show
Overview
overview
7Static
static
328fdd04f48...18.exe
windows7-x64
728fdd04f48...18.exe
windows10-2004-x64
7$PLUGINSDI...sh.dll
windows7-x64
3$PLUGINSDI...sh.dll
windows10-2004-x64
3$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...lp.dll
windows7-x64
1$PLUGINSDI...lp.dll
windows10-2004-x64
1$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3$TEMP/Detect64.exe
windows7-x64
1$TEMP/Detect64.exe
windows10-2004-x64
1ClearOptions.exe
windows7-x64
1ClearOptions.exe
windows10-2004-x64
1DarkWave.chm
windows7-x64
1DarkWave.chm
windows10-2004-x64
1Uninstall.exe
windows7-x64
7Uninstall.exe
windows10-2004-x64
7x64/DarkWa...io.exe
windows7-x64
1x64/DarkWa...io.exe
windows10-2004-x64
1x64/PlugIn...es.dll
windows7-x64
1x64/PlugIn...es.dll
windows10-2004-x64
1x86/DarkWa...io.exe
windows7-x64
1x86/DarkWa...io.exe
windows10-2004-x64
1x86/PlugIn...es.dll
windows7-x64
3x86/PlugIn...es.dll
windows10-2004-x64
3Static task
static1
Behavioral task
behavioral1
Sample
28fdd04f48f090878be60118af63db33_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
28fdd04f48f090878be60118af63db33_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/AdvSplash.dll
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/AdvSplash.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/OCSetupHlp.dll
Resource
win7-20240705-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/OCSetupHlp.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240705-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral13
Sample
$TEMP/Detect64.exe
Resource
win7-20240704-en
Behavioral task
behavioral14
Sample
$TEMP/Detect64.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral15
Sample
ClearOptions.exe
Resource
win7-20240508-en
Behavioral task
behavioral16
Sample
ClearOptions.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral17
Sample
DarkWave.chm
Resource
win7-20240705-en
Behavioral task
behavioral18
Sample
DarkWave.chm
Resource
win10v2004-20240704-en
Behavioral task
behavioral19
Sample
Uninstall.exe
Resource
win7-20240705-en
Behavioral task
behavioral20
Sample
Uninstall.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral21
Sample
x64/DarkWave-Studio.exe
Resource
win7-20240508-en
Behavioral task
behavioral22
Sample
x64/DarkWave-Studio.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral23
Sample
x64/PlugIns/ES-CoreMachines.dll
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
x64/PlugIns/ES-CoreMachines.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral25
Sample
x86/DarkWave-Studio.exe
Resource
win7-20240508-en
Behavioral task
behavioral26
Sample
x86/DarkWave-Studio.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral27
Sample
x86/PlugIns/ES-CoreMachines.dll
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
x86/PlugIns/ES-CoreMachines.dll
Resource
win10v2004-20240704-en
General
-
Target
28fdd04f48f090878be60118af63db33_JaffaCakes118
-
Size
2.5MB
-
MD5
28fdd04f48f090878be60118af63db33
-
SHA1
a76ceb18abb47bfe22dc5080f84a37d9019cf20f
-
SHA256
760b773bcf426153100c44c4b3b1a9993b38a589ae6522eac452e0ce2194ec6b
-
SHA512
0e9e863d132493f2943f2de197470b80e3829a85d733f292924a1f98c2e06e7bd328d48d6fe311ee60df30fffa2496706888f6d78b706d2cd483ea3d8ee8c237
-
SSDEEP
49152:H6FPYWcYTugeLxcYRR0J8UkciBprRC6UnCLsaPIi07M:H6FPYWxTuDh0J8npr4DnFaPIib
Malware Config
Signatures
-
Unsigned PE 12 IoCs
Checks for missing Authenticode signature.
