CloseHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDateFormatA
GetSystemTime
SystemTimeToFileTime
GetTickCount
Sleep
MultiByteToWideChar
GetStringTypeExW
HeapDestroy

user32

DialogBoxIndirectParamW
WinHelpW
DrawStateW
GetSystemMenu
EnableMenuItem
DrawIcon
CopyIcon
CreateIconIndirect
GetIconInfo
MessageBoxW
ChildWindowFromPoint
ShowScrollBar
IsChild
BringWindowToTop
FindWindowExW
GetTopWindow
GetNextDlgTabItem
EnumChildWindows
IsDlgButtonChecked
IsClipboardFormatAvailable
GetClipboardData
EmptyClipboard
SetClipboardData
CloseClipboard
GetCaretPos
SetCaretPos
ShowCaret
HideCaret
OpenClipboard
SetDlgItemTextW
IsRectEmpty
GetClassNameA
DrawFocusRect
GetClassNameW
LoadBitmapW
AdjustWindowRectEx
SendMessageTimeoutW
SendNotifyMessageW
LockWindowUpdate
FindWindowW
GetWindow
UnionRect
DrawTextExW
ScrollWindowEx
GetCursorPos
TrackPopupMenu
CreatePopupMenu
AppendMenuW
LoadIconW
SetScrollInfo
GetLastActivePopup
SetScrollRange
SetScrollPos
GetScrollPos
OemToCharBuffA
ScrollWindow
GetDesktopWindow
CreateCursor
GetClassLongW
DestroyCursor
ValidateRect
DestroyAcceleratorTable
RegisterWindowMessageA
LoadAcceleratorsW
SetDlgItemTextA
GetWindowTextA
SetWindowTextA
GetDlgItemTextA
TranslateMessage
EndDialog
SetForegroundWindow
SetParent
CreateDialogParamW
GetMessageW
DispatchMessageW
PostQuitMessage
GetAsyncKeyState
SetWindowsHookExW
PeekMessageW
CallNextHookEx
GetKeyState
CharNextW
CharLowerW
UnhookWindowsHookEx
RegisterWindowMessageW
GetSysColorBrush
FrameRect
WindowFromPoint
MessageBeep
GetActiveWindow
GetWindowThreadProcessId
IsWindowEnabled
MapWindowPoints
GetMenu
DrawMenuBar
GetDlgItem
EnableWindow
SetMenuDefaultItem
GetCapture
SetCursor
GetMessagePos
ReleaseCapture
TrackPopupMenuEx
ModifyMenuW
IsIconic
keybd_event
GetKeyboardState
SetActiveWindow
MessageBoxA
CharUpperBuffW
GetScrollInfo
CharLowerBuffW
ScreenToClient
InflateRect
PtInRect
IntersectRect
GetWindowDC
EndPaint
BeginPaint
CharUpperBuffA
CharLowerBuffA
CharToOemBuffA
CreateCaret
DestroyCaret
GetScrollRange
EnumWindows
GetDoubleClickTime
DrawEdge
GetDlgCtrlID
SetCapture
KillTimer
SetTimer
BeginDeferWindowPos
EndDeferWindowPos
DialogBoxParamW
CallWindowProcW
OffsetRect
RegisterClassExW
SystemParametersInfoW
SetRectEmpty
GetSubMenu
ReleaseDC
GetDC
IsMenu
GetMenuItemCount
GetMenuItemInfoW
SetMenuItemInfoW
DrawTextW
DefWindowProcW
DeferWindowPos
GetSysColor
LoadImageW
DestroyMenu
TranslateAcceleratorW
CreateWindowExW
EqualRect
CopyRect
SetRect
LoadMenuW
LoadCursorW
GetClassInfoExW
DestroyIcon
FillRect
GetFocus
GetWindowRect
IsWindow
GetParent
SetFocus
RedrawWindow
IsWindowVisible
ShowWindow
InvalidateRect
UpdateWindow
ClientToScreen
GetClientRect
SetWindowPos
MoveWindow
SetMenu
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
PostMessageW
SendMessageW
DestroyWindow
GetWindowLongW
SetWindowLongW
LoadStringW
LoadStringA
GetSystemMetrics
MsgWaitForMultipleObjects
DrawFrameControl
UnregisterClassA

gdi32

SetBitmapBits
OffsetRgn
CreateFontW
GetTextColor
SetROP2
FrameRgn
CreateRoundRectRgn
SetTextJustification
CombineRgn
ExcludeClipRect
TextOutW
StretchBlt
CreateBrushIndirect
FillRgn
GetBkColor
CreatePolygonRgn
CreateDIBSection
SetBrushOrgEx
GetCurrentObject
CreateRectRgnIndirect
Rectangle
CreateRectRgn
GetClipRgn
GetTextMetricsW
LPtoDP
DPtoLP
CreateBitmap
CreatePatternBrush
SetBkColor
ExtTextOutW
PatBlt
Polyline
GetDeviceCaps
IntersectClipRect
SelectClipRgn
RestoreDC
SaveDC
Polygon
LineTo
MoveToEx
CreatePen
SetViewportOrgEx
SetTextColor
SetBkMode
CreateSolidBrush
BitBlt
GetClipBox
CreateCompatibleBitmap
SetWindowOrgEx
CreateFontIndirectW
DeleteDC
SelectObject
GetObjectW
DeleteObject
GetStockObject
GetTextExtentPoint32W
CreateCompatibleDC

