6301011feb7de47797f524646136ce60N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

6301011feb7de47797f524646136ce60N.exe
Size

1.9MB
MD5

6301011feb7de47797f524646136ce60
SHA1

9a6983b84c5bddf9332767027e813648303acab2
SHA256

cad73396b500fa748ff02f83f4c505b95803bd81132e2db93b1dae6f0aed831f
SHA512

80b4cdd61914a5948c5ca88ea35921bf894f495115d3cef291e403eff78604b0405fa8399344994aef280baae4898546932291d1dec3a4bd7774ea5a1b10fdcd
SSDEEP

24576:XYfo2Fcze/ErV9O13scBQKG0q0+NXpIruDufP32yMpDRoI2G2n5MrTuWBj9k0noL:ol+Dbc2ND0a58u6fOpDRUG2naNpw5t

Score

3^/10

Malware Config

Signatures

Unsigned PE 25 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/UAC.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/$PLUGINSDIR/nsExec.dll
unpack001/SebAlert32.exe
unpack001/SebAlert64.exe
unpack001/SebAsyCt32.dll
unpack001/SebAsyCt64.dll
unpack001/SebAsySr32.dll
unpack001/SebAsySr64.dll
unpack001/SebCfgLAN.exe
unpack001/SebChart.exe
unpack001/SebColor32.dll
unpack001/SebColor64.dll
unpack001/SebIpCfg.exe
unpack001/SebLMhlp32.dll
unpack001/SebLMhlp64.dll
unpack001/SebMag.exe
unpack001/SebMon32.dll
unpack001/SebMon64.dll
unpack001/SebTool.exe
unpack001/SebUI32.dll
unpack001/SebUI64.dll
unpack001/SebUNI32.dll
unpack001/SebUNI64.dll

Files

6301011feb7de47797f524646136ce60N.exe
.exe windows:4 windows x86 arch:x86

61259b55b8912888e90f516ca08dc514

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

98:f0:e5:10:70:fd:b4:39:4a:74:b8:72:0c:e2:37:69
Certificate

Issuer

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Not Before

01/12/2023, 00:00

Not After

30/11/2026, 23:59

Subject

SERIALNUMBER=91440300741213409H,CN=Shenzhen Seaory Technology CO.\,LTD.,O=Shenzhen Seaory Technology CO.\,LTD.,ST=Guangdong Sheng,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

98:f0:e5:10:70:fd:b4:39:4a:74:b8:72:0c:e2:37:69
Certificate

Issuer

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Not Before

01/12/2023, 00:00

Not After

30/11/2026, 23:59

Subject

SERIALNUMBER=91440300741213409H,CN=Shenzhen Seaory Technology CO.\,LTD.,O=Shenzhen Seaory Technology CO.\,LTD.,ST=Guangdong Sheng,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f8:e0:7f:20:f6:53:60:96:60:ff:45:be:ec:61:49:ff:11:9d:af:85:81:74:a4:66:e1:c7:2f:05:f2:48:ce:ab
Signer

Actual PE Digest

f8:e0:7f:20:f6:53:60:96:60:ff:45:be:ec:61:49:ff:11:9d:af:85:81:74:a4:66:e1:c7:2f:05:f2:48:ce:ab

Digest Algorithm

sha256

PE Digest Matches

true

a8:df:d2:a3:7b:b6:a9:cc:e7:43:c6:19:fb:81:02:c3:31:2b:4e:ed
Signer

Actual PE Digest

a8:df:d2:a3:7b:b6:a9:cc:e7:43:c6:19:fb:81:02:c3:31:2b:4e:ed

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW

shell32

SHGetSpecialFolderLocation
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW

ole32

OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
CoTaskMemFree

comctl32

ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

user32

GetClientRect
EndPaint
DrawTextW
IsWindowEnabled
DispatchMessageW
wsprintfA
CharNextA
CharPrevW
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
GetSystemMetrics
FillRect
AppendMenuW
TrackPopupMenu
OpenClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetSysColor
SetWindowPos
GetWindowLongW
PeekMessageW
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
EmptyClipboard
CreatePopupMenu

gdi32

SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject

kernel32

GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
lstrcatW
Sleep
lstrcpyA
WriteFile
GetTempFileNameW
lstrcmpiA
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersionExW
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
CopyFileW
ExitProcess
GetCurrentProcess
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
MulDiv
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
MoveFileExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 148KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 662B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UAC.dll
.dll windows:4 windows x86 arch:x86

0ef725341a4aecf8398c0e2132f38049

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
GetCurrentProcessId
GetCommandLineW
GetProcAddress
CreateThread
GlobalFree
LoadLibraryA
OpenProcess
GlobalAlloc
CreateFileMappingW
Sleep
MapViewOfFile
GetModuleHandleW
UnmapViewOfFile
CreateEventW
SetCurrentDirectoryW
GetVersionExW
GetExitCodeProcess
lstrcatW
LocalFree
GetPrivateProfileStringW
FormatMessageW
GetPrivateProfileIntW
CreateProcessW
CloseHandle
GetLastError
DuplicateHandle
GetCurrentThreadId
lstrlenW
SetEvent
WaitForSingleObject
lstrcmpiW
GetExitCodeThread
GetModuleFileNameW

user32

SetWindowPos
GetClientRect
GetWindowThreadProcessId
SetWindowLongW
DefWindowProcW
GetDlgItem
CallWindowProcW
CallNextHookEx
GetClassNameW
PeekMessageW
DestroyWindow
SendMessageW
SetForegroundWindow
IsWindowVisible
MsgWaitForMultipleObjects
LoadStringW
EndDialog
EnableWindow
DialogBoxParamW
LoadImageW
MessageBoxW
GetWindowLongW
DispatchMessageW
ShowWindow
wsprintfW
CreateDialogParamW
GetWindowRect
IsDialogMessageW
FindWindowExW
CharNextW
CreateWindowExW
LoadIconW
PostMessageW
SetWindowsHookExW
UnhookWindowsHookEx
TranslateMessage

shell32

ShellExecuteExW

advapi32

OpenServiceW
QueryServiceStatus
CloseServiceHandle
OpenProcessToken
OpenSCManagerW
GetUserNameW
AdjustTokenPrivileges
LookupPrivilegeValueW
GetTokenInformation
EqualSid

ole32

CoInitialize

Exports

Exports

_

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

6b5c4f7d679059f68f1269aad3a5cecd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
lstrcpyW
MulDiv
lstrlenW
HeapFree
GetCurrentDirectoryW
lstrcmpiW
GetProcessHeap
HeapReAlloc
GlobalFree
lstrcpynW
GlobalAlloc
SetCurrentDirectoryW
HeapAlloc

user32

DestroyWindow
CallWindowProcW
SetCursor
LoadCursorW
GetPropW
CharPrevW
DrawFocusRect
GetWindowLongW
DrawTextW
GetClientRect
SetWindowLongW
GetDlgItem
GetSysColor
SetWindowPos
CreateDialogParamW
MapDialogRect
GetWindowRect
SetPropW
CreateWindowExW
IsWindow
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
CharNextW
SendMessageW
MapWindowPoints
RemovePropW
GetWindowTextW

gdi32

SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 638B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

c1c7505e1e6e929ebb6b9100e55b050a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
IsTextUnicode

user32

wsprintfW
CharNextExA
SendMessageW
FindWindowExW
CharNextW
CharPrevW

kernel32

CreatePipe
DeleteFileW
lstrcmpiW
GetCommandLineW
ExitProcess
Sleep
TerminateProcess
GlobalReAlloc
MultiByteToWideChar
IsDBCSLeadByteEx
ReadFile
PeekNamedPipe
GetExitCodeProcess
WaitForSingleObject
GetTickCount
lstrcpyW
CreateProcessW
GetStartupInfoW
CreateFileMappingW
GetVersion
GetCurrentProcess
lstrcpynW
lstrlenW
lstrcatW
CloseHandle
UnmapViewOfFile
MapViewOfFile
GlobalFree
CreateFileW
CopyFileW
GetTempFileNameW
GlobalAlloc
GetModuleFileNameW
GetProcAddress
GetModuleHandleA

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SeaoryRx.gpd
SeaoryRx.inf
SeaoryRx32.ini
SeaoryRx64.ini
SebAlert32.exe
.exe windows:4 windows x86 arch:x86