resource 28fdd04f48f090878be60118af63db33_JaffaCakes118 unpack001/$PLUGINSDIR/AdvSplash.dll unpack001/$PLUGINSDIR/InstallOptions.dll unpack001/$PLUGINSDIR/System.dll unpack001/$PLUGINSDIR/nsDialogs.dll unpack001/$TEMP/Detect64.exe unpack001/ClearOptions.exe unpack001/Uninstall.exe unpack001/x64/DarkWave-Studio.exe unpack001/x64/PlugIns/ES-CoreMachines.dll unpack001/x86/DarkWave-Studio.exe unpack001/x86/PlugIns/ES-CoreMachines.dll -
NSIS installer 4 IoCs
resource yara_rule sample nsis_installer_1 sample nsis_installer_2 static1/unpack001/Uninstall.exe nsis_installer_1 static1/unpack001/Uninstall.exe nsis_installer_2
Files
-
28fdd04f48f090878be60118af63db33_JaffaCakes118.exe windows:4 windows x86 arch:x86
7fa974366048f9c551ef45714595665e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA
user32
EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow
gdi32
SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject
shell32
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation
advapi32
RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
comctl32
ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create
ole32
CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
Sections
.text Size: 23KB - Virtual size: 22KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 3.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 56KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 102KB - Virtual size: 102KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/AdvSplash.dll.dll windows:4 windows x86 arch:x86
741b6bafe355b63a372d737b30543a95
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
lstrcpynA
GetVersion
lstrcpyA
lstrcatA
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
user32
LoadCursorA
RegisterClassA
SetWindowPos
SetWindowLongA
SystemParametersInfoA
EndPaint
GetClientRect
BeginPaint
DefWindowProcA
DestroyWindow
LoadImageA
CreateWindowExA
IsWindow
GetMessageA
DispatchMessageA
UnregisterClassA
wsprintfA
PostMessageA
SetWindowRgn
EnumDisplaySettingsA
gdi32
CombineRgn
CreateRectRgn
GetDIBits
SelectObject
CreateCompatibleDC
GetObjectA
DeleteDC
BitBlt
DeleteObject
winmm
timeSetEvent
PlaySoundA
timeKillEvent
Exports
Exports
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 188B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 436B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/InstallOptions.dll.dll windows:4 windows x86 arch:x86
b1cd0d78f652ce5fc63f0879371af012
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc
user32
MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect
gdi32
SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject
shell32
SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA
comdlg32
GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
ole32
CoTaskMemFree
Exports
Exports
dialog
initDialog
show
Sections
.text Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 152B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/OCSetupHlp.dll.dll regsvr32 windows:5 windows x86 arch:x86
23bc068733931994f44febb1ad7e7e5e
Code Sign
79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:edCertificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before01-05-2012 00:00Not After31-12-2012 23:59SubjectCN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04-12-2003 00:00Not After03-12-2013 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
6f:fc:26:3a:35:11:34:19:4c:f1:6e:1e:6d:0e:08:06Certificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before25-01-2011 00:00Not After14-03-2014 23:59SubjectCN=OpenCandy Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=OpenCandy Inc.,L=San Diego,ST=California,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
