7045afcf3beb9f232fc1a7c8d36f8ede_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7045afcf3beb9f232fc1a7c8d36f8ede_JaffaCakes118
Size

4.2MB
MD5

7045afcf3beb9f232fc1a7c8d36f8ede
SHA1

ecfd5bef8567c2cac51847afa54d59953430018d
SHA256

31a622a51d198a39c58f1c275be4316c6728d5b620b0f4e731a73fb9a4e0cb40
SHA512

0dd101e1af3e53a4123b3a0d3a815e09aaffc75eeb4c65d6e2d9095d6e3387a64e46ca62545cae539ed09a7846aa4c500a8cda9e052017bd5b545fcd5ec32edb
SSDEEP

98304:ZDCghO5kH51Bjb9bweqei1fI66l02CVy8dlV4dt6:nhnBjZkeqzfI66/Cc8D4r6

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/Device Doctor Portable/htmlayout.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/Device Doctor Portable/htmlayout.dll	upx

Unsigned PE 13 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Device Doctor Portable/_ctypes.pyd
unpack001/Device Doctor Portable/_hashlib.pyd
unpack001/Device Doctor Portable/_imaging.pyd
unpack001/Device Doctor Portable/_multiprocessing.pyd
unpack001/Device Doctor Portable/_socket.pyd
unpack001/Device Doctor Portable/htmlayout.dll
unpack002/out.upx
unpack001/Device Doctor Portable/ownership.dll
unpack001/Device Doctor Portable/pyexpat.pyd
unpack001/Device Doctor Portable/python26.dll
unpack001/Device Doctor Portable/scheduler.dll
unpack001/Device Doctor Portable/select.pyd
unpack001/Device Doctor Portable/unicodedata.pyd

Files

7045afcf3beb9f232fc1a7c8d36f8ede_JaffaCakes118
.rar
Device Doctor Portable/DeviceDoctor.exe
.exe windows:5 windows x86 arch:x86

b966e1ce54d7809277e25c05d0da8d08

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17/05/2005, 00:00

Not After

16/05/2010, 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

03:01
Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

16/11/2006, 01:54

Not After

16/11/2026, 01:54

Subject

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:6b:a2:8c:9b:81:53
Certificate

Issuer

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

18/09/2009, 16:15

Not After

15/09/2012, 21:33

Subject

CN=Device Doctor Software Inc.,O=Device Doctor Software Inc.,L=Victoria,ST=BC,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:2c:df:a6:ce:fe:1c:53:96:af:58:3d:b3:2d:b4:93:aa:9a:82:2b
Signer

Actual PE Digest

61:2c:df:a6:ce:fe:1c:53:96:af:58:3d:b3:2d:b4:93:aa:9a:82:2b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

ReadFile
GetFileSizeEx
GetSystemTimeAsFileTime
GetCurrentThreadId
WriteFile
WideCharToMultiByte
CreateFileW
FlushFileBuffers
GetLastError
CloseHandle
GetSystemTime
GetCommandLineW
GetVersionExW
SetCurrentDirectoryW
PeekNamedPipe
FindResourceW
LoadResource
CreateDirectoryW
ConnectNamedPipe
GetModuleHandleW
CreateNamedPipeW
SizeofResource
FindFirstFileW
GetModuleFileNameW
GetProcAddress
LockResource
GetSystemInfo
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
DeleteFileW
FindNextFileW
FindClose

user32

wsprintfW
MessageBoxW

shell32

CommandLineToArgvW
SHGetFolderPathW

python26

Py_IsInitialized
Py_InspectFlag
Py_NoSiteFlag
PyModule_GetDict
PyMarshal_ReadObjectFromString
PyImport_AddModule
PySys_SetObject
Py_Initialize
PyEval_EvalCode
Py_InitModule4
PyList_New
PyArg_ParseTuple
_Py_NoneStruct
Py_BuildValue
PyUnicodeUCS2_FromWideChar
PyErr_Occurred
PyBool_FromLong
Py_SetPythonHome
PyErr_Print
Py_Finalize
Py_IgnoreEnvironmentFlag
Py_VerboseFlag
PySys_GetObject
PyList_Append

msvcr90

__iob_func
memset
_controlfp_s
_invoke_watson
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
??3@YAXPAX@Z
wcscat_s
wcscpy_s
??2@YAPAXI@Z
_snprintf_s
exit
_snwprintf_s
memcpy
fflush
wcsncpy_s
wprintf
wcsrchr
_wfreopen
wcsncmp
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
_acmdln
_initterm

shlwapi

PathAppendW

wininet

HttpSendRequestW
InternetCloseHandle
HttpOpenRequestW
InternetOpenW
InternetConnectW

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Device Doctor Portable/DeviceDoctorHelp.chm
.chm
Device Doctor Portable/Microsoft.VC90.CRT/Microsoft.VC90.CRT.manifest
Device Doctor Portable/Microsoft.VC90.CRT/msvcr90.dll
.dll windows:5 windows x86 arch:x86

0fda4497453286b1daa098623dfc53ce

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0f:78:4d:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2007, 00:23

Not After

23/02/2009, 00:33

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:14:2c:a7:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/06/2007, 23:54

Not After

13/06/2012, 00:04

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:27F4-D440-54F3,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:14:2c:a7:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/06/2007, 23:54

Not After

13/06/2012, 00:04

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:27F4-D440-54F3,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4e:a2:0c:d7:08:3c:6d:9c:9c:e7:11:07:12:85:b9:f7:4e:10:16:d8
Signer

Actual PE Digest

4e:a2:0c:d7:08:3c:6d:9c:9c:e7:11:07:12:85:b9:f7:4e:10:16:d8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr90.i386.pdb

Imports

kernel32

GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetSystemWindowsDirectoryW
GetSystemDirectoryW
GetLongPathNameW
GetCurrentThreadId
TlsGetValue
DebugBreak
OutputDebugStringA
GetCommandLineA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
GetLogicalDrives
GetDiskFreeSpaceA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
Beep
GetFileAttributesA
SetFileAttributesA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
MoveFileA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
SetEnvironmentVariableW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
FreeLibrary
CreateProcessW
ReadFile
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
WideCharToMultiByte
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetProcessHeap
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapSize
HeapReAlloc
VirtualAlloc
HeapValidate
HeapCompact
HeapWalk
VirtualProtect
GetSystemInfo
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
CreateFileA
FlushFileBuffers
CreatePipe
CreateFileW
SetStdHandle
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
IsDBCSLeadByteEx
ReadConsoleA
ReadConsoleW
SetEndOfFile
GetFileInformationByHandle
PeekNamedPipe
InterlockedExchange
LockFile
UnlockFile
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
QueryPerformanceCounter
GetTickCount
GetStringTypeW
GetStringTypeA
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
GetLocaleInfoW
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LoadLibraryW
GetModuleHandleA

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1exception@std@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?unexpected@@YAXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_app_type
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lc_clike
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p
_cprintf_p_l
_cprintf_s
_cprintf_s_l
_cputs
_cputws
_creat
_create_locale
_crt_debugger_hook
_cscanf
_cscanf_l
_cscanf_s
_cscanf_s_l
_ctime32
_ctime32_s
_ctime64
_ctime64_s
_cwait
_cwprintf
_cwprintf_l
_cwprintf_p
_cwprintf_p_l
_cwprintf_s
_cwprintf_s_l
_cwscanf
_cwscanf_l
_cwscanf_s
_cwscanf_s_l
_daylight
_decode_pointer
_difftime32
_difftime64
_dosmaperr
_dstbias
_dup
_dup2
_dupenv_s
_ecvt
_ecvt_s
_encode_pointer
_encoded_null
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_except_handler4_common
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fclose_nolock
_fcloseall
_fcvt
_fcvt_s
_fdopen
_fflush_nolock
_fgetchar
_fgetwc_nolock
_fgetwchar
_filbuf
_filelength
_filelengthi64
_fileno
_findclose
_findfirst32
_findfirst32i64
_findfirst64
_findfirst64i32
_findnext32
_findnext32i64
_findnext64
_findnext64i32
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fprintf_l
_fprintf_p
_fprintf_p_l
_fprintf_s_l
_fputchar
_fputwc_nolock
_fputwchar
_fread_nolock
_fread_nolock_s
_free_locale
_freea
_freea_s
_freefls
_fscanf_l
_fscanf_s_l
_fseek_nolock
_fseeki64
_fseeki64_nolock
_fsopen
_fstat32
_fstat32i64
_fstat64
_fstat64i32
_ftell_nolock
_ftelli64
_ftelli64_nolock
_ftime32
_ftime32_s
_ftime64
_ftime64_s
_ftol
_fullpath
_futime32
_futime64
_fwprintf_l
_fwprintf_p
_fwprintf_p_l
_fwprintf_s_l
_fwrite_nolock
_fwscanf_l
_fwscanf_s_l
_gcvt
_gcvt_s
_get_amblksiz
_get_current_locale
_get_daylight
_get_doserrno
_get_dstbias
_get_errno
_get_fmode
_get_heap_handle
_get_invalid_parameter_handler
_get_osfhandle
_get_output_format
_get_pgmptr
_get_printf_count_output
_get_purecall_handler
_get_sbh_threshold
_get_terminate
_get_timezone
_get_tzname
_get_unexpected
_get_wpgmptr
_getc_nolock
_getch
_getch_nolock
_getche
_getche_nolock
_getcwd
_getdcwd
_getdcwd_nolock
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getptd
_getsystime
_getw
_getwch
_getwch_nolock
_getwche
_getwche_nolock
_getws
_getws_s
_global_unwind2
_gmtime32

