6320ea8c5508c631ffac3a3d1af339c4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6320ea8c5508c631ffac3a3d1af339c4_JaffaCakes118
Size

5.6MB
MD5

6320ea8c5508c631ffac3a3d1af339c4
SHA1

d389b95c48b7e6b2f8c43af6b1202f2197980f28
SHA256

9d5d671cd371b4843ac991dfb8173032e84deea476853063a5198353ffd4f3cb
SHA512

e502be3aadbe71464a70320329ba7d29e950c926650b6fdca29f38b8d076e8af69d5238a36b0bb5a6d5e603fcafc65ca33ab5d8696dddcd0957ac0272d3870a6
SSDEEP

98304:FSnh1AG4ee8zxzzXeMmxYck8WCGvvMlElWDXR6AfXbuLRZqLa:Anhebx8zlzXeMmuck8xMuOGBzfqb

Score

3^/10

Malware Config

Signatures

Unsigned PE 17 IoCs

Checks for missing Authenticode signature.

resource
unpack002/ACMSETUP.EXE
unpack002/MSSETUP.DLL
unpack002/MSVCRT.DLL
unpack002/MSVCRT40.DLL
unpack002/WIZSET32.DLL
unpack002/f0000007
unpack002/f0000009
unpack002/f0000012
unpack002/f0000014
unpack002/f0000015
unpack002/f0000017
unpack002/f0000031
unpack002/f0000032
unpack002/f0000033
unpack002/f0000034
unpack002/f0000035
unpack001/odbcstf.dll

Files

6320ea8c5508c631ffac3a3d1af339c4_JaffaCakes118
.rar
SETUP1.CAB
.cab
ACMSETUP.EXE
.exe windows:1 windows x86 arch:x86

d057661fa0c57da4e10eca58cdf1dc72

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
lstrcpynA
SetFileTime
GetFileTime
GetCurrentDirectoryA
FindFirstFileA
GetDiskFreeSpaceA
GetShortPathNameA
SetCurrentDirectoryA
HeapDestroy
HeapAlloc
GetSystemDirectoryA
GetVersionExA
GlobalUnlock
HeapCreate
GlobalLock
GetComputerNameA
GetLocalTime
LoadLibraryA
lstrcmpA
GetTickCount
GetProcAddress
FreeLibrary
SetErrorMode
GetDriveTypeA
GetLocaleInfoA
GlobalHandle
GetVolumeInformationA
lstrcatA
IsDBCSLeadByte
LoadResource
FindResourceA
CompareStringA
VirtualAlloc
RtlUnwind
VirtualFree
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapFree
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
WideCharToMultiByte
GetCommandLineA
GetStartupInfoA
SetEnvironmentVariableA
GetFullPathNameA
FindNextFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetSystemTime
GetTimeZoneInformation
GetCurrentProcess
TerminateProcess
ExitProcess
lstrcpyA
LockResource
FreeResource
GetLogicalDrives
GetLogicalDriveStringsA
SetFileAttributesA
DeleteFileA
GlobalMemoryStatus
CreateFileA
ReadFile
SetFilePointer
OpenFile
WriteFile
CloseHandle
MultiByteToWideChar
GetModuleFileNameA
GlobalAlloc
GlobalFree
GetPrivateProfileStringA
lstrcmpiA
GetLastError
GetWindowsDirectoryA
GetTempPathA
GetModuleHandleA
LoadLibraryExA
GetVersion
GetSystemDefaultLCID
CompareStringW
MulDiv
lstrlenA
HeapReAlloc

advapi32

RegCreateKeyExA
RegEnumKeyExA
RegSetValueExA
GetUserNameA
RegEnumValueA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegCloseKey

user32

GetWindowLongA
GetWindowTextA
BeginPaint
SetWindowLongA
FillRect
DrawFocusRect
SetRect
GetActiveWindow
EndDialog
RegisterClassA
LoadCursorA
LoadStringA
LoadBitmapA
CharUpperBuffA
SetFocus
GetDlgItemInt
GetSystemMetrics
GetFocus
CallWindowProcA
GetClassLongA
CopyRect
CharLowerA
SetCursor
ShowCursor
InvalidateRect
ScreenToClient
BroadcastSystemMessage
SendNotifyMessageA
GetDlgCtrlID
MessageBeep
InvertRect
CharUpperA
InflateRect
CheckRadioButton
CharNextA
SendDlgItemMessageA
GetSysColor
DestroyWindow
GetParent
MessageBoxA
GetKeyState
EnableWindow
LoadIconA
DrawIcon
EndPaint
DefWindowProcA
ReleaseDC
SetWindowTextA
CharPrevA
GetDlgItemTextA
wsprintfA
GetDialogBaseUnits
GetClientRect
ClientToScreen
ShowWindow
IsWindowEnabled
GetDlgItem
PostMessageA
GetWindow
SendMessageA
GetDC
DrawTextA
GetWindowRect
SetWindowPos
SetDlgItemTextA
GetSystemMenu
RemoveMenu
FindWindowA
SetForegroundWindow

gdi32

SetTextColor
GetObjectA
CreateCompatibleDC
BitBlt
CreateDiscardableBitmap
CreateDIBitmap
GetTextMetricsA
GetStockObject
AddFontResourceA
RemoveFontResourceA
CreateScalableFontResourceA
PatBlt
StretchBlt
CreateSolidBrush
CreatePatternBrush
CreateBitmap
RestoreDC
IntersectClipRect
SaveDC
GetPixel
GetNearestColor
SetBkColor
SelectObject
GetTextExtentPointA
DeleteObject
ExtTextOutA
CreateFontIndirectA
DeleteDC
CreateCompatibleBitmap
GetDeviceCaps

ole32

OleInitialize
OleUninitialize
CoCreateInstance

mpr

WNetAddConnection2A
WNetCancelConnection2A
WNetGetLastErrorA
WNetConnectionDialog
WNetCancelConnectionA
WNetAddConnectionA
WNetGetConnectionA

mssetup

FLongFileNamesSuppressed
CreateIniKeyValue
InitLongFileNames
SetAcmeInst
WriteLogDivider
FWriteToLogFile
SetErrorParamConst
PrependToPath
AddShareToAutoexec
RenameFile
GetEnvVariableValue
StampResource
FReadResource
CompareFileVersions
SetErrorParamInt
EercOpenFile
LfaSeekFile
CbReadFile
FCloseFile
CbStrCopyToBuffer
FLanguageMismatchInf
FChmodFile
AddLineToRestartFile
GetSectionKeyFilename
FGetKeyInfo
GetVersionNthField
TermIME
FRemoveOurDir
HmodUIHookDll
DoesInfSectionKeyExist
EnsurePathExists
SetErrorParamCopy
CreateProgmanItem
ShowProgmanGroup
DeleteProgmanItem
MakeListFromProgmanGroups
IsFileInUseBySystem
ReactivateSetupScript
FSetSymbolValue
HdlgShowHelp
ProcessMessageId
DoesIniKeyExist
UIPop
ForceNewDialog
GetScreenHeight
UIStartExeDlg
GetWindowsMode
SzLastChar
IsCtl3dEnabled
RemoveSymbol
GetListItem
GetListLength
UIStartExeDlgWinHelp
GetSymbolValue
SetPassInfo
HwndFrame
CopyFilesInCopyList
LogMessageId
Validate
GetCopyListCost
ClearCopyList
SetRestartDir
HandleOOM
PbAlloc
DoesFileExist
ReadInfFile
AddListItem
ClearBillboardList
SetCopyGaugePosition
ReplaceListItem
GetFreeSpaceForDrive
DriveNumToRootPath
SetErrorParam
FValidFilePath
IsDriveNetwork
CrcStringCompareI
CbGetListItem
GetNetworkDrivesList
SetSymbolValue
DoesDirExist
GetWindowsSysDir
IsWindowsShared
ShowWaitCursor
RestoreCursor
FRegCloseKey
SetRegKeyValue32Ex
GetRegKeyValue32Ex
FRegCreateKey32
DeleteRegKeyValue32
ForceRestartOn
EnableIME
InitIME
InitSetupToolkit
SetFEFontProc
GetSectionKeyVersion
DoesInfSectionExist
GetRegKeyValue32
GetScreenWidth
DoMsgBox
SuppressLongFileNames
SetAdminMode
SetSilentMode
SetTitle
SetBitmap
SetSizeCheckMode
SetAbout
EndSetupToolkit
FCloseLogFile
FFree
ExitExecRestart
RestartListEmpty
GetDOSMajorVersion
IsDirWritable
GetWindowsDirPath
SetRegKeyValue32
RemoveIniKey
RemoveDir
CrcStringCompare
GetIniKeyString
FOpenLogFile
SzGetLastSetupErrMsg
FindFileInTree
CbGetSymbolValue
IsWindows
OpenIME
RemoveFile
FCloseSrcFile
EercReadSrcFile
EercOpenSrcFileEx
EercWriteSrcFile
EercOpenSrcFile
IsDriveRemovable
EercFindHddiFloppy
SetErrorParamChar
GetVersionOfFile
IsDriveLocalHard
IsFileWritable
AddSectionKeyFileToCopyList
FindTargetOnEnvVar
GetNthFieldFromIniString
FindFileUsingFileOpen
AddToBillboardList
GetSectionKeySize
RemoveSectionKeyFileToCopyList
RemoveSpecialFileToCopyList
AddSpecialFileToCopyList
LogValidate
BindImage
MakeListFromSectionSize
RemoveSectionFilesToCopyList
AddSectionFilesToCopyList
CreateDir

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

shell32

ShellExecuteA

Sections

.text
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 87KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ACMSETUP.HLP
MSSETUP.DLL
.dll windows:1 windows x86 arch:x86

9f91a6d65da7fff6bdb420d66d40fac0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RemoveDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetFileAttributesA
GetFileAttributesA
FindClose
FindNextFileA
FindFirstFileA
CreateDirectoryA
GetCurrentThreadId
lstrcmpiA
GetProfileStringA
GlobalAddAtomA
GlobalDeleteAtom
IsBadReadPtr
GetVersion
GlobalFree
GlobalAlloc
LoadResource
SizeofResource
FindResourceA
DeviceIoControl
GetDriveTypeA
GetFileTime
FreeLibrary
GetProcAddress
LoadLibraryA
GetVolumeInformationA
ReadFile
FileTimeToLocalFileTime
GetLocaleInfoA
WritePrivateProfileStringA
WriteProfileStringA
GetPrivateProfileStringA
GetModuleFileNameA
GlobalLock
GlobalHandle
GlobalReAlloc
GetCurrentProcess
ReleaseMutex
CreateMutexA
GetShortPathNameA
OpenMutexA
GetSystemInfo
GetWindowsDirectoryA
GetSystemDirectoryA
GetEnvironmentVariableA
CreateFileA
SearchPathA
CreateFileMappingA
MapViewOfFile
RtlMoveMemory
FlushViewOfFile
GetSystemTime
SystemTimeToFileTime
SetFileTime
LocalAlloc
GetFileSize
UnmapViewOfFile
CloseHandle
LocalFree
GetTempPathA
FileTimeToDosDateTime
DeleteFileA
MoveFileExA
GetTempFileNameA
MoveFileA
LocalFileTimeToFileTime
GetLastError
DosDateTimeToFileTime
IsDBCSLeadByte
lstrcatA
SetErrorMode
lstrcpyA
GetTickCount
lstrcmpA
WriteFile
lstrlenA
SetFilePointer
GetDiskFreeSpaceA
CompareStringW
GetTimeZoneInformation
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcessId
VirtualAlloc
VirtualFree
HeapCreate
CompareStringA
HeapReAlloc
HeapDestroy
LCMapStringW
LCMapStringA
TerminateProcess
RtlZeroMemory
MultiByteToWideChar
GetStringTypeW
ExitProcess
WideCharToMultiByte
GetModuleHandleA
GetStringTypeA
HeapFree
HeapAlloc
GetCommandLineA
SetEnvironmentVariableA
FileTimeToSystemTime
GetFullPathNameA
RtlUnwind
OpenFile
GetLocalTime
SetUnhandledExceptionFilter
IsBadWritePtr
IsBadCodePtr
lstrcpynA

advapi32

RegQueryInfoKeyA
RegQueryValueA
RegFlushKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA

user32

SetWindowWord
GetWindowWord
EnableWindow
SetWindowTextA
MapDialogRect
SetWindowPos
SendDlgItemMessageA
ShowWindow
AppendMenuA
DeleteMenu
GetSystemMenu
LoadIconA
CreateWindowExA
SendNotifyMessageA
GetDialogBaseUnits
MessageBoxA
DialogBoxParamA
CopyRect
EndDialog
RemoveMenu
DrawIcon
SetRect
DdeUninitialize
DdeDisconnect
DdeInitializeA
DdeFreeStringHandle
DdeConnect
DdeCreateStringHandleA
DdeFreeDataHandle
SetFocus
GetDlgItem
PostMessageA
DdeGetLastError
ExitWindowsEx
IsWindow
LoadBitmapA
GetLastActivePopup
UnregisterClassA
CreateDialogParamA
GetMessageA
GetKeyState
SendMessageA
SetWindowLongA
SetPropA
GetPropA
PeekMessageA
TranslateMessage
DispatchMessageA
IsDialogMessageA
CharUpperBuffA
CharUpperA
MessageBeep
UpdateWindow
WinHelpA
CharPrevA
GetActiveWindow
SetActiveWindow
LoadCursorA
SetCursor
LoadStringA
DestroyWindow
SetDlgItemTextA
ShowCursor
GetSystemMetrics
RegisterClassA
CharNextA
wsprintfA
GetCursor
ShowCaret
HideCaret
MapWindowPoints
ExcludeUpdateRgn
BeginPaint
EndPaint
IsWindowEnabled
GetWindowTextA
ClientToScreen
IntersectRect
DrawTextA
GetFocus
ScreenToClient
DrawFocusRect
GetClassNameA
CallNextHookEx
InvalidateRect
GetClassInfoA
DdeAccessData
DefWindowProcA
GetWindowDC
GetWindowRect
InflateRect
OffsetRect
ReleaseDC
GetWindowLongA
GetWindow
IsChild
SetWindowsHookExA
UnhookWindowsHookEx
GetClientRect
RemovePropA
CallWindowProcA
DdeClientTransaction
DdeUnaccessData
GetDC
GetSysColor
GetParent
OemToCharA

gdi32

DeleteObject
ExtTextOutA
IntersectClipRect
SetBkColor
GetTextMetricsA
SetTextColor
GetTextExtentPointA
GetDeviceCaps
CreateSolidBrush
SelectObject
BitBlt
CreateCompatibleDC
DeleteDC
CreateDIBitmap
GetNearestColor
SetBkMode
GetStockObject
GetObjectA
PatBlt

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerFindFileA

lz32

LZOpenFileA
LZCopy
LZClose

Exports

Exports

AddLineToRestartFile
AddListItem
AddSectionFilesToCopyList
AddSectionKeyFileToCopyList
AddShareToAutoexec
AddSpecialFileToCopyList
AddToBillboardList
BindImage
BtnWndProc3d
CbGetListItem
CbGetSymbolValue
CbReadFile
CbStrCopyToBuffer
CbWriteFile
CleanupTrap
ClearBillboardList
ClearCopyList
ComboWndProc3d
CompareFileVersions
CopyFile
CopyFilesInCopyList
CrcStringCompare
CrcStringCompareI
CreateDir
CreateIniKeyValue
CreateProgmanGroup
CreateProgmanItem
CreateSysIniKeyValue
Ctl3dAutoSubclass
Ctl3dColorChange
Ctl3dCtlColor
Ctl3dCtlColorEx
Ctl3dDlgFramePaint
Ctl3dDlgProc
Ctl3dEnabled
Ctl3dGetVer
Ctl3dRegister
Ctl3dSetStyle
Ctl3dSubclassCtl
Ctl3dSubclassDlg
Ctl3dSubclassDlgEx
Ctl3dUnregister
Ctl3dWinIniChange
DBCS_fullpath
DBCS_splitpath
DebugMessagesOn
DeleteProgmanGroup
DeleteProgmanItem
DeleteRegKeyValue32
DoMsgBox
DoesDirExist
DoesFileExist
DoesInfSectionExist
DoesInfSectionKeyExist
DoesIniKeyExist
DoesIniSectionExist
DoesSysIniKeyValueExist
DriveNumToRootPath
EditWndProc3d
EercErrorHandler
EercFindHddiFloppy
EercOpenFile
EercOpenSrcFile
EercOpenSrcFileEx
EercReadSrcFile
EercWriteSrcFile
EnableIME
EndSetupToolkit
EnsurePathExists
ExitExecRestart
FAddLineToRestartFile
FAddListItem
FAddSymbolValueToSymTab
FChmodFile
FCloseFile
FCloseHelp
FCloseLogFile
FCloseSrcFile
FDisplaySystemMsg
FFileExist
FFree
FGetKeyInfo
FGstGenericDlgProc
FGstGenericHelpDlgProc
FHasInfBeenOpened
FInstRemoveableDrive
FLanguageMismatchInf
FLogOpen
FLongFileNamesSuppressed
FMakeFATPathFromDirAndSubPath
FMsgBoxDlgProc
FOpenLogFile
FReadResource
FRegCloseKey
FRegCreateKey32
FRemoveOurDir
FRemoveSymbol
FSetSymbolValue
FStampResource
FValidFilePath
FWriteToLogFile
FailAssert
FailRTChkArg
FindFileInTree
FindFileUsingFileOpen
FindTargetOnEnvVar
ForceNewDialog
ForceRestartOff
ForceRestartOn
FrameWndProc
GetCopyListCost
GetDOSMajorVersion
GetDOSMinorVersion
GetEnvVariableValue
GetExistingFOTFileForTTF
GetFreeSpaceForDrive
GetIniKeyString
GetListItem
GetListLength
GetNetworkDrivesList
GetNthFieldFromIniString
GetProcessorType
GetRegKeyValue32
GetRegKeyValue32Ex
GetScreenHeight
GetScreenWidth
GetSectionKeyDate
GetSectionKeyFilename
GetSectionKeySize
GetSectionKeyVersion
GetSilentMode
GetSizeOfFile
GetSymbolValue
GetTotalSpaceForDrive
GetTypeFaceNameFromTTF
GetVersionNthField
GetVersionOfFile
GetWindowsDirPath
GetWindowsMajorVersion
GetWindowsMinorVersion
GetWindowsMode
GetWindowsSysDir
HandleOOM
HdlgShowHelp
HinstFrame
HmodUIHookDll
HwndFrame
InitIME
InitLongFileNames
InitSetupToolkit
IsAdminMode
IsCtl3dEnabled
IsDirWritable
IsDriveLocalHard
IsDriveNetwork
IsDriveRemovable
IsDriverInConfig
IsFileInUseBySystem
IsFileWritable
IsWindows
IsWindowsDBCS
IsWindowsJapanese
IsWindowsShared
LfaSeekFile
ListWndProc3d
LogMessageId
LogValidate
MBIconProc
MakeListFromProgmanGroups
MakeListFromSectionDate
MakeListFromSectionFilename
MakeListFromSectionKeys
MakeListFromSectionSize
MakeListFromSectionVersion
OpenIME
PbAlloc
PbRealloc
PrependToPath
ProBarProc
ProDlgProc
ProcessDebugMessage
ProcessMessage
ProcessMessageId
PsdleFromDid
ReactivateSetupScript
ReadInfFile
RemoveDir
RemoveFile
RemoveIniKey
RemoveIniSection
RemoveSectionFilesToCopyList
RemoveSectionKeyFileToCopyList
RemoveSpecialFileToCopyList
RemoveSymbol
RenameFile
ReplaceListItem
ResponseFile
RestartListEmpty
RestoreCursor
STF_AddLineToRestartFile
STF_AddListItem
STF_AddSectionFilesToCopyList
STF_AddSectionKeyFileToCopyList
STF_AddShareToAutoexec
STF_AddSpecialFileToCopyList
STF_AddToBillboardList
STF_ClearBillboardList
STF_CopyFile
STF_CopyFilesInCopyList
STF_CreateDir
STF_CreateIniKeyValue
STF_CreateProgmanGroup
STF_CreateProgmanItem
STF_DoesDirExist
STF_DoesInfSectionExist
STF_DoesInfSectionKeyExist
STF_DoesIniKeyExist
STF_DoesIniSectionExist
STF_FindFileInTree
STF_FindFileUsingFileOpen
STF_FindTargetOnEnvVar
STF_ForceNewDialog
STF_GetCopyListCost
STF_GetExistingFOTFileForTTF
STF_GetFreeSpaceForDrive
STF_GetIniKeyString
STF_GetListItem
STF_GetListLength
STF_GetNetworkDrivesList
STF_GetNthFieldFromIniString
STF_GetSectionKeyDate
STF_GetSectionKeyFilename
STF_GetSectionKeySize
STF_GetSectionKeyVersion
STF_GetSizeOfFile
STF_GetSymbolValue
STF_GetTotalSpaceForDrive
STF_GetTypeFaceNameFromTTF
STF_GetVersionNthField
STF_GetVersionOfFile
STF_GetWindowsDirPath
STF_GetWindowsSysDir
STF_InitSetupToolkit
STF_IsDirWritable
STF_IsDriveLocalHard
STF_IsDriveNetwork
STF_IsDriveRemovable
STF_IsFileInUseBySystem
STF_IsFileWritable
STF_IsWindowsShared
STF_MakeListFromProgmanGroups
STF_MakeListFromSectionDate
STF_MakeListFromSectionFilename
STF_MakeListFromSectionKeys
STF_MakeListFromSectionSize
STF_MakeListFromSectionVersion
STF_PrependToPath
STF_ReadInfFile
STF_RemoveDir
STF_RemoveFile
STF_RemoveIniKey
STF_RemoveIniSection
STF_RemoveSectionFilesToCopyList
STF_RemoveSectionKeyFileToCopyList
STF_RemoveSpecialFileToCopyList
STF_RemoveSymbol
STF_RenameFile
STF_RestoreCursor
STF_SetAbout
STF_SetBitmap
STF_SetRestartDir
STF_SetSymbolValue
STF_ShowProgmanGroup
STF_StampResource
STF_UIPop
STF_UIPopAll
STF_UIStartDlg
STF_UIStartExeDlg
STF_UIStartExeDlgWinHelp
SetAbout
SetAcmeInst
SetAdminMode
SetBitmap
SetCopyGaugePosition
SetErrorParam
SetErrorParamChar
SetErrorParamConst
SetErrorParamCopy
SetErrorParamInt
SetFEFontProc
SetLastSetupErrMsg
SetPassInfo
SetRegKeyValue32
SetRegKeyValue32Ex
SetRestartDir
SetSilentMode
SetSizeCheckMode
SetSymbolValue
SetTitle
SetupApiErr
ShowProgmanGroup
ShowWaitCursor
StampResource
StaticWndProc3d
SuppressLongFileNames
SzFindSymbolValueInSymTab
SzGetLastSetupErrMsg
SzLastChar
TermIME
UIPop
UIPopAll
UIStartDlg
UIStartExeDlg
UIStartExeDlgWinHelp
UiFindSrcFileName
UiPromptForDisk
UsGetListLength
Validate
WriteLogDivider
fnText

Sections

.text
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.expo
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSVCRT.DLL
.dll windows:4 windows x86 arch:x86

8d26773106ed39fbb89a157d19d8aa89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
RtlUnwind
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetUnhandledExceptionFilter
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
ResumeThread
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapFree
HeapAlloc
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
SetEnvironmentVariableW
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
RaiseException
SetStdHandle
Sleep
CompareStringA
CompareStringW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
GetTimeZoneInformation
SetEnvironmentVariableA
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
HeapSize
ReadConsoleA
SetConsoleMode
GetConsoleMode
SetEndOfFile
WriteConsoleA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
GetSystemTimeAsFileTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime
GetSystemTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__argc
__argv
__badioinfo
__crtCompareStringA
__crtGetLocaleInfoW
__crtLCMapStringA
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__isascii
__iscsym
__iscsymf
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pioinfo
__pxcptinfoptrs
__set_app_type
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__unguarded_readlc_active
__wargv
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_creat
_cscanf
_ctype
_cwait
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirsti64
_findnext
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstati64
_ftime
_ftol
_fullpath
_futime
_gcvt
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getws
_global_unwind2
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putws
_pwctype
_read
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_searchenv
_seh_longjmp_unwind
_set_error_mode
_set_sbh_threshold
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snwprintf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_splitpath
_stat
_stati64
_statusfp
_strcmpi
_strdate
_strdup
_strerror
_stricmp
_stricoll
_strlwr
_strncoll
_strnicmp
_strnicoll
_strnset
_strrev
_strset
_strtime
_strupr
_swab
_sys_errlist
_sys_nerr
_tell
_telli64
_tempnam
_timezone
_tolower
_toupper
_tzname
_tzset
_ui64toa
_ui64tow
_ultoa
_ultow
_umask
_ungetch
_unlink
_unloaddll
_unlock
_utime
_vsnprintf
_vsnwprintf
_waccess
_wasctime
_wchdir
_wchmod
_wcmdln
_wcreat
_wcsdup
_wcsicmp
_wcsicoll
_wcslwr
_wcsncoll
_wcsnicmp
_wcsnicoll
_wcsnset
_wcsrev
_wcsset
_wcsupr

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSVCRT40.DLL
.dll windows:4 windows x86 arch:x86

57259dcda30c27e977785c33a8441434

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsValidLocale
RtlUnwind
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ResumeThread
GetLastError
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
HeapFree
HeapAlloc
HeapCreate
HeapDestroy
ReadFile
SetFilePointer
SetHandleCount
GetFileType
GetStartupInfoA
CreateFileA
SetStdHandle
SetEndOfFile
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
Sleep
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
SetEnvironmentVariableW
RaiseException
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
GetLocaleInfoW
GetTimeZoneInformation
HeapReAlloc
HeapSize
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapUnlock
HeapWalk
HeapLock
HeapCompact
ReadConsoleA
SetConsoleMode
GetConsoleMode
WriteConsoleA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
LockFile
UnlockFile
CreatePipe
CreateFileW
GetLocalTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
GetSystemTime

Exports

Exports

$I10_OUTPUT
??0Iostream_init@@QAE@AAVios@@H@Z
??0Iostream_init@@QAE@XZ
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??0filebuf@@QAE@ABV0@@Z
??0filebuf@@QAE@H@Z
??0filebuf@@QAE@HPADH@Z
??0filebuf@@QAE@XZ
??0fstream@@QAE@ABV0@@Z
??0fstream@@QAE@H@Z
??0fstream@@QAE@HPADH@Z
??0fstream@@QAE@PBDHH@Z
??0fstream@@QAE@XZ
??0ifstream@@QAE@ABV0@@Z
??0ifstream@@QAE@H@Z
??0ifstream@@QAE@HPADH@Z
??0ifstream@@QAE@PBDHH@Z
??0ifstream@@QAE@XZ
??0ios@@IAE@ABV0@@Z
??0ios@@IAE@XZ
??0ios@@QAE@PAVstreambuf@@@Z
??0iostream@@IAE@ABV0@@Z
??0iostream@@IAE@XZ
??0iostream@@QAE@PAVstreambuf@@@Z
??0istream@@IAE@ABV0@@Z
??0istream@@IAE@XZ
??0istream@@QAE@PAVstreambuf@@@Z
??0istream_withassign@@QAE@ABV0@@Z
??0istream_withassign@@QAE@PAVstreambuf@@@Z
??0istream_withassign@@QAE@XZ
??0istrstream@@QAE@ABV0@@Z
??0istrstream@@QAE@PAD@Z
??0istrstream@@QAE@PADH@Z
??0logic_error@@QAE@ABQBD@Z
??0logic_error@@QAE@ABV0@@Z
??0ofstream@@QAE@ABV0@@Z
??0ofstream@@QAE@H@Z
??0ofstream@@QAE@HPADH@Z
??0ofstream@@QAE@PBDHH@Z
??0ofstream@@QAE@XZ
??0ostream@@IAE@ABV0@@Z
??0ostream@@IAE@XZ
??0ostream@@QAE@PAVstreambuf@@@Z
??0ostream_withassign@@QAE@ABV0@@Z
??0ostream_withassign@@QAE@PAVstreambuf@@@Z
??0ostream_withassign@@QAE@XZ
??0ostrstream@@QAE@ABV0@@Z
??0ostrstream@@QAE@PADHH@Z
??0ostrstream@@QAE@XZ
??0stdiobuf@@QAE@ABV0@@Z
??0stdiobuf@@QAE@PAU_iobuf@@@Z
??0stdiostream@@QAE@ABV0@@Z
??0stdiostream@@QAE@PAU_iobuf@@@Z
??0streambuf@@IAE@PADH@Z
??0streambuf@@IAE@XZ
??0streambuf@@QAE@ABV0@@Z
??0strstream@@QAE@ABV0@@Z
??0strstream@@QAE@PADHH@Z
??0strstream@@QAE@XZ
??0strstreambuf@@QAE@ABV0@@Z
??0strstreambuf@@QAE@H@Z
??0strstreambuf@@QAE@P6APAXJ@ZP6AXPAX@Z@Z
??0strstreambuf@@QAE@PADH0@Z
??0strstreambuf@@QAE@XZ
??1Iostream_init@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1filebuf@@UAE@XZ
??1fstream@@UAE@XZ
??1ifstream@@UAE@XZ
??1ios@@UAE@XZ
??1iostream@@UAE@XZ
??1istream@@UAE@XZ
??1istream_withassign@@UAE@XZ
??1istrstream@@UAE@XZ
??1logic_error@@UAE@XZ
??1ofstream@@UAE@XZ
??1ostream@@UAE@XZ
??1ostream_withassign@@UAE@XZ
??1ostrstream@@UAE@XZ
??1stdiobuf@@UAE@XZ
??1stdiostream@@UAE@XZ
??1streambuf@@UAE@XZ
??1strstream@@UAE@XZ
??1strstreambuf@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4Iostream_init@@QAEAAV0@ABV0@@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??4filebuf@@QAEAAV0@ABV0@@Z
??4fstream@@QAEAAV0@AAV0@@Z
??4ifstream@@QAEAAV0@ABV0@@Z
??4ios@@IAEAAV0@ABV0@@Z
??4iostream@@IAEAAV0@AAV0@@Z
??4iostream@@IAEAAV0@PAVstreambuf@@@Z
??4istream@@IAEAAV0@ABV0@@Z
??4istream@@IAEAAV0@PAVstreambuf@@@Z
??4istream_withassign@@QAEAAV0@ABV0@@Z
??4istream_withassign@@QAEAAVistream@@ABV1@@Z
??4istream_withassign@@QAEAAVistream@@PAVstreambuf@@@Z
??4istrstream@@QAEAAV0@ABV0@@Z
??4logic_error@@QAEAAV0@ABV0@@Z
??4ofstream@@QAEAAV0@ABV0@@Z
??4ostream@@IAEAAV0@ABV0@@Z
??4ostream@@IAEAAV0@PAVstreambuf@@@Z
??4ostream_withassign@@QAEAAV0@ABV0@@Z
??4ostream_withassign@@QAEAAVostream@@ABV1@@Z
??4ostream_withassign@@QAEAAVostream@@PAVstreambuf@@@Z
??4ostrstream@@QAEAAV0@ABV0@@Z
??4stdiobuf@@QAEAAV0@ABV0@@Z
??4stdiostream@@QAEAAV0@AAV0@@Z
??4streambuf@@QAEAAV0@ABV0@@Z
??4strstream@@QAEAAV0@AAV0@@Z
??4strstreambuf@@QAEAAV0@ABV0@@Z
??5istream@@QAEAAV0@AAC@Z
??5istream@@QAEAAV0@AAD@Z
??5istream@@QAEAAV0@AAE@Z
??5istream@@QAEAAV0@AAF@Z
??5istream@@QAEAAV0@AAG@Z
??5istream@@QAEAAV0@AAH@Z
??5istream@@QAEAAV0@AAI@Z
??5istream@@QAEAAV0@AAJ@Z
??5istream@@QAEAAV0@AAK@Z
??5istream@@QAEAAV0@AAM@Z
??5istream@@QAEAAV0@AAN@Z
??5istream@@QAEAAV0@AAO@Z
??5istream@@QAEAAV0@P6AAAV0@AAV0@@Z@Z
??5istream@@QAEAAV0@P6AAAVios@@AAV1@@Z@Z
??5istream@@QAEAAV0@PAC@Z
??5istream@@QAEAAV0@PAD@Z
??5istream@@QAEAAV0@PAE@Z
??5istream@@QAEAAV0@PAVstreambuf@@@Z
??6ostream@@QAEAAV0@C@Z
??6ostream@@QAEAAV0@D@Z
??6ostream@@QAEAAV0@E@Z
??6ostream@@QAEAAV0@F@Z
??6ostream@@QAEAAV0@G@Z
??6ostream@@QAEAAV0@H@Z
??6ostream@@QAEAAV0@I@Z
??6ostream@@QAEAAV0@J@Z
??6ostream@@QAEAAV0@K@Z
??6ostream@@QAEAAV0@M@Z
??6ostream@@QAEAAV0@N@Z
??6ostream@@QAEAAV0@O@Z
??6ostream@@QAEAAV0@P6AAAV0@AAV0@@Z@Z
??6ostream@@QAEAAV0@P6AAAVios@@AAV1@@Z@Z
??6ostream@@QAEAAV0@PAVstreambuf@@@Z
??6ostream@@QAEAAV0@PBC@Z
??6ostream@@QAEAAV0@PBD@Z
??6ostream@@QAEAAV0@PBE@Z
??6ostream@@QAEAAV0@PBX@Z
??7ios@@QBEHXZ
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??Bios@@QBEPAXXZ
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_7filebuf@@6B@
??_7fstream@@6B@
??_7ifstream@@6B@
??_7ios@@6B@
??_7iostream@@6B@
??_7istream@@6B@
??_7istream_withassign@@6B@
??_7istrstream@@6B@
??_7logic_error@@6B@
??_7ofstream@@6B@
??_7ostream@@6B@
??_7ostream_withassign@@6B@
??_7ostrstream@@6B@
??_7stdiobuf@@6B@
??_7stdiostream@@6B@
??_7streambuf@@6B@
??_7strstream@@6B@
??_7strstreambuf@@6B@
??_8fstream@@7Bistream@@@
??_8fstream@@7Bostream@@@
??_8ifstream@@7B@
??_8iostream@@7Bistream@@@
??_8iostream@@7Bostream@@@
??_8istream@@7B@
??_8istream_withassign@@7B@
??_8istrstream@@7B@
??_8ofstream@@7B@
??_8ostream@@7B@
??_8ostream_withassign@@7B@
??_8ostrstream@@7B@
??_8stdiostream@@7Bistream@@@
??_8stdiostream@@7Bostream@@@
??_8strstream@@7Bistream@@@
??_8strstream@@7Bostream@@@
??_Dfstream@@QAEXXZ
??_Difstream@@QAEXXZ
??_Diostream@@QAEXXZ
??_Distream@@QAEXXZ
??_Distream_withassign@@QAEXXZ
??_Distrstream@@QAEXXZ
??_Dofstream@@QAEXXZ
??_Dostream@@QAEXXZ
??_Dostream_withassign@@QAEXXZ
??_Dostrstream@@QAEXXZ
??_Dstdiostream@@QAEXXZ
??_Dstrstream@@QAEXXZ
??_EIostream_init@@QAEPAXI@Z
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_Efilebuf@@UAEPAXI@Z
??_Efstream@@UAEPAXI@Z
??_Eifstream@@UAEPAXI@Z
??_Eios@@UAEPAXI@Z
??_Eiostream@@UAEPAXI@Z
??_Eistream@@UAEPAXI@Z
??_Eistream_withassign@@UAEPAXI@Z
??_Eistrstream@@UAEPAXI@Z
??_Elogic_error@@UAEPAXI@Z
??_Eofstream@@UAEPAXI@Z
??_Eostream@@UAEPAXI@Z
??_Eostream_withassign@@UAEPAXI@Z
??_Eostrstream@@UAEPAXI@Z
??_Estdiobuf@@UAEPAXI@Z
??_Estdiostream@@UAEPAXI@Z
??_Estreambuf@@UAEPAXI@Z
??_Estrstream@@UAEPAXI@Z
??_Estrstreambuf@@UAEPAXI@Z
??_GIostream_init@@QAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
??_Gfilebuf@@UAEPAXI@Z
??_Gfstream@@UAEPAXI@Z
??_Gifstream@@UAEPAXI@Z
??_Gios@@UAEPAXI@Z
??_Giostream@@UAEPAXI@Z
??_Gistream@@UAEPAXI@Z
??_Gistream_withassign@@UAEPAXI@Z
??_Gistrstream@@UAEPAXI@Z
??_Glogic_error@@UAEPAXI@Z
??_Gofstream@@UAEPAXI@Z
??_Gostream@@UAEPAXI@Z
??_Gostream_withassign@@UAEPAXI@Z
??_Gostrstream@@UAEPAXI@Z
??_Gstdiobuf@@UAEPAXI@Z
??_Gstdiostream@@UAEPAXI@Z
??_Gstreambuf@@UAEPAXI@Z
??_Gstrstream@@UAEPAXI@Z
??_Gstrstreambuf@@UAEPAXI@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?adjustfield@ios@@2JB
?allocate@streambuf@@IAEHXZ
?attach@filebuf@@QAEPAV1@H@Z
?attach@fstream@@QAEXH@Z
?attach@ifstream@@QAEXH@Z
?attach@ofstream@@QAEXH@Z
?bad@ios@@QBEHXZ
?base@streambuf@@IBEPADXZ
?basefield@ios@@2JB
?before@type_info@@QBEHABV1@@Z
?binary@filebuf@@2HB
?bitalloc@ios@@SAJXZ
?blen@streambuf@@IBEHXZ
?cerr@@3Vostream_withassign@@A
?cin@@3Vistream_withassign@@A
?clear@ios@@QAEXH@Z
?clog@@3Vostream_withassign@@A
?close@filebuf@@QAEPAV1@XZ
?close@fstream@@QAEXXZ
?close@ifstream@@QAEXXZ
?close@ofstream@@QAEXXZ
?clrlock@ios@@QAAXXZ
?clrlock@streambuf@@QAEXXZ
?cout@@3Vostream_withassign@@A
?dbp@streambuf@@QAEXXZ
?dec@@YAAAVios@@AAV1@@Z
?delbuf@ios@@QAEXH@Z
?delbuf@ios@@QBEHXZ
?doallocate@streambuf@@MAEHXZ
?doallocate@strstreambuf@@MAEHXZ
?eatwhite@istream@@QAEXXZ
?eback@streambuf@@IBEPADXZ
?ebuf@streambuf@@IBEPADXZ
?egptr@streambuf@@IBEPADXZ
?endl@@YAAAVostream@@AAV1@@Z
?ends@@YAAAVostream@@AAV1@@Z
?eof@ios@@QBEHXZ
?epptr@streambuf@@IBEPADXZ
?fLockcInit@ios@@0HA
?fail@ios@@QBEHXZ
?fd@filebuf@@QBEHXZ
?fd@fstream@@QBEHXZ
?fd@ifstream@@QBEHXZ
?fd@ofstream@@QBEHXZ
?fill@ios@@QAEDD@Z
?fill@ios@@QBEDXZ
?flags@ios@@QAEJJ@Z
?flags@ios@@QBEJXZ
?floatfield@ios@@2JB
?flush@@YAAAVostream@@AAV1@@Z
?flush@ostream@@QAEAAV1@XZ
?freeze@strstreambuf@@QAEXH@Z
?gbump@streambuf@@IAEXH@Z
?gcount@istream@@QBEHXZ
?get@istream@@IAEAAV1@PADHH@Z
?get@istream@@QAEAAV1@AAC@Z
?get@istream@@QAEAAV1@AAD@Z
?get@istream@@QAEAAV1@AAE@Z
?get@istream@@QAEAAV1@AAVstreambuf@@D@Z
?get@istream@@QAEAAV1@PACHD@Z
?get@istream@@QAEAAV1@PADHD@Z
?get@istream@@QAEAAV1@PAEHD@Z
?get@istream@@QAEHXZ
?getdouble@istream@@AAEHPADH@Z
?getint@istream@@AAEHPAD@Z
?getline@istream@@QAEAAV1@PACHD@Z
?getline@istream@@QAEAAV1@PADHD@Z
?getline@istream@@QAEAAV1@PAEHD@Z
?good@ios@@QBEHXZ
?gptr@streambuf@@IBEPADXZ
?hex@@YAAAVios@@AAV1@@Z
?ignore@istream@@QAEAAV1@HH@Z
?in_avail@streambuf@@QBEHXZ
?init@ios@@IAEXPAVstreambuf@@@Z
?ipfx@istream@@QAEHH@Z
?is_open@filebuf@@QBEHXZ
?is_open@fstream@@QBEHXZ
?is_open@ifstream@@QBEHXZ
?is_open@ofstream@@QBEHXZ
?isfx@istream@@QAEXXZ
?iword@ios@@QBEAAJH@Z
?lock@ios@@QAAXXZ
?lock@streambuf@@QAEXXZ
?lockbuf@ios@@QAAXXZ
?lockc@ios@@KAXXZ
?lockptr@ios@@IAEPAU_CRT_CRITICAL_SECTION@@XZ
?lockptr@streambuf@@IAEPAU_CRT_CRITICAL_SECTION@@XZ
?name@type_info@@QBEPBDXZ
?oct@@YAAAVios@@AAV1@@Z
?open@filebuf@@QAEPAV1@PBDHH@Z
?open@fstream@@QAEXPBDHH@Z
?open@ifstream@@QAEXPBDHH@Z
?open@ofstream@@QAEXPBDHH@Z
?openprot@filebuf@@2HB
?opfx@ostream@@QAEHXZ
?osfx@ostream@@QAEXXZ
?out_waiting@streambuf@@QBEHXZ
?overflow@filebuf@@UAEHH@Z
?overflow@stdiobuf@@UAEHH@Z
?overflow@strstreambuf@@UAEHH@Z
?pbackfail@stdiobuf@@UAEHH@Z
?pbackfail@streambuf@@UAEHH@Z
?pbase@streambuf@@IBEPADXZ
?pbump@streambuf@@IAEXH@Z
?pcount@ostrstream@@QBEHXZ
?pcount@strstream@@QBEHXZ
?peek@istream@@QAEHXZ
?pptr@streambuf@@IBEPADXZ
?precision@ios@@QAEHH@Z
?precision@ios@@QBEHXZ
?put@ostream@@QAEAAV1@C@Z
?put@ostream@@QAEAAV1@D@Z
?put@ostream@@QAEAAV1@E@Z
?putback@istream@@QAEAAV1@D@Z
?pword@ios@@QBEAAPAXH@Z
?raw_name@type_info@@QBEPBDXZ
?rdbuf@fstream@@QBEPAVfilebuf@@XZ
?rdbuf@ifstream@@QBEPAVfilebuf@@XZ
?rdbuf@ios@@QBEPAVstreambuf@@XZ
?rdbuf@istrstream@@QBEPAVstrstreambuf@@XZ
?rdbuf@ofstream@@QBEPAVfilebuf@@XZ
?rdbuf@ostrstream@@QBEPAVstrstreambuf@@XZ
?rdbuf@stdiostream@@QBEPAVstdiobuf@@XZ
?rdbuf@strstream@@QBEPAVstrstreambuf@@XZ
?rdstate@ios@@QBEHXZ
?read@istream@@QAEAAV1@PACH@Z
?read@istream@@QAEAAV1@PADH@Z
?read@istream@@QAEAAV1@PAEH@Z
?sbumpc@streambuf@@QAEHXZ
?seekg@istream@@QAEAAV1@J@Z
?seekg@istream@@QAEAAV1@JW4seek_dir@ios@@@Z
?seekoff@filebuf@@UAEJJW4seek_dir@ios@@H@Z
?seekoff@stdiobuf@@UAEJJW4seek_dir@ios@@H@Z
?seekoff@streambuf@@UAEJJW4seek_dir@ios@@H@Z
?seekoff@strstreambuf@@UAEJJW4seek_dir@ios@@H@Z
?seekp@ostream@@QAEAAV1@J@Z
?seekp@ostream@@QAEAAV1@JW4seek_dir@ios@@@Z
?seekpos@streambuf@@UAEJJH@Z
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?setb@streambuf@@IAEXPAD0H@Z
?setbuf@filebuf@@UAEPAVstreambuf@@PADH@Z
?setbuf@fstream@@QAEPAVstreambuf@@PADH@Z
?setbuf@ifstream@@QAEPAVstreambuf@@PADH@Z
?setbuf@ofstream@@QAEPAVstreambuf@@PADH@Z
?setbuf@streambuf@@UAEPAV1@PADH@Z
?setbuf@strstreambuf@@UAEPAVstreambuf@@PADH@Z
?setf@ios@@QAEJJ@Z
?setf@ios@@QAEJJJ@Z
?setg@streambuf@@IAEXPAD00@Z
?setlock@ios@@QAAXXZ
?setlock@streambuf@@QAEXXZ
?setmode@filebuf@@QAEHH@Z
?setmode@fstream@@QAEHH@Z
?setmode@ifstream@@QAEHH@Z
?setmode@ofstream@@QAEHH@Z
?setp@streambuf@@IAEXPAD0@Z
?setrwbuf@stdiobuf@@QAEHHH@Z
?sgetc@streambuf@@QAEHXZ
?sgetn@streambuf@@QAEHPADH@Z
?sh_none@filebuf@@2HB
?sh_read@filebuf@@2HB
?sh_write@filebuf@@2HB
?snextc@streambuf@@QAEHXZ
?sputbackc@streambuf@@QAEHD@Z
?sputc@streambuf@@QAEHH@Z
?sputn@streambuf@@QAEHPBDH@Z
?stdiofile@stdiobuf@@QAEPAU_iobuf@@XZ
?stossc@streambuf@@QAEXXZ
?str@istrstream@@QAEPADXZ
?str@ostrstream@@QAEPADXZ
?str@strstream@@QAEPADXZ
?str@strstreambuf@@QAEPADXZ
?sunk_with_stdio@ios@@0HA
?sync@filebuf@@UAEHXZ
?sync@istream@@QAEHXZ
?sync@stdiobuf@@UAEHXZ
?sync@streambuf@@UAEHXZ
?sync@strstreambuf@@UAEHXZ
?sync_with_stdio@ios@@SAXXZ
?tellg@istream@@QAEJXZ
?tellp@ostream@@QAEJXZ
?terminate@@YAXXZ
?text@filebuf@@2HB
?tie@ios@@QAEPAVostream@@PAV2@@Z
?tie@ios@@QBEPAVostream@@XZ
?unbuffered@streambuf@@IAEXH@Z
?unbuffered@streambuf@@IBEHXZ
?underflow@filebuf@@UAEHXZ
?underflow@stdiobuf@@UAEHXZ
?underflow@strstreambuf@@UAEHXZ
?unexpected@@YAXXZ
?unlock@ios@@QAAXXZ
?unlock@streambuf@@QAEXXZ
?unlockbuf@ios@@QAAXXZ
?unlockc@ios@@KAXXZ
?unsetf@ios@@QAEJJ@Z
?what@exception@@UBEPBDXZ
?width@ios@@QAEHH@Z
?width@ios@@QBEHXZ
?write@ostream@@QAEAAV1@PBCH@Z
?write@ostream@@QAEAAV1@PBDH@Z
?write@ostream@@QAEAAV1@PBEH@Z
?writepad@ostream@@AAEAAV1@PBD0@Z
?ws@@YAAAVistream@@AAV1@@Z
?x_curindex@ios@@0HA
?x_lockc@ios@@0U_CRT_CRITICAL_SECTION@@A
?x_maxbit@ios@@0JA
?x_statebuf@ios@@0PAJA
?xalloc@ios@@SAHXZ
?xsgetn@streambuf@@UAEHPADH@Z
?xsputn@streambuf@@UAEHPBDH@Z
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CxxThrowException

Sections

.text
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SETUP2.LST
WIZSET32.DLL
.dll windows:4 windows x86 arch:x86

a6ddee4715543289a7e54b780402c0c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mssetup

PbAlloc
DoMsgBox
FFree
DoesInfSectionKeyExist
DoesInfSectionExist
FWriteToLogFile
FValidFilePath
GetRegKeyValue32
SzLastChar
DoesFileExist
DriveNumToRootPath
GetVersionNthField
FLanguageMismatchInf
GetSectionKeyVersion
GetVersionOfFile
AddSectionKeyFileToCopyList
GetSectionKeyFilename
CbStrCopyToBuffer
HandleOOM
GetSectionKeySize
DeleteProgmanItem

kernel32

LCMapStringA
GetCommandLineA
SetStdHandle
FlushFileBuffers
SetFilePointer
VirtualAlloc
GetVersion
lstrcmpiA
lstrcpyA
CloseHandle
WaitForSingleObject
CreateProcessA
GetShortPathNameA
GetCurrentProcess
GetLastError
GetCurrentThread
lstrlenA
lstrcatA
DeleteFileA
GetDiskFreeSpaceA
SetErrorMode
GetLocaleInfoW
GetLocaleInfoA
LCMapStringW
TlsFree
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
HeapAlloc
HeapFree
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
LoadLibraryA
GetProcAddress
GetModuleHandleA
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
MultiByteToWideChar
ExitProcess
TerminateProcess
GetCurrentThreadId
TlsSetValue
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP

user32

CharPrevA
CharUpperBuffA
CharNextA
wsprintfA
LoadCursorA
SetCursor
MessageBoxA

advapi32

RegQueryValueExA
OpenProcessToken
GetTokenInformation
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
OpenThreadToken
RegCloseKey
AllocateAndInitializeSid
EqualSid
FreeSid
RegOpenKeyA
RegQueryValueA

Exports

Exports

DelProgmanItem
Detect95
DetectAdminPrivileges
DetectRegData
DoMessageBox
ExecutePostSetupCommand
GetPathFromReg
InstallSys16PermFile
NeverRemoveGroup
RemoveHelpAuxFile
Silence16BitDSNConversion
SzGetDatadefVer

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000007
.dll windows:4 windows x86 arch:x86

28b659576236be75a4bbcbfa9113e470

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ole32

ReleaseStgMedium

user32

UnionRect

gdi32

CreateSolidBrush
SetDIBits
SetMapMode
DeleteObject
PatBlt
GetCurrentObject
SelectObject
SetStretchBltMode
GetObjectA
GetNearestPaletteIndex
SetDIBColorTable
GetNearestColor
SelectPalette
SetDIBitsToDevice
StretchDIBits

kernel32

SetLastError
GetCPInfo
GetACP
GetStartupInfoA
InterlockedIncrement
InitializeCriticalSection
InterlockedDecrement
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetTickCount
lstrlenA
GlobalDeleteAtom
GlobalAddAtomA
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
HeapFree
GetModuleFileNameA
RtlUnwind
HeapAlloc
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetLocaleInfoA
GetLocaleInfoW
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
LoadLibraryA
FlushFileBuffers
SetFilePointer
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CloseHandle
ReadFile

Exports

Exports

DllCanUnloadNow
FilterCreateInstance

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000008
f0000009
.exe windows:5 windows x86 arch:x86

9ed54609127a70e312733e0fe986dabe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

hh.pdb

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetStartupInfoA
GetTickCount
QueryPerformanceCounter
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcpyA
GetCurrentThreadId

user32

wsprintfA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
f0000010
.chm
f0000011
f0000012
.exe windows:4 windows x86 arch:x86

25ea751f787d25f92b53add1db4e9c9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
CreateProcessA
GetCommandLineA
GetModuleFileNameA
GetStartupInfoA
SetEnvironmentVariableA
ReleaseMutex
Sleep
WaitForSingleObject
CreateMutexA
OpenMutexA
GetCurrentProcessId
CreateThread
GetCurrentThreadId
GetTickCount
CloseHandle
ReadFile
GetFileSize
CreateFileA
VirtualQueryEx
FindClose
FindFirstFileA
FindFirstFileW
GetModuleFileNameW
GetExitCodeProcess
LeaveCriticalSection
ReadProcessMemory
EnterCriticalSection
ContinueDebugEvent
SetThreadContext
GetThreadContext
WaitForDebugEvent
InitializeCriticalSection
SuspendThread
DebugActiveProcess
ResumeThread
CreateProcessW
GetCommandLineW
GetStartupInfoW
MapViewOfFile
SetThreadPriority
GetCurrentProcess
CreateFileMappingA
VirtualProtectEx
WriteProcessMemory
ExitProcess
CompareStringA
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
CompareStringW
SetFilePointer
HeapReAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapFree
HeapAlloc
GetVersion
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetVersionExA
SetLastError
LoadLibraryA
GetLastError
GetProcAddress
VirtualAlloc
VirtualProtect
GetEnvironmentVariableA
FreeConsole
DuplicateHandle
GetModuleHandleA
TerminateProcess
RtlUnwind

user32

GetDesktopWindow
MoveWindow
SetPropA
EnumThreadWindows
GetPropA
WaitForInputIdle
GetMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
BeginPaint
EndPaint
KillTimer
DefWindowProcA
LoadCursorA
RegisterClassA
GetAsyncKeyState
GetSystemMetrics
CreateWindowExA
SetTimer
PostMessageA
SetWindowTextA
GetDlgItem
CreateDialogIndirectParamA
ShowWindow
UpdateWindow
LoadStringA
LoadStringW
FindWindowA
SendMessageA
DestroyWindow
MessageBoxA
IsWindow

gdi32

SelectObject
BitBlt
DeleteObject
CreatePalette
CreateDCA
SelectPalette
RealizePalette
CreateDIBitmap
DeleteDC
CreateCompatibleDC

Sections

.text
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 52KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 36KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1.7MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
f0000013
f0000014
.dll regsvr32 windows:4 windows x86 arch:x86

d7112004d3c345a2ed68d74bba3d37f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ole32

StgCreateDocfileOnILockBytes
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
MkParseDisplayName
StgCreateDocfile
CreateBindCtx
CoCreateInstance
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
CoSetState
ReleaseStgMedium
CoGetClassObject
StringFromGUID2
CreateItemMoniker
GetRunningObjectTable
CoGetMalloc
CLSIDFromString
CoUnmarshalInterface
CoMarshalInterface
CoUnmarshalHresult
CoMarshalHresult

user32

CreateWindowExA
RegisterClipboardFormatA
RegisterClassA
GetClassInfoA
GetWindowLongA
IsWindow
DestroyWindow
DefWindowProcA
GetSysColor
SetWindowLongA
SetFocus
SetActiveWindow
GetActiveWindow
PostQuitMessage
PostMessageA
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageW
GetMessageA
SendMessageA
EnableWindow
GetParent
GetFocus
CharNextA
GetWindowTextA
CharLowerA
SendMessageW
GetDlgItem
GetKeyState
ReleaseDC
GetDialogBaseUnits
GetDC
GetClientRect
IsWindowUnicode
GetTopWindow
WinHelpA
wsprintfA
DestroyIcon
CreateIcon
CreateCursor
DrawIcon
GetSystemMetrics
GetIconInfo
CopyIcon
CopyImage

gdi32

GetWindowOrgEx
CreateHalftonePalette
CreateDIBitmap
CreateDIBSection
Escape
SetBitmapBits
SetDIBits
PlayMetaFileRecord
CreatePalette
GetEnhMetaFileBits
GetMetaFileBitsEx
CreateCompatibleDC
BitBlt
DeleteDC
CreateCompatibleBitmap
GetBitmapBits
SetEnhMetaFileBits
SaveDC
IntersectClipRect
GetPaletteEntries
OffsetViewportOrgEx
PlayEnhMetaFile
EnumMetaFile
RestoreDC
SetStretchBltMode
SetBkColor
SetTextColor
SetMapMode
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
GetWinMetaFileBits
GetCurrentObject
GetObjectType
GetStockObject
SelectPalette
RealizePalette
StretchBlt
GetDIBits
StretchDIBits
GetObjectA
GetBitmapDimensionEx
GetEnhMetaFileHeader
SetMetaFileBitsEx
CreateBitmap
PatBlt
DeleteEnhMetaFile
DeleteMetaFile
GetTextExtentPointA
GetDeviceCaps
SelectObject
GetTextMetricsW
GetTextMetricsA
GetTextFaceW
GetTextFaceA
EnumFontFamiliesExA
CreateFontIndirectA
DeleteObject

kernel32

LoadLibraryA
GlobalSize
FreeLibrary
LockResource
FlushFileBuffers
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
GetCurrentDirectoryA
VirtualAlloc
HeapSize
HeapReAlloc
RaiseException
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
ExitProcess
DeleteFileA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
HeapFree
HeapAlloc
SetEnvironmentVariableA
SetFilePointer
GetLocalTime
MultiByteToWideChar
GetProcAddress
SetStdHandle
GetLocaleInfoA
GetSystemDefaultLCID
GetUserDefaultLCID
GetVersionExA
TlsGetValue
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
GetModuleHandleA
CompareStringA
CompareStringW
LCMapStringA
LCMapStringW
GetStringTypeExA
GetStringTypeExW
GetLocaleInfoW
GetLastError
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
IsBadWritePtr
IsBadReadPtr
InterlockedExchange
GetVersion
IsDBCSLeadByte
MulDiv
RtlUnwind
GetDriveTypeA
LoadResource
FindResourceA
_lclose
_lread
_lwrite
_llseek
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
MapViewOfFile
GlobalHandle
GlobalReAlloc
GlobalDeleteAtom
GlobalAddAtomA
lstrlenW
GetDriveTypeW
TlsAlloc
_lopen
lstrcmpiA
UnmapViewOfFile
CloseHandle
TlsSetValue
GetSystemInfo
CreateFileMappingA
GetFileSize
SearchPathA
TlsFree
CreateFileA
SetErrorMode
GetFullPathNameA
SetLastError
GetCommandLineA

advapi32

RegOpenKeyW
RegQueryInfoKeyA
RegDeleteKeyA
RegCreateKeyW
RegQueryValueExW
RegSetValueExW
RegQueryValueW
RegEnumKeyW
RegCloseKey
RegFlushKey
RegSetValueA
RegEnumKeyA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyA
RegSetValueExA

Exports

Exports

BSTR_UserFree
BSTR_UserMarshal
BSTR_UserSize
BSTR_UserUnmarshal
BstrFromVector
ClearCustData
CreateDispTypeInfo
CreateErrorInfo
CreateStdDispatch
CreateTypeLib
CreateTypeLib2
DispCallFunc
DispGetIDsOfNames
DispGetParam
DispInvoke
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
DosDateTimeToVariantTime
GetActiveObject
GetAltMonthNames
GetErrorInfo
GetRecordInfoFromGuids
GetRecordInfoFromTypeInfo
LHashValOfNameSys
LHashValOfNameSysA
LPSAFEARRAY_Marshal
LPSAFEARRAY_Size
LPSAFEARRAY_Unmarshal
LPSAFEARRAY_UserFree
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserSize
LPSAFEARRAY_UserUnmarshal
LoadRegTypeLib
LoadTypeLib
LoadTypeLibEx
OACreateTypeLib2
OaBuildVersion
OleCreateFontIndirect
OleCreatePictureIndirect
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPicture
OleLoadPictureEx
OleLoadPictureFile
OleLoadPictureFileEx
OleLoadPicturePath
OleSavePictureFile
OleTranslateColor
QueryPathOfRegTypeLib
RegisterActiveObject
RegisterTypeLib
RevokeActiveObject
SafeArrayAccessData
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayAllocDescriptorEx
SafeArrayCopy
SafeArrayCopyData
SafeArrayCreate
SafeArrayCreateEx
SafeArrayCreateVector
SafeArrayCreateVectorEx
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayGetDim
SafeArrayGetElement
SafeArrayGetElemsize
SafeArrayGetIID
SafeArrayGetLBound
SafeArrayGetRecordInfo
SafeArrayGetUBound
SafeArrayGetVartype
SafeArrayLock
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SafeArraySetIID
SafeArraySetRecordInfo
SafeArrayUnaccessData
SafeArrayUnlock
SetErrorInfo
SysAllocString
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
SysReAllocString
SysReAllocStringLen
SysStringByteLen
SysStringLen
SystemTimeToVariantTime
UnRegisterTypeLib
UserBSTR_free_inst
UserBSTR_free_local
UserBSTR_from_local
UserBSTR_to_local
UserEXCEPINFO_free_inst
UserEXCEPINFO_free_local
UserEXCEPINFO_from_local
UserEXCEPINFO_to_local
UserHWND_free_inst
UserHWND_free_local
UserHWND_from_local
UserHWND_to_local
UserMSG_free_inst
UserMSG_free_local
UserMSG_from_local
UserMSG_to_local
UserVARIANT_free_inst
UserVARIANT_free_local
UserVARIANT_from_local
UserVARIANT_to_local
VARIANT_UserFree
VARIANT_UserMarshal
VARIANT_UserSize
VARIANT_UserUnmarshal
VarAbs
VarAdd
VarAnd
VarBoolFromCy
VarBoolFromDate
VarBoolFromDec
VarBoolFromDisp
VarBoolFromI1
VarBoolFromI2
VarBoolFromI4
VarBoolFromR4
VarBoolFromR8
VarBoolFromStr
VarBoolFromUI1
VarBoolFromUI2
VarBoolFromUI4
VarBstrCat
VarBstrCmp
VarBstrFromBool
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarBstrFromDisp
VarBstrFromI1
VarBstrFromI2
VarBstrFromI4
VarBstrFromR4
VarBstrFromR8
VarBstrFromUI1
VarBstrFromUI2
VarBstrFromUI4
VarCat
VarCmp
VarCyAbs
VarCyAdd
VarCyCmp
VarCyCmpR8
VarCyFix
VarCyFromBool
VarCyFromDate
VarCyFromDec
VarCyFromDisp
VarCyFromI1
VarCyFromI2
VarCyFromI4
VarCyFromR4
VarCyFromR8
VarCyFromStr
VarCyFromUI1
VarCyFromUI2
VarCyFromUI4
VarCyInt
VarCyMul
VarCyMulI4
VarCyNeg
VarCyRound
VarCySub
VarDateFromBool
VarDateFromCy
VarDateFromDec
VarDateFromDisp
VarDateFromI1
VarDateFromI2
VarDateFromI4
VarDateFromR4
VarDateFromR8
VarDateFromStr
VarDateFromUI1
VarDateFromUI2
VarDateFromUI4
VarDateFromUdate
VarDateFromUdateEx
VarDecAbs
VarDecAdd
VarDecCmp
VarDecCmpR8
VarDecDiv
VarDecFix
VarDecFromBool
VarDecFromCy
VarDecFromDate
VarDecFromDisp
VarDecFromI1
VarDecFromI2
VarDecFromI4
VarDecFromR4
VarDecFromR8
VarDecFromStr
VarDecFromUI1
VarDecFromUI2
VarDecFromUI4
VarDecInt
VarDecMul
VarDecNeg
VarDecRound
VarDecSub
VarDiv
VarEqv
VarFix
VarFormat
VarFormatCurrency
VarFormatDateTime
VarFormatFromTokens
VarFormatNumber
VarFormatPercent
VarI1FromBool
VarI1FromCy
VarI1FromDate
VarI1FromDec
VarI1FromDisp
VarI1FromI2
VarI1FromI4
VarI1FromR4
VarI1FromR8
VarI1FromStr
VarI1FromUI1
VarI1FromUI2
VarI1FromUI4
VarI2FromBool
VarI2FromCy
VarI2FromDate
VarI2FromDec
VarI2FromDisp
VarI2FromI1
VarI2FromI4
VarI2FromR4
VarI2FromR8
VarI2FromStr
VarI2FromUI1
VarI2FromUI2
VarI2FromUI4
VarI4FromBool
VarI4FromCy
VarI4FromDate
VarI4FromDec
VarI4FromDisp
VarI4FromI1
VarI4FromI2
VarI4FromR4
VarI4FromR8
VarI4FromStr
VarI4FromUI1
VarI4FromUI2
VarI4FromUI4
VarIdiv
VarImp
VarInt
VarMod
VarMonthName
VarMul
VarNeg
VarNot
VarNumFromParseNum
VarOr
VarParseNumFromStr
VarPow
VarR4CmpR8
VarR4FromBool
VarR4FromCy
VarR4FromDate
VarR4FromDec
VarR4FromDisp
VarR4FromI1
VarR4FromI2
VarR4FromI4
VarR4FromR8
VarR4FromStr
VarR4FromUI1
VarR4FromUI2
VarR4FromUI4
VarR8FromBool
VarR8FromCy
VarR8FromDate
VarR8FromDec
VarR8FromDisp
VarR8FromI1
VarR8FromI2
VarR8FromI4
VarR8FromR4
VarR8FromStr
VarR8FromUI1
VarR8FromUI2
VarR8FromUI4
VarR8Pow
VarR8Round
VarRound
VarSub
VarTokenizeFormatString
VarUI1FromBool
VarUI1FromCy
VarUI1FromDate
VarUI1FromDec
VarUI1FromDisp
VarUI1FromI1
VarUI1FromI2
VarUI1FromI4
VarUI1FromR4
VarUI1FromR8
VarUI1FromStr
VarUI1FromUI2
VarUI1FromUI4
VarUI2FromBool
VarUI2FromCy
VarUI2FromDate
VarUI2FromDec
VarUI2FromDisp
VarUI2FromI1
VarUI2FromI2
VarUI2FromI4
VarUI2FromR4
VarUI2FromR8
VarUI2FromStr
VarUI2FromUI1
VarUI2FromUI4
VarUI4FromBool
VarUI4FromCy
VarUI4FromDate
VarUI4FromDec
VarUI4FromDisp
VarUI4FromI1
VarUI4FromI2
VarUI4FromI4
VarUI4FromR4
VarUI4FromR8
VarUI4FromStr
VarUI4FromUI1
VarUI4FromUI2
VarUdateFromDate
VarWeekdayName
VarXor
VariantChangeType
VariantChangeTypeEx
VariantClear
VariantCopy
VariantCopyInd
VariantInit
VariantTimeToDosDateTime
VariantTimeToSystemTime
VectorFromBstr

Sections

.text
Size: 520KB - Virtual size: 519KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000015
.dll regsvr32 windows:4 windows x86 arch:x86

8f50e2228a97d0224410529663a78a82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
GlobalAddAtomA
GlobalDeleteAtom
GlobalReAlloc
GlobalHandle
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
LockResource
FreeLibrary
MulDiv
IsDBCSLeadByte
LoadLibraryA
InterlockedDecrement
HeapDestroy
SetFilePointer
SetStdHandle
CloseHandle
FlushFileBuffers
RaiseException
GetLocaleInfoW
InterlockedIncrement
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetProcAddress
WideCharToMultiByte
VirtualAlloc
LCMapStringW
LCMapStringA
WriteFile
VirtualFree
HeapCreate
GetCommandLineA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
ExitProcess
HeapFree
HeapAlloc
GetVersion
GetLastError
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
RtlUnwind

user32

GetMessageA
SendMessageA
EnableWindow
CopyIcon
GetIconInfo
CopyImage
DrawIcon
CreateCursor
GetSystemMetrics
DestroyIcon
wsprintfA
GetSysColor
SetWindowLongA
GetWindowLongA
DestroyWindow
SetFocus
IsWindow
SetActiveWindow
GetActiveWindow
PostQuitMessage
PostMessageA
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageW
RegisterClipboardFormatA
GetDlgItem
CreateIcon
GetParent
GetFocus
CharNextA
GetWindowTextA
CharLowerA
SendMessageW
GetDC
GetKeyState
ReleaseDC
GetDialogBaseUnits
GetClientRect
IsWindowUnicode
GetTopWindow
WinHelpA

gdi32

SetViewportExtEx
SetMapMode
SetTextColor
DeleteDC
CreateCompatibleBitmap
PatBlt
DeleteEnhMetaFile
DeleteMetaFile
GetTextExtentPointA
GetPaletteEntries
DeleteObject
CreateFontIndirectA
EnumFontFamiliesExA
GetTextFaceA
GetTextFaceW
GetTextMetricsA
GetTextMetricsW
SelectObject
GetDeviceCaps
CreateBitmap
SetMetaFileBitsEx
GetEnhMetaFileHeader
GetBitmapDimensionEx
GetObjectA
StretchDIBits
GetDIBits
StretchBlt
RealizePalette
SelectPalette
GetStockObject
GetObjectType
GetCurrentObject
CreateHalftonePalette
CreateDIBitmap
CreateDIBSection
Escape
SetBitmapBits
SetDIBits
PlayMetaFileRecord
CreatePalette
GetEnhMetaFileBits
GetMetaFileBitsEx
CreateCompatibleDC
BitBlt
SetViewportOrgEx
GetWinMetaFileBits
GetBitmapBits
SetEnhMetaFileBits
SaveDC
IntersectClipRect
GetWindowOrgEx
OffsetViewportOrgEx
PlayEnhMetaFile
EnumMetaFile
RestoreDC
SetStretchBltMode
SetBkColor
SetWindowOrgEx
SetWindowExtEx

ole32

ReleaseStgMedium
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
StgCreateDocfile
CoCreateInstance
StringFromGUID2
CoGetMalloc

advapi32

RegFlushKey
RegQueryValueA
RegSetValueA
RegCreateKeyA
RegOpenKeyA
RegCloseKey

oleaut32

SysAllocString
VariantClear
VariantChangeType
SysFreeString
VariantInit
LoadTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
OleCreateFontIndirect
OleCreatePictureIndirect
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPicture
OleTranslateColor

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000016
f0000017
.exe windows:5 windows x86 arch:x86

cfb8ad251fa98c8c891304e231aa1ebf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetOEMCP
lstrcpyA
lstrcpyW
MultiByteToWideChar
FreeLibrary
GetProcAddress
GetLastError
LoadLibraryExA
SetErrorMode
LocalAlloc
lstrcatA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
lstrlenA
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
WriteFile
HeapFree
HeapAlloc
VirtualAlloc
LoadLibraryA
SetFilePointer
LCMapStringA
LCMapStringW
FlushFileBuffers
SetStdHandle
GetStringTypeA
GetStringTypeW
CloseHandle

user32

LoadStringA
wsprintfA
MessageBoxA

ole32

OleInitialize
OleUninitialize

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
f0000018
f0000019
f0000020
f0000021
f0000022
f0000023
f0000024
f0000025
f0000026
f0000027
f0000028
f0000029
f0000030
f0000031
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000032
.dll regsvr32 windows:4 windows x86 arch:x86

b07da0874b1f490093ddaa145e84d116

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetShortPathNameA
GetStringTypeExA
SizeofResource
InterlockedExchange
GetComputerNameA
CreateProcessA
GetUserDefaultLangID
GlobalFlags
GetSystemInfo
GlobalReAlloc
GetSystemDirectoryA
IsBadCodePtr
HeapCreate
GlobalMemoryStatus
VirtualAlloc
VirtualFree
SetProcessWorkingSetSize
HeapReAlloc
HeapFree
HeapAlloc
HeapSize
GetDateFormatA
GetTimeFormatA
GetProfileIntA
lstrcatA
HeapDestroy
WaitForSingleObject
lstrcmpiA
GlobalCompact
FindResourceA
LoadResource
LockResource
lstrlenA
_lopen
_lread
_lclose
FormatMessageA
WideCharToMultiByte
LCMapStringA
GetSystemDefaultLCID
IsDBCSLeadByte
GlobalAlloc
GetSystemDefaultLangID
GlobalFree
GetFileSize
MoveFileA
DeleteFileA
SetCurrentDirectoryA
GetCurrentDirectoryA
FindNextFileA
GetLogicalDrives
GetVolumeInformationA
GetDiskFreeSpaceA
SystemTimeToFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
FileTimeToDosDateTime
EnterCriticalSection
FindFirstFileA
UnlockFile
GetFileTime
SetErrorMode
LocalFree
Sleep
WinExec
GetModuleFileNameA
MulDiv
LockFile
GetCurrentProcess
DuplicateHandle
SetEndOfFile
SetFilePointer
WriteFile
ReadFile
CloseHandle
GetFileAttributesA
CreateFileA
GetLastError
GetDriveTypeA
RaiseException
IsValidLocale
GetProfileStringA
GetOEMCP
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTickCount
GetFullPathNameA
GlobalSize
GlobalLock
GlobalUnlock
SearchPathA
GetModuleHandleA
InterlockedIncrement
GetLocaleInfoA
GetCurrentProcessId
MultiByteToWideChar
InitializeCriticalSection
lstrlenW
lstrcpyA
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
FindClose
CopyFileA
SetFileAttributesA
LoadLibraryA
GetProcAddress
FreeLibrary
GetCPInfo
GetSystemTime
QueryPerformanceFrequency
GetACP
GetVersionExA
GetLocalTime
IsBadReadPtr
InterlockedDecrement

user32

GetSystemMetrics
InsertMenuItemA
BringWindowToTop
DefWindowProcA
SendMessageA
EndPaint
SetFocus
EnableWindow
MessageBoxA
DestroyMenu
DestroyWindow
ShowWindow
SetClassLongA
GetClassLongA
UpdateWindow
GetWindowLongA
MoveWindow
PostMessageA
GetMenuItemInfoA
GetMenuItemCount
RemoveMenu
ReleaseDC
GetDC
TranslateMessage
GetQueueStatus
SetTimer
PeekMessageA
KillTimer
OffsetRect
GetDesktopWindow
DrawFocusRect
SetClipboardViewer
ChangeClipboardChain
CreateWindowExA
AdjustWindowRect
LoadImageA
ReleaseCapture
SetCapture
GetClassInfoA
RedrawWindow
UnregisterClassA
SetWindowLongA
LoadStringA
FillRect
FrameRect
InflateRect
DrawTextA
SetRectEmpty
CopyRect
PostQuitMessage
GetMenu
ClipCursor
GetClipboardFormatNameA
GetKeyboardLayout
RegisterClipboardFormatA
GetCapture
GetAsyncKeyState
ValidateRect
OemToCharBuffA
InSendMessage
CharPrevA
CharNextA
GetKeyboardType
CharToOemBuffA
ShowCursor
GetActiveWindow
GetFocus
GetCursorPos
GetKeyState
CharUpperBuffA
CharLowerBuffA
DialogBoxParamA
CheckRadioButton
CreateIcon
DestroyCursor
ClientToScreen
RegisterClassA
LoadCursorA
IsWindowVisible
IsIconic
GetSubMenu
IsWindow
SetParent
IsDlgButtonChecked
CheckDlgButton
InvalidateRect
GetWindow
DestroyIcon
DrawIcon
LoadAcceleratorsA
CopyAcceleratorTableA
CreateAcceleratorTableA
DestroyAcceleratorTable
IsChild
SetClipboardData
GetClipboardData
OpenClipboard
EmptyClipboard
CloseClipboard
FindWindowA
GetWindowThreadProcessId
SetCursorPos
GetCursor
keybd_event
MessageBeep
MapVirtualKeyA
GetKeyboardState
SetKeyboardState
CharToOemA
WinHelpA
SetCursor
SetRect
EndDialog
CallWindowProcA
GetClassInfoExA
RegisterClassExA
GetWindowTextA
GetDlgItem
SendDlgItemMessageA
SetWindowTextA
SetForegroundWindow
SetActiveWindow
GetSysColorBrush
DrawIconEx
AppendMenuA
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetScrollInfo
SetScrollInfo
ShowScrollBar
IsZoomed
AdjustWindowRectEx
GetMenuStringA
GetMenuItemID
CreateMDIWindowA
LoadIconA
ShowCaret
SetCaretPos
HideCaret
DestroyCaret
ScrollDC
InvalidateRgn
RegisterWindowMessageA
DrawFrameControl
EnableMenuItem
InsertMenuA
ModifyMenuA
SetMenu
SetMenuItemInfoA
SystemParametersInfoA
GetSystemMenu
DeleteMenu
LoadMenuIndirectA
CreatePopupMenu
DrawMenuBar
GrayStringA
GetWindowDC
SubtractRect
GetDCEx
WindowFromPoint
GetClassNameA
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
DispatchMessageA
GetMessageA
DdeAbandonTransaction
DdeUninitialize
DdeInitializeA
DdePostAdvise
DdeClientTransaction
DdeDisconnect
DdeConnect
DdeAccessData
DdeUnaccessData
DdeFreeDataHandle
DdeEnableCallback
DdeGetLastError
UnionRect
LoadCursorFromFileA
CreateCursor
SetWindowPos
DdeNameService
DdeFreeStringHandle
DdeCreateDataHandle
DdeCreateStringHandleA
DdeQueryStringA
GetSysColor
IsClipboardFormatAvailable
CreateCaret
GetClientRect
ScreenToClient
GetWindowRect
GetParent
SetWindowRgn
EqualRect
IntersectRect
wsprintfA
CreateMenu
PtInRect
SetDlgItemTextA
LoadBitmapA
GetUpdateRect
BeginPaint
ActivateKeyboardLayout

gdi32

SetBrushOrgEx
DeleteMetaFile
CloseMetaFile
GetDIBits
StretchDIBits
GetClipBox
CreateRectRgnIndirect
EnumFontsA
GetDeviceCaps
SetBkColor
SetTextColor
Rectangle
GetBkColor
GetTextColor
GetStockObject
SelectObject
PatBlt
DeleteObject
GetObjectA
CreateHalftonePalette
DeleteDC
CreatePalette
GetDIBColorTable
CreateCompatibleDC
RealizePalette
SelectPalette
SetBkMode
GetBkMode
CreateFontIndirectA
BitBlt
RoundRect
Ellipse
CreateRoundRectRgn
CreateEllipticRgnIndirect
FillRgn
CombineRgn
LineTo
MoveToEx
CreatePen
CreateSolidBrush
SetROP2
GetROP2
GetDCOrgEx
LPtoDP
UnrealizeObject
PaintRgn
CreateRectRgn
CreatePatternBrush
CreateBitmap
GetRgnBox
RectInRegion
FrameRgn
Polyline
GetPixel
EnumFontFamiliesExA
AddFontResourceA
GetTextMetricsA
RemoveFontResourceA
SetTextAlign
GetTextAlign
CopyMetaFileA
CreateHatchBrush
SelectClipRgn
SetRectRgn
ExtTextOutA
GetTextExtentPointA
GdiFlush
OffsetRgn
SetBitmapBits
AbortDoc
EndDoc
StartDocA
EndPage
StartPage
CreateICA
Escape
EnumFontFamiliesA
GetBitmapBits
CreateCompatibleBitmap
CreateBrushIndirect
SetDIBits
CreateDIBitmap
SetViewportExtEx
CreateDCA
SetMapMode
SetViewportOrgEx
CreateMetaFileA
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
SetStretchBltMode
StretchBlt

winspool.drv

ClosePrinter
WritePrinter
DocumentPropertiesA
GetPrinterA
EnumPrintersA
EndDocPrinter
StartDocPrinterA
OpenPrinterA

comdlg32

ChooseColorA
ChooseFontA
CommDlgExtendedError
PrintDlgA
GetOpenFileNameA
GetSaveFileNameA

comctl32

ImageList_Add
ImageList_DragMove
ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_EndDrag

advapi32

RegQueryInfoKeyA
RegEnumValueA
RegDeleteValueA
RegEnumKeyA
RegSetValueA
RegOpenKeyW
RegQueryValueA
RegCreateKeyA
RegQueryValueExA
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegOpenKeyA

shell32

ShellExecuteA
SHFileOperationA
SHAppBarMessage
DragQueryFileA

msvcrt

_mbschr
_mbsrchr
_mbsstr
_mbscspn
_mbsnbcpy
_mbsnbicmp
_mbsnbcat
_stricmp
_strnicmp
strchr
strrchr
strstr
strncpy
strncat
strcspn
_winmajor
_winminor
strtok
atoi
atof
_HUGE
toupper
ceil
floor
sqrt
_itoa
__mb_cur_max
_isctype
_pctype
memcmp
abs
memmove
strcmp
_ftol
strcat
memset
wcslen
wcsncpy
_wcsicmp
_purecall
strcpy
exit
longjmp
_seh_longjmp_unwind
_except_handler3
strlen
_control87
_setjmp3
memchr
atol
strncmp
_mbsicmp
_makepath
_splitpath
sin
cos
acos
asin
atan
tan
atan2
pow
exp
log10
log
getenv
_rmdir
_mkdir
_setmode
_isatty
fabs
modf
ldexp
sscanf
_ultoa
iswctype
strtoul
div
isspace
wcschr
wcscat
wcscpy
_strupr
strspn
ldiv
_strrev
_access
__CxxFrameHandler
_CxxThrowException
isalnum
sprintf
fprintf
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
_iob
__dllonexit
_onexit
free
malloc

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

mpr

WNetOpenEnumA
WNetCloseEnum
WNetEnumResourceA
WNetAddConnection2A
WNetGetUserA
WNetCancelConnection2A
WNetGetConnectionA

oleaut32

SafeArrayCreate
SafeArrayUnaccessData
VariantCopy
LoadRegTypeLi
CreateErrorInfo
SysAllocString
SetErrorInfo
SysStringLen
SysAllocStringLen
SysFreeString
LoadTypeLi
VariantInit
VariantClear
VariantCopyInd
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayGetUBound
GetActiveObject
SafeArrayGetLBound
SafeArrayDestroy
SafeArrayPutElement
OleCreatePropertyFrame
SafeArrayAccessData
DispCallFunc
GetErrorInfo
OleCreatePictureIndirect
OleLoadPicture
RevokeActiveObject
VariantChangeType

ole32

OleRegGetUserType
OleRegGetMiscStatus
CoCreateInstance
StringFromGUID2
OleRegEnumVerbs
CreateDataAdviseHolder
CLSIDFromProgID
CoLockObjectExternal
CLSIDFromString
CoRegisterClassObject
CoUninitialize
CoInitialize
ReleaseStgMedium
CoRevokeClassObject
CoGetMalloc
OleCreateMenuDescriptor
DoDragDrop
RegisterDragDrop
RevokeDragDrop
OleDuplicateData
OleGetClipboard
CoTaskMemFree
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleBuildVersion
OleUninitialize
WriteClassStm
OleSaveToStream
CoDisconnectObject
StgCreateDocfile
OleInitialize
StgIsStorageFile
ProgIDFromCLSID
CreateOleAdviseHolder
OleDestroyMenuDescriptor
StgOpenStorage
OleFlushClipboard
OleIsCurrentClipboard
OleIsRunning
BindMoniker
MkParseDisplayName
CreateBindCtx
OleSave
WriteClassStg
OleDraw
OleLoad
CreateFileMoniker
ReadClassStg
OleConvertOLESTREAMToIStorage
OleCreate
OleCreateFromFile
OleCreateLinkToFile
CoIsOle1Class
OleCreateLinkFromData
OleCreateFromData
OleCreateStaticFromData
OleSetContainedObject
OleConvertIStorageToOLESTREAM
OleQueryLinkFromData
OleRun
IsAccelerator
OleSetMenuDescriptor
CreateGenericComposite
CreateItemMoniker
OleSetClipboard
CoGetClassObject
OleDoAutoConvert
ReadClassStm
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleGetIconOfClass
StgOpenStorageOnILockBytes
GetHGlobalFromILockBytes
GetClassFile
OleQueryCreateFromData
StringFromCLSID

winmm

PlaySoundA
timeGetTime

Exports

Exports

@OCXAPIInit@4
DllCanUnloadNow
DllGetClassObject
DllOleInit
DllRegisterServer
DllUnregisterServer
DllWinMain
VFPDllCanUnloadNow
VFPDllGetClassObject

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000033
.dll windows:4 windows x86 arch:x86

105a34c3b3ecaf6803be201e74c83cf4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

LoadStringA
MessageBoxA

kernel32

DisableThreadLibraryCalls

Exports

Exports

DllVersion

Sections

.text
Size: 512B - Virtual size: 125B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 266B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 853KB - Virtual size: 852KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000034
.exe windows:4 windows x86 arch:x86

21b0be9e9c79dd1b598e3cb319374dd2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__setusermatherr
__p__commode
__p__fmode
_initterm
_adjust_fdiv
_controlfp
__dllonexit
??3@YAXPAX@Z
exit
__getmainargs
_acmdln
strlen
_XcptFilter
_exit
??2@YAPAXI@Z
_stricmp
strcpy
__set_app_type
_except_handler3
_onexit

kernel32

GetStartupInfoA
GetModuleHandleA
WideCharToMultiByte
GetCommandLineA
GetModuleFileNameA

user32

LoadStringA
MessageBoxA
wsprintfA

advapi32

RegDeleteKeyA
RegOpenKeyA
RegCreateKeyA
RegSetValueExA
RegCloseKey

ole32

OleInitialize
StringFromGUID2
CoCreateInstance

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 865B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 685B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f0000035
.dll windows:4 windows x86 arch:x86

9f01c2237de99a1193c6567e5f61ca97

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CharUpperA

advapi32

AdjustTokenPrivileges

iphlpapi

GetAdaptersInfo

Exports

Exports

Base64Decode
Base64Encode
BlowFishDecrypt
BlowFishEncrypt
CRC32
CRCFileCheck
CharToHex
DecryptStringFun1
DecryptStringFun2
DesDecrypt
DesEncrypt
EncryptStringFun1
EncryptStringFun2
FileDecrypt
FileEncrypt
GetCPUId
GetCPUProcessName
GetDllVersion
GetHardDiskId
GetMACAddress
GetMainBoardId
HexToChar
LZ_Compress
LZ_Uncompress
MD5Encrypt
RSADecrypt
RSADecryptData
RSAEncrypt
RSAEncryptData
SHAEncrypt
Secret16Encrypt
SetValue

Sections

.text
Size: 131KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RoBa
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
odbckey.inf
odbcstf.dll
.dll windows:4 windows x86 arch:x86

5514db4b207087e90009b344ff1804b2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

strcpy
_stricmp
malloc
strlen
sprintf
sscanf
_close
_open
_access
memset
fflush
strchr
strstr
fclose
strtoul
memcmp
getenv
fopen
fprintf
free
_spawnlp
strcat

advapi32

OpenThreadToken
RegEnumValueA
RegOpenKeyA
RegQueryValueExA
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegCloseKey
RegQueryValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA

user32

LoadCursorA
SetCursor
ExitWindowsEx
wsprintfA
GetDesktopWindow
MessageBoxA

kernel32

GetFileSize
GetSystemDirectoryA
LocalAlloc
LocalLock
LocalUnlock
LocalFree
GetModuleFileNameA
GetModuleHandleW
lstrcmpiA
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentThread
GetVersionExA
GetWindowsDirectoryA
GetVersion
GetCurrentProcess
CreateProcessA
WaitForSingleObject
MoveFileExA
CloseHandle
GetPrivateProfileStringA
GetLastError
FormatMessageA
CreateFileA

mssetup

RestartListEmpty
ForceRestartOn
CbGetSymbolValue
GetSilentMode

Exports

Exports

AcmeComplianceCheck
AcmeConfigDataSource
AcmeDetectFileInUse
AcmeDetectOS
AcmeDllRegisterServer
AcmeFail
AcmeInstallDriver
AcmeInstallDriverManager
AcmeInstallTranslator
AcmeManageDataSources
AcmePrep
AcmeReboot
AcmeYesNo
AsyncEXECalloutCAH
CompareRegData
DetectAdminPrivileges
DetectRegData
LibMain
MdacVerCmp
NTVersion
NoAdminSyncEXECallout
SyncEXECalloutCAH
SyncEXECalloutCAH1
SzGetDatadefVer

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup.exe
setup.inf
setup.ini
setup.lst
setup.stf
setup.tdf
下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

d057661fa0c57da4e10eca58cdf1dc72

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

ole32

mpr

mssetup

version

shell32

Sections

.text Size: 207KB - Virtual size: 207KB

.bss Size: - Virtual size: 2KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 28KB - Virtual size: 28KB

.idata Size: 10KB - Virtual size: 9KB

.edata Size: 512B - Virtual size: 53B

.rsrc Size: 87KB - Virtual size: 88KB

.reloc Size: 17KB - Virtual size: 16KB

9f91a6d65da7fff6bdb420d66d40fac0

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

version

lz32

Exports

Exports

Sections

.text Size: 195KB - Virtual size: 194KB

.expo Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 21KB - Virtual size: 21KB

.idata Size: 7KB - Virtual size: 6KB

.edata Size: 9KB - Virtual size: 8KB

.rsrc Size: 28KB - Virtual size: 27KB

.reloc Size: 11KB - Virtual size: 11KB

8d26773106ed39fbb89a157d19d8aa89

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 190KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 28KB - Virtual size: 28KB

.rsrc Size: 4KB - Virtual size: 936B

.reloc Size: 12KB - Virtual size: 9KB

57259dcda30c27e977785c33a8441434

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 243KB - Virtual size: 243KB

.rdata Size: 44KB - Virtual size: 44KB

.data Size: 12KB - Virtual size: 19KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 916B

.reloc Size: 12KB - Virtual size: 12KB

a6ddee4715543289a7e54b780402c0c5

Headers

File Characteristics

Imports

.text
Size: 207KB - Virtual size: 207KB

.bss
Size: - Virtual size: 2KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 28KB - Virtual size: 28KB

.idata
Size: 10KB - Virtual size: 9KB

.edata
Size: 512B - Virtual size: 53B

.rsrc
Size: 87KB - Virtual size: 88KB

.reloc
Size: 17KB - Virtual size: 16KB

.text
Size: 195KB - Virtual size: 194KB

.expo
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 21KB - Virtual size: 21KB

.idata
Size: 7KB - Virtual size: 6KB

.edata
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 28KB - Virtual size: 27KB

.reloc
Size: 11KB - Virtual size: 11KB

.text
Size: 192KB - Virtual size: 190KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 28KB - Virtual size: 28KB

.rsrc
Size: 4KB - Virtual size: 936B

.reloc
Size: 12KB - Virtual size: 9KB

.text
Size: 243KB - Virtual size: 243KB

.rdata
Size: 44KB - Virtual size: 44KB

.data
Size: 12KB - Virtual size: 19KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 916B

.reloc
Size: 12KB - Virtual size: 12KB

.text
Size: 30KB - Virtual size: 30KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 15KB - Virtual size: 20KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 3KB

.text
Size: 104KB - Virtual size: 100KB

.data
Size: 20KB - Virtual size: 25KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 844B

.rsrc
Size: 6KB - Virtual size: 5KB

.text
Size: - Virtual size: 2KB

.rdata
Size: - Virtual size: 1KB

.data
Size: - Virtual size: 1KB

.text1
Size: 192KB - Virtual size: 192KB

.adata
Size: 52KB - Virtual size: 64KB

.data1
Size: 36KB - Virtual size: 128KB

.pdata
Size: 1.7MB - Virtual size: 1.8MB

.rsrc
Size: 4KB - Virtual size: 4KB

.text
Size: 520KB - Virtual size: 519KB