62b9c023a9a3b53e061c01fcb1175c21_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

62b9c023a9a3b53e061c01fcb1175c21_JaffaCakes118
Size

4.0MB
MD5

62b9c023a9a3b53e061c01fcb1175c21
SHA1

d0ebe2d16a59194ccf46cbf2a1c3d58038539f7f
SHA256

279fc33c17d40a9953e4804b24ce57c8774d5902b2662213502d609748bfe8b3
SHA512

6b9a36a0e08b506df408c9dfb7f73da6586e43c3d75676a49807ec47e86e9bf94cb1457df0fbf961de9108ad5c6dde82c71f09815150f164ef099216d76ed1e9
SSDEEP

98304:3SWwf3SJBZOvrnaYwDZwTIPwENXuRZV22qAqNZwkIugf9NT6oH8ctHatnt:3tlOvrnaYOZwUYE5uJ2pz8xfDDtHatt

Score

3^/10

Malware Config

Signatures

Unsigned PE 27 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ET_2.2.1.37.exe
unpack002/$PLUGINSDIR/FindProcDLL.dll
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/UserInfo.dll
unpack002/AudioSet.exe
unpack002/ET.exe
unpack002/ETCore.dll
unpack002/ETLoader.exe
unpack002/ETWebX.dll
unpack002/EzIMClientModule.dll
unpack002/EzTalkCore.dll
unpack002/NetLib.dll
unpack002/SDOImage.dll
unpack002/UDPStream.dll
unpack002/UserAccount.dll
unpack002/UserData.dll
unpack002/UserList.dll
unpack002/etamset.dll
unpack002/etauclt.exe
unpack002/etaus.bin
unpack002/sducore.dll
unpack002/talkengine.dll
unpack002/uninsET000.exe
unpack003/$PLUGINSDIR/FindProcDLL.dll
unpack003/$PLUGINSDIR/System.dll
unpack002/uptl_udprelay.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
static1/unpack001/ET_2.2.1.37.exe	nsis_installer_1
static1/unpack002/uninsET000.exe	nsis_installer_1

Files

62b9c023a9a3b53e061c01fcb1175c21_JaffaCakes118
.rar
ET_2.2.1.37.exe
.exe windows:4 windows x86 arch:x86

42134c4fb1b2d3cf6b447e018a5de700

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
SetFileTime
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
CloseHandle
lstrcmpiA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
MulDiv
FindNextFileA
FindFirstFileA
DeleteFileA
ExitProcess

user32

ExitWindowsEx
CharNextA
DialogBoxParamA
GetClassInfoA
SystemParametersInfoA
RegisterClassA
EndDialog
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
CreateDialogParamA
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
LoadImageA
GetDC
EnableWindow
InvalidateRect
CreateWindowExA
GetWindowLongA
DrawFocusRect
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
TrackPopupMenu
wsprintfA
SendMessageA
CallWindowProcA
MapWindowPoints
GetWindowRect
ScreenToClient
PtInRect
LoadCursorA
SetCursor
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetWindowLongA

gdi32

SetBkColor
GetDeviceCaps
GetCurrentObject
GetObjectA
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegEnumKeyA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 320KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/FindProcDLL.dll
.dll windows:4 windows x86 arch:x86

c480ee4d2a64d4a16edee43fdfe35079

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
OpenProcess
LoadLibraryA
CloseHandle
GetProcAddress
GetVersionExA
GlobalFree
lstrcpyA
HeapCreate
VirtualFree
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
FreeLibrary
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
DisableThreadLibraryCalls
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetACP
GetOEMCP
WriteFile
VirtualAlloc
RtlUnwind
GetStringTypeA
GetStringTypeW
GetCPInfo

user32

wsprintfA

Exports

Exports

FindProc

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

6bc108eed3ca99f68adee56e9c99fac6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetCurrentThread
GetCurrentProcess
GetModuleHandleA
GetProcAddress
GetLastError
GlobalFree
CloseHandle
lstrcpynA
GlobalAlloc

advapi32

OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetUserNameA
OpenThreadToken

Exports

Exports

GetAccountType
GetName
GetOriginalAccountType

Sections

.text
Size: 1024B - Virtual size: 741B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 657B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 85B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 154B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
AppCfg.ini
AudioSet.exe
.exe windows:5 windows x86 arch:x86

5362f2b172fe2642959cc6071e0404b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

etamset

GetMixerControlUnsigned
EnumAudioDevices
SetMuxControlValue
CreateAMR
SetAudioCaptureInputMixerW
FindMicboostWithKeywordW
FindNoMicMixerWithKeywordW
GetMuxControlValue
FindMixerWithKeywordW
FindMicMixerWithKeywordW

kernel32

SetErrorMode
GetStartupInfoW
Sleep
ExitProcess
GetConsoleCP
GetConsoleMode
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
RtlUnwind
RaiseException
HeapReAlloc
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
VirtualAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SizeofResource
LockResource
LoadResource
FindResourceW
MultiByteToWideChar
GetPrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetSystemDirectoryW
CreateProcessW
WaitForSingleObject
CloseHandle
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetModuleFileNameW
CreateMutexW
GetLastError
GetVersionExW
MulDiv
lstrlenW
LocalFree
FormatMessageW
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFlags
GlobalUnlock
GlobalLock
GlobalAlloc
lstrlenA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
InterlockedExchange
InterlockedDecrement
GetCurrentProcessId
GetModuleHandleA
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
CompareStringW
LoadLibraryA
FreeLibrary
lstrcmpW
GetModuleHandleW
GetProcAddress
GetVersionExA
WideCharToMultiByte
SetLastError
GlobalFree

user32

TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
GetWindowThreadProcessId
EndPaint
BeginPaint
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
DrawFocusRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
IsWindowEnabled
ShowWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
GetScrollRange
GetScrollPos
IsWindowVisible
UpdateWindow
MessageBoxW
CreateWindowExW
GetClassInfoExW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
PtInRect
GetMenu
SetWindowLongW
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetFocus
IsChild
GetFocus
UnregisterClassW
LoadCursorW
GetSysColorBrush
EndDeferWindowPos
DeferWindowPos
DestroyMenu
SetCursor
WinHelpW
GetMessageW
CopyRect
BeginDeferWindowPos
InvalidateRect
GetDlgItem
GetWindow
GetWindowLongW
DrawIcon
GetSystemMetrics
IsIconic
AppendMenuW
GetSystemMenu
LoadIconW
GetClassInfoW
FindWindowW
LoadImageW
FillRect
GetClientRect
PostMessageW
GetWindowDC
ReleaseDC
GetDC
GetWindowRect
SetForegroundWindow
GetParent
IsWindow
EnableWindow
SendMessageW

