29b2692f952956a15ef6ae660cf99fad_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29b2692f952956a15ef6ae660cf99fad_JaffaCakes118
Size

1.5MB
MD5

29b2692f952956a15ef6ae660cf99fad
SHA1

8130535745ebd28a64c87fc625d68ba8a1114e6b
SHA256

c24908924b099bfed8f4bdeda3b109e2fce4cc1a81f01a96759ce27cbc1534c8
SHA512

705e0e66c4a7fe965d9afe2eb1d8c56ef032ecc1dff3d46997d8fe3a3cb35b73e672a1cb4cda31ee64dda5053eacab6a664367269ec99e84a79566c5a663c8a3
SSDEEP

24576:t1zyvZS427X/C9UIVLrdVRupqbfqVhtux21K0wiKM76qGy6k2hOHUxInXiVfpTEk:t1kZ40Uord/uQw6titXR2hIUenSlL

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/315912/OCX/EControl.ocx	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/315912/OCX/EControl.ocx	upx

Unsigned PE 21 IoCs

Checks for missing Authenticode signature.

resource
unpack001/315912/COMMANDSCE.oca
unpack001/315912/ECONTROL.OCA
unpack001/315912/MAIN.exe
unpack001/315912/MSCOMCT2.OCA
unpack001/315912/MSINET.OCA
unpack001/315912/MSSUPERMENUXP.oca
unpack001/315912/OCX/COMCTL32.OCA
unpack001/315912/OCX/Command.ocx
unpack001/315912/OCX/CommandSCE.ocx
unpack001/315912/OCX/DBGRID32.OCX
unpack001/315912/OCX/DBLIST32.OCA
unpack001/315912/OCX/DBLIST32.OCX
unpack001/315912/OCX/EControl.ocx
unpack002/out.upx
unpack001/315912/OCX/MSFLXGRD.OCA
unpack001/315912/OCX/MSFLXGRD.OCX
unpack001/315912/OCX/MSSUPERMENUXP.oca
unpack001/315912/OCX/MsSuperMenuXP.ocx
unpack001/315912/OCX/PRTREC/Prtrec.oca
unpack001/315912/OCX/PRTREC/Prtrec.ocx
unpack001/315912/OCX/PrintCell.ocx

Files

29b2692f952956a15ef6ae660cf99fad_JaffaCakes118
.rar
315912/COMMANDSCE.oca
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/DATADB.MDB
315912/Data1.mdb
315912/ECONTROL.OCA
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/FrmCKHP.frm
.vbs
315912/FrmCKHP.frx
315912/ICO/070.ICO
315912/ICO/1.ICO
315912/ICO/240.ICO
315912/ICO/241.ICO
315912/ICO/3.ICO
315912/ICO/306.ICO
315912/ICO/43.ICO
315912/ICO/AbortSmall.ico
315912/ICO/AddAllSmall.ico
315912/ICO/AddOneSmall.ico
315912/ICO/ApplySmall.ico
315912/ICO/Blank.ico
315912/ICO/BrowserSmall.ico
315912/ICO/CancelSmall.ico
315912/ICO/CascadeSmall.ico
315912/ICO/Computer.ico
315912/ICO/ConnectSmall.ico
315912/ICO/ConstraintAddSmall.ico
315912/ICO/ConstraintSmall.ico
315912/ICO/Copy.ico
315912/ICO/CopySmall.ico
315912/ICO/Cut.ico
315912/ICO/CutSmall.ico
315912/ICO/DBDeleteSmall.ico
315912/ICO/DBInsertSmall.ico
315912/ICO/DBRunSelectionSmall.ico
315912/ICO/DBRunSmall.ico
315912/ICO/DatabaseAddSmall.ico
315912/ICO/DatabaseRemoveSmall.ico
315912/ICO/DatabaseSmall.ico
315912/ICO/DefinitionsSmall.ico
315912/ICO/Delete.ico
315912/ICO/DeleteSmall.ico
315912/ICO/DisconnectSmall.ico
315912/ICO/DownSmall.ico
315912/ICO/EARTH.ICO
315912/ICO/EmptySmall.ico
315912/ICO/Exit.ico
315912/ICO/FieldAddSmall.ico
315912/ICO/FieldRemoveSmall.ico
315912/ICO/FieldSmall.ico
315912/ICO/FirstSmall.ico
315912/ICO/Help1.ICO
315912/ICO/Help2.ico
315912/ICO/HigherSmall.ico
315912/ICO/HostSmall.ico
315912/ICO/HostsSmall.ico
315912/ICO/IndexAddSmall.ico
315912/ICO/IndexRemoveSmall.ico
315912/ICO/IndexSmall.ico
315912/ICO/LastSmall.ico
315912/ICO/Left.ico
315912/ICO/MAIL.ICO
315912/ICO/MacrosSmall.ico
315912/ICO/NewSmall.ico
315912/ICO/NextSmall.ico
315912/ICO/Open.ico
315912/ICO/OpenSmall.ico
315912/ICO/Paste.ico
315912/ICO/PasteSmall.ico
315912/ICO/Patient.ico
315912/ICO/PlainSQLSmall.ico
315912/ICO/PostSmall.ico
315912/ICO/Preview.ico
315912/ICO/PreviousSmall.ico
315912/ICO/Print.ico
315912/ICO/ProcessSmall.ico
315912/ICO/ProcessesSmall.ico
315912/ICO/PropertiesSmall.ico
315912/ICO/RedoSmall.ico
315912/ICO/RefreshSmall.ico
315912/ICO/RemoveAllSmall.ico
315912/ICO/RemoveOneSmall.ico
315912/ICO/Right.ico
315912/ICO/SAVEDISK.ICO
315912/ICO/Save.ico
315912/ICO/SaveSmall.ico
315912/ICO/SearchReplaceSmall.ico
315912/ICO/SearchSmall.ico
315912/ICO/SessionSmall.ico
315912/ICO/Setting.ico
315912/ICO/StatiSmall.ico
315912/ICO/StatusSmall.ico
315912/ICO/SuperMenu.ico
315912/ICO/SystemSmall.ico
315912/ICO/TITLE.ICO
315912/ICO/TableAddSmall.ico
315912/ICO/TableRemoveSmall.ico
315912/ICO/TableSmall.ico
315912/ICO/Thumbs.db
315912/ICO/TileHSmall.ico
315912/ICO/TileVSmall.ico
315912/ICO/Undo.ico
315912/ICO/UndoSmall.ico
315912/ICO/UpSmall.ico
315912/ICO/UserSmall.ico
315912/ICO/UsersSmall.ico
315912/ICO/VariableSmall.ico
315912/ICO/VariablesSmall.ico
315912/MAIN.VBP
315912/MAIN.VBW
315912/MAIN.exe
.exe windows:4 windows x86 arch:x86

db0694821f0768d0c34eb79d1ffcd18c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaStrVarMove
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaVarForInit
__vbaObjSet
ord595
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaVarIndexLoad
ord520
__vbaBoolVarNull
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
__vbaVarTstEq
ord560
__vbaObjVar
_adj_fpatan
__vbaLateIdCallLd
__vbaStrR8
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaStrVarVal
__vbaVarCat
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaVarSetObj
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarAdd
__vbaLateMemCall
__vbaVarDup
__vbaVarCopy
__vbaLateMemCallLd
_CIatan
__vbaStrMove
_allmul
_CItan
__vbaVarForNext
_CIexp
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/MSCOMCT2.OCA
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/MSINET.OCA
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/MSSCCPRJ.SCC
315912/MSSUPERMENUXP.oca
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/OCX/COMCTL32.OCA
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 230KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/OCX/COMCTL32.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

c8cebbf034d8c6304701e5ec3fae70a4

Code Sign

03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

09/04/1996, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

fc:a4:a5:9f:2c:0f:c0:b9:03:98:33:1b:7b:54:54:1d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

16/11/1999, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service CA SW1,OU=VeriSign Trust Network+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

75:f2:8e:f8:a8:fb:ea:6d:11:52:97:14:95:4b:65:5c
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