Sections

.text
Size: 598KB - Virtual size: 598KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Device Doctor Portable/_ctypes.pyd
.dll windows:5 windows x86 arch:x86

24ee6f0d6ce1ba66de0d74aad68c2d81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\loewis\26\python\PCbuild\Win32-pgo\_ctypes.pdb

Imports

kernel32

GetProcAddress
GetLastError
SetLastError
DisableThreadLibraryCalls
FreeLibrary
FormatMessageA
LoadLibraryA
LocalFree
IsBadStringPtrW
IsBadStringPtrA
VirtualAlloc
GetSystemInfo
InterlockedExchange
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep

ole32

ProgIDFromCLSID

oleaut32

GetErrorInfo
SysFreeString
SysStringLen
SysAllocStringLen

python26

PyMem_Free
PyErr_WriteUnraisable
PyNumber_AsSsize_t
PyString_AsStringAndSize
PyString_Format
PyTuple_GetItem
PySlice_GetIndicesEx
PyExc_ValueError
PyErr_Occurred
PyDict_GetItemString
PyObject_SetAttr
PyObject_IsSubclass
PyErr_SetString
PyDescr_NewClassMethod
PySequence_GetItem
PyType_IsSubtype
_PyErr_BadInternalCall
_Py_BuildValue_SizeT
PyErr_NewException
PyCFunction_NewEx
PyTuple_Pack
_PyObject_CallMethod_SizeT
PyWeakref_NewProxy
_PyWeakref_CallableProxyType
PyType_Type
PyModule_AddStringConstant
PyErr_Clear
PyObject_IsInstance
PyEval_InitThreads
PyMethod_New
PyList_New
PyType_GenericNew
PySequence_GetSlice
PyExc_RuntimeError
PyMem_Malloc
PyErr_Format
PyModule_AddObject
PyExc_TypeError
PyLong_FromVoidPtr
PyDict_SetItemString
PyExc_IndexError
PyObject_GetAttrString
PyDescr_NewGetSet
PyDict_Size
_PyWeakref_ProxyType
PyArg_UnpackTuple
PyDict_Type
PySys_GetObject
PyFile_WriteString
PyCode_New
PyGILState_Release
PyInt_AsLong
Py_Initialize
PyFrame_New
PyObject_CallFunction
Py_IsInitialized
PyThreadState_Get
PyObject_Free
PyExc_RuntimeWarning
PyTraceBack_Here
_PyObject_NewVar
PyErr_Print
PyImport_ImportModuleNoBlock
PyGILState_Ensure
PyErr_WarnEx
_PyObject_New
PyObject_Str
PyErr_SetFromWindowsErr
PyCObject_AsVoidPtr
Py_BuildValue
_Py_NoneStruct
PyTuple_Type
PyErr_SetObject
PyEval_RestoreThread
PyEval_SaveThread
PyArg_ParseTuple
PyObject_CallMethod
PyCObject_FromVoidPtr
PyLong_AsUnsignedLong
PyLong_AsLong
PyMem_Realloc
PyThreadState_GetDict
PyErr_NormalizeException
PyString_ConcatAndDel
PyString_FromFormatV
PyString_Type
PyExc_WindowsError
PyErr_Fetch
PyFloat_FromDouble
_PyFloat_Pack8
PyInt_AsUnsignedLongLongMask
PyLong_FromUnsignedLong
_PyFloat_Unpack4
PyFloat_Type
PyLong_FromLongLong
_PyFloat_Unpack8
PyBool_FromLong
_PyFloat_Pack4
_PyString_Resize
PyString_Size
PyFloat_AsDouble
PyObject_IsTrue
PyLong_FromUnsignedLongLong
Py_FatalError
PySequence_Fast
PyTuple_Size
PyObject_HasAttrString
PyObject_GetAttr
PyDict_SetItem
PySequence_SetItem
PyExc_AttributeError
PySlice_Type
PyType_Ready
PyString_InternFromString
PyErr_NoMemory
PyUnicodeUCS2_AsEncodedString
PyObject_AsReadBuffer
PyObject_GenericSetAttr
PyString_AsString
PyBuffer_Type
PyDict_DelItem
PyDict_GetItem
PyTuple_GetSlice
PyString_FromStringAndSize
PyDict_Update
PyInt_FromLong
PyObject_CallObject
PyString_FromFormat
PyString_Concat
PyUnicodeUCS2_FromEncodedObject
PyDict_New
PyLong_AsVoidPtr
PyTuple_New
PyDict_Next
PyCallable_Check
PySequence_Size
PyUnicodeUCS2_FromUnicode
PySequence_Tuple
PyInt_AsUnsignedLongMask
PyInt_FromSsize_t
PyString_FromString
_PyArg_ParseTuple_SizeT
PyObject_CallFunctionObjArgs
PyObject_AsWriteBuffer
_PyObject_CallFunction_SizeT
PyExc_OverflowError
PyLong_FromSsize_t
PyObject_SetAttrString
Py_InitModule4

msvcr90

memcpy
_crt_debugger_hook
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
printf
isspace
_vsnprintf
_errno
memset
strchr
memmove
sprintf
_except_handler3

Exports

Exports

DllCanUnloadNow
DllGetClassObject
init_ctypes

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Device Doctor Portable/_hashlib.pyd
.dll windows:5 windows x86 arch:x86

d1885fe920d89135a5a260439f3a8b09

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\loewis\26\python\PCbuild\Win32-pgo\_hashlib.pdb

Imports

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
CloseHandle
GlobalMemoryStatus
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
GetStdHandle
GetFileType
GetVersion
GetLastError
UnhandledExceptionFilter
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange

user32

GetProcessWindowStation
GetDesktopWindow
MessageBoxA
GetUserObjectInformationW

advapi32

RegisterEventSourceA
ReportEventA
DeregisterEventSource

python26

PyObject_Free
PyExc_ValueError
PyOS_snprintf
_Py_NoneStruct
_PyArg_ParseTuple_SizeT
_PyArg_ParseTupleAndKeywords_SizeT
PyString_AsString
PyString_FromStringAndSize
_PyArg_Parse_SizeT
PyInt_FromLong
_PyObject_New
PyString_FromString
PyErr_SetString
PyType_Type
PyExc_TypeError
Py_InitModule4
PyType_Ready

msvcr90

_crt_debugger_hook
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
memset
memcpy
free
realloc
malloc
strtoul
getenv
wcsstr
_vsnprintf
vfprintf
__iob_func
abort
memchr
strcmp
qsort
_time64
fprintf
fclose
ferror
fread
fwrite
fflush
fopen
_setmode
ftell
feof
fseek
fgets
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_fileno

Exports

Exports

init_hashlib

Sections

.text
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Device Doctor Portable/_imaging.pyd
.dll windows:5 windows x86 arch:x86

f0afcb5b9abffe422c558a7627e6a6ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetCurrentProcessId
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
GetFileSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
GlobalSize
GlobalLock
GlobalUnlock
UnmapViewOfFile
CreateFileA
CreateFileMappingA
CloseHandle
MapViewOfFile
DisableThreadLibraryCalls

user32

GetDC
GetWindowRect
GetClientRect
GetWindowTextA
GetWindowTextLengthA
EnumWindows
CloseClipboard
GetClipboardData
GetClipboardFormatNameA
EnumClipboardFormats
OpenClipboard
InvalidateRect
EndPaint
BeginPaint
GetWindowLongA
DefWindowProcA
SetForegroundWindow
ShowWindow
SetWindowLongA
CreateWindowExA
RegisterClassA
LoadCursorA
LoadIconA
DispatchMessageA
TranslateMessage
GetMessageA
ReleaseDC

gdi32

GetDIBits
DeleteDC
DeleteObject
SelectObject
CreateCompatibleBitmap
GetDeviceCaps
CreateCompatibleDC
CreateDCA
CreatePalette
GetSystemPaletteEntries
SetDIBColorTable
CreateDIBSection
SelectPalette
StretchBlt
StretchDIBits
RealizePalette
BitBlt

python26

PyInt_FromLong
PyFloat_FromDouble
Py_BuildValue
_Py_NoneStruct
PyExc_IndexError
PySequence_Check
PyExc_TypeError
PyObject_Size
PyInt_AsLong
PySequence_GetItem
PyArg_ParseTuple
PyErr_Clear
PyExc_ValueError
PyErr_NoMemory
PyExc_IOError
PyErr_SetString
PyEval_RestoreThread
PyEval_SaveThread
_PyErr_BadInternalCall
PyObject_Free
_PyObject_New
PyErr_Occurred
PyObject_Print
PyString_AsString
PyString_FromStringAndSize
PyFloat_Type
PyType_IsSubtype
PyList_SetItem
Py_FindMethod
PyString_FromString
PyExc_AttributeError
PyCObject_FromVoidPtrAndDesc
Py_InitModule4
PyType_Type
_PyString_Resize
PyErr_SetFromErrno
PyExc_RuntimeError
PyNumber_Check
PyErr_ExceptionMatches
PyThreadState_Get
PyThreadState_Swap
PyObject_CallFunction
PySys_GetObject
PyFile_WriteString
PyErr_Print
PyList_Append
PyFloat_AsDouble
PyExc_SystemError
PyList_New

msvcr90

_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_onexit
_except_handler4_common
_crt_debugger_hook
_lock
_encoded_null
_malloc_crt
_encode_pointer
getenv
sscanf
exit
clock
_setjmp3
longjmp
fprintf
fwrite
fopen
fgetc
isspace
isdigit
fclose
fread
_CIlog
rand
_CIcos
_CIsqrt
qsort
strncmp
floor
ceil
_CIsin
realloc
printf
sprintf
_write
strncpy
memset
calloc
_CIfmod
memcpy
free
__iob_func
malloc

