6efaba35e391d328270fee8e60d7866e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6efaba35e391d328270fee8e60d7866e_JaffaCakes118
Size

3.2MB
MD5

6efaba35e391d328270fee8e60d7866e
SHA1

dd439c727c8ca87cc8a3069d084f6a64dfb58149
SHA256

d4ab966e96984cb06a58603cae8cb6af5bcd34478c16a31bc0af8b37bb87b20b
SHA512

7ad4217cbeb6418c84eb93bfad96573399e1fa6d1904ab88d496f18cd8ff7e27edcd5fd489f84bdab419dc4a9a968aba6521dc41f35bf302ff1351a499b5ee29
SSDEEP

98304:TCFWXUeWv5IVTf7lp2aMCE+IXP9H0FnUo23:aiVT+aMPXPR0Fn923

Score

3^/10

Malware Config

Signatures

Unsigned PE 18 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ir0462.exe
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/LangDLL.dll
unpack002/$PLUGINSDIR/UserInfo.dll
unpack002/$PLUGINSDIR/irInstallPlugin.dll
unpack002/Codecs/irSndFile.irc
unpack002/Codecs/irVorbis.irc
unpack002/Codecs/irWMA.irc
unpack002/Codecs/libsndfile.dll
unpack002/InfraRecorder.exe
unpack002/Uninstall.exe
unpack003/$PLUGINSDIR/InstallOptions.dll
unpack002/cdrtools/cdda2wav.exe
unpack002/cdrtools/cdrecord.exe
unpack002/cdrtools/cygwin1.dll
unpack002/cdrtools/readcd.exe
unpack002/ckEffects.exe
unpack002/irShell.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
static1/unpack001/ir0462.exe	nsis_installer_1
static1/unpack002/Uninstall.exe	nsis_installer_1

Files

6efaba35e391d328270fee8e60d7866e_JaffaCakes118
.rar
ir0462.exe
.exe windows:4 windows x86 arch:x86

4a9446e5cc2412c6405cea69dddb93be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
lstrcmpiA
CopyFileA
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
MulDiv
ReadFile
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
ExitProcess

user32

ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
wsprintfA

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b3d296ff6f7abb1319ee006fcc6c4d98

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

GetDlgCtrlID
CloseClipboard
GetClipboardData
MapWindowPoints
GetClientRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
PtInRect
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
OpenClipboard

gdi32

SetTextColor
GetObjectA
SelectObject
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
CreateCompatibleDC

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 990B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

2db813254ea8b4d2a92d703ecb659f39

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpynA
lstrcmpA
lstrlenA
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc

user32

SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
LoadIconA
SendMessageA
ShowWindow
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 681B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

48cfa0ea7e353e4a7dd23572da8374ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetCurrentThread
GetCurrentProcess
GetLastError
GlobalFree
CloseHandle
lstrcpynA
GlobalAlloc

advapi32

OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetUserNameA
OpenThreadToken

Exports

Exports

GetAccountType
GetName

Sections

.text
Size: 1024B - Virtual size: 573B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 45B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/irInstallPlugin.dll
.dll windows:4 windows x86 arch:x86

e0b94dc4e7e0b284ec2baa8cce7d0210

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\Christian Kindahl\Desktop\Active Projects\InfraRecorder\Setup\irInstallPlugin\Release\irInstallPlugin.pdb

Imports

kernel32

lstrcatW
lstrcmpW
lstrcpyW
lstrlenW
MultiByteToWideChar
AreFileApisANSI
WideCharToMultiByte
CreateFileW
CloseHandle
GetLastError
SetFilePointer
GetFileSize
GetFileAttributesW
ReadFile
WriteFile
CreateDirectoryW
FlushFileBuffers
CreateFileA
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetStdHandle
GetModuleFileNameA
Sleep
HeapSize
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
LoadLibraryA
GetLocaleInfoA
InitializeCriticalSection
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW

shell32

SHGetFolderPathW

Exports

Exports

CreateConfig

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-wizard.bmp
Codecs/irSndFile.irc
.dll windows:4 windows x86 arch:x86

4c20d009f18ee5baa83127a9e9d9a7f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\Christian Kindahl\Desktop\Active Projects\InfraRecorder\Binary32\Codecs\irSndFile.pdb

Imports

kernel32

lstrcatW
GetModuleFileNameW
GetProcAddress
LoadLibraryW
FreeLibrary
lstrlenW
MultiByteToWideChar
AreFileApisANSI
WideCharToMultiByte
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
Sleep
HeapSize
ExitProcess
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
VirtualAlloc
WriteFile
LoadLibraryA
InitializeCriticalSection
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CloseHandle
FlushFileBuffers

