kernel32.pdb
Overview
overview
7Static
static
7密保管�...ox.exe
windows7-x64
7密保管�...ox.exe
windows10-2004-x64
7密保管�...32.dll
windows7-x64
1密保管�...32.dll
windows10-2004-x64
1密保管�...pi.dll
windows7-x64
1密保管�...pi.dll
windows10-2004-x64
1密保管�...et.dll
windows7-x64
1密保管�...et.dll
windows10-2004-x64
1密保管�...��.url
windows7-x64
1密保管�...��.url
windows10-2004-x64
1密保管�...��.url
windows7-x64
1密保管�...��.url
windows10-2004-x64
1密保管�...��.url
windows7-x64
1密保管�...��.url
windows10-2004-x64
1Behavioral task
behavioral1
Sample
密保管家/PPBox.exe
Resource
win7-20240704-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
密保管家/PPBox.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral3
Sample
密保管家/kernel32.dll
Resource
win7-20240705-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral4
Sample
密保管家/kernel32.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral5
Sample
密保管家/shlwapi.dll
Resource
win7-20240708-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral6
Sample
密保管家/shlwapi.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral7
Sample
密保管家/wininet.dll
Resource
win7-20240705-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral8
Sample
密保管家/wininet.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral9
Sample
密保管家/安全报告V2.5版.url
Resource
win7-20240704-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral10
Sample
密保管家/安全报告V2.5版.url
Resource
win10v2004-20240709-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral11
Sample
密保管家/官方网站.url
Resource
win7-20240704-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral12
Sample
密保管家/官方网站.url
Resource
win10v2004-20240709-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral13
Sample
密保管家/新云软件.url
Resource
win7-20240705-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral14
Sample
密保管家/新云软件.url
Resource
win10v2004-20240709-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
40edc27abf52fccee0f75dfce5a43451_JaffaCakes118
-
Size
1.7MB
-
MD5
40edc27abf52fccee0f75dfce5a43451
-
SHA1
e92e0b8beb1e48ebfab9ecf1540f70653a9c352a
-
SHA256
b35dfdcab06b122e53b9474d28c3d54f2ff40fe1e5f8b5af655a727a96617595
-
SHA512
c9848d2c48767cf871bf6dab63f5cf7a01c3199344601071cf6134942e3002f481649eb507b7120f4e26f35dd66100d98ad2939494c753051d36bd5cfc3b1f0e
-
SSDEEP
49152:6eb5+xslWf9BdGsKAjK1GxPn0VJa1TxRwCovPub3:1ub8XA+gya1MdPm3
Score
7/10
Malware Config
Signatures
-
resource yara_rule static1/unpack001/密保管家/PPBox.exe upx -
Unsigned PE 4 IoCs
Checks for missing Authenticode signature.
resource unpack001/密保管家/PPBox.exe unpack001/密保管家/kernel32.dll unpack001/密保管家/shlwapi.dll unpack001/密保管家/wininet.dll
Files
-
40edc27abf52fccee0f75dfce5a43451_JaffaCakes118.rar
-
密保管家/Desktop.ini
-
密保管家/PPBox.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 1.3MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 545KB - Virtual size: 548KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 38KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
密保管家/help.mht.eml
-
http://sighttp.qq.com/authd?IDKEY=9d7240319547fd37e82991dd3762b4c89ec3c44b6f56f95f
-
http://www.ksjcf.com/
-
-
attachment-14.gif
-
email-html-1.txt.html
-
密保管家/kernel32.dll.dll windows:5 windows x86 arch:x86
acf57332eed5cdcdbd0cad6f75b825b3
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
ntdll
_wcsnicmp
NtFsControlFile
NtCreateFile
RtlAllocateHeap
RtlFreeHeap
NtOpenFile
NtQueryInformationFile
NtQueryEaFile
RtlLengthSecurityDescriptor
NtQuerySecurityObject
NtSetEaFile
NtSetSecurityObject
NtSetInformationFile
CsrClientCallServer
NtDeviceIoControlFile
NtClose
RtlInitUnicodeString
wcscspn
RtlUnicodeToMultiByteSize
wcslen
_memicmp
memmove
NtQueryValueKey
NtOpenKey
NtFlushKey
NtSetValueKey
NtCreateKey
RtlNtStatusToDosError
RtlFreeUnicodeString
RtlDnsHostNameToComputerName
wcsncpy
RtlUnicodeStringToAnsiString
RtlxUnicodeStringToAnsiSize
NlsMbCodePageTag
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlCreateUnicodeStringFromAsciiz
wcschr
wcsstr
RtlPrefixString
_wcsicmp
RtlGetFullPathName_U
RtlGetCurrentDirectory_U
NtQueryInformationProcess
RtlUnicodeStringToOemString
RtlReleasePebLock
RtlEqualUnicodeString
RtlAcquirePebLock
RtlFreeAnsiString
RtlSetCurrentDirectory_U
RtlTimeToTimeFields
NtSetSystemTime
RtlTimeFieldsToTime
NtQuerySystemInformation
RtlSetTimeZoneInformation
NtSetSystemInformation
RtlCutoverTimeToSystemTime
_allmul
NtEnumerateKey
RtlOpenCurrentUser
RtlQueryRegistryValues
_itow
DbgBreakPoint
RtlFreeSid
RtlSetDaclSecurityDescriptor
RtlCreateSecurityDescriptor
RtlAddAccessAllowedAce
RtlCreateAcl
RtlLengthSid
RtlAllocateAndInitializeSid
DbgPrint
NtOpenProcess
CsrGetProcessId
DbgUiDebugActiveProcess
DbgUiConnectToDbg
DbgUiIssueRemoteBreakin
NtSetInformationDebugObject
DbgUiGetThreadDebugObject
NtQueryInformationThread
DbgUiConvertStateChangeStructure
DbgUiWaitStateChange
DbgUiContinue
DbgUiStopDebugging
RtlDosPathNameToNtPathName_U
RtlIsDosDeviceName_U
RtlCreateAtomTable
NtAddAtom
RtlAddAtomToAtomTable
NtFindAtom
RtlLookupAtomInAtomTable
NtDeleteAtom
RtlDeleteAtomFromAtomTable
NtQueryInformationAtom
RtlQueryAtomInAtomTable
RtlOemStringToUnicodeString
RtlMultiByteToUnicodeN
RtlUnicodeToMultiByteN
RtlMultiByteToUnicodeSize
RtlPrefixUnicodeString
RtlLeaveCriticalSection
RtlEnterCriticalSection
NtEnumerateValueKey
RtlIsTextUnicode
NtReadFile
NtAllocateVirtualMemory
NtUnlockFile
NtLockFile
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
RtlCopyUnicodeString
NtFreeVirtualMemory
NtWriteFile
RtlCreateUnicodeString
RtlFormatCurrentUserKeyPath
RtlGetLongestNtPathLength
NtDuplicateObject
NtQueryKey
NtDeleteValueKey
RtlEqualString
CsrFreeCaptureBuffer
CsrCaptureMessageString
CsrAllocateCaptureBuffer
strncpy
RtlCharToInteger
RtlUpcaseUnicodeChar
RtlUpcaseUnicodeString
CsrAllocateMessagePointer
NtQueryObject
wcscmp
RtlCompareMemory
NtQueryDirectoryObject
NtQuerySymbolicLinkObject
NtOpenSymbolicLinkObject
NtOpenDirectoryObject
NtCreateIoCompletion
NtSetIoCompletion
NtRemoveIoCompletion
NtSetInformationProcess
NtQueryDirectoryFile
RtlDeleteCriticalSection
NtNotifyChangeDirectoryFile
NtWaitForSingleObject
RtlInitializeCriticalSection
NtQueryVolumeInformationFile
NtFlushBuffersFile
RtlDeactivateActivationContextUnsafeFast
RtlActivateActivationContextUnsafeFast
NtCancelIoFile
NtReadFileScatter
NtWriteFileGather
wcscpy
NtOpenSection
NtMapViewOfSection
NtFlushVirtualMemory
RtlFlushSecureMemoryCache
NtUnmapViewOfSection
NtCreateSection
NtQueryFullAttributesFile
swprintf
NtQueryAttributesFile
RtlDetermineDosPathNameType_U
NtRaiseHardError
NtQuerySystemEnvironmentValueEx
RtlGUIDFromString
NtSetSystemEnvironmentValueEx
RtlInitString
RtlUnlockHeap
RtlSetUserValueHeap
RtlFreeHandle
RtlAllocateHandle
RtlLockHeap
RtlSizeHeap
RtlGetUserInfoHeap
RtlReAllocateHeap
RtlIsValidHandle
RtlCompactHeap
RtlImageNtHeader
NtProtectVirtualMemory
NtQueryVirtualMemory
NtLockVirtualMemory
NtUnlockVirtualMemory
NtFlushInstructionCache
NtAllocateUserPhysicalPages
NtFreeUserPhysicalPages
NtMapUserPhysicalPages
NtMapUserPhysicalPagesScatter
NtGetWriteWatch
NtResetWriteWatch
NtSetInformationObject
CsrNewThread
CsrClientConnectToServer
RtlCreateTagHeap
LdrSetDllManifestProber
RtlSetThreadPoolStartFunc
RtlEncodePointer
_stricmp
wcscat
RtlCreateHeap
RtlDestroyHeap
RtlExtendHeap
RtlQueryTagHeap
RtlUsageHeap
RtlValidateHeap
RtlGetProcessHeaps
RtlWalkHeap
RtlSetHeapInformation
RtlQueryHeapInformation
RtlInitializeHandleTable
RtlExtendedLargeIntegerDivide
NtCreateMailslotFile
RtlFormatMessage
RtlFindMessage
LdrUnloadDll
LdrUnloadAlternateResourceModule
LdrDisableThreadCalloutsForDll
strchr
LdrGetDllHandle
LdrUnlockLoaderLock
LdrAddRefDll
RtlComputePrivatizedDllName_U
RtlPcToFileHeader
LdrLockLoaderLock
RtlGetVersion
RtlVerifyVersionInfo
LdrEnumerateLoadedModules
RtlUnicodeStringToInteger
LdrLoadAlternateResourceModule
RtlDosApplyFileIsolationRedirection_Ustr
LdrLoadDll
LdrGetProcedureAddress
LdrFindResource_U
LdrAccessResource
LdrFindResourceDirectory_U
RtlImageDirectoryEntryToData
_strcmpi
NtSetInformationThread
NtOpenThreadToken
NtCreateNamedPipeFile
RtlDefaultNpAcl
RtlDosSearchPath_Ustr
RtlInitUnicodeStringEx
RtlQueryEnvironmentVariable_U
RtlAnsiCharToUnicodeChar
RtlIntegerToChar
NtSetVolumeInformationFile
RtlIsNameLegalDOS8Dot3
NtQueryPerformanceCounter
sprintf
NtPowerInformation
NtInitiatePowerAction
NtSetThreadExecutionState
NtRequestWakeupLatency
NtGetDevicePowerState
NtIsSystemResumeAutomatic
NtRequestDeviceWakeup
NtCancelDeviceWakeupRequest
NtWriteVirtualMemory
LdrShutdownProcess
NtTerminateProcess
RtlRaiseStatus
RtlSetEnvironmentVariable
RtlExpandEnvironmentStrings_U
NtReadVirtualMemory
RtlCompareUnicodeString
NtCreateJobSet
NtCreateJobObject
NtIsProcessInJob
RtlEqualSid
RtlSubAuthoritySid
RtlInitializeSid
NtQueryInformationToken
NtOpenProcessToken
NtResumeThread
NtAssignProcessToJobObject
CsrCaptureMessageMultiUnicodeStringsInPlace
NtCreateThread
NtCreateProcessEx
LdrQueryImageFileExecutionOptions
RtlDestroyEnvironment
NtQuerySection
NtQueryInformationJobObject
RtlGetNativeSystemInformation
RtlxAnsiStringToUnicodeSize
NtOpenEvent
NtQueryEvent
NtTerminateThread
wcsrchr
NlsMbOemCodePageTag
RtlxUnicodeStringToOemSize
NtAdjustPrivilegesToken
RtlImpersonateSelf
wcsncmp
RtlDestroyProcessParameters
RtlCreateProcessParameters
RtlInitializeCriticalSectionAndSpinCount
NtSetEvent
NtClearEvent
NtPulseEvent
NtCreateSemaphore
NtOpenSemaphore
NtReleaseSemaphore
NtCreateMutant
NtOpenMutant
NtReleaseMutant
NtSignalAndWaitForSingleObject
NtWaitForMultipleObjects
NtDelayExecution
NtCreateTimer
NtOpenTimer
NtSetTimer
NtCancelTimer
NtCreateEvent
RtlCopyLuid
strrchr
_vsnwprintf
RtlReleaseActivationContext
RtlActivateActivationContextEx
RtlQueryInformationActivationContext
NtOpenThread
LdrShutdownThread
RtlFreeThreadActivationContextStack
NtGetContextThread
NtSetContextThread
NtSuspendThread
RtlRaiseException
RtlDecodePointer
towlower
RtlClearBits
RtlFindClearBitsAndSet
RtlAreBitsSet
NtQueueApcThread
NtYieldExecution
RtlRegisterWait
RtlDeregisterWait
RtlDeregisterWaitEx
RtlQueueWorkItem
RtlSetIoCompletionCallback
RtlCreateTimerQueue
RtlCreateTimer
RtlUpdateTimer
RtlDeleteTimer
RtlDeleteTimerQueueEx
CsrIdentifyAlertableThread
RtlApplicationVerifierStop
_alloca_probe
RtlDestroyQueryDebugBuffer
RtlQueryProcessDebugInformation
RtlCreateQueryDebugBuffer
RtlCreateEnvironment
RtlFreeOemString
strstr
toupper
isdigit
atol
tolower
NtOpenJobObject
NtTerminateJobObject
NtSetInformationJobObject
RtlAddRefActivationContext
RtlZombifyActivationContext
RtlActivateActivationContext
RtlDeactivateActivationContext
RtlGetActiveActivationContext
DbgPrintEx
LdrDestroyOutOfProcessImage
LdrAccessOutOfProcessResource
LdrFindCreateProcessManifest
LdrCreateOutOfProcessImage
RtlNtStatusToDosErrorNoTeb
RtlpApplyLengthFunction
RtlGetLengthWithoutLastFullDosOrNtPathElement
RtlpEnsureBufferSize
RtlMultiAppendUnicodeStringBuffer
_snwprintf
RtlCreateActivationContext
RtlFindActivationContextSectionString
RtlFindActivationContextSectionGuid
_allshl
RtlNtPathNameToDosPathName
RtlUnhandledExceptionFilter
CsrCaptureMessageBuffer
NtQueryInstallUILanguage
NtQueryDefaultUILanguage
wcspbrk
RtlGetDaclSecurityDescriptor
NtCreateDirectoryObject
_wcslwr
_wtol
RtlIntegerToUnicodeString
NtQueryDefaultLocale
_strlwr
RtlUnwind
Exports
Exports
ActivateActCtx
AddAtomA
AddAtomW
AddConsoleAliasA
AddConsoleAliasW
AddLocalAlternateComputerNameA
AddLocalAlternateComputerNameW
AddRefActCtx
AddVectoredExceptionHandler
AllocConsole
AllocateUserPhysicalPages
AreFileApisANSI
AssignProcessToJobObject
AttachConsole
BackupRead
BackupSeek
BackupWrite
BaseCheckAppcompatCache
BaseCleanupAppcompatCache
BaseCleanupAppcompatCacheSupport
BaseDumpAppcompatCache
BaseFlushAppcompatCache
BaseInitAppcompatCache
BaseInitAppcompatCacheSupport
BaseProcessInitPostImport
BaseQueryModuleData
BaseUpdateAppcompatCache
BasepCheckWinSaferRestrictions
Beep
BeginUpdateResourceA
BeginUpdateResourceW
BindIoCompletionCallback
BuildCommDCBA
BuildCommDCBAndTimeoutsA
BuildCommDCBAndTimeoutsW
BuildCommDCBW
CallNamedPipeA
CallNamedPipeW
CancelDeviceWakeupRequest
CancelIo
CancelTimerQueueTimer
CancelWaitableTimer
ChangeTimerQueueTimer
CheckNameLegalDOS8Dot3A
CheckNameLegalDOS8Dot3W
CheckRemoteDebuggerPresent
ClearCommBreak
ClearCommError
CloseConsoleHandle
CloseHandle
CloseProfileUserMapping
CmdBatNotification
CommConfigDialogA
CommConfigDialogW
CompareFileTime
CompareStringA
CompareStringW
ConnectNamedPipe
ConsoleMenuControl
ContinueDebugEvent
ConvertDefaultLocale
ConvertFiberToThread
ConvertThreadToFiber
CopyFileA
CopyFileExA
CopyFileExW
CopyFileW
CopyLZFile
CreateActCtxA
CreateActCtxW
CreateConsoleScreenBuffer
CreateDirectoryA
CreateDirectoryExA
CreateDirectoryExW
CreateDirectoryW
CreateEventA
CreateEventW
CreateFiber
CreateFiberEx
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateHardLinkA
CreateHardLinkW
CreateIoCompletionPort
CreateJobObjectA
CreateJobObjectW
CreateJobSet
CreateMailslotA
CreateMailslotW
CreateMemoryResourceNotification
CreateMutexA
CreateMutexW
CreateNamedPipeA
CreateNamedPipeW
CreateNlsSecurityDescriptor
CreatePipe
CreateProcessA
CreateProcessInternalA
CreateProcessInternalW
CreateProcessInternalWSecure
CreateProcessW
CreateRemoteThread
CreateSemaphoreA
CreateSemaphoreW
CreateSocketHandle
CreateTapePartition
CreateThread
CreateTimerQueue
CreateTimerQueueTimer
CreateToolhelp32Snapshot
CreateVirtualBuffer
CreateWaitableTimerA
CreateWaitableTimerW
DeactivateActCtx
DebugActiveProcess
DebugActiveProcessStop
DebugBreak
DebugBreakProcess
DebugSetProcessKillOnExit
DecodePointer
DecodeSystemPointer
DefineDosDeviceA
DefineDosDeviceW
DelayLoadFailureHook
DeleteAtom
DeleteCriticalSection
DeleteFiber
DeleteFileA
DeleteFileW
DeleteTimerQueue
DeleteTimerQueueEx
DeleteTimerQueueTimer
DeleteVolumeMountPointA
DeleteVolumeMountPointW
DeviceIoControl
DisableThreadLibraryCalls
DisconnectNamedPipe
DnsHostnameToComputerNameA
DnsHostnameToComputerNameW
DosDateTimeToFileTime
DosPathToSessionPathA
DosPathToSessionPathW
DuplicateConsoleHandle
DuplicateHandle
EncodePointer
EncodeSystemPointer
EndUpdateResourceA
EndUpdateResourceW
EnterCriticalSection
EnumCalendarInfoA
EnumCalendarInfoExA
EnumCalendarInfoExW
EnumCalendarInfoW
EnumDateFormatsA
EnumDateFormatsExA
EnumDateFormatsExW
EnumDateFormatsW
EnumLanguageGroupLocalesA
EnumLanguageGroupLocalesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceNamesA
EnumResourceNamesW
EnumResourceTypesA
EnumResourceTypesW
EnumSystemCodePagesA
EnumSystemCodePagesW
EnumSystemGeoID
EnumSystemLanguageGroupsA
EnumSystemLanguageGroupsW
EnumSystemLocalesA
EnumSystemLocalesW
EnumTimeFormatsA
EnumTimeFormatsW
EnumUILanguagesA
EnumUILanguagesW
EnumerateLocalComputerNamesA
EnumerateLocalComputerNamesW
EraseTape
EscapeCommFunction
ExitProcess
ExitThread
ExitVDM
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
ExpungeConsoleCommandHistoryA
ExpungeConsoleCommandHistoryW
ExtendVirtualBuffer
FatalAppExitA
FatalAppExitW
FatalExit
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FillConsoleOutputCharacterW
FindActCtxSectionGuid
FindActCtxSectionStringA
FindActCtxSectionStringW
FindAtomA
FindAtomW
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstChangeNotificationW
FindFirstFileA
FindFirstFileExA
FindFirstFileExW
FindFirstFileW
FindFirstVolumeA
FindFirstVolumeMountPointA
FindFirstVolumeMountPointW
FindFirstVolumeW
FindNextChangeNotification
FindNextFileA
FindNextFileW
FindNextVolumeA
FindNextVolumeMountPointA
FindNextVolumeMountPointW
FindNextVolumeW
FindResourceA
FindResourceExA
FindResourceExW
FindResourceW
FindVolumeClose
FindVolumeMountPointClose
FlushConsoleInputBuffer
FlushFileBuffers
FlushInstructionCache
FlushViewOfFile
FoldStringA
FoldStringW
FormatMessageA
FormatMessageW
FreeConsole
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
FreeResource
FreeUserPhysicalPages
FreeVirtualBuffer
GenerateConsoleCtrlEvent
GetACP
GetAtomNameA
GetAtomNameW
GetBinaryType
GetBinaryTypeA
GetBinaryTypeW
GetCPFileNameFromRegistry
GetCPInfo
GetCPInfoExA
GetCPInfoExW
GetCalendarInfoA
GetCalendarInfoW
GetComPlusPackageInstallStatus
GetCommConfig
GetCommMask
GetCommModemStatus
GetCommProperties
GetCommState
GetCommTimeouts
GetCommandLineA
GetCommandLineW
GetCompressedFileSizeA
GetCompressedFileSizeW
GetComputerNameA
GetComputerNameExA
GetComputerNameExW
GetComputerNameW
GetConsoleAliasA
GetConsoleAliasExesA
GetConsoleAliasExesLengthA
GetConsoleAliasExesLengthW
GetConsoleAliasExesW
GetConsoleAliasW
GetConsoleAliasesA
GetConsoleAliasesLengthA
GetConsoleAliasesLengthW
GetConsoleAliasesW
GetConsoleCP
GetConsoleCharType
GetConsoleCommandHistoryA
GetConsoleCommandHistoryLengthA
GetConsoleCommandHistoryLengthW
GetConsoleCommandHistoryW
GetConsoleCursorInfo
GetConsoleCursorMode
GetConsoleDisplayMode
GetConsoleFontInfo
GetConsoleFontSize
GetConsoleHardwareState
GetConsoleInputExeNameA
GetConsoleInputExeNameW
GetConsoleInputWaitHandle
GetConsoleKeyboardLayoutNameA
GetConsoleKeyboardLayoutNameW
GetConsoleMode
GetConsoleNlsMode
GetConsoleOutputCP
GetConsoleProcessList
GetConsoleScreenBufferInfo
GetConsoleSelectionInfo
GetConsoleTitleA
GetConsoleTitleW
GetConsoleWindow
GetCurrencyFormatA
GetCurrencyFormatW
GetCurrentActCtx
GetCurrentConsoleFont
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDateFormatW
GetDefaultCommConfigA
GetDefaultCommConfigW
GetDefaultSortkeySize
GetDevicePowerState
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDllDirectoryA
GetDllDirectoryW
GetDriveTypeA
GetDriveTypeW
GetEnvironmentStrings
GetEnvironmentStringsA
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetExitCodeProcess
GetExitCodeThread
GetExpandedNameA
GetExpandedNameW
GetFileAttributesA
GetFileAttributesExA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFirmwareEnvironmentVariableA
GetFirmwareEnvironmentVariableW
GetFullPathNameA
GetFullPathNameW
GetGeoInfoA
GetGeoInfoW
GetHandleContext
GetHandleInformation
GetLargestConsoleWindowSize
GetLastError
GetLinguistLangSize
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDriveStringsA
GetLogicalDriveStringsW
GetLogicalDrives
GetLogicalProcessorInformation
GetLongPathNameA
GetLongPathNameW
GetMailslotInfo
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetNamedPipeHandleStateA
GetNamedPipeHandleStateW
GetNamedPipeInfo
GetNativeSystemInfo
GetNextVDMCommand
GetNlsSectionName
GetNumaAvailableMemory
GetNumaAvailableMemoryNode
GetNumaHighestNodeNumber
GetNumaNodeProcessorMask
GetNumaProcessorMap
GetNumaProcessorNode
GetNumberFormatA
GetNumberFormatW
GetNumberOfConsoleFonts
GetNumberOfConsoleInputEvents
GetNumberOfConsoleMouseButtons
GetOEMCP
GetOverlappedResult
GetPriorityClass
GetPrivateProfileIntA
GetPrivateProfileIntW
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetPrivateProfileStructA
GetPrivateProfileStructW
GetProcAddress
GetProcessAffinityMask
GetProcessDEPPolicy
GetProcessHandleCount
GetProcessHeap
GetProcessHeaps
GetProcessId
GetProcessIoCounters
GetProcessPriorityBoost
GetProcessShutdownParameters
GetProcessTimes
GetProcessVersion
GetProcessWorkingSetSize
GetProfileIntA
GetProfileIntW
GetProfileSectionA
GetProfileSectionW
GetProfileStringA
GetProfileStringW
GetQueuedCompletionStatus
GetShortPathNameA
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeExA
GetStringTypeExW
GetStringTypeW
GetSystemDEPPolicy
GetSystemDefaultLCID
GetSystemDefaultLangID
GetSystemDefaultUILanguage
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemPowerStatus
GetSystemRegistryQuota
GetSystemTime
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetSystemTimes
GetSystemWindowsDirectoryA
GetSystemWindowsDirectoryW
GetSystemWow64DirectoryA
GetSystemWow64DirectoryW
GetTapeParameters
GetTapePosition
GetTapeStatus
GetTempFileNameA
GetTempFileNameW
GetTempPathA
GetTempPathW
GetThreadContext
GetThreadIOPendingFlag
GetThreadLocale
GetThreadPriority
GetThreadPriorityBoost
GetThreadSelectorEntry
GetThreadTimes
GetTickCount
GetTimeFormatA
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetUserDefaultUILanguage
GetUserGeoID
GetVDMCurrentDirectories
GetVersion
GetVersionExA
GetVersionExW
GetVolumeInformationA
GetVolumeInformationW
GetVolumeNameForVolumeMountPointA
GetVolumeNameForVolumeMountPointW
GetVolumePathNameA
GetVolumePathNameW
GetVolumePathNamesForVolumeNameA
GetVolumePathNamesForVolumeNameW
GetWindowsDirectoryA
GetWindowsDirectoryW
GetWriteWatch
GlobalAddAtomA
GlobalAddAtomW
GlobalAlloc
GlobalCompact
GlobalDeleteAtom
GlobalFindAtomA
GlobalFindAtomW
GlobalFix
GlobalFlags
Sections
.text Size: 524KB - Virtual size: 524KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 9KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 565KB - Virtual size: 564KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 23KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
密保管家/ksoft1.mdb
-
密保管家/mb.ico
-
密保管家/new.wav
-
密保管家/shlwapi.dll.dll windows:5 windows x86 arch:x86
3874baf26fd1a53b36c70fbf70c24eda
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
shlwapi.pdb
Imports
advapi32
RegCloseKey
GetCurrentHwProfileA
OpenThreadToken
RegEnumValueW
RegSetValueExW
RegSetValueW
RegSetValueA
RegQueryValueExW
RegQueryValueW
RegQueryValueA
RegQueryInfoKeyW
RegOpenKeyExW
RegOpenKeyW
RegDeleteKeyA
RegQueryInfoKeyA
RegDeleteValueA
RegEnumValueA
RegEnumKeyA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegQueryValueExA
GetTokenInformation
OpenProcessToken
GetAce
FreeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessDeniedAce
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
GetUserNameA
GetUserNameW
RegCreateKeyA
RegCreateKeyW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumKeyExW
RegOpenKeyA
RegOpenKeyExA
gdi32
EnumFontFamiliesA
EnumFontFamiliesW
EnumFontFamiliesExA
EnumFontFamiliesExW
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextFaceA
GetTextFaceW
GetCharacterPlacementA
GetCharacterPlacementW
CreateFontA
CreateFontW
CreateMetaFileA
CreateMetaFileW
StartDocA
StartDocW
GetTextExtentPointW
ExtTextOutA
GetDIBits
CreatePalette
GetSystemPaletteEntries
CreateCompatibleDC
DeleteObject
GetPaletteEntries
CreateHalftonePalette
GetStockObject
GetDeviceCaps
CreateBitmap
CreateCompatibleBitmap
SelectObject
GetTextExtentPointA
CreateFontIndirectA
CreateFontIndirectW
GetObjectA
GetObjectW
GetTextMetricsA
GetTextMetricsW
SetTextColor
SetBkMode
ExtTextOutW
SetBkColor
GetCharWidthA
GetCharWidth32W
CreateColorSpaceA
CreateColorSpaceW
CreateDCA
CreateDCW
CreateICA
DeleteDC
CreateICW
kernel32
GetWindowsDirectoryA
SetLastError
LeaveCriticalSection
FlushFileBuffers
WriteFile
SetFilePointer
CreateFileA
EnterCriticalSection
GetSystemTime
GetCurrentThreadId
GetTickCount
IsDBCSLeadByte
GetCPInfo
lstrcmpA
GetThreadLocale
CompareStringA
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
ExpandEnvironmentStringsA
GetFileAttributesA
SetErrorMode
GetFullPathNameA
SearchPathA
GetSystemDirectoryA
SetFileAttributesA
LCMapStringA
FindClose
FindNextFileA
FindFirstFileA
SetFileTime
GetEnvironmentVariableA
CreateEventW
EnumResourceNamesA
EnumResourceNamesW
FindNextFileW
SizeofResource
LockResource
LoadResource
FindResourceA
IsBadReadPtr
IsBadStringPtrW
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
CreateDirectoryA
CreateDirectoryW
CreateFileW
DeleteFileA
DeleteFileW
FindFirstFileW
DebugBreak
FormatMessageA
FormatMessageW
GetCurrentDirectoryA
GetCurrentDirectoryW
GetFileAttributesW
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameW
GetSystemDirectoryW
SearchPathW
GetModuleHandleA
GetModuleHandleW
SetFileAttributesW
GetNumberFormatA
GetNumberFormatW
GetFullPathNameW
GetShortPathNameA
GetShortPathNameW
GetStringTypeExA
GetStringTypeExW
GetPrivateProfileIntA
QueryPerformanceFrequency
GetProfileStringA
GetProfileStringW
GetTempFileNameA
GetTempFileNameW
GetTempPathA
GetTempPathW
GetWindowsDirectoryW
GetEnvironmentVariableW
LoadLibraryExA
LoadLibraryExW
CompareStringW
CopyFileA
CopyFileW
MoveFileA
MoveFileW
OpenEventA
OpenEventW
OutputDebugStringA
OutputDebugStringW
RemoveDirectoryA
RemoveDirectoryW
SetCurrentDirectoryA
SetCurrentDirectoryW
CreateMutexA
CreateMutexW
ExpandEnvironmentStringsW
CreateSemaphoreA
CreateSemaphoreW
LoadLibraryW
GetTimeFormatA
GetTimeFormatW
GetDateFormatA
GetDateFormatW
WritePrivateProfileStringA
WritePrivateProfileStringW
GetPrivateProfileStringA
GetPrivateProfileStringW
WritePrivateProfileStructA
WritePrivateProfileStructW
GetPrivateProfileStructA
GetPrivateProfileStructW
CreateProcessA
CreateProcessW
GlobalAddAtomA
GlobalAddAtomW
GlobalFindAtomA
GlobalFindAtomW
lstrcpyA
FreeLibrary
LCMapStringW
FileTimeToSystemTime
SystemTimeToFileTime
GetLocalTime
FileTimeToLocalFileTime
InterlockedIncrement
InterlockedDecrement
CompareFileTime
ReadFile
GetFileSize
TlsSetValue
TlsGetValue
GlobalMemoryStatus
GlobalDeleteAtom
GetProcessVersion
GetComputerNameW
GetCurrentThread
FreeLibraryAndExitThread
CreateThread
VirtualQuery
GetACP
GetUserDefaultLCID
IsBadWritePtr
InterlockedExchange
SetEndOfFile
GetFileInformationByHandle
LocalSize
SleepEx
QueueUserAPC
ExitThread
GetVersionExA
InterlockedCompareExchange
WaitForSingleObject
ReleaseSemaphore
OpenSemaphoreA
HeapDestroy
HeapAlloc
HeapCreate
DeviceIoControl
GetSystemPowerStatus
Sleep
RaiseException
GetPrivateProfileSectionW
WaitForMultipleObjectsEx
GetFileTime
lstrcmpW
QueryPerformanceCounter
lstrcpynA
LoadLibraryA
GetProcAddress
CreateEventA
SetEvent
GetModuleFileNameA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetCurrentProcessId
OpenProcess
GetCurrentProcess
CloseHandle
DuplicateHandle
lstrcmpiA
lstrlenA
lstrlenW
GetLastError
WideCharToMultiByte
MultiByteToWideChar
LocalReAlloc
LocalAlloc
LocalFree
DisableThreadLibraryCalls
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
TlsFree
GetPrivateProfileIntW
FindResourceW
GetFileAttributesExW
msvcrt
_adjust_fdiv
malloc
_initterm
free
_strlwr
_wtol
_except_handler3
wcslen
memmove
_vsnwprintf
_vsnprintf
user32
CreateAcceleratorTableW
CreateDialogIndirectParamA
CreateDialogIndirectParamW
CreateDialogParamA
CreateDialogParamW
DefWindowProcA
DefWindowProcW
DialogBoxIndirectParamA
DialogBoxIndirectParamW
DialogBoxParamA
DialogBoxParamW
DispatchMessageA
DispatchMessageW
GetClassLongW
GetMessageA
GetMessageW
GetWindowLongA
GetWindowLongW
GetWindowTextLengthA
GetWindowTextLengthW
IsDialogMessageA
IsDialogMessageW
LoadAcceleratorsA
LoadAcceleratorsW
LoadBitmapA
LoadBitmapW
LoadCursorA
LoadCursorW
LoadIconA
LoadIconW
CreateIconFromResource
CreateIconFromResourceEx
LookupIconIdFromDirectoryEx
LoadImageA
DeleteMenu
DestroyMenu
SystemParametersInfoA
DrawTextA
CopyRect
OffsetRect
GetSysColor
GetWindowThreadProcessId
IsWindow
TrackPopupMenu
TrackPopupMenuEx
LoadStringW
PeekMessageA
PeekMessageW
PostMessageA
PostMessageW
PostThreadMessageA
PostThreadMessageW
SetWindowLongA
SetWindowLongW
SetWindowsHookExA
SetWindowsHookExW
TranslateAcceleratorA
TranslateAcceleratorW
wvsprintfW
GetMenuItemInfoW
InsertMenuItemA
InsertMenuItemW
DdeInitializeA
DdeInitializeW
CharLowerW
CharToOemA
CharToOemW
CharUpperW
CreateWindowExA
CreateWindowExW
DrawTextW
FindWindowExA
FindWindowExW
GetClassInfoA
GetClassInfoW
GetClassNameW
GetClipboardFormatNameA
GetClipboardFormatNameW
MessageBoxA
MessageBoxW
GetPropA
GetPropW
GetWindowTextW
LoadImageW
CreateMenu
SetMenuContextHelpId
LoadMenuA
LoadMenuW
GetMenuStringA
GetMenuStringW
InsertMenuA
InsertMenuW
MessageBoxIndirectA
MessageBoxIndirectW
ModifyMenuA
ModifyMenuW
OemToCharA
OemToCharW
RegisterClassA
RegisterClassW
RegisterClipboardFormatA
RegisterClipboardFormatW
RegisterWindowMessageA
RegisterWindowMessageW
RemovePropA
RemovePropW
SendMessageTimeoutA
SendMessageW
SetPropA
SetPropW
SetWindowTextW
SystemParametersInfoW
UnregisterClassA
UnregisterClassW
VkKeyScanA
VkKeyScanW
WinHelpW
DrawTextExA
DrawTextExW
SetMenuItemInfoA
SetMenuItemInfoW
RegisterClassExA
RegisterClassExW
GetClassInfoExA
GetClassInfoExW
DdeCreateStringHandleA
DdeCreateStringHandleW
DdeQueryStringA
DdeQueryStringW
FindWindowW
SendDlgItemMessageW
SendMessageTimeoutW
DestroyAcceleratorTable
GetKeyState
SetParent
GetParent
RemoveMenu
GetSubMenu
EnumChildWindows
IsWindowUnicode
EnableMenuItem
CheckMenuItem
DeferWindowPos
MapWindowPoints
SendDlgItemMessageA
SetWindowPos
GetWindowRect
EndDeferWindowPos
BeginDeferWindowPos
EnableWindow
ShowWindow
SetFocus
IsDlgButtonChecked
EndDialog
MsgWaitForMultipleObjects
IsChild
GetMenuDefaultItem
CreatePopupMenu
SetCursor
FindWindowA
EnumWindows
TranslateMessage
UpdateWindow
InvalidateRect
EndPaint
BeginPaint
DrawFocusRect
GetFocus
ValidateRect
EqualRect
GetUpdateRect
GetDesktopWindow
BroadcastSystemMessage
CharNextW
CreateAcceleratorTableA
CopyAcceleratorTableW
CopyAcceleratorTableA
CharUpperBuffW
CharLowerBuffW
CallMsgFilterW
CallMsgFilterA
CallWindowProcW
CallWindowProcA
GetDlgItem
GetClientRect
SendMessageA
SetWindowTextA
CharUpperA
CharPrevA
GetDC
GetIconInfo
DrawIconEx
CreateIconIndirect
ReleaseDC
DestroyIcon
CharNextA
GetClassLongA
SetTimer
KillTimer
GetWindowTextA
GetClassNameA
GetSystemMetrics
GetMenuItemCount
GetMenuItemInfoA
WinHelpA
LoadStringA
Exports
Exports
AssocCreate
AssocGetPerceivedType
AssocIsDangerous
AssocQueryKeyA
AssocQueryKeyW
AssocQueryStringA
AssocQueryStringByKeyA
AssocQueryStringByKeyW
AssocQueryStringW
ChrCmpIA
ChrCmpIW
ColorAdjustLuma
ColorHLSToRGB
ColorRGBToHLS
DelayLoadFailureHook
DllGetVersion
GetAcceptLanguagesA
GetAcceptLanguagesW
GetMenuPosFromID
HashData
IntlStrEqWorkerA
IntlStrEqWorkerW
IsCharSpaceA
IsCharSpaceW
PathAddBackslashA
PathAddBackslashW
PathAddExtensionA
PathAddExtensionW
PathAppendA
PathAppendW
PathBuildRootA
PathBuildRootW
PathCanonicalizeA
PathCanonicalizeW
PathCombineA
PathCombineW
PathCommonPrefixA
PathCommonPrefixW
PathCompactPathA
PathCompactPathExA
PathCompactPathExW
PathCompactPathW
PathCreateFromUrlA
PathCreateFromUrlW
PathFileExistsA
PathFileExistsW
PathFindExtensionA
PathFindExtensionW
PathFindFileNameA
PathFindFileNameW
PathFindNextComponentA
PathFindNextComponentW
PathFindOnPathA
PathFindOnPathW
PathFindSuffixArrayA
PathFindSuffixArrayW
PathGetArgsA
PathGetArgsW
PathGetCharTypeA
PathGetCharTypeW
PathGetDriveNumberA
PathGetDriveNumberW
PathIsContentTypeA
PathIsContentTypeW
PathIsDirectoryA
PathIsDirectoryEmptyA
PathIsDirectoryEmptyW
PathIsDirectoryW
PathIsFileSpecA
PathIsFileSpecW
PathIsLFNFileSpecA
PathIsLFNFileSpecW
PathIsNetworkPathA
PathIsNetworkPathW
PathIsPrefixA
PathIsPrefixW
PathIsRelativeA
PathIsRelativeW
PathIsRootA
PathIsRootW
PathIsSameRootA
PathIsSameRootW
PathIsSystemFolderA
PathIsSystemFolderW
PathIsUNCA
PathIsUNCServerA
PathIsUNCServerShareA
PathIsUNCServerShareW
PathIsUNCServerW
PathIsUNCW
PathIsURLA
PathIsURLW
PathMakePrettyA
PathMakePrettyW
PathMakeSystemFolderA
PathMakeSystemFolderW
PathMatchSpecA
PathMatchSpecW
PathParseIconLocationA
PathParseIconLocationW
PathQuoteSpacesA
PathQuoteSpacesW
PathRelativePathToA
PathRelativePathToW
PathRemoveArgsA
PathRemoveArgsW
PathRemoveBackslashA
PathRemoveBackslashW
PathRemoveBlanksA
PathRemoveBlanksW
PathRemoveExtensionA
PathRemoveExtensionW
PathRemoveFileSpecA
PathRemoveFileSpecW
PathRenameExtensionA
PathRenameExtensionW
PathSearchAndQualifyA
PathSearchAndQualifyW
PathSetDlgItemPathA
PathSetDlgItemPathW
PathSkipRootA
PathSkipRootW
PathStripPathA
PathStripPathW
PathStripToRootA
PathStripToRootW
PathUnExpandEnvStringsA
PathUnExpandEnvStringsW
PathUndecorateA
PathUndecorateW
PathUnmakeSystemFolderA
PathUnmakeSystemFolderW
PathUnquoteSpacesA
PathUnquoteSpacesW
SHAllocShared
SHAutoComplete
SHCopyKeyA
SHCopyKeyW
SHCreateShellPalette
SHCreateStreamOnFileA
SHCreateStreamOnFileEx
SHCreateStreamOnFileW
SHCreateStreamWrapper
SHCreateThread
SHCreateThreadRef
SHDeleteEmptyKeyA
SHDeleteEmptyKeyW
SHDeleteKeyA
SHDeleteKeyW
SHDeleteOrphanKeyA
SHDeleteOrphanKeyW
SHDeleteValueA
SHDeleteValueW
SHEnumKeyExA
SHEnumKeyExW
SHEnumValueA
SHEnumValueW
SHFreeShared
SHGetInverseCMAP
SHGetThreadRef
SHGetValueA
SHGetValueW
SHGetViewStatePropertyBag
SHIsLowMemoryMachine
SHLoadIndirectString
SHLockShared
SHOpenRegStream2A
SHOpenRegStream2W
SHOpenRegStreamA
SHOpenRegStreamW
SHQueryInfoKeyA
SHQueryInfoKeyW
SHQueryValueExA
SHQueryValueExW
SHRegCloseUSKey
SHRegCreateUSKeyA
SHRegCreateUSKeyW
SHRegDeleteEmptyUSKeyA
SHRegDeleteEmptyUSKeyW
SHRegDeleteUSValueA
SHRegDeleteUSValueW
SHRegDuplicateHKey
SHRegEnumUSKeyA
SHRegEnumUSKeyW
SHRegEnumUSValueA
SHRegEnumUSValueW
SHRegGetBoolUSValueA
SHRegGetBoolUSValueW
SHRegGetPathA
SHRegGetPathW
SHRegGetUSValueA
SHRegGetUSValueW
SHRegGetValueA
SHRegGetValueW
SHRegOpenUSKeyA
SHRegOpenUSKeyW
SHRegQueryInfoUSKeyA
SHRegQueryInfoUSKeyW
SHRegQueryUSValueA
SHRegQueryUSValueW
SHRegSetPathA
SHRegSetPathW
SHRegSetUSValueA
SHRegSetUSValueW
SHRegWriteUSValueA
SHRegWriteUSValueW
SHRegisterValidateTemplate
SHReleaseThreadRef
SHSetThreadRef
SHSetValueA
SHSetValueW
SHSkipJunction
SHStrDupA
SHStrDupW
SHUnlockShared
StrCSpnA
StrCSpnIA
StrCSpnIW
StrCSpnW
StrCatBuffA
StrCatBuffW
StrCatChainW
StrCatW
StrChrA
StrChrIA
StrChrIW
StrChrNIW
StrChrNW
StrChrW
StrCmpCA
StrCmpCW
StrCmpICA
StrCmpICW
StrCmpIW
StrCmpLogicalW
StrCmpNA
StrCmpNIA
StrCmpNIW
StrCmpNW
StrCmpW
StrCpyNW
StrCpyW
StrDupA
StrDupW
StrFormatByteSize64A
StrFormatByteSizeA
StrFormatByteSizeW
StrFormatKBSizeA
StrFormatKBSizeW
StrFromTimeIntervalA
StrFromTimeIntervalW
StrIsIntlEqualA
StrIsIntlEqualW
StrNCatA
StrNCatW
StrPBrkA
StrPBrkW
StrRChrA
StrRChrIA
StrRChrIW
StrRChrW
StrRStrIA
StrRStrIW
StrRetToBSTR
StrRetToBufA
StrRetToBufW
StrRetToStrA
StrRetToStrW
StrSpnA
StrSpnW
StrStrA
StrStrIA
StrStrIW
StrStrNIW
StrStrNW
StrStrW
StrToInt64ExA
StrToInt64ExW
StrToIntA
StrToIntExA
StrToIntExW
StrToIntW
StrTrimA
StrTrimW
UrlApplySchemeA
UrlApplySchemeW
UrlCanonicalizeA
UrlCanonicalizeW
UrlCombineA
UrlCombineW
UrlCompareA
UrlCompareW
UrlCreateFromPathA
UrlCreateFromPathW
UrlEscapeA
UrlEscapeW
UrlGetLocationA
UrlGetLocationW
UrlGetPartA
UrlGetPartW
UrlHashA
UrlHashW
UrlIsA
UrlIsNoHistoryA
UrlIsNoHistoryW
UrlIsOpaqueA
UrlIsOpaqueW
UrlIsW
UrlUnescapeA
UrlUnescapeW
wnsprintfA
wnsprintfW
wvnsprintfA
wvnsprintfW
Sections
.text Size: 431KB - Virtual size: 430KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 22KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
密保管家/wininet.dll.dll windows:5 windows x86 arch:x86
b9075a73c1c0af544022cb1b875f75b0
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
wininet.pdb
Imports
advapi32
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegCreateKeyA
RegOpenKeyA
RegEnumKeyA
CryptGetProvParam
CryptSetProvParam
CryptAcquireContextA
CryptReleaseContext
RegDeleteValueA
OpenThreadToken
OpenProcessToken
GetTokenInformation
RegOpenKeyExW
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameA
OpenSCManagerA
EnumServicesStatusA
CloseServiceHandle
RegCreateKeyExW
crypt32
CertGetNameStringW
CryptDecodeObject
CertFindRDNAttr
CertRDNValueToStrA
CertControlStore
CertNameToStrA
CertCreateCertificateContext
CertGetCertificateContextProperty
CertFindCertificateInStore
CertSetCertificateContextProperty
CertOpenSystemStoreA
CertCloseStore
CertFindExtension
CertGetIntendedKeyUsage
CertDuplicateCertificateContext
CertFreeCertificateContext
CryptUnprotectData
kernel32
ExitThread
ExpandEnvironmentStringsA
SuspendThread
TerminateThread
GetACP
RtlMoveMemory
ResetEvent
CreateThread
Sleep
SetErrorMode
FormatMessageA
lstrcatA
SystemTimeToFileTime
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
TlsGetValue
TlsAlloc
GetCurrentThreadId
TlsFree
TlsSetValue
WaitForMultipleObjects
GetTimeFormatA
lstrcpyA
InterlockedCompareExchange
GetCurrentThread
GetCurrentProcess
IsDBCSLeadByte
IsBadReadPtr
GlobalAlloc
GlobalFree
IsBadStringPtrW
DeleteFileA
IsBadCodePtr
IsBadWritePtr
SleepEx
GetModuleFileNameA
GetSystemTime
WritePrivateProfileStringA
WriteFile
SetFilePointer
ReadFile
FileTimeToSystemTime
LocalReAlloc
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LocalAlloc
GetFileTime
ReleaseSemaphore
CreateSemaphoreA
LocalFileTimeToFileTime
MoveFileA
MoveFileExA
GetVersion
CompareStringA
GetFileAttributesA
GetEnvironmentVariableA
GetWindowsDirectoryA
RemoveDirectoryA
GetShortPathNameA
FileTimeToDosDateTime
SetFileAttributesA
GetPrivateProfileStringA
SetFileTime
CreateDirectoryA
CopyFileA
DeviceIoControl
GetDiskFreeSpaceA
FindClose
FindNextFileA
FindFirstFileA
DosDateTimeToFileTime
FlushViewOfFile
UnmapViewOfFile
MapViewOfFileEx
CreateFileMappingA
OpenFileMappingA
SetEndOfFile
LoadLibraryExA
GetUserDefaultLCID
HeapFree
HeapAlloc
GetProcessHeap
GetComputerNameA
LoadLibraryW
GlobalUnlock
GlobalLock
GlobalSize
lstrcpynW
InitializeCriticalSectionAndSpinCount
GetDateFormatA
WaitForSingleObject
GetProcAddress
LoadLibraryA
lstrcmpiA
GetLastError
FreeLibrary
lstrcpynA
lstrlenA
WideCharToMultiByte
InterlockedExchange
CloseHandle
OpenEventA
LeaveCriticalSection
EnterCriticalSection
SetLastError
LocalFree
GetVersionExA
GetFileSize
CreateFileA
GetSystemDirectoryA
lstrlenW
MultiByteToWideChar
GetModuleHandleA
OpenMutexA
CreateMutexA
ReleaseMutex
RaiseException
lstrcmpA
SetEvent
CreateEventA
IsBadStringPtrA
msvcrt
isdigit
strpbrk
isspace
isalnum
time
strtoul
_vsnprintf
_ftol
ispunct
iscntrl
isalpha
_purecall
_CxxThrowException
wcsncpy
wcscat
wcsstr
srand
rand
wcslen
_wtoi
wcscpy
_wcsnicmp
wcstok
_wcsicmp
wcscmp
malloc
free
realloc
_initterm
_adjust_fdiv
__dllonexit
_onexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
sprintf
memchr
isxdigit
_except_handler3
oleaut32
SysStringByteLen
SysAllocStringLen
VariantClear
VariantInit
SysFreeString
shlwapi
PathRemoveFileSpecW
PathRemoveBackslashA
PathRemoveFileSpecA
StrNCatA
ord419
PathRenameExtensionA
ord215
SHDeleteKeyA
StrCmpNIW
ord342
wvnsprintfA
ord52
ord57
ord308
ord260
StrCmpNIA
StrStrA
ord151
StrChrW
StrChrA
ord154
ord217
UrlCombineW
UrlCanonicalizeW
ord340
UrlCombineA
UrlCanonicalizeA
ord153
PathCreateFromUrlA
UrlUnescapeA
StrNCatW
StrToIntW
StrCpyW
ord68
ord95
ord136
StrStrIA
StrCmpW
SHRegGetUSValueA
StrCmpNA
StrToIntA
StrCatBuffA
StrRChrA
StrCmpIW
ord59
ord107
SHSetValueW
ord563
ord437
ord309
StrStrIW
SHGetValueW
SHSetValueA
SHGetValueA
wnsprintfA
wnsprintfW
StrCpyNW
PathFindFileNameW
ord158
ord125
SHRegGetValueW
ord80
ord97
ord83
ord138
StrCatBuffW
ord310
ord311
ord143
ord128
user32
IsWindow
IntersectRect
EqualRect
wsprintfW
LoadIconA
LoadImageA
DestroyIcon
SetForegroundWindow
EnumChildWindows
SetWindowTextA
GetParent
GetWindowRect
ScreenToClient
SendMessageA
PostMessageA
FindWindowA
LoadStringA
ShowWindow
GetDesktopWindow
wsprintfA
CharLowerA
DestroyWindow
IsDlgButtonChecked
EnableWindow
SetFocus
GetDlgItem
EndDialog
CheckDlgButton
CreateWindowExA
RegisterWindowMessageA
KillTimer
SetTimer
DefWindowProcA
SetWindowLongA
GetWindowLongA
RegisterClassA
CharNextA
CharToOemA
CharUpperA
CharLowerW
IsCharAlphaNumericA
SetWindowPos
CharNextExA
WinHelpA
SendDlgItemMessageA
Exports
Exports
CommitUrlCacheEntryA
CommitUrlCacheEntryW
CreateMD5SSOHash
CreateUrlCacheContainerA
CreateUrlCacheContainerW
CreateUrlCacheEntryA
CreateUrlCacheEntryW
CreateUrlCacheGroup
DeleteIE3Cache
DeleteUrlCacheContainerA
DeleteUrlCacheContainerW
DeleteUrlCacheEntry
DeleteUrlCacheEntryA
DeleteUrlCacheEntryW
DeleteUrlCacheGroup
DetectAutoProxyUrl
DllInstall
FindCloseUrlCache
FindFirstUrlCacheContainerA
FindFirstUrlCacheContainerW
FindFirstUrlCacheEntryA
FindFirstUrlCacheEntryExA
FindFirstUrlCacheEntryExW
FindFirstUrlCacheEntryW
FindFirstUrlCacheGroup
FindNextUrlCacheContainerA
FindNextUrlCacheContainerW
FindNextUrlCacheEntryA
FindNextUrlCacheEntryExA
FindNextUrlCacheEntryExW
FindNextUrlCacheEntryW
FindNextUrlCacheGroup
ForceNexusLookup
ForceNexusLookupExW
FreeUrlCacheSpaceA
FreeUrlCacheSpaceW
FtpCommandA
FtpCommandW
FtpCreateDirectoryA
FtpCreateDirectoryW
FtpDeleteFileA
FtpDeleteFileW
FtpFindFirstFileA
FtpFindFirstFileW
FtpGetCurrentDirectoryA
FtpGetCurrentDirectoryW
FtpGetFileA
FtpGetFileEx
FtpGetFileSize
FtpGetFileW
FtpOpenFileA
FtpOpenFileW
FtpPutFileA
FtpPutFileEx
FtpPutFileW
FtpRemoveDirectoryA
FtpRemoveDirectoryW
FtpRenameFileA
FtpRenameFileW
FtpSetCurrentDirectoryA
FtpSetCurrentDirectoryW
GetUrlCacheConfigInfoA
GetUrlCacheConfigInfoW
GetUrlCacheEntryInfoA
GetUrlCacheEntryInfoExA
GetUrlCacheEntryInfoExW
GetUrlCacheEntryInfoW
GetUrlCacheGroupAttributeA
GetUrlCacheGroupAttributeW
GetUrlCacheHeaderData
GopherCreateLocatorA
GopherCreateLocatorW
GopherFindFirstFileA
GopherFindFirstFileW
GopherGetAttributeA
GopherGetAttributeW
GopherGetLocatorTypeA
GopherGetLocatorTypeW
GopherOpenFileA
GopherOpenFileW
HttpAddRequestHeadersA
HttpAddRequestHeadersW
HttpCheckDavCompliance
HttpEndRequestA
HttpEndRequestW
HttpOpenRequestA
HttpOpenRequestW
HttpQueryInfoA
HttpQueryInfoW
HttpSendRequestA
HttpSendRequestExA
HttpSendRequestExW
HttpSendRequestW
IncrementUrlCacheHeaderData
InternetAlgIdToStringA
InternetAlgIdToStringW
InternetAttemptConnect
InternetAutodial
InternetAutodialCallback
InternetAutodialHangup
InternetCanonicalizeUrlA
InternetCanonicalizeUrlW
InternetCheckConnectionA
InternetCheckConnectionW
InternetClearAllPerSiteCookieDecisions
InternetCloseHandle
InternetCombineUrlA
InternetCombineUrlW
InternetConfirmZoneCrossing
InternetConfirmZoneCrossingA
InternetConfirmZoneCrossingW
InternetConnectA
InternetConnectW
InternetCrackUrlA
InternetCrackUrlW
InternetCreateUrlA
InternetCreateUrlW
InternetDial
InternetDialA
InternetDialW
InternetEnumPerSiteCookieDecisionA
InternetEnumPerSiteCookieDecisionW
InternetErrorDlg
InternetFindNextFileA
InternetFindNextFileW
InternetFortezzaCommand
InternetGetCertByURL
InternetGetCertByURLA
InternetGetConnectedState
InternetGetConnectedStateEx
InternetGetConnectedStateExA
InternetGetConnectedStateExW
InternetGetCookieA
InternetGetCookieExA
InternetGetCookieExW
InternetGetCookieW
InternetGetLastResponseInfoA
InternetGetLastResponseInfoW
InternetGetPerSiteCookieDecisionA
InternetGetPerSiteCookieDecisionW
InternetGoOnline
InternetGoOnlineA
InternetGoOnlineW
InternetHangUp
InternetInitializeAutoProxyDll
InternetLockRequestFile
InternetOpenA
InternetOpenUrlA
InternetOpenUrlW
InternetOpenW
InternetQueryDataAvailable
InternetQueryFortezzaStatus
InternetQueryOptionA
InternetQueryOptionW
InternetReadFile
InternetReadFileExA
InternetReadFileExW
InternetSecurityProtocolToStringA
InternetSecurityProtocolToStringW
InternetSetCookieA
InternetSetCookieExA
InternetSetCookieExW
InternetSetCookieW
InternetSetDialState
InternetSetDialStateA
InternetSetDialStateW
InternetSetFilePointer
InternetSetOptionA
InternetSetOptionExA
InternetSetOptionExW
InternetSetOptionW
InternetSetPerSiteCookieDecisionA
InternetSetPerSiteCookieDecisionW
InternetSetStatusCallback
InternetSetStatusCallbackA
InternetSetStatusCallbackW
InternetShowSecurityInfoByURL
InternetShowSecurityInfoByURLA
InternetShowSecurityInfoByURLW
InternetTimeFromSystemTime
InternetTimeFromSystemTimeA
InternetTimeFromSystemTimeW
InternetTimeToSystemTime
InternetTimeToSystemTimeA
InternetTimeToSystemTimeW
InternetUnlockRequestFile
InternetWriteFile
InternetWriteFileExA
InternetWriteFileExW
IsHostInProxyBypassList
IsUrlCacheEntryExpiredA
IsUrlCacheEntryExpiredW
LoadUrlCacheContent
ParseX509EncodedCertificateForListBoxEntry
PrivacyGetZonePreferenceW
PrivacySetZonePreferenceW
ReadUrlCacheEntryStream
RegisterUrlCacheNotification
ResumeSuspendedDownload
RetrieveUrlCacheEntryFileA
RetrieveUrlCacheEntryFileW
RetrieveUrlCacheEntryStreamA
RetrieveUrlCacheEntryStreamW
RunOnceUrlCache
SetUrlCacheConfigInfoA
SetUrlCacheConfigInfoW
SetUrlCacheEntryGroup
SetUrlCacheEntryGroupA
SetUrlCacheEntryGroupW
SetUrlCacheEntryInfoA
SetUrlCacheEntryInfoW
SetUrlCacheGroupAttributeA
SetUrlCacheGroupAttributeW
SetUrlCacheHeaderData
ShowCertificate
ShowClientAuthCerts
ShowSecurityInfo
ShowX509EncodedCertificate
UnlockUrlCacheEntryFile
UnlockUrlCacheEntryFileA
UnlockUrlCacheEntryFileW
UnlockUrlCacheEntryStream
UpdateUrlCacheContentPath
UrlZonesDetach
_GetFileExtensionFromUrl
Sections
.text Size: 544KB - Virtual size: 543KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 56KB - Virtual size: 55KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
密保管家/使用说明.txt
-
密保管家/安全报告V2.5版.url
-
密保管家/官方网站.url
-
密保管家/新云软件.url.url
-
密保管家/更新说明.txt
-
密保管家/病毒安全声明.txt