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegSetValueExA
RevertToSelf
RegCloseKey
RegDeleteValueW
RegSetValueExW
LogonUserW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegCreateKeyW
RegCreateKeyA
RegConnectRegistryW
RegConnectRegistryA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegDeleteKeyW
RegCreateKeyExW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueW
AdjustTokenPrivileges
LookupPrivilegeValueW
DeleteService
CreateServiceW
OpenServiceW
StartServiceW
ControlService
QueryServiceStatus
OpenSCManagerW
CloseServiceHandle
OpenThreadToken
OpenProcessToken
ImpersonateLoggedOnUser

shell32

ExtractIconExA
ShellExecuteA
SHGetDesktopFolder
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHGetMalloc
ShellExecuteW
ExtractIconExW

ole32

CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize
CoTaskMemAlloc

oleaut32

VarDecCmp
VarDecFromStr
VarR8FromStr
VarI4FromStr
VarDateFromStr
VarUI4FromStr

wsock32

socket
ioctlsocket
gethostbyname
connect
recv
WSACleanup
WSASetLastError
setsockopt
select
WSAGetLastError
shutdown
closesocket
WSAStartup
send

comctl32

ImageList_Destroy
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_GetIcon
CreateStatusWindowW
ImageList_Draw
_TrackMouseEvent
ImageList_Create
ImageList_AddMasked
ImageList_DrawEx
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_DragLeave
ImageList_GetIconSize
ImageList_LoadImageW
ImageList_SetOverlayImage
ord17
InitCommonControlsEx

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 364KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
rs_vdfio.vxd
rupdate.exe
.exe windows:4 windows x86 arch:x86

aaed7649ed3b0e28276a75048b04538e

Code Sign

01:00:00:00:00:01:11:76:56:e2:55
Certificate

Issuer

CN=GlobalSign ObjectSign CA,OU=ObjectSign CA,O=GlobalSign nv-sa,C=BE

Not Before

21/03/2007, 21:11

Not After

21/03/2009, 21:11

Subject

CN=R-tools technology Inc.,O=R-tools technology Inc.,C=CA,1.2.840.113549.1.9.1=#0c0f6f666669636540722d74742e636f6d

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageKeyEncipherment
KeyUsageDataEncipherment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:08:d9:61:1c:d6
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

28/01/1999, 12:00

Not After

27/01/2014, 11:00

Subject

CN=GlobalSign Primary Object Publishing CA,OU=Primary Object Publishing CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

04:00:00:00:00:01:08:d9:61:24:48
Certificate

Issuer

CN=GlobalSign Primary Object Publishing CA,OU=Primary Object Publishing CA,O=GlobalSign nv-sa,C=BE

Not Before

22/01/2004, 09:00

Not After

27/01/2014, 10:00

Subject

CN=GlobalSign ObjectSign CA,OU=ObjectSign CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:f0:7e:3d:34:bc:fc:71:3a:60:d8:08:03:31:ff:83:1b:45:70:91
Signer

Actual PE Digest

74:f0:7e:3d:34:bc:fc:71:3a:60:d8:08:03:31:ff:83:1b:45:70:91

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenA
InternetReadFile
HttpQueryInfoA
InternetSetOptionA
InternetQueryOptionA
HttpSendRequestA
HttpOpenRequestA
InternetCloseHandle
InternetConnectA

comctl32

PropertySheetA
CreatePropertySheetPageA
ImageList_Create
ord17
ImageList_GetIcon
ImageList_GetImageCount
_TrackMouseEvent
ImageList_ReplaceIcon
InitCommonControlsEx
DestroyPropertySheetPage

