71a0803756d4d8e1d20cd5c2a5aba3d1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

71a0803756d4d8e1d20cd5c2a5aba3d1_JaffaCakes118
Size

10.1MB
MD5

71a0803756d4d8e1d20cd5c2a5aba3d1
SHA1

3312108e18b0f026d71ba91f81f5b50697d9f11f
SHA256

5768924bdf1775a4e0065c902b7c4c2b7b4251fa44489a9f8826121a41de950f
SHA512

ae86f6dd8310f86d0ade54e21262daf5ada2084875b22f77ab49b1cf80acb07398db00310dfa1775673b701ccdc798aa533bf692e704674d8eee439e7c38a545
SSDEEP

196608:Q9F5uj7fn8bQ5kMBcurjvxz9iTWerXZtxQJDmIRJ0tyHg5AnCfL:QDcjj8UBtXyTnrptxiVGegaCfL

Score

3^/10

Malware Config

Signatures

Unsigned PE 22 IoCs

Checks for missing Authenticode signature.

resource
unpack002/_0200BEB4EFB34AC8AF68134E35F0622D
unpack002/_046F793A99A0418D88688855C86DB628
unpack002/_07F57D9CEFDA42F78AFA5E0E12E5A347
unpack002/_1B4DC5A2E06842A2AF67D90F083EA79B
unpack002/_20B90E3F0F2A419B8938D245E523764E
unpack002/_2797A4C85C6646FB9F5D7699281AD20E
unpack002/_5166333B561A42EFB427183C9CD5A5B1
unpack002/_51F27D9C8FDC4BD282031DF404D02A73
unpack002/_528528BFE55848F79C4FFC8647DC53F9
unpack002/_6227252443C841BF9FFDFF29A9856421
unpack002/_6EB9C22CA48A4A69B04ABDFBFC299E16
unpack002/_73879329B7A54092960B157833962A59
unpack002/_91DD0277F6794C6597E2DA27B65C4BBC
unpack002/_A40BCB9B90BC41C692ECCE672F8800FD
unpack002/_B5CA5227B1C24B17A565A4E8176F6601
unpack002/_BBCA55E33AF34A9780F85F92C57DC336
unpack002/_CA977D7CFCD14F7AAECC4C40089C6237
unpack002/_D0E8288CDAFD40A2B6AD599CBD54170E
unpack002/_E9B310DB31B141ECA9D91559763180F2
unpack002/_FF8084ADDBEE484EBD41E7E46E6E6CB7
unpack001/MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/msi.dll
unpack001/MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/setup.exe

NSIS installer 1 IoCs

installer

resource	yara_rule
static1/unpack001/MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/setup.exe	nsis_installer_2

Files

71a0803756d4d8e1d20cd5c2a5aba3d1_JaffaCakes118
.rar
MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/AdfuUpdate.inf
MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/AmvPlayer.ini
MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/AmvTransform.ini
MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/Disktool.INI
MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/Fwupgrade.INI
MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/InstMsiA.exe
.exe windows:5 windows x86 arch:x86

1494de9b53e05fc1f40cb92afbdd6ce4

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:07:11:43:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/05/2002, 00:55

Not After

25/11/2003, 01:05

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
GetModuleFileNameA
lstrlenA
GetSystemDirectoryA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
lstrcatA
lstrcpyA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
GetProcAddress
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
CloseHandle
LoadResource
SizeofResource
FindResourceA
ReadFile
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
LockResource
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
GlobalFree

gdi32

GetDeviceCaps

user32

ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/InstMsiW.exe
.exe windows:5 windows x86 arch:x86

1494de9b53e05fc1f40cb92afbdd6ce4

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:07:11:43:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/05/2002, 00:55

Not After

25/11/2003, 01:05

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
GetModuleFileNameA
lstrlenA
GetSystemDirectoryA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
lstrcatA
lstrcpyA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
GetProcAddress
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
CloseHandle
LoadResource
SizeofResource
FindResourceA
ReadFile
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
LockResource
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
GlobalFree

gdi32

GetDeviceCaps

user32

ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/MSI.CAB
.cab
_0200BEB4EFB34AC8AF68134E35F0622D
.dll windows:5 windows x86 arch:x86

c6e592e19acd0da69bdcb49a95a6f100

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntoskrnl.exe

IoDeleteDevice
KeInitializeEvent
KeInitializeSpinLock
IofCallDriver
IoSetDeviceInterfaceState
IoBuildDeviceIoControlRequest
IoRegisterDeviceInterface
ExAllocatePoolWithTag
IoCreateDevice
KeSetEvent
InterlockedDecrement
KeWaitForSingleObject
InterlockedIncrement
ExFreePool
IofCompleteRequest
IoDetachDevice
KeInitializeDpc
IoAttachDeviceToDeviceStack
RtlInitUnicodeString
ObfReferenceObject
PoRequestPowerIrp
PoCallDriver
PoStartNextPowerIrp
IoFreeIrp
IoAllocateIrp
ExQueueWorkItem
KeInsertQueueDpc

hal

KfAcquireSpinLock
KfReleaseSpinLock
KeStallExecutionProcessor

usbd.sys

USBD_CreateConfigurationRequest
USBD_GetUSBDIVersion
_USBD_ParseConfigurationDescriptorEx@28

Exports

Exports

UMSS_GetMaxLun
UMSS_GetNextPDO
UMSS_RegisterCompletionHandler
UMSS_StartRequest

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 288B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 192B - Virtual size: 171B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 992B - Virtual size: 990B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 832B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 480B - Virtual size: 454B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_035A636C97D3484388108E7A809E4238
_0368F931787C440698E442F539090BA7
_046F793A99A0418D88688855C86DB628
.dll windows:4 windows x86 arch:x86

a0e4f543c8a56bc720eb38d4ccdb60a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetEnvironmentStrings
SUnMapLS_IP_EBP_28
ThunkConnect32
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
SMapLS_IP_EBP_28
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind
GetEnvironmentStrings
SUnMapLS_IP_EBP_28
ThunkConnect32
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
SMapLS_IP_EBP_28
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind

Exports

Exports

CheckInt13Extension32
Disk_ThunkData32
ReadDisk32
WriteDisk32

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_07F57D9CEFDA42F78AFA5E0E12E5A347
.exe windows:4 windows x86 arch:x86

84e2184d089dcb666c7b772c661b1f17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dsound

ord1

comctl32

ImageList_GetImageInfo
_TrackMouseEvent
ImageList_GetIconSize
ImageList_Draw

kernel32

GetModuleHandleA
GetStartupInfoA
ReleaseMutex
FreeLibrary
CloseHandle
CreateFileA
GetPrivateProfileIntA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
OpenMutexA
ResetEvent
GetTickCount
GetSystemDefaultLangID
CopyFileA
DeleteFileA
GetSystemDirectoryA
GetModuleFileNameA
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
SetEvent
Sleep
CreateEventA
CreateThread
SetThreadPriority
lstrcpynA
GetPrivateProfileStringA
WritePrivateProfileStringA
FindFirstFileA
CreateMutexA
LoadLibraryA
GetLastError
GetProcAddress
WaitForSingleObject
OpenFileMappingA

user32

GetDesktopWindow
SetRect
TabbedTextOutA
DrawTextA
GrayStringA
GetFocus
PeekMessageA
PtInRect
FindWindowA
MessageBoxA
CallWindowProcA
ShowWindow
MoveWindow
GetWindowDC
SetWindowRgn
FrameRect
DrawStateA
IsWindow
SetWindowPos
SetWindowLongA
IsIconic
AppendMenuA
MapWindowPoints
GetAsyncKeyState
RedrawWindow
LoadBitmapA
GetSysColorBrush
GetSystemMenu
ScreenToClient
PostThreadMessageA
MsgWaitForMultipleObjects
UnhookWindowsHookEx
CallNextHookEx
KillTimer
SetRectEmpty
InflateRect
GetSysColor
OffsetRect
DrawFocusRect
TrackPopupMenuEx
ClientToScreen
WindowFromPoint
GetActiveWindow
SetCursor
GetNextDlgTabItem
GetWindowLongA
DestroyIcon
DestroyCursor
DestroyMenu
LoadImageA
EnableWindow
PostMessageA
LoadMenuA
GetSubMenu
GetMenuItemCount
ModifyMenuA
GetMenuItemID
GetCursorPos
GetDC
ReleaseDC
GetWindowRect
InvalidateRect
GetClientRect
WinHelpA
GetIconInfo
CreateIconIndirect
FillRect
CopyRect
UpdateWindow
SetWindowsHookExA
GetParent
SystemParametersInfoA
CopyImage
DrawIconEx
SetTimer
GetSystemMetrics
SendMessageA

gdi32

CreateFontIndirectA
StretchDIBits
GetTextExtentPoint32A
DeleteDC
DeleteObject
BitBlt
SetWindowOrgEx
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
StretchBlt
GetStockObject
SetBkColor
CreateBitmap
SetPixel
GetPixel
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
PatBlt
RealizePalette
SelectPalette
ExtCreateRegion
GetDIBits
CreateICA
EnumFontFamiliesA
GetTextCharsetInfo
CreateRectRgnIndirect
GetObjectA
CreateRectRgn
CombineRgn

advapi32

RegSetValueA
RegCloseKey
RegCreateKeyA

shell32

DragQueryFileA
DragFinish
ShellExecuteExA

ole32

CoUninitialize
CreateStreamOnHGlobal
CoInitializeEx

oleaut32

OleLoadPicture

mfc42

ord4284
ord4710
ord5710
ord3301
ord1644
ord4185
ord5628
ord909
ord696
ord394
ord3643
ord1949
ord3286
ord6007
ord2713
ord2243
ord1105
ord6111
ord2044
ord5834
ord6215
ord6380
ord2645
ord4694
ord2448
ord3452
ord3998
ord6907
ord2642
ord4299
ord3546
ord790
ord3716
ord3693
ord430
ord2504
ord1176
ord4243
ord559
ord2614
ord693
ord812
ord3640
ord3370
ord4402
ord2582
ord6282
ord6283
ord4204
ord2915
ord2107
ord5781
ord3706
ord2841
ord682
ord3630
ord4400
ord2580
ord4235
ord1576
ord2024
ord2413
ord2450
ord4224
ord6779
ord6394
ord5450
ord6383
ord5440
ord2763
ord5067
ord4635
ord4759
ord562
ord816
ord4607
ord4454
ord800
ord540
ord825
ord1200
ord2818
ord924
ord858
ord1168
ord3619
ord1641
ord3626
ord2414
ord3663
ord535
ord537
ord939
ord941
ord4277
ord2764
ord641
ord6055
ord4078
ord1776
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3402
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3721
ord795
ord860
ord567
ord4275
ord2860
ord2864
ord5875
ord755
ord640
ord1640
ord323
ord470
ord823
ord6880
ord2859
ord2379
ord6453
ord4220
ord2584
ord3654
ord2438
ord6270
ord2863
ord5063
ord1146
ord6197
ord6378
ord1175
ord2452
ord613
ord5785
ord289
ord4278
ord5683
ord3571
ord2575
ord4396
ord3574
ord809
ord609
ord556
ord2405
ord5053
ord5981
ord3874
ord4133
ord4297
ord5788
ord472
ord283
ord2122
ord6358
ord1088
ord2567
ord1834
ord4229
ord1771
ord6366
ord2455
ord4497
ord4219
ord2581
ord4401
ord3639
ord6654
ord4716
ord4750
ord5016
ord5265
ord4375
ord4852
ord4998
ord2515
ord6052
ord1775
ord5280
ord4834
ord4425
ord802
ord542
ord355
ord692
ord6567
ord922
ord6762
ord3200
ord3092
ord3907
ord3815
ord5651
ord3127
ord3616
ord665
ord1979
ord5442
ord3318
ord5186
ord350
ord354
ord2753
ord3573
ord6172
ord3797
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord5873
ord5789
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord6194
ord384
ord686
ord3293
ord5289
ord2862
ord3910
ord5787
ord3754
ord6888
ord6675
ord538
ord6648
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord3597
ord5714
ord4622
ord3738
ord815
ord561
ord2514
ord617
ord5214
ord296
ord4159
ord6117
ord2621
ord1134
ord4376
ord4853
ord1803
ord324
ord2302
ord4234
ord6199
ord6241
ord2725
ord4230

msvcrt

__p__fmode
_acmdln
_XcptFilter
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
_controlfp
__set_app_type
_stricmp
_setmbcp
__getmainargs
_exit
?terminate@@YAXXZ
_except_handler3
_onexit
_mbsicmp
_strdup
memmove
fread
sscanf
_mbsicoll
exit
free
__dllonexit
strchr
strrchr
time
localtime
sprintf
fopen
fwrite
vfprintf
fclose
_mbscmp
_mbsnbcpy
atoi
__CxxFrameHandler
_ftol

Sections

.text
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_0901CF1F2F3F40589047A58594F3B940
_093A8F17A21146508FDCBB4D5142E720
_0ADD2D27C82D465AB60F537564C1C551
_0DAA63FA4A02431A86901EA116DB76DB
_0F8DEEB6A699445CBD1AEDF8E3977E14
_147C28713DB44828B1B9CC82EB2037F6
_17551744EA394F279D3E33BC201B0F9D
_1A254ED0A8434CB4B380811041EA710B
_1B4DC5A2E06842A2AF67D90F083EA79B
.dll windows:4 windows x86 arch:x86

3c75018a31636a38bbbd789f3af2b482

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntoskrnl.exe

ExFreePool
KeSetEvent
InterlockedDecrement
IoBuildDeviceIoControlRequest
ExAllocatePoolWithTag
RtlQueryRegistryValues
IoOpenDeviceRegistryKey
IoDeleteDevice
IoDetachDevice
InterlockedIncrement
ZwClose
KeWaitForSingleObject
RtlInitUnicodeString
PoRequestPowerIrp
PoCallDriver
PoStartNextPowerIrp
IoFreeIrp
IoAllocateIrp
ExQueueWorkItem
KeInsertQueueDpc
IoCreateDevice
KeInitializeEvent
KeInitializeSpinLock
IofCallDriver
ObfReferenceObject
KeInitializeDpc
IofCompleteRequest
IoAttachDeviceToDeviceStack

hal

KeStallExecutionProcessor
KfAcquireSpinLock
KfReleaseSpinLock

usbd.sys

USBD_GetUSBDIVersion
USBD_CreateConfigurationRequest
_USBD_ParseConfigurationDescriptorEx@28

Exports

Exports

UMSS_GetMaxLun
UMSS_GetNextPDO
UMSS_RegisterCompletionHandler
UMSS_StartRequest

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 192B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 832B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 416B - Virtual size: 386B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_1B69C7770AAA431B861DF0D2C2408253
_1D0E49FA575846418C21EA59D74977BF
_1DEBE9680B714D66AF1C983CE47F8E93
_1DF73217BB3C4D82BD9D6D43F230E3F2
_1E04C5195CB34EBD8D2A96FABD8ABB56
_1F6E32A8F43E4798A1E9B9347A141C51
_20B90E3F0F2A419B8938D245E523764E
.dll regsvr32 windows:4 windows x86 arch:x86

d30080695b4ab11081783c0b12fa4f1a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
Sleep
GetSystemDefaultLangID
lstrcpynW
DisableThreadLibraryCalls
HeapAlloc
GetSystemInfo
GetVersionExA
HeapCreate
lstrlenA
lstrcpynA
lstrcatA
lstrcpyA
EnterCriticalSection
InterlockedDecrement
lstrlenW
DebugBreak
FindClose
CreateFileA
GetFileSize
ReadFile
CloseHandle
DeleteCriticalSection
FindFirstFileA
lstrcmpiA
FindNextFileA
GetLastError
lstrcmpA
GetFileAttributesA
LeaveCriticalSection
InterlockedIncrement
InitializeCriticalSection
HeapFree

user32

SetCursor
InsertMenuA
GetCursor
LoadCursorA
LoadStringA

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

DragQueryFileA
ShellExecuteA

ole32

ReleaseStgMedium

oleaut32

SysFreeString
LoadRegTypeLi
SysStringLen

shlwapi

StrCmpIW

atl

ord23
ord16
ord15
ord21
ord18
ord57
ord32
ord58
ord30

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_22A7643F5B704B74B2636AC698E060E9
_23C78418266442168F20046E2004F6C8
_2797A4C85C6646FB9F5D7699281AD20E
.exe windows:5 windows x86 arch:x86

119233f82752a98520a64b8d5c0cd6db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
_controlfp
_adjust_fdiv
__p__fmode
__set_app_type
__p__commode
towlower
??2@YAPAXI@Z
??3@YAXPAX@Z
_iob
fputs
__wgetmainargs
__setusermatherr
_initterm
_XcptFilter
__p___winitenv
exit
wcsrchr
_exit
wprintf
towupper
_wcsnicmp
iswalpha
fputws
_wcsicmp
wcschr

advapi32

RegCloseKey
RegQueryValueExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges

kernel32

LoadLibraryW
GetProcAddress
FreeLibrary
GetFullPathNameW
FileTimeToSystemTime
GetDateFormatW
lstrcpynW
lstrcpyW
lstrcmpiW
lstrcmpW
GetLastError
GetCurrentProcess
lstrlenW
FormatMessageW
LocalFree
CloseHandle

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList
CM_Get_Device_ID_ExW
SetupDiEnumDeviceInfo
SetupDiGetDeviceInfoListDetailW
SetupDiOpenDeviceInfoW
SetupDiGetClassDevsExW
SetupDiCreateDeviceInfoListExW
SetupDiClassGuidsFromNameExW
CM_Get_DevNode_Status_Ex
CM_Get_Res_Des_Data_Ex
CM_Get_Res_Des_Data_Size_Ex
CM_Free_Res_Des_Handle
CM_Get_Next_Res_Des_Ex
CM_Free_Log_Conf_Handle
CM_Get_First_Log_Conf_Ex
SetupDiDestroyDriverInfoList
SetupDiGetDriverInfoDetailW
SetupDiEnumDriverInfoW
SetupDiBuildDriverInfoList
SetupDiSetDeviceInstallParamsW
SetupDiOpenDevRegKey
SetupDiGetDeviceInstallParamsW
SetupCloseFileQueue
SetupScanFileQueueW
SetupDiCallClassInstaller
SetupOpenFileQueue
SetupDiSetSelectedDriverW
SetupDiGetDriverInstallParamsW
SetupDiOpenClassRegKeyExW
SetupDiGetClassDescriptionExW
SetupDiClassNameFromGuidExW
SetupDiBuildClassInfoListExW
SetupDiSetClassInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiCreateDeviceInfoW
SetupDiCreateDeviceInfoList
SetupDiGetINFClassW
CM_Disconnect_Machine
CM_Reenumerate_DevNode_Ex
CM_Locate_DevNode_ExW
CM_Connect_MachineW

user32

CharNextW
LoadStringW
ExitWindowsEx

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_27B8C3D7D0994AE0B9EEE6CC89E3148E
_29F1BB2847B84F499F5F20825A00ABC4
.html
_2A94A2533E9C4F8481AFD28340E5094A
_2B494F7268314CF39AFA4861F0EDAB20
_321EC7552A0C40CE8B1EF6A6D90F7B1F
.chm
_330687F9852D4A4A94E7BA8BE4A5CECA
_337AAFE51E7446D6BABEF3B5CBFF4A85
_342F4B50B83549829607165A617DC40C
.vbs
_357999644DF34D2CA7442BA96527B93E
_3CDD561900D546D29FC7E7030A037C86
_3F16066EA4204839A6A09EE36F56B757
_409966C9CFA64CDC8586B17C39294F00
_42F44AD61191441386459A9489068B81
.chm
_45E78F43A57D42568BB318CE10EE62FD
_45EC43C422E647589808637DDBA3AE7F
.chm
_47F2F9020AAA4D3B9AAFECC85832B3D6
_499EFAB3963F4894BBB6056936A58395
_4C2379E67BD84E369D70B4C370C34DC1
_4DB18B44A6754659B7CFF7ED4D0BDEA8
_4E05B9D09B854B7AABA6A6E4DCB1008B
_4E8D2D898B524FCB8549DA161835000A
_50440A9784214246AAD318160B764D56
_5166333B561A42EFB427183C9CD5A5B1
.dll windows:5 windows x86 arch:x86

c6e592e19acd0da69bdcb49a95a6f100

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntoskrnl.exe

IoDeleteDevice
KeInitializeEvent
KeInitializeSpinLock
IofCallDriver
IoSetDeviceInterfaceState
IoBuildDeviceIoControlRequest
IoRegisterDeviceInterface
ExAllocatePoolWithTag
IoCreateDevice
KeSetEvent
InterlockedDecrement
KeWaitForSingleObject
InterlockedIncrement
ExFreePool
IofCompleteRequest
IoDetachDevice
KeInitializeDpc
IoAttachDeviceToDeviceStack
RtlInitUnicodeString
ObfReferenceObject
PoRequestPowerIrp
PoCallDriver
PoStartNextPowerIrp
IoFreeIrp
IoAllocateIrp
ExQueueWorkItem
KeInsertQueueDpc

hal

KfAcquireSpinLock
KfReleaseSpinLock
KeStallExecutionProcessor

usbd.sys

USBD_CreateConfigurationRequest
USBD_GetUSBDIVersion
_USBD_ParseConfigurationDescriptorEx@28

Exports

Exports

UMSS_GetMaxLun
UMSS_GetNextPDO
UMSS_RegisterCompletionHandler
UMSS_StartRequest

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 288B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 192B - Virtual size: 171B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 992B - Virtual size: 990B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 832B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 480B - Virtual size: 454B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_51F27D9C8FDC4BD282031DF404D02A73
.dll windows:4 windows x86 arch:x86

28246e3fbcffaa9f00e83f6b0233f849

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStdHandle
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetProcAddress
RaiseException
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
HeapFree
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

AmvEncoder
AmvEncoderClose
AmvEncoderInit
AmvHeaderEncoder

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_528528BFE55848F79C4FFC8647DC53F9
.dll windows:4 windows x86 arch:x86

aeba2f61e319c861c440d5799ab2c73b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces

mfc42

ord356
ord1200
ord4277
ord2915
ord2764
ord2763
ord4204
ord6283
ord6282
ord801
ord5861
ord541
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord2770
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord668
ord4424
ord3738
ord561
ord815
ord940
ord2818
ord5442
ord537
ord860
ord924
ord269
ord826
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord858
ord941
ord354
ord5186
ord3318
ord823
ord1979
ord535
ord665
ord800
ord825
ord540
ord1168
ord1575
ord1176
ord1116
ord5714
ord4622

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
_EH_prolog
sscanf
_mbscmp
sprintf
fopen
fread
_stat
malloc
free
strncpy
_mkdir
__CxxFrameHandler
fclose

kernel32

GetPrivateProfileStringA
DeviceIoControl
CreateFileA
CloseHandle
GetLogicalDriveStringsA
GetDriveTypeA
GetModuleFileNameA
LoadLibraryA
GetProcAddress
GetWindowsDirectoryA
CopyFileA
DeleteFileA
FreeLibrary
FindFirstFileA
LocalFree
LocalAlloc
Sleep
GetVersionExA
GetSystemDefaultLangID
WaitForSingleObject
ResetEvent
CreateEventA
GetLastError

user32

PeekMessageA
TranslateMessage
DispatchMessageA
GetTopWindow
GetWindow
SendMessageA
KillTimer
SetTimer
LoadCursorA
SetCursor
MessageBoxA
GetWindowTextA

ole32

CoCreateGuid

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?_Xlen@std@@YAXXZ

Exports

Exports

DownFimware
EnableDrm
EnableErase
Eraseflash
GetDeviceInfo
GetFirmwareInfo
GetFmVersion
GetLogoRes
GetTotalNumber
GetUDiskCount
Initial
ReSetUdisk
SetDTFile
SetDownAutorun
SetFirmwareFile
SetPKFile

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_52F7995691804071AB89F1930BBB0FD9
_55426AF2A0B7421D88C3003D5C6DE56B
_55E431F8AE0E4C39B9F7BA701D5C1687
.rtf
_584BD662795742FEAD19D307C3D41D84
_5A97E6612FD942DC80376C05603F8CBE
_5DC2633923D44F4C8570392FA3A6BF90
_600B2382DA8349F897D8A5F592D85A1C
_6083DC713F36445F9EFE02D1F7C3E75E
_611736EA86604374B59F447AFC14E044
.dll windows:6 windows x86 arch:x86

785d5607ed2f18f4ea0be5809350b169

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:07:11:43:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/05/2002, 00:55

Not After

25/11/2003, 01:05

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

unicows.pdb

Imports

kernel32

GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetDriveTypeA
GetDriveTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
FindClose
IsDBCSLeadByte
GetFullPathNameA
GetFullPathNameW
GetLocaleInfoW
GetLogicalDriveStringsA
GetLogicalDriveStringsW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
GetNamedPipeHandleStateA
GetNamedPipeHandleStateW
GetNumberFormatA
GetNumberFormatW
GetPrivateProfileIntA
GetPrivateProfileIntW
GetPrivateProfileSectionA
GetPrivateProfileSectionW
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionNamesW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetPrivateProfileStructA
GetPrivateProfileStructW
GetProfileIntA
GetProfileIntW
GetProfileSectionA
GetProfileSectionW
GetProfileStringA
GetProfileStringW
GetShortPathNameA
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStringTypeExA
GetStringTypeExW
GetSystemDirectoryA
GetSystemDirectoryW
GetTempFileNameW
GetTempPathW
GetTimeFormatA
GetTimeFormatW
GetVersionExA
GetVersionExW
GetVolumeInformationA
GetVolumeInformationW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAddAtomW
GlobalFindAtomA
GlobalFindAtomW
GlobalGetAtomNameA
GlobalGetAtomNameW
IsBadStringPtrW
IsValidCodePage
LCMapStringA
LCMapStringW
LoadLibraryW
LoadLibraryExW
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
MoveFileW
OpenEventA
OpenEventW
GetDefaultCommConfigW
OpenFileMappingW
OpenMutexA
OpenMutexW
OpenSemaphoreA
OpenSemaphoreW
OutputDebugStringA
OutputDebugStringW
PeekConsoleInputA
PeekConsoleInputW
QueryDosDeviceA
QueryDosDeviceW
ReadConsoleA
ReadConsoleW
ReadConsoleInputA
ReadConsoleInputW
ReadConsoleOutputA
ReadConsoleOutputW
ReadConsoleOutputCharacterA
ReadConsoleOutputCharacterW
RemoveDirectoryA
RemoveDirectoryW
ScrollConsoleScreenBufferA
ScrollConsoleScreenBufferW
SearchPathA
SearchPathW
SetComputerNameA
SetComputerNameW
SetConsoleTitleA
SetConsoleTitleW
SetCurrentDirectoryA
SetCurrentDirectoryW
SetDefaultCommConfigA
SetDefaultCommConfigW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetFileAttributesA
SetFileAttributesW
SetLocaleInfoA
SetLocaleInfoW
SetVolumeLabelA
SetVolumeLabelW
VerLanguageNameA
VerLanguageNameW
WaitNamedPipeA
WaitNamedPipeW
WriteConsoleA
WriteConsoleW
WriteConsoleInputA
WriteConsoleInputW
WriteConsoleOutputA
WriteConsoleOutputW
WriteConsoleOutputCharacterA
WriteConsoleOutputCharacterW
WritePrivateProfileSectionA
WritePrivateProfileSectionW
WritePrivateProfileStringA
WritePrivateProfileStringW
WritePrivateProfileStructA
WritePrivateProfileStructW
WriteProfileSectionA
WriteProfileSectionW
WriteProfileStringA
WriteProfileStringW
FindResourceA
lstrcpyA
IsBadWritePtr
SetErrorMode
GetStringTypeW
FindResourceW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
GetDefaultCommConfigA
GetDateFormatW
GetDateFormatA
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrencyFormatW
GetCurrencyFormatA
GetConsoleTitleW
GetConsoleTitleA
GetComputerNameW
GetComputerNameA
GetAtomNameW
GetAtomNameA
FormatMessageW
FormatMessageA
LocalFree
HeapReAlloc
LocalAlloc
FreeEnvironmentStringsW
FindNextFileW
FindNextFileA
FindFirstFileW
FindFirstFileA
FindFirstChangeNotificationW
FindFirstChangeNotificationA
FindAtomW
FindAtomA
FillConsoleOutputCharacterW
FillConsoleOutputCharacterA
FatalAppExitW
FatalAppExitA
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
EnumTimeFormatsW
EnumTimeFormatsA
EnumSystemLocalesW
EnumSystemLocalesA
EnumSystemCodePagesW
EnumDateFormatsW
EnumDateFormatsA
EnumCalendarInfoW
EnumCalendarInfoA
DeleteFileW
CreateSemaphoreW
CreateSemaphoreA
CreateProcessW
CreateProcessA
CreateNamedPipeW
CreateNamedPipeA
CreateMutexW
CreateMutexA
CreateMailslotW
CreateMailslotA
CreateFileMappingW
CreateFileMappingA
CreateFileW
CreateEventW
CreateEventA
CreateDirectoryExW
CreateDirectoryExA
CreateDirectoryW
CreateDirectoryA
CopyFileW
CopyFileA
CompareStringW
CommConfigDialogW
CommConfigDialogA
CallNamedPipeW
CallNamedPipeA
BuildCommDCBAndTimeoutsW
BuildCommDCBAndTimeoutsA
BuildCommDCBW
BuildCommDCBA
AddAtomW
AddAtomA
InitializeCriticalSection
GetACP
GetOEMCP
DeleteCriticalSection
GetFileAttributesA
LoadLibraryExA
EnumResourceTypesW
EnumResourceNamesW
EnumResourceLanguagesW
lstrlenW
FindResourceExW
SizeofResource
LoadResource
LockResource
FreeResource
GetTempFileNameA
GetTempPathA
DeleteFileA
MoveFileA
_lclose
_lread
_lwrite
_llseek
VirtualQuery
GetSystemInfo
VirtualFree
VirtualAlloc
VirtualProtect
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection
CompareStringA
GlobalAddAtomA
AreFileApisANSI
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
GetCurrentThreadId
lstrcmpA
WideCharToMultiByte
lstrcmpiA
GetLocaleInfoA
CreateFileA
GetFileSize
CloseHandle
IsDBCSLeadByteEx
LoadLibraryA
InterlockedExchange
FreeLibrary
GetModuleHandleA
GetProcAddress
GetCPInfo
GetVersion
GetFileAttributesW
GetLastError
lstrlenA
GetProcessHeap
HeapAlloc
SetLastError
MultiByteToWideChar
OpenFileMappingA
HeapFree
RtlUnwind

user32

SystemParametersInfoW
TranslateAcceleratorW
TabbedTextOutA
TabbedTextOutW
UnregisterClassA
UnregisterClassW
VkKeyScanExA
VkKeyScanExW
WinHelpA
WinHelpW
wvsprintfW
EnumClipboardFormats
GetClipboardData
VkKeyScanW
wsprintfW
IsCharLowerW
IsCharAlphaNumericW
IsCharAlphaW
InsertMenuItemW
InsertMenuItemA
InsertMenuW
InsertMenuA
GrayStringW
GrayStringA
GetWindowTextLengthW
GetWindowTextLengthA
GetWindowTextW
GetWindowTextA
GetWindowLongW
GetTabbedTextExtentW
GetTabbedTextExtentA
GetPropW
GetMessageW
GetMenuStringW
GetMenuStringA
GetMenuItemInfoW
GetMenuItemInfoA
GetKeyNameTextW
GetKeyboardLayout
GetKeyNameTextA
GetKeyboardLayoutNameW
GetKeyboardLayoutNameA
GetDlgItemTextW
GetDlgItemTextA
GetClipboardFormatNameW
GetClipboardFormatNameA
GetClassNameW
GetClassLongW
GetClassLongA
GetClassInfoExW
GetClassInfoExA
GetClassInfoW
GetClassInfoA
FindWindowExW
FindWindowExA
FindWindowW
FindWindowA
EnableWindow
EnumPropsExW
EnumPropsExA
EnumPropsW
EnumPropsA
EnumDisplaySettingsW
EnumDisplaySettingsA
DrawTextExW
DrawTextExA
DrawTextW
DrawTextA
DrawStateW
DrawStateA
DlgDirSelectExW
DlgDirSelectExA
DlgDirSelectComboBoxExW
DlgDirSelectComboBoxExA
DlgDirListComboBoxW
DlgDirListComboBoxA
DlgDirListW
SystemParametersInfoA
DispatchMessageW
DialogBoxParamW
DialogBoxParamA
DialogBoxIndirectParamW
DialogBoxIndirectParamA
DefMDIChildProcW
DefFrameProcW
DefDlgProcW
DdeQueryStringW
DdeQueryStringA
DdeQueryConvInfo
DdeInitializeW
DdeInitializeA
DdeCreateStringHandleW
DdeCreateStringHandleA
DdeConnectList
DdeConnect
CharUpperBuffW
CharUpperW
CharToOemBuffW
CharToOemW
CharPrevW
CharNextW
CharLowerBuffW
CharLowerW
ChangeMenuW
SetWindowTextW
SetWindowTextA
SetWindowsHookExW
SetWindowsHookW
SetWindowsHookA
SetWindowLongW
SetPropW
SetMenuItemInfoW
SetMenuItemInfoA
SetDlgItemTextW
SetDlgItemTextA
SetClassLongW
SetClassLongA
SendNotifyMessageW
SendMessageTimeoutW
SendMessageCallbackW
SendMessageW
SendDlgItemMessageW
RemovePropW
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClipboardFormatA
RegisterClassExW
RegisterClassExA
RegisterClassW
RegisterClassA
PostThreadMessageW
PostMessageW
PeekMessageW
OemToCharBuffW
OemToCharW
ModifyMenuW
ModifyMenuA
MessageBoxIndirectW
MessageBoxIndirectA
MessageBoxExW
MessageBoxW
MapVirtualKeyExW
MapVirtualKeyExA
ChangeMenuA
ChangeDisplaySettingsW
ChangeDisplaySettingsA
CreateWindowExW
CreateWindowExA
CreateMDIWindowW
CreateMDIWindowA
CreateDialogParamW
CreateDialogParamA
CreateDialogIndirectParamW
CreateDialogIndirectParamA
CreateAcceleratorTableW
CreateAcceleratorTableA
CopyAcceleratorTableW
CopyAcceleratorTableA
CallWindowProcW
CallMsgFilterW
CallMsgFilterA
AppendMenuW
AppendMenuA
GetWindowThreadProcessId
SetWindowLongA
TranslateAcceleratorA
IsDialogMessageA
DispatchMessageA
PeekMessageA
GetMessageA
PostThreadMessageA
PostMessageA
SendNotifyMessageA
SendMessageTimeoutA
SendMessageCallbackA
SendMessageA
DefWindowProcA
CallWindowProcA
DefMDIChildProcA
DefFrameProcA
DefDlgProcA
GetWindowLongA
GetParent
GetDlgItem
SetPropA
RemovePropA
GetPropA
IsDlgButtonChecked
GetClassNameA
CharLowerA
CharUpperA
UnhookWindowsHookEx
SetWindowsHookExA
MapVirtualKeyW
CallNextHookEx
MapVirtualKeyA
LoadStringW
LoadMenuIndirectW
LoadMenuIndirectA
EnumChildWindows
RegisterWindowMessageA
LoadMenuW
LoadMenuA
LoadKeyboardLayoutW
LoadKeyboardLayoutA
LoadImageW
LoadImageA
LoadIconW
LoadIconA
LoadCursorFromFileW
LoadCursorFromFileA
LoadCursorW
LoadCursorA
LoadBitmapW
LoadBitmapA
LoadAcceleratorsW
LoadAcceleratorsA
IsWindowUnicode
IsWindow
IsDialogMessageW
DlgDirListA
IsClipboardFormatAvailable
IsCharUpperW

gdi32

GetEnhMetaFileDescriptionW
GetGlyphOutlineA
GetGlyphOutlineW
GetICMProfileA
GetICMProfileW
GetKerningPairsA
GetKerningPairsW
GetLogColorSpaceA
GetLogColorSpaceW
GetMetaFileA
GetMetaFileW
GetObjectA
GetObjectType
GetObjectW
GetOutlineTextMetricsA
GetOutlineTextMetricsW
GetTextExtentExPointA
GetTextExtentExPointW
GetTextExtentPointA
GetEnhMetaFileDescriptionA
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextFaceA
GetTextFaceW
GetTextMetricsA
GetTextMetricsW
PolyTextOutA
PolyTextOutW
RemoveFontResourceA
RemoveFontResourceW
ResetDCA
ResetDCW
SetICMProfileA
SetICMProfileW
StartDocA
StartDocW
TextOutW
UpdateICMRegKeyA
UpdateICMRegKeyW
GetEnhMetaFileW
GetEnhMetaFileA
GetCharacterPlacementW
GetCharacterPlacementA
GetCharWidthFloatW
GetCharWidthFloatA
GetCharWidth32W
GetCharWidthW
GetCharWidthA
GetCharABCWidthsFloatW
GetCharABCWidthsFloatA
GetCharABCWidthsW
GetCharABCWidthsA
ExtTextOutW
ExtTextOutA
EnumICMProfilesW
EnumICMProfilesA
EnumFontsW
EnumFontsA
EnumFontFamiliesExW
EnumFontFamiliesExA
EnumFontFamiliesW
EnumFontFamiliesA
CreateScalableFontResourceW
CreateScalableFontResourceA
CreateMetaFileW
CreateMetaFileA
CreateICW
CreateICA
CreateFontIndirectW
CreateFontIndirectA
CreateFontW
CreateFontA
CreateEnhMetaFileW
CreateEnhMetaFileA
CreateDCW
CreateDCA
CreateColorSpaceW
CreateColorSpaceA
CopyMetaFileW
CopyMetaFileA
CopyEnhMetaFileW
CopyEnhMetaFileA
AddFontResourceW
AddFontResourceA
GetFontData
GetTextExtentPointW
TranslateCharsetInfo
GetTextCharset

mpr

WNetGetUniversalNameW
MultinetGetConnectionPerformanceW
WNetAddConnectionA
WNetAddConnectionW
WNetAddConnection2A
WNetAddConnection2W
WNetAddConnection3A
WNetAddConnection3W
WNetCancelConnectionA
WNetCancelConnectionW
WNetCancelConnection2A
WNetCancelConnection2W
WNetConnectionDialog1A
WNetConnectionDialog1W
WNetDisconnectDialog1A
WNetDisconnectDialog1W
WNetEnumResourceA
WNetEnumResourceW
WNetGetConnectionA
WNetGetConnectionW
WNetGetLastErrorA
WNetGetLastErrorW
WNetGetNetworkInformationA
WNetGetNetworkInformationW
WNetGetProviderNameA
WNetUseConnectionW
WNetUseConnectionA
WNetOpenEnumW
WNetOpenEnumA
WNetGetUserW
WNetGetUserA
MultinetGetConnectionPerformanceA
WNetGetUniversalNameA
WNetGetResourceParentW
WNetGetResourceParentA
WNetGetResourceInformationW
WNetGetResourceInformationA
WNetGetProviderNameW

advapi32

RegOpenKeyA
RegEnumValueA
RegUnLoadKeyW
RegUnLoadKeyA
RegSetValueExW
RegSetValueExA
RegSetValueW
RegSetValueA
RegSaveKeyW
RegSaveKeyA
RegReplaceKeyW
RegReplaceKeyA
RegQueryValueExW
RegQueryValueExA
RegQueryValueW
RegQueryValueA
RegQueryMultipleValuesW
RegQueryMultipleValuesA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyW
RegCloseKey
RegLoadKeyW
RegLoadKeyA
RegEnumValueW
RegEnumKeyExW
RegEnumKeyExA
RegEnumKeyW
RegEnumKeyA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW
RegCreateKeyExA
RegCreateKeyW
RegCreateKeyA
RegConnectRegistryW
RegConnectRegistryA
IsTextUnicode
GetUserNameW
GetUserNameA
RegOpenKeyExA

comdlg32

GetOpenFileNameW
GetFileTitleW
GetFileTitleA
FindTextW
ChooseFontW
ChooseFontA
ChooseColorW
ChooseColorA
ReplaceTextW
FindTextA
ReplaceTextA
GetOpenFileNameA
GetSaveFileNameA
PageSetupDlgA
PageSetupDlgW
PrintDlgA
PrintDlgW
GetSaveFileNameW

version

VerQueryValueW
VerQueryValueA
VerInstallFileW
VerInstallFileA
VerFindFileW
VerFindFileA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoA

shell32

SHGetPathFromIDListA
ord180
ord179
SHGetFileInfoA
SHFileOperationA
SHChangeNotify
SHBrowseForFolderA
Shell_NotifyIconA
ShellExecuteExA
ShellExecuteW
ShellExecuteA
ShellAboutW
ShellAboutA
FindExecutableW
FindExecutableA
ExtractIconExA
DragQueryFileA
DragQueryFileW
ExtractIconW
ExtractIconA

winspool.drv

GetPrinterW
GetPrinterDataW
GetPrinterDriverW
GetPrinterDriverDirectoryA
GetPrinterDriverDirectoryW
GetPrintProcessorDirectoryA
GetPrintProcessorDirectoryW
GetJobW
OpenPrinterW
ResetPrinterA
ResetPrinterW
SetJobA
SetJobW
SetPrinterA
SetPrinterW
SetPrinterDataA
SetPrinterDataW
StartDocPrinterA
EnumPrintProcessorsW
EnumPrintProcessorDatatypesW
EnumPrintersW
EnumPrinterDriversW
EnumPortsW
EnumMonitorsW
DocumentPropertiesW
DocumentPropertiesA
DeviceCapabilitiesW
DeviceCapabilitiesA
DeletePrintProvidorW
DeletePrintProvidorA
DeletePrintProcessorW
DeletePrintProcessorA
DeletePrinterDriverW
DeletePrinterDriverA
DeletePortW
DeletePortA
DeleteMonitorW
DeleteMonitorA
ConfigurePortW
ConfigurePortA
AdvancedDocumentPropertiesW
AdvancedDocumentPropertiesA
AddPrintProvidorW
AddPrintProvidorA
AddPrintProcessorW
AddPrintProcessorA
AddPrinterDriverW
AddPrinterDriverA
AddPrinterW
AddPrinterA
AddPortW
AddPortA
AddMonitorW
AddMonitorA
AddJobW
AddJobA
OpenPrinterA
StartDocPrinterW

oledlg

OleUIUpdateLinksW
OleUIPromptUserW
OleUIPasteSpecialW
OleUIObjectPropertiesW
OleUIInsertObjectW
OleUIEditLinksW
OleUIConvertW
OleUIChangeSourceW
OleUIChangeIconW
OleUIBusyW
ord8
OleUIAddVerbMenuW
ord1
ord6

winmm

waveOutGetErrorTextW
waveOutGetErrorTextA
waveOutGetDevCapsW
waveOutGetDevCapsA
waveInGetErrorTextW
mixerGetControlDetailsW
midiOutGetErrorTextW
midiOutGetErrorTextA
midiOutGetDevCapsW
midiOutGetDevCapsA
midiInGetErrorTextW
midiInGetDevCapsW
midiInGetDevCapsA
mciSendStringW
mciSendStringA
mciSendCommandW
mciGetErrorStringW
mciGetErrorStringA
midiInGetErrorTextA
mciGetDeviceIDW
mciGetDeviceIDA
joyGetDevCapsW
joyGetDevCapsA
auxGetDevCapsW
auxGetDevCapsA
PlaySoundW
PlaySoundA
mixerGetDevCapsW
mixerGetLineControlsW
mixerGetLineInfoW
mmioInstallIOProcW
mmioOpenA
mmioOpenW
mmioRenameA
mmioRenameW
mmioStringToFOURCCA
mmioStringToFOURCCW
sndPlaySoundA
sndPlaySoundW
waveInGetDevCapsA
waveInGetDevCapsW
waveInGetErrorTextA
mixerGetDevCapsA

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

msvfw32

MCIWndCreateW
MCIWndCreateA
GetSaveFileNamePreviewW
GetOpenFileNamePreviewW

imm32

ImmReleaseContext
ImmGetCompositionStringA
ImmGetContext
ImmGetCompositionStringW

Exports

Exports

AcquireCredentialsHandleW
AddAtomW
AddFontResourceW
AddJobW
AddMonitorW
AddPortW
AddPrintProcessorW
AddPrintProvidorW
AddPrinterDriverW
AddPrinterW
AdvancedDocumentPropertiesW
AppendMenuW
BeginUpdateResourceA
BeginUpdateResourceW
BroadcastSystemMessageW
BuildCommDCBAndTimeoutsW
BuildCommDCBW
CallMsgFilterW
CallNamedPipeW
CallWindowProcA
CallWindowProcW
ChangeDisplaySettingsExW
ChangeDisplaySettingsW
ChangeMenuW
CharLowerBuffW
CharLowerW
CharNextW
CharPrevW
CharToOemBuffW
CharToOemW
CharUpperBuffW
CharUpperW
ChooseColorW
ChooseFontW
CommConfigDialogW
CompareStringW
ConfigurePortW
CopyAcceleratorTableW
CopyEnhMetaFileW
CopyFileExW
CopyFileW
CopyMetaFileW
CreateAcceleratorTableW
CreateColorSpaceW
CreateDCW
CreateDialogIndirectParamW
CreateDialogParamW
CreateDirectoryExW
CreateDirectoryW
CreateEnhMetaFileW
CreateEventW
CreateFileMappingW
CreateFileW
CreateFontIndirectW
CreateFontW
CreateICW
CreateMDIWindowW
CreateMailslotW
CreateMetaFileW
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateScalableFontResourceW
CreateSemaphoreW
CreateStdAccessibleProxyW
CreateWaitableTimerW
CreateWindowExW
CryptAcquireContextW
CryptEnumProviderTypesW
CryptEnumProvidersW
CryptGetDefaultProviderW
CryptSetProviderExW
CryptSetProviderW
CryptSignHashW
CryptVerifySignatureW
DdeConnect
DdeConnectList
DdeCreateStringHandleW
DdeInitializeW
DdeQueryConvInfo
DdeQueryStringW
DefDlgProcW
DefFrameProcW
DefMDIChildProcW
DefWindowProcW
DeleteFileW
DeleteMonitorW
DeletePortW
DeletePrintProcessorW
DeletePrintProvidorW
DeletePrinterDriverW
DeviceCapabilitiesW
DialogBoxIndirectParamW
DialogBoxParamW
DispatchMessageW
DlgDirListComboBoxW
DlgDirListW
DlgDirSelectComboBoxExW
DlgDirSelectExW
DocumentPropertiesW
DragQueryFileW
DrawStateW
DrawTextExW
DrawTextW
EnableWindow
EndUpdateResourceA
EndUpdateResourceW
EnumCalendarInfoExW
EnumCalendarInfoW
EnumClipboardFormats
EnumDateFormatsExW
EnumDateFormatsW
EnumDisplayDevicesW
EnumDisplaySettingsExW
EnumDisplaySettingsW
EnumFontFamiliesExW
EnumFontFamiliesW
EnumFontsW
EnumICMProfilesW
EnumMonitorsW
EnumPortsW
EnumPrintProcessorDatatypesW
EnumPrintProcessorsW
EnumPrinterDriversW
EnumPrintersW
EnumPropsA
EnumPropsExA
EnumPropsExW
EnumPropsW
EnumSystemCodePagesW
EnumSystemLocalesW
EnumTimeFormatsW
EnumerateSecurityPackagesW
ExpandEnvironmentStringsW
ExtTextOutW
ExtractIconExW
ExtractIconW
FatalAppExitW
FillConsoleOutputCharacterW
FindAtomW
FindExecutableW
FindFirstChangeNotificationW
FindFirstFileW
FindNextFileW
FindResourceExW
FindResourceW
FindTextW
FindWindowExW
FindWindowW
FormatMessageW
FreeContextBuffer
FreeEnvironmentStringsW
GetAltTabInfoW
GetAtomNameW
GetCPInfo
GetCPInfoExW
GetCalendarInfoW
GetCharABCWidthsFloatW
GetCharABCWidthsW
GetCharWidth32W
GetCharWidthFloatW
GetCharWidthW
GetCharacterPlacementW
GetClassInfoExW
GetClassInfoW
GetClassLongW
GetClassNameW
GetClipboardData
GetClipboardFormatNameW
GetComputerNameW
GetConsoleTitleW
GetCurrencyFormatW
GetCurrentDirectoryW
GetCurrentHwProfileW
GetDateFormatW
GetDefaultCommConfigW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDlgItemTextW
GetDriveTypeW
GetEnhMetaFileDescriptionW
GetEnhMetaFileW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesExW
GetFileAttributesW
GetFileTitleW
GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFullPathNameW
GetGlyphOutlineW
GetICMProfileW
GetJobW
GetKerningPairsW
GetKeyNameTextW
GetKeyboardLayoutNameW
GetLocaleInfoW
GetLogColorSpaceW
GetLogicalDriveStringsW
GetLongPathNameW
GetMenuItemInfoW
GetMenuStringW
GetMessageW
GetMetaFileW
GetModuleFileNameW
GetModuleHandleW
GetMonitorInfoW
GetNamedPipeHandleStateW
GetNumberFormatW
GetObjectW
GetOpenFileNamePreviewW
GetOpenFileNameW
GetOutlineTextMetricsW
GetPrintProcessorDirectoryW
GetPrinterDataW
GetPrinterDriverDirectoryW
GetPrinterDriverW
GetPrinterW
GetPrivateProfileIntW
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
GetPrivateProfileStringW
GetPrivateProfileStructW
GetProcAddress
GetProfileIntW
GetProfileSectionW
GetProfileStringW
GetPropA
GetPropW
GetRoleTextW
GetSaveFileNamePreviewW
GetSaveFileNameW
GetShortPathNameW
GetStartupInfoW
GetStateTextW
GetStringTypeExW
GetStringTypeW
GetSystemDirectoryW
GetSystemWindowsDirectoryW
GetTabbedTextExtentW
GetTempFileNameW
GetTempPathW
GetTextExtentExPointW
GetTextExtentPoint32W
GetTextExtentPointW
GetTextFaceW
GetTextMetricsW
GetTimeFormatW
GetUserNameW
GetVersionExW
GetVolumeInformationW
GetWindowLongA
GetWindowLongW
GetWindowModuleFileNameW
GetWindowTextLengthW
GetWindowTextW
GetWindowsDirectoryW
GlobalAddAtomW
GlobalFindAtomW
GlobalGetAtomNameW
GrayStringW
InitSecurityInterfaceW
InitializeSecurityContextW
InsertMenuItemW
InsertMenuW
IsBadStringPtrW
IsCharAlphaNumericW
IsCharAlphaW
IsCharLowerW
IsCharUpperW
IsClipboardFormatAvailable
IsDestinationReachableW
IsDialogMessageW
IsTextUnicode
IsValidCodePage
IsWindowUnicode
LCMapStringW
LoadAcceleratorsW
LoadBitmapW
LoadCursorFromFileW
LoadCursorW
LoadIconW
LoadImageW
LoadKeyboardLayoutW
LoadLibraryExW
LoadLibraryW
LoadMenuIndirectW
LoadMenuW
LoadStringW
MCIWndCreateW
MapVirtualKeyExW
MapVirtualKeyW
MessageBoxExW
MessageBoxIndirectW
MessageBoxW
ModifyMenuW
MoveFileW
MultiByteToWideChar
MultinetGetConnectionPerformanceW
OemToCharBuffW
OemToCharW
OleUIAddVerbMenuW
OleUIBusyW
OleUIChangeIconW
OleUIChangeSourceW
OleUIConvertW
OleUIEditLinksW
OleUIInsertObjectW
OleUIObjectPropertiesW
OleUIPasteSpecialW
OleUIPromptUserW
OleUIUpdateLinksW
OpenEventW
OpenFileMappingW
OpenMutexW
OpenPrinterW
OpenSemaphoreW
OpenWaitableTimerW
OutputDebugStringW
PageSetupDlgW
PeekConsoleInputW
PeekMessageW
PlaySoundW
PolyTextOutW
PostMessageW
PostThreadMessageW
PrintDlgW
QueryContextAttributesW
QueryCredentialsAttributesW
QueryDosDeviceW
QuerySecurityPackageInfoW
RasConnectionNotificationW
RasCreatePhonebookEntryW
RasDeleteEntryW
RasDeleteSubEntryW
RasDialW
RasEditPhonebookEntryW
RasEnumConnectionsW
RasEnumDevicesW
RasEnumEntriesW
RasGetConnectStatusW
RasGetEntryDialParamsW
RasGetEntryPropertiesW
RasGetErrorStringW
RasGetProjectionInfoW
RasHangUpW
RasRenameEntryW
RasSetEntryDialParamsW
RasSetEntryPropertiesW
RasSetSubEntryPropertiesW
RasValidateEntryNameW
ReadConsoleInputW
ReadConsoleOutputCharacterW
ReadConsoleOutputW
ReadConsoleW
RegConnectRegistryW
RegCreateKeyExW
RegCreateKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumKeyW
RegEnumValueW
RegLoadKeyW
RegOpenKeyExW
RegOpenKeyW
RegQueryInfoKeyW
RegQueryMultipleValuesW
RegQueryValueExW
RegQueryValueW
RegReplaceKeyW
RegSaveKeyW
RegSetValueExW
RegSetValueW
RegUnLoadKeyW
RegisterClassExW
RegisterClassW
RegisterClipboardFormatW
RegisterDeviceNotificationW
RegisterWindowMessageW
RemoveDirectoryW
RemoveFontResourceW
RemovePropA
RemovePropW
ReplaceTextW
ResetDCW
ResetPrinterW
SHBrowseForFolderW
SHChangeNotify
SHFileOperationW
SHGetFileInfoW
SHGetNewLinkInfoW
SHGetPathFromIDListW
ScrollConsoleScreenBufferW
SearchPathW
SendDlgItemMessageW
SendMessageCallbackW
SendMessageTimeoutW
SendMessageW
SendNotifyMessageW
SetCalendarInfoW
SetClassLongW
SetComputerNameW
SetConsoleTitleW
SetCurrentDirectoryW
SetDefaultCommConfigW
SetDlgItemTextW
SetEnvironmentVariableW
SetFileAttributesW
SetICMProfileW
SetJobW
SetLocaleInfoW
SetMenuItemInfoW
SetPrinterDataW
SetPrinterW
SetPropA
SetPropW
SetVolumeLabelW
SetWindowLongA
SetWindowLongW
SetWindowTextW
SetWindowsHookExW
SetWindowsHookW
ShellAboutW
ShellExecuteExW
ShellExecuteW
Shell_NotifyIconW
StartDocPrinterW
StartDocW
SystemParametersInfoW
TabbedTextOutW
TextOutW
TranslateAcceleratorW
UnregisterClassW
UpdateICMRegKeyW
UpdateResourceA
UpdateResourceW
VerFindFileW
VerInstallFileW
VerLanguageNameW
VerQueryValueW
VkKeyScanExW
VkKeyScanW
WNetAddConnection2W
WNetAddConnection3W
WNetAddConnectionW
WNetCancelConnection2W
WNetCancelConnectionW
WNetConnectionDialog1W
WNetDisconnectDialog1W
WNetEnumResourceW
WNetGetConnectionW
WNetGetLastErrorW
WNetGetNetworkInformationW
WNetGetProviderNameW
WNetGetResourceInformationW
WNetGetResourceParentW
WNetGetUniversalNameW
WNetGetUserW
WNetOpenEnumW
WNetUseConnectionW
WaitNamedPipeW
WideCharToMultiByte
WinHelpW
WriteConsoleInputW
WriteConsoleOutputCharacterW
WriteConsoleOutputW
WriteConsoleW
WritePrivateProfileSectionW
WritePrivateProfileStringW
WritePrivateProfileStructW
WriteProfileSectionW
WriteProfileStringW
__FreeAllLibrariesInMsluDll
auxGetDevCapsW
capCreateCaptureWindowW
capGetDriverDescriptionW
joyGetDevCapsW
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW
mciGetDeviceIDW
mciGetErrorStringW
mciSendCommandW
mciSendStringW
midiInGetDevCapsW
midiInGetErrorTextW
midiOutGetDevCapsW
midiOutGetErrorTextW
mixerGetControlDetailsW
mixerGetDevCapsW
mixerGetLineControlsW
mixerGetLineInfoW
mmioInstallIOProcW
mmioOpenW
mmioRenameW
mmioStringToFOURCCW

Sections

.text
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_6188A9E5696D48D48B80BFB773C04728
_61DDE23ED8C448C1B781341878A2B61F
_6227252443C841BF9FFDFF29A9856421
.exe windows:4 windows x86 arch:x86

a3722627a3d4a3ccffacf157941f058a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord561
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord5302
ord2725
ord825
ord815
ord2915
ord4129
ord5683
ord924
ord860
ord922
ord939
ord858
ord2614
ord800
ord2818
ord540
ord535
ord941
ord537
ord2621
ord1134
ord5572
ord668
ord3738
ord2396
ord4058
ord2781
ord2770
ord356
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord4673
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord1168
ord2379
ord755
ord470
ord5300
ord3346
ord3922
ord5199
ord1089
ord2554
ord5731
ord2512
ord4274
ord4486
ord6375
ord1980
ord3178
ord2385
ord1576

msvcrt

_except_handler3
__set_app_type
_controlfp
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__p__fmode
sprintf
__CxxFrameHandler
_mbscmp
__dllonexit
_setmbcp

kernel32

GetPrivateProfileStringA
DeleteFileA
GetModuleFileNameA
GetVersionExA
GetWindowsDirectoryA
CloseHandle
GetExitCodeProcess
GetLastError
GetStartupInfoA
RemoveDirectoryA
CreateProcessA
GetModuleHandleA

user32

DrawIcon
GetClientRect
SendMessageA
IsIconic
EnableWindow
GetSystemMetrics

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_636707B3F0C64E1788C9E885C85E0E90
_63CBC5E779AC443CAEDC833F58AD874A
_655240DE553B4B9A852444224B6222A3
_677868C91441435D97431D030EA62E62
_684AA00E7E434BC9B99B93E35E0950CE
_699921752B2C4668AEE6D303F1CB64DE
_6A590CCCA24242BCB8FCFF69DEE39075
_6BEDB609C084471DB20FE7B1DFB7E682
.cab
ATTRIB.EXE
CHKDSK.EXE
DEBUG.EXE
EDIT.COM
EXT.EXE
FORMAT.COM
HELP.BAT
MSCDEX.EXE
RESTART.COM
SCANDISK.EXE
SCANDISK.INI
SYS.COM
_6CFA999087FC41AD853A7DE7053A307D
_6E25DC3BAEA34EB0AC6BE7F343F90882
_6EB9C22CA48A4A69B04ABDFBFC299E16
.dll regsvr32 windows:5 windows x86 arch:x86

20264582df85180f5b29d7280a7ac0ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_except_handler3
strchr
iswctype
towupper
_ftol

kernel32

IsBadReadPtr
IsBadWritePtr
lstrcpyW
lstrcmpW
FreeLibraryAndExitThread
FreeLibrary
GetLastError
WaitForMultipleObjects
SetThreadPriority
CreateThread
CreateEventW
LoadLibraryW
GetTickCount
lstrcmpiW
ReadFileEx
DuplicateHandle
GetCurrentProcess
ReleaseMutex
WaitForSingleObject
MulDiv
GetVersion
LocalAlloc
LocalReAlloc
GetCurrentProcessId
ResumeThread
GetProcAddress
DisableThreadLibraryCalls
UnmapViewOfFile
MultiByteToWideChar
lstrlenA
IsBadCodePtr
CompareFileTime
lstrcpynW
GetPrivateProfileStringW
GetWindowsDirectoryW
WriteFileEx
Sleep
DeviceIoControl
SystemTimeToFileTime
GetLocalTime
HeapFree
HeapAlloc
GetProcessHeap
MapViewOfFile
CreateFileMappingW
CreateMutexW
LoadResource
FindResourceW
CreateProcessW
InitializeCriticalSection
GetVersionExW
CreateFileA
GetFullPathNameA
WideCharToMultiByte
ResetEvent
DeleteCriticalSection
SetEvent
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
lstrlenW
GetSystemTimeAsFileTime
CreateFileW
ReadFile
SetFilePointer
GetFileSize
CloseHandle
GetModuleHandleW
GetModuleFileNameW
GetFullPathNameW
InterlockedExchange
LocalFree
InterlockedDecrement
InterlockedIncrement
SleepEx

advapi32

RegEnumValueW
BuildTrusteeWithSidW
SetEntriesInAclW
GetSecurityInfo
RegDeleteKeyW
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAceEx
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetSecurityDescriptorControl
FreeSid
RegEnumKeyExW
RegSetKeySecurity
RegCreateKeyW
RegOpenKeyW
RegQueryValueW
RegDeleteValueW
RegQueryInfoKeyW
RegEnumKeyW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCloseKey
GetUserNameW
RegCreateKeyExW

user32

MapVirtualKeyExW
GetKeyboardLayout
GetActiveWindow
GetKeyNameTextW
ToUnicodeEx
PostMessageW
wsprintfW
CharUpperW
UnhookWindowsHookEx
GetWindowThreadProcessId
IsIconic
GetForegroundWindow
GetWindowLongW
CallNextHookEx
SetWindowsHookExW
PostThreadMessageW
MsgWaitForMultipleObjects
DispatchMessageW
TranslateMessage
PeekMessageW
SetTimer
GetInputState
SystemParametersInfoW
IntersectRect
GetWindowRect
GetDesktopWindow
MapWindowPoints
GetClientRect
ReleaseCapture
SetCursorPos
mouse_event
GetAsyncKeyState
SetCapture
ClipCursor
ShowCursor
GetMessageTime
SendNotifyMessageW
GetCursorPos
GetSystemMetrics
MapVirtualKeyW
LoadStringW
keybd_event
GetKeyboardType
IsRectEmpty
SubtractRect
RegisterWindowMessageW
SetWindowLongW
DefWindowProcW
GetPropW
SetPropW
RemovePropW
CallWindowProcW
IsWindow

Exports

Exports

DirectInput8Create
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 517KB - Virtual size: 520KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_73879329B7A54092960B157833962A59
.dll windows:4 windows x86 arch:x86

eafe83cf999472ebe320402f4a2ead10

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord2915
ord6283
ord6282
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord4277
ord2763
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord1871
ord5861
ord5683
ord4129
ord5858
ord268
ord532
ord1567
ord926
ord6143
ord939
ord2764
ord858
ord4204
ord6883
ord1168
ord535
ord2818
ord654
ord541
ord348
ord341
ord801
ord663
ord823
ord540
ord860
ord941
ord4224
ord537
ord924
ord800
ord3663
ord825
ord5714
ord5289
ord1570
ord1253
ord1116
ord6467
ord1578
ord1255
ord826
ord269
ord600
ord1243
ord342
ord1197
ord1575
ord1176
ord1182
ord1577

msvcrt

malloc
__CxxFrameHandler
_mbscmp
strncpy
isprint
_stricmp
free
_except_handler3
_strupr
sscanf
__dllonexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_adjust_fdiv
_onexit
_initterm
_purecall

kernel32

ResetEvent
WaitForSingleObject
DeviceIoControl
QueryDosDeviceA
GetVolumeInformationA
GetLogicalDriveStringsA
GetDriveTypeA
WriteFile
LoadLibraryA
GetProcAddress
SetFilePointer
CreateFileA
ReadFile
CloseHandle
GetCurrentDirectoryA
GetWindowsDirectoryA
CopyFileA
DeleteFileA
FreeLibrary
Sleep
WinExec
FlushFileBuffers
FindClose
FindNextFileA
FindFirstFileA
GetModuleFileNameA
SetEvent
GetVersion
GetVersionExA
GetSystemDefaultLangID
GetPrivateProfileStringA
LocalFree
LocalAlloc

user32

GetTopWindow
GetWindow
GetWindowTextA
PeekMessageA
TranslateMessage
DispatchMessageA
LoadCursorA
SendMessageA

Exports

Exports

??0CDiskOperate@@QAE@PAVCWnd@@@Z
??0CFormat@@QAE@PAVCWnd@@@Z
??0CPartition@@QAE@PAVCWnd@@@Z
??1CDiskOperate@@UAE@XZ
??1CFormat@@UAE@XZ
??1CPartition@@UAE@XZ
??_7CDiskOperate@@6B@
??_7CFormat@@6B@
??_7CPartition@@6B@
?Check@CFormat@@QAEHABVCString@@KHPADEH@Z
?CheckOurDisk@CDiskOperate@@QAEHXZ
?CopySystemFiles@CFormat@@QAEHVCString@@@Z
?CreateTempFile@CFormat@@QAEHVCString@@@Z
?DisplayDriveInfo@CFormat@@QAEHVCString@@@Z
?Eject@CDiskOperate@@QAEHHW4DiskOperate@@@Z
?FindRemovableDisk@CFormat@@QAEXXZ
?GenerateSectors@CFormat@@QAEHKPAD@Z
?GetBeenEncrypted@CDiskOperate@@QAEHXZ
?GetCursor@CDiskOperate@@QAEPAUHICON__@@XZ
?GetDiskACapacity@CDiskOperate@@QAEKXZ
?GetDiskArray@CFormat@@QAEPAVCStringArray@@XZ
?GetDiskBCapacity@CDiskOperate@@QAEKXZ
?GetDiskCCapacity@CDiskOperate@@QAEKXZ
?GetDiskInfo@CDiskOperate@@QAEXXZ
?GetDriveSize@CFormat@@QAEKVCString@@@Z
?GetDriver@CFormat@@QAEHXZ
?GetEncrypt@CPartition@@QAEHXZ
?GetFixedDriveSize@CFormat@@QAEKVCString@@@Z
?GetHaveDiskStruct@CDiskOperate@@QAEHXZ
?GetLowFormatInf@CFormat@@QAEPADXZ
?GetNewPassword@CPartition@@QAEPADXZ
?GetNewPasswordConfirm@CPartition@@QAEPADXZ
?GetNewUsername@CPartition@@QAEPADXZ
?GetNoPartition@CDiskOperate@@QAEHXZ
?GetOldPassword@CPartition@@QAEPADXZ
?GetOldUsername@CPartition@@QAEPADXZ
?GetOperationType@CPartition@@QAEHXZ
?GetOurDiskNum@CDiskOperate@@QAEHXZ
?GetPartition@CPartition@@QAEHXZ
?GetPartitionNum@CDiskOperate@@QAEHXZ
?GetPhyCapacity@CDiskOperate@@QAEKXZ
?GetPid@CDiskOperate@@QAEGXZ
?GetRecheckDisk@CPartition@@QAEHXZ
?GetRun@CDiskOperate@@QAEHXZ
?GetRuntimeClass@CDiskOperate@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CFormat@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CPartition@@UBEPAUCRuntimeClass@@XZ
?GetVid@CDiskOperate@@QAEGXZ
?GetVolumeName@CFormat@@QAEPADXZ
?GetWnd@CDiskOperate@@QAEPAVCWnd@@XZ
?IniDisplayInfo@CDiskOperate@@AAEXXZ
?Initialize@CFormat@@UAEHXZ
?Initialize@CPartition@@UAEHXZ
?IsValidVolume@CFormat@@QAEHVCString@@@Z
?LockLogicalVolume@CFormat@@QAEHVCString@@@Z
?OnDeviceChange@CFormat@@QAEHIK@Z
?ReCheckDisk@CDiskOperate@@QAEHXZ
?ReadSector@CFormat@@QAEHVCString@@PADKH@Z
?SetBeenEncrypted@CDiskOperate@@QAEXH@Z
?SetCursor@CDiskOperate@@QAEXPAUHICON__@@@Z
?SetDiskACapacity@CDiskOperate@@QAEXK@Z
?SetDiskBCapacity@CDiskOperate@@QAEXK@Z
?SetDiskCCapacity@CDiskOperate@@QAEXK@Z
?SetDrive@CFormat@@QAEHK@Z
?SetDriver@CFormat@@QAEXH@Z
?SetEncrypt@CPartition@@QAEXH@Z
?SetFormatType@CFormat@@QAEXHH@Z
?SetHaveDiskStruct@CDiskOperate@@QAEXH@Z
?SetNewPassword@CPartition@@QAEXPAD@Z
?SetNewPasswordConfirm@CPartition@@QAEXPAD@Z
?SetNewUsername@CPartition@@QAEXPAD@Z
?SetNoPartition@CDiskOperate@@QAEXH@Z
?SetOldPassword@CPartition@@QAEXPAD@Z
?SetOldUsername@CPartition@@QAEXPAD@Z
?SetOperationType@CPartition@@QAEXH@Z
?SetOurDiskNum@CDiskOperate@@QAEXH@Z
?SetPartition@CPartition@@QAEXH@Z
?SetPartitionNum@CDiskOperate@@QAEXH@Z
?SetPassword@CPartition@@QAEHXZ
?SetPhyCapacity@CDiskOperate@@QAEXK@Z
?SetPid@CDiskOperate@@QAEXG@Z
?SetRdiskCapacity@CPartition@@QAEHXZ
?SetRecheckDisk@CPartition@@QAEXH@Z
?SetRun@CDiskOperate@@QAEXH@Z
?SetVid@CDiskOperate@@QAEXG@Z
?SetVolumeName@CFormat@@QAEXPAD@Z
?SetWnd@CDiskOperate@@QAEXPAVCWnd@@@Z
?Start@CFormat@@UAEHXZ
?Start@CPartition@@UAEHXZ
?SystemFormat@CFormat@@QAEHVCString@@@Z
?UnlockLogicalVolume@CFormat@@QAEHVCString@@@Z
?WriteBootStruct@CFormat@@QAEHXZ
?WriteBootTable@CPartition@@QAEHXZ
?WriteDiskPartition@CPartition@@QAEHXZ
?WriteImage@CPartition@@QAEHXZ
?WritePatitionTable@CPartition@@QAEHXZ
?WriteSector@CFormat@@QAEHVCString@@PADKH@Z
?_GetBaseClass@CDiskOperate@@KGPAUCRuntimeClass@@XZ
?_GetBaseClass@CFormat@@KGPAUCRuntimeClass@@XZ
?_GetBaseClass@CPartition@@KGPAUCRuntimeClass@@XZ
?classCDiskOperate@CDiskOperate@@2UCRuntimeClass@@B
?classCFormat@CFormat@@2UCRuntimeClass@@B
?classCPartition@CPartition@@2UCRuntimeClass@@B
?m_bRun@CDiskOperate@@1HA
?m_hLib@CDiskOperate@@1PAUHINSTANCE__@@A
?m_nOurDiskNum@CDiskOperate@@1HA

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 340KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_7534B7793FC6487496B35434F8329EB6
_765BB95B02884AE69FCBC1C522DEC567
_79235C8D94104426B0EDE85F0B275A91
_7ED9018EAC1C4C7EBCC68EB06D58C9DC
_7EFE442503424A91971AB57D985B8AD4
_80A9507801104DA4801402A23AE3AFCA
_80E7588D09E14CA0A4CF228EE7627E06
_829C157FB6354A2DAEEE36F5B616A7B1
_830FBB16324B491892BC47793D2E9DF1
_84666B04713F4BD2944015B7B145A126
_84785AFE042A4BF3A3F64547A0660F13
_8534A5958E644FFB9199E71930183481
_864AA81AE69D47DE93E3CDAE3DA092FA
_87169FE899974F8B8309D54E3E98E78D
_87FF2F49328A43B18F8FF267A22DED93
_88A461ED36CB4F0783F6E4AF920F81B8
_8929EED6822F48E6864D6EFF9DDAE4CA
_8BE1087E41A34858AC470071288F3B7B
.chm
_8CFD7BF6C1FE41779994CABED03A395C
_8F52C21855974CA3836E4DFB00272ED0
_8FBEFF157FA243439BD821C0D57F9C4B
_90432418149B4C70B78E532A3734F85D
_904B83F3D51C4B0FBBA4F6F6E1CD7F6A
_91D72CCB122C4CF899F62DA873FE12E5
_91DD0277F6794C6597E2DA27B65C4BBC
.dll windows:5 windows x86 arch:x86

c6e592e19acd0da69bdcb49a95a6f100

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntoskrnl.exe

IoDeleteDevice
KeInitializeEvent
KeInitializeSpinLock
IofCallDriver
IoSetDeviceInterfaceState
IoBuildDeviceIoControlRequest
IoRegisterDeviceInterface
ExAllocatePoolWithTag
IoCreateDevice
KeSetEvent
InterlockedDecrement
KeWaitForSingleObject
InterlockedIncrement
ExFreePool
IofCompleteRequest
IoDetachDevice
KeInitializeDpc
IoAttachDeviceToDeviceStack
RtlInitUnicodeString
ObfReferenceObject
PoRequestPowerIrp
PoCallDriver
PoStartNextPowerIrp
IoFreeIrp
IoAllocateIrp
ExQueueWorkItem
KeInsertQueueDpc

hal

KfAcquireSpinLock
KfReleaseSpinLock
KeStallExecutionProcessor

usbd.sys

USBD_CreateConfigurationRequest
USBD_GetUSBDIVersion
_USBD_ParseConfigurationDescriptorEx@28

Exports

Exports

UMSS_GetMaxLun
UMSS_GetNextPDO
UMSS_RegisterCompletionHandler
UMSS_StartRequest

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 288B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 192B - Virtual size: 171B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 992B - Virtual size: 990B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 832B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 480B - Virtual size: 454B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_937E2D62A10F4356A69CFA1E641A351A
_95143E7CC17049EEBEC9B8610C05BAC8
_956997C529DD4C0B9E456A742E2562E6
_9819CB3DC02D4819BD441005B847AEC8
_9A336AAB0F784F54AA81001B97F7706E
_9CBBE48CD97B40D9B47097AAA05A08BA
_9EB919C17DE040ACAF371BE974A29263
_9FA2DB51C43F455C9D051137D0D552C1
_9FB8E8CC328D4FDCBA47EF16ED4A5D5D
_A0338F59FC7B47F6AB375021D253D850
_A09A1C7A9C7E47E08066099067ACD47A
_A18C2019F4D8427B8366297F2F71C635
_A3EC81049529437C87432956736FA5A5
_A40BCB9B90BC41C692ECCE672F8800FD
.dll windows:4 windows x86 arch:x86

3c75018a31636a38bbbd789f3af2b482

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntoskrnl.exe

ExFreePool
KeSetEvent
InterlockedDecrement
IoBuildDeviceIoControlRequest
ExAllocatePoolWithTag
RtlQueryRegistryValues
IoOpenDeviceRegistryKey
IoDeleteDevice
IoDetachDevice
InterlockedIncrement
ZwClose
KeWaitForSingleObject
RtlInitUnicodeString
PoRequestPowerIrp
PoCallDriver
PoStartNextPowerIrp
IoFreeIrp
IoAllocateIrp
ExQueueWorkItem
KeInsertQueueDpc
IoCreateDevice
KeInitializeEvent
KeInitializeSpinLock
IofCallDriver
ObfReferenceObject
KeInitializeDpc
IofCompleteRequest
IoAttachDeviceToDeviceStack

hal

KeStallExecutionProcessor
KfAcquireSpinLock
KfReleaseSpinLock

usbd.sys

USBD_GetUSBDIVersion
USBD_CreateConfigurationRequest
_USBD_ParseConfigurationDescriptorEx@28

Exports

Exports

UMSS_GetMaxLun
UMSS_GetNextPDO
UMSS_RegisterCompletionHandler
UMSS_StartRequest

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 192B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 832B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 416B - Virtual size: 386B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_A9F41CD700464396AE479BA2B088C6A1
_ACA64445097A4C9E885352B40E74AFFC
_AEA1C1C7371F40B793705000CD58EFE6
_B1EFD689E6CA40AABA6B834CDF5AF86D
_B375609A90B94F3E88C72F92BE2F0DD6
_B50319BF2A0B4628AFFAE51EF694E65E
_B59F092E9E554A0CABAF2B391831FB51
.chm
_B5CA5227B1C24B17A565A4E8176F6601
.exe windows:4 windows x86 arch:x86

e7b127b9cbd223cc41edfac1acba0ccf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
GetACP
HeapAlloc
HeapSize
HeapFree
GetTimeZoneInformation
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
GetCommandLineA
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
RaiseException
VirtualFree
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
SetStdHandle
SizeofResource
SetUnhandledExceptionFilter
GlobalFlags
CompareStringA
CompareStringW
GetTickCount
RtlUnwind
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetFileTime
WritePrivateProfileStringA
GetFileSize
GetFileAttributesA
GetOEMCP
TlsGetValue
GetCPInfo
GetProcessVersion
EnterCriticalSection
LocalReAlloc
TlsSetValue
TlsFree
GlobalReAlloc
LeaveCriticalSection
TlsAlloc
GlobalHandle
DeleteCriticalSection
SetHandleCount
GetStdHandle
InitializeCriticalSection
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
GetTempPathA
TerminateProcess
GetStartupInfoA
CreateProcessA
GetSystemDefaultLangID
GetPrivateProfileStringA
GetCurrentDirectoryA
GetWindowsDirectoryA
CopyFileA
DeleteFileA
CreateFileA
CloseHandle
SetFilePointer
ReadFile
GetLastError
FormatMessageA
WaitForSingleObject
LocalAlloc
IsBadReadPtr
GetProfileStringA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
GetCurrentProcess
DuplicateHandle
lstrcpynA
MulDiv
SetLastError
GlobalAlloc
lstrcmpA
GetCurrentThread
GetThreadLocale
GetModuleFileNameA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetProcAddress
IsBadCodePtr
GetFileType
SetEnvironmentVariableA
GetExitCodeProcess

user32

RegisterClipboardFormatA
InvalidateRect
PostThreadMessageA
SetRect
CopyAcceleratorTableA
LoadStringA
GetSysColorBrush
LoadCursorA
GetDesktopWindow
PtInRect
GetClassNameA
DestroyMenu
CharUpperA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
MapDialogRect
SetWindowContextHelpId
GetDC
ReleaseDC
GetMessageA
ValidateRect
GetCursorPos
SetCursor
PostQuitMessage
CharNextA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
GetNextDlgGroupItem
IsDialogMessageA
SetDlgItemTextA
GetDlgItemTextA
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
GetFocus
SetFocus
CopyRect
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
MessageBeep
InflateRect
MoveWindow
SetWindowTextA
IsWindowVisible
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetSystemMenu
AppendMenuA
PeekMessageA
TranslateMessage
DispatchMessageA
IsIconic
GetSystemMetrics
DrawIcon
LoadImageA
LoadIconA
SendMessageA
KillTimer
SetTimer
GetClientRect
EnableWindow
GetWindowRect
ClientToScreen
ScreenToClient
AdjustWindowRectEx
LoadBitmapA
DrawFocusRect
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode

gdi32

DeleteObject
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
DPtoLP
LPtoDP
GetMapMode
CreateDIBitmap
CreateCompatibleDC
BitBlt
GetTextExtentPointA
ScaleWindowExtEx
SetWindowExtEx
SetViewportExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
SetMapMode
SetViewportOrgEx
SetBkMode
SelectObject
RestoreDC
DeleteDC
SaveDC
PatBlt
GetStockObject
GetBkColor
GetTextColor
GetDeviceCaps
GetObjectA
SetBkColor
CreateBitmap
SetTextColor
GetClipBox
IntersectClipRect

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

shell32

ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

CoTaskMemAlloc
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CreateILockBytesOnHGlobal
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemFree
StgCreateDocfileOnILockBytes

olepro32

ord253

oleaut32

SysFreeString
VariantTimeToSystemTime
SysAllocStringByteLen
SysStringLen
VariantCopy
SysAllocString
VariantClear
VariantChangeType
SysAllocStringLen

Sections

.text
Size: 176KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_B5EDDF658AF449BFB3D5BB050CEE3E59
_B63632C1AB474CB3A3F5A893F1EA4424
_B9C9BB124E1F4B5B9D01A86A8BFA974C
_BB70252F51E14BACA577394601518551
_BBCA55E33AF34A9780F85F92C57DC336
.dll regsvr32 windows:5 windows x86 arch:x86

a54f5f32094867d71f38152da5912e90

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LeaveCriticalSection
SetEvent
DeleteCriticalSection
ResetEvent
WideCharToMultiByte
GetCurrentProcessId
IsBadReadPtr
IsBadWritePtr
lstrlenW
FreeLibraryAndExitThread
FreeLibrary
GetLastError
WaitForMultipleObjects
SetThreadPriority
CreateThread
CreateEventA
LoadLibraryA
GetTickCount
lstrcmpiA
ReadFileEx
DuplicateHandle
GetCurrentProcess
MultiByteToWideChar
GetVersion
Sleep
ReleaseMutex
WaitForSingleObject
MulDiv
DeviceIoControl
LocalAlloc
LocalReAlloc
SleepEx
ResumeThread
GetProcAddress
DisableThreadLibraryCalls
UnmapViewOfFile
IsBadCodePtr
CompareFileTime
lstrcpyA
lstrcmpA
lstrcpyW
EnterCriticalSection
SystemTimeToFileTime
GetLocalTime
lstrcmpW
MapViewOfFile
CreateFileMappingA
CreateMutexA
LoadResource
FindResourceA
CreateProcessA
InitializeCriticalSection
GetVersionExA
GetCommandLineA
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapAlloc
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
RtlUnwind
VirtualProtect
GetSystemInfo
VirtualQuery
GetLocaleInfoA
GetCurrentThreadId
lstrlenA
GetSystemTimeAsFileTime
CreateFileA
ReadFile
SetFilePointer
GetFileSize
CloseHandle
GetModuleHandleA
GetModuleFileNameA
GetFullPathNameA
InterlockedExchange
LocalFree
InterlockedDecrement
WriteFileEx
InterlockedIncrement

advapi32

RegCreateKeyExA
RegEnumKeyExA
GetUserNameA
RegCreateKeyA
RegOpenKeyA
RegDeleteKeyA
RegQueryValueA
RegDeleteValueA
RegQueryInfoKeyA
RegEnumKeyA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

user32

PostMessageA
wsprintfA
CharUpperA
UnhookWindowsHookEx
GetWindowThreadProcessId
IsIconic
GetForegroundWindow
GetWindowLongA
CallNextHookEx
SetWindowsHookExA
PostThreadMessageA
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
PeekMessageA
GetInputState
SystemParametersInfoA
IntersectRect
GetWindowRect
GetDesktopWindow
MapWindowPoints
GetClientRect
ReleaseCapture
SetCursorPos
mouse_event
GetAsyncKeyState
SetCapture
ClipCursor
ShowCursor
GetMessageTime
SendNotifyMessageA
GetCursorPos
GetSystemMetrics
MapVirtualKeyA
LoadStringA
keybd_event
GetKeyboardType
IsRectEmpty
SubtractRect
SendMessageA
RegisterWindowMessageA
FindWindowA
SetWindowLongA
DefWindowProcA
GetPropA
SetPropA
RemovePropA
CallWindowProcA
IsWindow
ToAsciiEx
MapVirtualKeyExA
GetKeyboardLayout
GetActiveWindow
GetKeyNameTextA
GetKeyNameTextW

Exports

Exports

DirectInput8Create
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_BE6EB32AB5EE4F619921C0EA80456FD5
_BF225E81F769424C8DA7B69512D90C79
_BFB0590AE69E45348D8866350AB2D11A
_C08703C940514779981825843BA829E8
_C3241E6F1B3D4589A07444A9A748D4B0
_C392B538BA3E414587FABD294797C2DE
_C3A6BD8E09824A1C9C121CE88207BF57
_C6B43C0FBD434143A8A7C5D402A7AECA
.chm
_C6DA8CF1764C451DA83C7550C35AF086
_CA977D7CFCD14F7AAECC4C40089C6237
.exe windows:4 windows x86 arch:x86

44f53acf9d13fbf825d7b178340c29f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rdiskdll

?GetRuntimeClass@CFormat@@UBEPAUCRuntimeClass@@XZ
?SetDiskBCapacity@CDiskOperate@@QAEXK@Z
?SetEncrypt@CPartition@@QAEXH@Z
?SetNewPassword@CPartition@@QAEXPAD@Z
?SetNewUsername@CPartition@@QAEXPAD@Z
?SetOldPassword@CPartition@@QAEXPAD@Z
?SetOldUsername@CPartition@@QAEXPAD@Z
?SetNewPasswordConfirm@CPartition@@QAEXPAD@Z
?GetPartition@CPartition@@QAEHXZ
?GetOldPassword@CPartition@@QAEPADXZ
?GetOldUsername@CPartition@@QAEPADXZ
?GetNewPassword@CPartition@@QAEPADXZ
?GetNewUsername@CPartition@@QAEPADXZ
?SetFormatType@CFormat@@QAEXHH@Z
??0CFormat@@QAE@PAVCWnd@@@Z
?SetPartition@CPartition@@QAEXH@Z
?Start@CFormat@@UAEHXZ
?Initialize@CFormat@@UAEHXZ
?GetDiskArray@CFormat@@QAEPAVCStringArray@@XZ
?GetDriver@CFormat@@QAEHXZ
?DisplayDriveInfo@CFormat@@QAEHVCString@@@Z
?GetDriveSize@CFormat@@QAEKVCString@@@Z
?GetVolumeName@CFormat@@QAEPADXZ
??1CPartition@@UAE@XZ
??0CPartition@@QAE@PAVCWnd@@@Z
?GetRuntimeClass@CPartition@@UBEPAUCRuntimeClass@@XZ
?Start@CPartition@@UAEHXZ
?Initialize@CPartition@@UAEHXZ
?GetBeenEncrypted@CDiskOperate@@QAEHXZ
?SetDriver@CFormat@@QAEXH@Z
?SetVolumeName@CFormat@@QAEXPAD@Z
?GetNewPasswordConfirm@CPartition@@QAEPADXZ
??1CFormat@@UAE@XZ
?OnDeviceChange@CFormat@@QAEHIK@Z
?GetOperationType@CPartition@@QAEHXZ
?GetLowFormatInf@CFormat@@QAEPADXZ
?GetPhyCapacity@CDiskOperate@@QAEKXZ
?GetDiskBCapacity@CDiskOperate@@QAEKXZ
?ReCheckDisk@CDiskOperate@@QAEHXZ
?GetDiskInfo@CDiskOperate@@QAEXXZ

kernel32

TlsGetValue
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
LocalReAlloc
GetThreadLocale
SetErrorMode
DuplicateHandle
GlobalReAlloc
TlsSetValue
ReadFile
WriteFile
SetFilePointer
CreateFileA
LockFile
UnlockFile
SetEndOfFile
FindClose
GetVolumeInformationA
GetCurrentProcess
FlushFileBuffers
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTickCount
GetFileAttributesA
GetFileSize
GetFileTime
GetFullPathNameA
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
HeapFree
RaiseException
GlobalHandle
TlsFree
FindResourceExA
GlobalFlags
TlsAlloc
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
CopyFileA
DeleteFileA
GetModuleFileNameA
LocalAlloc
TerminateProcess
GetProcessVersion
GetProfileStringA
OpenFile
_lclose
GetWindowsDirectoryA
CreateProcessA
FindFirstFileA
GetPrivateProfileStringA
GetLastError
SizeofResource
lstrcpynA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetLastError
InitializeCriticalSection
MulDiv
CloseHandle
WaitForSingleObject
GetCurrentThread
GlobalAlloc
lstrcmpA
CreateEventA
HeapReAlloc
GetVersion
LoadLibraryA
GetSystemDefaultLangID
FreeLibrary
GlobalGetAtomNameA
lstrcatA
GetCurrentThreadId
GlobalFindAtomA
lstrcmpiA
GlobalAddAtomA
GetModuleHandleA
GlobalDeleteAtom
lstrcpyA
GlobalUnlock
GetProcAddress
GlobalLock
LoadResource
FindResourceA
FormatMessageA
LockResource
GlobalFree
WideCharToMultiByte
LocalFree
MultiByteToWideChar
InterlockedIncrement
lstrlenA
InterlockedDecrement
HeapSize
GetCurrentDirectoryA
GetACP

user32

GrayStringA
PostQuitMessage
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
SetWindowContextHelpId
LoadStringA
DestroyMenu
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
GetDC
GetSysColorBrush
GetClassNameA
PtInRect
GetDesktopWindow
InflateRect
CharNextA
CopyAcceleratorTableA
DrawTextA
SetRect
MessageBeep
InvalidateRect
CharUpperA
RegisterClipboardFormatA
PostThreadMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
AdjustWindowRectEx
ScreenToClient
CopyRect
IsWindowVisible
GetNextDlgGroupItem
GetMenuCheckMarkDimensions
LoadBitmapA
ReleaseDC
GetTopWindow
MessageBoxA
IsChild
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
GetWindowRect
MapDialogRect
SetWindowPos
ShowWindow
PostMessageA
GetCapture
GetActiveWindow
SetActiveWindow
GetAsyncKeyState
GetWindowLongA
SetFocus
GetDlgItem
IsWindowEnabled
IsIconic
GetSystemMetrics
ModifyMenuA
SetMenuItemBitmaps
GetClientRect
DrawIcon
LoadIconA
IsWindow
CheckMenuItem
EnableMenuItem
MoveWindow
SetWindowTextA
IsDialogMessageA
EnableWindow
SetTimer
KillTimer
GetParent
LoadCursorA
GetMenuState
SetCursor
GetFocus
SendMessageA
RemovePropA
CallWindowProcA
GetWindow
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
UnregisterClassA
IsWindowUnicode
HideCaret
DefDlgProcA

gdi32

RestoreDC
SelectObject
GetStockObject
SetBkMode
SaveDC
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
DeleteDC
GetObjectA
PatBlt
CreateBitmap
GetClipBox
SetBkColor
SetTextColor
ScaleWindowExtEx
IntersectClipRect
DeleteObject
SetWindowExtEx
GetWindowExtEx
GetViewportExtEx
CreateSolidBrush
PtVisible
TextOutA
ExtTextOutA
RectVisible
Escape
EnumFontFamiliesExA
GetMapMode
DPtoLP
GetBkColor
LPtoDP
GetTextColor
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateDIBitmap
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA

comctl32

ord17
DestroyPropertySheetPage
PropertySheetA
CreatePropertySheetPageA

oledlg

ord8

ole32

OleInitialize
CoTaskMemAlloc
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CLSIDFromString
CoGetClassObject
CLSIDFromProgID

olepro32

ord253

oleaut32

SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocString
SysFreeString
SysAllocStringByteLen
SysStringLen

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_CB78D0A9870D41619536B7FE933F6132
.chm
_CD5B319D227841F9B96091798CE7FD6E
_CDEE7F99FB9443C281E67CFD14E14732
_CED7138B034741FB86D9FCA087F34849
.chm
_CF16A16523804598928277C6CFBF4341
_D0E8288CDAFD40A2B6AD599CBD54170E
.dll windows:4 windows x86 arch:x86

fb00003fe7562b67c69f30255f328b20

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsGetValue
LeaveCriticalSection
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
GetLastError
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
InitializeCriticalSection
ReadFile
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
RtlUnwind
CloseHandle
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
EnterCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetStdHandle
FlushFileBuffers
InterlockedDecrement
InterlockedIncrement
CreateFileA
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Exports

Exports

AmvClose
AmvDecoder
AmvInforInit

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_D3EECCCF247C4BDE98AEA72ED9E739BC
_D68DD5478970438997C6CE082828801E
_D7D183EA43024C78B7FF52617857CEE7
_D87C9D5A53ED486C8B09B3159E5C8EA2
_D8F5B16AC1764E87A74E7990FEC322C2
_DADAA14AB49947D9BFF94E51AD040861
_DD68C44D012B452C9F290C8A39A80311
_DD8B5F8F0C8541A787B090D5CDFEB0E6
_E093DD5D70C549C49A8E7DB625AE3CA6
_E0A18A0B51DD479383FB76F94AFCFE3F
_E10B2A80EE2140B6ABEB9F910C6AD8C1
_E8F8BE264F3E4AD585D3357FF314CBE5
_E9650FD734E64CF4BE842B4E990550F9
_E9B310DB31B141ECA9D91559763180F2
.exe windows:4 windows x86 arch:x86

579eccf100e74ab74ae4a8c2a955c6fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dinput8

DirectInput8Create

probatch

ReSetUdisk
DownFimware
GetFmVersion
Initial
GetFirmwareInfo
GetTotalNumber
GetDeviceInfo

kernel32

GetFileSize
GetFileTime
SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTickCount
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
ExitProcess
TerminateProcess
RaiseException
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetFileAttributesA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetOEMCP
GetCPInfo
SizeofResource
GetProfileStringA
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GetVersion
GetVersionExA
Sleep
GetSystemDefaultLangID
CloseHandle
DeviceIoControl
CreateFileA
WaitForSingleObject
ResetEvent
CreateEventA
GetLastError
CreateProcessA
GetStartupInfoA
GetModuleHandleA
GetPrivateProfileStringA
FindFirstFileA
FreeLibrary
GetProcAddress
LoadLibraryA
DeleteFileA
CopyFileA
GetWindowsDirectoryA
GetModuleFileNameA
GetLocalTime
_lclose
OpenFile
InterlockedIncrement
InterlockedDecrement
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
LocalFree
FormatMessageA
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
MulDiv
SetLastError
lstrcpynA
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA

user32

InvalidateRect
RegisterClipboardFormatA
PostThreadMessageA
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
GetSysColorBrush
PtInRect
GetClassNameA
GetDesktopWindow
CharUpperA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
DestroyMenu
LoadStringA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
SendMessageA
GetWindowTextA
GetWindow
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
GetMessagePos
GetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
GetDC
ReleaseDC
MapDialogRect
ScreenToClient
InflateRect
DefDlgProcA
IsWindowUnicode
GetTopWindow
DispatchMessageA
TranslateMessage
PeekMessageA
SetActiveWindow
SetForegroundWindow
IsWindowVisible
GetSystemMetrics
LoadIconA
UpdateWindow
SetCursor
LoadCursorA
AppendMenuA
GetSystemMenu
DrawIcon
GetClientRect
IsIconic
EnableWindow
PostMessageA
PostQuitMessage
MessageBoxA
GetWindowLongA
IsWindowEnabled
GetLastActivePopup
GetParent
SetWindowsHookExA
GetCursorPos
ValidateRect
CallNextHookEx
GetKeyState
SetWindowPos
SetWindowContextHelpId
EndDialog
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
GetActiveWindow

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
SetViewportOrgEx
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
SetViewportExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
CreateSolidBrush
OffsetViewportOrgEx
GetClipBox
PatBlt
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateBitmap

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleUninitialize

olepro32

ord253

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysStringLen

comctl32

ord17

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_EA32331F007148BC820326A1E3F494A9
_EA587C2890314A87BCBFFE1D34E69D10
_EBD9BD6D78814B55BFFA7BE84B2D61C5
_ECDE4C40AE5040C2B9D6E8605EE7C598
_F00B092DF2994A2D84A6D1C6B34A5714
_F1ED78B7B19B421F8A13F3366739F9B9
_F209496E6EAE43709193AF6A06F11B87
_F3F13946532643CC976CCE3A3C6E5636
.chm
_F3F76627EA674E8196AF7A4D855B615A
_F4AB2821047245CC86B438CFEE4BC215
_FAF9B4CC7D01481595EF34324FB95029
_FE5AB69278B644CA9A74A482666D9C76
_FF8084ADDBEE484EBD41E7E46E6E6CB7
.exe windows:4 windows x86 arch:x86

98351162c7d44451a18cf9991a079d2b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetImageInfo
ImageList_Draw
ImageList_GetIconSize
_TrackMouseEvent

wmvcore

WMCreateSyncReader

kernel32

FindNextFileA
WriteProfileStringA
GetProfileStringA
GetTickCount
CreateProcessA
WritePrivateProfileStringA
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryA
GetLastError
GetProcAddress
FreeLibrary
GetModuleHandleA
GetStartupInfoA
CreateThread
GetPrivateProfileIntA
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
OpenMutexA
WaitForSingleObject
ReleaseMutex
InterlockedDecrement
InterlockedIncrement
GetFileSize
SetFilePointer
ReadFile
CreateFileA
GetFileType
GetSystemTime
CloseHandle
CreateMutexA
FindFirstFileA
GetSystemDefaultLangID
GetPrivateProfileStringA
CopyFileA
DeleteFileA
GetWindowsDirectoryA
GetSystemDirectoryA
GetCurrentDirectoryA
lstrcpyA
lstrcatA
GetVersion
GetModuleFileNameA
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FindClose

user32

GetCursorPos
SetRect
GetFocus
FindWindowA
MessageBoxA
GetSystemMetrics
KillTimer
PtInRect
SystemParametersInfoA
GetMenuItemCount
SetTimer
GrayStringA
TabbedTextOutA
FrameRect
DrawStateA
ModifyMenuA
PeekMessageA
TranslateMessage
DispatchMessageA
CallWindowProcA
ShowWindow
MoveWindow
GetWindowDC
SetWindowRgn
CopyImage
DrawIconEx
IsWindow
SetWindowPos
SetWindowLongA
DrawTextA
GetDesktopWindow
RedrawWindow
LoadBitmapA
GetSysColorBrush
GetSystemMenu
ScreenToClient
UpdateWindow
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
InflateRect
GetSysColor
OffsetRect
DrawFocusRect
GetSubMenu
TrackPopupMenuEx
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
SetCursor
GetNextDlgTabItem
GetWindowLongA
DestroyIcon
DestroyCursor
DestroyMenu
EnableWindow
GetClientRect
SendMessageA
InvalidateRect
GetDC
GetWindowRect
GetParent
ReleaseDC
WinHelpA
LoadMenuA
GetIconInfo
CreateIconIndirect
FillRect
MapWindowPoints
CopyRect
GetAsyncKeyState
LoadImageA
SetRectEmpty
GetMenuItemID
IsIconic
AppendMenuA

gdi32

CreateFontIndirectA
CreateCompatibleDC
BitBlt
StretchBlt
DeleteDC
DeleteObject
SelectObject
CreateCompatibleBitmap
GetStockObject
SetBkColor
CreateBitmap
SetPixel
GetPixel
GetDeviceCaps
GetTextExtentPoint32A
CreateSolidBrush
PatBlt
RealizePalette
SelectPalette
ExtCreateRegion
GetDIBits
CreateICA
EnumFontFamiliesA
GetTextCharsetInfo
CreateRectRgnIndirect
Polygon
StretchDIBits
SetWindowOrgEx
CombineRgn
CreateRectRgn
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey
RegSetValueA
RegSetValueExA

shell32

DragQueryFileA
DragFinish
ShellExecuteA
SHGetMalloc
SHBrowseForFolderA
ShellExecuteExA
SHGetPathFromIDListA

ole32

CoUninitialize
GetRunningObjectTable
CreateStreamOnHGlobal
CoTaskMemFree
CoInitializeEx
CreateItemMoniker
CoCreateInstance

oleaut32

OleLoadPicture

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

mfc42

ord6358
ord4123
ord1979
ord3574
ord3596
ord5864
ord6061
ord5571
ord5579
ord5736
ord5678
ord5794
ord6021
ord6189
ord4330
ord6186
ord5756
ord6192
ord5759
ord3499
ord4083
ord6111
ord6135
ord2044
ord5834
ord6215
ord6380
ord6378
ord4694
ord2645
ord4774
ord2448
ord3452
ord3998
ord6907
ord926
ord1158
ord940
ord1871
ord4185
ord5628
ord909
ord696
ord394
ord3643
ord1949
ord3286
ord6007
ord6270
ord2713
ord2243
ord4299
ord6334
ord2642
ord2370
ord2289
ord2301
ord415
ord715
ord616
ord3582
ord4398
ord2578
ord4218
ord2023
ord2411
ord3766
ord3546
ord790
ord3693
ord3716
ord430
ord2504
ord1576
ord4852
ord4375
ord1176
ord4243
ord559
ord2614
ord693
ord812
ord3640
ord4402
ord3370
ord2582
ord4425
ord4834
ord2841
ord682
ord3630
ord4400
ord2580
ord4235
ord6282
ord6283
ord802
ord542
ord800
ord540
ord825
ord1200
ord2818
ord924
ord858
ord1168
ord3619
ord1641
ord3626
ord2414
ord3663
ord535
ord537
ord939
ord941
ord4277
ord2764
ord641
ord2452
ord613
ord640
ord5785
ord1640
ord323
ord823
ord289
ord6055
ord4078
ord1776
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3402
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3721
ord795
ord860
ord567
ord6880
ord2864
ord2859
ord4275
ord2860
ord5875
ord4278
ord5683
ord755
ord470
ord2575
ord4396
ord2971
ord3571
ord809
ord609
ord556
ord4284
ord2379
ord2405
ord5053
ord5981
ord3874
ord4133
ord4297
ord5788
ord472
ord283
ord1146
ord2122
ord4204
ord1088
ord2567
ord1834
ord4229
ord1771
ord6366
ord2413
ord2024
ord4219
ord2581
ord4401
ord3639
ord5067
ord4635
ord4607
ord4716
ord4750
ord5016
ord5265
ord3706
ord5781
ord4998
ord2515
ord6052
ord1775
ord5280
ord5307
ord4698
ord355
ord692
ord6567
ord922
ord5710
ord3301
ord3200
ord3092
ord6197
ord3907
ord4710
ord5651
ord3127
ord3616
ord665
ord2915
ord5442
ord3318
ord5186
ord350
ord354
ord2753
ord3610
ord656
ord2107
ord3698
ord765
ord3573
ord6172
ord3797
ord384
ord686
ord3293
ord6654
ord2862
ord3910
ord5787
ord3754
ord6888
ord6675
ord6762
ord538
ord6648
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord5289
ord5714
ord4622
ord3738
ord815
ord561
ord2514
ord4159
ord6117
ord2621
ord1134
ord4376
ord4853
ord3597
ord324
ord2302
ord4234
ord6199
ord6241
ord2725
ord4224
ord4230
ord1803
ord2863
ord4454
ord4759
ord4220
ord2584
ord3654
ord2438
ord2455
ord1644
ord4497
ord5063
ord3815
ord1175
ord816
ord5789
ord562
ord2763
ord5440
ord6383
ord5450
ord6394
ord2450
ord5873

msvcrt

?terminate@@YAXXZ
__getmainargs
_acmdln
_exit
_XcptFilter
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_stricmp
_setmbcp
_except_handler3
_onexit
__dllonexit
memmove
_mbsicmp
strchr
printf
fseek
ftell
fread
sscanf
_mbsicoll
_purecall
exit
malloc
free
_strdup
sprintf
fopen
fwrite
fclose
_mbscmp
_mbsnbcpy
atoi
__CxxFrameHandler
_ftol

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/MSIcn.msi
.msi
MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/MSIen.msi
.msi
MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/MSIfr.msi
.msi
MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/MSIge.msi
.msi
MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/MSIit.msi
.msi
MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/MSIjp.msi
.msi
MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/MSIko.msi
.msi
MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/MSIsp.msi
.msi
MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/MSItw.msi
.msi
MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/SoundCon.ini
MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/msi.dll
.dll regsvr32 windows:5 windows x86 arch:x86

604de05252758c509710a903aa11a4c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
GetLengthSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
SetThreadToken
OpenThreadToken
RegOpenKeyExA
FreeSid
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
MakeSelfRelativeSD
GetSecurityDescriptorLength
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetAce
AddAccessAllowedAce
InitializeAcl
RegFlushKey
RegQueryValueExA
RegQueryValueExW
RegEnumKeyExW
RegEnumKeyExA
RegEnumValueW
RegEnumValueA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExW
RegConnectRegistryA
RegSetValueExW
RegDeleteKeyW
SetTokenInformation
CloseServiceHandle
OpenServiceA
OpenSCManagerA
GetServiceDisplayNameA
QueryServiceStatus
ControlService
EnumDependentServicesA
SetFileSecurityA
IsValidSecurityDescriptor
QueryServiceConfigA
DeleteService
StartServiceA
ChangeServiceConfigA
CreateServiceA
RegEnumKeyA
GetUserNameA
MakeAbsoluteSD
GetFileSecurityA
CopySid
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
GetSecurityDescriptorControl
PrivilegeCheck
RegGetKeySecurity
RegSetKeySecurity
DeregisterEventSource
ReportEventA
RegisterEventSourceA
GetSidLengthRequired
GetSidSubAuthorityCount
LookupAccountNameA
AddAccessDeniedAce
DuplicateToken

kernel32

GetEnvironmentVariableA
GetExitCodeThread
GetSystemDefaultLangID
GetSystemInfo
SetEnvironmentVariableA
GetACP
GetLocaleInfoA
FreeLibrary
LoadLibraryExA
FormatMessageA
SetLastError
GlobalAlloc
GlobalFree
MultiByteToWideChar
InitializeCriticalSection
DeleteFileA
ExpandEnvironmentStringsA
WideCharToMultiByte
GetTickCount
LockResource
LoadResource
FindResourceExA
CreateDirectoryA
GetTempPathA
TlsFree
GetCurrentThreadId
DisableThreadLibraryCalls
DeleteCriticalSection
lstrlenW
FileTimeToSystemTime
GetUserDefaultLCID
ExpandEnvironmentStringsW
GetFileAttributesW
GetFileAttributesA
GetEnvironmentVariableW
SetEnvironmentVariableW
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToLocalFileTime
lstrcpyW
lstrcmpW
GetFileSize
CreateFileW
CreateFileA
SetErrorMode
lstrcpynW
lstrcatW
LocalFree
GetLocalTime
lstrcmpiW
DeleteFileW
GetModuleFileNameA
LoadLibraryExW
InterlockedIncrement
UnhandledExceptionFilter
GetCurrentProcessId
LoadLibraryA
SetEvent
LeaveCriticalSection
EnterCriticalSection
GetSystemDirectoryA
InterlockedDecrement
CreateThread
InterlockedExchange
WaitForSingleObject
ResumeThread
TlsSetValue
TlsAlloc
CreateEventA
TerminateProcess
RemoveDirectoryA
CreateMutexA
GetShortPathNameA
FindClose
FindFirstFileA
GetPrivateProfileStringA
GetProfileStringA
MoveFileA
SetEndOfFile
SetFilePointer
UnmapViewOfFile
IsBadWritePtr
MapViewOfFile
CreateFileMappingA
MoveFileExA
WriteFile
FindNextFileA
GlobalAddAtomA
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTempFileNameA
DebugBreak
ExitThread
GetExitCodeProcess
CreateProcessA
MulDiv
SetUnhandledExceptionFilter
TerminateThread
RaiseException
GlobalDeleteAtom
GlobalGetAtomNameA
WaitForMultipleObjects
GetUserDefaultLangID
ReadFile
WriteProfileStringA
WritePrivateProfileStringA
GetComputerNameA
GlobalMemoryStatus
GetDateFormatA
GetTimeFormatA
OpenMutexA
ReleaseMutex
GetWindowsDirectoryA
SetFileAttributesA
GetVolumeInformationA
GetCurrentDirectoryA
TlsGetValue
GetModuleHandleA
WriteProcessMemory
ReadProcessMemory
OpenProcess
OutputDebugStringA
OutputDebugStringW
FormatMessageW
GetNumberFormatA
GetDriveTypeA
GetDiskFreeSpaceA
SetFileTime
GetFileTime
FileTimeToDosDateTime
CreateSemaphoreA
ReleaseSemaphore
DosDateTimeToFileTime
GlobalUnlock
GlobalLock
GlobalReAlloc
IsValidCodePage
GetSystemTimeAsFileTime
VirtualFree
VirtualAlloc
VirtualQuery
ResetEvent
OpenEventA
GetCommandLineA
ExitProcess
HeapFree
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
HeapDestroy
HeapCreate
HeapReAlloc
HeapSize
GetOEMCP
GetCPInfo
RtlUnwind
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualProtect
lstrcmpiA
lstrcmpA
lstrcpynA
lstrcpyA
lstrlenA
lstrcatA
GetCurrentThread
GetVersionExA
Sleep
GetCurrentProcess
CloseHandle
GetLastError
GetProcAddress

user32

RegisterWindowMessageA
DialogBoxParamA
GetWindowTextA
SetUserObjectSecurity
GetWindowTextLengthA
GetWindowThreadProcessId
GetWindow
EnumWindows
SendDlgItemMessageA
GetFocus
DispatchMessageA
GetMessageA
DestroyWindow
UnregisterClassA
GetKeyState
PostQuitMessage
GetWindowLongA
SetFocus
DefWindowProcA
wsprintfA
CharNextA
GetSystemMenu
RemoveMenu
CopyRect
DrawTextA
MapWindowPoints
GetClientRect
EndDialog
CharLowerA
CharUpperA
FindWindowExA
SetWindowPos
SetWindowTextA
CreateDialogParamA
ShowWindow
SetForegroundWindow
LoadIconA
IsWindowVisible
IsWindowEnabled
SetCursor
EnableWindow
InvalidateRect
GetDlgItem
GetDlgItemTextA
SetDlgItemTextA
IsDialogMessageA
GetWindowRect
SystemParametersInfoA
PostMessageA
SendMessageTimeoutA
CharPrevA
ExitWindowsEx
MsgWaitForMultipleObjects
TranslateMessage
PeekMessageA
GetActiveWindow
PostThreadMessageA
MessageBoxA
wsprintfW
IsCharLowerA
LoadStringA
LoadCursorA
RegisterClassA
GetSystemMetrics
CreateWindowExA
GetDC
ReleaseDC
MoveWindow
SetWindowLongA
SendMessageA

gdi32

GetTextExtentPoint32A
SelectObject
GetTextMetricsA
AddFontResourceA
RemoveFontResourceA
DeleteObject
GetTextFaceA
CreateFontIndirectA
GetDeviceCaps
EnumFontFamiliesExA
CreateFontA
GetStockObject

rpcrt4

NdrDllRegisterProxy
NdrCStdStubBuffer_Release
NdrDllGetClassObject
NdrSimpleTypeUnmarshall
NdrSimpleTypeMarshall
NdrConformantArrayUnmarshall
NdrConformantArrayBufferSize
NdrConformantArrayMarshall
NdrSimpleStructUnmarshall
NdrAllocate
NdrConformantStringBufferSize
NdrConformantStringMarshall
NdrSimpleStructMarshall
NdrConformantStringUnmarshall
NdrInterfacePointerUnmarshall
NdrInterfacePointerFree
NdrPointerFree
NdrInterfacePointerBufferSize
NdrInterfacePointerMarshall
NdrStubInitialize
NdrPointerUnmarshall
NdrStubGetBuffer
NdrProxyInitialize
NdrPointerBufferSize
NdrProxyGetBuffer
NdrPointerMarshall
NdrProxySendReceive
NdrConvert
RpcRaiseException
NdrProxyFreeBuffer
NdrClearOutParameters
NdrProxyErrorHandler
NdrOleAllocate
NdrOleFree
IUnknown_QueryInterface_Proxy
IUnknown_AddRef_Proxy
IUnknown_Release_Proxy
CStdStubBuffer_QueryInterface
CStdStubBuffer_AddRef
CStdStubBuffer_Connect
CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_CountRefs
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_DebugServerRelease
NdrDllUnregisterProxy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllGetVersion
DllRegisterServer
DllUnregisterServer
Migrate10CachedPackagesA
Migrate10CachedPackagesW
MsiAdvertiseProductA
MsiAdvertiseProductExA
MsiAdvertiseProductExW
MsiAdvertiseProductW
MsiAdvertiseScriptA
MsiAdvertiseScriptW
MsiApplyPatchA
MsiApplyPatchW
MsiCloseAllHandles
MsiCloseHandle
MsiCollectUserInfoA
MsiCollectUserInfoW
MsiConfigureFeatureA
MsiConfigureFeatureFromDescriptorA
MsiConfigureFeatureFromDescriptorW
MsiConfigureFeatureW
MsiConfigureProductA
MsiConfigureProductExA
MsiConfigureProductExW
MsiConfigureProductW
MsiCreateAndVerifyInstallerDirectory
MsiCreateRecord
MsiCreateTransformSummaryInfoA
MsiCreateTransformSummaryInfoW
MsiDatabaseApplyTransformA
MsiDatabaseApplyTransformW
MsiDatabaseCommit
MsiDatabaseExportA
MsiDatabaseExportW
MsiDatabaseGenerateTransformA
MsiDatabaseGenerateTransformW
MsiDatabaseGetPrimaryKeysA
MsiDatabaseGetPrimaryKeysW
MsiDatabaseImportA
MsiDatabaseImportW
MsiDatabaseIsTablePersistentA
MsiDatabaseIsTablePersistentW
MsiDatabaseMergeA
MsiDatabaseMergeW
MsiDatabaseOpenViewA
MsiDatabaseOpenViewW
MsiDecomposeDescriptorA
MsiDecomposeDescriptorW
MsiDeleteUserDataA
MsiDeleteUserDataW
MsiDoActionA
MsiDoActionW
MsiEnableLogA
MsiEnableLogW
MsiEnableUIPreview
MsiEnumClientsA
MsiEnumClientsW
MsiEnumComponentCostsA
MsiEnumComponentCostsW
MsiEnumComponentQualifiersA
MsiEnumComponentQualifiersW
MsiEnumComponentsA
MsiEnumComponentsW
MsiEnumFeaturesA
MsiEnumFeaturesW
MsiEnumPatchesA
MsiEnumPatchesW
MsiEnumProductsA
MsiEnumProductsW
MsiEnumRelatedProductsA
MsiEnumRelatedProductsW
MsiEvaluateConditionA
MsiEvaluateConditionW
MsiFormatRecordA
MsiFormatRecordW
MsiGetActiveDatabase
MsiGetComponentPathA
MsiGetComponentPathW
MsiGetComponentStateA
MsiGetComponentStateW
MsiGetDatabaseState
MsiGetFeatureCostA
MsiGetFeatureCostW
MsiGetFeatureInfoA
MsiGetFeatureInfoW
MsiGetFeatureStateA
MsiGetFeatureStateW
MsiGetFeatureUsageA
MsiGetFeatureUsageW
MsiGetFeatureValidStatesA
MsiGetFeatureValidStatesW
MsiGetFileHashA
MsiGetFileHashW
MsiGetFileSignatureInformationA
MsiGetFileSignatureInformationW
MsiGetFileVersionA
MsiGetFileVersionW
MsiGetLanguage
MsiGetLastErrorRecord
MsiGetMode
MsiGetPatchInfoA
MsiGetPatchInfoW
MsiGetProductCodeA
MsiGetProductCodeFromPackageCodeA
MsiGetProductCodeFromPackageCodeW
MsiGetProductCodeW
MsiGetProductInfoA
MsiGetProductInfoFromScriptA
MsiGetProductInfoFromScriptW
MsiGetProductInfoW
MsiGetProductPropertyA
MsiGetProductPropertyW
MsiGetPropertyA
MsiGetPropertyW
MsiGetShortcutTargetA
MsiGetShortcutTargetW
MsiGetSourcePathA
MsiGetSourcePathW
MsiGetSummaryInformationA
MsiGetSummaryInformationW
MsiGetTargetPathA
MsiGetTargetPathW
MsiGetUserInfoA
MsiGetUserInfoW
MsiInstallMissingComponentA
MsiInstallMissingComponentW
MsiInstallMissingFileA
MsiInstallMissingFileW
MsiInstallProductA
MsiInstallProductW
MsiInvalidateFeatureCache
MsiIsProductElevatedA
MsiIsProductElevatedW
MsiLoadStringA
MsiLoadStringW
MsiLocateComponentA
MsiLocateComponentW
MsiMessageBoxA
MsiMessageBoxW
MsiNotifySidChangeA
MsiNotifySidChangeW
MsiOpenDatabaseA
MsiOpenDatabaseW
MsiOpenPackageA
MsiOpenPackageExA
MsiOpenPackageExW
MsiOpenPackageW
MsiOpenProductA
MsiOpenProductW
MsiPreviewBillboardA
MsiPreviewBillboardW
MsiPreviewDialogA
MsiPreviewDialogW
MsiProcessAdvertiseScriptA
MsiProcessAdvertiseScriptW
MsiProcessMessage
MsiProvideAssemblyA
MsiProvideAssemblyW
MsiProvideComponentA
MsiProvideComponentFromDescriptorA
MsiProvideComponentFromDescriptorW
MsiProvideComponentW
MsiProvideQualifiedComponentA
MsiProvideQualifiedComponentExA
MsiProvideQualifiedComponentExW
MsiProvideQualifiedComponentW
MsiQueryFeatureStateA
MsiQueryFeatureStateFromDescriptorA
MsiQueryFeatureStateFromDescriptorW
MsiQueryFeatureStateW
MsiQueryProductStateA
MsiQueryProductStateW
MsiRecordClearData
MsiRecordDataSize
MsiRecordGetFieldCount
MsiRecordGetInteger
MsiRecordGetStringA
MsiRecordGetStringW
MsiRecordIsNull
MsiRecordReadStream
MsiRecordSetInteger
MsiRecordSetStreamA
MsiRecordSetStreamW
MsiRecordSetStringA
MsiRecordSetStringW
MsiReinstallFeatureA
MsiReinstallFeatureFromDescriptorA
MsiReinstallFeatureFromDescriptorW
MsiReinstallFeatureW
MsiReinstallProductA
MsiReinstallProductW
MsiSequenceA
MsiSequenceW
MsiSetComponentStateA
MsiSetComponentStateW
MsiSetExternalUIA
MsiSetExternalUIW
MsiSetFeatureAttributesA
MsiSetFeatureAttributesW
MsiSetFeatureStateA
MsiSetFeatureStateW
MsiSetInstallLevel
MsiSetInternalUI
MsiSetMode
MsiSetPropertyA
MsiSetPropertyW
MsiSetTargetPathA
MsiSetTargetPathW
MsiSourceListAddSourceA
MsiSourceListAddSourceW
MsiSourceListClearAllA
MsiSourceListClearAllW
MsiSourceListForceResolutionA
MsiSourceListForceResolutionW
MsiSummaryInfoGetPropertyA
MsiSummaryInfoGetPropertyCount
MsiSummaryInfoGetPropertyW
MsiSummaryInfoPersist
MsiSummaryInfoSetPropertyA
MsiSummaryInfoSetPropertyW
MsiUseFeatureA
MsiUseFeatureExA
MsiUseFeatureExW
MsiUseFeatureW
MsiVerifyDiskSpace
MsiVerifyPackageA
MsiVerifyPackageW
MsiViewClose
MsiViewExecute
MsiViewFetch
MsiViewGetColumnInfo
MsiViewGetErrorA
MsiViewGetErrorW
MsiViewModify

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 586KB - Virtual size: 586KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MP3 Player Utilities 3.57/MP3 Player Utilities 3.57/setup.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1494de9b53e05fc1f40cb92afbdd6ce4

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9dCertificate

Extended Key Usages

Key Usages

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6Certificate

Extended Key Usages

Key Usages

61:07:11:43:00:00:00:00:00:34Certificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

comctl32

version

Sections

.text Size: 33KB - Virtual size: 33KB

.data Size: 1024B - Virtual size: 6KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

1494de9b53e05fc1f40cb92afbdd6ce4

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9dCertificate

Extended Key Usages

Key Usages

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6Certificate

Extended Key Usages

Key Usages

61:07:11:43:00:00:00:00:00:34Certificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

comctl32

version

Sections

.text Size: 33KB - Virtual size: 33KB

.data Size: 1024B - Virtual size: 6KB

.rsrc Size: 1.7MB - Virtual size: 1.7MB

c6e592e19acd0da69bdcb49a95a6f100

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

hal

usbd.sys

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 288B - Virtual size: 264B

.data Size: 32B - Virtual size: 8B

.edata Size: 192B - Virtual size: 171B

INIT Size: 992B - Virtual size: 990B

.rsrc Size: 832B - Virtual size: 824B

.reloc Size: 480B - Virtual size: 454B

a0e4f543c8a56bc720eb38d4ccdb60a6

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

61:07:11:43:00:00:00:00:00:34
Certificate

.text
Size: 33KB - Virtual size: 33KB

.data
Size: 1024B - Virtual size: 6KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

61:07:11:43:00:00:00:00:00:34
Certificate

.text
Size: 33KB - Virtual size: 33KB

.data
Size: 1024B - Virtual size: 6KB

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 288B - Virtual size: 264B

.data
Size: 32B - Virtual size: 8B

.edata
Size: 192B - Virtual size: 171B

INIT
Size: 992B - Virtual size: 990B

.rsrc
Size: 832B - Virtual size: 824B

.reloc
Size: 480B - Virtual size: 454B

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 132KB - Virtual size: 130KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 232KB - Virtual size: 231KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 32B - Virtual size: 16B

.edata
Size: 192B - Virtual size: 172B

INIT
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 832B - Virtual size: 832B

.reloc
Size: 416B - Virtual size: 386B

.text
Size: 8KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 628B

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 796B