Exports

Exports

irc_capabilities
irc_decode_exit
irc_decode_init
irc_decode_process
irc_encode_config
irc_encode_exit
irc_encode_flush
irc_encode_init
irc_encode_process
irc_set_callback
irc_string

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/irVorbis.irc
.dll windows:4 windows x86 arch:x86

9ae399a101ababa6f0ff54a4a85b3ab9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\Christian Kindahl\Desktop\Active Projects\InfraRecorder\Binary32\Codecs\irVorbis.pdb

Imports

kernel32

GetCurrentProcess
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
CloseHandle
GetLastError
SetFilePointer
ReadFile
WriteFile
FlushInstructionCache
CreateFileA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
FlushFileBuffers
LeaveCriticalSection
EnterCriticalSection
RaiseException
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
GetProcAddress
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
RtlUnwind
HeapReAlloc
GetSystemTimeAsFileTime
GetCommandLineA
HeapDestroy
HeapCreate
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
ExitProcess
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetConsoleCP
GetConsoleMode
SetStdHandle

user32

GetActiveWindow
EnableWindow
MessageBoxW
GetDlgItem
SetDlgItemTextW
IsDlgButtonChecked
GetDlgItemTextW
CheckDlgButton
CallWindowProcW
DestroyWindow
DefWindowProcW
SendMessageW
GetParent
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
SetWindowPos
GetWindowLongW
SetWindowLongW
UnregisterClassA

comctl32

CreatePropertySheetPageW
DestroyPropertySheetPage
PropertySheetW

Exports

Exports

irc_capabilities
irc_decode_exit
irc_decode_init
irc_decode_process
irc_encode_config
irc_encode_exit
irc_encode_flush
irc_encode_init
irc_encode_process
irc_set_callback
irc_string

Sections

.text
Size: 188KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 988KB - Virtual size: 1003KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/irWMA.irc
.dll windows:4 windows x86 arch:x86

9f2f89fb3603c619a0ba057f0845468b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\Christian Kindahl\Desktop\Active Projects\InfraRecorder\Binary32\Codecs\irWMA.pdb

Imports

kernel32

GetCurrentProcess
GetCurrentThreadId
GetProcAddress
LoadLibraryW
FreeLibrary
CloseHandle
InterlockedIncrement
GetFileType
GetLastError
CreateFileW
ReadFile
SetFilePointer
GetFileSize
InterlockedDecrement
MultiByteToWideChar
WideCharToMultiByte
FlushInstructionCache
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LeaveCriticalSection
EnterCriticalSection
RaiseException
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
RtlUnwind
HeapReAlloc
GetCommandLineA
HeapDestroy
HeapCreate
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapSize
Sleep
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteFile
LCMapStringA
LCMapStringW

user32

SetWindowLongW
GetWindowLongW
SetWindowPos
GetActiveWindow
GetDlgItem
CallWindowProcW
DestroyWindow
DefWindowProcW
SendMessageW
GetParent
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
UnregisterClassA

ole32

CoInitialize
CoUninitialize

comctl32

CreatePropertySheetPageW
DestroyPropertySheetPage
PropertySheetW

Exports

Exports

irc_capabilities
irc_decode_exit
irc_decode_init
irc_decode_process
irc_encode_config
irc_encode_exit
irc_encode_flush
irc_encode_init
irc_encode_process
irc_set_callback
irc_string

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/libsndfile.dll
.dll windows:4 windows x86 arch:x86

eb7015eeaaff6bad1fb7a59238c027d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
CloseHandle
CreateFileA
FindAtomA
FlushFileBuffers
FormatMessageA
GetAtomNameA
GetFileSize
GetFileType
GetLastError
GetStdHandle
LocalFree
ReadFile
SetEndOfFile
SetFilePointer
WriteFile

msvcrt

_stat
__dllonexit
__mb_cur_max
_assert
_errno
_get_osfhandle
_iob
_isctype
_pctype
_snprintf
_vsnprintf
abort
calloc
fflush
floor
fmod
fprintf
free
frexp
gmtime
malloc
memcpy
memset
printf
putchar
puts
sscanf
strlen
strncat
strncpy
strrchr
strstr
strtol
time
tolower

Exports

Exports

sf_close
sf_command
sf_error
sf_error_number
sf_error_str
sf_format_check
sf_get_string
sf_open
sf_open_fd
sf_open_virtual
sf_perror
sf_read_double
sf_read_float
sf_read_int
sf_read_raw
sf_read_short
sf_readf_double
sf_readf_float
sf_readf_int
sf_readf_short
sf_seek
sf_set_string
sf_strerror
sf_write_double
sf_write_float
sf_write_int
sf_write_raw
sf_write_short
sf_write_sync
sf_writef_double
sf_writef_float
sf_writef_int
sf_writef_short

Sections

.text
Size: 257KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
InfraRecorder.chm
.chm
InfraRecorder.exe
.exe windows:4 windows x86 arch:x86