db:4c:79:9a:16:ae:ba:ba:69:e2:6c:f0:3c:13:a3:a5:59:90:fb:19Signer
Actual PE Digestdb:4c:79:9a:16:ae:ba:ba:69:e2:6c:f0:3c:13:a3:a5:59:90:fb:19Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetFileSize
GetCurrentProcessId
GetEnvironmentVariableW
FindFirstFileW
FindNextFileW
FindClose
ReadFile
GetTimeZoneInformation
GetTempPathW
DeleteFileW
WriteFile
ProcessIdToSessionId
SetLastError
HeapAlloc
GetProcessHeap
HeapFree
ExpandEnvironmentStringsW
CreateDirectoryW
WaitForSingleObject
FlushInstructionCache
GetCurrentThreadId
OutputDebugStringW
lstrcpynW
MulDiv
CreateMutexW
OpenMutexW
ReleaseMutex
UnmapViewOfFile
MapViewOfFileEx
CreateFileMappingW
OpenFileMappingW
GetShortPathNameW
SetFilePointer
CreateEventW
GlobalFree
ResumeThread
FreeResource
SetEvent
ResetEvent
GetTickCount
CreateProcessW
MoveFileExW
CreateFileW
GetFileAttributesW
SetEnvironmentVariableW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetExitCodeProcess
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetFullPathNameW
SetEndOfFile
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetErrorMode
CreateFileA
lstrlenA
WideCharToMultiByte
PeekNamedPipe
GetFileInformationByHandle
GetFullPathNameA
FlushFileBuffers
GetModuleHandleA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
LCMapStringA
ExitProcess
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
HeapCreate
RtlUnwind
GetDriveTypeW
GetFileType
GetConsoleMode
GetConsoleCP
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ExitThread
GetSystemTimeAsFileTime
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapDestroy
FindResourceA
GlobalMemoryStatusEx
GetDiskFreeSpaceExW
GetFileAttributesExW
CompareFileTime
GetVersion
GetTempFileNameW
ReleaseSemaphore
InitializeCriticalSectionAndSpinCount
CreateSemaphoreW
GetSystemInfo
GetVersionExW
FileTimeToSystemTime
GetSystemDefaultLCID
FormatMessageA
ExpandEnvironmentStringsA
SleepEx
GetCurrentProcess
DeleteCriticalSection
lstrcmpiW
EnterCriticalSection
GetProcAddress
GetThreadLocale
GetLastError
SetThreadLocale
RaiseException
lstrlenW
MultiByteToWideChar
GetModuleFileNameW
LeaveCriticalSection
InitializeCriticalSection
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
GlobalUnlock
GlobalLock
GlobalAlloc
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
CloseHandle
OpenProcess
GetUserDefaultUILanguage
GetLocaleInfoW
FreeLibrary
LoadLibraryW
Sleep
CreateThread
FindResourceExW
FindResourceW
LoadResource
LockResource
GetCurrentDirectoryA
SizeofResource
psapi
GetProcessImageFileNameW
EnumProcesses
ws2_32
select
WSACleanup
WSAStartup
closesocket
WSAGetLastError
socket
recv
send
getsockname
ntohs
bind
htons
getsockopt
getpeername
setsockopt
connect
WSASetLastError
__WSAFDIsSet
getaddrinfo
gethostname
ioctlsocket
freeaddrinfo
msimg32
AlphaBlend
shlwapi
PathMatchSpecW
user32
GetCursorPos
TrackPopupMenu
ReleaseCapture
DrawFocusRect
UnregisterClassA
GetCursor
SetCursor
SetWindowLongW
GetWindowLongW
DefWindowProcW
CallWindowProcW
IsWindow
DestroyWindow
PostQuitMessage
KillTimer
DestroyMenu
PeekMessageW
MsgWaitForMultipleObjects
NotifyWinEvent
FindWindowW
ScreenToClient
GetSysColor
GetUpdateRect
SetRect
GetAncestor
SetFocus
CreateDialogParamW
GetSystemMetrics
CallNextHookEx
UnhookWindowsHookEx
SetTimer
PostMessageW
GetWindowTextLengthW
GetWindowTextW
EnumChildWindows
EnumWindows
ShowWindow
GetDlgItem
GetMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
LoadIconW
SendMessageW
SetWindowTextW
GetClientRect
MoveWindow
SystemParametersInfoW
SetWindowsHookExW
DrawIconEx
GetIconInfo
SetMenuItemInfoW
IsWindowVisible
SetForegroundWindow
SetDlgItemTextW
SendDlgItemMessageW
EnableMenuItem
GetSystemMenu
EnableWindow
LoadImageW
MessageBoxW