Exports

Exports

init_imaging

Sections

.text
Size: 242KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Device Doctor Portable/_multiprocessing.pyd
.dll windows:5 windows x86 arch:x86

0b746003dff2133a7c33fe1af722fe84

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\loewis\26\python\PCbuild\Win32-pgo\_multiprocessing.pdb

Imports

ws2_32

ntohl
htonl
select
WSAGetLastError
recv
__WSAFDIsSet
closesocket
send

kernel32

SetNamedPipeHandleState
InterlockedCompareExchange
DisableThreadLibraryCalls
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetEvent
CreateEventA
SetConsoleCtrlHandler
PeekNamedPipe
GetTickCount
WriteFile
Sleep
ReadFile
GetLastError
CloseHandle
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
SetLastError
ResetEvent
WaitForMultipleObjects
GetCurrentThreadId
ExitProcess
CreateFileA
WaitNamedPipeA
ConnectNamedPipe
OpenProcess
CreateNamedPipeA
SetUnhandledExceptionFilter
IsDebuggerPresent
InterlockedExchange

python26

_PyObject_CallFunction_SizeT
PyObject_CallFunctionObjArgs
_PyArg_ParseTuple_SizeT
_Py_NoneStruct
PyMem_Free
PyEval_SaveThread
PyString_AsStringAndSize
PyExc_ValueError
PyErr_Occurred
PyObject_Free
PyBool_FromLong
_PyArg_ParseTupleAndKeywords_SizeT
_Py_TrueStruct
PyFloat_AsDouble
PyMem_Malloc
PyExc_AssertionError
PyExc_OverflowError
PyOS_snprintf
PyThread_get_thread_ident
PyInt_AsUnsignedLongMask
PyErr_Clear
PyEval_RestoreThread
_Py_ZeroStruct
PyErr_SetObject
PyObject_ClearWeakRefs
PyString_FromStringAndSize
PyInt_FromLong
PyString_FromFormat
_PyObject_New
PyInt_FromSsize_t
PyErr_CheckSignals
Py_InitModule4
PyObject_GetAttrString
PyDict_SetItemString
PyLong_FromVoidPtr
PyModule_AddObject
PyExc_WindowsError
PyErr_Format
PyErr_SetExcFromWindowsErr
PyExc_RuntimeError
_Py_BuildValue_SizeT
PyErr_SetString
PyImport_ImportModule
PyExc_EOFError
PyObject_AsWriteBuffer
PyErr_SetNone
PyType_Ready
PyErr_NoMemory
PyErr_SetFromWindowsErr
PyDict_New
PyExc_IOError
PyBuffer_Release

msvcr90

memcpy
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_getpid
_crt_debugger_hook
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__CppXcptFilter
_encode_pointer

Exports

Exports

init_multiprocessing

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Device Doctor Portable/_socket.pyd
.dll .js windows:5 windows x86 arch:x86 polyglot

0bd4d4e34e87f8e6770b511611ac7c10

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\loewis\26\python\PCbuild\Win32-pgo\_socket.pdb

Imports

ws2_32

getpeername
ioctlsocket
WSAIoctl
gethostname
connect
inet_ntoa
WSAStartup
recvfrom
ntohl
inet_addr
htonl
select
WSAGetLastError
htons
ntohs
getsockname
shutdown
getprotobyname
setsockopt
getservbyport
accept
sendto
WSACleanup
recv
bind
socket
getservbyname
__WSAFDIsSet
WSASetLastError
closesocket
gethostbyaddr
gethostbyname
send
getsockopt
listen

kernel32

IsDebuggerPresent
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LoadLibraryA
GetProcAddress
GetSystemDirectoryA
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

python26

PyErr_SetExcFromWindowsErr
PyErr_Format
PyModule_AddObject
PyExc_TypeError
Py_InitModule4
PyExc_ImportError
PyThread_release_lock
PyList_Append
Py_AtExit
PyType_GenericNew
PyList_New
PyFloat_AsDouble
PyErr_Clear
PyType_Type
_PyString_Resize
PyTuple_Pack
PyArg_ParseTupleAndKeywords
PyLong_AsUnsignedLong
PyErr_NewException
PyCObject_FromVoidPtr
_Py_TrueStruct
PyType_GenericAlloc
PyObject_CallMethod
PyModule_AddIntConstant
PyObject_Free
PyErr_Occurred
PyExc_ValueError
PyOS_snprintf
PyArg_ParseTuple
PyEval_SaveThread
PyMem_Free
_Py_NoneStruct
PyExc_OverflowError
PyEval_RestoreThread
PyErr_SetObject
PyThread_allocate_lock
PyLong_FromUnsignedLong
PyThread_acquire_lock
PyErr_SetFromErrno
PyString_AsString
PyObject_GenericGetAttr
PyInt_AsLong
PyString_FromStringAndSize
Py_BuildValue
PyBuffer_Release
PyInt_FromLong
PyExc_IOError
PyFloat_FromDouble
PyInt_FromSsize_t
PyErr_CheckSignals
PyString_FromString
PyErr_SetString

msvcr90

__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_adjust_fdiv
_onexit
_except_handler4_common
_crt_debugger_hook
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
strncpy_s
strcat_s
strtoul
strcpy_s
strchr
memset
memcpy
strerror
calloc
free
sscanf
_lock
sprintf_s

Exports

Exports

init_socket
init_sockobject

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Device Doctor Portable/config.xml
Device Doctor Portable/htmlayout.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