gdi32

GetClipBox
SetTextColor
SetBkColor
GetObjectW
CreateBitmap
GetTextMetricsW
SaveDC
RestoreDC
GetDeviceCaps
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateSolidBrush
GdiFlush
DeleteDC
BitBlt
CreateCompatibleDC
SetViewportExtEx
SetWindowExtEx
LineTo
MoveToEx
SelectObject
PatBlt
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
DeleteObject
CreateCompatibleBitmap
GetStockObject
CreatePen

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegOpenKeyW
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyExW
RegEnumKeyW
RegDeleteKeyW

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathFindExtensionW

ole32

CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitializeEx

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit

winmm

mixerClose

dsound

ord8

Sections

.text
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ET.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 11KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 36B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ETCore.dll
.dll windows:4 windows x86 arch:x86

e9890461c682f61d4bf1c70b7e3fc559

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

WSAAsyncSelect
inet_addr
ntohl
WSAStartup
connect
socket
htons
recv
closesocket
WSACleanup
inet_ntoa
send
WSAGetLastError
listen

kernel32

RtlUnwind
GetSystemInfo
VirtualProtect
ReadFile
SetEndOfFile
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
_lclose
_lwrite
_llseek
_lcreat
_lopen
CreateDirectoryA
GetLocalTime
Sleep
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
LoadResource
SizeofResource
FindResourceA
GetTickCount
GetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
SetThreadPriority
GetCurrentThread
lstrcatA
GetModuleFileNameA
CreateFileA
FlushFileBuffers
SetStdHandle
GetCPInfo
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
LoadLibraryA
SetFilePointer
WriteFile
UnhandledExceptionFilter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
VirtualAlloc
ExitProcess
RaiseException
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetCurrentProcessId
InterlockedExchange
VirtualQuery
SetUnhandledExceptionFilter
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
HeapReAlloc
TerminateProcess
GetCurrentProcess
HeapSize
CloseHandle
HeapDestroy
HeapCreate
VirtualFree

user32

RegisterClassA
SendMessageA
CreateWindowExA
DefWindowProcA
GetKeyState
PostMessageA
SetTimer
KillTimer

ole32

StringFromGUID2

netlib

CreateNetModule

talkengine

CreateTalkEngine

version

VerQueryValueA

winmm

mixerGetLineControlsA
mixerGetDevCapsA
mixerOpen
mixerGetNumDevs
mixerGetLineInfoA
mixerGetControlDetailsA

Exports

Exports

CreateETCore

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ETLoader.exe
.exe windows:4 windows x86 arch:x86

7ae991d9a1b4df275f0faaa7e6fd89ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetLastError
CreateMutexA
GetVersionExA
GetFileAttributesExA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameA
WritePrivateProfileStringA
GetShortPathNameA
GetWindowsDirectoryA
CopyFileA
MoveFileExA
FindClose
FindNextFileA
lstrcmpiA
FindFirstFileA
WaitForSingleObject
CreateProcessA
GetPrivateProfileIntA
GetPrivateProfileStringA
DeleteFileA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
SetStdHandle
ReadFile
SetFilePointer
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
LoadLibraryA
GetFileType
FlushFileBuffers
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
ExitProcess
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetOEMCP
GetCPInfo
LCMapStringA
LCMapStringW
GetProcAddress
TerminateProcess
GetCurrentProcess
HeapCreate
VirtualFree
IsBadWritePtr
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings

shell32

SHGetSpecialFolderPathA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

shlwapi

PathFileExistsA

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ETWebX.dll
.dll regsvr32 windows:4 windows x86 arch:x86

6c7b6cd2e11d51df3eeddb6a05e396e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
lstrcmpiW
lstrcpynW
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
GetModuleFileNameW
FreeLibrary
MultiByteToWideChar
DeleteCriticalSection
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
GetFileAttributesW
lstrcatW
GetProcessHeap
HeapSize
HeapReAlloc
InitializeCriticalSection
RaiseException
lstrcpyW
lstrlenW
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
SizeofResource
InterlockedExchange
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess

user32

CharNextW

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW

ole32

CoCreateInstance
CoTaskMemRealloc
StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SysStringLen
SysFreeString
VarUI4FromStr
LoadRegTypeLi
LoadTypeLi
SysAllocString
UnRegisterTypeLi
RegisterTypeLi

rpcrt4

IUnknown_QueryInterface_Proxy
IUnknown_AddRef_Proxy
IUnknown_Release_Proxy
NdrStubForwardingFunction
NdrStubCall2
NdrOleFree
NdrOleAllocate
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrDllUnregisterProxy
NdrDllRegisterProxy
NdrCStdStubBuffer2_Release

msvcr71

__CppXcptFilter
_adjust_fdiv
_initterm
memset
_onexit
__dllonexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__security_error_handler
wcsncpy
??2@YAPAXI@Z
??_U@YAPAXI@Z
memmove
realloc
__CxxFrameHandler
??3@YAXPAX@Z
??_V@YAXPAX@Z
_except_handler3
wcsstr
wcsrchr
wcslen
malloc
free
_CxxThrowException