kernel32

FindClose
SetFileAttributesA
FindFirstFileA
FindNextFileA
FindFirstFileW
GlobalMemoryStatus
GetSystemInfo
ExitThread
GetCurrentThreadId
GetCurrentThread
DuplicateHandle
GetCurrentProcess
WaitForSingleObject
TerminateThread
CreateSemaphoreA
CreateEventA
SetEvent
ResetEvent
WaitForMultipleObjects
LoadLibraryA
FreeLibrary
InitializeCriticalSection
GetWindowsDirectoryW
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
GetVersion
GetVersionExA
FormatMessageA
FormatMessageW
GetCommandLineA
CreateMutexA
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
lstrlenA
lstrlenW
CreateThread
ExitProcess
SetUnhandledExceptionFilter
ReadProcessMemory
GetThreadSelectorEntry
GetCurrentProcessId
ResumeThread
GetThreadContext
SuspendThread
LoadLibraryExA
MulDiv
GetWindowsDirectoryA
WinExec
lstrcatA
FlushInstructionCache
RaiseException
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
CreateProcessA
GetStartupInfoA
GetTempPathA
OpenFileMappingA
CopyFileA
InterlockedExchange
InterlockedIncrement
InterlockedDecrement
lstrcmpiA
CompareStringA
CompareStringW
IsDBCSLeadByte
GetModuleFileNameA
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
GetStringTypeW
GetSystemTimeAsFileTime
GetStringTypeA
HeapSize
GetStdHandle
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
LCMapStringA
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetProcessHeap
VirtualQuery
VirtualAlloc
VirtualProtect
HeapReAlloc
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
HeapAlloc
HeapFree
RtlUnwind
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
GetModuleHandleA
GetProcAddress
CreateFileA
RemoveDirectoryA
CreateDirectoryA
DeleteFileA
FlushFileBuffers
WriteFile
SetLastError
SetErrorMode
ReadFile
GetFileSize
SetFilePointer
GetLastError
CloseHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
WideCharToMultiByte
FileTimeToSystemTime
GetDateFormatA
SystemTimeToFileTime
GetTickCount
Sleep
MultiByteToWideChar
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetThreadLocale
InterlockedCompareExchange
IsProcessorFeaturePresent
lstrcpyA

user32

CharNextA
GetActiveWindow
EnableWindow
SetClassLongA
SetWindowTextA
PostMessageA
DefWindowProcA
EndPaint
BeginPaint
FrameRect
IsWindow
ShowWindow
GetCursorPos
OffsetRect
SetRectEmpty
SetRect
PtInRect
GetParent
GetDlgItem
KillTimer
SetTimer
RedrawWindow
InvalidateRect
UpdateWindow
ScreenToClient
GetClientRect
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
GetWindowLongA
DestroyWindow
SetWindowLongA
CallWindowProcA
GetSystemMetrics
GetSysColor
DestroyCursor
LoadCursorA
SetCursor
UnregisterClassA
LoadImageA
DrawIcon
CopyIcon
DestroyIcon
FillRect
GetDC
CreateIconIndirect
ReleaseDC
MessageBoxA
CharUpperBuffA
CharLowerBuffA
LoadStringA
LoadIconA
SendMessageA
GetIconInfo
SystemParametersInfoA

gdi32

CreateCompatibleDC
SelectObject
CreateDIBSection
DeleteDC
DeleteObject
SelectClipRgn
GetStockObject
DPtoLP
StretchBlt
CreateBitmap
CreateSolidBrush
LineTo
MoveToEx
CreatePen
CreateCompatibleBitmap
BitBlt
SetTextColor
SetBkColor
SetBkMode
GetTextMetricsA
CreateFontIndirectA
GetDeviceCaps
GetTextExtentPoint32A
SetTextJustification
TextOutA
GetObjectA
FrameRgn
CreateRoundRectRgn

advapi32

RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegQueryValueA
RegCloseKey
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyA
RegConnectRegistryA
RegQueryInfoKeyA

shell32

ShellExecuteA

ole32

CoInitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CoUninitialize

oleaut32

VarUI4FromStr

Sections

.text
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
安装说明.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 36KB

UPX1 Size: 19KB - Virtual size: 20KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 2KB

9c523d8653da5455667e3f82274f2f88

Code Sign

01:00:00:00:00:01:11:76:56:e2:55Certificate

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

04:00:00:00:00:01:08:d9:61:1c:d6Certificate

Key Usages

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88Certificate

Extended Key Usages

Key Usages

04:00:00:00:00:01:08:d9:61:24:48Certificate

Key Usages

94:85:76:aa:49:17:f7:46:c1:a0:2e:a1:a5:46:53:06:ce:d9:f3:f5Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 109KB

.ndata Size: - Virtual size: 40KB

.rsrc Size: 8KB - Virtual size: 12KB

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 954B

7d85f9c30f9e87a65fff848de2c96ac1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 36KB

UPX1
Size: 19KB - Virtual size: 20KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 2KB

01:00:00:00:00:01:11:76:56:e2:55
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

04:00:00:00:00:01:08:d9:61:1c:d6
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

04:00:00:00:00:01:08:d9:61:24:48
Certificate

94:85:76:aa:49:17:f7:46:c1:a0:2e:a1:a5:46:53:06:ce:d9:f3:f5
Signer

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 109KB

.ndata
Size: - Virtual size: 40KB

.rsrc
Size: 8KB - Virtual size: 12KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 954B

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 296B

.reloc
Size: 512B - Virtual size: 460B

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 594B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 228KB - Virtual size: 224KB

.rdata
Size: 148KB - Virtual size: 144KB

.data
Size: 8KB - Virtual size: 26KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 12KB - Virtual size: 8KB