?HTMLayoutEnumResourcesEx@@YGIPAUHWND__@@P6GHPBGPBDPBEKPAX@ZPAPAX@Z
HTMLayoutAnimateElement
HTMLayoutAppendMasterCSS
HTMLayoutAttachEventHandler
HTMLayoutAttachEventHandlerEx
HTMLayoutCallBehaviorMethod
HTMLayoutClassNameA
HTMLayoutClassNameW
HTMLayoutClearAttributes
HTMLayoutClipboardCopy
HTMLayoutCloneElement
HTMLayoutCombineURL
HTMLayoutCommitUpdates
HTMLayoutControlGetType
HTMLayoutControlGetValue
HTMLayoutControlSetValue
HTMLayoutCreateElement
HTMLayoutDataReady
HTMLayoutDataReadyAsync
HTMLayoutDeclareElementType
HTMLayoutDeleteElement
HTMLayoutDetachElement
HTMLayoutDetachEventHandler
HTMLayoutDialog
HTMLayoutElementGetExpando
HTMLayoutElementSetExpando
HTMLayoutEnumElementStyles
HTMLayoutEnumResources
HTMLayoutEnumerate
HTMLayoutFindElement
HTMLayoutGetAttributeByName
HTMLayoutGetAttributeCount
HTMLayoutGetCharacterRect
HTMLayoutGetChildrenCount
HTMLayoutGetElementByUID
HTMLayoutGetElementHtml
HTMLayoutGetElementHwnd
HTMLayoutGetElementIndex
HTMLayoutGetElementInnerText
HTMLayoutGetElementInnerText16
HTMLayoutGetElementIntrinsicHeight
HTMLayoutGetElementIntrinsicWidths
HTMLayoutGetElementLocation
HTMLayoutGetElementState
HTMLayoutGetElementText
HTMLayoutGetElementType
HTMLayoutGetElementUID
HTMLayoutGetFocusElement
HTMLayoutGetGraphin
HTMLayoutGetMinHeight
HTMLayoutGetMinWidth
HTMLayoutGetNthAttribute
HTMLayoutGetNthChild
HTMLayoutGetParentElement
HTMLayoutGetRootElement
HTMLayoutGetScrollInfo
HTMLayoutGetSelectedHTML
HTMLayoutGetStyleAttribute
HTMLayoutHidePopup
HTMLayoutHttpRequest
HTMLayoutInit
HTMLayoutInsertElement
HTMLayoutIsElementEnabled
HTMLayoutIsElementVisible
HTMLayoutLoadFile
HTMLayoutLoadHtml
HTMLayoutLoadHtmlEx
HTMLayoutMoveElement
HTMLayoutMoveElementEx
HTMLayoutParseValue
HTMLayoutPostEvent
HTMLayoutProc
HTMLayoutProcND
HTMLayoutProcW
HTMLayoutProcessUIEvent
HTMLayoutRangeAdvancePos
HTMLayoutRangeCreate
HTMLayoutRangeFromPositions
HTMLayoutRangeFromSelection
HTMLayoutRangeInsertHtml
HTMLayoutRangeIsEmpty
HTMLayoutRangeRelease
HTMLayoutRangeReplace
HTMLayoutRangeToHtml
HTMLayoutRender
HTMLayoutRenderElement
HTMLayoutRequestElementData
HTMLayoutScrollToView
HTMLayoutSelectElements
HTMLayoutSelectElementsW
HTMLayoutSelectParent
HTMLayoutSelectParentW
HTMLayoutSelectionExist
HTMLayoutSendEvent
HTMLayoutSetAttributeByName
HTMLayoutSetCSS
HTMLayoutSetCallback
HTMLayoutSetCapture
HTMLayoutSetDataLoader
HTMLayoutSetElementHtml
HTMLayoutSetElementInnerText
HTMLayoutSetElementInnerText16
HTMLayoutSetElementState
HTMLayoutSetEventRoot
HTMLayoutSetHttpHeaders
HTMLayoutSetMasterCSS
HTMLayoutSetMediaType
HTMLayoutSetMode
HTMLayoutSetOption
HTMLayoutSetScrollPos
HTMLayoutSetStyleAttribute
HTMLayoutSetTimer
HTMLayoutSetTimerEx
HTMLayoutSetupDebugOutput
HTMLayoutShowPopup
HTMLayoutShowPopupAt
HTMLayoutSortElements
HTMLayoutSwapElements
HTMLayoutTrackPopupAt
HTMLayoutTranslateMessage
HTMLayoutTraverseUIEvent
HTMLayoutUpdateElement
HTMLayoutUpdateElementEx
HTMLayoutUpdateView
HTMLayoutUpdateWindow
HTMLayoutVisitElements
HTMLayoutWindowAttachEventHandler
HTMLayoutWindowDetachEventHandler
HTMLayout_UnuseElement
HTMLayout_UseElement
HTMLiteAdvanceFocus
HTMLiteAttachEventHandler
HTMLiteCreateInstance
HTMLiteDestroyInstance
HTMLiteDetachEventHandler
HTMLiteFindElement
HTMLiteGetDocumentMinHeight
HTMLiteGetDocumentMinWidth
HTMLiteGetElementHTMLITE
HTMLiteGetFocusElement
HTMLiteGetNextFocusable
HTMLiteGetRootElement
HTMLiteGetTag
HTMLiteLoadHtmlFromFile
HTMLiteLoadHtmlFromMemory
HTMLiteMeasure
HTMLiteRender
HTMLiteRenderOnBitmap
HTMLiteSetCallback
HTMLiteSetDataReady
HTMLiteSetDataReadyAsync
HTMLiteSetMediaType
HTMLiteSetTag
HTMLiteTraverseUIEvent
HTMPrintCreateInstance
HTMPrintDestroyInstance
HTMPrintGetDocumentHeight
HTMPrintGetDocumentMinWidth
HTMPrintGetRootElement
HTMPrintGetTag
HTMPrintLoadHtmlFromFile
HTMPrintLoadHtmlFromFileW
HTMPrintLoadHtmlFromMemory
HTMPrintMeasure
HTMPrintRender
HTMPrintSetDataReady
HTMPrintSetHyperlinkAreaCallback
HTMPrintSetLoadDataCallback
HTMPrintSetMediaType
HTMPrintSetNextPageCallback
HTMPrintSetTag
ValueBinaryData
ValueBinaryDataSet
ValueClear
ValueCompare
ValueCopy
ValueElementsCount
ValueFloatData
ValueFloatDataSet
ValueFromString
ValueGetValueOfKey
ValueInit
ValueInt64Data
ValueInt64DataSet
ValueIntData
ValueIntDataSet
ValueInvoke
ValueNthElementKey
ValueNthElementValue
ValueNthElementValueSet
ValueSetValueToKey
ValueStringData
ValueStringDataSet
ValueToString
ValueType
_HTMLayoutUrlEscape@16
_HTMLayoutUrlUnescape@12
_HTMLiteGetElementByUID@12
_HTMPrintSetCallback@12
_ValueEnumElements@12
_ValueIsolate@4