shlwapi

PathFindExtensionW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 46B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Emotion/emo_0.dat
Emotion/emo_0/01.gif
.gif
Emotion/emo_0/02.gif
.gif
Emotion/emo_0/03.gif
.gif
Emotion/emo_0/04.gif
.gif
Emotion/emo_0/05.gif
.gif
Emotion/emo_0/06.gif
.gif
Emotion/emo_0/07.gif
.gif
Emotion/emo_0/08.gif
.gif
Emotion/emo_0/09.gif
.gif
Emotion/emo_0/10.gif
.gif
Emotion/emo_0/11.gif
.gif
Emotion/emo_0/12.gif
.gif
Emotion/emo_0/13.gif
.gif
Emotion/emo_0/14.gif
.gif
Emotion/emo_0/15.gif
.gif
Emotion/emo_0/16.gif
.gif
Emotion/emo_0/17.gif
.gif
Emotion/emo_0/18.gif
.gif
Emotion/emo_0/19.gif
.gif
Emotion/emo_0/20.gif
.gif
Emotion/emo_0/21.gif
.gif
Emotion/emo_0/22.gif
.gif
Emotion/emo_0/23.gif
.gif
Emotion/emo_0/24.gif
.gif
Emotion/emo_0/25.gif
.gif
Emotion/emo_0/26.gif
.gif
Emotion/emo_0/27.gif
.gif
Emotion/emo_0/28.gif
.gif
Emotion/emo_0/29.gif
.gif
Emotion/emo_0/30.gif
.gif
Emotion/emo_0/31.gif
.gif
Emotion/emo_0/32.gif
.gif
Emotion/emo_0/33.gif
.gif
Emotion/emo_0/34.gif
.gif
Emotion/emo_0/35.gif
.gif
Emotion/emo_0/36.gif
.gif
Emotion/emo_0/37.gif
.gif
Emotion/emo_0/38.gif
.gif
Emotion/emo_0/39.gif
.gif
Emotion/emo_0/40.gif
.gif
Emotion/emo_0/41.gif
.gif
Emotion/emo_0/42.gif
.gif
Emotion/emo_0/43.gif
.gif
Emotion/emo_0/44.gif
.gif
Emotion/emo_0/45.gif
.gif
Emotion/emo_0/46.gif
.gif
Emotion/emo_0/47.gif
.gif
Emotion/emo_0/48.gif
.gif
Emotion/emo_0/49.gif
.gif
Emotion/emo_0/50.gif
.gif
Emotion/emo_0/51.gif
.gif
Emotion/emo_0/52.gif
.gif
Emotion/emo_0/53.gif
.gif
Emotion/emo_0/54.gif
.gif
Emotion/emo_0/55.gif
.gif
Emotion/emo_0/56.gif
.gif
Emotion/emo_0/57.gif
.gif
Emotion/emo_0/58.gif
.gif
Emotion/emo_0/59.gif
.gif
Emotion/emo_0/60.gif
.gif
Emotion/emo_0/61.gif
.gif
Emotion/emo_0/62.gif
.gif
Emotion/emo_0/63.gif
.gif
Emotion/emo_0/64.gif
.gif
Emotion/emo_0/65.gif
.gif
Emotion/emo_0/66.gif
.gif
Emotion/emo_0/67.gif
.gif
Emotion/emo_0/68.gif
.gif
Emotion/emo_0/69.gif
.gif
Emotion/emo_0/70.gif
.gif
Emotion/emo_0/71.gif
.gif
Emotion/emo_0/72.gif
.gif
EzIMClientModule.dll
.dll windows:4 windows x86 arch:x86

6f00f2977113781f0c6e0abcc7a29795

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\UniAutoUpdate\Ezim\Client\Bin\EzIMClientModule.pdb

Imports

udpstream

CreateUDPModule

ws2_32

gethostname
gethostbyname
WSAStartup
inet_addr
htons
inet_ntoa
WSACleanup
ntohs

uptl_udprelay

CreateUDPUPTLInstance
ReleaseUPTLInstance

kernel32

SetThreadPriority
CreateEventA
GlobalAlloc
SetEvent
GlobalLock
FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetCPInfo
GetOEMCP
IsBadCodePtr
IsBadReadPtr
LoadLibraryA
Sleep
OutputDebugStringA
GetLastError
GetModuleFileNameA
_lclose
_lwrite
SetEndOfFile
_llseek
GetFileSize
_lcreat
_lopen
GetLocalTime
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetFileAttributesA
CreateDirectoryA
lstrcatA
InterlockedExchange
GetProcAddress
LoadLibraryExA
FreeLibrary
ReadFile
GlobalUnlock
CloseHandle
CreateFileA
WriteFile
GetTickCount
GetSystemTime
GetACP
GetLocaleInfoA
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
RaiseException
MapViewOfFile
OpenFileMappingA
OpenMutexA
WaitForSingleObject
ReleaseMutex
WritePrivateProfileStringA
GetPrivateProfileStringA
ResumeThread
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
UnhandledExceptionFilter
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
HeapSize
GetCurrentProcess
TerminateProcess
GlobalFree
SetFilePointer
GetModuleHandleA
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThread
SetLastError
TlsAlloc
SetUnhandledExceptionFilter
GetCurrentProcessId
QueryPerformanceCounter
GetCommandLineA
CreateThread
GetCurrentThreadId
ExitThread
HeapReAlloc
MoveFileA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
RtlUnwind
ExitProcess

user32

KillTimer
DefWindowProcA
CreateWindowExA
RegisterClassA
SetTimer
LoadIconA
DestroyWindow
SendMessageA
PostMessageA
LoadCursorA

gdi32

GetStockObject

netlib

CreateNetModule

winmm

waveOutPrepareHeader
waveOutGetErrorTextA
waveInStop
waveInStart
waveOutGetVolume
waveOutSetVolume
waveOutGetNumDevs
waveInGetDevCapsA
waveOutOpen
waveInUnprepareHeader
waveOutUnprepareHeader
waveOutGetDevCapsA
waveInReset
waveInAddBuffer
waveInOpen
waveInPrepareHeader
waveOutReset
waveOutWrite
waveInClose
waveOutClose
mixerOpen
mixerGetLineControlsA
mixerGetLineInfoA
mixerClose
mixerGetDevCapsA
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetNumDevs

Exports

Exports

CreateEzImClientModule

Sections

.text
Size: 284KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EzTalkCore.dll
.dll windows:4 windows x86 arch:x86

98a23de9f656aa09c55a2b63f874bb21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\work\InGameEZTalk\bin\EzTalkCore.pdb

Imports

udpstream

CreateUDPModule

ws2_32

WSAStartup
connect
gethostbyname
socket
htons
WSAAsyncSelect
WSACleanup
closesocket
inet_ntoa
listen
recv
send
WSAGetLastError
inet_addr

kernel32

CloseHandle
FlushFileBuffers
GetSystemInfo
VirtualProtect
LCMapStringW
LCMapStringA
SetStdHandle
GetLocaleInfoA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
_lclose
_lwrite
_llseek
_lopen
CreateDirectoryA
GetLocalTime
Sleep
lstrcatA
GetModuleFileNameA
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
OutputDebugStringA
GetTickCount
GetCPInfo
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
LoadLibraryA
SetFilePointer
WriteFile
UnhandledExceptionFilter
GetEnvironmentStringsW
_lcreat
GetCurrentProcessId
WideCharToMultiByte
FreeEnvironmentStringsW
ExitProcess
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetSystemTimeAsFileTime
InterlockedExchange
VirtualQuery
SetUnhandledExceptionFilter
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
HeapReAlloc
TerminateProcess
GetCurrentProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings

user32

LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
DefWindowProcA
KillTimer
SetTimer
PostMessageA

gdi32

GetStockObject

netlib

CreateNetModule

Exports

Exports

CreateETCluster

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NetLib.dll
.dll windows:4 windows x86 arch:x86

e32e26fa59d4a92aac4b4ccc36529fb7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\Project\TestSound\TestSound\bin\NetLib.pdb

Imports

ws2_32

recvfrom
WSAEventSelect
WSAWaitForMultipleEvents
WSAResetEvent
WSAEnumNetworkEvents
WSACloseEvent
WSASetEvent
WSACreateEvent
send
recv
accept
WSASocketA
WSAIoctl
ntohs
inet_ntoa
connect
listen
bind
socket
WSARecv
htons
inet_addr
sendto
WSAGetLastError
WSASend
closesocket
shutdown
setsockopt
getsockopt
WSACleanup
WSAStartup

kernel32

HeapReAlloc
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
RaiseException
VirtualProtect
FlushFileBuffers
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
GetCurrentProcessId
QueryPerformanceCounter
SetStdHandle
LoadLibraryA
GetCPInfo
GetOEMCP
GetACP
GetModuleFileNameA
lstrcatA
CreateDirectoryA
GetLocalTime
_lopen
_lcreat
_llseek
_lwrite
_lclose
OutputDebugStringA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
Sleep
InterlockedIncrement
CreateTimerQueueTimer
DeleteTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueue
DeleteTimerQueueEx
GetLastError
CreateTimerQueue
CreateEventA
SetEvent
CloseHandle
WaitForSingleObject
InterlockedDecrement
CreateIoCompletionPort
GetSystemInfo
PostQueuedCompletionStatus
WaitForMultipleObjects
GetQueuedCompletionStatus
QueueUserWorkItem
GetTickCount
ResumeThread
HeapAlloc
HeapFree
ExitThread
GetCurrentThreadId
CreateThread
GetSystemTimeAsFileTime
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
WriteFile
SetFilePointer
RtlUnwind
VirtualQuery

Exports

Exports

CreateNetModule

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SDOImage.dll
.dll regsvr32 windows:4 windows x86 arch:x86

44660346896afa7fcf9a9e309322676b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
DeleteCriticalSection
EnterCriticalSection
HeapDestroy
GetCurrentThreadId
LeaveCriticalSection
InitializeCriticalSection
HeapCreate
GetVersionExA
GetSystemInfo
HeapAlloc
DisableThreadLibraryCalls
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
GetCurrentProcess
FlushInstructionCache
lstrlenW
CreateFileA
SetFilePointer
ReadFile
InterlockedDecrement
GetTickCount
CloseHandle
GlobalUnlock
InterlockedIncrement
GlobalLock
GlobalAlloc
WideCharToMultiByte
MultiByteToWideChar

user32

GetWindowLongA
CreateWindowExA
CallWindowProcA
EndPaint
GetFocus
ShowWindow
GetWindowTextA
GetClientRect
CharNextA
DefWindowProcA
IsWindow
GetClassNameA
GetKeyState
PtInRect
UnionRect
SetWindowPos
SetWindowRgn
OffsetRect
IsWindowVisible
KillTimer
WindowFromDC
DestroyWindow
SendMessageA
SetFocus
ReleaseDC
GetDC
GetParent
IsChild
InvalidateRect
EqualRect
IntersectRect
RegisterClassExA
UpdateWindow
SetTimer
SetWindowLongA
BeginPaint
GetClassInfoExA
LoadCursorA
wsprintfA

gdi32

RestoreDC
CreateDCA
DeleteDC
BitBlt
DeleteObject
SelectClipRgn
CreateRectRgn
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
LPtoDP
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileA

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA

ole32

OleRegGetUserType
CoLoadLibrary
OleLoadFromStream
CreateDataAdviseHolder
OleRegGetMiscStatus
WriteClassStm
CreateOleAdviseHolder
OleRegEnumVerbs
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
OleSaveToStream

oleaut32

SysAllocStringByteLen
SysStringByteLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
VariantChangeType
VariantClear
OleCreatePropertyFrame
VarUI4FromStr
SysAllocString
SysStringLen
SysFreeString

gdiplus

GdipDrawImageRectI
GdipImageSelectActiveFrame
GdipCreateFromHDC
GdipAlloc
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipDisposeImage
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipImageGetFrameDimensionsCount
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdiplusShutdown
GdiplusStartup
GdipImageGetFrameDimensionsList
GdipDeleteGraphics
GdipFree

msvcp60

??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ

msvcrt

__CxxFrameHandler
free
malloc
??2@YAPAXI@Z
realloc
strcat
memcpy
memset
memcmp
_purecall
_adjust_fdiv
strcpy
_mbsrchr
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
_initterm

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Skin/SmileFace.png
.png
Skin/UserCard.PNG
.png
Skin/cbbunable.png
.png
Skin/faceClick.png
.png
Skin/faceHover.png
.png
Skin/faceInit.png
.png
Skin/female.png
.png
Skin/frame.bmp
Skin/line.png
.png
Skin/male.png
.png
Skin/skin6.ini
Skin/skin6.png
.png
Skin/smallFrame.bmp
Skin/status/Thumbs.db
Skin/status/away.bmp
Skin/status/busy.bmp
Skin/status/hide.bmp
Skin/status/offline.bmp
Skin/status/online.bmp
Skin/sysMenu/01.bmp
Skin/sysMenu/02.bmp
Skin/sysMenu/03.bmp
Skin/sysMenu/04.bmp
Skin/sysMenu/05.bmp
Skin/sysMenu/06.bmp
Skin/sysMenu/07.bmp
Skin/sysMenu/08.bmp
Skin/sysMenu/09.bmp
Skin/sysMenu/10.bmp
Skin/sysMenu/Thumbs.db
Skin/sysMenu/sysMenu.cfg
Skin/systips.bmp
Skin/tips.bmp
Skin/watermark.png
.png
Skin/ť-.png
.png
Skin/ť-껬.PNG
.png
Skin/ť-.PNG
.png
Skin/ͨť-ʼ.PNG
.png
Skin/ť-ʼ.png
.png
Skin/ť-껬.png
.png
Skin/ť-.png
.png
SpeakConfig.ini
UDPStream.dll
.dll windows:4 windows x86 arch:x86

3f7173cf8ac9d87f348e0a0be54ba3ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\Project\UDPStreamTest\UDPStreamTest\Client\Bin\UDPStream.pdb

Imports

kernel32

GetLocalTime
_lopen
_lcreat
GetFileSize
_llseek
SetEndOfFile
_lwrite
_lclose
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetTickCount
OutputDebugStringA
InterlockedExchange
SetEvent
Sleep
InterlockedIncrement
CreateEventA
CloseHandle
WaitForSingleObject
InterlockedDecrement
GetModuleFileNameA
lstrcatA
CreateDirectoryA
ResumeThread
IsBadCodePtr
IsBadReadPtr
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
HeapReAlloc
ExitThread
GetCurrentThreadId
GetLastError
CreateThread
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
WriteFile
SetFilePointer
RtlUnwind
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetLocaleInfoA
LCMapStringA
LCMapStringW
LoadLibraryA
SetStdHandle
QueryPerformanceCounter
GetCurrentProcessId
VirtualProtect
GetSystemInfo
FlushFileBuffers
RaiseException
SetUnhandledExceptionFilter

netlib

CreateNetModule

Exports

Exports

CreateUDPModule

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UserAccount.dll
.dll windows:4 windows x86 arch:x86

8382ecf70eaca0650214e77b8c71b5e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\UniAutoUpdate\Ezim\Client\Lib\UserAccount.pdb

Imports

kernel32

CreateDirectoryA
GetLastError
GetFileAttributesA
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetFileSize
UnlockFile
LockFile
GetProcAddress
FreeLibrary
GetSystemTime
Sleep
GetSystemTimeAsFileTime
TlsSetValue
TlsGetValue
TlsAlloc
CloseHandle
LockFileEx
AreFileApisANSI
DeleteFileA
GetFileAttributesW
DeleteFileW
GetTempPathA
GetTempPathW
GetFullPathNameA
GetFullPathNameW
LoadLibraryA
LoadLibraryW
CreateFileA
CreateFileW
ExitProcess
GetCurrentThreadId
GetCommandLineA
HeapAlloc
HeapReAlloc
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetModuleFileNameA
GetModuleHandleA
TerminateProcess
GetCurrentProcess
SetLastError
TlsFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
GetTimeZoneInformation
LCMapStringA
LCMapStringW
RtlUnwind
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
SetStdHandle
HeapSize
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

CreateIUserAccount

Sections

.text
Size: 300KB - Virtual size: 297KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UserData.dll
.dll windows:4 windows x86 arch:x86

c88c893d4270de67a19e9ff95f9f2b12

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\UniAutoUpdate\Ezim\Client\Lib\UserData.pdb

Imports

kernel32

CreateDirectoryA
GetLastError
GetFileAttributesA
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetFileSize
UnlockFile
LockFile
GetProcAddress
FreeLibrary
GetSystemTime
Sleep
GetSystemTimeAsFileTime
TlsSetValue
TlsGetValue
TlsAlloc
CloseHandle
LockFileEx
AreFileApisANSI
DeleteFileA
GetFileAttributesW
DeleteFileW
GetTempPathA
GetTempPathW
GetFullPathNameA
GetFullPathNameW
LoadLibraryA
LoadLibraryW
CreateFileA
CreateFileW
ExitProcess
RtlUnwind
RaiseException
GetCurrentThreadId
GetCommandLineA
HeapAlloc
HeapReAlloc
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetModuleFileNameA
SetLastError
TlsFree
GetModuleHandleA
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
IsBadWritePtr
GetTimeZoneInformation
LCMapStringA
LCMapStringW
HeapSize
InterlockedExchange
VirtualQuery
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

CreateIMsgHandle

Sections

.text
Size: 312KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UserList.dll
.dll windows:4 windows x86 arch:x86

8382ecf70eaca0650214e77b8c71b5e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\UniAutoUpdate\Ezim\Client\Lib\UserList.pdb

Imports

kernel32

CreateDirectoryA
GetLastError
GetFileAttributesA
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetFileSize
UnlockFile
LockFile
GetProcAddress
FreeLibrary
GetSystemTime
Sleep
GetSystemTimeAsFileTime
TlsSetValue
TlsGetValue
TlsAlloc
CloseHandle
LockFileEx
AreFileApisANSI
DeleteFileA
GetFileAttributesW
DeleteFileW
GetTempPathA
GetTempPathW
GetFullPathNameA
GetFullPathNameW
LoadLibraryA
LoadLibraryW
CreateFileA
CreateFileW
ExitProcess
GetCurrentThreadId
GetCommandLineA
HeapAlloc
HeapReAlloc
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetModuleFileNameA
GetModuleHandleA
TerminateProcess
GetCurrentProcess
SetLastError
TlsFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
GetTimeZoneInformation
LCMapStringA
LCMapStringW
RtlUnwind
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
SetStdHandle
HeapSize
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

CreateIUserList

Sections

.text
Size: 304KB - Virtual size: 301KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Version.ini
chatcontent.dll
etamset.dll
.dll windows:5 windows x86 arch:x86

a36d70d26f70e9fb904f54aaff209431

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
SetFilePointer
WriteFile
OutputDebugStringW
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetVersionExW
GetModuleFileNameW
lstrcpynA
lstrlenW
GetFileAttributesExW
CreateFileW
ReadFile
MultiByteToWideChar
DeleteFileW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InterlockedIncrement
FreeLibrary
InterlockedDecrement
lstrcmpW
VirtualFree
GetCurrentProcess
GetCurrentThreadId
VirtualAlloc
GetProcAddress
CreateDirectoryA
GetTickCount
GetLastError
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringA
GetConsoleMode
GetConsoleCP
GetModuleHandleA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
GetModuleHandleW
CloseHandle
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
GetCommandLineA
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetStdHandle
GetModuleFileNameA
Sleep
ExitProcess
HeapCreate

user32

MessageBoxW

ole32

CoUninitialize
CoInitializeEx
CoTaskMemFree
CoTaskMemAlloc
CoFreeUnusedLibraries
CoInitialize
CoCreateInstance

oleaut32

SysFreeString

winmm

mixerGetDevCapsW
mixerClose
mixerGetNumDevs
mixerGetControlDetailsW
mixerSetControlDetails
waveOutOpen
mixerGetLineInfoW
mixerGetID
waveOutClose
waveInOpen
waveInClose
mixerGetLineControlsW
mixerOpen

dsound

ord8

Exports

Exports

?EnumAudioCaptureFiltersA@@YGJP6GHPBDPAUIMoniker@@K@ZK@Z
?EnumAudioCaptureFiltersW@@YGJP6GHPB_WPAUIMoniker@@K@ZK@Z
?EnumAudioCapturePinsA@@YGIPBDP6GHPAUtagMIXERLINEA@@K@ZK@Z
?EnumAudioCapturePinsW@@YGIPB_WP6GHPAUtagMIXERLINEW@@K@ZK@Z
?FindAudioCapturePinByNameA@@YGJPAUIBaseFilter@@PBDPAPAUIPin@@@Z
?FindAudioCapturePinByNameW@@YGJPAUIBaseFilter@@PB_WPAPAUIPin@@@Z
?SetAudioCaptureOutputProperties@@YGJPAUIBaseFilter@@PAUtagAC_PCMFORMAT@@@Z
AutoSetKaraOKAudioMixer
AutoSetMiscAudioMixer
CreateAMR
EnumAudioDevices
FindExternalSoundCardA
FindExternalSoundCardW
FindMicMixerWithKeywordA
FindMicMixerWithKeywordW
FindMicboostWithKeywordA
FindMicboostWithKeywordW
FindMixerWithKeywordA
FindMixerWithKeywordW
FindNoMicMixerWithKeywordA
FindNoMicMixerWithKeywordW
GetAudioCaptureInputMixerA
GetAudioCaptureInputMixerW
GetExternalSoundCard
GetMicMixerKeyword
GetMicboostKeyword
GetMiscVolumeA
GetMiscVolumeW
GetMixerControlBoolean
GetMixerControlSigned
GetMixerControlUnsigned
GetMixerKeyword
GetMuxControlValue
GetNoMicMixerKeyword
GetWaveoutVolumeA
GetWaveoutVolumeW
SetAudioCaptureInputMixerA
SetAudioCaptureInputMixerExA
SetAudioCaptureInputMixerExW
SetAudioCaptureInputMixerW
SetMiscBoostA
SetMiscBoostW
SetMiscMuteA
SetMiscMuteW
SetMiscVolumeA
SetMiscVolumeW
SetMixerControlBoolean
SetMixerControlSigned
SetMixerControlUnsigned
SetMuxControlValue
SetWaveoutVolumeA
SetWaveoutVolumeW

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
etauclt.exe
.exe windows:4 windows x86 arch:x86

ccbf18315cfd27312ea85bd147924573

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

sducore

CreateUpdateSession
InitLog
SDDownloadFile

kernel32

ExitProcess
RtlUnwind
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
SetErrorMode
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
InterlockedIncrement
InterlockedDecrement
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
GetModuleHandleA
GetProcAddress
SetLastError
FormatMessageA
lstrcpynA
LocalFree
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcpyA
WritePrivateProfileStringA
CreateThread
ResumeThread
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
lstrlenA
lstrcmpiA
GetVersion
RaiseException
MultiByteToWideChar
CreateProcessA
WaitForSingleObject
CreateMutexA
DeleteFileA
TerminateProcess
CreateToolhelp32Snapshot
Process32First
Module32First
GetLongPathNameA
Process32Next
GetCurrentProcess
GetLastError
GetFileAttributesExA
MulDiv
EnterCriticalSection
GetFileSize
CopyFileA
LeaveCriticalSection
GetModuleFileNameA
CreateDirectoryA
InitializeCriticalSection
GetFileAttributesA
CreateFileA
OutputDebugStringA
SetFilePointer
ReadFile
WriteFile
FlushFileBuffers
GetLocalTime
DeleteCriticalSection
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CloseHandle
HeapDestroy

user32

GetSysColorBrush
wsprintfA
DestroyMenu
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMessageA
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
IsWindowEnabled
ShowWindow
SetWindowTextA
IsDialogMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
LoadIconA
PeekMessageA
MapWindowPoints
MessageBoxA
GetKeyState
IsWindowVisible
GetMenu
AdjustWindowRectEx
ScreenToClient
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
RegisterWindowMessageA
LoadCursorA
LoadImageA
UnregisterClassA
PostQuitMessage
GetSystemMetrics
DrawIconEx
DestroyIcon
GetWindowLongA
SetForegroundWindow
IsIconic
GetPropA
GetSystemMenu
AppendMenuA
FindWindowA
SendMessageTimeoutA
PostMessageA
GetSysColor
IsWindow
SetCursor
EnableWindow
GetParent
KillTimer
SetTimer
RedrawWindow
InvalidateRect
UpdateWindow
GetClientRect
GetWindowRect
SendMessageA
OffsetRect
GetLastActivePopup

gdi32

DPtoLP
SetTextAlign
CreateBitmap
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetObjectA
GetDeviceCaps
DeleteDC
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateDIBSection
SetDIBColorTable
SelectObject
CreateCompatibleDC
GetViewportOrgEx
SetViewportOrgEx
GetStockObject
DeleteObject
CreateSolidBrush
CreateFontIndirectA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA

shell32

ShellExecuteA

comctl32

InitCommonControlsEx
ord17

shlwapi

PathFindFileNameA
PathFindExtensionA

ole32

CreateStreamOnHGlobal

oleaut32

VariantChangeType
VariantInit
VariantClear

gdiplus

GdipGetImageHeight
GdipCloneImage
GdipAlloc
GdipDrawImageI
GdipGetImageGraphicsContext
GdipFree
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePalette
GdipGetImagePaletteSize
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipGetImagePixelFormat

version

VerQueryValueA

Sections

.text
Size: 128KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
etaus.bin
.exe windows:4 windows x86 arch:x86

17c40e236b731801ca1b7782c9e1e51c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
SizeofResource
LockResource
LoadResource
WideCharToMultiByte
FindResourceA
FindResourceExA
DeleteCriticalSection
GetLocalTime
FlushFileBuffers
WriteFile
ReadFile
SetFilePointer
OutputDebugStringA
CreateFileA
GetFileAttributesA
LeaveCriticalSection
CopyFileA
GetFileSize
EnterCriticalSection
InitializeCriticalSection
CreateDirectoryA
GetModuleFileNameA
GetLastError
CreateMutexA
SetFileAttributesA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
FindFirstFileA
MoveFileExA
CreateProcessA
Process32Next
Process32First
CreateToolhelp32Snapshot
TerminateProcess
OpenProcess
GetPrivateProfileStringA
Sleep
MultiByteToWideChar
RaiseException
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetFileType
SetHandleCount
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
ExitProcess
RtlUnwind
GetProcAddress
GetModuleHandleA
GetCurrentProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetOEMCP
GetCPInfo
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW

shlwapi

PathFileExistsA

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
faces/000.jpg
.jpg
faces/001.jpg
.jpg
faces/002.jpg
.jpg
faces/003.jpg
.jpg
faces/004.jpg
.jpg
faces/005.jpg
.jpg
faces/006.jpg
.jpg
faces/007.jpg
.jpg
faces/008.jpg
.jpg
faces/009.jpg
.jpg
faces/010.jpg
.jpg
faces/011.jpg
.jpg
faces/012.jpg
.jpg
faces/013.jpg
.jpg
faces/014.jpg
.jpg
faces/015.jpg
.jpg
faces/016.jpg
.jpg
faces/017.jpg
.jpg
faces/018.jpg
.jpg
faces/019.jpg
.jpg
faces/020.jpg
.jpg
faces/021.jpg
.jpg
faces/022.jpg
.jpg
faces/023.jpg
.jpg
faces/024.jpg
.jpg
faces/025.jpg
.jpg
faces/026.jpg
.jpg
faces/027.jpg
.jpg
faces/028.jpg
.jpg
faces/029.JPG
.jpg
faces/030.JPG
.jpg
faces/031.JPG
.jpg
faces/032.JPG
.jpg
faces/033.jpg
.jpg
faces/034.jpg
.jpg
faces/035.jpg
.jpg
faces/036.jpg
.jpg
faces/037.jpg
.jpg
faces/038.jpg
.jpg
faces/039.jpg
.jpg
faces/040.jpg
.jpg
faces/041.jpg
.jpg
faces/ImgList.cfg
gameconfig.ini
readme.txt
res.dat
sducore.dll
.dll windows:4 windows x86 arch:x86

b4d8a96aa565383d7454ec9706f4fb25

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
LeaveCriticalSection
EnterCriticalSection
GetLastError
GetDiskFreeSpaceExA
CreateThread
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
WaitForMultipleObjects
SetFileAttributesA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
GetModuleFileNameA
GetEnvironmentVariableA
GetTickCount
lstrcmpiA
WaitForSingleObject
FindNextFileA
RemoveDirectoryA
FindClose
FindFirstFileA
lstrlenA
ResumeThread
SetThreadPriority
Sleep
MultiByteToWideChar
RaiseException
FreeLibrary
GetProcAddress
LoadLibraryA
GetLocalTime
FlushFileBuffers
WriteFile
ReadFile
SetFilePointer
OutputDebugStringA
CreateFileA
lstrcpyA
GetFileSize
CreateDirectoryA
GetFileAttributesExA
GetCurrentProcess
Process32Next
OpenProcess
GetLongPathNameA
Module32First
Process32First
CreateToolhelp32Snapshot
Module32Next
TerminateProcess
FileTimeToSystemTime
FileTimeToLocalFileTime
SetEvent
SystemTimeToFileTime
ResetEvent
CreateEventA
MoveFileA
SetEndOfFile
SetFileTime
GetFullPathNameA
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileTime
lstrcatA
GetShortPathNameA
MoveFileExA
CreateProcessA
SetEnvironmentVariableA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
CopyFileA
WritePrivateProfileStringA
DeleteFileA
GetPrivateProfileStringA
InterlockedExchange
GetPrivateProfileIntA
WideCharToMultiByte
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetFileAttributesA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
VirtualFree
HeapCreate
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleA
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
GetCPInfo
GetOEMCP
LCMapStringW
LCMapStringA
GetCommandLineA
GetCurrentThreadId
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
RtlUnwind
ExitProcess
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy

user32

EnumChildWindows
PostMessageA
GetWindowTextA
GetClassNameA
GetWindowThreadProcessId
EnumWindows
SendMessageTimeoutA
KillTimer
SetTimer

advapi32

RegDeleteValueA
RegCreateKeyExA
GetTokenInformation
LookupAccountSidA
DuplicateTokenEx
ImpersonateLoggedOnUser
CreateProcessAsUserA
RevertToSelf
OpenProcessToken
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetSpecialFolderPathA

ole32

CoInitializeEx
OleUninitialize
OleInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysAllocStringLen
SysFreeString
SysStringLen
SysAllocString

shlwapi

PathFileExistsA
PathFindExtensionA
PathGetDriveNumberA

wininet

HttpOpenRequestA
InternetOpenUrlA
InternetReadFileExA
InternetOpenA
InternetSetOptionA
HttpQueryInfoA
InternetConnectA
InternetSetStatusCallback
InternetCloseHandle
InternetCrackUrlA
InternetCanonicalizeUrlA
HttpSendRequestA

wsock32

socket
ioctlsocket
setsockopt
htons
inet_addr
bind
WSAStartup
WSACleanup
closesocket
sendto
recvfrom
WSASetLastError

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Exports

Exports

CreateUpdateSession
InitLog
SDDnsQuery
SDDownloadFile

Sections

.text
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
talkengine.dll
.dll windows:4 windows x86 arch:x86

98669c66f96bd03a6fddecc8bb3b0114

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Project\Recordwav\Recordwav\bin\TalkEngine.pdb

Imports

user32

GetDesktopWindow
GetForegroundWindow

winmm

waveOutSetVolume
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetLineControlsA
mixerGetLineInfoA
mixerOpen
mixerGetNumDevs
mixerClose
waveOutGetVolume

dsound

ord12
ord11

kernel32

CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
HeapFree
_lclose
_lwrite
_llseek
_lcreat
_lopen
CreateDirectoryA
GetLocalTime
lstrcatA
GetModuleFileNameA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
CreateEventA
SetEvent
Sleep
CloseHandle
WaitForSingleObject
ResetEvent
OutputDebugStringA
SetThreadPriority
GetCurrentThread
GetTickCount
WaitForMultipleObjects
CreateThread
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
HeapReAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
RaiseException
RtlUnwind
WriteFile
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapSize
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW

Exports

Exports

CreateTalkEngine

Sections

.text
Size: 368KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninsET000.exe
.exe windows:4 windows x86 arch:x86

42134c4fb1b2d3cf6b447e018a5de700

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
SetFileTime
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
CloseHandle
lstrcmpiA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
MulDiv
FindNextFileA
FindFirstFileA
DeleteFileA
ExitProcess

user32

ExitWindowsEx
CharNextA
DialogBoxParamA
GetClassInfoA
SystemParametersInfoA
RegisterClassA
EndDialog
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
CreateDialogParamA
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
LoadImageA
GetDC
EnableWindow
InvalidateRect
CreateWindowExA
GetWindowLongA
DrawFocusRect
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
TrackPopupMenu
wsprintfA
SendMessageA
CallWindowProcA
MapWindowPoints
GetWindowRect
ScreenToClient
PtInRect
LoadCursorA
SetCursor
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetWindowLongA

gdi32

SetBkColor
GetDeviceCaps
GetCurrentObject
GetObjectA
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegEnumKeyA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 320KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/FindProcDLL.dll
.dll windows:4 windows x86 arch:x86

c480ee4d2a64d4a16edee43fdfe35079

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
OpenProcess
LoadLibraryA
CloseHandle
GetProcAddress
GetVersionExA
GlobalFree
lstrcpyA
HeapCreate
VirtualFree
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
FreeLibrary
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
DisableThreadLibraryCalls
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetACP
GetOEMCP
WriteFile
VirtualAlloc
RtlUnwind
GetStringTypeA
GetStringTypeW
GetCPInfo

user32

wsprintfA

Exports

Exports

FindProc

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uptl_udprelay.dll
.dll windows:4 windows x86 arch:x86

45d52c0fd6a44a719be690cdf3ee3c72

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\UniAutoUpdate\Ezim\Client\bin\UPTL_udprelay.pdb

Imports

ws2_32

WSAStartup
WSACleanup

kernel32

CloseHandle
GetSystemInfo
VirtualProtect
FlushFileBuffers
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
_lclose
_lwrite
SetEndOfFile
_llseek
GetFileSize
_lcreat
GetLocalTime
Sleep
OutputDebugStringA
GetLastError
InterlockedIncrement
GetTickCount
GetFileAttributesA
CreateDirectoryA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
lstrcatA
GetModuleFileNameA
SetStdHandle
GetCPInfo
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
LoadLibraryA
SetFilePointer
_lopen
QueryPerformanceCounter
WriteFile
UnhandledExceptionFilter
ExitProcess
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedExchange
VirtualQuery
SetUnhandledExceptionFilter
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
HeapReAlloc
TerminateProcess
GetCurrentProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW

user32

PostMessageA
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
DefWindowProcA
KillTimer
SetTimer
DestroyWindow

gdi32

GetStockObject

netlib

CreateNetModule

Exports

Exports

CreateUDPUPTLInstance
ReleaseUPTLInstance

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42134c4fb1b2d3cf6b447e018a5de700

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 334KB

.ndata Size: - Virtual size: 320KB

.rsrc Size: 37KB - Virtual size: 40KB

c480ee4d2a64d4a16edee43fdfe35079

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 9KB - Virtual size: 10KB

.reloc Size: 1KB - Virtual size: 1KB

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 1012B

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 1024B - Virtual size: 784B

.data Size: 512B - Virtual size: 92B

.reloc Size: 512B - Virtual size: 496B

6bc108eed3ca99f68adee56e9c99fac6

Headers

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 741B

.rdata Size: 1024B - Virtual size: 657B

.data Size: 512B - Virtual size: 85B

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 334KB

.ndata
Size: - Virtual size: 320KB

.rsrc
Size: 37KB - Virtual size: 40KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 9KB - Virtual size: 10KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 1012B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 92B

.reloc
Size: 512B - Virtual size: 496B

.text
Size: 1024B - Virtual size: 741B

.rdata
Size: 1024B - Virtual size: 657B

.data
Size: 512B - Virtual size: 85B

.reloc
Size: 512B - Virtual size: 154B

.text
Size: 178KB - Virtual size: 177KB

.rdata
Size: 51KB - Virtual size: 50KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 181KB - Virtual size: 181KB

.reloc
Size: 32KB - Virtual size: 32KB

CODE
Size: 1.9MB - Virtual size: 1.9MB

DATA
Size: 26KB - Virtual size: 25KB

BSS
Size: - Virtual size: 11KB

.idata
Size: 13KB - Virtual size: 13KB

.tls
Size: - Virtual size: 36B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 114KB - Virtual size: 114KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 144KB - Virtual size: 143KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 816B

.reloc
Size: 12KB - Virtual size: 10KB

.text
Size: 44KB - Virtual size: 40KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 36KB - Virtual size: 35KB