04/04/2000, 00:00

Not After

17/04/2001, 23:59

Subject

CN=Microsoft Corporation,OU=VeriSign Commercial Software Publishers CA+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98+OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Microsoft Corporation,O=VeriSign\, Inc.,L=Internet+L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

ImageList_SetOverlayImage
ImageList_DrawEx
ImageList_GetIconSize
ImageList_SetBkColor
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Add
ImageList_AddMasked
ord16
ord17
ImageList_Draw
ImageList_Create
ImageList_Destroy
ImageList_Remove

kernel32

lstrcmpA
GetProcAddress
GlobalSize
CloseHandle
GetFileSize
ReadFile
lstrcmpiA
IsDBCSLeadByte
lstrcmpiW
LockResource
FindResourceA
LoadResource
GetWindowsDirectoryA
GetLastError
GetLocaleInfoA
OpenFile
MultiByteToWideChar
lstrcatA
DisableThreadLibraryCalls
GetVersion
GetProcessHeap
GetDateFormatA
GetLocalTime
GetTimeFormatA
GetModuleFileNameA
GetCurrentThreadId
LoadLibraryA
GlobalUnlock
GlobalAlloc
GlobalLock
CompareStringA
GlobalFree
GetVersionExA
lstrlenA
lstrcpyA
IsBadReadPtr
HeapReAlloc
lstrcpynA
IsBadWritePtr
InterlockedDecrement
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
InterlockedIncrement
HeapAlloc
lstrlenW
LeaveCriticalSection
EnterCriticalSection

user32

IsWindowVisible
EndPaint
BeginPaint
MoveWindow
CharUpperA
IntersectRect
MessageBeep
SetCursor
EndDialog
RedrawWindow
GetMessagePos
CreateAcceleratorTableA
VkKeyScanA
PeekMessageA
PeekMessageW
SetWindowRgn
RegisterWindowMessageA
RegisterClipboardFormatA
SetCursorPos
OffsetRect
EqualRect
IsChild
GetWindowTextA
SetCapture
GetCursorPos
ScreenToClient
PostMessageA
DrawEdge
GetSysColor
wsprintfA
FillRect
InflateRect
DrawTextA
GetWindowRect
MapVirtualKeyA
DestroyWindow
CreateWindowExA
GetSysColorBrush
GetParent
GetAsyncKeyState
SetWindowLongA
TranslateMessage
DispatchMessageA
IsWindowEnabled
GetActiveWindow
CreateDialogIndirectParamA
IsDialogMessageA
GetNextDlgTabItem
GetWindow
CharNextA
SetParent
InvalidateRect
UpdateWindow
UnregisterClassA
MessageBoxA
SetWindowsHookExA
SetTimer
KillTimer
CheckRadioButton
CallNextHookEx
SetActiveWindow
DestroyIcon
SetFocus
DrawIcon
UnionRect
DialogBoxParamA
PtInRect
LoadCursorA
GetWindowDC
SetRect
IsRectEmpty
GetDC
ReleaseDC
GetClipboardFormatNameA
ClientToScreen
PostMessageW
FrameRect
GetClientRect
CallWindowProcA
GetKeyState
GetCapture
ReleaseCapture
GetClassInfoA
RegisterClassA
LoadIconA
GetSystemMetrics
CopyImage
MapDialogRect
GetWindowLongA
SetWindowPos
GetFocus
EnableWindow
GetDlgItemTextA
SetDlgItemTextA
GetDlgItem
SetDlgItemInt
GetDlgItemInt
IsDlgButtonChecked
SendDlgItemMessageA
CheckDlgButton
LoadStringA
DefWindowProcA
SendMessageA
ShowWindow
WinHelpA
UnhookWindowsHookEx

ole32

CreateStreamOnHGlobal
RevokeDragDrop
CreateOleAdviseHolder
RegisterDragDrop
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
DoDragDrop
ReleaseStgMedium
OleLoadFromStream
OleSaveToStream

advapi32

RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueA
RegEnumKeyExA
RegCloseKey

oleaut32

SafeArrayPutElement
SafeArrayGetElement
SafeArrayRedim
SafeArrayGetUBound
SafeArrayCreate
SafeArrayGetLBound
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayAccessData
VariantCopy
GetErrorInfo
OleCreateFontIndirect
CreateErrorInfo
SetErrorInfo
OleCreatePropertyFrame
LoadTypeLibEx
UnRegisterTypeLi
LoadRegTypeLi
RegisterTypeLi
OleLoadPicture
LoadTypeLi
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
OleCreatePictureIndirect
VariantCopyInd
OleTranslateColor
VariantChangeType
SysFreeString
SysStringLen
VariantClear
SysAllocString
VariantInit
SafeArrayCopy

comdlg32

GetOpenFileNameA

gdi32

GetNearestColor
CreatePalette
LPtoDP
GetWindowExtEx
GetBitmapBits
TextOutA
CreateDIBitmap
RealizePalette
GetViewportExtEx
SelectPalette
GetPaletteEntries
GetDIBits
CopyEnhMetaFileA
CreateICA
CopyMetaFileA
StretchBlt
Rectangle
GetObjectA
SetBkColor
CreateDCA
CreateRectRgn
SetViewportOrgEx
SetWindowOrgEx
DeleteObject
SetWindowExtEx
SetMapMode
SetViewportExtEx
CreateSolidBrush
GetDeviceCaps
SelectObject
ExcludeClipRect
GetClipRgn
SelectClipRgn
GetClipBox
DeleteDC
CreateRectRgnIndirect
CreateCompatibleDC
PatBlt
CreateCompatibleBitmap
SetBkMode
SetTextColor
CreateBitmap
GetStockObject
GetTextExtentPoint32A

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 331KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/OCX/Command.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

9c37d3a9448c3699ad996f7b540eb577

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

__vbaVarSub
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
ord588
__vbaFreeVarList
_adj_fdiv_m64
__vbaRaiseEvent
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaLateMemSt
__vbaExitProc
ord595
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaBoolVar
__vbaFpR8
__vbaBoolVarNull
__vbaVarTstLt
_CIsin
ord631
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
__vbaI2I4
DllFunctionCall
__vbaCastObjVar
_adj_fpatan
__vbaLateIdCallLd
EVENT_SINK_Release
__vbaUI1I2
_CIsqrt
__vbaVarAnd
__vbaLateIdCallSt
EVENT_SINK_QueryInterface
__vbaVarMul
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaLateIdStAd
__vbaVarDiv
__vbaFPException
__vbaStrVarVal
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
ord572
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
__vbaVarNot
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
__vbaI4Var
ord103
ord104
ord105
__vbaVarAdd
__vbaStrToAnsi
__vbaVarDup
__vbaVerifyVarObj
__vbaFpI2
__vbaFpI4
ord616
__vbaVarCopy
__vbaLateMemCallLd
_CIatan
__vbaCastObj
__vbaStrMove
ord618
_allmul
__vbaLateIdSt
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr
ord581

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/OCX/CommandSCE.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

2629c6552814802a02a44565f882745a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

__vbaVarSub
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
ord588
__vbaFreeVarList
_adj_fdiv_m64
__vbaRaiseEvent
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaLateMemSt
__vbaExitProc
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaBoolVar
__vbaFpR8
__vbaBoolVarNull
__vbaVarTstLt
_CIsin
ord631
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
__vbaI2I4
DllFunctionCall
__vbaCastObjVar
_adj_fpatan
__vbaLateIdCallLd
EVENT_SINK_Release
__vbaUI1I2
_CIsqrt
__vbaVarAnd
__vbaLateIdCallSt
EVENT_SINK_QueryInterface
__vbaVarMul
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaLateIdStAd
__vbaVarDiv
__vbaFPException
__vbaStrVarVal
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
ord572
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
__vbaVarNot
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
__vbaI4Var
ord103
ord104
ord105
__vbaVarAdd
__vbaStrToAnsi
__vbaVarDup
__vbaVerifyVarObj
__vbaFpI2
ord616
__vbaFpI4
__vbaVarCopy
__vbaLateMemCallLd
_CIatan
__vbaCastObj
__vbaStrMove
ord618
_allmul
__vbaLateIdSt
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr
ord581

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/OCX/DBGRID32.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

6a64e5b2d788fc5ccfe5529f5f992734

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsBadWritePtr
GetLastError
SetFilePointer
lstrlenA
MultiByteToWideChar
IsBadReadPtr
IsBadCodePtr
FlushFileBuffers
CloseHandle
EnterCriticalSection
GetModuleFileNameA
LoadLibraryA
GetLocaleInfoA
GetEnvironmentStringsW
SetUnhandledExceptionFilter
WriteFile
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetCPInfo
GetOEMCP
GetACP
GetFileType
GetStartupInfoA
GetStdHandle
HeapCreate
SetHandleCount
HeapDestroy
HeapSize
GetStringTypeW
GetStringTypeA
TerminateProcess
HeapReAlloc
GetCurrentProcess
GetModuleHandleA
ExitProcess
GetVersion
HeapAlloc
GetProcAddress
GetCommandLineA
GlobalAlloc
HeapFree
RtlUnwind
GlobalFree
GlobalLock
GlobalUnlock
FreeLibrary
MulDiv
DeleteCriticalSection
WideCharToMultiByte
GetPrivateProfileIntA
InitializeCriticalSection
LockResource
FindResourceA
LoadResource
GetWindowsDirectoryA
FreeResource
lstrcmpA
LCMapStringA
CompareStringA
LCMapStringW
SetStdHandle
lstrcpyA
GetFileAttributesA
ReadFile
SetEndOfFile
CreateFileA
GetLocaleInfoW
CompareStringW
LeaveCriticalSection
IsDBCSLeadByte
GetTickCount
SizeofResource
GetUserDefaultLCID
OutputDebugStringA

ole32

CreateDataAdviseHolder
CoCreateInstance
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
OleCreateDefaultHandler
StgCreateDocfileOnILockBytes
CoGetMalloc
StgCreateDocfile
CoTaskMemAlloc
StringFromIID
CreateOleAdviseHolder

oleaut32

VariantClear
VariantInit
SysStringByteLen
GetErrorInfo
OleCreatePropertyFrame
SysAllocStringByteLen
SafeArrayAccessData
SafeArrayUnaccessData
DispGetIDsOfNames
SafeArrayCreate
SysAllocString
VariantChangeType
SysStringLen
VariantCopyInd
SysFreeString
VariantCopy
OleTranslateColor
SafeArrayPutElement
SafeArrayGetLBound
LoadRegTypeLi
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetDim
OleCreateFontIndirect
OleCreatePictureIndirect
SafeArrayDestroy

gdi32

CloseMetaFile
SetWindowOrgEx
SetMapMode
SetWindowExtEx
StretchBlt
SetViewportOrgEx
CreateMetaFileA
SetViewportExtEx
CreateCompatibleBitmap
GetStockObject
SaveDC
LPtoDP
RestoreDC
GetTextMetricsA
CreateFontIndirectA
GetTextExtentPointA
MoveToEx
IntersectClipRect
LineTo
GetViewportOrgEx
CreatePen
SetBkMode
CreateHatchBrush
SetROP2
Rectangle
PatBlt
GetROP2
GetDeviceCaps
CreateCompatibleDC
CreateDCA
SelectObject
DeleteDC
BitBlt
SetBkColor
CreateSolidBrush
GetObjectA
DeleteObject
GetBkMode
SetTextColor
GetTextFaceA
GetNearestColor
GetTextColor
GetBkColor
SetBrushOrgEx
CreateBitmapIndirect
GetTextExtentPoint32A
ExtTextOutA
UnrealizeObject

user32

ClientToScreen
AppendMenuA
CreatePopupMenu
SetWindowTextA
EnableWindow
InvalidateRect
SendDlgItemMessageA
RegisterClipboardFormatA
FrameRect
GetKeyState
GetFocus
SetFocus
CreateWindowExA
GetClassLongA
SetWindowLongA
GetSystemMetrics
SendMessageA
CallWindowProcA
PostMessageA
MessageBeep
MessageBoxA
PeekMessageA
DispatchMessageA
GetDC
ReleaseDC
SetDlgItemTextA
LoadBitmapA
GetDlgItem
GetWindowRect
ScreenToClient
EndDialog
DefWindowProcA
DialogBoxParamA
LoadStringA
wsprintfA
CharNextA
TrackPopupMenu
DestroyCursor
RegisterClassA
SetCursor
IsDlgButtonChecked
RegisterWindowMessageA
DestroyMenu
LoadCursorA
EnableMenuItem
wvsprintfA
IsClipboardFormatAvailable
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
DestroyWindow
ShowWindow
MoveWindow
IsWindow
CopyRect
IntersectRect
SetScrollPos
SetWindowPos
GetWindowLongA
InflateRect
GetParent
GetClassInfoA
GetClassNameA
GetDialogBaseUnits
CreateDialogIndirectParamA
IsDialogMessageA
GetWindow
CheckDlgButton
GetWindowTextLengthA
ClipCursor
GetClipCursor
GetCursorPos
UnregisterClassA
GetSysColor
GetScrollRange
GetClientRect
PtInRect
GetScrollPos
ScrollWindowEx
SetScrollRange
FillRect
IsWindowVisible
EndPaint
BeginPaint
SetCapture
GetDesktopWindow
ShowCaret
DrawFocusRect
HideCaret
DrawTextA
IsRectEmpty
ShowScrollBar
GetUpdateRect
SubtractRect
SetCursorPos
ReleaseCapture

advapi32

RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyA
RegSetValueA
RegCloseKey

Exports

Exports

??0BufferComparator@@QAE@ABV0@@Z
??0BufferComparator@@QAE@XZ
??4BufferComparator@@QAEAAV0@ABV0@@Z
??_7BufferComparator@@6B@
?compareBuffers@BufferComparator@@UAEHPBXH0H@Z
DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
__preptrap@4
_ex_atraise@4
_ex_clear@0
_ex_code@0
_ex_disable@0
_ex_enable@4
_ex_message@0
_ex_mraise@8
_ex_msystem@4
_ex_name@4
_ex_prop@0
_ex_raise@4
_ex_system@0
_ex_trapf@12
_msgi_lookup@12

Sections

.text
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/OCX/DBLIST32.OCA
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/OCX/DBLIST32.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

7a0b33949466e7166842306de28cfd01

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GetVersionExA
GetProcAddress
GlobalLock
GlobalFree
GlobalSize
LoadResource
GlobalUnlock
FindResourceA
HeapReAlloc
LockResource
GetLastError
GetLocaleInfoA
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
LoadLibraryA
GetWindowsDirectoryA
GetProcessHeap
OpenFile
GetVersion
IsBadWritePtr
DisableThreadLibraryCalls
MultiByteToWideChar
MulDiv
lstrcmpA
lstrcpyW
lstrcpynA
IsBadReadPtr
CompareStringA
lstrlenA
IsDBCSLeadByte
GetTickCount
InitializeCriticalSection
HeapAlloc
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrcatA
lstrlenW
LeaveCriticalSection
EnterCriticalSection
lstrcpyA
lstrcmpiA

user32

SetWindowRgn
GetParent
IntersectRect
ShowWindow
UnregisterClassA
EqualRect
IsDialogMessageA
WinHelpA
IsWindowEnabled
CreateDialogIndirectParamA
RegisterClipboardFormatA
GetNextDlgTabItem
GetClipboardFormatNameA
PeekMessageW
PostMessageW
RegisterWindowMessageA
IsChild
IsWindow
CreateWindowExA
EnableWindow
IsWindowVisible
ShowScrollBar
MoveWindow
GetScrollInfo
PeekMessageA
GetClientRect
SendDlgItemMessageA
GetDlgItem
MessageBeep
MessageBoxA
wsprintfA
GetActiveWindow
DialogBoxParamA
GetCursorPos
EndDialog
GetKeyState
CallNextHookEx
BeginPaint
EndPaint
GetWindowThreadProcessId
SetWindowsHookExA
UnhookWindowsHookEx
CharNextA
ScreenToClient
CallWindowProcA
DestroyWindow
SetFocus
SetCursor
LoadBitmapA
PtInRect
SetParent
GetWindowRect
SetWindowPos
TranslateMessage
DispatchMessageA
DrawFrameControl
GetWindowTextLengthA
SetRect
SetWindowLongA
GetClassInfoA
InvalidateRect
IsDlgButtonChecked
CheckDlgButton
GetWindow
GetWindowTextA
GetWindowLongA
SetCursorPos
GetAsyncKeyState
PostMessageA
SetCapture
ReleaseCapture
DefWindowProcA
SendMessageA
SetRectEmpty
SetScrollInfo
ScrollDC
IsRectEmpty
DrawEdge
InflateRect
DrawTextExA
DrawTextA
OffsetRect
GetFocus
DrawFocusRect
FillRect
GetSysColor
LoadCursorA
RegisterClassA
GetCapture
UpdateWindow
GetDC
ReleaseDC
GetSystemMetrics
LoadStringA
SetWindowTextA
ClientToScreen

ole32

RevokeDragDrop
ReleaseStgMedium
DoDragDrop
RegisterDragDrop
CreateOleAdviseHolder
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

advapi32

RegDeleteKeyA
RegQueryValueA
RegOpenKeyA
RegEnumKeyExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA

oleaut32

SafeArrayRedim
SafeArrayPutElement
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
VariantCopyInd
VariantCopy
CreateErrorInfo
SetErrorInfo
VariantChangeType
OleCreatePropertyFrame
LoadTypeLibEx
UnRegisterTypeLi
LoadTypeLi
RegisterTypeLi
GetErrorInfo
LoadRegTypeLi
SafeArrayCreate
SafeArrayAccessData
SafeArrayDestroy
SafeArrayUnaccessData
OleLoadPicture
OleTranslateColor
SysStringLen
VariantClear
SysAllocStringLen
VariantInit
OleCreateFontIndirect
OleCreatePictureIndirect
SysFreeString
SysAllocString
SafeArrayCopy

gdi32

GetStockObject
CopyEnhMetaFileA
CopyMetaFileA
CreateBitmap
GetNearestColor
CreatePalette
CreateDIBitmap
RealizePalette
GetBitmapBits
SelectPalette
GetPaletteEntries
GetDIBits
DeleteObject
SetBkColor
GetTextMetricsA
SelectObject
CreateSolidBrush
SetTextColor
SetBkMode
IntersectClipRect
PatBlt
BitBlt
GetObjectA
DeleteDC
GetDeviceCaps
CreateRectRgnIndirect
CreateCompatibleDC
SetViewportExtEx
SetWindowExtEx
SetMapMode
SetWindowOrgEx
GetViewportExtEx
LPtoDP
CreateDCA
SetViewportOrgEx
GetWindowExtEx

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/OCX/EControl.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

UPX0
Size: - Virtual size: 168KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/OCX/MSCOMCT2.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

748b8691a0d45b447a059b7ae299a0a2

Code Sign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
VirtualFree
GetCPInfo
GetOEMCP
VirtualAlloc
FlushFileBuffers
SetStdHandle
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentProcess
TerminateProcess
ExitProcess
RtlUnwind
GetCommandLineA
IsBadReadPtr
GlobalReAlloc
UnmapViewOfFile
GetFileSize
CreateFileMappingA
MapViewOfFile
GetSystemDefaultLCID
GetCurrentThreadId
GetCurrentProcessId
HeapCreate
HeapDestroy
FreeResource
LocalSize
RtlMoveMemory
CreateThread
Sleep
WaitForSingleObject
GetTimeFormatA
GlobalHandle
lstrcmpA
GetThreadLocale
MulDiv
LocalAlloc
GetProfileIntA
LocalReAlloc
LocalFree
GetTickCount
GetModuleHandleA
GlobalAddAtomA
GetACP
CompareStringW
CompareStringA
GlobalSize
GetVersionExA
IsDBCSLeadByte
lstrcpynA
GetFileAttributesA
GetVersion
DisableThreadLibraryCalls
FindResourceA
LoadResource
LockResource
GetLastError
lstrcmpiA
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
lstrcatA
GetModuleFileNameA
MultiByteToWideChar
IsBadWritePtr
GetDateFormatA
lstrcpyA
GetLocaleInfoA
GetLocalTime
CreateFileA
CloseHandle
GlobalAlloc
WriteFile
GlobalLock
HeapAlloc
DeleteCriticalSection
WideCharToMultiByte
lstrlenW
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
HeapFree
FreeLibrary
lstrlenA
GetProcessHeap
GlobalFree
GlobalUnlock

user32

GrayStringA
HideCaret
DestroyCaret
CreateCaret
GetAsyncKeyState
SetCaretPos
DrawTextExA
SetRectEmpty
GetShellWindow
SetKeyboardState
GetKeyboardState
MapVirtualKeyA
ShowCaret
GetUpdateRgn
DestroyCursor
GetWindowRgn
ValidateRect
GetDCEx
LockWindowUpdate
CharNextExA
GetIconInfo
GetCursor
GetForegroundWindow
InvalidateRgn
GetKeyboardLayout
GetUpdateRect
DeferWindowPos
BeginDeferWindowPos
FindWindowA
TrackPopupMenu
GetKeyNameTextA
RemovePropA
SendNotifyMessageA
FrameRect
ChildWindowFromPoint
DrawIcon
TranslateMessage
DispatchMessageA
MessageBeep
UnregisterClassA
CreateDialogIndirectParamA
IsChild
GetNextDlgTabItem
IsDialogMessageA
WinHelpA
ScrollWindowEx
InvalidateRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetClipboardFormatNameA
RegisterClipboardFormatA
RegisterWindowMessageA
PeekMessageA
ScreenToClient
PostMessageW
PeekMessageW
RedrawWindow
InflateRect
AdjustWindowRectEx
CreatePopupMenu
DestroyMenu
DrawTextA
DrawFocusRect
AppendMenuA
AdjustWindowRect
IsZoomed
EnumChildWindows
GetDesktopWindow
ShowScrollBar
SetScrollRange
SetScrollPos
GetMessageA
GetScrollPos
IsRectEmpty
CallMsgFilterA
GetMessagePos
GetDoubleClickTime
InvertRect
GetSysColorBrush
SetCursor
GetWindowDC
UnionRect
SetTimer
SetScrollInfo
EnableScrollBar
UpdateWindow
KillTimer
LoadCursorA
GetMessageTime
GetDlgCtrlID
GetWindowThreadProcessId
WindowFromPoint
EndDeferWindowPos
EndDialog
ReleaseCapture
PtInRect
SetWindowRgn
IntersectRect
EqualRect
OffsetRect
GetParent
ClientToScreen
GetWindowRect
GetActiveWindow
GetWindow
MoveWindow
BeginPaint
EndPaint
SetParent
IsWindowVisible
CreateWindowExA
DestroyWindow
CharNextA
GetPropA
GetCursorPos
SetCursorPos
MapWindowPoints
DefWindowProcA
SetPropA
IsWindow
SetDlgItemTextA
CheckDlgButton
IsWindowEnabled
GetDlgItemTextA
GetDC
ReleaseDC
SetWindowPos
SetWindowLongA
GetWindowLongA
SendDlgItemMessageA
IsDlgButtonChecked
GetClientRect
GetFocus
LoadIconA
FillRect
DrawIconEx
ShowWindow
DestroyIcon
SetDlgItemInt
GetDlgItemInt
MessageBoxA
SetFocus
GetWindowTextLengthA
SetWindowTextA
GetWindowTextA
EnableWindow
DialogBoxParamA
SendMessageA
GetKeyState
SetCapture
GetCapture
CallWindowProcA
PostMessageA
GetSysColor
SetRect
DrawEdge
GetSystemMetrics
GetClassInfoA
RegisterClassA
GetDlgItem
LoadStringA
wsprintfA
GetScrollInfo
GetClassNameA
DrawFrameControl
CopyRect

ole32

OleLoadFromStream
ReleaseStgMedium
DoDragDrop
RegisterDragDrop
RevokeDragDrop
OleSaveToStream
CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

advapi32

RegEnumKeyExA
RegCreateKeyA
RegOpenKeyA
RegQueryValueA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

SafeArrayCopy
SafeArrayGetElement
SafeArrayCreate
SafeArrayPutElement
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayGetLBound
VariantCopy
SafeArrayUnaccessData
OleCreateFontIndirect
GetErrorInfo
OleCreatePictureIndirect
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLibEx
SetErrorInfo
LoadTypeLi
CreateErrorInfo
VariantCopyInd
SafeArrayCreateVector
OleCreatePropertyFrame
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
OleTranslateColor
VariantChangeTypeEx
VariantChangeType
SysAllocStringLen
VariantInit
SysStringLen
SysAllocString
LoadRegTypeLi
VariantClear
SafeArrayRedim
SysFreeString

gdi32

ExcludeClipRect
SetBrushOrgEx
GetClipRgn
OffsetRgn
GetDIBColorTable
SetDIBColorTable
CreateDIBSection
OffsetWindowOrgEx
ExtTextOutW
GetTextExtentPointW
CreateHalftonePalette
GetTextAlign
SetTextAlign
DeleteObject
GetDeviceCaps
SelectObject
CreateSolidBrush
PatBlt
Polyline
CreatePen
StretchDIBits
GetDIBits
GetSystemPaletteEntries
GetObjectA
CreateBitmap
DeleteDC
CreateCompatibleDC
CreateDCA
SetBkColor
GetStockObject
GetTextExtentPoint32A
CreateFontIndirectA
GetCurrentObject
GetTextMetricsA
SetViewportOrgEx
SetWindowOrgEx
CreateRectRgnIndirect
GetViewportExtEx
GetWindowExtEx
LPtoDP
SetMapMode
SetViewportExtEx
SetWindowExtEx
SetTextColor
SelectClipRgn
CreateRectRgn
Rectangle
StretchBlt
CreateICA
CopyMetaFileA
CopyEnhMetaFileA
GetPaletteEntries
RealizePalette
SelectPalette
CreateDIBitmap
GetBitmapBits
CreatePalette
GetNearestColor
GetClipBox
TextOutA
SetBkMode
CreateFontA
CreatePatternBrush
ExtTextOutA
RestoreDC
IntersectClipRect
SaveDC
GetBkColor
GetCharWidthA
GetTextExtentPointA
Arc
RectVisible
Ellipse
LineTo
MoveToEx
GetPixel
CreateCompatibleBitmap
BitBlt
CombineRgn
GetTextColor

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 462KB - Virtual size: 461KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/OCX/MSDATGRD.INF
315912/OCX/MSDATGRD.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

5bb139062d9dee71b3b9d4aebd0bf636

Code Sign

03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

09/04/1996, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

fc:a4:a5:9f:2c:0f:c0:b9:03:98:33:1b:7b:54:54:1d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

16/11/1999, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service CA SW1,OU=VeriSign Trust Network+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

75:f2:8e:f8:a8:fb:ea:6d:11:52:97:14:95:4b:65:5c
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

04/04/2000, 00:00

Not After

17/04/2001, 23:59

Subject

CN=Microsoft Corporation,OU=VeriSign Commercial Software Publishers CA+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98+OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Microsoft Corporation,O=VeriSign\, Inc.,L=Internet+L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpA
CompareStringW
GetVersionExA
IsDBCSLeadByte
LoadResource
CompareStringA
FindResourceA
HeapReAlloc
LockResource
lstrcmpiA
lstrcpyA
GetLocaleInfoA
GetWindowsDirectoryA
lstrcpynA
GetModuleFileNameA
lstrcatA
DisableThreadLibraryCalls
GetFileAttributesA
GetVersion
GetLastError
InterlockedIncrement
InterlockedDecrement
GlobalUnlock
IsBadWritePtr
MultiByteToWideChar
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
LoadLibraryA
EnterCriticalSection
HeapAlloc
GetProcessHeap
lstrlenA
GetProcAddress

user32

GetDesktopWindow
GetCapture
EndDialog
SetCursor
UnregisterClassA
ReleaseCapture
CharNextA
GetDCEx
WaitMessage
DefWindowProcA
GetWindow
GetActiveWindow
GetParent
EqualRect
SetWindowRgn
ShowWindow
SetParent
EndPaint
IsDialogMessageA
GetNextDlgTabItem
IsWindowEnabled
BeginPaint
EnableMenuItem
PeekMessageW
PostMessageW
RegisterWindowMessageA
KillTimer
SetTimer
wsprintfA
PeekMessageA
GetMessageA
PostQuitMessage
InvalidateRect
CheckDlgButton
TranslateMessage
IsWindowVisible
GetFocus
IsChild
GetDlgItemInt
SetDlgItemInt
GetWindowTextLengthA
SendDlgItemMessageA
EnableWindow
GetDlgItemTextA
IsDlgButtonChecked
SetDlgItemTextA
LoadMenuA
GetSubMenu
DestroyMenu
GetDlgItem
TrackPopupMenu
GetScrollInfo
ScrollWindowEx
ShowScrollBar
DrawFrameControl
SetScrollInfo
EnableScrollBar
IntersectRect
DrawTextA
DrawTextW
WindowFromDC
DrawTextExW
SetRect
FillRect
InflateRect
OffsetRect
GetDC
DrawTextExA
UpdateWindow
GetWindowRect
GetClientRect
ReleaseDC
CreateDialogIndirectParamA
DialogBoxParamA
PostMessageA
PtInRect
WinHelpA
GetAsyncKeyState
DispatchMessageA
GetKeyState
CreateWindowExW
SetWindowLongW
RedrawWindow
SendMessageW
ClientToScreen
ScreenToClient
CallWindowProcW
CallWindowProcA
MoveWindow
CreateWindowExA
SetWindowLongA
SetWindowPos
LoadBitmapA
RegisterClipboardFormatA
OpenClipboard
GetClipboardData
CloseClipboard
EmptyClipboard
SetClipboardData
MessageBoxA
SetFocus
MessageBeep
GetKeyboardLayout
GetWindowLongA
SendMessageA
GetSysColor
LoadCursorA
RegisterClassA
DestroyWindow
GetSystemMetrics
LoadStringA
GetMessagePos
EnumClipboardFormats
SetCapture

ole32

OleSaveToStream
CreateOleAdviseHolder
CoTaskMemAlloc
CoCreateInstance
OleLoadFromStream
CoTaskMemFree
CreateStreamOnHGlobal
GetHGlobalFromStream

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

SafeArrayCreateVector
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayUnaccessData
CreateErrorInfo
SafeArrayAccessData
OleCreatePropertyFrame
LoadTypeLibEx
SetErrorInfo
LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi
OleCreatePictureIndirect
OleTranslateColor
VariantChangeTypeEx
SysAllocStringByteLen
LoadRegTypeLi
OleCreateFontIndirect
VarR4FromStr
VarBstrFromR4
VariantChangeType
VariantCopy
VariantClear
GetErrorInfo
VariantInit
SysStringLen
SysAllocStringLen
SysStringByteLen
SysFreeString
SysAllocString

gdi32

GetTextExtentPoint32W
ExtTextOutW
CreatePen
ExtTextOutA
CreateDCA
SetROP2
SetWindowExtEx
SetViewportExtEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
LPtoDP
DeleteObject
CreateSolidBrush
GetTextExtentPoint32A
SetTextColor
DeleteDC
SetBkColor
CloseEnhMetaFile
GetDeviceCaps
CreateEnhMetaFileA
BitBlt
DeleteEnhMetaFile
GetObjectA
SetMapMode
DPtoLP
SelectClipRgn
GetWindowOrgEx
CreateRectRgnIndirect
Rectangle
IntersectClipRect
SetWindowOrgEx
PatBlt
SetTextAlign
GetDIBits
StretchDIBits
GetClipBox
CreateBitmap
GetSystemPaletteEntries
SelectObject
GetStockObject
CreateCompatibleDC
GetMapMode

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/OCX/MSDatGrd/MSDATGRD.INF
315912/OCX/MSDatGrd/MSDATGRD.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

5bb139062d9dee71b3b9d4aebd0bf636

Code Sign

03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

09/04/1996, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

fc:a4:a5:9f:2c:0f:c0:b9:03:98:33:1b:7b:54:54:1d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

16/11/1999, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service CA SW1,OU=VeriSign Trust Network+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

75:f2:8e:f8:a8:fb:ea:6d:11:52:97:14:95:4b:65:5c
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

04/04/2000, 00:00

Not After

17/04/2001, 23:59

Subject

CN=Microsoft Corporation,OU=VeriSign Commercial Software Publishers CA+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98+OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Microsoft Corporation,O=VeriSign\, Inc.,L=Internet+L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpA
CompareStringW
GetVersionExA
IsDBCSLeadByte
LoadResource
CompareStringA
FindResourceA
HeapReAlloc
LockResource
lstrcmpiA
lstrcpyA
GetLocaleInfoA
GetWindowsDirectoryA
lstrcpynA
GetModuleFileNameA
lstrcatA
DisableThreadLibraryCalls
GetFileAttributesA
GetVersion
GetLastError
InterlockedIncrement
InterlockedDecrement
GlobalUnlock
IsBadWritePtr
MultiByteToWideChar
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
LoadLibraryA
EnterCriticalSection
HeapAlloc
GetProcessHeap
lstrlenA
GetProcAddress

user32

GetDesktopWindow
GetCapture
EndDialog
SetCursor
UnregisterClassA
ReleaseCapture
CharNextA
GetDCEx
WaitMessage
DefWindowProcA
GetWindow
GetActiveWindow
GetParent
EqualRect
SetWindowRgn
ShowWindow
SetParent
EndPaint
IsDialogMessageA
GetNextDlgTabItem
IsWindowEnabled
BeginPaint
EnableMenuItem
PeekMessageW
PostMessageW
RegisterWindowMessageA
KillTimer
SetTimer
wsprintfA
PeekMessageA
GetMessageA
PostQuitMessage
InvalidateRect
CheckDlgButton
TranslateMessage
IsWindowVisible
GetFocus
IsChild
GetDlgItemInt
SetDlgItemInt
GetWindowTextLengthA
SendDlgItemMessageA
EnableWindow
GetDlgItemTextA
IsDlgButtonChecked
SetDlgItemTextA
LoadMenuA
GetSubMenu
DestroyMenu
GetDlgItem
TrackPopupMenu
GetScrollInfo
ScrollWindowEx
ShowScrollBar
DrawFrameControl
SetScrollInfo
EnableScrollBar
IntersectRect
DrawTextA
DrawTextW
WindowFromDC
DrawTextExW
SetRect
FillRect
InflateRect
OffsetRect
GetDC
DrawTextExA
UpdateWindow
GetWindowRect
GetClientRect
ReleaseDC
CreateDialogIndirectParamA
DialogBoxParamA
PostMessageA
PtInRect
WinHelpA
GetAsyncKeyState
DispatchMessageA
GetKeyState
CreateWindowExW
SetWindowLongW
RedrawWindow
SendMessageW
ClientToScreen
ScreenToClient
CallWindowProcW
CallWindowProcA
MoveWindow
CreateWindowExA
SetWindowLongA
SetWindowPos
LoadBitmapA
RegisterClipboardFormatA
OpenClipboard
GetClipboardData
CloseClipboard
EmptyClipboard
SetClipboardData
MessageBoxA
SetFocus
MessageBeep
GetKeyboardLayout
GetWindowLongA
SendMessageA
GetSysColor
LoadCursorA
RegisterClassA
DestroyWindow
GetSystemMetrics
LoadStringA
GetMessagePos
EnumClipboardFormats
SetCapture

ole32

OleSaveToStream
CreateOleAdviseHolder
CoTaskMemAlloc
CoCreateInstance
OleLoadFromStream
CoTaskMemFree
CreateStreamOnHGlobal
GetHGlobalFromStream

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

SafeArrayCreateVector
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayUnaccessData
CreateErrorInfo
SafeArrayAccessData
OleCreatePropertyFrame
LoadTypeLibEx
SetErrorInfo
LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi
OleCreatePictureIndirect
OleTranslateColor
VariantChangeTypeEx
SysAllocStringByteLen
LoadRegTypeLi
OleCreateFontIndirect
VarR4FromStr
VarBstrFromR4
VariantChangeType
VariantCopy
VariantClear
GetErrorInfo
VariantInit
SysStringLen
SysAllocStringLen
SysStringByteLen
SysFreeString
SysAllocString

gdi32

GetTextExtentPoint32W
ExtTextOutW
CreatePen
ExtTextOutA
CreateDCA
SetROP2
SetWindowExtEx
SetViewportExtEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
LPtoDP
DeleteObject
CreateSolidBrush
GetTextExtentPoint32A
SetTextColor
DeleteDC
SetBkColor
CloseEnhMetaFile
GetDeviceCaps
CreateEnhMetaFileA
BitBlt
DeleteEnhMetaFile
GetObjectA
SetMapMode
DPtoLP
SelectClipRgn
GetWindowOrgEx
CreateRectRgnIndirect
Rectangle
IntersectClipRect
SetWindowOrgEx
PatBlt
SetTextAlign
GetDIBits
StretchDIBits
GetClipBox
CreateBitmap
GetSystemPaletteEntries
SelectObject
GetStockObject
CreateCompatibleDC
GetMapMode

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/OCX/MSFLXGRD.OCA
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/OCX/MSFLXGRD.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

19bebd38b9f2f6996f9c6cacd5c9a223

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GlobalSize
WriteFile
GetEnvironmentStringsW
GetVersionExA
GlobalLock
GlobalUnlock
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoA
GetStdHandle
GetFileType
SetHandleCount
HeapDestroy
HeapCreate
GetCurrentProcess
TerminateProcess
ExitProcess
GetModuleHandleA
GetProcAddress
GetCommandLineA
OpenFile
GetVersion
DisableThreadLibraryCalls
FindResourceA
LoadResource
LockResource
GetLastError
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
GetLocaleInfoA
LoadLibraryA
GetWindowsDirectoryA
GetModuleFileNameA
MultiByteToWideChar
GetProcessHeap
GetProfileStringA
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
DeleteCriticalSection
InitializeCriticalSection
lstrcmpiA
GlobalAlloc
GlobalFree
lstrcpynA
HeapFree
lstrlenA
WideCharToMultiByte
HeapAlloc
lstrlenW
lstrcpyA
IsDBCSLeadByte
lstrcatA
lstrcpyW
lstrcmpA
MulDiv

user32

PostMessageW
PeekMessageW
SendMessageA
PostMessageA
RegisterWindowMessageA
IsDlgButtonChecked
DrawTextExA
DrawTextA
SetCursorPos
PeekMessageA
FillRect
GetWindowLongA
MessageBoxA
LoadStringA
SendDlgItemMessageA
InvalidateRect
GetActiveWindow
DialogBoxParamA
GetWindowRect
MoveWindow
EndDialog
SetDlgItemTextA
GetClipboardFormatNameA
CreateDialogIndirectParamA
RegisterClipboardFormatA
UnregisterClassA
IsChild
IsWindowEnabled
GetNextDlgTabItem
IsDialogMessageA
WinHelpA
ShowWindow
SetWindowRgn
IntersectRect
EqualRect
GetWindow
GetParent
ClientToScreen
GetDlgItemInt
BeginPaint
SetDlgItemInt
DestroyWindow
IsWindowVisible
CreateWindowExA
GetFocus
CheckDlgButton
GetSystemMetrics
GetDlgItem
SetFocus
GetDlgItemTextA
SetWindowLongA
SetWindowPos
ReleaseCapture
KillTimer
DrawFocusRect
SetTimer
SetCapture
SetCursor
DefWindowProcA
EnableWindow
GetCursorPos
ScreenToClient
PtInRect
InflateRect
DrawEdge
FrameRect
LoadCursorA
RegisterClassA
GetDC
ReleaseDC
CharNextA
GetKeyState
SetRect
UpdateWindow
IsWindow
GetScrollRange
ScrollWindow
OffsetRect
GetClientRect
SetScrollRange
SetScrollPos
GetSysColor
SetParent
MessageBeep
wsprintfA
EndPaint

ole32

CreateOleAdviseHolder
ReleaseStgMedium
DoDragDrop
RegisterDragDrop
RevokeDragDrop
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc

advapi32

RegDeleteKeyA
RegQueryValueA
RegOpenKeyA
RegEnumKeyExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA

oleaut32

SafeArrayCopy
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayPutElement
SafeArrayCreate
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayDestroy
VariantCopyInd
SafeArrayUnaccessData
LoadTypeLibEx
UnRegisterTypeLi
VariantCopy
CreateErrorInfo
SetErrorInfo
RegisterTypeLi
LoadRegTypeLi
OleCreatePropertyFrame
LoadTypeLi
SysAllocString
GetErrorInfo
VariantClear
SysStringLen
VariantInit
SysAllocStringLen
OleCreatePictureIndirect
SysFreeString
VariantChangeType
OleCreateFontIndirect
SafeArrayRedim

gdi32

CreateDCA
LPtoDP
CopyEnhMetaFileA
GetWindowExtEx
GetNearestColor
CreatePalette
GetBitmapBits
CreateDIBitmap
RealizePalette
GetDIBits
SelectPalette
GetPaletteEntries
CopyMetaFileA
CreatePen
DeleteObject
CreateSolidBrush
SelectObject
GetObjectA
GetStockObject
DeleteDC
StretchBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetTextMetricsA
RestoreDC
ExcludeClipRect
SaveDC
LineTo
MoveToEx
SetTextColor
SetBkMode
GetCurrentPositionEx
SetMapMode
SetViewportExtEx
SetWindowExtEx
DPtoLP
GetTextColor
CreateBitmap
GetDeviceCaps
GetTextExtentPoint32A
CreateFontIndirectA
CreateRectRgnIndirect
SetViewportOrgEx
SetWindowOrgEx
GetViewportExtEx

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/OCX/MSINET.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

d940cf5b3d0dfb340396c0608ef1a0c5

Code Sign

03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

09/04/1996, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

fc:a4:a5:9f:2c:0f:c0:b9:03:98:33:1b:7b:54:54:1d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

16/11/1999, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service CA SW1,OU=VeriSign Trust Network+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

75:f2:8e:f8:a8:fb:ea:6d:11:52:97:14:95:4b:65:5c
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

04/04/2000, 00:00

Not After

17/04/2001, 23:59

Subject

CN=Microsoft Corporation,OU=VeriSign Commercial Software Publishers CA+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98+OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Microsoft Corporation,O=VeriSign\, Inc.,L=Internet+L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

wininet

FtpSetCurrentDirectoryA
FtpCreateDirectoryA
InternetCrackUrlA
InternetSetOptionA
InternetCreateUrlA
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetFindNextFileA
FtpDeleteFileA
FtpGetFileA
FtpPutFileA
FtpRenameFileA
InternetReadFile
InternetConnectA
FtpGetCurrentDirectoryA
FtpRemoveDirectoryA
FtpFindFirstFileA
HttpQueryInfoA
HttpOpenRequestA
HttpSendRequestA
InternetOpenUrlA

kernel32

LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
GetProcessHeap
CloseHandle
LocalFree
FormatMessageA
SetEvent
CreateEventA
GetLastError
MultiByteToWideChar
lstrcatA
lstrcpyA
lstrlenA
ResetEvent
SetLastError
lstrcpynA
WaitForSingleObject
WaitForMultipleObjects
GetTickCount
IsBadWritePtr
DisableThreadLibraryCalls
GetVersion
GetProcAddress
GetFileAttributesA
GetModuleFileNameA
GetWindowsDirectoryA
LoadLibraryA
GetLocaleInfoA
InterlockedIncrement
InterlockedDecrement
HeapReAlloc
lstrcmpiA
LockResource
LoadResource
FindResourceA
lstrcmpA

user32

SetDlgItemInt
SendDlgItemMessageA
GetMessageA
PostQuitMessage
GetDlgItemInt
GetDlgItemTextA
SendMessageA
ReleaseDC
GetDC
CharNextA
SetDlgItemTextA
SetWindowPos
SetWindowLongA
SetParent
EndPaint
GetClientRect
BeginPaint
GetWindowLongA
SetFocus
GetDlgItem
MoveWindow
GetWindow
GetActiveWindow
IsWindowVisible
TranslateMessage
GetParent
OffsetRect
EqualRect
DispatchMessageA
GetWindowThreadProcessId
ShowWindow
PtInRect
WinHelpA
IsDialogMessageA
GetNextDlgTabItem
IsWindowEnabled
IsChild
GetKeyState
CreateDialogIndirectParamA
MessageBoxA
MessageBeep
SetTimer
PeekMessageA
MsgWaitForMultipleObjects
PostMessageA
ClientToScreen
GetWindowRect
CreateWindowExA
EndDialog
LoadIconA
DrawEdge
DrawIcon
LoadCursorA
RegisterClassA
DestroyIcon
KillTimer
DestroyWindow
GetSystemMetrics
LoadStringA
wsprintfA
DialogBoxParamA
IntersectRect
SetWindowRgn
DefWindowProcA
PostThreadMessageA
UnregisterClassA

ole32

CoUninitialize
CoTaskMemAlloc
CoInitialize
CoTaskMemFree
CoCreateInstance
CreateOleAdviseHolder

advapi32

RegEnumKeyExA
RegQueryValueExA
RegQueryValueA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA

oleaut32

OleCreatePropertyFrame
RegisterTypeLi
LoadTypeLi
UnRegisterTypeLi
LoadTypeLibEx
SafeArrayCreate
SetErrorInfo
CreateErrorInfo
GetErrorInfo
LoadRegTypeLi
SysStringLen
SysAllocStringLen
SysFreeString
VariantInit
VariantClear
VariantChangeType
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
VariantChangeTypeEx
SysAllocString

gdi32

GetWindowExtEx
SetViewportOrgEx
LPtoDP
DeleteDC
SetWindowExtEx
SetMapMode
SetViewportExtEx
GetViewportExtEx
SetWindowOrgEx
CreateDCA
GetDeviceCaps
CreateRectRgnIndirect

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/OCX/MSSUPERMENUXP.oca
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/OCX/MsSuperMenuXP.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

085ba5d352876f391b60e56dc5b3f937

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
MethCallEngine
EVENT_SINK_Invoke
ord516
ord518
ord519
ord660
ord556
ord665
Zombie_GetTypeInfo
EVENT_SINK2_Release
ord595
ord598
ord520
ord631
ord632
ord526
EVENT_SINK_AddRef
ord527
ord529
ord562
DllFunctionCall
Zombie_GetTypeInfoCount
EVENT_SINK_Release
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord606
ord607
ord608
ord717
ord319
ProcCallEngine
ord535
ord537
ord644
ord645
ord570
ord648
ord572
ord573
EVENT_SINK2_AddRef
ord681
ord578
ord685
ord101
ord102
ord103
ord104
ord105
ord320
ord321
ord616
ord617
ord619
ord652
ord581

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 268KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/OCX/PRTREC/Prtrec.oca
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/OCX/PRTREC/Prtrec.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

1636e294dbfc9870edb33552bca3c6b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm50

__vbaVarSub
__vbaVarTstGt
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
__vbaLateIdCall
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaVarForInit
__vbaObjSet
ord595
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
_CIsin
__vbaChkstk
__vbaCyVar
ord526
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaVarTstEq
__vbaObjVar
__vbaPrintObj
__vbaCastObjVar
_adj_fpatan
__vbaR4Var
__vbaR4Cy
__vbaLateIdCallLd
__vbaRedim
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaVarMul
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaVarDiv
__vbaFPException
__vbaI2Var
_CIlog
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaVarSetObj
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
__vbaI4Var
ord103
ord104
ord105
__vbaVarAdd
__vbaVarDup
__vbaVarCopy
__vbaLateMemCallLd
_CIatan
__vbaStrMove
_allmul
__vbaLateIdSt
_CItan
__vbaVarForNext
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/OCX/PrintCell.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

c7604249e7394d4e0556d860f3b5f101

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

__vbaVarTstGt
__vbaVarSub
__vbaStrI2
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaLateIdCall
__vbaStrVarMove
__vbaLenBstr
__vbaAptOffset
ord588
__vbaFreeVarList
_adj_fdiv_m64
__vbaRaiseEvent
__vbaFreeObjList
ord516
__vbaStrErrVarCopy
_adj_fprem1
__vbaRecAnsiToUni
__vbaVarCmpNe
__vbaStrCat
__vbaLsetFixstr
__vbaRecDestruct
__vbaSetSystemError
__vbaHresultCheckObj
__vbaLenVar
__vbaVargVarCopy
_adj_fdiv_m32
__vbaAryVar
__vbaVarTstLe
__vbaAryDestruct
__vbaLateMemSt
ord591
ord592
__vbaVarForInit
__vbaForEachCollObj
ord593
__vbaExitProc
ord594
ord595
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaFpR4
__vbaStrFixstr
__vbaBoolVar
ord520
__vbaVarTstLt
__vbaVargVar
__vbaBoolVarNull
__vbaFpR8
_CIsin
ord631
__vbaVarCmpGt
__vbaNextEachCollObj
__vbaVargVarMove
ord632
__vbaChkstk
__vbaCyVar
ord526
EVENT_SINK_AddRef
ord527
ord528
__vbaGenerateBoundsError
__vbaStrCmp
__vbaVarTstEq
ord560
__vbaObjVar
__vbaPrintObj
__vbaI2I4
ord561
DllFunctionCall
__vbaVarOr
__vbaCastObjVar
__vbaRedimPreserve
__vbaStrR4
_adj_fpatan
__vbaR4Var
__vbaFixstrConstruct
__vbaR4Cy
__vbaLateIdCallLd
__vbaRedim
__vbaStrR8
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
__vbaUI1I2
_CIsqrt
__vbaObjIs
__vbaLateIdCallSt
EVENT_SINK_QueryInterface
__vbaVarMul
__vbaExceptHandler
ord711
__vbaStrToUnicode
ord712
__vbaDateStr
_adj_fprem
_adj_fdivr_m64
__vbaLateIdStAd
ord607
__vbaI2Str
ord714
ord608
__vbaVarCmpLe
ord716
__vbaFPException
__vbaInStrVar
__vbaUbound
__vbaStrVarVal
ord534
__vbaVarCat
__vbaI2Var
ord537
_CIlog
__vbaErrorOverflow
__vbaR8Str
__vbaNew2
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaVarNot
__vbaFreeStrList
_adj_fdivr_m32
__vbaR8Var
__vbaPowerR8
_adj_fdiv_r
ord685
ord101
__vbaVarSetVar
ord102
__vbaI4Var
ord103
__vbaVarCmpEq
ord104
ord610
ord105
__vbaAryLock
__vbaVarAdd
__vbaLateMemCall
ord612
__vbaStrToAnsi
__vbaVarDup
__vbaVerifyVarObj
ord613
__vbaFpI2
ord616
__vbaVarLateMemCallLd
__vbaFpI4
__vbaVarCopy
__vbaLateMemCallLd
__vbaRecDestructAnsi
__vbaVarSetObjAddref
ord617
_CIatan
__vbaI2ErrVar
__vbaUI1Str
__vbaAryCopy
__vbaStrMove
__vbaCastObj
ord619
__vbaR8IntI4
__vbaStrVarCopy
ord650
_allmul
__vbaLateIdSt
__vbaAryRecCopy
_CItan
ord546
__vbaAryUnlock
__vbaFPInt
__vbaVarForNext
__vbaFpCSngR8
_CIexp
__vbaRecAssign
__vbaFreeStr
__vbaFreeObj
ord581

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 464KB - Virtual size: 461KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
315912/OLD/MAIN.FRM
315912/OLD/MAIN.FRX
315912/OLD/MAIN.VBP
315912/OLD/MAIN.VBW
315912/frmHPCK.frm
.vbs
315912/frmHPCK.frx
315912/frmHPKC.frm
.vbs
315912/frmHPKC.frx
315912/frmLogin.frm
.vbs
315912/frmLogin.frx
315912/frmMain.frm
315912/frmMain.frx
315912/frmMain.log
315912/frmSetup.frm
.vbs
315912/frmSetup.frx
315912/下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 512B - Virtual size: 4KB

.bss Size: - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 24KB

.idata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size:

Headers

File Characteristics

Sections

.text Size: 512B - Virtual size: 4KB

.bss Size: - Virtual size: 4KB

.rsrc Size: 27KB - Virtual size: 28KB

.idata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size:

db0694821f0768d0c34eb79d1ffcd18c

Headers

File Characteristics

Imports

msvbvm50

Sections

.text Size: 160KB - Virtual size: 160KB

.data Size: 512B - Virtual size: 12KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 10KB - Virtual size: 9KB

Headers

File Characteristics

Sections

.text Size: 512B - Virtual size: 4KB

.bss Size: - Virtual size: 4KB

.rsrc Size: 124KB - Virtual size: 124KB

.idata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size:

Headers

File Characteristics

Sections

.text Size: 512B - Virtual size: 4KB

.bss Size: - Virtual size: 4KB

.rsrc Size: 26KB - Virtual size: 28KB

.idata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size:

Headers

File Characteristics

Sections

.text Size: 512B - Virtual size: 4KB

.bss Size: - Virtual size: 4KB

.rsrc Size: 16KB - Virtual size: 20KB

.idata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size:

Headers

File Characteristics

Sections

.text Size: 512B - Virtual size: 4KB

.bss Size: - Virtual size: 4KB

.rsrc Size: 230KB - Virtual size: 232KB

.idata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size:

c8cebbf034d8c6304701e5ec3fae70a4

Code Sign

03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10Certificate

fc:a4:a5:9f:2c:0f:c0:b9:03:98:33:1b:7b:54:54:1dCertificate

Extended Key Usages

Key Usages

75:f2:8e:f8:a8:fb:ea:6d:11:52:97:14:95:4b:65:5cCertificate

Key Usages

Signer

Headers

File Characteristics

Imports

version

comctl32

kernel32

user32

.text
Size: 512B - Virtual size: 4KB

.bss
Size: - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 24KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size:

.text
Size: 512B - Virtual size: 4KB

.bss
Size: - Virtual size: 4KB

.rsrc
Size: 27KB - Virtual size: 28KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size:

.text
Size: 160KB - Virtual size: 160KB

.data
Size: 512B - Virtual size: 12KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 10KB - Virtual size: 9KB

.text
Size: 512B - Virtual size: 4KB

.bss
Size: - Virtual size: 4KB

.rsrc
Size: 124KB - Virtual size: 124KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size:

.text
Size: 512B - Virtual size: 4KB

.bss
Size: - Virtual size: 4KB

.rsrc
Size: 26KB - Virtual size: 28KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size:

.text
Size: 512B - Virtual size: 4KB

.bss
Size: - Virtual size: 4KB

.rsrc
Size: 16KB - Virtual size: 20KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size:

.text
Size: 512B - Virtual size: 4KB

.bss
Size: - Virtual size: 4KB

.rsrc
Size: 230KB - Virtual size: 232KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size:

03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10
Certificate

fc:a4:a5:9f:2c:0f:c0:b9:03:98:33:1b:7b:54:54:1d
Certificate

75:f2:8e:f8:a8:fb:ea:6d:11:52:97:14:95:4b:65:5c
Certificate

.text
Size: 331KB - Virtual size: 330KB

.data
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 224KB - Virtual size: 224KB

.reloc
Size: 24KB - Virtual size: 23KB

.text
Size: 116KB - Virtual size: 113KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 108KB - Virtual size: 104KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 356KB - Virtual size: 355KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 11KB - Virtual size: 22KB

.idata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 84KB - Virtual size: 84KB

.reloc
Size: 21KB - Virtual size: 20KB

.text
Size: 512B - Virtual size: 4KB

.bss
Size: - Virtual size: 4KB

.rsrc
Size: 61KB - Virtual size: 64KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: