GUIfpt[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

GUIfpt.rar
Size

22.4MB
MD5

5f879fcec065061c06a94dac2dabdc75
SHA1

5e9551c236d599318c01fc6e6d5710d6eff8121c
SHA256

5cf23b4dcc09283eb131408509ad3024bfd10fe07f62aa58d453a99621b7c814
SHA512

83387be20fd52780814d2b71011432da08ea991fa934eb63955d7d45223b25791a9ca0d35900cb0e9b01d5f08962f169d446bdd52d7f25ea1c775920f56df328
SSDEEP

393216:zeORKGzgv5JVYHn17h1cs3ia9wwRfPRsTj4eC9f/Sum3mHSuXmzcQXPwfCEtxOF9:iOkemVYH178oSwRf8j0N/SDmSuW/f6ns

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/AMIBCP5/AMIBCP5.exe
unpack001/GUIfpt.exe
unpack001/UEFITool/UEFITool.exe
unpack001/idrvdll32e.DLL
unpack001/mmtool/mmtool_a5.exe
unpack001/pmxdll32e.DLL

Files

GUIfpt.rar
.rar
AMIBCP5/AMIBCP5.exe
.exe windows:4 windows x86 arch:x86

8f33b8e3f17abf9dbb148477ede548f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
ExitProcess
HeapReAlloc
HeapSize
VirtualAlloc
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
Sleep
SetStdHandle
GetConsoleCP
GetConsoleMode
SetEnvironmentVariableA
SetEnvironmentVariableW
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStartupInfoW
GetProcessHeap
HeapAlloc
HeapFree
GetTickCount
SetErrorMode
FindResourceExW
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFlags
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalGetAtomNameW
GetShortPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
lstrcmpiW
GetThreadLocale
GetStringTypeExW
MoveFileW
VirtualProtect
GetDiskFreeSpaceW
GetFullPathNameW
GetFileAttributesW
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
WritePrivateProfileStringW
GetPrivateProfileIntW
InterlockedDecrement
GetVersionExW
GetCurrentProcessId
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
FreeLibrary
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
FreeResource
GlobalFree
GlobalAlloc
FormatMessageW
LocalFree
lstrlenW
MulDiv
FindFirstFileA
RemoveDirectoryA
FindNextFileA
FindClose
GetCurrentDirectoryA
GetModuleHandleA
FindResourceA
SetEndOfFile
DeleteFileA
CreateProcessA
GetExitCodeProcess
GetTempPathA
CreateFileA
WriteFile
CreateDirectoryA
GetFileTime
SetFileTime
FindFirstFileW
GlobalLock
GlobalUnlock
GetTempPathW
GetTempFileNameW
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
lstrlenA
DeleteFileW
GetPrivateProfileStringW
GetModuleFileNameW
GetLastError
SetLastError
GetProcAddress
GetModuleHandleW
LoadLibraryW
CreateFileW
CloseHandle
GetEnvironmentVariableW
SetCurrentDirectoryW
WideCharToMultiByte
GetCurrentDirectoryW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
QueryPerformanceCounter
SizeofResource

user32

CopyAcceleratorTableW
CreateMenu
PostThreadMessageW
GetTabbedTextExtentA
GetDCEx
LockWindowUpdate
RegisterClipboardFormatW
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
SetMenu
RedrawWindow
TranslateMDISysAccel
BringWindowToTop
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
GetDC
ReleaseDC
DestroyCursor
SetRect
CharUpperW
MapDialogRect
GetAsyncKeyState
SetCapture
SetWindowRgn
DrawIcon
FillRect
IsRectEmpty
FindWindowW
SystemParametersInfoW
LoadMenuW
DestroyMenu
ShowOwnedPopups
PostQuitMessage
GetMessageW
ValidateRect
GetWindowThreadProcessId
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetScrollInfo
SetScrollInfo
CopyRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamW
DestroyWindow
IsWindow
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetWindowTextLengthW
GetWindowTextW
GetScrollPos
SetScrollPos
GetWindow
SetFocus
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
LoadCursorW
SetCursor
GetClassNameW
SetWindowLongW
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
InvalidateRect
EqualRect
DestroyIcon
UnregisterClassW
GetMenuItemInfoW
GetSysColorBrush
SetParent
GetSystemMenu
DeleteMenu
IsZoomed
InflateRect
SendDlgItemMessageA
GetClipboardData
CloseClipboard
OpenClipboard
TranslateMessage
DispatchMessageW
GetDlgItem
GetKeyState
ReleaseCapture
GetCursorPos
GetSysColor
GetWindowLongW
WindowFromPoint
GetDesktopWindow
GetFocus
KillTimer
SetTimer
ScreenToClient
ClientToScreen
PostMessageW
PtInRect
GetParent
GetWindowRect
MessageBoxW
MessageBeep
GetClientRect
LoadAcceleratorsW
TranslateAcceleratorW
UpdateWindow
EnableWindow
SendMessageW
GetTopWindow
UnregisterClassA