82a5aace9b7aa0b2f3e90eb7d1fb80a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciSendCommandW
mciSendStringW

kernel32

GlobalLock
GlobalAlloc
InitializeCriticalSection
DeleteCriticalSection
lstrcmpiW
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
GetLocalTime
LocalUnlock
LocalLock
MulDiv
GetVolumeInformationW
GetCurrentProcessId
lstrcpynW
lstrlenA
LockResource
GlobalSize
FileTimeToDosDateTime
FileTimeToLocalFileTime
SystemTimeToFileTime
GetTempPathW
CompareFileTime
ExpandEnvironmentStringsA
LoadLibraryA
SetFilePointer
GetFileTime
GetFileSize
GetFileAttributesW
DeleteFileW
GetTempFileNameW
RemoveDirectoryW
CreateDirectoryW
GetFileAttributesExW
GetTimeZoneInformation
LCMapStringA
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GlobalUnlock
GetCPInfo
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapSize
HeapCreate
HeapDestroy
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetSystemTimeAsFileTime
GetStartupInfoW
HeapReAlloc
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetConsoleCP
GetConsoleMode
GetStringTypeA
InterlockedDecrement
InterlockedIncrement
GetLogicalDrives
GetDriveTypeW
GetTickCount
AreFileApisANSI
WideCharToMultiByte
CreateFileW
DeviceIoControl
ResetEvent
GetProcAddress
GetDiskFreeSpaceExW
CreatePipe
GetStringTypeW
SetStdHandle
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CompareStringA
DuplicateHandle
CreateEventW
WriteFile
WaitForMultipleObjects
PeekNamedPipe
ReadFile
TerminateProcess
SetEvent
TerminateThread
CreateProcessW
GetLastError
DosDateTimeToFileTime
FileTimeToSystemTime
GetDateFormatW
FindFirstFileW
LCMapStringW
FindNextFileW
FindClose
lstrcmpW
lstrlenW
lstrcpyW
SetLastError
CreateThread
WaitForSingleObject
Sleep
CloseHandle
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
GetVersionExW
LeaveCriticalSection
EnterCriticalSection
RaiseException
LoadLibraryW
FreeLibrary
GetModuleFileNameW
lstrcatW
CompareStringW
SetEnvironmentVariableA
GetOEMCP

user32

IsWindowEnabled
MessageBeep
LoadStringA
PostQuitMessage
CreatePopupMenu
IsDialogMessageW
TranslateAcceleratorW
GetCapture
UnregisterClassA
DrawEdge
RemoveMenu
AppendMenuW
SetRectEmpty
SetCursor
IsMenu
GetMenuItemCount
GetWindowThreadProcessId
GetClipboardData
CloseClipboard
GetFocus
OpenClipboard
UpdateWindow
GetWindowPlacement
SetWindowsHookExW
IsIconic
SetMenu
GetMenu
IsWindowVisible
IsWindowUnicode
ModifyMenuW
PtInRect
ReleaseCapture
SetCapture
LoadStringW
FrameRect
WindowFromPoint
RegisterWindowMessageW
UnhookWindowsHookEx
CharLowerW
ClientToScreen
GetWindowLongA
SetWindowLongA
CallWindowProcA
FindWindowExW
CheckMenuItem
EnableMenuItem
RegisterClipboardFormatW
SendDlgItemMessageW
IsClipboardFormatAvailable
LoadAcceleratorsW
RegisterClassExW
CharNextW
LoadCursorW
GetClassInfoExW
GetWindowDC
LoadMenuW
InflateRect
OffsetRect
DrawFrameControl
DrawStateW
DestroyMenu
GetSubMenu
EndPaint
GetClassNameW
CallNextHookEx
IsZoomed
GetKeyState
BeginPaint
RedrawWindow
GetCursorPos
TrackPopupMenuEx
SetMenuDefaultItem
GetMenuItemInfoW
SetMenuItemInfoW
PostMessageW
SetFocus
GetSysColor
DrawTextW
DrawFocusRect
GetSysColorBrush
FillRect
TrackMouseEvent
InvalidateRect
MoveWindow
LoadIconW
LoadBitmapW
CreateWindowExW
GetSystemMetrics
KillTimer
SetTimer
ScreenToClient
GetWindowTextLengthW
GetWindowTextW
CallWindowProcW
DestroyWindow
DefWindowProcW
InsertMenuW
GetSystemMenu
IsDlgButtonChecked
GetDlgItemTextW
CheckDlgButton
GetActiveWindow
EnableWindow
CreateDialogParamW
DialogBoxParamW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
IsWindow
ShowWindow
SetWindowTextW
LoadImageW
DestroyIcon
SetWindowLongW
GetDC
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
SetWindowPos
MessageBoxW
GetDlgItem
GetParent
SetDlgItemTextW
ReleaseDC
GetWindowLongW
SendMessageW
EndDialog
wsprintfW
GetMessagePos

gdi32

GetTextExtentPoint32W
ExcludeClipRect
CreateDIBSection
SetBrushOrgEx
CreateBitmap
CreatePatternBrush
PatBlt
CreateSolidBrush
ExtTextOutW
CreateCompatibleDC
CreateCompatibleBitmap
SetBkColor
SetTextColor
SelectObject
DeleteDC
GetTextMetricsW
DeleteObject
GetDeviceCaps
GetObjectW
CreateFontIndirectW
BitBlt
GetStockObject
SetBkMode

