4a08970b50383c600ae2377d2e11774d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4a08970b50383c600ae2377d2e11774d_JaffaCakes118
Size

2.1MB
MD5

4a08970b50383c600ae2377d2e11774d
SHA1

8f7966c1d8c82c85e1d98484111d14b2eac978ca
SHA256

4707c98109eb83941975dd009752695e0949be57ab1813bc11b0f918b2cf55ca
SHA512

914e34e21e7bd6ae924c24664e27532052bfc71a71e7acb45b7d2d5d0dcbd05a950e701b4bd8b8ac10b8294037f6c94067f74ec251cc9da9d2d377ea9e05c1b5
SSDEEP

49152:scNK6NtLYPe5YCr+PaFqa/RGx+3b/ajfe/lfBsGkKBhS6repQMwP:s2KbsmoqiQK0W1BsPws4yc

Score

3^/10

Malware Config

Signatures

Unsigned PE 18 IoCs

Checks for missing Authenticode signature.

resource
4a08970b50383c600ae2377d2e11774d_JaffaCakes118
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/inetc.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/BurningGUIS.dll
unpack001/MPEG2Transfer.dll
unpack001/TotallyFreeDVDTranscoder.exe
unpack001/VideoDVDBurner.exe
unpack001/Winaspi/aspichk.exe
unpack001/Winaspi/aspiinst.exe
unpack001/Winaspi/aspixp.sys
unpack001/Winaspi/reg_xp.exe
unpack001/Winaspi/wnaspi64.dll
unpack001/Winaspi/wnaspixp.dll
unpack001/uninst.exe
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/nsDialogs.dll
unpack001/wnaspi32.dll

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/uninst.exe	nsis_installer_1
static1/unpack001/uninst.exe	nsis_installer_2

Files

4a08970b50383c600ae2377d2e11774d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/inetc.dll
.dll windows:4 windows x86 arch:x86

e886a412cdaf11998a8eeffda508e913

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_mbschr
_adjust_fdiv
malloc
_initterm
free
strlen
strchr
strrchr
_mbsrchr
strtoul
memset
_mbsstr
strtol

kernel32

GlobalFree
CreateThread
WaitForSingleObject
TerminateThread
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc
LoadLibraryA
GetProcAddress
lstrcmpiA
CreateFileA
GetFileSize
lstrlenA
WriteFile
ReadFile
lstrcmpA
lstrcpynA
lstrcatA
GetLastError
DeleteFileA
CloseHandle
SleepEx
SetFilePointer
GetTickCount

user32

MessageBoxA
GetParent
ShowWindow
SetWindowLongA
IsWindow
SetWindowTextA
SendDlgItemMessageA
GetDlgItem
PostMessageA
GetWindowTextA
SendMessageA
SetDlgItemTextA
SetWindowPos
SystemParametersInfoA
GetClientRect
GetWindowRect
SetTimer
LoadIconA
DestroyWindow
KillTimer
UpdateWindow
RedrawWindow
DispatchMessageA
TranslateMessage
IsDialogMessageA
GetMessageA
IsWindowVisible
EnableWindow
CreateDialogParamA
FindWindowExA
wsprintfA
GetWindowLongA

wininet

HttpSendRequestA
HttpSendRequestExA
HttpQueryInfoA
FtpCreateDirectoryA
FtpOpenFileA
InternetGetLastResponseInfoA
InternetSetFilePointer
InternetSetOptionA
InternetQueryOptionA
InternetCloseHandle
InternetErrorDlg
HttpAddRequestHeadersA
HttpOpenRequestA
HttpEndRequestA
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetReadFile
InternetWriteFile

comctl32

ord17

Exports

Exports

get
head
post
put

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

1e2884056e655f2b7bc5a904e352fc80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
GetProcessHeap
SetCurrentDirectoryA

user32

GetPropA
DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
RemovePropA
CharPrevA
GetWindowLongA
DrawTextA
GetWindowTextA
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapWindowPoints
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
MapDialogRect
GetClientRect
CharNextA
SendMessageA
DrawFocusRect

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BurningGUIS.dll
.dll windows:4 windows x86 arch:x86

037d281f4253598a826b0106c1ba3aad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsFree
GlobalFlags
InterlockedIncrement
GetCPInfo
GetOEMCP
ExitProcess
HeapAlloc
HeapFree
RtlUnwind
GetCommandLineA
RaiseException
GetSystemTimeAsFileTime
HeapReAlloc
ExitThread
TerminateProcess
HeapSize
GetCurrentProcessId
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
LocalReAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetSystemInfo
VirtualQuery
SetStdHandle
GetLocaleInfoW
SetEnvironmentVariableA
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GetFileTime
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
InterlockedDecrement
VirtualProtect
SuspendThread
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
lstrcpyA
GetModuleHandleA
SetLastError
MulDiv
GlobalAlloc
FormatMessageA
lstrcpynA
LocalFree
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
ReadFile
GetFileSize
CreateThread
WaitForMultipleObjects
ReleaseSemaphore
CreateSemaphoreA
SetEvent
SetErrorMode
LoadLibraryA
GetProcAddress
FreeLibrary
GetTickCount
GetTimeZoneInformation
GetLocalTime
TerminateThread
InitializeCriticalSection
SleepEx
CreateEventA
ResetEvent
WaitForSingleObject
GetDriveTypeA
DeviceIoControl
ResumeThread
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetLastError
GetFileAttributesA
FindNextFileA
WritePrivateProfileStringA
FindFirstFileA
SystemTimeToFileTime
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
SetFilePointer
OutputDebugStringA
GetCurrentProcess
GetPriorityClass
SetPriorityClass
GetCurrentThread
GetThreadPriority
SetThreadPriority
QueryPerformanceFrequency
QueryPerformanceCounter
CloseHandle
WriteFile
CreateFileA
GetPrivateProfileStringA
GetModuleFileNameA
Sleep
lstrlenA
lstrcmpiA
CompareStringW
CompareStringA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
IsBadWritePtr
InterlockedExchange

user32

MapDialogRect
GetAsyncKeyState
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
wsprintfA
ShowWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
MessageBoxA
GetKeyState
SetForegroundWindow
UpdateWindow
GetClientRect
GetMenu
GetSysColor
SetCursor
ScreenToClient
GetClassInfoA
RegisterClassA
UnregisterClassA
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetMenuState
CharUpperA
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
PeekMessageA
PostQuitMessage
GetClassNameA
GetTopWindow
GetWindow
RegisterWindowMessageA
EnableWindow
PostMessageA
SendMessageA
AdjustWindowRectEx
DestroyMenu
LoadCursorA
GetSysColorBrush
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
IsWindowVisible

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
DeleteObject
GetClipBox
SetMapMode
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SetBkColor
GetDeviceCaps
SetTextColor

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey

comctl32

ord17
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oleaut32

VariantInit
VariantChangeType
VariantClear

oleacc

LresultFromObject
CreateStdAccessibleObject

Exports

Exports

Abort
AddDir
AddFile
AudioFileStop
BuildISO
Burn
BurnDialog
BurnISO
CheckLicenseKey
ClearAll
CloseDevice
CloseSession
ConvertSpeedFromKBPerSec
CreateDir
CreateProject
DeInitialize
DeleteProject
EjectDevice
Erase
EraseDialog
GetBurnDoneEventCallback
GetBurnSpeed
GetDevice
GetDeviceCapabilities
GetDeviceInformation
GetDevices
GetEraseDoneEventCallback
GetFinalizeEventCallback
GetImageSize
GetInfoTextEventCallback
GetLanguage
GetMaxBurnSpeed
GetMaxReadSpeed
GetMediumInformation
GetOptions
GetPlayTime
GetPossibleBurnSpeeds
GetPossibleReadSpeeds
GetProcessEventCallback
GetProjectType
GetReadSpeed
GetSessionInformation
GetText
GetTmpPath
Initialize
IsDeviceReady
PlayAudioFile
Prepare
PrepareISO
RemoveDir
RemoveFile
ResetCallbacks
SaveDeviceSettingsToRegistry
SaveOptionsToRegistry
SetASPI
SetAddFileEventCallback
SetAudioDecodeDoneEventCallback
SetAudioDecoderEventCallback
SetBurnDoneEventCallback
SetBurnSpeed
SetDevice
SetDeviceSettingsFromRegistry
SetEraseDoneEventCallback
SetFinalizeEventCallback
SetGetTextEventCallback
SetInfoTextEventCallback
SetLanguage
SetOptions
SetOptionsFromRegistry
SetProcessEventCallback
SetReadSpeed
SetRemoveFileEventCallback
SetTmpPath
SetVideoScanDoneEventCallback
SetVideoScannerEventCallback

Sections

.text
Size: 536KB - Virtual size: 535KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 6.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MPEG2Transfer.dll
.dll windows:4 windows x86 arch:x86

2b45ff82c965998d5c73d4d74883d685

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Laptop\WUTemp\DVDTransfer44\MPEG2Transfer\MPEG2Transfer\Release\MPEG2Transfer.pdb

Imports

wnaspi32

ord1
ord2

kernel32

GlobalFindAtomA
GlobalGetAtomNameA
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
GetCPInfo
GetOEMCP
ExitProcess
HeapAlloc
HeapFree
RtlUnwind
GetCommandLineA
TerminateProcess
RaiseException
HeapSize
HeapReAlloc
lstrcmpW
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
VirtualProtect
GetSystemInfo
VirtualQuery
GlobalFlags
InterlockedIncrement
WritePrivateProfileStringA
SetErrorMode
lstrcatA
InterlockedDecrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
SetLastError
GlobalFree
GlobalUnlock
lstrcpynA
GlobalAddAtomA
FindResourceA
LoadResource
LockResource
SizeofResource
GetCurrentThread
GetCurrentThreadId
GlobalLock
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
LoadLibraryA
GetDriveTypeA
FindClose
CopyFileA
FindFirstFileA
FindNextFileA
CreateDirectoryA
GetTickCount
GetFileAttributesExA
VirtualUnlock
VirtualFree
GetLastError
FormatMessageA
LocalFree
VirtualAlloc
VirtualLock
GetFileSizeEx
SetEvent
WriteFile
GetFileSize
ReadFile
GetFullPathNameA
CreateFileA
DeviceIoControl
WaitForSingleObject
CloseHandle
CreateEventA
lstrlenA
lstrcmpiA
GetVersion
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
QueryPerformanceCounter

user32

RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
SetWindowPos
ShowWindow
SetWindowLongA
GetDlgItem
LoadCursorA
GetSystemMetrics
GetSysColorBrush
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
SetWindowTextA
GetClassNameA
UnregisterClassA
UnhookWindowsHookEx
GetSysColor
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetMenuItemBitmaps
GetFocus
ModifyMenuA
GetMenuState
DestroyMenu
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
SendMessageA
SetCursor
PostMessageA
PostQuitMessage
wsprintfA
MessageBoxA
GetWindowTextA

gdi32

DeleteDC
GetStockObject
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
CreateBitmap
CreateDIBitmap
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
SetViewportOrgEx

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegQueryValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA

oleaut32

VariantClear
VariantChangeType
VariantInit

oleacc

CreateStdAccessibleObject
LresultFromObject

Exports

Exports

??0Transfer@@QAE@ABV0@@Z
??0Transfer@@QAE@XZ
??0TransferAlert@@QAE@ABV0@@Z
??0TransferAlert@@QAE@XZ
??1Transfer@@QAE@XZ
??1TransferAlert@@QAE@XZ
??4Transfer@@QAEAAV0@ABV0@@Z
??4TransferAlert@@QAEAAV0@ABV0@@Z
??_7Transfer@@6B@
??_7TransferAlert@@6B@
?AddAlert@TransferAlert@@UAEXH@Z
?CallBack@TransferAlert@@UAEHHHPAX@Z
?CopyAllFiles@Transfer@@MAEXPAD0@Z
?EvaluatePath@Transfer@@MAE_JPAD@Z
?GenerateIgnoreTable@Transfer@@MAEHHH@Z
?GetActualFileName@Transfer@@UAEPADXZ
?GetAlert@TransferAlert@@UAE_NH@Z
?GetAllAlert@TransferAlert@@UAEHXZ
?GetAuthorizeDrive@Transfer@@UAEHXZ
?GetCompressionRatio@Transfer@@UAEMXZ
?GetElapsedTimeSec@Transfer@@UAEHXZ
?GetEstimatedTimeSec@Transfer@@UAEHXZ
?GetFileSizeSECT@Transfer@@IAEHPAD@Z
?GetNumFrames@Transfer@@UAEHXZ
?GetNumVTS@Transfer@@UAEHXZ
?GetNumVTSLang@Transfer@@UAEHH@Z
?GetNumVTSSub@Transfer@@UAEHH@Z
?GetPreviewDC@TransferAlert@@UAEPAUHDC__@@XZ
?GetReadBufferOccupancyKB@Transfer@@UAEHXZ
?GetReadKB@Transfer@@UAEHXZ
?GetReadLimitKB@Transfer@@UAEHXZ
?GetRemainingTimeSec@Transfer@@UAEHXZ
?GetUseDeCSS@Transfer@@UAEHXZ
?GetVOBSizeMB@Transfer@@MAEHPADHH@Z
?GetVOBSizeSECT@Transfer@@MAEHPADHH@Z
?GetVTSLangDesc@Transfer@@UAEHHHPADH@Z
?GetVTSLangSelected@Transfer@@UAEHHH@Z
?GetVTSSize@Transfer@@UAEHH@Z
?GetVTSSubDesc@Transfer@@UAEHHHPADH@Z
?GetVTSSubSelected@Transfer@@UAEHHH@Z
?GetWriteBufferOccupancyKB@Transfer@@UAEHXZ
?GetWrittenKB@Transfer@@UAEHXZ
?Open@Transfer@@UAEHPADHH@Z
?SearchEncryption@Transfer@@MAEHPAD0@Z
?SendAlert@TransferAlert@@UAEHHH@Z
?SetAlert@Transfer@@UAEXPAVTransferAlert@@@Z
?SetAuthorizeDrive@Transfer@@UAEX_N@Z
?SetCallBack@TransferAlert@@UAEXP6GHHHPAX0@Z0@Z
?SetPreviewDC@TransferAlert@@UAEXPAUHDC__@@@Z
?SetTransfer@TransferAlert@@UAEXPAX@Z
?SetUseDeCSS@Transfer@@UAEX_N@Z
?SetVTSLangSelected@Transfer@@UAEHHHH@Z
?SetVTSSubSelected@Transfer@@UAEHHHH@Z
?SubAlert@TransferAlert@@UAEXH@Z
?SubAllAlert@TransferAlert@@UAEXXZ
?TransferFile@Transfer@@UAEHPAD0HHHHH0@Z
?TransferFiles@Transfer@@MAEHPAD0HH0@Z
?TransferPath@Transfer@@UAEHPAD0@Z
AddAlert
GetActualFileName
GetAlert
GetAllAlert
GetAuthorizeDrive
GetCompressionRatio
GetElapsedTimeSec
GetEstimatedTimeSec
GetNumFrames
GetNumVTS
GetNumVTSLang
GetNumVTSSub
GetReadBufferOccupancyKB
GetReadKB
GetReadLimitKB
GetRemainingTimeSec
GetUseDeCSS
GetVTSLangDesc
GetVTSLangSelected
GetVTSSize
GetVTSSubDesc
GetVTSSubSelected
GetWriteBufferOccupancyKB
GetWrittenKB
Open
SetAuthorizeDrive
SetCallBack
SetPreviewDC
SetUseDeCSS
SetVTSLangSelected
SetVTSSubSelected
SubAlert
SubAllAlert
TransferFile
TransferPath

Sections

.text
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TotallyFreeDVDTranscoder.exe
.exe windows:4 windows x86 arch:x86

7c55c62ca28c47a486e5be7f437fb773

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetTickCount
GlobalAddAtomA
GetModuleHandleA
GlobalFree
GlobalDeleteAtom
GlobalGetAtomNameA
FreeConsole
GetEnvironmentVariableA
VirtualProtect
VirtualAlloc
GetProcAddress
GetLastError
LoadLibraryA
SetLastError
GetVersionExA
SetThreadPriority
GetCurrentThread
CreateProcessA
GetCommandLineA
GetStartupInfoA
SetEnvironmentVariableA
ReleaseMutex
WaitForSingleObject
CreateMutexA
OpenMutexA
GetCurrentThreadId
CloseHandle
ReadFile
GetFileSize
CreateFileA
VirtualQueryEx
FindClose
FindFirstFileA
FindFirstFileW
GetModuleFileNameW
GetExitCodeProcess
ReadProcessMemory
ContinueDebugEvent
SetThreadContext
GetThreadContext
WaitForDebugEvent
SuspendThread
DebugActiveProcess
ResumeThread
CreateProcessW
GlobalAlloc
GetStartupInfoW
MapViewOfFile
DuplicateHandle
GetCurrentProcess
CreateFileMappingA
VirtualProtectEx
WriteProcessMemory
ExitProcess
CompareStringA
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
CompareStringW
MultiByteToWideChar
SetFilePointer
HeapReAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapFree
HeapAlloc
GetVersion
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
TerminateProcess
GlobalLock
GlobalUnlock
CreateThread
Sleep
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetCurrentProcessId
GetModuleFileNameA
GetCommandLineW
GetShortPathNameA

user32

GetDesktopWindow
MoveWindow
SetPropA
EnumThreadWindows
GetPropA
WaitForInputIdle
GetMessageA
BeginPaint
EndPaint
KillTimer
GetAsyncKeyState
GetSystemMetrics
SetTimer
SetWindowTextA
GetDlgItem
CreateDialogIndirectParamA
ShowWindow
UpdateWindow
LoadStringA
LoadStringW
FindWindowA
DestroyWindow
MessageBoxA
InSendMessage
UnpackDDElParam
FreeDDElParam
DefWindowProcA
LoadCursorA
CreateWindowExA
GetWindowThreadProcessId
SendMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
EnumWindows
PackDDElParam
PostMessageA
IsWindow
RegisterClassA

gdi32

DeleteObject
CreateDCA
SelectPalette
RealizePalette
CreateDIBitmap
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
CreatePalette

Sections

CODE
Size: - Virtual size: 716KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 52KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc1
Size: 12KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pdata
Size: 552KB - Virtual size: 576KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VideoDVDBurner.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 591KB - Virtual size: 590KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Winaspi/README.TXT
Winaspi/RELNOTES.DOC
.doc windows office2003
Winaspi/apix46.vx_
Winaspi/aspi2k.sy_
Winaspi/aspi32.sy_
Winaspi/aspi64.sys
Winaspi/aspichk.exe
.exe windows:4 windows x86 arch:x86

1beaf806beb09c22a7fb68827510a04a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

RtlUnwind
GetCommandLineA
HeapFree
TerminateProcess
GetStartupInfoA
HeapAlloc
ExitProcess
HeapReAlloc
HeapSize
GetACP
GetEnvironmentVariableA
HeapDestroy
HeapCreate
RaiseException
VirtualAlloc
IsBadWritePtr
GetTimeZoneInformation
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
VirtualFree
SizeofResource
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileAttributesA
GetTickCount
FileTimeToLocalFileTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
SetErrorMode
GetOEMCP
GetCPInfo
GetThreadLocale
GetProcessVersion
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetLastError
FormatMessageA
LocalFree
CreateFileA
GetFileSize
GetFileTime
CloseHandle
FileTimeToSystemTime
GetWindowsDirectoryA
GetSystemDirectoryA
GetVersionExA
GetProfileStringA
WritePrivateProfileStringA
GlobalFlags
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalFree
LockResource
FindResourceA
LoadResource
GlobalUnlock
MulDiv
GetModuleHandleA
GetProcAddress
SetLastError
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetFileType
SetUnhandledExceptionFilter
UnhandledExceptionFilter

user32

CharNextA
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
MessageBeep
InvalidateRect
CharUpperA
InflateRect
RegisterClipboardFormatA
PostThreadMessageA
GetDesktopWindow
LoadCursorA
DestroyMenu
LoadStringA
wvsprintfA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
CopyRect
GetTopWindow
IsChild
GetSysColorBrush
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
PtInRect
GetClassNameA
WinHelpA
GetCapture
CreateWindowExA
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
PostQuitMessage
PostMessageA
EnableWindow
GetSysColor
MessageBoxExA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetWindowRect
LoadBitmapA
GetSystemMenu
AppendMenuA
SendMessageA
LoadIconA
UnhookWindowsHookEx
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode

gdi32

GetTextExtentPointA
CreateDIBitmap
DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkMode
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreateSolidBrush
GetClipBox

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

comctl32

ord17

oledlg

ord8

ole32

OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoRevokeClassObject
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoTaskMemFree
CoTaskMemAlloc
CreateILockBytesOnHGlobal

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
VariantCopy
SysAllocString
VariantChangeType
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

Sections

.text
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Winaspi/aspiinst.exe
.exe windows:4 windows x86 arch:x86

950b12d9a8b53f7804d5427f96a876c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
CopyFileA
lstrcpyA
GlobalFree
GlobalUnlock
GetVersionExA
DeleteFileA
GetCurrentProcess
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
FindFirstFileA
FormatMessageA
LocalFree
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateSemaphoreA
GetLastError
GlobalAlloc
GlobalLock
CloseHandle
WideCharToMultiByte
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetStdHandle
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
GetACP
HeapAlloc
GetTimeZoneInformation
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
ExitProcess
TerminateProcess
FileTimeToSystemTime
FileTimeToLocalFileTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
UnhandledExceptionFilter
SetFilePointer
GetCPInfo
GetOEMCP
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile

user32

GetWindowRect
MessageBoxExA
MessageBoxA
wsprintfA
LoadStringA
ExitWindowsEx
DialogBoxParamA
DestroyWindow
CreateDialogParamA
MoveWindow
EndDialog
GetDesktopWindow

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegDeleteKeyA

lz32

LZCopy
LZOpenFileA
LZClose

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Winaspi/aspixp.sys
.sys windows:5 windows x86 arch:x86

a0ef89ff5c735192d23ddd3f9f8b1f89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\Projects\aspixp.sys\i386\aspi32.pdb

Imports

ntoskrnl.exe

ZwOpenKey
RtlAnsiStringToUnicodeString
RtlInitAnsiString
sprintf
ExAllocatePoolWithTag
KeInitializeSpinLock
IofCompleteRequest
MmIsAddressValid
ExConvertExclusiveToSharedLite
KeWaitForSingleObject
IofCallDriver
IoBuildDeviceIoControlRequest
KeInitializeEvent
ExAcquireResourceExclusiveLite
ExReleaseResourceForThreadLite
KeGetCurrentThread
ExAcquireResourceSharedLite
WRITE_REGISTER_UCHAR
IoFreeMdl
ExfInterlockedInsertTailList
MmMapLockedPagesSpecifyCache
MmBuildMdlForNonPagedPool
IoAllocateMdl
MmAllocateContiguousMemory
MmFreeContiguousMemory
MmUnmapLockedPages
IoDeleteDevice
RtlFreeUnicodeString
ExfInterlockedPushEntryList
WRITE_REGISTER_USHORT
IoFreeIrp
MmUnlockPages
MmMapLockedPages
MmProbeAndLockPages
MmCreateMdl
RtlEqualUnicodeString
RtlWriteRegistryValue
RtlFreeAnsiString
RtlEqualString
ObfDereferenceObject
IoGetDeviceObjectPointer
RtlCopyUnicodeString
RtlQueryRegistryValues
memmove
IoAcquireCancelSpinLock
IoReleaseCancelSpinLock
IoAllocateIrp
KeSetTimer
KeInitializeDpc
KeInitializeTimer
IoBuildAsynchronousFsdRequest
IoCreateSymbolicLink
ExInitializeZone
ExInitializeResourceLite
IoCreateDevice
_except_handler3
RtlInitUnicodeString
ZwQueryValueKey
ZwClose
RtlUnicodeStringToAnsiString
ExFreePoolWithTag
ExfInterlockedPopEntryList
RtlUpperString

hal

KfAcquireSpinLock
READ_PORT_UCHAR
KfReleaseSpinLock
HalGetBusData

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 439B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 640B - Virtual size: 517B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 896B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Winaspi/install.bat
Winaspi/reg_xp.exe
.exe windows:4 windows x86 arch:x86

4940749f75f1508ae1f02e7aae3c47f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetCurrentProcess
GetModuleFileNameA
FormatMessageA
LocalFree
GetLastError
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetStdHandle
LoadLibraryA
GetProcAddress
HeapReAlloc
CloseHandle
FlushFileBuffers
ExitProcess
TerminateProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
HeapAlloc
VirtualAlloc
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
SetFilePointer
GetCPInfo
GetACP
GetOEMCP

user32

MessageBoxExA

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Winaspi/winaspi.dl_
Winaspi/wnaspi2k.dl_
Winaspi/wnaspi32.dl_
Winaspi/wnaspi46.dl_
Winaspi/wnaspi64.dll
.dll windows:4 windows x86 arch:x86

1b44b8702c08be11c862a6801d114d64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
CreateEventA
InitializeCriticalSection
FreeLibrary
GetCurrentThreadId
GetProcAddress
LoadLibraryA
CreateFileA
GetModuleFileNameA
GetVersionExA
DeleteCriticalSection
HeapAlloc
HeapFree
GetExitCodeThread
LeaveCriticalSection
EnterCriticalSection
SetEvent
GetLastError
DeviceIoControl
GetOverlappedResult
CreateThread
ResetEvent
WaitForMultipleObjects
SetThreadPriority
GetProcessHeap
CloseHandle
TerminateThread
ExitProcess
FreeEnvironmentStringsW
GetEnvironmentStrings
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
DisableThreadLibraryCalls
TerminateProcess
GetCurrentProcess
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
HeapReAlloc
RtlUnwind
GetCPInfo
GetStringTypeA
GetOEMCP
GetACP
GetStringTypeW

user32

PostThreadMessageA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

Exports

Exports

FreeASPI32Buffer
GetASPI32Buffer
GetASPI32DLLVersion
GetASPI32SupportInfo
RegisterWOWPost
SendASPI32Command
TranslateASPI32Address
WOWDispatch

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Winaspi/wnaspixp.dll
.dll windows:4 windows x86 arch:x86

1e0edcf6ff832f8af52f4815ce3a7443

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
WaitForSingleObject
CreateEventA
InitializeCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryA
CreateFileA
GetModuleFileNameA
GetVersionExA
DeleteCriticalSection
CloseHandle
TerminateThread
HeapFree
LeaveCriticalSection
EnterCriticalSection
SetEvent
GetLastError
DeviceIoControl
GetOverlappedResult
CreateThread
ResetEvent
WaitForMultipleObjects
SetThreadPriority
GetProcessHeap
HeapAlloc
GetExitCodeThread
DisableThreadLibraryCalls
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
ExitProcess
TerminateProcess
GetCurrentProcess
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
HeapReAlloc
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW

user32

PostThreadMessageA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Exports

Exports

FreeASPI32Buffer
GetASPI32Buffer
GetASPI32DLLVersion
GetASPI32SupportInfo
RegisterWOWPost
SendASPI32Command
TranslateASPI32Address
WOWDispatch

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Winaspi/wowpost.ex_
dvdcontent.bmp
preview.jpg
.jpg
uninst.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

1e2884056e655f2b7bc5a904e352fc80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
GetProcessHeap
SetCurrentDirectoryA

user32

GetPropA
DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
RemovePropA
CharPrevA
GetWindowLongA
DrawTextA
GetWindowTextA
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapWindowPoints
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
MapDialogRect
GetClientRect
CharNextA
SendMessageA
DrawFocusRect

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
wnaspi32.dll
.dll windows:4 windows x86 arch:x86

5e7e827f2e700da5b964d8f462a86001

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

WaitForMultipleObjects
SetThreadPriority
CreateEventA
CreateMutexA
CloseHandle
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
GetModuleHandleA
GetVersionExA
Sleep
GetLocalTime
GetLastError
GetVersion
SetProcessWorkingSetSize
GetProcessWorkingSetSize
GetCurrentProcess
ResetEvent
VirtualAlloc
GetSystemInfo
AddAtomA
FindAtomA
DeleteAtom
WriteFile
SetFilePointer
ExitProcess
CreateThread
VirtualFree
SetLastError
SetErrorMode
QueryDosDeviceA
GetDriveTypeA
GetTimeZoneInformation
SetConsoleCtrlHandler
GetCurrentProcessId
SetEvent
FreeLibrary
ExitThread
WaitForSingleObject
ReleaseMutex
DeviceIoControl
QueryPerformanceCounter
QueryPerformanceFrequency
VirtualLock
CreateFileA
EnterCriticalSection
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
RtlUnwind
RaiseException
GetCommandLineA
HeapFree
FatalAppExitA
TerminateProcess
HeapReAlloc
HeapAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetCurrentThread
SetUnhandledExceptionFilter
WideCharToMultiByte
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
FlushFileBuffers
IsBadWritePtr
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
IsBadReadPtr
IsBadCodePtr
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
SetStdHandle
ReadFile
GetLocaleInfoW

user32

MessageBoxA

advapi32

MakeAbsoluteSD
OpenProcessToken
GetTokenInformation
EqualSid
RegEnumKeyExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetFileSecurityA

Exports

Exports

?DeviceAdded@@YAKPBD@Z
?DeviceQueryRemove@@YA_NPBD@Z
?DeviceRemoveFailed@@YAXPBD@Z
?DeviceRemoved@@YAKPBD@Z
?NeroCdNTControl@@YGHPAXK0K0KPAKPAU_OVERLAPPED@@@Z
?NeroCdNTGetDriveHandleByDriveLetter@@YAPAXE@Z
?NeroCdNTGetDriveHandleByDriveNo@@YAPAXE@Z
?NeroCdNTGetDriveHandleBySCSIAddr@@YAPAXEEE@Z
?NeroCdNTGetScsiAddressByCdRomID@@YAKH@Z
?NeroCdNTGetScsiAddressByDriveLetter@@YAKE@Z
?NeroCdNTOpenDriver@@YAPAXXZ
?VolumeArrived@@YAXKG@Z
?VolumeRemoved@@YAXKG@Z
GetASPI32DLLVersion
GetASPI32SupportInfo
GetAspiDriveInfo
NeroCdNTHaveAdminPrivilege
NeroCdNTNeedAdminPrivilege
ScsiRescan
SendASPI32Command

Sections

.text
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 151KB

.ndata Size: - Virtual size: 80KB

.rsrc Size: 17KB - Virtual size: 16KB

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 784B

.data Size: 512B - Virtual size: 100B

.reloc Size: 1024B - Virtual size: 520B

e886a412cdaf11998a8eeffda508e913

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

wininet

comctl32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

1e2884056e655f2b7bc5a904e352fc80

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 572B

037d281f4253598a826b0106c1ba3aad

Headers

File Characteristics

Imports

kernel32

user32

gdi32

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 80KB

.rsrc
Size: 17KB - Virtual size: 16KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 572B

.text
Size: 536KB - Virtual size: 535KB

.rdata
Size: 100KB - Virtual size: 98KB

.data
Size: 20KB - Virtual size: 6.5MB

.rsrc
Size: 20KB - Virtual size: 17KB

.reloc
Size: 72KB - Virtual size: 71KB

.text
Size: 140KB - Virtual size: 136KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 16KB - Virtual size: 14KB

.reloc
Size: 20KB - Virtual size: 16KB

CODE
Size: - Virtual size: 716KB

DATA
Size: - Virtual size: 8KB

BSS
Size: - Virtual size: 4KB

.idata
Size: - Virtual size: 10KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 4KB - Virtual size: 24B

.reloc
Size: 44KB - Virtual size: 42KB

.text
Size: 192KB - Virtual size: 192KB

.adata
Size: 52KB - Virtual size: 64KB

.data
Size: 36KB - Virtual size: 64KB

.reloc1
Size: 12KB - Virtual size: 64KB

.pdata
Size: 552KB - Virtual size: 576KB

.rsrc
Size: 204KB - Virtual size: 204KB

CODE
Size: 591KB - Virtual size: 590KB

DATA
Size: 8KB - Virtual size: 7KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 9KB - Virtual size: 9KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 34KB - Virtual size: 34KB