Sections

UPX0
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 740KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 188KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Device Doctor Portable/lib.dll
.zip
BmpImagePlugin.pyc
GifImagePlugin.pyc
GimpGradientFile.pyc
GimpPaletteFile.pyc
Image.pyc
ImageChops.pyc
ImageColor.pyc
ImageFile.pyc
ImageFilter.pyc
ImageMode.pyc
ImagePalette.pyc
ImageTransform.pyc
ImageWin.pyc
JpegImagePlugin.pyc
PaletteFile.pyc
PngImagePlugin.pyc
PpmImagePlugin.pyc
Queue.pyc
StringIO.pyc
TiffImagePlugin.pyc
TiffTags.pyc
UserDict.pyc
_LWPCookieJar.pyc
_MozillaCookieJar.pyc
__future__.pyc
_abcoll.pyc
_threading_local.pyc
abc.pyc
atexit.pyc
base64.pyc
bdb.pyc
bisect.pyc
calendar.pyc
cmd.pyc
codecs.pyc
collections.pyc
colorsys.pyc
common/__init__.pyc
common/agent.pyc
common/architecture.pyc
common/command_line.pyc
common/config_parser.pyc
common/decorators.pyc
common/dialog.pyc
common/dll.pyc
common/downloader/__init__.pyc
common/downloader/download_manager.pyc
common/downloader/downloader.pyc
common/downloader/job.pyc
common/driver_scanner/__init__.pyc
common/driver_scanner/core.pyc
common/driver_scanner/device_scanner.pyc
common/driver_scanner/network/__init__.pyc
common/driver_scanner/network/request_builder.pyc
common/driver_scanner/network/requestor.pyc
common/driver_scanner/network/requestor_thread.pyc
common/driver_scanner/progress_meters/__init__.pyc
common/driver_scanner/progress_meters/aggregate_meter.pyc
common/driver_scanner/progress_meters/network_meter.pyc
common/driver_scanner/progress_meters/scanner_meter.pyc
common/driver_scanner/scanner.pyc
common/driver_scanner/scanner_thread.pyc
common/exceptions.pyc
common/font.pyc
common/html/__init__.pyc
common/html/behaviour/__init__.pyc
common/html/behaviour/behaviour.pyc
common/html/behaviour/custom_checkbox.pyc
common/html/behaviour/default_button.pyc
common/html/behaviour/disabled.pyc
common/html/behaviour/drag.pyc
common/html/behaviour/progress_bar.pyc
common/html/behaviour/tabs.pyc
common/html/dialog.pyc
common/html/element.pyc
common/html/event_handler.pyc
common/html/license_input.pyc
common/html/log.pyc
common/html/progress_bar.pyc
common/html/progress_bar_custom_control.pyc
common/html/progress_bar_good.pyc
common/html/screen.pyc
common/html/screen_manager.pyc
common/installation_uuid.pyc
common/ipartition.pyc
common/launch_process.pyc
common/licensing/__init__.pyc
common/licensing/activated_dialog.pyc
common/licensing/backends/__init__.pyc
common/licensing/backends/backend.pyc
common/licensing/backends/blitware.pyc
common/licensing/backends/blitware_parser.pyc
common/licensing/cache.pyc
common/licensing/dialog_manager.pyc
common/licensing/explain_dialog.pyc
common/licensing/license_dialog.pyc
common/licensing/manager.pyc
common/licensing/parser.pyc
common/licensing/registration_dialog.pyc
common/licensing/worker.pyc
common/mutex.pyc
common/network.pyc
common/odict.pyc
common/os_info.pyc
common/partner_id.pyc
common/pie.pyc
common/pie_3d.pyc
common/preferences_manager.pyc
common/proxy.pyc
common/registry.pyc
common/resource_loader.pyc
common/round_window.pyc
common/scheduler.pyc
common/signs.pyc
common/start_url.pyc
common/string_table.pyc
common/system_restore.pyc
common/tick.pyc
common/updater.pyc
common/utilities.pyc
cookielib.pyc
copy.pyc
copy_reg.pyc
ctypes/__init__.pyc
ctypes/_endian.pyc
ctypes/macholib/__init__.pyc
ctypes/macholib/dyld.pyc
ctypes/macholib/dylib.pyc
ctypes/macholib/framework.pyc
ctypes/test/__init__.pyc
ctypes/test/runtests.pyc
ctypes/test/test_anon.pyc
ctypes/test/test_array_in_pointer.pyc
ctypes/test/test_arrays.pyc
ctypes/test/test_as_parameter.pyc
ctypes/test/test_bitfields.pyc
ctypes/test/test_buffers.pyc
ctypes/test/test_byteswap.pyc
ctypes/test/test_callbacks.pyc
ctypes/test/test_cast.pyc
ctypes/test/test_cfuncs.pyc
ctypes/test/test_checkretval.pyc
ctypes/test/test_delattr.pyc
ctypes/test/test_errcheck.pyc
ctypes/test/test_errno.pyc
ctypes/test/test_find.pyc
ctypes/test/test_frombuffer.pyc
ctypes/test/test_funcptr.pyc
ctypes/test/test_functions.pyc
ctypes/test/test_incomplete.pyc
ctypes/test/test_init.pyc
ctypes/test/test_integers.pyc
ctypes/test/test_internals.pyc
ctypes/test/test_keeprefs.pyc
ctypes/test/test_libc.pyc
ctypes/test/test_loading.pyc
ctypes/test/test_macholib.pyc
ctypes/test/test_memfunctions.pyc
ctypes/test/test_numbers.pyc
ctypes/test/test_objects.pyc
ctypes/test/test_parameters.pyc
ctypes/test/test_pep3118.pyc
ctypes/test/test_pickling.pyc
ctypes/test/test_pointers.pyc
ctypes/test/test_prototypes.pyc
ctypes/test/test_python_api.pyc
ctypes/test/test_random_things.pyc
ctypes/test/test_refcounts.pyc
ctypes/test/test_repr.pyc
ctypes/test/test_returnfuncptrs.pyc
ctypes/test/test_simplesubclasses.pyc
ctypes/test/test_sizes.pyc
ctypes/test/test_slicing.pyc
ctypes/test/test_stringptr.pyc
ctypes/test/test_strings.pyc
ctypes/test/test_struct_fields.pyc
ctypes/test/test_structures.pyc
ctypes/test/test_unaligned_structures.pyc
ctypes/test/test_unicode.pyc
ctypes/test/test_values.pyc
ctypes/test/test_varsize_struct.pyc
ctypes/test/test_win32.pyc
ctypes/util.pyc
ctypes/wintypes.pyc
devicedoctor/DeviceDoctor.pyc
devicedoctor/__init__.pyc
devicedoctor/build_config.pyc
devicedoctor/class_icons.pyc
devicedoctor/constants.pyc
devicedoctor/exporter/__init__.pyc
devicedoctor/exporter/export.pyc
devicedoctor/main_application.pyc
devicedoctor/outer_application.pyc
devicedoctor/resources.pyc
devicedoctor/settings.pyc
devicedoctor/update_checker.pyc
difflib.pyc
dis.pyc
doctest.pyc
dummy_thread.pyc
dummy_threading.pyc
email/__init__.pyc
email/_parseaddr.pyc
email/base64mime.pyc
email/charset.pyc
email/encoders.pyc
email/errors.pyc
email/feedparser.pyc
email/generator.pyc
email/header.pyc
email/iterators.pyc
email/message.pyc
email/mime/__init__.pyc
email/mime/application.pyc
email/mime/audio.pyc
email/mime/base.pyc
email/mime/image.pyc
email/mime/message.pyc
email/mime/multipart.pyc
email/mime/nonmultipart.pyc
email/mime/text.pyc
email/parser.pyc
email/quoprimime.pyc
email/test/__init__.pyc
email/test/test_email.pyc
email/test/test_email_codecs.pyc
email/test/test_email_codecs_renamed.pyc
email/test/test_email_renamed.pyc
email/test/test_email_torture.pyc
email/utils.pyc
encodings/__init__.pyc
encodings/aliases.pyc
encodings/ascii.pyc
encodings/base64_codec.pyc
encodings/charmap.pyc
encodings/hex_codec.pyc
encodings/idna.pyc
encodings/latin_1.pyc
encodings/mbcs.pyc
encodings/raw_unicode_escape.pyc
encodings/string_escape.pyc
encodings/undefined.pyc
encodings/unicode_escape.pyc
encodings/unicode_internal.pyc
encodings/utf_16.pyc
encodings/utf_16_be.pyc
encodings/utf_16_le.pyc
encodings/utf_32.pyc
encodings/utf_32_be.pyc
encodings/utf_32_le.pyc
encodings/utf_7.pyc
encodings/utf_8.pyc
encodings/utf_8_sig.pyc
fnmatch.pyc
ftplib.pyc
functools.pyc
genericpath.pyc
getopt.pyc
getpass.pyc
gettext.pyc
hashlib.pyc
heapq.pyc
hmac.pyc
htmlayout/__init__.pyc
htmlayout/defs.pyc
htmlayout/functions.pyc
htmlayout/structs.pyc
httplib.pyc
inspect.pyc
json/__init__.pyc
json/decoder.pyc
json/encoder.pyc
json/scanner.pyc
json/tests/__init__.pyc
json/tests/test_decode.pyc
json/tests/test_default.pyc
json/tests/test_dump.pyc
json/tests/test_encode_basestring_ascii.pyc
json/tests/test_fail.pyc
json/tests/test_float.pyc
json/tests/test_indent.pyc
json/tests/test_pass1.pyc
json/tests/test_pass2.pyc
json/tests/test_pass3.pyc
json/tests/test_recursion.pyc
json/tests/test_scanstring.pyc
json/tests/test_separators.pyc
json/tests/test_speedups.pyc
json/tests/test_unicode.pyc
json/tool.pyc
keyword.pyc
linecache.pyc
locale.pyc
logging/__init__.pyc
logging/config.pyc
logging/handlers.pyc
macurl2path.pyc
mimetools.pyc
mimetypes.pyc
multiprocessing/__init__.pyc
multiprocessing/connection.pyc
multiprocessing/dummy/__init__.pyc
multiprocessing/dummy/connection.pyc
multiprocessing/forking.pyc
multiprocessing/heap.pyc
multiprocessing/managers.pyc
multiprocessing/pool.pyc
multiprocessing/process.pyc
multiprocessing/queues.pyc
multiprocessing/reduction.pyc
multiprocessing/sharedctypes.pyc
multiprocessing/synchronize.pyc
multiprocessing/util.pyc
ntpath.pyc
nturl2path.pyc
opcode.pyc
optparse.pyc
os.pyc
os2emxpath.pyc
pdb.pyc
pickle.pyc
posixpath.pyc
pprint.pyc
quopri.pyc
random.pyc
re.pyc
repr.pyc
rfc822.pyc
shlex.pyc
shutil.pyc
socket.pyc
sre_compile.pyc
sre_constants.pyc
sre_parse.pyc
ssl.pyc
stat.pyc
string.pyc
stringprep.pyc
struct.pyc
subprocess.pyc
tempfile.pyc
textwrap.pyc
threading.pyc
token.pyc
tokenize.pyc
traceback.pyc
types.pyc
unittest.pyc
urllib.pyc
urllib2.pyc
urlparse.pyc
uu.pyc
uuid.pyc
warnings.pyc
weakref.pyc
windows/__init__.pyc
windows/wdefs.pyc
windows/wfunctions/__init__.pyc
windows/wfunctions/advapi32.pyc
windows/wfunctions/cfgmgr32.pyc
windows/wfunctions/comctl32.pyc
windows/wfunctions/comdlg32.pyc
windows/wfunctions/gdi32.pyc
windows/wfunctions/kernel32.pyc
windows/wfunctions/msimg32.pyc
windows/wfunctions/pdh.pyc
windows/wfunctions/psapi.pyc
windows/wfunctions/secur32.pyc
windows/wfunctions/setupapi.pyc
windows/wfunctions/shell32.pyc
windows/wfunctions/shlwapi.pyc
windows/wfunctions/user32.pyc
windows/wfunctions/userenv.pyc
windows/wmacros.pyc
windows/wmessages.pyc
windows/wnotifications.pyc
windows/wstructures.pyc
windows/wtypes.pyc
xml/__init__.pyc
xml/dom/NodeFilter.pyc
xml/dom/__init__.pyc
xml/dom/domreg.pyc
xml/dom/expatbuilder.pyc
xml/dom/minicompat.pyc
xml/dom/minidom.pyc
xml/dom/pulldom.pyc
xml/dom/xmlbuilder.pyc
xml/etree/ElementInclude.pyc
xml/etree/ElementPath.pyc
xml/etree/ElementTree.pyc
xml/etree/__init__.pyc
xml/etree/cElementTree.pyc
xml/parsers/__init__.pyc
xml/parsers/expat.pyc
xml/sax/__init__.pyc
xml/sax/_exceptions.pyc
xml/sax/expatreader.pyc
xml/sax/handler.pyc
xml/sax/saxutils.pyc
xml/sax/xmlreader.pyc
xmllib.pyc
xmlrpclib.pyc
Device Doctor Portable/ownership.dll
.dll windows:5 windows x86 arch:x86

acbe766cb31a4a0820bdcc0076065c6c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalAlloc
LocalFree
CloseHandle
GetLastError
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange

advapi32

InitializeSecurityDescriptor
GetSecurityDescriptorDacl
RegCloseKey
AdjustTokenPrivileges
RegOpenKeyExW
RegSetKeySecurity
OpenProcessToken
SetNamedSecurityInfoW
AllocateAndInitializeSid
SetEntriesInAclW
FreeSid
SetSecurityDescriptorDacl
LookupPrivilegeValueW
RegGetKeySecurity
SetSecurityDescriptorOwner

msvcr90

_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
free
_malloc_crt
_encode_pointer
wcscpy_s
vswprintf_s
printf
_encoded_null
memset

Exports

Exports

OwnDirectory
SetLogCallback
TryOpen

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Device Doctor Portable/pyexpat.pyd
.dll windows:5 windows x86 arch:x86

43dff2bdd190a6ef2717dbeb75e2c94f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\loewis\26\python\PCbuild\Win32-pgo\pyexpat.pdb