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegOpenKeyExA
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueExW
RegQueryValueExA
RegDeleteKeyW

shell32

SHGetSpecialFolderPathW
DragQueryPoint
DragFinish
ord18
ord17
ord16
ord155
SHGetSpecialFolderLocation
DragQueryFileW
SHGetDesktopFolder
SHGetMalloc
ord4
ord2
SHGetFolderPathW
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
ord25

ole32

RegisterDragDrop
RevokeDragDrop
OleUninitialize
OleInitialize
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemRealloc
ReleaseStgMedium
CoTaskMemAlloc
CoTaskMemFree
CoLockObjectExternal
DoDragDrop

oleaut32

SysFreeString
VarUI4FromStr
SysAllocString

comctl32

ImageList_Destroy
ImageList_ReplaceIcon
ImageList_Create
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW
ImageList_AddMasked
ImageList_Add
ImageList_Draw
InitCommonControlsEx
CreateStatusWindowW
ImageList_GetImageCount

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 700KB - Virtual size: 698KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 972KB - Virtual size: 971KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Languages/Arabic.irl
Languages/Basque.irl
Languages/Bosnian.irl
Languages/Bulgarian.irl
Languages/Catalan.irl
Languages/Chinese (Simplified).irl
Languages/Chinese (Traditional).irl
Languages/Croatian.irl
Languages/Czech.irl
Languages/Danish.irl
Languages/Dutch.irl
Languages/Finnish.irl
Languages/French.irl
Languages/Galician.irl
Languages/German.chm
.chm
Languages/German.irl
Languages/Greek.irl
Languages/Hebrew.irl
Languages/Hungarian.irl
Languages/Indonesian.irl
Languages/Italian.irl
Languages/Japanese.irl
Languages/Korean.irl
Languages/Lithuanian.irl
Languages/Norwegian.irl
Languages/Polish.irl
Languages/Portuguese (Brazilian).irl
Languages/Portuguese.irl
Languages/Romanian.irl
Languages/Russian.chm
.chm
Languages/Russian.irl
Languages/Serbian (Cyrillic).irl
Languages/Serbian (Latin).irl
Languages/Slovak.irl
Languages/Slovenian.irl
Languages/Spanish.irl
Languages/Swedish.irl
Languages/Thai.chm
.chm
Languages/Thai.irl
Languages/Turkish.chm
.chm
Languages/Turkish.irl
Languages/Ukrainian.chm
.chm
Languages/Ukrainian.irl
License.txt
Readme.txt
Uninstall.exe
.exe windows:4 windows x86 arch:x86

4a9446e5cc2412c6405cea69dddb93be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
lstrcmpiA
CopyFileA
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
MulDiv
ReadFile
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
ExitProcess

user32

ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
wsprintfA

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b3d296ff6f7abb1319ee006fcc6c4d98

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

GetDlgCtrlID
CloseClipboard
GetClipboardData
MapWindowPoints
GetClientRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
PtInRect
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
OpenClipboard

gdi32

SetTextColor
GetObjectA
SelectObject
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
CreateCompatibleDC

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 990B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
cdrtools/COPYING
cdrtools/cdda2wav.exe
.exe windows:4 windows x86 arch:x86

ef71edcce69fbcf202e40f08b0a994ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__assert
__errno
__getreent
__isinfd
__isnand
__main
_ctype_
_exit
_fcntl64
_fdopen64
_fopen64
_fseeko64
_fstat64
_getegid32
_geteuid32
_getgid32
_getpwuid32
_getuid32
_impure_ptr
_lseek64
_mmap64
_open64
_setegid32
_seteuid32
_setgid32
_setreuid32
_setuid32
_stat64
abort
alarm
atexit
atoi
calloc
close
connect
cygwin_internal
dlclose
dll_crt0__FP11per_process
dlopen
dlsym
dup
dup2
ecvt
execlp
exit
fclose
fcvt
fflush
fgets
fileno
fork
fputc
fputs
free
fwrite
gcvt
getc
getenv
gethostbyname
gethostname
getppid
getpwnam
getservbyname
gettimeofday
ioctl
kill
localtime
malloc
memchr
memcpy
memmove
memset
pipe
qsort
rcmd
read
realloc
rewind
scanf
setbuf
setmode
setsockopt
shmat
shmctl
shmget
signal
sleep
socket
socketpair
sscanf
strcasecmp
strcat
strchr
strcmp
strcpy
strerror
strftime
strncmp
strncpy
strrchr
strstr
strtod
strtol
strtoul
sysconf
time
usleep
valloc
wait
write