09ffe9bf20fa2f9c2c91f643aedf4d04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
GetPrivateProfileStringW
GetModuleHandleW
GetVersionExW
GetUserDefaultUILanguage
WriteFile
ReadFile
CloseHandle
CreateFileW
GetModuleFileNameW
MultiByteToWideChar
FormatMessageW
SetLastError
GetSystemDirectoryW
VirtualFree
VirtualAlloc
GetSystemTimeAsFileTime
WideCharToMultiByte
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
InitializeCriticalSection
LoadLibraryA
HeapReAlloc
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
HeapDestroy
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryW
GetLastError
GetProcAddress
Sleep
FreeLibrary
LocalFree
lstrcatW
SetFilePointer
DeleteCriticalSection
lstrcpyW
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
HeapSize
ExitProcess
EnterCriticalSection
LeaveCriticalSection
RtlUnwind

user32

IsDialogMessageW
TranslateMessage
DispatchMessageW
GetMessageW
ShowWindow
CreateDialogParamW
MoveWindow
GetDesktopWindow
GetWindowRect
SetWindowTextW
DefWindowProcW
SetWindowLongW
DialogBoxParamW
SetWindowPos
PostQuitMessage
GetWindowTextW
GetWindow
GetMenu
GetMenuItemCount
GetMenuStringW
GetMenuItemID
ModifyMenuW
DrawMenuBar
GetSubMenu
SendMessageW
EndDialog
GetDlgItem

winspool.drv

GetJobW
SetPrinterW
OpenPrinterW
SetJobW
ClosePrinter

shell32

CommandLineToArgvW

comctl32

ord17

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SebAlert64.exe
.exe windows:4 windows x64 arch:x64

687f192626178182fdf733606c921ee2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrlenW
GetPrivateProfileStringW
GetModuleHandleW
GetVersionExW
GetUserDefaultUILanguage
WriteFile
ReadFile
CloseHandle
CreateFileW
GetModuleFileNameW
MultiByteToWideChar
FormatMessageW
SetLastError
GetSystemDirectoryW
GetSystemTimeAsFileTime
WideCharToMultiByte
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
InitializeCriticalSection
LoadLibraryA
HeapReAlloc
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
HeapSetInformation
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryW
GetLastError
GetProcAddress
Sleep
FreeLibrary
lstrcatW
lstrcpyW
SetFilePointer
LocalFree
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStdHandle
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
GetModuleHandleA
FlsGetValue
FlsSetValue
TlsFree
FlsFree
GetCurrentThreadId
FlsAlloc
HeapSize
ExitProcess
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
SetHandleCount

user32

IsDialogMessageW
TranslateMessage
DispatchMessageW
GetMessageW
ShowWindow
CreateDialogParamW
MoveWindow
GetDesktopWindow
GetWindowRect
SetWindowTextW
DefWindowProcW
SetWindowLongPtrW
DialogBoxParamW
SetWindowPos
PostQuitMessage
GetWindowTextW
GetWindow
GetMenu
GetMenuItemCount
GetMenuStringW
GetMenuItemID
ModifyMenuW
DrawMenuBar
GetSubMenu
SendMessageW
EndDialog
GetDlgItem

winspool.drv

GetJobW
SetPrinterW
OpenPrinterW
SetJobW
ClosePrinter

shell32

CommandLineToArgvW

comctl32

ord17

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SebAsyCt32.dll
.dll windows:4 windows x86 arch:x86

490d094940ea44f9ea5bcbd9c65e2e80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GetVersionExW
WriteFile
CloseHandle
MultiByteToWideChar
SetLastError
GetSystemDirectoryW
VirtualFree
VirtualAlloc
GetProcAddress
GetSystemTimeAsFileTime
WideCharToMultiByte
LoadLibraryA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
lstrcpyW
lstrlenW
lstrcatW
GetLastError
CreateProcessW
Sleep
GetLocaleInfoA
GetStringTypeW
RtlUnwind
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapReAlloc
HeapSize
SetStdHandle
FlushFileBuffers
InitializeCriticalSection
LCMapStringA
LCMapStringW
GetStringTypeA

user32

FindWindowW
SendMessageW

shell32

ShellExecuteW

Exports

Exports

SendMessageToClient

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SebAsyCt64.dll
.dll windows:4 windows x64 arch:x64

2bbd67b2caf760221fb18ea96a1632a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExW
WriteFile
CloseHandle
MultiByteToWideChar
SetLastError
GetSystemDirectoryW
GetProcAddress
GetSystemTimeAsFileTime
WideCharToMultiByte
HeapReAlloc
LoadLibraryA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
lstrcpyW
lstrlenW
lstrcatW
GetLastError
CreateProcessW
Sleep
GetLocaleInfoA
GetStringTypeW
GetCurrentThreadId
FlsSetValue
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RaiseException
RtlPcToFileHeader
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
FlsGetValue
TlsFree
FlsFree
TlsSetValue
FlsAlloc
GetConsoleCP
GetConsoleMode
ExitProcess
HeapSetInformation
HeapCreate
HeapDestroy
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapSize
SetStdHandle
FlushFileBuffers
InitializeCriticalSection
LCMapStringA
LCMapStringW
GetStringTypeA

user32

FindWindowW
SendMessageW

shell32

ShellExecuteW

Exports

Exports

SendMessageToClient

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SebAsySr32.dll
.dll windows:4 windows x86 arch:x86

0642b3505fe3cb894f85cb72973f7479

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedIncrement
lstrlenW
lstrcpyW
InterlockedDecrement
Sleep
FreeLibrary
GetProcAddress
GetLastError
LoadLibraryW
lstrcatW
LocalFree
LocalAlloc
GetSystemTimeAsFileTime
MultiByteToWideChar
WideCharToMultiByte
RtlUnwind
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
CloseHandle
EnterCriticalSection
LeaveCriticalSection
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
WriteFile
GetConsoleCP
GetConsoleMode
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
SetStdHandle
FlushFileBuffers
InitializeCriticalSection
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateFileA

Exports

Exports

SendMessageToCustomAsyncUI

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SebAsySr64.dll
.dll windows:4 windows x64 arch:x64

dd1ccf424d97278151a6dd0899cd56ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
lstrcpyW
Sleep
FreeLibrary
GetProcAddress
GetLastError
LoadLibraryW
lstrcatW
LocalFree
LocalAlloc
GetSystemTimeAsFileTime
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
FlsSetValue
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlUnwindEx
RaiseException
RtlPcToFileHeader
CloseHandle
EnterCriticalSection
LeaveCriticalSection
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
WriteFile
GetConsoleCP
GetConsoleMode
GetModuleHandleA
ExitProcess
FlsGetValue
TlsFree
FlsFree
SetLastError
TlsSetValue
FlsAlloc
HeapSetInformation
HeapCreate
HeapDestroy
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
SetStdHandle
FlushFileBuffers
InitializeCriticalSection
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LoadLibraryA
HeapReAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateFileA

Exports

Exports

SendMessageToCustomAsyncUI

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SebCfgLAN.exe
.exe windows:4 windows x86 arch:x86

6e5d4dd9d87053f678bc0fbcc7b9d3ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord3744
ord5059
ord1720
ord5257
ord2438
ord2116
ord5273
ord4621
ord4419
ord3592
ord324
ord4229
ord2403
ord2015
ord4213
ord2570
ord4392
ord3577
ord6735
ord3397
ord3693
ord2574
ord6051
ord1768
ord4396
ord5286
ord6372
ord3635
ord1143
ord1165
ord567
ord2350
ord2294
ord1761
ord3991
ord4155
ord540
ord2858
ord2371
ord755
ord470
ord6195
ord5977
ord2634
ord3087
ord6330
ord6211
ord6661
ord823
ord6879
ord6896
ord6667
ord2047
ord2640
ord4435
ord4831
ord3793
ord5276
ord4347
ord6370
ord5157
ord2377
ord5237
ord4401
ord1767
ord4073
ord6048
ord4704
ord4992
ord4847
ord4370
ord5261
ord2613
ord2506
ord6511
ord693
ord765
ord616
ord641
ord815
ord561
ord3733
ord4418
ord4616
ord4075
ord3074
ord3820
ord3826
ord3825
ord1569
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord5710
ord5285
ord5303
ord4692
ord4074
ord2717
ord5298
ord5296
ord3341
ord2388
ord5193
ord1089
ord3917
ord5727
ord2504
ord2546
ord4480
ord6371
ord4269
ord4667
ord800
ord825
ord3365

msvcrt

strncpy
printf
strstr
exit
sprintf
isdigit
__CxxFrameHandler
_XcptFilter
_cexit
_wcmdln
_initterm
__setusermatherr
atoi
time
swprintf
wcsstr
_exit
_waccess
_c_exit
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__dllonexit
_onexit
_controlfp
_except_handler3
__wgetmainargs

kernel32

HeapAlloc
HeapFree
FindFirstFileW
GetWindowsDirectoryW
LockResource
SizeofResource
LoadResource
FindResourceW
GetPrivateProfileStringW
GetProcAddress
GetModuleHandleW
GetVersionExW
GetProcessHeap
MultiByteToWideChar
GetModuleHandleA
GetStartupInfoW
lstrcpyW
ExitThread
Sleep
GetModuleFileNameW
CreateThread
CloseHandle
GetExitCodeThread
lstrcatW
lstrcmpW
GetLastError
SetLastError
lstrlenW
GetSystemDirectoryW
WaitForSingleObject
FindClose
GetUserDefaultUILanguage
GetPrivateProfileSectionW
FindNextFileW

user32

GetMenu
DrawMenuBar
GetWindow
EnableWindow
MessageBoxW
GetMenuItemCount
GetMenuStringW
GetMenuItemID
ModifyMenuW
SetWindowTextW
GetSubMenu
GetWindowTextW
SendMessageW
LoadIconW
LoadCursorW
PostMessageW
GetWindowRect
AppendMenuW
GetSystemMenu
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SetTimer
KillTimer
SetCursor
GetDlgItem

advapi32

RegCreateKeyExW
RegSetValueExW
RegCloseKey
OpenSCManagerW
OpenServiceW
QueryServiceStatus
ControlService
StartServiceW
CloseServiceHandle

shell32

ShellExecuteW
ShellExecuteExW

ws2_32

WSAStartup
WSACleanup
sendto
ntohs
bind
getsockname
closesocket
select
__WSAFDIsSet
recvfrom
socket
WSAGetLastError
setsockopt
inet_addr
htons

iphlpapi

GetAdaptersInfo

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SebChart.exe
.exe windows:4 windows x86 arch:x86

c202f358d12c2a751e0523b6aefd031d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord1089
ord5193
ord2388
ord3341
ord5296
ord5298
ord2717
ord4074
ord4692
ord5303
ord5285
ord5710
ord4616
ord3733
ord561
ord815
ord793
ord3917
ord2613
ord324
ord3714
ord1143
ord1165
ord2287
ord2356
ord4155
ord2858
ord2371
ord755
ord470
ord3870
ord823
ord5727
ord2504
ord2546
ord4480
ord6371
ord4269
ord4667
ord6330
ord5977
ord3087
ord2634
ord4370
ord4704
ord6195
ord4229
ord2294
ord2362
ord641
ord567
ord656
ord3592
ord4419
ord4621
ord4075
ord3074
ord3820
ord3826
ord3825
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord5273
ord2116
ord2438
ord5257
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord1569
ord4435
ord4831
ord3793
ord5276
ord4347
ord6370
ord5157
ord2377
ord5237
ord4401
ord1767
ord4073
ord6048
ord2506
ord4992
ord4847
ord5261
ord3605
ord4418
ord3397
ord5286
ord1768
ord6051
ord538
ord5215
ord825
ord296
ord540
ord861
ord617
ord800
ord3658
ord5208
ord5214

msvcrt

strtol
wcscpy
fclose
_wfopen
__setusermatherr
fwrite
fflush
strstr
atoi
strchr
_initterm
fseek
localtime
__wgetmainargs
wcslen
wcsstr
_wcsicmp
wcschr
wcscmp
_wtoi
sprintf
swprintf
wcstoul
__CxxFrameHandler
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__dllonexit
_onexit
_controlfp
_except_handler3
_wcmdln
_cexit
_XcptFilter
_exit
_c_exit
ftell
fread
toupper
_wcsnicmp
_snprintf
_vsnwprintf
_snwprintf
fopen
towlower
time
wcscat
malloc
free
calloc
exit

kernel32

SystemTimeToFileTime
GetCurrentDirectoryW
LocalFileTimeToFileTime
MultiByteToWideChar
WideCharToMultiByte
CreateDirectoryW
GetFileAttributesW
SetFileTime
WriteFile
lstrcpynW
GetHandleInformation
CancelIo
ReleaseMutex
CreateMutexA
WaitForSingleObject
ReadFile
GetOverlappedResult
GetProcAddress
GetModuleHandleW
GetVersionExW
GetUserDefaultUILanguage
FreeLibrary
LoadLibraryW
FormatMessageW
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetModuleHandleA
GetStartupInfoW
CloseHandle
CreateFileW
SetFilePointer
lstrcmpW
lstrcpyW
Sleep
ResumeThread
CreateThread
ExitThread
lstrcatW
lstrlenW
GetModuleFileNameW
SetLastError
GetLastError
GetLocalTime
LockResource
SizeofResource
LoadResource
CreateEventW
GetPrivateProfileStringW
FindResourceW

user32

wsprintfW
GetMenuItemCount
GetMenuStringW
GetMenuItemID
ModifyMenuW
DrawMenuBar
GetSubMenu
GetWindowTextW
SetWindowTextW
GetWindow
GetMenu
SetRect
FillRect
UnregisterDeviceNotification
SendNotifyMessageW
MessageBoxW
SetCursor
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuW
SendMessageW
EnableWindow
LoadIconW
LoadCursorW

gdi32

CreateCompatibleDC
CreateDIBSection
SelectObject
GetStockObject
SetBkMode
SetTextColor
CreateFontIndirectW
GetTextExtentPoint32W
TextOutW
DeleteObject
DeleteDC
CreateDCW

winspool.drv

OpenPrinterW
GetPrinterW
ClosePrinter

advapi32

RegCreateKeyExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegEnumKeyExW

setupapi

SetupDiEnumDeviceInterfaces
SetupDiOpenDeviceInterfaceRegKey
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInterfaceDetailW

ws2_32

gethostbyname
htons
socket
ioctlsocket
connect
__WSAFDIsSet
closesocket
select
recv
send
WSAGetLastError
WSAStartup
WSAStringToAddressW
WSACleanup
setsockopt
shutdown

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 480KB - Virtual size: 476KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SebColor32.dll
.dll windows:5 windows x86 arch:x86

e8dbc88b044cd49f07c30e219224fe81

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Build\Dll\x86\JDColorFlow.pdb

Imports

kernel32

lstrcpyW
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
EncodePointer
RaiseException
InterlockedFlushSList
GetLastError
SetLastError
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ReadFile
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
CloseHandle
GetConsoleMode
ReadConsoleW
WriteFile
GetConsoleCP
FlushFileBuffers
SetFilePointerEx
GetStdHandle
GetFileType
GetACP
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
SetStdHandle
CreateFileW
WriteConsoleW
HeapSize
HeapReAlloc
SetEndOfFile
DecodePointer

Exports

Exports

ColorConvert_o
ConvertRGB2Resin_o
CreatJDColorFlow_o
GetLastErrorCode_o
InitialColorParameters_o
LoadColorLUTFromJDIO
LoadColorLUT_o
ProcessODataFromYMCDataNoParams_o
ProcessODataFromYMCData_o
ReleaseJDColorFlow_o
Rgb2Resin_o
Rgn2Ymc_o
SetBrightnessValueByReal_o
SetColorCorrectValueByReal_o
SetColorParameters_o
SetContrastValueByReal_o
SetEnergy_o
SetGammaValueByReal_o
SetHLineLDParams_o
SetHLineParams_o
SetPrintSetting_o
SetResinModelMediaMode_o
SetRsnCvtParams_o
SetSaturated_o
SetSharpen_o
Ymc2O_o

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 267KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SebColor64.dll
.dll windows:5 windows x64 arch:x64

59ceb257d7273f4533175cd6016e95bf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Build\Dll\x64\JDColorFlow.pdb

Imports

kernel32

lstrcpyW
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlPcToFileHeader
EncodePointer
RaiseException
RtlUnwindEx
InterlockedFlushSList
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ReadFile
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
CloseHandle
GetConsoleMode
ReadConsoleW
WriteFile
GetConsoleCP
FlushFileBuffers
SetFilePointerEx
GetStdHandle
GetFileType
GetACP
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
SetStdHandle
CreateFileW
WriteConsoleW
HeapSize
HeapReAlloc
SetEndOfFile

Exports

Exports

ColorConvert_o
ConvertRGB2Resin_o
CreatJDColorFlow_o
GetLastErrorCode_o
InitialColorParameters_o
LoadColorLUTFromJDIO
LoadColorLUT_o
ProcessODataFromYMCDataNoParams_o
ProcessODataFromYMCData_o
ReleaseJDColorFlow_o
Rgb2Resin_o
Rgn2Ymc_o
SetBrightnessValueByReal_o
SetColorCorrectValueByReal_o
SetColorParameters_o
SetContrastValueByReal_o
SetEnergy_o
SetGammaValueByReal_o
SetHLineLDParams_o
SetHLineParams_o
SetPrintSetting_o
SetResinModelMediaMode_o
SetRsnCvtParams_o
SetSaturated_o
SetSharpen_o
Ymc2O_o

Sections

.text
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 281KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SebIpCfg.exe
.exe windows:4 windows x86 arch:x86

13f3b65ea9f8e19633ac2d81f9d362b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord2506
ord5208
ord2613
ord6433
ord5261
ord4370
ord4847
ord4992
ord4704
ord6048
ord4073
ord1767
ord4401
ord5237
ord2377
ord5157
ord6370
ord4347
ord5276
ord3793
ord4831
ord4435
ord2640
ord2047
ord6372
ord3744
ord5059
ord1720
ord5257
ord2438
ord2116
ord5273
ord4621
ord4419
ord3592
ord324
ord6511
ord6735
ord3397
ord3703
ord2574
ord6051
ord1768
ord4396
ord5286
ord3365
ord3635
ord1143
ord1165
ord567
ord2354
ord2350
ord2294
ord823
ord3993
ord3991
ord2634
ord3087
ord4155
ord2858
ord2371
ord755
ord470
ord6195
ord5977
ord4219
ord6661
ord6330
ord6898
ord781
ord693
ord641
ord815
ord561
ord3733
ord4418
ord4616
ord4075
ord3074
ord3820
ord3826
ord3825
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord1569
ord2977
ord5710
ord5285
ord5303
ord4692
ord4074
ord2717
ord5298
ord5296
ord3341
ord2388
ord5193
ord1089
ord3917
ord5727
ord2504
ord2546
ord4480
ord6371
ord4269
ord4667
ord538
ord5215
ord825
ord296
ord540
ord861
ord617
ord800
ord3658
ord4229
ord5214

msvcrt

_wcmdln
_cexit
_initterm
__setusermatherr
_XcptFilter
__wgetmainargs
exit
_exit
_c_exit
_wfopen
strstr
wcsrchr
sprintf
wcscmp
swprintf
wcsstr
swscanf
wcstoul
__CxxFrameHandler
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__dllonexit
_onexit
_controlfp
_except_handler3
_wcsicmp
wcslen
toupper
_wcsnicmp
_snprintf
_vsnwprintf
fwrite
fflush
fopen
fseek
towlower
localtime
fclose
time
_snwprintf

kernel32

lstrcmpW
CloseHandle
GetHandleInformation
CancelIo
ReleaseMutex
CreateMutexA
WaitForSingleObject
CreateEventW
CreateFileW
GetOverlappedResult
ReadFile
WriteFile
GetProcAddress
GetModuleHandleW
GetLastError
GetUserDefaultUILanguage
MultiByteToWideChar
FreeLibrary
LoadLibraryW
FormatMessageW
SetLastError
GetSystemDirectoryW
GetSystemTimeAsFileTime
WideCharToMultiByte
GetModuleHandleA
GetStartupInfoW
lstrcpynW
lstrlenW
GetPrivateProfileStringW
FindResourceW
LoadResource
SizeofResource
LockResource
Sleep
GetModuleFileNameW
GetVersionExW
lstrcatW
lstrcpyW

user32

DrawMenuBar
MessageBoxW
GetMenuItemCount
GetMenuStringW
GetMenuItemID
ModifyMenuW
GetSubMenu
GetWindowTextW
SetWindowTextW
GetWindow
GetMenu
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuW
SendMessageW
GetWindowRect
PostMessageW
LoadIconW

winspool.drv

GetPrinterW
OpenPrinterW
ClosePrinter

advapi32

RegCreateKeyExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegEnumKeyExW

setupapi

SetupDiEnumDeviceInterfaces
SetupDiOpenDeviceInterfaceRegKey
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInterfaceDetailW

ws2_32

socket
ioctlsocket
connect
__WSAFDIsSet
closesocket
select
htons
send
WSAGetLastError
WSAStartup
WSAStringToAddressW
WSACleanup
setsockopt
gethostbyname
shutdown
recv

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SebLMhlp32.dll
.dll windows:4 windows x86 arch:x86

3f7e95ec67d15ca7c2ebf37a7a46b7b2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LockResource
SizeofResource
LoadResource
FindResourceW
CancelIo
CloseHandle
ReleaseMutex
CreateMutexA
WaitForSingleObject
GetHandleInformation
GetOverlappedResult
ReadFile
WriteFile
lstrcpynW
CreateEventW
CreateFileW
GetModuleHandleW
GetVersionExW
MultiByteToWideChar
FormatMessageW
GetSystemDirectoryW
FreeResource
VirtualAlloc
GetSystemTimeAsFileTime
WideCharToMultiByte
GetComputerNameW
CompareStringW
CompareStringA
SetEndOfFile
LoadLibraryA
CreateFileA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
InitializeCriticalSection
WriteConsoleW
GetConsoleOutputCP
lstrcpyW
CreateProcessW
SetLastError
GetLastError
lstrlenW
Sleep
LoadLibraryW
GetProcAddress
FreeLibrary
lstrcatW
VirtualFree
lstrcmpW
WriteConsoleA
SetStdHandle
HeapSize
HeapReAlloc
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
ExitProcess
GetStartupInfoA
SetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
SetFilePointer
DeleteCriticalSection
FlushFileBuffers
IsValidCodePage
GetOEMCP
GetACP
RtlUnwind
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTimeZoneInformation
RaiseException
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
GetConsoleCP
GetConsoleMode
GetCPInfo

user32

SendNotifyMessageW
FindWindowW
SendMessageW
MessageBoxW

winspool.drv

EnumJobsW
SetJobW
OpenPrinterW
GetPrinterW
SetPrinterW
GetJobW
DocumentPropertiesW
ClosePrinter

advapi32

RegCreateKeyExW
RegEnumKeyExW
RegEnumKeyW
RegOpenKeyW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
GetUserNameW

setupapi

SetupDiEnumDeviceInfo
SetupDiOpenDeviceInterfaceRegKey
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList

ws2_32

gethostbyname
recv
htons
socket
setsockopt
ioctlsocket
connect
select
__WSAFDIsSet
closesocket
WSAStringToAddressW
WSAStartup
WSACleanup
shutdown
send
WSAGetLastError

Exports

Exports

LM_EndDocPort
LM_ReadPort
LM_StartDocPort
LM_WritePort
TestStartDoc

Sections

.text
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SebLMhlp64.dll
.dll windows:4 windows x64 arch:x64

a1ec6fa7ea3ef4e1df9ac75f7db360b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

LockResource
SizeofResource
LoadResource
FindResourceW
CancelIo
CloseHandle
ReleaseMutex
CreateMutexA
WaitForSingleObject
GetHandleInformation
GetOverlappedResult
ReadFile
WriteFile
lstrcpynW
CreateEventW
CreateFileW
GetModuleHandleW
GetVersionExW
MultiByteToWideChar
FormatMessageW
GetSystemDirectoryW
FreeResource
GetSystemTimeAsFileTime
WideCharToMultiByte
GetComputerNameW
CompareStringW
CompareStringA
SetEndOfFile
HeapReAlloc
LoadLibraryA
CreateFileA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
InitializeCriticalSection
WriteConsoleW
GetConsoleOutputCP
lstrcpyW
CreateProcessW
SetLastError
GetLastError
lstrlenW
Sleep
LoadLibraryW
GetProcAddress
FreeLibrary
lstrcatW
lstrcmpW
WriteConsoleA
SetStdHandle
HeapSize
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
HeapDestroy
HeapCreate
HeapSetInformation
ExitProcess
GetStartupInfoA
GetFileType
GetStdHandle
SetEnvironmentVariableA
SetHandleCount
LCMapStringW
LCMapStringA
SetFilePointer
DeleteCriticalSection
FlushFileBuffers
IsValidCodePage
GetOEMCP
GetACP
RtlLookupFunctionEntry
RtlUnwindEx
GetCurrentThreadId
FlsSetValue
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
GetTimeZoneInformation
RaiseException
RtlPcToFileHeader
RtlVirtualUnwind
EnterCriticalSection
LeaveCriticalSection
GetConsoleCP
GetConsoleMode
GetModuleHandleA
FlsGetValue
TlsFree
FlsFree
TlsSetValue
FlsAlloc
GetCPInfo

user32

SendNotifyMessageW
FindWindowW
SendMessageW
MessageBoxW

winspool.drv

EnumJobsW
SetJobW
OpenPrinterW
GetPrinterW
SetPrinterW
GetJobW
DocumentPropertiesW
ClosePrinter

advapi32

RegCreateKeyExW
RegEnumKeyExW
RegEnumKeyW
RegOpenKeyW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
GetUserNameW

setupapi

SetupDiEnumDeviceInfo
SetupDiOpenDeviceInterfaceRegKey
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList

ws2_32

WSAGetLastError
recv
htons
socket
setsockopt
ioctlsocket
connect
select
__WSAFDIsSet
closesocket
WSAStringToAddressW
gethostbyname
WSACleanup
shutdown
send
WSAStartup

Exports

Exports

LM_EndDocPort
LM_ReadPort
LM_StartDocPort
LM_WritePort
TestStartDoc

Sections

.text
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SebMag.exe
.exe windows:4 windows x86 arch:x86

f7e17f5a7cd4d069071e7601b1166e19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord3867
ord3792
ord1637
ord5977
ord4435
ord6195
ord2810
ord2910
ord4667
ord4269
ord6371
ord4480
ord2546
ord2504
ord5727
ord3917
ord1089
ord5193
ord2388
ord3341
ord5296
ord5298
ord2717
ord4074
ord4692
ord5303
ord5285
ord5710
ord4616
ord3733
ord561
ord815
ord641
ord693
ord2506
ord5208
ord2613
ord2756
ord4370
ord4847
ord4992
ord4704
ord6048
ord1767
ord5276
ord4419
ord3592
ord324
ord4229
ord2574
ord4396
ord3365
ord3635
ord3397
ord1143
ord1165
ord2293
ord2350
ord2294
ord823
ord3991
ord4155
ord2858
ord755
ord470
ord6330
ord2634
ord6211
ord3087
ord3870
ord6898
ord3993
ord4219
ord6193
ord6266
ord2430
ord3649
ord2576
ord4215
ord3871
ord1197
ord5286
ord2371
ord4270
ord656
ord567
ord3605
ord4418
ord4621
ord4075
ord3074
ord3820
ord3826
ord3825
ord2971
ord3076
ord2980
ord3257
ord3131
ord1569
ord4459
ord3254
ord3142
ord2977
ord5273
ord2116
ord2438
ord5257
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord4831
ord3793
ord4347
ord6370
ord5157
ord2377
ord5237
ord4401
ord1768
ord4073
ord6051
ord538
ord5215
ord825
ord296
ord540
ord861
ord617
ord800
ord3658
ord5261
ord5214

msvcrt

_initterm
_wcmdln
fclose
exit
__setusermatherr
__wgetmainargs
_cexit
_XcptFilter
_exit
_c_exit
localtime
atoi
strtol
sprintf
strstr
swprintf
swscanf
toupper
wcstoul
__CxxFrameHandler
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__dllonexit
_onexit
_controlfp
_except_handler3
_wcsicmp
wcslen
_snprintf
_vsnwprintf
fwrite
fflush
_snwprintf
fseek
towlower
wcsstr
time
_wfopen
_wcsnicmp

kernel32

FindResourceW
GetPrivateProfileStringW
lstrcpynW
GetLastError
CloseHandle
GetHandleInformation
CancelIo
ReleaseMutex
CreateMutexA
WaitForSingleObject
CreateEventW
CreateFileW
GetOverlappedResult
ReadFile
WriteFile
GetProcAddress
LoadResource
GetVersionExW
GetUserDefaultUILanguage
GetModuleFileNameW
MultiByteToWideChar
FreeLibrary
LoadLibraryW
FormatMessageW
SetLastError
GetSystemDirectoryW
GetSystemTimeAsFileTime
WideCharToMultiByte
GetModuleHandleA
GetStartupInfoW
LockResource
SizeofResource
ExitThread
Sleep
GlobalLock
lstrlenW
GlobalUnlock
GlobalAlloc
lstrcatW
lstrcmpW
lstrcpyW
GetModuleHandleW
CreateThread
ResumeThread

user32

GetWindow
GetMenuItemCount
GetMenuStringW
GetMenuItemID
ModifyMenuW
DrawMenuBar
GetSubMenu
GetWindowTextW
SetWindowTextW
GetMenu
SendNotifyMessageW
MessageBoxW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuW
GetWindowRect
LoadCursorW
LoadIconW
EnableWindow
RedrawWindow
SetClipboardData
CreatePopupMenu
InsertMenuW
SendMessageW
GetKeyState
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable

gdi32

CreateSolidBrush

winspool.drv

GetPrinterW
OpenPrinterW
ClosePrinter

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegEnumKeyExW

setupapi

SetupDiEnumDeviceInterfaces
SetupDiOpenDeviceInterfaceRegKey
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInterfaceDetailW

ws2_32

socket
ioctlsocket
connect
__WSAFDIsSet
closesocket
select
htons
send
WSAGetLastError
WSAStartup
WSAStringToAddressW
WSACleanup
setsockopt
gethostbyname
shutdown
recv

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SebMon32.dll
.dll windows:4 windows x86 arch:x86

68a9a22f27e631d8bcc129fab6871aa9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatW
lstrlenW
GetProcAddress
LoadLibraryW
GetLastError
GetModuleHandleW
GetVersionExW
WriteFile
CloseHandle
MultiByteToWideChar
GetSystemDirectoryW
InitializeCriticalSection
VirtualAlloc
GetSystemTimeAsFileTime
WideCharToMultiByte
LoadLibraryA
DeleteCriticalSection
FreeLibrary
EnterCriticalSection
lstrcpyW
SetLastError
VirtualFree
LeaveCriticalSection
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RaiseException
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
RtlUnwind
GetConsoleCP
GetConsoleMode
ExitProcess
Sleep
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapSize
HeapReAlloc
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
FlushFileBuffers
CreateFileA

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegCloseKey

Exports

Exports

InitializePrintMonitor2

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SebMon64.dll
.dll windows:4 windows x64 arch:x64

caf37f4d5626ab9c083745f1eba62f3b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatW
lstrlenW
GetProcAddress
LoadLibraryW
GetLastError
GetVersionExW
WriteFile
CloseHandle
MultiByteToWideChar
GetSystemDirectoryW
InitializeCriticalSection
GetSystemTimeAsFileTime
WideCharToMultiByte
HeapReAlloc
LoadLibraryA
DeleteCriticalSection
FreeLibrary
EnterCriticalSection
lstrcpyW
SetLastError
LeaveCriticalSection
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCurrentThreadId
FlsSetValue
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RaiseException
RtlPcToFileHeader
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
FlsGetValue
TlsFree
FlsFree
TlsSetValue
FlsAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
LCMapStringA
LCMapStringW
RtlUnwindEx
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
ExitProcess
Sleep
HeapSetInformation
HeapCreate
HeapDestroy
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapSize
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
FlushFileBuffers
CreateFileA

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegCloseKey

Exports

Exports

InitializePrintMonitor2

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SebSecK.bmp
SebTool.exe
.exe windows:4 windows x86 arch:x86

32452de7a3e8f0ba04d9b8b3494648d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord5208
ord2613
ord5261
ord4370
ord4847
ord4992
ord4704
ord6048
ord4073
ord1767
ord4401
ord5237
ord2377
ord5157
ord6370
ord4347
ord5276
ord3793
ord4831
ord4435
ord2640
ord2047
ord6372
ord3744
ord5059
ord1720
ord5257
ord2438
ord2116
ord5273
ord4621
ord4419
ord3592
ord2506
ord4229
ord3397
ord3714
ord2574
ord6051
ord1768
ord4396
ord5286
ord3365
ord3635
ord1143
ord1165
ord567
ord2286
ord2354
ord2290
ord2294
ord6195
ord942
ord3871
ord823
ord3993
ord3991
ord4155
ord2858
ord2371
ord755
ord470
ord4219
ord6898
ord6330
ord3087
ord693
ord793
ord641
ord815
ord561
ord3733
ord4418
ord4616
ord4075
ord3074
ord3820
ord3826
ord3825
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord5710
ord5285
ord5303
ord1569
ord4692
ord4074
ord2717
ord5298
ord5296
ord3341
ord2388
ord5193
ord1089
ord3917
ord5727
ord2504
ord2546
ord4480
ord6371
ord4269
ord4667
ord538
ord5215
ord825
ord296
ord540
ord861
ord617
ord800
ord3658
ord324
ord5214

msvcrt

_wcmdln
_cexit
_initterm
__setusermatherr
_XcptFilter
__wgetmainargs
exit
_exit
_c_exit
wcsstr
atoi
strstr
sprintf
_itow
swprintf
wcstoul
__CxxFrameHandler
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__dllonexit
_onexit
_controlfp
_except_handler3
_wcsicmp
wcslen
_wcsnicmp
_snprintf
_vsnwprintf
fwrite
fflush
_snwprintf
fseek
fclose
towlower
localtime
_wfopen
time
toupper

kernel32

CloseHandle
GetHandleInformation
CancelIo
ReleaseMutex
CreateMutexA
WaitForSingleObject
CreateEventW
CreateFileW
GetOverlappedResult
ReadFile
WriteFile
GetProcAddress
GetModuleHandleW
GetVersionExW
GetLastError
GetModuleFileNameW
MultiByteToWideChar
FreeLibrary
LoadLibraryW
FormatMessageW
SetLastError
GetSystemDirectoryW
GetSystemTimeAsFileTime
WideCharToMultiByte
GetModuleHandleA
GetStartupInfoW
lstrcpynW
lstrlenW
GetPrivateProfileStringW
FindResourceW
LoadResource
SizeofResource
LockResource
Sleep
lstrcpyW
GetUserDefaultUILanguage
lstrcatW
lstrcmpW

user32

GetSubMenu
MessageBoxW
GetMenuItemCount
GetMenuStringW
GetMenuItemID
ModifyMenuW
DrawMenuBar
GetWindowTextW
SetWindowTextW
GetWindow
GetMenu
EnableWindow
KillTimer
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuW
SendMessageW
GetWindowRect
LoadCursorW
SetTimer
LoadIconW

winspool.drv

GetPrinterW
OpenPrinterW
ClosePrinter

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegEnumKeyExW

setupapi

SetupDiEnumDeviceInterfaces
SetupDiOpenDeviceInterfaceRegKey
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInterfaceDetailW

ws2_32

socket
ioctlsocket
connect
__WSAFDIsSet
closesocket
select
htons
send
WSAGetLastError
WSAStartup
WSAStringToAddressW
WSACleanup
setsockopt
gethostbyname
shutdown
recv

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SebUI32.dll
.dll windows:4 windows x86 arch:x86

8db67ac544ac34746c27f3280dac4690

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GetVersionExW
GetUserDefaultUILanguage
MultiByteToWideChar
FreeLibrary
LoadLibraryW
FormatMessageW
VirtualFree
VirtualAlloc
GetSystemTimeAsFileTime
WideCharToMultiByte
CompareStringW
CompareStringA
SetEndOfFile
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
GetProcAddress
GetStringTypeW
GetStringTypeA
InitializeCriticalSection
Sleep
HeapSize
HeapReAlloc
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
SetFilePointer
DeleteCriticalSection
FlushFileBuffers
CreateFileW
CreateEventW
WriteFile
ReadFile
GetOverlappedResult
GetHandleInformation
WaitForSingleObject
CreateMutexA
ReleaseMutex
CloseHandle
CancelIo
ReleaseActCtx
GetModuleFileNameW
CreateActCtxW
GetSystemDirectoryW
CreateThread
ResumeThread
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LeaveCriticalSection
EnterCriticalSection
IsValidCodePage
SetEnvironmentVariableA
ExitThread
GetWindowsDirectoryW
FindFirstFileW
GetLastError
GetPrivateProfileStringW
FindNextFileW
FindClose
lstrlenW
lstrcatW
lstrcpynW
SetLastError
lstrcpyW
LoadLibraryA
lstrcmpW
GetOEMCP
GetACP
GetCPInfo
ExitProcess
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RaiseException
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
GetCommandLineA
GetCurrentThreadId
RtlUnwind

user32

GetDlgCtrlID
SetDlgItemTextW
EnableWindow
CheckRadioButton
GetDlgItemTextW
CheckDlgButton
FillRect
EndDialog
SetWindowLongW
CallWindowProcW
GetWindowLongW
GetParent
SendMessageW
MessageBoxW
SendDlgItemMessageW
wsprintfW
SetDlgItemInt
GetWindow
ShowWindow
SetWindowTextW
DialogBoxParamW
GetDlgItemInt
GetMenu
GetMenuItemCount
GetMenuStringW
GetMenuItemID
ModifyMenuW
DrawMenuBar
GetSubMenu
IsDlgButtonChecked
GetWindowTextW
IsWindowEnabled
GetSysColor
GetDlgItem

gdi32

StartDocW
StartPage
AbortDoc
EndPage
EndDoc
DeleteDC
CreateSolidBrush
GetTextMetricsW
SetTextColor
SetBkColor
GetTextExtentPoint32W
ExtTextOutW
GetStockObject
SelectObject
DeleteObject
CreateDCW

winspool.drv

GetPrinterW
OpenPrinterW
ClosePrinter

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegOpenKeyExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegEnumKeyExW

shell32

ShellExecuteW

setupapi

SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceInstanceIdW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
SetupDiOpenDeviceInterfaceRegKey

ws2_32

connect
ioctlsocket
socket
select
WSAGetLastError
__WSAFDIsSet
WSAStartup
WSACleanup
shutdown
send
recv
WSAStringToAddressW
closesocket
gethostbyname
setsockopt
htons

Exports

Exports

DevQueryPrintEx
DllMain
DrvConvertDevMode
DrvDeviceCapabilities
DrvDevicePropertySheets
DrvDocumentPropertySheets
DrvPrinterEvent
DrvQueryColorProfile

Sections

.text
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SebUI64.dll
.dll windows:4 windows x64 arch:x64

44daebe1a571d3abf17d25dba3a223bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GetVersionExW
GetUserDefaultUILanguage
MultiByteToWideChar
FreeLibrary
LoadLibraryW
FormatMessageW
GetSystemTimeAsFileTime
WideCharToMultiByte
CompareStringW
CompareStringA
SetEndOfFile
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
GetProcAddress
GetStringTypeW
GetStringTypeA
HeapReAlloc
Sleep
LoadLibraryA
HeapSize
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
HeapDestroy
HeapCreate
HeapSetInformation
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
SetFilePointer
DeleteCriticalSection
FlushFileBuffers
CreateFileW
CreateEventW
WriteFile
ReadFile
GetOverlappedResult
GetHandleInformation
WaitForSingleObject
CreateMutexA
ReleaseMutex
CloseHandle
CancelIo
ReleaseActCtx
GetModuleFileNameW
CreateActCtxW
GetSystemDirectoryW
CreateThread
ResumeThread
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LeaveCriticalSection
EnterCriticalSection
IsValidCodePage
GetOEMCP
ExitThread
lstrcmpW
GetWindowsDirectoryW
FindFirstFileW
GetLastError
GetPrivateProfileStringW
FindNextFileW
FindClose
lstrlenW
lstrcatW
lstrcpynW
SetLastError
lstrcpyW
InitializeCriticalSection
GetACP
GetCPInfo
ExitProcess
FlsAlloc
TlsSetValue
FlsFree
TlsFree
FlsGetValue
GetModuleHandleA
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlPcToFileHeader
RaiseException
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
GetCommandLineA
FlsSetValue
GetCurrentThreadId
RtlUnwindEx
RtlLookupFunctionEntry
SetEnvironmentVariableA

user32

SetWindowLongPtrW
CheckDlgButton
GetDlgCtrlID
SetDlgItemTextW
CallWindowProcW
CheckRadioButton
GetDlgItemTextW
SetDlgItemInt
FillRect
GetWindowLongPtrW
SendMessageW
MessageBoxW
GetParent
SendDlgItemMessageW
wsprintfW
GetDlgItem
SetWindowTextW
ShowWindow
EnableWindow
EndDialog
DialogBoxParamW
GetWindow
GetMenu
GetMenuItemCount
GetMenuStringW
GetMenuItemID
ModifyMenuW
DrawMenuBar
GetSubMenu
IsDlgButtonChecked
GetWindowTextW
IsWindowEnabled
GetSysColor
GetDlgItemInt

gdi32

StartDocW
StartPage
AbortDoc
EndPage
EndDoc
DeleteDC
CreateSolidBrush
GetTextMetricsW
SetTextColor
SetBkColor
GetTextExtentPoint32W
ExtTextOutW
GetStockObject
SelectObject
DeleteObject
CreateDCW

winspool.drv

OpenPrinterW
ClosePrinter
GetPrinterW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegEnumKeyExW
RegOpenKeyExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey

shell32

ShellExecuteW

setupapi

SetupDiOpenDeviceInterfaceRegKey
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceInstanceIdW
SetupDiEnumDeviceInfo
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW

ws2_32

closesocket
__WSAFDIsSet
select
connect
ioctlsocket
socket
setsockopt
WSAGetLastError
gethostbyname
WSAStartup
WSACleanup
shutdown
send
recv
WSAStringToAddressW
htons

Exports

Exports

DevQueryPrintEx
DllMain
DrvConvertDevMode
DrvDeviceCapabilities
DrvDevicePropertySheets
DrvDocumentPropertySheets
DrvPrinterEvent
DrvQueryColorProfile

Sections

.text
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SebUNI32.dll
.dll windows:5 windows x86 arch:x86

b5b891477f01d960f1d80c57c802b6c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_initterm
free
sprintf
swprintf
_wfopen
fseek
_adjust_fdiv
wcsstr
malloc
fread
fclose
??2@YAPAXI@Z
??3@YAXPAX@Z

kernel32

lstrcpynW
lstrlenW
lstrcmpW
lstrcpyW
lstrcatW
InterlockedDecrement
SetLastError
InterlockedIncrement

winspool.drv

GetPrinterW
ClosePrinter
GetJobW
OpenPrinterW

advapi32

RegCreateKeyExW
RegQueryValueExW
RegCloseKey

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 790B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SebUNI64.dll
.dll windows:5 windows x64 arch:x64

300f9bdfa33304ea3380fd3fe625ae5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\code\driversuite\seauni\amd64\SebUni.pdb

Imports

msvcrt

malloc
free
_initterm
wcsstr
??3@YAXPEAX@Z
swprintf
memcpy
memset
_wfopen
fseek
fread
fclose
??2@YAPEAX_K@Z
sprintf

ntdll

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

kernel32

Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
lstrcpynW
lstrlenW
lstrcmpW
lstrcpyW
lstrcatW
SetLastError

winspool.drv

GetPrinterW
ClosePrinter
GetJobW
OpenPrinterW

advapi32

RegCreateKeyExW
RegQueryValueExW
RegCloseKey

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 390B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Sebarar.lng
Sebdede.lng
Sebeses.lng
Sebfrfr.lng
Sebjajp.lng
Sebptpt.lng
Sebruru.lng
Sebzhcn.lng
Sebzhtw.lng
dpinst-x64.exe
.exe windows:6 windows x64 arch:x64

3eacb9638877275335da4b58e52824f8

Code Sign

33:00:00:01:08:e2:33:7a:56:70:40:c0:d5:00:00:00:00:01:08
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

14/09/2023, 19:14

Not After

04/09/2024, 19:14

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

42:c2:fb:c7:fa:03:65:c2:11:7f:6f:57:4b:fb:d7:db:7a:f2:8d:3a:a8:53:5e:0a:34:7d:cc:ad:9c:e4:86:94
Signer

Actual PE Digest

42:c2:fb:c7:fa:03:65:c2:11:7f:6f:57:4b:fb:d7:db:7a:f2:8d:3a:a8:53:5e:0a:34:7d:cc:ad:9c:e4:86:94

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

DpInst.pdb

Imports

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
IsTextUnicode
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetEntriesInAclW
DeleteService
CloseServiceHandle
ControlService
StartServiceW
OpenServiceW
ConvertStringSecurityDescriptorToSecurityDescriptorW
OpenSCManagerW
QueryServiceStatus
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
CheckTokenMembership

kernel32

CreateMutexW
ReleaseMutex
SetFilePointer
HeapAlloc
GetProcessHeap
HeapFree
LoadLibraryW
GetProcAddress
GetStdHandle
GetConsoleMode
SetConsoleMode
ReadConsoleOutputW
FillConsoleOutputCharacterW
SetConsoleCursorPosition
FreeConsole
FreeLibrary
WriteConsoleOutputW
WriteConsoleW
IsValidLocale
VirtualProtect
Sleep
GetFileAttributesW
DeleteFileW
FormatMessageW
RaiseException
CopyFileW
SetFileAttributesW
GetTempFileNameW
FindClose
FindNextFileW
CompareStringW
lstrcmpW
FindFirstFileW
lstrlenW
UnmapViewOfFile
GetConsoleScreenBufferInfo
CreateFileMappingW
LCMapStringW
WaitForMultipleObjectsEx
WaitForSingleObjectEx
SetEndOfFile
CreateEventW
SetEvent
LocalReAlloc
DeviceIoControl
VerifyVersionInfoW
VerSetConditionMask
GetSystemDirectoryW
GetCurrentDirectoryW
GetSystemWindowsDirectoryW
GetShortPathNameW
RemoveDirectoryW
MoveFileExW
CreateDirectoryW
GetFullPathNameW
SetLastError
GetLocaleInfoW
LoadLibraryExW
GetSystemDefaultUILanguage
SearchPathW
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleW
SetUnhandledExceptionFilter
OutputDebugStringA
GetStartupInfoW
GetEnvironmentVariableW
lstrcmpiW
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapSize
HeapReAlloc
HeapDestroy
GetFileSize
CreateThread
SetThreadLocale
GetThreadLocale
WriteFile
CreateFileW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
GetCurrentProcess
GetVersionExW
GetLocalTime
GetWindowsDirectoryW
SetCurrentDirectoryW
GetUserDefaultUILanguage
EnumResourceLanguagesW
GetModuleFileNameW
GetExitCodeProcess
WaitForSingleObject
LocalFree
GlobalFree
LocalAlloc
GetLastError
GetCommandLineW
CloseHandle
MapViewOfFile

gdi32

CreateBitmap
CreateCompatibleBitmap
GetObjectW
DeleteDC
SetLayout
CreateCompatibleDC
EndPage
StartPage
EndDoc
StartDocW
GetTextMetricsW
CreateFontIndirectW
GetDeviceCaps
DeleteObject
SelectObject

user32

DestroyIcon
CreateIconIndirect
DrawIconEx
GetIconInfo
LoadIconW
LoadBitmapW
CharLowerW
UnregisterClassA
PostQuitMessage
DefWindowProcW
RegisterClassExW
CreateWindowExW
ShowWindow
AllowSetForegroundWindow
DialogBoxParamW
SetDlgItemTextW
EndDialog
MessageBoxW
GetDlgItem
SendMessageW
GetProcessWindowStation
GetUserObjectInformationW
LoadImageW
SetWindowTextW
PostMessageW
GetParent
IsDlgButtonChecked
CheckDlgButton
SetFocus
CallWindowProcW
GetWindowLongPtrW
SetWindowLongPtrW
SendDlgItemMessageW
InvalidateRect
GetSystemMetrics
GetSysColor
DestroyWindow
SetWindowLongW
SystemParametersInfoW
GetDC
ReleaseDC
DrawTextExW

msvcrt

_wcmdln
exit
_cexit
_exit
_XcptFilter
__wgetmainargs
_resetstkoflw
__C_specific_handler
memset
_wcsupr
_wcslwr
_errno
__CxxFrameHandler
fread
_initterm
fclose
fwprintf
_wfopen
realloc
??2@YAPEAX_K@Z
wcsstr
_wcsicmp
_wtol
_vscwprintf
free
malloc
??_V@YAXPEAX@Z
??3@YAXPEAX@Z
_amsg_exit
__setusermatherr
_commode
_fmode
__set_app_type
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
??1type_info@@UEAA@XZ
memcpy
memmove
_CxxThrowException
mbtowc
__mb_cur_max
isleadbyte
_iob
_snprintf
_itoa
ferror
__badioinfo
__pioinfo
_fileno
_lseeki64
_write
_isatty
_wcsnicmp
_vsnwprintf
wcsncmp
bsearch
?_set_se_translator@@YAP6AXIPEAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
iswalpha
??_U@YAPEAX_K@Z
wcschr
wcspbrk
wcsrchr
iswdigit
feof
memcmp

ntdll

NtQueryInformationToken
RtlNtStatusToDosError
NtClose
NtOpenThreadToken
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
NtOpenProcessToken

shell32

ord59
CommandLineToArgvW
SHGetFolderPathW
ShellExecuteExW

setupapi

SetupDiSetDeviceRegistryPropertyW
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status
SetupDiOpenDevRegKey
SetupDiEnumDeviceInfo
pSetupSetGlobalFlags
SetupDefaultQueueCallbackW
pSetupGetGlobalFlags
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupGetFieldCount
SetupGetIntField
SetupGetStringFieldW
SetupFindNextMatchLineW
SetupFindNextLine
SetupInstallServicesFromInfSectionW
SetupInstallFromInfSectionW
SetupPromptReboot
SetupDiGetDeviceInstanceIdW
SetupFindFirstLineW
SetupOpenAppendInfFileW
SetupGetLineCountW
SetupDiGetActualSectionToInstallW
SetupCloseInfFile
SetupOpenInfFileW
SetupDiGetSelectedDriverW
SetupCommitFileQueueW
SetupTermDefaultQueueCallback
SetupInitDefaultQueueCallbackEx
SetupQueueCopyW
CMP_WaitNoPendingInstallEvents
SetupCloseFileQueue
SetupOpenFileQueue
SetupDiGetDriverInfoDetailW
SetupDiSetClassInstallParamsW
SetupDiOpenDeviceInfoW
SetupDiSetSelectedDevice
SetupDiCreateDeviceInfoList
SetupDiGetDeviceInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiBuildDriverInfoList
SetupInstallFilesFromInfSectionW
SetupDiCallClassInstaller
SetupDiClassNameFromGuidW
SetupDiOpenClassRegKey
CM_Enumerate_Classes
CM_Get_Device_ID_ListW
CM_Get_Device_ID_List_SizeW
CM_Locate_DevNodeW
CM_Query_And_Remove_SubTreeW
CM_Setup_DevNode
CM_Get_Device_IDW
SetupCopyOEMInfW
SetupGetTargetPathW

wintrust

CryptCATAdminCalcHashFromFileHandle
WinVerifyTrust

ole32

CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance
StringFromCLSID

oleaut32

VariantInit
VariantClear
SysAllocString
SysFreeString
VariantChangeType

comctl32

PropertySheetW
CreatePropertySheetPageW
ImageList_Create
ImageList_ReplaceIcon
ImageList_SetBkColor

comdlg32

PrintDlgExW
GetSaveFileNameW

crypt32

CertFreeCTLContext
CertFreeCertificateContext
CertGetCTLContextProperty
CryptQueryObject

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 510KB - Virtual size: 510KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 471KB - Virtual size: 471KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dpinst-x86.exe
.exe windows:6 windows x86 arch:x86

3ab7cc62e4963955ad408cd420cd8ef1

Code Sign

33:00:00:01:08:e2:33:7a:56:70:40:c0:d5:00:00:00:00:01:08
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

14/09/2023, 19:14

Not After

04/09/2024, 19:14

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:51:fd:7a:95:8e:2b:d9:60:b5:cc:4f:0b:7a:1c:a8:5b:57:40:67:56:01:8f:4f:b7:fd:72:ad:3b:88:c6:1a
Signer

Actual PE Digest

52:51:fd:7a:95:8e:2b:d9:60:b5:cc:4f:0b:7a:1c:a8:5b:57:40:67:56:01:8f:4f:b7:fd:72:ad:3b:88:c6:1a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

DpInst.pdb

Imports

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
IsTextUnicode
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAce
InitializeAcl
GetLengthSid
SetEntriesInAclW
DeleteService
StartServiceW
ControlService
OpenSCManagerW
CloseServiceHandle
OpenServiceW
QueryServiceStatus
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
CheckTokenMembership
ConvertStringSecurityDescriptorToSecurityDescriptorW

kernel32

GetFileAttributesW
DeleteFileW
ReleaseMutex
SetFilePointer
HeapFree
GetProcessHeap
HeapAlloc
CreateMutexW
FreeConsole
SetConsoleMode
SetConsoleCursorPosition
GetConsoleScreenBufferInfo
FreeLibrary
FillConsoleOutputCharacterW
ReadConsoleOutputW
GetConsoleMode
GetStdHandle
GetProcAddress
LoadLibraryW
WriteConsoleW
IsValidLocale
lstrlenW
lstrcmpW
CompareStringW
GetTempFileNameW
FindFirstFileW
FindNextFileW
FindClose
CopyFileW
SetFileAttributesW
FormatMessageW
RaiseException
GetFileSize
CreateFileMappingW
MapViewOfFile
WriteConsoleOutputW
UnmapViewOfFile
InterlockedDecrement
InterlockedIncrement
CreateFileW
WriteFile
CreateThread
WaitForMultipleObjectsEx
InterlockedCompareExchange
WaitForSingleObjectEx
SetEvent
CreateEventW
GetExitCodeProcess
DeviceIoControl
VerSetConditionMask
VerifyVersionInfoW
CreateDirectoryW
RemoveDirectoryW
GetCurrentDirectoryW
GetShortPathNameW
GetFullPathNameW
GetSystemDirectoryW
GetSystemWindowsDirectoryW
MoveFileExW
SearchPathW
GetSystemDefaultUILanguage
LoadLibraryExW
CreateFileA
SetEndOfFile
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
GetConsoleCP
GetLocaleInfoA
Sleep
LoadLibraryExA
ReadFile
LCMapStringW
LCMapStringA
GetThreadLocale
SetThreadLocale
GetUserDefaultUILanguage
GetVersionExW
GetLocalTime
GetWindowsDirectoryW
GetModuleFileNameW
SetCurrentDirectoryW
WaitForSingleObject
GetOEMCP
GetACP
GetCPInfo
UnhandledExceptionFilter
TerminateProcess
OutputDebugStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
ExitProcess
GetModuleHandleA
SetUnhandledExceptionFilter
VirtualQuery
GetSystemInfo
GetModuleHandleW
VirtualAlloc
VirtualProtect
GetStartupInfoW
GetEnvironmentVariableW
lstrcmpiW
WideCharToMultiByte
InterlockedExchange
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
GetCommandLineW
LocalAlloc
GlobalFree
LocalFree
MultiByteToWideChar
GetCurrentProcess
GetLastError
CloseHandle
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
EnumResourceLanguagesW
LocalReAlloc
EnterCriticalSection

gdi32

SetLayout
DeleteDC
GetObjectW
CreateCompatibleBitmap
CreateBitmap
SelectObject
StartPage
EndPage
StartDocW
EndDoc
GetTextMetricsW
GetDeviceCaps
CreateFontIndirectW
DeleteObject
CreateCompatibleDC

user32

AllowSetForegroundWindow
DefWindowProcW
PostQuitMessage
GetUserObjectInformationW
GetProcessWindowStation
GetIconInfo
DrawIconEx
CreateIconIndirect
LoadIconW
LoadBitmapW
DrawTextExW
LoadImageW
GetSystemMetrics
GetSysColor
DestroyWindow
GetWindowLongW
SendDlgItemMessageW
InvalidateRect
SystemParametersInfoW
GetDC
ReleaseDC
SetWindowLongW
SetWindowTextW
GetParent
PostMessageW
IsDlgButtonChecked
CheckDlgButton
SetFocus
CallWindowProcW
DestroyIcon
DialogBoxParamW
SetDlgItemTextW
CharLowerW
GetDlgItem
SendMessageW
MessageBoxW
RegisterClassExW
CreateWindowExW
ShowWindow
UnregisterClassA
EndDialog

ntdll

RtlNtStatusToDosError
NtOpenThreadToken
NtQueryInformationToken
NtOpenProcessToken
RtlUnwind
NtClose

shell32

SHGetFolderPathW
ShellExecuteExW
ord59
CommandLineToArgvW

setupapi

SetupDiClassNameFromGuidW
SetupDiOpenClassRegKey
SetupInstallFilesFromInfSectionW
SetupPromptReboot
SetupInstallFromInfSectionW
SetupInstallServicesFromInfSectionW
SetupDiGetActualSectionToInstallW
SetupFindNextLine
SetupFindNextMatchLineW
SetupOpenInfFileW
SetupGetLineCountW
SetupCloseInfFile
SetupFindFirstLineW
SetupGetStringFieldW
pSetupSetGlobalFlags
pSetupGetGlobalFlags
SetupGetFieldCount
SetupGetIntField
SetupOpenAppendInfFileW
SetupDiSetClassInstallParamsW
SetupDiGetClassDevsW
SetupDiGetSelectedDriverW
SetupDiGetDriverInfoDetailW
CM_Enumerate_Classes
CM_Get_DevNode_Status
SetupDiCreateDeviceInfoList
SetupDiSetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdW
SetupDiOpenDevRegKey
SetupDiOpenDeviceInfoW
SetupDiSetSelectedDevice
SetupDiGetDeviceInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiBuildDriverInfoList
SetupDiCallClassInstaller
SetupDiGetDeviceRegistryPropertyW
SetupGetTargetPathW
SetupQueueCopyIndirectW
SetupQueueCopyW
SetupOpenFileQueue
SetupInitDefaultQueueCallbackEx
SetupDefaultQueueCallbackW
SetupCommitFileQueueW
SetupTermDefaultQueueCallback
SetupCloseFileQueue
SetupCopyOEMInfW
CM_Locate_DevNodeW
CM_Get_Device_ID_List_SizeW
CM_Get_Device_ID_ListW
CM_Get_Device_IDW
CM_Setup_DevNode
SetupDiEnumDeviceInfo
CMP_WaitNoPendingInstallEvents
CM_Query_And_Remove_SubTreeW

wintrust

WinVerifyTrust
CryptCATAdminCalcHashFromFileHandle

ole32

CoTaskMemFree
StringFromCLSID
CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

VariantInit
VariantClear
VariantChangeType
SysAllocString
SysFreeString

comctl32

CreatePropertySheetPageW
ImageList_ReplaceIcon
ImageList_SetBkColor
PropertySheetW
ImageList_Create

comdlg32

PrintDlgExW
GetSaveFileNameW

crypt32

CertFreeCertificateContext
CertFreeCTLContext
CertGetCTLContextProperty
CryptQueryObject

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 392KB - Virtual size: 391KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 471KB - Virtual size: 471KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
seaoryrx.cat
uninstall.exe.nsis

Sharing

General

Malware Config

Signatures

Files

61259b55b8912888e90f516ca08dc514

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6eCertificate

Extended Key Usages

Key Usages

98:f0:e5:10:70:fd:b4:39:4a:74:b8:72:0c:e2:37:69Certificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6eCertificate

Extended Key Usages

Key Usages

98:f0:e5:10:70:fd:b4:39:4a:74:b8:72:0c:e2:37:69Certificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

f8:e0:7f:20:f6:53:60:96:60:ff:45:be:ec:61:49:ff:11:9d:af:85:81:74:a4:66:e1:c7:2f:05:f2:48:ce:abSigner

a8:df:d2:a3:7b:b6:a9:cc:e7:43:c6:19:fb:81:02:c3:31:2b:4e:edSigner

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shell32

ole32

comctl32

user32

gdi32

kernel32

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 128KB

.ndata Size: - Virtual size: 148KB

.rsrc Size: 22KB - Virtual size: 22KB

fc0224e99e736751432961db63a41b76

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 1024B - Virtual size: 867B

.data Size: 512B - Virtual size: 120B

.reloc Size: 1024B - Virtual size: 662B

0ef725341a4aecf8398c0e2132f38049

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

advapi32

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

98:f0:e5:10:70:fd:b4:39:4a:74:b8:72:0c:e2:37:69
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

98:f0:e5:10:70:fd:b4:39:4a:74:b8:72:0c:e2:37:69
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

f8:e0:7f:20:f6:53:60:96:60:ff:45:be:ec:61:49:ff:11:9d:af:85:81:74:a4:66:e1:c7:2f:05:f2:48:ce:ab
Signer

a8:df:d2:a3:7b:b6:a9:cc:e7:43:c6:19:fb:81:02:c3:31:2b:4e:ed
Signer

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 128KB

.ndata
Size: - Virtual size: 148KB

.rsrc
Size: 22KB - Virtual size: 22KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 1024B - Virtual size: 867B

.data
Size: 512B - Virtual size: 120B

.reloc
Size: 1024B - Virtual size: 662B

.text
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 100B

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 638B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 420B

.text
Size: 64KB - Virtual size: 62KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 8KB - Virtual size: 25KB

.rsrc
Size: 4KB - Virtual size: 3KB

.text
Size: 79KB - Virtual size: 79KB

.rdata
Size: 33KB - Virtual size: 33KB

.data
Size: 6KB - Virtual size: 27KB