Imports

python26

_Py_TrueStruct
PyCObject_FromVoidPtr
PyErr_NewException
PyArg_ParseTupleAndKeywords
PyFile_Type
PyTuple_Pack
PyType_Type
PyModule_AddStringConstant
PyErr_Clear
PyObject_IsTrue
PyObject_GC_UnTrack
PyObject_GC_Track
PyExc_RuntimeError
PyErr_Format
PyModule_AddObject
PyExc_TypeError
PyFile_AsFile
PyErr_Fetch
PyObject_GetAttrString
PyUnicodeUCS2_DecodeUTF8
Py_InitModule4
PyArg_UnpackTuple
PyList_Append
PyTraceBack_Here
_PyObject_GC_New
PyType_IsSubtype
PyErr_SetString
PyModule_AddIntConstant
PyErr_Occurred
PyUnicodeUCS2_Decode
PyExc_ValueError
PyModule_GetDict
Py_FindMethod
PyArg_ParseTuple
_Py_NoneStruct
PyObject_SetAttrString
PyDict_SetItem
PyExc_AttributeError
_Py_ZeroStruct
PyErr_SetObject
PyObject_CallFunction
PyFrame_New
PyModule_New
PyEval_CallObjectWithKeywords
PyErr_NoMemory
PyObject_GC_Del
_PyThreadState_Current
PyErr_SetFromErrno
PyString_AsString
PyInt_AsLong
PyDict_GetItem
PyString_FromStringAndSize
Py_BuildValue
PyCode_New
PyInt_FromLong
PyDict_New
PyExc_IOError
PyTuple_New
PyErr_Restore
PyObject_Call
PySys_GetObject
PyEval_GetGlobals
PyList_New
PyString_FromString

msvcr90

memset
_crt_debugger_hook
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
realloc
memmove
isdigit
fread
malloc
free
sprintf
memcpy

kernel32

GetCurrentProcessId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
InterlockedExchange
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep

Exports

Exports

initpyexpat

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Device Doctor Portable/python26.dll
.dll windows:5 windows x86 arch:x86

0c81e0e7428fdc618152c4b3e425c55e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\eroy\Desktop\blitware\products\Python-2.6.2\PCbuild\python26.pdb

Imports

kernel32

SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetEnvironmentVariableW
SetLastError
GetCurrentDirectoryW
SetCurrentDirectoryW
GetProcAddress
GetModuleHandleA
FindClose
FindFirstFileA
FindFirstFileW
GetFileAttributesA
GetFileAttributesW
GetFileInformationByHandle
GetFileType
SetFileAttributesA
SetFileAttributesW
FindNextFileA
FindNextFileW
GetFullPathNameA
GetFullPathNameW
CreateDirectoryA
CreateDirectoryW
MoveFileA
MoveFileW
RemoveDirectoryA
RemoveDirectoryW
DeleteFileA
DeleteFileW
SetFileTime
SystemTimeToFileTime
GetSystemTime
CreateFileA
CreateFileW
CreateProcessA
GetModuleFileNameA
GetCurrentProcess
GetExitCodeProcess
WaitForSingleObject
GetProcessTimes
CreatePipe
SetEvent
SetConsoleCtrlHandler
CreateEventA
Sleep
ResetEvent
IsDBCSLeadByte
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
TerminateProcess
ExpandEnvironmentStringsW
GetModuleHandleW
OutputDebugStringA
FreeLibrary
FormatMessageA
LoadLibraryExA
SetErrorMode
LocalFree
OutputDebugStringW
GetConsoleOutputCP
GetConsoleCP
GetVersionExA
GetCurrentThreadId
InterlockedIncrement
InterlockedCompareExchange
InterlockedDecrement
ReleaseSemaphore
CreateSemaphoreA
GetCurrentProcessId
GetTickCount
IsDebuggerPresent
SetUnhandledExceptionFilter
DuplicateHandle
FlushViewOfFile
SetFilePointer
CreateFileMappingA
MapViewOfFile
GetFileSize
GetLastError
UnmapViewOfFile
CloseHandle
GetSystemInfo
GetACP
GetLocaleInfoA
QueryPerformanceFrequency
QueryPerformanceCounter
GetVersion
GetEnvironmentVariableA
SetEndOfFile
UnhandledExceptionFilter
InterlockedExchange
GetSystemTimeAsFileTime

user32

wsprintfA
CharPrevA
LoadStringA

advapi32

RegSetValueA
RegSaveKeyA
RegQueryValueExA
RegQueryValueA
RegOpenKeyExA
RegLoadKeyA
RegFlushKey
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyA
RegConnectRegistryA
RegCloseKey
RegSetValueExA

shell32

ShellExecuteA
ShellExecuteW

msvcr90

memmove
fprintf
fputs
strchr
_fstat64i32
_errno
strerror
_lseeki64
_get_osfhandle
_wopen
memcpy
memset
fclose
fgetc
free
malloc
ungetc
fopen
isdigit
fflush
fwrite
isalpha
islower
isupper
setlocale
localeconv
wcscoll
strcoll
strxfrm
_time64
tolower
_putenv
realloc
isspace
fread
clearerr
_CIsqrt
memchr
_isnan
_copysign
_finite
_HUGE
_CIatan2
_hypot
_CIlog
_CIsin
_CIsinh
_CIcos
_CIcosh
_CIexp
ldexp
_CItan
_CItanh
feof
getc
strtol
_gmtime64
_localtime64
ceil
floor
sprintf
modf
__iob_func
getenv
setvbuf
_setmode
_CIlog10
acos
asin
atan
cos
cosh
exp
fabs
sin
sinh
sqrt
tan
tanh
frexp
_CIfmod
_CIpow
_stat64i32
_environ
strncmp
wcsncmp
strrchr
_wcsicmp
wcsrchr
_commit
system
_exit
_spawnv
_spawnve
strncpy
strncat
_stricmp
_cwait
_open_osfhandle
_tempnam
tmpfile
tmpnam
abort
_fdopen
toupper
_ctime64
_mktime64
_ftime64
clock
strftime
asctime
ftell
fseek
ferror
_vsnprintf
fputc
isxdigit
_set_invalid_parameter_handler
_fileno
_wfopen
fsetpos
fgetpos
fgets
qsort
printf
exit
atoi
strstr
_mbstrlen
_heapmin
_locking
_kbhit
_getch
_getwch
_getche
_getwche
_putch
_putwch
_ungetch
__sys_errlist
__sys_nerr
putc
strtod
strpbrk
rewind
_resetstkoflw
signal
vfprintf
_endthread
_beginthread
_except_handler4_common
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_tzname
_daylight
_timezone
_tzset
_strnicmp
_strdup
isalnum
_close
_lseek
_read
_write
_isatty
_open
_getcwd
_umask
_execv
_execve
_getpid
_dup
_dup2
_unlink

Exports

Exports

PyAST_Compile
PyAST_FromNode
PyArena_AddPyObject
PyArena_Free
PyArena_Malloc
PyArena_New
PyArg_Parse
PyArg_ParseTuple
PyArg_ParseTupleAndKeywords
PyArg_UnpackTuple
PyArg_VaParse
PyArg_VaParseTupleAndKeywords
PyBaseObject_Type
PyBaseString_Type
PyBool_FromLong
PyBool_Type
PyBuffer_FillContiguousStrides
PyBuffer_FillInfo
PyBuffer_FromContiguous
PyBuffer_FromMemory
PyBuffer_FromObject
PyBuffer_FromReadWriteMemory
PyBuffer_FromReadWriteObject
PyBuffer_GetPointer
PyBuffer_IsContiguous
PyBuffer_New
PyBuffer_Release
PyBuffer_ToContiguous
PyBuffer_Type
PyByteArrayIter_Type
PyByteArray_AsString
PyByteArray_Concat
PyByteArray_Fini
PyByteArray_FromObject
PyByteArray_FromStringAndSize
PyByteArray_Init
PyByteArray_Resize
PyByteArray_Size
PyByteArray_Type
PyCFunction_Call
PyCFunction_ClearFreeList
PyCFunction_Fini
PyCFunction_GetFlags
PyCFunction_GetFunction
PyCFunction_GetSelf
PyCFunction_New
PyCFunction_NewEx
PyCFunction_Type
PyCObject_AsVoidPtr
PyCObject_FromVoidPtr
PyCObject_FromVoidPtrAndDesc
PyCObject_GetDesc
PyCObject_Import
PyCObject_SetVoidPtr
PyCObject_Type
PyCallIter_New
PyCallIter_Type
PyCallable_Check
PyCell_Get
PyCell_New
PyCell_Set
PyCell_Type
PyClassMethod_New
PyClassMethod_Type
PyClass_IsSubclass
PyClass_New
PyClass_Type
PyCode_Addr2Line
PyCode_CheckLineNumber
PyCode_New
PyCode_Optimize
PyCode_Type
PyCodec_BackslashReplaceErrors
PyCodec_Decode
PyCodec_Decoder
PyCodec_Encode
PyCodec_Encoder
PyCodec_IgnoreErrors
PyCodec_IncrementalDecoder
PyCodec_IncrementalEncoder
PyCodec_LookupError
PyCodec_Register
PyCodec_RegisterError
PyCodec_ReplaceErrors
PyCodec_StreamReader
PyCodec_StreamWriter
PyCodec_StrictErrors
PyCodec_XMLCharRefReplaceErrors
PyComplex_AsCComplex
PyComplex_FromCComplex
PyComplex_FromDoubles
PyComplex_ImagAsDouble
PyComplex_RealAsDouble
PyComplex_Type
PyDescr_NewClassMethod
PyDescr_NewGetSet
PyDescr_NewMember
PyDescr_NewMethod
PyDescr_NewWrapper
PyDictProxy_New
PyDict_Clear
PyDict_Contains
PyDict_Copy
PyDict_DelItem
PyDict_DelItemString
PyDict_Fini
PyDict_GetItem
PyDict_GetItemString
PyDict_Items
PyDict_Keys
PyDict_Merge
PyDict_MergeFromSeq2
PyDict_New
PyDict_Next
PyDict_SetItem
PyDict_SetItemString
PyDict_Size
PyDict_Type
PyDict_Update
PyDict_Values
PyEnum_Type
PyErr_BadArgument
PyErr_BadInternalCall
PyErr_CheckSignals
PyErr_Clear
PyErr_Display
PyErr_ExceptionMatches
PyErr_Fetch
PyErr_Format
PyErr_GivenExceptionMatches
PyErr_NewException
PyErr_NoMemory
PyErr_NormalizeException
PyErr_Occurred
PyErr_Print
PyErr_PrintEx
PyErr_ProgramText
PyErr_Restore
PyErr_SetExcFromWindowsErr
PyErr_SetExcFromWindowsErrWithFilename
PyErr_SetExcFromWindowsErrWithFilenameObject
PyErr_SetExcFromWindowsErrWithUnicodeFilename
PyErr_SetFromErrno
PyErr_SetFromErrnoWithFilename
PyErr_SetFromErrnoWithFilenameObject
PyErr_SetFromErrnoWithUnicodeFilename
PyErr_SetFromWindowsErr
PyErr_SetFromWindowsErrWithFilename
PyErr_SetFromWindowsErrWithUnicodeFilename
PyErr_SetInterrupt
PyErr_SetNone
PyErr_SetObject
PyErr_SetString
PyErr_SyntaxLocation
PyErr_Warn
PyErr_WarnEx
PyErr_WarnExplicit
PyErr_WriteUnraisable
PyEval_AcquireLock
PyEval_AcquireThread
PyEval_CallFunction
PyEval_CallMethod
PyEval_CallObject
PyEval_CallObjectWithKeywords
PyEval_EvalCode
PyEval_EvalCodeEx
PyEval_EvalFrame
PyEval_EvalFrameEx
PyEval_GetBuiltins
PyEval_GetCallStats
PyEval_GetFrame
PyEval_GetFuncDesc
PyEval_GetFuncName
PyEval_GetGlobals
PyEval_GetLocals
PyEval_GetRestricted
PyEval_InitThreads
PyEval_MergeCompilerFlags
PyEval_ReInitThreads
PyEval_ReleaseLock
PyEval_ReleaseThread
PyEval_RestoreThread
PyEval_SaveThread
PyEval_SetProfile
PyEval_SetTrace
PyEval_ThreadsInitialized
PyExc_ArithmeticError
PyExc_AssertionError
PyExc_AttributeError
PyExc_BaseException
PyExc_BufferError
PyExc_BytesWarning
PyExc_DeprecationWarning
PyExc_EOFError
PyExc_EnvironmentError
PyExc_Exception
PyExc_FloatingPointError
PyExc_FutureWarning
PyExc_GeneratorExit
PyExc_IOError
PyExc_ImportError
PyExc_ImportWarning
PyExc_IndentationError
PyExc_IndexError
PyExc_KeyError
PyExc_KeyboardInterrupt
PyExc_LookupError
PyExc_MemoryError
PyExc_MemoryErrorInst
PyExc_NameError
PyExc_NotImplementedError
PyExc_OSError
PyExc_OverflowError
PyExc_PendingDeprecationWarning
PyExc_RecursionErrorInst
PyExc_ReferenceError
PyExc_RuntimeError
PyExc_RuntimeWarning
PyExc_StandardError
PyExc_StopIteration
PyExc_SyntaxError
PyExc_SyntaxWarning
PyExc_SystemError
PyExc_SystemExit
PyExc_TabError
PyExc_TypeError
PyExc_UnboundLocalError
PyExc_UnicodeDecodeError
PyExc_UnicodeEncodeError
PyExc_UnicodeError
PyExc_UnicodeTranslateError
PyExc_UnicodeWarning
PyExc_UserWarning
PyExc_ValueError
PyExc_Warning
PyExc_WindowsError
PyExc_ZeroDivisionError
PyFile_AsFile
PyFile_DecUseCount
PyFile_FromFile
PyFile_FromString
PyFile_GetLine
PyFile_IncUseCount
PyFile_Name
PyFile_SetBufSize
PyFile_SetEncoding
PyFile_SetEncodingAndErrors
PyFile_SoftSpace
PyFile_Type
PyFile_WriteObject
PyFile_WriteString
PyFloat_AsDouble
PyFloat_AsReprString
PyFloat_AsString
PyFloat_ClearFreeList
PyFloat_Fini
PyFloat_FromDouble
PyFloat_FromString
PyFloat_GetInfo
PyFloat_GetMax
PyFloat_GetMin
PyFloat_Type
PyFrame_BlockPop
PyFrame_BlockSetup
PyFrame_ClearFreeList
PyFrame_FastToLocals
PyFrame_Fini
PyFrame_LocalsToFast
PyFrame_New
PyFrame_Type
PyFrozenSet_New
PyFrozenSet_Type
PyFunction_GetClosure
PyFunction_GetCode
PyFunction_GetDefaults
PyFunction_GetGlobals
PyFunction_GetModule
PyFunction_New
PyFunction_SetClosure
PyFunction_SetDefaults
PyFunction_Type
PyFuture_FromAST
PyGC_Collect
PyGILState_Ensure
PyGILState_GetThisThreadState
PyGILState_Release
PyGen_NeedsFinalizing
PyGen_New
PyGen_Type
PyImport_AddModule
PyImport_AppendInittab
PyImport_Cleanup
PyImport_ExecCodeModule
PyImport_ExecCodeModuleEx
PyImport_ExtendInittab
PyImport_FrozenModules
PyImport_GetImporter
PyImport_GetMagicNumber
PyImport_GetModuleDict
PyImport_Import
PyImport_ImportFrozenModule
PyImport_ImportModule
PyImport_ImportModuleLevel
PyImport_ImportModuleNoBlock
PyImport_Inittab
PyImport_ReloadModule
PyInstance_New
PyInstance_NewRaw
PyInstance_Type
PyInt_AsLong
PyInt_AsSsize_t
PyInt_AsUnsignedLongLongMask
PyInt_AsUnsignedLongMask
PyInt_ClearFreeList
PyInt_Fini
PyInt_FromLong
PyInt_FromSize_t
PyInt_FromSsize_t
PyInt_FromString
PyInt_FromUnicode
PyInt_GetMax
PyInt_Type
PyInterpreterState_Clear
PyInterpreterState_Delete
PyInterpreterState_Head
PyInterpreterState_New
PyInterpreterState_Next
PyInterpreterState_ThreadHead
PyIter_Next
PyList_Append
PyList_AsTuple
PyList_Fini
PyList_GetItem
PyList_GetSlice
PyList_Insert
PyList_New
PyList_Reverse
PyList_SetItem
PyList_SetSlice
PyList_Size
PyList_Sort
PyList_Type
PyLong_AsDouble
PyLong_AsLong
PyLong_AsLongLong
PyLong_AsSsize_t
PyLong_AsUnsignedLong
PyLong_AsUnsignedLongLong
PyLong_AsUnsignedLongLongMask
PyLong_AsUnsignedLongMask
PyLong_AsVoidPtr
PyLong_FromDouble
PyLong_FromLong
PyLong_FromLongLong
PyLong_FromSize_t
PyLong_FromSsize_t
PyLong_FromString
PyLong_FromUnicode
PyLong_FromUnsignedLong
PyLong_FromUnsignedLongLong
PyLong_FromVoidPtr
PyLong_Type
PyMapping_Check
PyMapping_GetItemString
PyMapping_HasKey
PyMapping_HasKeyString
PyMapping_Length
PyMapping_SetItemString
PyMapping_Size
PyMarshal_ReadLastObjectFromFile
PyMarshal_ReadLongFromFile
PyMarshal_ReadObjectFromFile
PyMarshal_ReadObjectFromString
PyMarshal_ReadShortFromFile
PyMarshal_WriteLongToFile
PyMarshal_WriteObjectToFile
PyMarshal_WriteObjectToString
PyMem_Free
PyMem_Malloc
PyMem_Realloc
PyMember_Get
PyMember_GetOne
PyMember_Set
PyMember_SetOne
PyMethod_Class
PyMethod_ClearFreeList
PyMethod_Fini
PyMethod_Function
PyMethod_New
PyMethod_Self
PyMethod_Type
PyModule_AddIntConstant
PyModule_AddObject
PyModule_AddStringConstant
PyModule_GetDict
PyModule_GetFilename
PyModule_GetName
PyModule_New
PyModule_Type
PyNode_AddChild
PyNode_Compile
PyNode_Free
PyNode_ListTree
PyNode_New
PyNullImporter_Type
PyNumber_Absolute
PyNumber_Add
PyNumber_And
PyNumber_AsSsize_t
PyNumber_Check
PyNumber_Coerce
PyNumber_CoerceEx
PyNumber_Divide
PyNumber_Divmod
PyNumber_Float
PyNumber_FloorDivide
PyNumber_InPlaceAdd
PyNumber_InPlaceAnd
PyNumber_InPlaceDivide
PyNumber_InPlaceFloorDivide
PyNumber_InPlaceLshift
PyNumber_InPlaceMultiply
PyNumber_InPlaceOr
PyNumber_InPlacePower
PyNumber_InPlaceRemainder
PyNumber_InPlaceRshift
PyNumber_InPlaceSubtract
PyNumber_InPlaceTrueDivide
PyNumber_InPlaceXor
PyNumber_Index
PyNumber_Int
PyNumber_Invert
PyNumber_Long
PyNumber_Lshift
PyNumber_Multiply
PyNumber_Negative
PyNumber_Or
PyNumber_Positive
PyNumber_Power
PyNumber_Remainder
PyNumber_Rshift
PyNumber_Subtract
PyNumber_ToBase
PyNumber_TrueDivide
PyNumber_Xor
PyOS_AfterFork
PyOS_CheckStack
PyOS_FiniInterrupts
PyOS_InitInterrupts
PyOS_InputHook
PyOS_InterruptOccurred
PyOS_Readline
PyOS_ReadlineFunctionPointer
PyOS_ascii_atof
PyOS_ascii_formatd
PyOS_ascii_strtod
PyOS_getsig
PyOS_mystricmp
PyOS_mystrnicmp
PyOS_setsig
PyOS_snprintf
PyOS_strtol
PyOS_strtoul
PyOS_vsnprintf
PyObject_AsCharBuffer
PyObject_AsFileDescriptor
PyObject_AsReadBuffer
PyObject_AsWriteBuffer
PyObject_Call
PyObject_CallFunction
PyObject_CallFunctionObjArgs
PyObject_CallMethod
PyObject_CallMethodObjArgs
PyObject_CallObject
PyObject_CheckReadBuffer
PyObject_ClearWeakRefs
PyObject_Cmp
PyObject_Compare
PyObject_CopyData
PyObject_DelItem
PyObject_DelItemString
PyObject_Dir
PyObject_Format
PyObject_Free
PyObject_GC_Del
PyObject_GC_Track
PyObject_GC_UnTrack
PyObject_GenericGetAttr
PyObject_GenericSetAttr
PyObject_GetAttr
PyObject_GetAttrString
PyObject_GetBuffer
PyObject_GetItem
PyObject_GetIter
PyObject_HasAttr
PyObject_HasAttrString
PyObject_Hash
PyObject_HashNotImplemented
PyObject_Init
PyObject_InitVar

Sections

.text
Size: 1022KB - Virtual size: 1021KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 825KB - Virtual size: 824KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Device Doctor Portable/scheduler.dll
.dll windows:5 windows x86 arch:x86

9aa50b269b7289560f29e390b6495e34

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
GetLastError
FormatMessageW
GetProcessHeap
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapFree
GetTickCount
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentThreadId
HeapAlloc
QueryPerformanceCounter

advapi32

GetUserNameW

ole32

CoUninitialize
CoCreateInstance
CoInitialize

msvcr90

_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
wcscpy_s
vswprintf_s
??3@YAXPAX@Z
swprintf_s
_amsg_exit
memset

comctl32

PropertySheetW

Exports

Exports

DeleteTask
Enable
Exists
Properties
ScheduleTask
SetLogCallback

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Device Doctor Portable/select.pyd
.dll windows:5 windows x86 arch:x86

58cda09000d494910e37727e961ba1b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\loewis\26\python\PCbuild\Win32-pgo\select.pdb

Imports

wsock32

__WSAFDIsSet
select
WSAGetLastError

python26

PyModule_AddObject
PyErr_SetExcFromWindowsErr
PyList_New
PyObject_AsFileDescriptor
PyNumber_Check
PyFloat_AsDouble
PyTuple_Pack
PyErr_NewException
PyExc_TypeError
PyErr_Occurred
PyExc_ValueError
PyEval_SaveThread
_Py_NoneStruct
PyExc_OverflowError
PySequence_Fast
PyList_SetItem
PyEval_RestoreThread
Py_InitModule4
PyArg_UnpackTuple
PyErr_SetString

msvcr90

_crt_debugger_hook
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__CppXcptFilter
_adjust_fdiv
_encode_pointer
_malloc_crt
free
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange

Exports

Exports

initselect

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Device Doctor Portable/unicodedata.pyd
.dll windows:5 windows x86 arch:x86

8b688891614f7d934eb4586d8e47db79

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\loewis\26\python\PCbuild\Win32-pgo\unicodedata.pdb

Imports

python26

Py_InitModule4
PyExc_TypeError
PyModule_AddObject
PyErr_Format
PyModule_AddStringConstant
PyType_Type
_PyUnicodeUCS2_ToNumeric
PyCObject_FromVoidPtr
PyUnicodeUCS2_Resize
PyErr_SetString
PyUnicodeUCS2_GetSize
PyObject_Free
PyExc_ValueError
PyOS_snprintf
PyArg_ParseTuple
_PyUnicodeUCS2_ToDigit
PyExc_KeyError
PyUnicode_Type
PyObject_GenericGetAttr
Py_BuildValue
PyInt_FromLong
_PyUnicodeUCS2_ToDecimalDigit
_PyObject_New
PyFloat_FromDouble
PyUnicodeUCS2_FromUnicode
PyString_FromString

msvcr90

free
_crt_debugger_hook
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__CppXcptFilter
_adjust_fdiv
_amsg_exit
sprintf
strncmp
toupper
_encode_pointer
_malloc_crt
memcpy
_encoded_null
_decode_pointer
_initterm
_initterm_e

kernel32

GetCurrentProcessId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
InterlockedExchange
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep

Exports

Exports

initunicodedata

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 552KB - Virtual size: 553KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b966e1ce54d7809277e25c05d0da8d08

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89Certificate

Extended Key Usages

Key Usages

03:01Certificate

Key Usages

04:6b:a2:8c:9b:81:53Certificate

Extended Key Usages

Key Usages

61:2c:df:a6:ce:fe:1c:53:96:af:58:3d:b3:2d:b4:93:aa:9a:82:2bSigner

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

shell32

python26

msvcr90

shlwapi

wininet

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 132KB - Virtual size: 131KB

.reloc Size: 2KB - Virtual size: 1KB

0fda4497453286b1daa098623dfc53ce

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

2e:ab:11:dc:50:ff:5c:9d:cb:c0Certificate

Extended Key Usages

Key Usages

61:0f:78:4d:00:00:00:00:00:03Certificate

Extended Key Usages

Key Usages

61:14:2c:a7:00:00:00:00:00:06Certificate

Extended Key Usages

Key Usages

61:14:2c:a7:00:00:00:00:00:06Certificate

Extended Key Usages

Key Usages

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2Certificate

Extended Key Usages

Key Usages

4e:a2:0c:d7:08:3c:6d:9c:9c:e7:11:07:12:85:b9:f7:4e:10:16:d8Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 598KB - Virtual size: 598KB

.data Size: 17KB - Virtual size: 25KB

.rsrc Size: 1024B - Virtual size: 968B

.reloc Size: 14KB - Virtual size: 13KB

24ee6f0d6ce1ba66de0d74aad68c2d81

Headers

File Characteristics

PDB Paths

Imports

kernel32

ole32

oleaut32

python26

msvcr90

Exports

Exports

Sections

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

03:01
Certificate

04:6b:a2:8c:9b:81:53
Certificate

61:2c:df:a6:ce:fe:1c:53:96:af:58:3d:b3:2d:b4:93:aa:9a:82:2b
Signer

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 132KB - Virtual size: 131KB

.reloc
Size: 2KB - Virtual size: 1KB

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

61:0f:78:4d:00:00:00:00:00:03
Certificate

61:14:2c:a7:00:00:00:00:00:06
Certificate

61:14:2c:a7:00:00:00:00:00:06
Certificate

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

4e:a2:0c:d7:08:3c:6d:9c:9c:e7:11:07:12:85:b9:f7:4e:10:16:d8
Signer

.text
Size: 598KB - Virtual size: 598KB

.data
Size: 17KB - Virtual size: 25KB

.rsrc
Size: 1024B - Virtual size: 968B

.reloc
Size: 14KB - Virtual size: 13KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 5KB - Virtual size: 4KB

.text
Size: 190KB - Virtual size: 190KB

.rdata
Size: 59KB - Virtual size: 58KB

.data
Size: 36KB - Virtual size: 44KB

.reloc
Size: 18KB - Virtual size: 17KB

.text
Size: 242KB - Virtual size: 241KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 28KB - Virtual size: 63KB

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 9KB - Virtual size: 8KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 18KB - Virtual size: 17KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 10KB - Virtual size: 10KB

.reloc
Size: 2KB - Virtual size: 2KB