DrawTextW
MapWindowPoints
GetParent
CreateWindowExW
LoadCursorW
GetClassInfoExW
RegisterClassExW
GetDesktopWindow
CharNextW
FillRect
InvalidateRect
GetAsyncKeyState
PtInRect
CopyRect
GetMonitorInfoW
MonitorFromPoint
GetWindowRect
EndPaint
BeginPaint
GetForegroundWindow
ReleaseDC
GetDC
GetSysColorBrush
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
GetWindowThreadProcessId
SetWindowPos
gdi32
GetStockObject
GetTextExtentPoint32W
GetObjectW
SetTextColor
CreatePatternBrush
CreateDIBSection
GetDeviceCaps
DeleteDC
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GdiFlush
DPtoLP
BitBlt
SetViewportOrgEx
CreateSolidBrush
SetBkMode
CreateFontIndirectW
advapi32
OpenProcessToken
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
GetTokenInformation
DuplicateTokenEx
LookupAccountSidW
CreateProcessAsUserW
LookupPrivilegeValueW
AdjustTokenPrivileges
GetUserNameW
RegEnumKeyW
shell32
SHGetFolderPathW
Shell_NotifyIconW
ShellExecuteW
ole32
CoInitializeSecurity
CoInitialize
CreateStreamOnHGlobal
CLSIDFromProgID
CoUninitialize
CoSetProxyBlanket
CoTaskMemFree
CoCreateInstance
CoInitializeEx
CoCreateGuid
CoTaskMemAlloc
StringFromGUID2
CoTaskMemRealloc
oleaut32
LoadTypeLi
UnRegisterTypeLi
VarUI4FromStr
RegisterTypeLi
SysFreeString
SysStringLen
VariantClear
SysAllocStringLen
VariantChangeType
LoadRegTypeLi
OleLoadPicture
SysAllocString
VariantInit
comctl32
InitCommonControlsEx
gdiplus
GdipCloneImage
GdipLoadImageFromFile
GdipDrawImageRectRect
GdipDeleteGraphics
GdipCreateFromHDC
GdipDisposeImage
GdipAlloc
GdipFree
GdiplusShutdown
GdiplusStartup
GdipDrawImagePointRectI
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
urlmon
URLDownloadToFileW
wininet
InternetQueryOptionW
InternetGetConnectedStateExW
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer
OCPRD203OpenCandy1
OCPRD203OpenCandy10
OCPRD203OpenCandy11
OCPRD203OpenCandy12
OCPRD203OpenCandy13
OCPRD203OpenCandy14
OCPRD203OpenCandy15
OCPRD203OpenCandy16
OCPRD203OpenCandy17
OCPRD203OpenCandy18
OCPRD203OpenCandy19
OCPRD203OpenCandy20
OCPRD203OpenCandy21
OCPRD203OpenCandy22
OCPRD203OpenCandy23
OCPRD203OpenCandy24
OCPRD203OpenCandy29
OCPRD203OpenCandy30
OCPRD203OpenCandy31
OCPRD203OpenCandy32
OCPRD203OpenCandy33
OCPRD203OpenCandy34
OCPRD203OpenCandy35
OCPRD203OpenCandy36
OCPRD203OpenCandy37
OCPRD203OpenCandy38
OCPRD203OpenCandy39
OCPRD203OpenCandy40
OCPRD203OpenCandy41
OCPRD203OpenCandy42
OCPRD203OpenCandy44
OCPRD203OpenCandy45
OCPRD203OpenCandy46
OCPRD203OpenCandy47
OCPRD203OpenCandy48
OCPRD203OpenCandy49
OCPRD203OpenCandy5
OCPRD203OpenCandy50
OCPRD203OpenCandy51
OCPRD203OpenCandy52
OCPRD203OpenCandy53
OCPRD203OpenCandy54
OCPRD203OpenCandy55
OCPRD203OpenCandy6
OCPRD203OpenCandy7
OCPRD203OpenCandy8
OCPRD203OpenCandy9
_OCPRD203OpenCandy25@12
_OCPRD203OpenCandy26@16
_OCPRD203OpenCandy27@16
_OCPRD203OpenCandy28@16
_OCPRD203OpenCandy2@16
_OCPRD203OpenCandy3@16
_OCPRD203OpenCandy43@16
_OCPRD203OpenCandy4@16
Sections
.text Size: 529KB - Virtual size: 528KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 167KB - Virtual size: 166KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 10KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 18KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 32KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:4 windows x86 arch:x86
2017f2acbdaa42ab3e4adeb8b4c37e7b
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect
user32
wsprintfA
ole32
StringFromGUID2
CLSIDFromString
Exports
Exports
Alloc
Call
Copy
Free
Get
Int64Op
Store
Sections
.text Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 784B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 100B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 520B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/ioSpecial.ini