kernel32

CloseHandle
CreateEventA
CreateFileA
DeviceIoControl
GetCurrentProcess
GetCurrentThread
GetDriveTypeA
GetLastError
GetModuleHandleA
GetVersionExA
ResetEvent
SetPriorityClass
SetThreadPriority
WaitForSingleObject

winmm

waveOutClose
waveOutGetDevCapsA
waveOutGetErrorTextA
waveOutReset
waveOutWrite

Sections

.text
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 13KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
cdrtools/cdrecord.exe
.exe windows:4 windows x86 arch:x86

4c9cf243b831189de5ff43457e78f83d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__getreent
__isinfd
__isnand
__main
_ctype_
_exit
_fcntl64
_fdopen64
_fopen64
_fseeko64
_fstat64
_geteuid32
_getpwuid32
_getuid32
_impure_ptr
_lseek64
_mmap64
_open64
_setreuid32
_setuid32
_stat64
abort
atexit
atoi
calloc
close
cygwin_internal
dlclose
dll_crt0__FP11per_process
dlopen
dlsym
dup2
ecvt
execlp
exit
fclose
fcvt
fflush
fgets
fileno
fork
fread
free
fwrite
gcvt
getc
getenv
getpid
getpwnam
getrlimit
getservbyname
gettimeofday
isatty
kill
malloc
memcpy
memmove
memset
pause
rcmd
read
realloc
rewind
select
setbuf
setmode
setpriority
setrlimit
setsockopt
signal
sleep
socketpair
strchr
strcmp
strcpy
strdup
strerror
strncmp
strncpy
strrchr
strstr
sysconf
usleep
valloc
wait
write

kernel32

CloseHandle
CreateEventA
CreateFileA
DeviceIoControl
GetCurrentProcess
GetCurrentThread
GetDriveTypeA
GetLastError
GetModuleHandleA
GetVersionExA
ResetEvent
SetPriorityClass
SetThreadPriority
WaitForSingleObject

Sections

.text
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
cdrtools/cygwin1.dll
.dll windows:4 windows x86 arch:x86

400661656de0b22c9631b8a6779c390b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey

kernel32

AllocConsole
BackupWrite
ClearCommBreak
ClearCommError
CloseHandle
CompareFileTime
CopyFileA
CreateDirectoryA
CreateEventA
CreateFileA
CreateFileMappingA
CreateMailslotA
CreateMutexA
CreateNamedPipeA
CreatePipe
CreateProcessA
CreateSemaphoreA
CreateTapePartition
CreateThread
DebugBreak
DeleteCriticalSection
DeleteFileA
DeviceIoControl
DuplicateHandle
EnterCriticalSection
EraseTape
EscapeCommFunction
ExitProcess
ExitThread
ExpandEnvironmentStringsA
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FindClose
FindFirstChangeNotificationA
FindFirstFileA
FindNextChangeNotification
FindNextFileA
FlushConsoleInputBuffer
FlushFileBuffers
FlushViewOfFile
FreeConsole
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetBinaryTypeA
GetCommModemStatus
GetCommState
GetCommandLineA
GetComputerNameA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetConsoleTitleA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFileInformationByHandle
GetFileSize
GetFileType
GetFullPathNameA
GetLastError
GetLogicalDriveStringsA
GetLogicalDrives
GetMailslotInfo
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetOEMCP
GetOverlappedResult
GetPriorityClass
GetProcAddress
GetProcessTimes
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetTapeParameters
GetTapePosition
GetTapeStatus
GetThreadContext
GetThreadPriority
GetTickCount
GetTimeZoneInformation
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalUnlock
InitializeCriticalSection
IsBadStringPtrA
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LockFile
LockFileEx
MapViewOfFile
MapViewOfFileEx
MoveFileA
MoveFileExA
MultiByteToWideChar
OpenEventA
OpenFileMappingA
OpenMutexA
OpenProcess
OpenSemaphoreA
OutputDebugStringA
PeekConsoleInputA
PeekNamedPipe
PrepareTape
PurgeComm
QueryDosDeviceA
QueryPerformanceCounter
QueryPerformanceFrequency
ReadConsoleInputA
ReadConsoleOutputA
ReadFile
ReadProcessMemory
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryA
ResetEvent
ResumeThread
RtlUnwind
ScrollConsoleScreenBufferA
SetCommBreak
SetCommMask
SetCommState
SetCommTimeouts
SetConsoleCtrlHandler
SetConsoleCursorPosition
SetConsoleMode
SetConsoleTextAttribute
SetConsoleTitleA
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFileApisToANSI
SetFileApisToOEM
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleInformation
SetLastError
SetMailslotInfo
SetNamedPipeHandleState
SetPriorityClass
SetStdHandle
SetSystemTime
SetTapeParameters
SetTapePosition
SetThreadAffinityMask
SetThreadContext
SetThreadPriority
Sleep
SuspendThread
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransmitCommChar
UnlockFile
UnlockFileEx
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualProtectEx
VirtualQuery
VirtualQueryEx
WaitCommEvent
WaitForMultipleObjects
WaitForSingleObject
WaitNamedPipeA
WideCharToMultiByte
WriteConsoleOutputA
WriteFile
WriteProcessMemory
WriteTapemark