gdi32

BitBlt
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
IntersectClipRect
CreatePatternBrush
CreateSolidBrush
GetWindowExtEx
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetCharWidthW
CreateFontW
StretchDIBits
GetTextMetricsW
GetTextExtentPoint32W
EnumFontFamiliesExW
GetNearestColor
GetBkColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
GetTextFaceW
GetTextExtentPoint32A
GetWindowOrgEx
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetTextAlign
MoveToEx
LineTo
CreateFontIndirectW
SetBkMode
RestoreDC
SaveDC
GetStockObject
PatBlt
Rectangle
GetViewportOrgEx
CreatePen
DeleteDC
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocW
Ellipse
LPtoDP
DPtoLP
CreateEllipticRgn
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CreateDCW
GetDeviceCaps
GetCurrentObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW

comdlg32

GetFileTitleW
GetSaveFileNameW

winspool.drv

GetJobW
ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

GetFileSecurityW
SetFileSecurityW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegOpenKeyW
RegSetValueW
RegCloseKey
RegOpenKeyExA
RegCreateKeyW

shell32

DragFinish
DragQueryFileW
SHGetFileInfoW
ExtractIconW
DragAcceptFiles

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoCreateGuid

oleaut32

VariantInit
VariantChangeType
VariantClear
SysAllocStringLen

Sections

.text
Size: 660KB - Virtual size: 656KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10.6MB - Virtual size: 10.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
GUIfpt-1.bin
GUIfpt-2.bin
GUIfpt.exe
.exe windows:6 windows x86 arch:x86

e569e6f445d32ba23766ad67d1e3787f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetACP
GetExitCodeProcess
LocalFree
CloseHandle
SizeofResource
VirtualProtect
VirtualFree
GetFullPathNameW
ExitProcess
HeapAlloc
GetCPInfoExW
RtlUnwind
GetCPInfo
GetStdHandle
GetModuleHandleW
FreeLibrary
HeapDestroy
ReadFile
CreateProcessW
GetLastError
GetModuleFileNameW
SetLastError
FindResourceW
CreateThread
CompareStringW
LoadLibraryA
ResetEvent
GetVersion
RaiseException
FormatMessageW
SwitchToThread
GetExitCodeThread
GetCurrentThread
LoadLibraryExW
LockResource
GetCurrentThreadId
UnhandledExceptionFilter
VirtualQuery
VirtualQueryEx
Sleep
EnterCriticalSection
SetFilePointer
LoadResource
SuspendThread
GetTickCount
GetFileSize
GetStartupInfoW
GetFileAttributesW
InitializeCriticalSection
GetSystemWindowsDirectoryW
GetThreadPriority
SetThreadPriority
GetCurrentProcess
VirtualAlloc
GetSystemInfo
GetCommandLineW
LeaveCriticalSection
GetProcAddress
ResumeThread
GetVersionExW
VerifyVersionInfoW
HeapCreate
GetWindowsDirectoryW
VerSetConditionMask
GetDiskFreeSpaceW
FindFirstFileW
GetUserDefaultUILanguage
lstrlenW
QueryPerformanceCounter
SetEndOfFile
HeapFree
WideCharToMultiByte
FindClose
MultiByteToWideChar
LoadLibraryW
SetEvent
CreateFileW
GetLocaleInfoW
GetSystemDirectoryW
DeleteFileW
GetLocalTime
GetEnvironmentVariableW
WaitForSingleObject
WriteFile
ExitThread
DeleteCriticalSection
TlsGetValue
GetDateFormatW
SetErrorMode
IsValidLocale
TlsSetValue
CreateDirectoryW
GetSystemDefaultUILanguage
EnumCalendarInfoW
LocalAlloc
GetUserDefaultLangID
RemoveDirectoryW
CreateEventW
SetThreadLocale
GetThreadLocale

comctl32

InitCommonControls

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

user32

CreateWindowExW
TranslateMessage
CharLowerBuffW
CallWindowProcW
CharUpperW
PeekMessageW
GetSystemMetrics
SetWindowLongW
MessageBoxW
DestroyWindow
CharUpperBuffW
CharNextW
MsgWaitForMultipleObjects
LoadStringW
ExitWindowsEx
DispatchMessageW

oleaut32

SysAllocStringLen
SafeArrayPtrOfIndex
VariantCopy
SafeArrayGetLBound
SafeArrayGetUBound
VariantInit
VariantClear
SysFreeString
SysReAllocStringLen
VariantChangeType
SafeArrayCreate

netapi32

NetWkstaGetInfo
NetApiBufferFree

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExW
AdjustTokenPrivileges
GetTokenInformation
ConvertSidToStringSidW
LookupPrivilegeValueW
RegCloseKey
OpenProcessToken
RegOpenKeyExW

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 718KB - Virtual size: 718KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 27KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 154B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 24B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
UEFITool/UEFITool.exe
.exe windows:4 windows x86 arch:x86

237926d25b6ee694a3400bdc5eb5da43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

CopySid
FreeSid
GetLengthSid
GetTokenInformation
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegFlushKey
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW

gdi32

AddFontMemResourceEx
AddFontResourceExW
BitBlt
ChoosePixelFormat
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateFontIndirectW
CreateRectRgn
DeleteDC
DeleteObject
DescribePixelFormat
EnumFontFamiliesExW
ExtTextOutW
GdiFlush
GetBitmapBits
GetCharABCWidthsFloatW
GetCharABCWidthsW
GetDIBits
GetDeviceCaps
GetFontData
GetGlyphOutlineW
GetObjectW
GetOutlineTextMetricsW
GetPixelFormat
GetRegionData
GetStockObject
GetTextExtentPoint32W
GetTextFaceW
GetTextMetricsW
OffsetRgn
RemoveFontMemResourceEx
RemoveFontResourceExW
SelectClipRgn
SelectObject
SetBkMode
SetGraphicsMode
SetPixelFormat
SetTextAlign
SetTextColor
SetWorldTransform
SwapBuffers

imm32

ImmAssociateContext
ImmGetCompositionStringW
ImmGetContext
ImmGetDefaultIMEWnd
ImmGetVirtualKey
ImmNotifyIME
ImmReleaseContext
ImmSetCandidateWindow
ImmSetCompositionWindow

kernel32

AddVectoredExceptionHandler
CancelIo
CheckRemoteDebuggerPresent
CloseHandle
CompareStringW
ConnectNamedPipe
CopyFileW
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileA
CreateFileMappingW
CreateFileW
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateSemaphoreA
CreateThread
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DuplicateHandle
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsW
FileTimeToSystemTime
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationW
FindFirstFileExW
FindFirstFileW
FindNextChangeNotification
FindNextFileW
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
GetCommandLineW
GetConsoleWindow
GetCurrencyFormatW
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetExitCodeProcess
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileType
GetFullPathNameW
GetGeoInfoW
GetHandleInformation
GetLastError
GetLocalTime
GetLocaleInfoW
GetLogicalDrives
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetNativeSystemInfo
GetProcAddress
GetProcessAffinityMask
GetProcessId
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathW
GetThreadContext
GetThreadPriority
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetUserDefaultUILanguage
GetUserGeoID
GetVolumeInformationW
GlobalAlloc
GlobalLock
GlobalSize
GlobalUnlock
InitializeCriticalSection
IsDBCSLeadByteEx
IsDebuggerPresent
IsValidLanguageGroup
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
MapViewOfFile
MoveFileExW
MoveFileW
MultiByteToWideChar
OpenProcess
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReadFileEx
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryW
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
SetCurrentDirectoryW
SetEndOfFile
SetErrorMode
SetEvent
SetFilePointer
SetFilePointerEx
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SleepEx
SuspendThread
SwitchToThread
SystemTimeToTzSpecificLocalTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteFile
WriteFileEx
lstrcmpW

msvcrt

___mb_cur_max_func
__argc
__argv
__doserrno
__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__pioinfo
__set_app_type
__setusermatherr
_amsg_exit
_beginthreadex
_cexit
_clearfp
_close
_control87
_endthreadex
_environ
_errno
_exit
_filelengthi64
_fileno
_get_osfhandle
_getdrive
_initterm
_iob
_lock
_lseeki64
_onexit
_open_osfhandle
_putenv
_read
_setjmp3
_snwprintf
_strdup
_strdup
_timezone
_tzname
_tzset
_ultoa
_unlock
_vsnprintf
_waccess
_wchmod
_wgetdcwd
_write
_write
abort
acos
asin
atan
atof
atoi
atol
bsearch
calloc
exit
fclose
feof
ferror
fflush
fgetpos
fgets
fopen
fprintf
fputc
fputs
fread
free
gmtime
frexp
fseek
fsetpos
ftell
fwprintf
fwrite
getc
getenv
islower
isspace
isupper
isxdigit
localeconv
localtime
log10
longjmp
malloc
memchr
mktime
memcmp
memcpy
memmove
memset
printf
puts
qsort
raise
rand
realloc
remove
setlocale
signal
sprintf
srand
sscanf
strcat
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
strrchr
strstr
strtol
strtoul
tan
tolower
toupper
ungetc
vfprintf
wcschr
wcscmp
wcscpy
wcslen
wcsncmp
wcsrchr

ole32

CoCreateGuid
CoCreateInstance
CoGetMalloc
CoInitialize
CoLockObjectExternal
CoTaskMemFree
CoUninitialize
DoDragDrop
OleFlushClipboard
OleGetClipboard
OleInitialize
OleIsCurrentClipboard
OleSetClipboard
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
StringFromGUID2

oleaut32

SysAllocStringLen
VariantInit

opengl32

glBindTexture
glBlendFunc
glClear
glClearColor
glClearDepth
glClearStencil
glColorMask
glCopyTexImage2D
glCopyTexSubImage2D
glCullFace
glDeleteTextures
glDepthFunc
glDepthMask
glDepthRange
glDisable
glDrawArrays
glDrawElements
glEnable
glFinish
glFlush
glFrontFace
glGenTextures
glGetBooleanv
glGetError
glGetFloatv
glGetIntegerv
glGetString
glGetTexParameterfv
glGetTexParameteriv
glHint
glIsEnabled
glIsTexture
glLineWidth
glPixelStorei
glPolygonOffset
glReadPixels
glScissor
glStencilFunc
glStencilMask
glStencilOp
glTexImage2D
glTexParameterf
glTexParameterfv
glTexParameteri
glTexParameteriv
glTexSubImage2D
glViewport

shell32

CommandLineToArgvW
SHBrowseForFolderW
SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderPathW
ShellExecuteW

user32

AdjustWindowRectEx
BeginPaint
CallNextHookEx
ChangeClipboardChain
CharNextExA
ChildWindowFromPointEx
ClientToScreen
CreateCaret
CreateCursor
CreateIconIndirect
CreateWindowExW
DefWindowProcW
DestroyCaret
DestroyCursor
DestroyIcon
DestroyWindow
DispatchMessageW
DrawIconEx
EnableMenuItem
EndPaint
EnumDisplayMonitors
EnumWindows
FlashWindowEx
GetAncestor
GetAsyncKeyState
GetCapture
GetCaretBlinkTime
GetClassInfoW
GetClientRect
GetClipboardFormatNameW
GetCursor
GetCursorInfo
GetCursorPos
GetDC
GetDesktopWindow
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardState
GetMenu
GetMessageExtraInfo
GetMonitorInfoW
GetParent
GetQueueStatus
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetUpdateRect
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextW
GetWindowThreadProcessId
HideCaret
InvalidateRect
IsChild
IsIconic
IsWindowVisible
IsZoomed
KillTimer
LoadCursorW
LoadIconW
LoadImageW
MapVirtualKeyW
MessageBeep
MessageBoxW
MoveWindow
MsgWaitForMultipleObjectsEx
NotifyWinEvent
PeekMessageW
PostMessageW
PostThreadMessageW
RealGetWindowClassW
RegisterClassExW
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
ScreenToClient
SendMessageW
SetCapture
SetCaretPos
SetClipboardViewer
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetMenuItemInfoW
SetParent
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowWindow
SystemParametersInfoW
ToAscii
ToUnicode
TrackMouseEvent
TrackPopupMenuEx
TranslateMessage
UnhookWindowsHookEx
UnregisterClassW

winmm

PlaySoundW

ws2_32

WSAAsyncSelect
WSACleanup
WSAStartup
gethostname

Sections

.text
Size: 10.8MB - Virtual size: 10.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 63KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UEFITool/v3_payne_0_0.ffs
UEFITool/v3_payne_30_30.ffs
UEFITool/v3_payne_70_50.ffs
fparts.txt
idrvdll32e.DLL
.dll windows:4 windows x64 arch:x64

e2a594a09003b63a6b5406d3dbf1a45f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
GetLastError
CreateFileA
GetVersionExA
GetCurrentThreadId
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetProcAddress
GetModuleHandleA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
Sleep
HeapSetInformation
HeapCreate
HeapDestroy
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetFilePointer
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
LoadLibraryA
FlushFileBuffers
LCMapStringA
MultiByteToWideChar
LCMapStringW
SetStdHandle
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
VirtualProtect
GetSystemInfo
VirtualQuery

advapi32

CloseServiceHandle
ControlService
OpenSCManagerA
OpenServiceA
CreateServiceA
StartServiceA

Exports

Exports

IDRVDestroy
IDRVGetLastError
IDRVInit
IDRVInstallDriver
IDRVRemoveDriver

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 794B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mmtool/mmtool_a5.exe
.exe windows:4 windows x86 arch:x86

8d82ba7579d02f97b6cd1a4aa8efd710

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AllocConsole
LocalFree
SetCurrentDirectoryA
GetEnvironmentVariableA
GetCurrentDirectoryA
GetCommandLineW
CloseHandle
CreateFileA
FindResourceA
SizeofResource
LockResource
LoadResource
WideCharToMultiByte
GetEnvironmentVariableW
GetVersion
OpenEventA
FileTimeToLocalFileTime
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
InterlockedExchange
MultiByteToWideChar
GetTimeZoneInformation
GetLocaleInfoW
CreateFileW
GetConsoleOutputCP
WriteConsoleA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetDateFormatA
GetTimeFormatA
SetEnvironmentVariableW
SetEnvironmentVariableA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
LoadLibraryW
SetConsoleCtrlHandler
HeapCreate
HeapDestroy
HeapReAlloc
IsValidCodePage
GetACP
FatalAppExitA
SetHandleCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
ExitThread
CreateThread
ExitProcess
GetStartupInfoA
GetProcessHeap
HeapAlloc
HeapFree
GetCommandLineA
VirtualQuery
GetSystemInfo
IsDebuggerPresent
DebugBreak
RaiseException
IsBadReadPtr
HeapValidate
GetFileType
SetStdHandle
RtlUnwind
GetDiskFreeSpaceA
GetTempFileNameA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
FileTimeToSystemTime
SetFileAttributesA
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileAttributesA
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
GetOEMCP
GetCPInfo
GlobalFlags
GetProfileIntA
SetErrorMode
FindResourceExA
InterlockedDecrement
GetModuleFileNameW
GetAtomNameA
CreateEventA
SetEvent
WaitForSingleObject
lstrcmpA
GetCurrentThread
GetLocaleInfoA
ConvertDefaultLocale
EnumResourceLanguagesA
MulDiv
CopyFileA
GlobalSize
FormatMessageA
GetShortPathNameA
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
MoveFileA
GetFileSize
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
DuplicateHandle
GetHandleInformation
GetCurrentProcessId
GetModuleFileNameA
SuspendThread
ResumeThread
GetThreadPriority
SetThreadPriority
GetStdHandle
FreeResource
lstrcmpW
FreeLibrary
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
SetLastError
LoadLibraryA
GlobalAlloc
VirtualProtect
GlobalLock
GlobalUnlock
GlobalFree
GetProcAddress
VirtualFree
VirtualAlloc
FindFirstFileA
RemoveDirectoryA
FindNextFileA
FindClose
GetModuleHandleA
SetEndOfFile
DeleteFileA
CreateProcessA
GetExitCodeProcess
GetTempPathA
WriteFile
CreateDirectoryA
GetFileTime
SetFileTime
GetLastError
lstrlenA
lstrcmpiA
lstrcmpiW
GetStringTypeExA
GetStringTypeExW
lstrlenW
CompareStringA
CompareStringW

user32

GetSubMenu
GetMenuState
GetMenuStringA
AppendMenuA
InsertMenuA
GetMenuItemID
GetWindowThreadProcessId
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
OpenIcon
CloseWindow
LoadCursorA
PostThreadMessageA
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageA
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
GetLastActivePopup
FindWindowExA
FindWindowA
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExA
DlgDirSelectExA
DlgDirListComboBoxA
DlgDirListA
GetDesktopWindow
SetCapture
KillTimer
SetTimer
DrawCaption
DrawAnimatedRects
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
ValidateRect
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ClientToScreen
BringWindowToTop
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
IsZoomed
HiliteMenuItem
GetSystemMenu
DrawMenuBar
SetMenu
GetMenu
DragDetect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuItemCount
RegisterWindowMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
LoadIconA
SendDlgItemMessageA
GetClientRect
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetWindow
WinHelpA
TrackPopupMenuEx
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetKeyState
DestroyWindow
GetDlgCtrlID
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
UnhookWindowsHookEx
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
CharLowerW
MsgWaitForMultipleObjects
IsWindowUnicode
GetMessageW
DispatchMessageW
TabbedTextOutA
GetWindowRect
MapDialogRect
SetWindowPos
ShowWindow
PostMessageA
SetPropA
EnableWindow
GetCapture
GetActiveWindow
SetActiveWindow
GetPropA
SendMessageA
RemovePropA
GetAsyncKeyState
IsMenu
RemoveMenu
CreateDialogIndirectParamA
EndDialog
PostQuitMessage
TranslateMessage
GetMessageA
SubtractRect
UnionRect
InflateRect
SetRect
PtInRect
IsRectEmpty
CharLowerA
CharUpperW
CharUpperA
IsWindow
IsWindowEnabled
GetDlgItem
GetParent
SetFocus
GetFocus
GetWindowLongA
GetCursorPos
SetCursor
GetKeyNameTextA
MapVirtualKeyA
WindowFromDC
GetSysColorBrush
ExcludeUpdateRgn
FrameRect
InvertRect
DrawIcon
DrawStateA
DrawEdge
DrawFrameControl
DrawFocusRect
DrawTextA
DrawTextExA
GetTabbedTextExtentA
GrayStringA
ScrollDC
CreateMenu
CreatePopupMenu
DeleteMenu
CheckMenuItem
EnableMenuItem
SetMenuDefaultItem
GetMenuDefaultItem
GetMenuItemInfoA
SetMenuItemInfoA
InsertMenuItemA
ModifyMenuA
LoadMenuA
LoadMenuIndirectA
SetMenuContextHelpId
GetMenuContextHelpId
CheckMenuRadioItem
GetDialogBaseUnits
SetRectEmpty
ReleaseCapture
GetClipboardFormatNameA
UnpackDDElParam
DestroyMenu
LoadAcceleratorsA
TranslateAcceleratorA
ReuseDDElParam
WaitMessage
DestroyIcon
UnregisterClassA
SetMenuItemBitmaps
FillRect

gdi32

StrokePath
CloseMetaFile
CreateEnhMetaFileA
CloseEnhMetaFile
ExtTextOutA
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
GetObjectA
CreateBitmap
CopyMetaFileA
CreateDCA
GetDeviceCaps
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
DeleteObject
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
UnrealizeObject
CreatePenIndirect
CreateBrushIndirect
CreateFontIndirectA
CreateFontA
CreateBitmapIndirect
SetBitmapBits
GetBitmapBits
SetBitmapDimensionEx
GetBitmapDimensionEx
CreateCompatibleBitmap
CreateDiscardableBitmap
CreatePalette
CreateHalftonePalette
GetPaletteEntries
SetPaletteEntries
AnimatePalette
GetNearestPaletteIndex
ResizePalette
CreateRectRgnIndirect
CreateEllipticRgn
CreateEllipticRgnIndirect
CreatePolygonRgn
CreatePolyPolygonRgn
CreateRoundRectRgn
PathToRegion
ExtCreateRegion
GetRegionData
SetRectRgn
CombineRgn
EqualRgn
OffsetRgn
GetRgnBox
PtInRegion
RectInRegion
CreateICA
CreateCompatibleDC
GetBrushOrgEx
SetBrushOrgEx
EnumObjects
GetNearestColor
RealizePalette
UpdateColors
GetBkColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetMapMode
GetGraphicsMode
GetWorldTransform
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
InvertRgn
PaintRgn
PtVisible
RectVisible
Arc
Polyline
Chord
Ellipse
Pie
Polygon
PolyPolygon
Rectangle
RoundRect
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
FloodFill
ExtFloodFill
TextOutA
GetTextExtentPoint32A
GetTextAlign
GetTextFaceA
GetTextMetricsA
GetTextCharacterExtra
GetCharWidthA
GetFontLanguageInfo
GetCharacterPlacementA
GetAspectRatioFilterEx
Escape
SetBoundsRect
GetBoundsRect
ResetDCA
GetOutlineTextMetricsA
GetCharABCWidthsA
GetFontData
GetKerningPairsA
GetGlyphOutlineA
StartDocA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
MaskBlt
PlgBlt
SetPixelV
AngleArc
GetArcDirection
PolyPolyline
GetColorAdjustment
GetCurrentObject
PolyBezier
DrawEscape
ExtEscape
GetCharABCWidthsFloatA
GetCharWidthFloatA
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
StretchDIBits
EnumFontFamiliesExA
PlayEnhMetaFile
GdiComment
WidenPath
CreateMetaFileA
StrokeAndFillPath
SetMiterLimit
GetPath
GetMiterLimit

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

OpenThreadToken
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegSetValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyA
SetFileSecurityA
GetFileSecurityA
SetThreadToken
RevertToSelf

shell32

ExtractIconA
DragAcceptFiles
SHGetFileInfoA
DragFinish
DragQueryFileA
CommandLineToArgvW

ole32

OleRun
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoDisconnectObject
ReleaseStgMedium
CoTaskMemAlloc
CoTreatAsClass
StringFromCLSID
CoRegisterClassObject
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
CoTaskMemFree
OleDuplicateData
CoCreateGuid
StringFromGUID2
CoRevokeClassObject
CoReleaseMarshalData
CoMarshalInterface
CreateStreamOnHGlobal
CoUnmarshalInterface
ReadClassStg

oleaut32

DosDateTimeToVariantTime
SysAllocString
VarBstrFromDate
VarDateFromStr
VarDecFromStr
VarBstrFromDec
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
VariantCopy
SafeArrayCreate
SafeArrayRedim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElemsize
SafeArrayGetDim
SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
VariantTimeToSystemTime
VarUdateFromDate
VarDateFromUdate
SystemTimeToVariantTime
LoadTypeLi

shlwapi

PathFindFileNameA
PathRemoveExtensionA
PathFindExtensionA
PathIsUNCA
PathStripToRootA

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 728KB - Virtual size: 725KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 4KB - Virtual size: 793B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12.6MB - Virtual size: 12.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pmxdll32e.DLL
.dll windows:4 windows x64 arch:x64

cc23bafd7af21ee60b382503894c3948

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

WaitForMultipleObjects
SetEvent
GetLastError
Sleep
SetThreadAffinityMask
GetCurrentThread
_local_unwind
CreateEventA
CreateSemaphoreA
CloseHandle
GetCurrentProcess
GetWindowsDirectoryA
GetVersionExA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
ReleaseSemaphore
__C_specific_handler
GetProcessAffinityMask
DeviceIoControl
ExitThread
GetCurrentThreadId
CreateThread
HeapAlloc
HeapFree
GetCommandLineA
GetProcessHeap
WriteFile
FlushFileBuffers
DeleteCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
ExitProcess
GetProcAddress
GetModuleHandleA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
UnhandledExceptionFilter
HeapSetInformation
HeapCreate
HeapDestroy
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
SetFilePointer
RaiseException
SetStdHandle
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
VirtualProtect
GetSystemInfo
VirtualQuery

idrvdll32e

IDRVGetLastError
IDRVInstallDriver
IDRVRemoveDriver
IDRVInit

winmm

timeGetTime
timeEndPeriod
timeBeginPeriod

Exports

Exports

PMxAllocatePhys
PMxCPUID
PMxDestroy
PMxFreePhys
PMxGetLastError
PMxINV
PMxIO
PMxInit
PMxLinLock
PMxLinUnlock
PMxMP3
PMxMapPhys
PMxPCI
PMxRDCR
PMxRDCR64
PMxRDDR
PMxRDDR64
PMxRDIDT
PMxRDMSR
PMxRDPAGE
PMxRDPAGE64
PMxRDSEL
PMxUnmapPhys
PMxWRCR
PMxWRCR64
PMxWRDR
PMxWRDR64
PMxWRIDT
PMxWRMSR
PMxWRMSRDirect
PMxWRPAGE
PMxWRPAGE64
PMxWRSEL

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f33b8e3f17abf9dbb148477ede548f6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Sections

.text Size: 660KB - Virtual size: 656KB

.rdata Size: 136KB - Virtual size: 132KB

.data Size: 20KB - Virtual size: 146KB

.rsrc Size: 10.6MB - Virtual size: 10.6MB

e569e6f445d32ba23766ad67d1e3787f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comctl32

version

user32

oleaut32

netapi32

advapi32

Exports

Exports

Sections

.text Size: 718KB - Virtual size: 718KB

.itext Size: 6KB - Virtual size: 5KB

.data Size: 14KB - Virtual size: 13KB

.bss Size: - Virtual size: 27KB

.idata Size: 4KB - Virtual size: 3KB

.didata Size: 512B - Virtual size: 420B

.edata Size: 512B - Virtual size: 154B

.tls Size: - Virtual size: 24B

.rdata Size: 512B - Virtual size: 93B

.rsrc Size: 50KB - Virtual size: 50KB

237926d25b6ee694a3400bdc5eb5da43

Headers

File Characteristics

Imports

advapi32

gdi32

imm32

kernel32

msvcrt

ole32

oleaut32

opengl32

shell32

user32

winmm

ws2_32

Sections

.text Size: 10.8MB - Virtual size: 10.8MB

.data Size: 22KB - Virtual size: 21KB

.rdata Size: 3.1MB - Virtual size: 3.1MB

.qtmetad Size: 2KB - Virtual size: 2KB

.eh_fram Size: 2.1MB - Virtual size: 2.1MB

.bss Size: - Virtual size: 63KB

.idata Size: 16KB - Virtual size: 15KB

.CRT Size: 512B - Virtual size: 56B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 33KB - Virtual size: 32KB

e2a594a09003b63a6b5406d3dbf1a45f

Headers

File Characteristics

Imports

.text
Size: 660KB - Virtual size: 656KB

.rdata
Size: 136KB - Virtual size: 132KB

.data
Size: 20KB - Virtual size: 146KB

.rsrc
Size: 10.6MB - Virtual size: 10.6MB

.text
Size: 718KB - Virtual size: 718KB

.itext
Size: 6KB - Virtual size: 5KB

.data
Size: 14KB - Virtual size: 13KB

.bss
Size: - Virtual size: 27KB

.idata
Size: 4KB - Virtual size: 3KB

.didata
Size: 512B - Virtual size: 420B

.edata
Size: 512B - Virtual size: 154B

.tls
Size: - Virtual size: 24B

.rdata
Size: 512B - Virtual size: 93B

.rsrc
Size: 50KB - Virtual size: 50KB

.text
Size: 10.8MB - Virtual size: 10.8MB

.data
Size: 22KB - Virtual size: 21KB

.rdata
Size: 3.1MB - Virtual size: 3.1MB

.qtmetad
Size: 2KB - Virtual size: 2KB

.eh_fram
Size: 2.1MB - Virtual size: 2.1MB

.bss
Size: - Virtual size: 63KB

.idata
Size: 16KB - Virtual size: 15KB

.CRT
Size: 512B - Virtual size: 56B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 33KB - Virtual size: 32KB

.text
Size: 39KB - Virtual size: 38KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 6KB - Virtual size: 30KB

.pdata
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 794B

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 728KB - Virtual size: 725KB

.data
Size: 20KB - Virtual size: 63KB

.idata
Size: 24KB - Virtual size: 21KB

.didat
Size: 4KB - Virtual size: 793B

.rsrc
Size: 12.6MB - Virtual size: 12.6MB

.text
Size: 53KB - Virtual size: 52KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 33KB - Virtual size: 6.2MB

.pdata
Size: 2KB - Virtual size: 2KB

text
Size: 512B - Virtual size: 48B

.reloc
Size: 3KB - Virtual size: 3KB