-
$PLUGINSDIR/modern-wizard.bmp
-
$PLUGINSDIR/nsDialogs.dll.dll windows:4 windows x86 arch:x86
1e2884056e655f2b7bc5a904e352fc80
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
lstrcpyA
GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
GetProcessHeap
SetCurrentDirectoryA
user32
GetPropA
DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
RemovePropA
CharPrevA
GetWindowLongA
DrawTextA
GetWindowTextA
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapWindowPoints
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
MapDialogRect
GetClientRect
CharNextA
SendMessageA
DrawFocusRect
gdi32
SetTextColor
shell32
SHBrowseForFolderA
SHGetPathFromIDListA
comdlg32
GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError
ole32
CoTaskMemFree
Exports
Exports
Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show
Sections
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 152B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 572B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$TEMP/Detect64.exe.exe windows:5 windows x86 arch:x86
9f51065fe0e92a5d95f84cde3ff6b302
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
C:\Users\Daniel\Documents\Projects\DarkWave-Studio\Detect64\Release\Detect64.pdb
Imports
advapi32
RegCloseKey
RegOpenKeyExA
kernel32
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapFree
Sleep
RtlUnwind
HeapSize
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapAlloc
HeapReAlloc
IsProcessorFeaturePresent
Sections
.text Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 99KB - Virtual size: 98KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$TEMP/ExperimentalScene.bmp
-
ClearOptions.exe.exe windows:5 windows x86 arch:x86
9dd96d81c6e021dae2a7be763d05b5c1
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
C:\Users\Daniel\Documents\Projects\DarkWave-Studio\ClearOptions\Release\ClearOptions.pdb
Imports
kernel32
OpenFile
DeleteFileA
HeapReAlloc
HeapAlloc
GetStringTypeW
MultiByteToWideChar
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapFree
Sleep
RtlUnwind
HeapSize
LCMapStringW
IsProcessorFeaturePresent
user32
MessageBoxA
shell32
SHGetSpecialFolderPathA
Sections
.text Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 99KB - Virtual size: 98KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
DarkWave.chm.chm
-
Sample Projects/Arpeggiator.dwp
-
Sample Projects/Chemistry 101.dwp
-
Sample Projects/Chemistry 202.dwp
-
Sample Projects/Chemistry 303.dwp
-
Sample Projects/Crunch.dwp
-
Sample Projects/DrumDistort.dwp
-
Sample Projects/PsyRave.dwp
-
Sample Projects/StereoSplitter.dwp
-
Uninstall.exe.exe windows:4 windows x86 arch:x86
7fa974366048f9c551ef45714595665e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA
user32
EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow
gdi32
SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject
shell32
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation
advapi32
RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
comctl32
ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create
ole32
CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
Sections
.text Size: 23KB - Virtual size: 22KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 3.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 56KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 102KB - Virtual size: 102KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
x64/DarkWave-Studio.exe.exe windows:5 windows x64 arch:x64
9bc03f0b7d10de689aaa0f36b4963c32
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\Daniel\Documents\Projects\DarkWave-Studio\amd64\Release.pdb
Imports
kernel32
GetStringTypeW
WriteConsoleW
SetStdHandle
CreateFileA
LoadLibraryW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
ExitProcess
GetModuleHandleW
HeapCreate
GetVersion
HeapSetInformation
DeleteCriticalSection
GetFileType
SetHandleCount
LCMapStringW
FlsAlloc
GetCurrentThreadId
SetLastError
FlsFree
FlsSetValue
FlsGetValue
IsValidCodePage
GetOEMCP
GetCPInfo
SetFilePointer
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
ReadFile
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
RtlUnwindEx
HeapReAlloc
HeapSize
GetModuleFileNameW
GetStdHandle
WriteFile
RtlPcToFileHeader
RaiseException
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetCommandLineA
HeapAlloc
HeapFree
EncodePointer
DecodePointer
SetEndOfFile
GetProcessHeap
ReleaseSemaphore
CreateSemaphoreA
CreateDirectoryA
QueryPerformanceFrequency
QueryPerformanceCounter
FindNextFileA
LoadLibraryA
FindClose
GetProcAddress
FindFirstFileA
FreeLibrary
QueueUserAPC
SleepEx
Sleep
OpenFile
CreateEventA
GetModuleFileNameA
GetSystemInfo
GetCurrentProcess
SetPriorityClass
CreateThread
ResumeThread
SetThreadPriority
LockResource
SizeofResource
LoadResource
FreeResource
FindResourceA
CloseHandle
ReleaseMutex
CreateMutexA
WaitForSingleObject
GetLastError
GetTickCount
MultiByteToWideChar
GetACP
CreateFileW
user32
TrackPopupMenu
CharLowerBuffA
FillRect
ReleaseCapture
DrawTextA
SetCapture
MoveWindow
SetWindowLongPtrA
ShowWindow
ReleaseDC
CreateWindowExA
GetWindowTextA
GetDC
BeginPaint
SendMessageA
GetWindowLongPtrA
GetWindowRect
WindowFromPoint
ScreenToClient
DestroyWindow
EndPaint
LoadCursorA
EnableWindow
InvertRect
LoadMenuA
SetMenu
SetWindowRgn
DrawIcon
GetMessageA
PostQuitMessage
TranslateMessage
DispatchMessageA
AdjustWindowRectEx
CallWindowProcA
GetClientRect
DrawIconEx
LoadImageA
DestroyIcon
SetTimer
PostMessageA
GetCursorPos
SetCursor
KillTimer
EnableMenuItem
CreatePopupMenu
AppendMenuA
DestroyMenu
InflateRect
ClientToScreen
UpdateWindow
MessageBoxA
GetWindowTextLengthA
RedrawWindow
SetWindowTextA
GetDesktopWindow
RegisterClassExA
GetFocus
SetFocus
SetWindowLongA
GetWindowLongA
GetDCEx
DefWindowProcA
SetWindowPos
IsWindow
gdi32
CreateRectRgn
CreatePolygonRgn
GdiFlush
Rectangle
CreatePen
SetDIBits
PtInRegion
GetDeviceCaps
LineTo
SelectClipRgn
Polyline
GetStockObject
Polygon
SetBkMode
SetTextColor
SetBkColor
CreateSolidBrush
BitBlt
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontA
MoveToEx
comdlg32
GetOpenFileNameA
GetSaveFileNameA
advapi32
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegEnumKeyA
RegOpenKeyA
shell32
SHBrowseForFolderA
SHGetSpecialFolderPathA
ShellExecuteA
SHGetPathFromIDListA
dsound
ord2
ord11
winmm
midiInOpen
midiInGetDevCapsA
midiInClose
midiInGetNumDevs
midiOutGetNumDevs
midiOutOpen
waveOutClose
waveOutWrite
waveOutReset
waveOutGetDevCapsA
waveOutUnprepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutPrepareHeader
midiOutGetDevCapsA
midiOutClose
midiOutShortMsg
midiInStart
comctl32
ord17
ole32
CLSIDFromString
CoInitialize
CoUninitialize
CoCreateInstance
Sections
.text Size: 378KB - Virtual size: 377KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 132KB - Virtual size: 132KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
text Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
data Size: 17KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 291KB - Virtual size: 290KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
x64/PlugIns/ES-CoreMachines.dll.dll windows:5 windows x64 arch:x64
eae324ea67692f641f46d047e8be97c4
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Users\Daniel\Documents\Projects\DarkWave-Studio\x64\Release\PlugIns\ES-CoreMachines.pdb
Imports
kernel32
GetStringTypeW
LoadLibraryW
SetFilePointer
GetSystemTimeAsFileTime
WriteConsoleW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
DeleteCriticalSection
GetStartupInfoW
GetFileType
SetHandleCount
Sleep
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
SetStdHandle
FlushFileBuffers
LockResource
SizeofResource
LoadResource
FreeResource
FindResourceA
CloseHandle
ReleaseMutex
CreateMutexA
WaitForSingleObject
GetLastError
GetCurrentProcessId
GetTickCount
EnterCriticalSection
RtlUnwindEx
DecodePointer
EncodePointer
HeapFree
HeapAlloc
GetCurrentThreadId
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RaiseException
RtlPcToFileHeader
WriteFile
GetStdHandle
GetModuleFileNameW
HeapSize
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FlsGetValue
FlsFree
SetLastError
FlsAlloc
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
HeapSetInformation
GetVersion
HeapCreate
HeapDestroy
GetProcAddress
GetModuleHandleW
ExitProcess
CreateFileW
user32
SetCursor
LoadImageA
SetTimer
KillTimer
SetCapture
ReleaseCapture
MessageBoxA
EndPaint
DestroyWindow
GetWindowLongPtrA
RegisterClassExA
GetFocus
SetFocus
GetDC
SetWindowLongA
GetWindowLongA
CreateWindowExA
GetDCEx
ReleaseDC
DefWindowProcA
ShowWindow
SetWindowLongPtrA
IsWindow
PostMessageA
LoadCursorA
MoveWindow
FillRect
BeginPaint
gdi32
SetDIBits
CreateFontA
GetDeviceCaps
MoveToEx
LineTo
SetTextColor
SetBkColor
SelectClipRgn
GetStockObject
CreateSolidBrush
BitBlt
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreatePen
Exports
Exports
DarkPlugInit
Sections
.text Size: 250KB - Virtual size: 250KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 88KB - Virtual size: 87KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 14KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
text Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
data Size: 27KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 330KB - Virtual size: 330KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
x86/DarkWave-Studio.exe.exe windows:5 windows x86 arch:x86
8eb7b3d465aac7ccd9f17da8c5407e70
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
C:\Users\Daniel\Documents\Projects\DarkWave-Studio\x86\Release.pdb
Imports
kernel32
GetStringTypeW
WriteConsoleW
SetStdHandle
CreateFileA
IsProcessorFeaturePresent
LoadLibraryW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
ExitProcess
HeapCreate
DeleteCriticalSection
GetFileType
SetHandleCount
LCMapStringW
GetCurrentThreadId
SetLastError
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
SetFilePointer
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
ReadFile
RtlUnwind
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
HeapSize
GetModuleFileNameW
GetStdHandle
WriteFile
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapAlloc
HeapFree
EncodePointer
DecodePointer
SetEndOfFile
GetProcessHeap
ReleaseSemaphore
CreateSemaphoreA
CreateDirectoryA
QueryPerformanceFrequency
QueryPerformanceCounter
FindNextFileA
LoadLibraryA
FindClose
GetProcAddress
FindFirstFileA
FreeLibrary
QueueUserAPC
SleepEx
OpenFile
Sleep
CreateEventA
GetModuleFileNameA
GetSystemInfo
GetCurrentProcess
SetPriorityClass
CreateThread
ResumeThread
SetThreadPriority
LockResource
SizeofResource
LoadResource
FreeResource
FindResourceA
CloseHandle
ReleaseMutex
CreateMutexA
WaitForSingleObject
GetLastError
GetTickCount
MultiByteToWideChar
GetOEMCP
CreateFileW
user32
SetCursor
CharLowerBuffA
FillRect
ReleaseCapture
DrawTextA
SetCapture
MoveWindow
ShowWindow
ReleaseDC
CreateWindowExA
GetWindowLongA
SetWindowLongA
GetWindowTextA
GetDC
BeginPaint
SendMessageA
GetWindowRect
ScreenToClient
DestroyWindow
EndPaint
LoadCursorA
EnableWindow
WindowFromPoint
InvertRect
LoadMenuA
SetMenu
SetWindowRgn
DrawIcon
GetMessageA
PostQuitMessage
TranslateMessage
DispatchMessageA
AdjustWindowRectEx
CallWindowProcA
GetClientRect
DrawIconEx
LoadImageA
DestroyIcon
PostMessageA
KillTimer
GetCursorPos
SetTimer
TrackPopupMenu
EnableMenuItem
CreatePopupMenu
AppendMenuA
DestroyMenu
InflateRect
ClientToScreen
UpdateWindow
MessageBoxA
GetWindowTextLengthA
RedrawWindow
SetWindowTextA
GetDesktopWindow
RegisterClassExA
GetFocus
SetFocus
GetDCEx
DefWindowProcA
SetWindowPos
IsWindow
gdi32
PtInRegion
CreateRectRgn
CreatePolygonRgn
GdiFlush
Rectangle
CreatePen
CreateFontA
GetDeviceCaps
LineTo
SelectClipRgn
Polyline
GetStockObject
Polygon
SetBkMode
SetTextColor
SetBkColor
CreateSolidBrush
BitBlt
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
SetDIBits
MoveToEx
comdlg32
GetOpenFileNameA
GetSaveFileNameA
advapi32
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegCloseKey
RegEnumKeyA
shell32
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetSpecialFolderPathA
ShellExecuteA
dsound
ord2
ord11
winmm
midiInOpen
midiInClose
midiInGetNumDevs
midiOutGetNumDevs
midiOutOpen
midiOutShortMsg
midiInStart
waveOutClose
waveOutWrite
waveOutReset
waveOutGetDevCapsA
waveOutUnprepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutPrepareHeader
midiOutGetDevCapsA
midiOutClose
midiInGetDevCapsA
comctl32
ord17
ole32
CLSIDFromString
CoInitialize
CoUninitialize
CoCreateInstance
Sections
.text Size: 339KB - Virtual size: 339KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 90KB - Virtual size: 90KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 291KB - Virtual size: 290KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 27KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
x86/PlugIns/ES-CoreMachines.dll.dll windows:5 windows x86 arch:x86
049c72495d322f191f4a8a12e06c362c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
C:\Users\Daniel\Documents\Projects\DarkWave-Studio\x86\Release\PlugIns\ES-CoreMachines.pdb
Imports
kernel32
GetStringTypeW
IsProcessorFeaturePresent
LoadLibraryW
WriteConsoleW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
DeleteCriticalSection
GetStartupInfoW
GetFileType
SetHandleCount
Sleep
SetStdHandle
FlushFileBuffers
LockResource
SizeofResource
LoadResource
FreeResource
FindResourceA
CloseHandle
ReleaseMutex
CreateMutexA
WaitForSingleObject
GetLastError
SetFilePointer
GetTickCount
GetConsoleMode
GetConsoleCP
DecodePointer
EncodePointer
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
WriteFile
GetStdHandle
GetModuleFileNameW
HeapSize
HeapReAlloc
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetProcAddress
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
HeapCreate
HeapDestroy
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
RtlUnwind
CreateFileW
user32
SetCursor
LoadImageA
SetTimer
KillTimer
SetCapture
ReleaseCapture
MessageBoxA
EndPaint
DestroyWindow
RegisterClassExA
GetFocus
SetFocus
GetDC
SetWindowLongA
GetWindowLongA
CreateWindowExA
GetDCEx
ReleaseDC
DefWindowProcA
ShowWindow
IsWindow
PostMessageA
LoadCursorA
MoveWindow
FillRect
BeginPaint
gdi32
SetDIBits
CreateFontA
GetDeviceCaps
MoveToEx
LineTo
SetTextColor
SetBkColor
SelectClipRgn
GetStockObject
CreateSolidBrush
BitBlt
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreatePen
Exports
Exports
DarkPlugInit
Sections
.text Size: 219KB - Virtual size: 218KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 83KB - Virtual size: 83KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 10KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 330KB - Virtual size: 330KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 17KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