Exports

Exports

__argc
__argv
__argz_add
__argz_add_sep
__argz_append
__argz_count
__argz_create
__argz_create_sep
__argz_delete
__argz_extract
__argz_insert
__argz_next
__argz_replace
__argz_stringify
__assert
__assertfail
__check_rhosts_file
__cygwin_environ
__cygwin_user_data
__envz_add
__envz_entry
__envz_get
__envz_merge
__envz_remove
__envz_strip
__eprintf
__errno
__f_atan2
__f_atan2f
__f_exp
__f_expf
__f_frexp
__f_frexpf
__f_ldexp
__f_ldexpf
__f_log
__f_log10
__f_log10f
__f_logf
__f_pow
__f_powf
__f_tan
__f_tanf
__fpclassifyd
__fpclassifyf
__getdelim
__getline
__getreent
__infinity
__isinfd
__isinff
__isnand
__isnanf
__main
__mb_cur_max
__mempcpy
__opendir_with_d_ino
__progname
__rcmd_errstr
__signbitd
__signbitf
__signgam
__srget
__srget_r
__swbuf
__swbuf_r
_abort
_abs
_access
_acl
_acl32
_aclcheck
_aclcheck32
_aclfrommode
_aclfrommode32
_aclfrompbits
_aclfrompbits32
_aclfromtext
_aclfromtext32
_aclsort
_aclsort32
_acltomode
_acltomode32
_acltopbits
_acltopbits32
_acltotext
_acltotext32
_acos
_acosf
_acosh
_acoshf
_alarm
_alloca
_alphasort
_asctime
_asctime_r
_asin
_asinf
_asinh
_asinhf
_asprintf
_asprintf_r
_atan
_atan2
_atan2f
_atanf
_atanh
_atanhf
_atexit
_atof
_atoff
_atoi
_atol
_bcmp
_bcopy
_bsearch
_bzero
_cabs
_cabsf
_calloc
_cbrt
_cbrtf
_ceil
_ceilf
_chdir
_check_for_executable
_chmod
_chown
_chown32
_chroot
_clearerr
_clock
_close
_closedir
_copysign
_copysignf
_cos
_cosf
_cosh
_coshf
_creat
_ctime
_ctime_r
_ctype_
_cuserid
_cwait
_daylight
_difftime
_dirfd
_div
_dll_crt0@0
_drand48
_drem
_dremf
_dup
_dup2
_ecvt
_ecvtbuf
_ecvtf
_endgrent
_endmntent
_endpwent
_endutent
_erand48
_erf
_erfc
_erfcf
_erff
_execl
_execle
_execlp
_execv
_execve
_execvp
_exit
_exp
_expf
_expm1
_expm1f
_f_atan2
_f_atan2f
_f_exp
_f_expf
_f_frexp
_f_frexpf
_f_ldexp
_f_ldexpf
_f_log
_f_log10
_f_log10f
_f_logf
_f_pow
_f_powf
_f_tan
_f_tanf
_fabs
_fabsf
_facl
_facl32
_fchdir
_fchmod
_fchown
_fchown32
_fclose
_fcloseall
_fcloseall_r
_fcntl
_fcntl64
_fcvt
_fcvtbuf
_fcvtf
_fdopen
_fdopen64
_feof
_ferror
_fflush
_ffs
_fgetc
_fgetpos
_fgetpos64
_fgets
_fileno
_finite
_finitef
_fiprintf
_floor
_floorf
_fmod
_fmodf
_fnmatch
_fopen
_fopen64
_fork
_fprintf
_fputc
_fputs
_fread
_free
_freopen
_freopen64
_frexp
_frexpf
_fscanf
_fscanf_r
_fseek
_fseeko
_fseeko64
_fsetpos
_fsetpos64
_fstat
_fstat64
_fstatfs
_fsync
_ftell
_ftello
_ftello64
_ftime
_ftok
_ftruncate
_ftruncate64
_fwrite
_gamma
_gamma_r
_gammaf
_gammaf_r
_gcvt
_gcvtf
_get_osfhandle
_getc
_getc_unlocked
_getchar
_getchar_unlocked
_getcwd
_getdomainname
_getdtablesize
_getegid
_getegid32
_getenv
_geteuid
_geteuid32
_getgid
_getgid32
_getgrent
_getgrent32
_getgrgid
_getgrgid32
_getgrnam
_getgrnam32
_getgroups
_getgroups32
_gethostname
_getlogin
_getmntent
_getmode
_getpagesize
_getpass
_getpgrp
_getpid
_getppid
_getpwduid
_getpwent
_getpwnam
_getpwuid
_getpwuid32
_getpwuid_r32
_getrlimit
_getrusage
_gets
_gettimeofday
_getuid
_getuid32
_getutent
_getutid
_getutline
_getw
_getwd
_glob
_globfree
_gmtime
_gmtime_r
_htonl
_htons
_hypot
_hypotf
_ilogb
_ilogbf
_impure_ptr
_index
_infinity
_infinityf
_initgroups32
_ioctl
_iprintf
_isalnum
_isalpha
_isascii
_isatty
_iscntrl
_isdigit
_isgraph
_isinf
_isinff
_islower
_isnan
_isnanf
_isprint
_ispunct
_isspace
_isupper
_isxdigit
_j0
_j0f
_j1
_j1f
_jn
_jnf
_jrand48
_kill
_labs
_lacl
_lchown
_lchown32
_lcong48
_ldexp
_ldexpf
_ldiv
_lgamma
_lgamma_r
_lgammaf
_lgammaf_r
_link
_localeconv
_localtime
_localtime_r
_log
_log10
_log10f
_log1p
_log1pf
_logb
_logbf
_logf
_longjmp
_lrand48
_lseek
_lseek64
_lstat
_lstat64
_malloc
_matherr
_mblen
_mbstowcs
_mbtowc
_memccpy
_memchr
_memcmp
_memcpy
_memmove
_memset
_mkdir
_mknod
_mknod32
_mkstemp
_mktemp
_mktime
_mmap64
_modf
_modff
_mount
_nan
_nanf
_nanosleep
_nextafter
_nextafterf
_nice
_nl_langinfo
_nrand48
_ntohl
_ntohs
_open
_open64
_openlog
_pathconf
_pclose
_perror
_pipe
_poll
_popen
_pow
_powf
_printf
_pthread_cleanup_pop
_pthread_cleanup_push
_putc
_putc_unlocked
_putchar
_putchar_unlocked
_putenv
_puts
_pututline
_putw
_qsort
_raise
_rand
_read
_readdir
_readlink
_readv
_realloc
_remainder
_remainderf
_remove
_rename
_rewind
_rewinddir
_rindex
_rint
_rintf
_rmdir
_sbrk
_scalb
_scalbf
_scalbn
_scalbnf
_scandir
_scanf
_scanf_r
_seed48
_seekdir
_seekdir64
_select
_setbuf
_setdtablesize
_setegid
_setegid32
_setenv
_seteuid
_seteuid32
_setgid
_setgid32
_setgrent
_setgroups
_setgroups32
_setjmp
_setlocale
_setmntent
_setmode
_setpassent
_setpgid
_setpgrp
_setpwent
_setregid
_setregid32
_setreuid
_setreuid32
_setrlimit
_setsid
_settimeofday
_setuid
_setuid32

Sections

.text
Size: 1014KB - Virtual size: 1013KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

/4
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/38
Size: 512B - Virtual size: 16B

IMAGE_SCN_MEM_DISCARDABLE

.idata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cygheap
Size: - Virtual size: 576KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
cdrtools/readcd.exe
.exe windows:4 windows x86 arch:x86

b67708b5c926f99c64399761351ab604

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__assert
__errno
__getreent
__isinfd
__isnand
__main
_ctype_
_exit
_fdopen64
_fopen64
_fseeko64
_geteuid32
_getpwuid32
_getuid32
_impure_ptr
_open64
_setreuid32
_setuid32
abort
atexit
atoi
calloc
close
cygwin_internal
dlclose
dll_crt0__FP11per_process
dlopen
dlsym
drand48
dup2
ecvt
execlp
exit
fclose
fcvt
fflush
fgets
fileno
fork
fread
free
fwrite
gcvt
getc
getenv
getpwnam
getservbyname
gettimeofday
malloc
memcpy
memmove
memset
rcmd
read
realloc
rewind
setbuf
setmode
setsockopt
signal
sleep
socketpair
strchr
strcpy
strerror
strncmp
strncpy
strrchr
strstr
usleep
valloc
wait
write

kernel32

CloseHandle
CreateEventA
CreateFileA
DeviceIoControl
GetDriveTypeA
GetLastError
GetModuleHandleA
GetVersionExA
ResetEvent
WaitForSingleObject

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ckEffects.exe
.exe windows:4 windows x86 arch:x86

b0002825a13d5dc4f5bf0edc215ec2df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Christian Kindahl\Desktop\Active Projects\ckEffectsApp\Release\ckEffects.pdb

Imports

kernel32

CloseHandle
lstrcmpW
OpenProcess
QueryPerformanceFrequency
QueryPerformanceCounter
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
SetFilePointer
ReadFile
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
InitializeCriticalSection
LoadLibraryA
HeapReAlloc
VirtualAlloc
EnterCriticalSection
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
RaiseException
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
Sleep
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
LeaveCriticalSection
CreateFileA

user32

LoadCursorW
PeekMessageW
DispatchMessageW
MessageBoxW
GetWindowThreadProcessId
PostMessageW
CreateWindowExW
LoadIconW
PostQuitMessage
DefWindowProcW
RegisterClassExW
IsWindow
TranslateMessage
UpdateWindow
SendMessageW
SetWindowPos
ShowWindow

d3d9

Direct3DCreate9Ex

d3dx9_32

D3DXMatrixPerspectiveFovLH
D3DXMatrixTranslation
D3DXMatrixScaling
D3DXMatrixMultiply
D3DXVec3Normalize
D3DXMatrixLookAtLH
D3DXCreateTextureFromResourceW

dwmapi

DwmExtendFrameIntoClientArea
DwmIsCompositionEnabled

psapi

EnumProcessModulesEx
GetModuleBaseNameW

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
irShell.dll
.dll regsvr32 windows:4 windows x86 arch:x86

c4636b0083dd50d78758ae059a7792a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\Christian Kindahl\Desktop\Active Projects\InfraRecorder\trunk\Binary32\irShell.pdb

Imports

kernel32

FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
SetThreadLocale
GetThreadLocale
WideCharToMultiByte
lstrcmpW
GlobalUnlock
GlobalLock
lstrcpynA
lstrcpynW
lstrcpyW
lstrcatW
CreateFileW
CloseHandle
SetFilePointer
GetFileSize
GetFileAttributesW
InterlockedDecrement
WriteFile
CreateDirectoryW
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetModuleFileNameW
InterlockedIncrement
lstrcmpiW
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
ReadFile
lstrlenW
GetStringTypeW
GetStringTypeA
LCMapStringW
FlushFileBuffers
CreateFileA
WriteConsoleW
LCMapStringA
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
InterlockedExchange
GetACP
GetLocaleInfoA
GetVersionExA
HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
GetProcessHeap
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
GetProcAddress
GetModuleHandleA
ExitProcess
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
Sleep
GetCPInfo
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetConsoleOutputCP

user32

LoadBitmapW
UnregisterClassA
GetMenuItemCount
InsertMenuW
SetMenuItemBitmaps
GetMenuItemInfoW
CharNextW
CreatePopupMenu

gdi32

DeleteObject

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW

shell32

SHGetFolderPathW
ShellExecuteW
DragQueryFileW

ole32

CoCreateInstance
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
ReleaseStgMedium

oleaut32

VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

4a9446e5cc2412c6405cea69dddb93be

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 110KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 32KB - Virtual size: 31KB

b3d296ff6f7abb1319ee006fcc6c4d98

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 990B

2db813254ea8b4d2a92d703ecb659f39

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 681B

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 352B

.reloc Size: 512B - Virtual size: 254B

48cfa0ea7e353e4a7dd23572da8374ef

Headers

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 573B

.rdata Size: 1024B - Virtual size: 576B

.data Size: 512B - Virtual size: 45B

.reloc Size: 512B - Virtual size: 132B

e0b94dc4e7e0b284ec2baa8cce7d0210

Headers

File Characteristics

PDB Paths

Imports

kernel32

shell32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 16KB - Virtual size: 12KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 110KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 32KB - Virtual size: 31KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 990B

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 681B

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 254B

.text
Size: 1024B - Virtual size: 573B

.rdata
Size: 1024B - Virtual size: 576B

.data
Size: 512B - Virtual size: 45B

.reloc
Size: 512B - Virtual size: 132B

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 8KB - Virtual size: 6KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 188KB - Virtual size: 186KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 988KB - Virtual size: 1003KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 20KB - Virtual size: 19KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 408B

.reloc
Size: 8KB - Virtual size: 6KB

.text
Size: 257KB - Virtual size: 256KB

.data
Size: 15KB - Virtual size: 15KB

.rdata
Size: 33KB - Virtual size: 32KB

.bss
Size: - Virtual size: 17KB

.edata
Size: 1KB - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB