82b3f1ea39fb2e0869d85d984c552d02_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

82b3f1ea39fb2e0869d85d984c552d02_JaffaCakes118
Size

9.1MB
MD5

82b3f1ea39fb2e0869d85d984c552d02
SHA1

dd335598531a462b7ce59eafc88094a0aea1c4ea
SHA256

a224f4e2ef3e36fc8d730c660659fea62de292177397de80d30349ebc1fa7f99
SHA512

e7b9bfe98b7a8db039248471c1605c89579ac84d5c24f3a163ec71db4d26f77d4bcc869ce5c8c9eb02669ba76b5654ef09afccc28359979191b5e0ccb956591f
SSDEEP

196608:oQgbjGwUEpJGaLFoVOB3y2Q+/DFL4CDzVBMHInCYkwV/tp7UA4syh:c/UE/z3y2Q+/JcIzIonp349

Score

3^/10

Malware Config

Signatures

Unsigned PE 21 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SpyWareNukerXT.exe
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/InstallX.dll
unpack002/$PLUGINSDIR/LangDLL.dll
unpack002/AvHelp.dll
unpack002/SumSetup.exe
unpack003/$PLUGINSDIR/InstallerUtils.dll
unpack003/$PLUGINSDIR/UserInfo.dll
unpack003/StartupManager.exe
unpack003/uninstall.exe
unpack004/$PLUGINSDIR/InstallOptions.dll
unpack004/$PLUGINSDIR/InstallerUtils.dll
unpack004/$PLUGINSDIR/UserInfo.dll
unpack002/au.dll
unpack002/augui.dll
unpack002/avcore.dll
unpack002/delfile.exe
unpack002/hlib.dll
unpack002/reg2.dll
unpack002/swnxt.exe
unpack001/crack.exe

NSIS installer 3 IoCs

installer

resource	yara_rule
static1/unpack001/SpyWareNukerXT.exe	nsis_installer_1
static1/unpack002/SumSetup.exe	nsis_installer_1
static1/unpack003/uninstall.exe	nsis_installer_1

Files

82b3f1ea39fb2e0869d85d984c552d02_JaffaCakes118
.rar
155绿色软件站.url
.url
SpyWareNukerXT.exe
.exe windows:4 windows x86 arch:x86

3c1b27083f9fe9eb9b4f9671a370a84d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
ExitProcess
lstrcpynA
GetCommandLineA
CloseHandle
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpiA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
MulDiv
ReadFile
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
wsprintfA

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
GetPrivateProfileIntA
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
MultiByteToWideChar
GlobalAlloc

user32

GetDlgCtrlID
GetClientRect
SetWindowRgn
MapWindowPoints
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
PtInRect
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
LoadIconA

gdi32

SetTextColor
GetObjectA
SelectObject
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
CreateCompatibleDC

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallX.dll
.dll windows:4 windows x86 arch:x86

5c38cb7ec6746a0e2706bc5272d21696

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
GetLastError
CreateMutexA
SetLastError
GetProcAddress
LoadLibraryA
GetVersionExA
GlobalFree
WriteFile
GlobalAlloc
FreeLibrary
CreateFileA
lstrcpynA
lstrcpyA

Exports

Exports

DownloadFile
GetMenuPath
HasMutex

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 309B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

2db813254ea8b4d2a92d703ecb659f39

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpynA
lstrcmpA
lstrlenA
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc

user32

SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
LoadIconA
SendMessageA
ShowWindow
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 681B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/finish_page.ini
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/swn_sum.ini
$PLUGINSDIR/thankyou_page.ini
AvHelp.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

Exp_AvDestroyEngine
Exp_AvGetSignatureInfo
Exp_AvLoadEngine
Exp_AvScanOneFile

Sections

CODE
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 7KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 169B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SumSetup.exe
.exe windows:4 windows x86 arch:x86

1433f2e02f7db60c6c8547c52a3f8504

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
ImageList_AddMasked
ImageList_Destroy
ImageList_Create

kernel32

ExpandEnvironmentStringsA
GetEnvironmentVariableA
lstrcmpiA
CloseHandle
SetFileTime
GetFileAttributesA
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetCurrentDirectoryA
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
ExitProcess
lstrcpynA
GlobalFree
GetWindowsDirectoryA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
GetSystemDirectoryA
MulDiv
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
SetFilePointer
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
ReadFile
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
GetCommandLineA

user32

ExitWindowsEx
CharNextA
DialogBoxParamA
GetClassInfoA
CreateWindowExA
SystemParametersInfoA
RegisterClassA
EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
DispatchMessageA
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
PeekMessageA

gdi32

GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SetBkColor
SelectObject

advapi32

RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegEnumKeyA

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHFileOperationA

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallerUtils.dll
.dll windows:4 windows x86 arch:x86

558c809eeacc192bb5a15c618ddd90de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

StrToIntA
StrRChrA

kernel32

GetProcAddress
CreateFileMappingA
MapViewOfFile
GlobalFree
lstrcpyA
lstrcpynA
GlobalAlloc
CloseHandle
lstrcmpiA
UnmapViewOfFile
GetModuleHandleA
Sleep

user32

IsWindow
PostMessageA

Exports

Exports

CheckProcessExecution
StopInstance

Sections

.text
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 706B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

48cfa0ea7e353e4a7dd23572da8374ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetCurrentThread
GetCurrentProcess
GetLastError
GlobalFree
CloseHandle
lstrcpynA
GlobalAlloc

advapi32

OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetUserNameA
OpenThreadToken

Exports

Exports

GetAccountType
GetName

Sections

.text
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 45B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
StartUpManager.chm
.chm
StartupManager.exe
.exe windows:4 windows x86 arch:x86

a0c4162c0855c43abe5d60b34713c6f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\Inacso\Inacso\StartUpManager\Release\StartupManager.pdb

Imports

kernel32

GetCurrentProcessId
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetTickCount
SetUnhandledExceptionFilter
SetStdHandle
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
QueryPerformanceCounter
HeapSize
InterlockedExchange
TerminateProcess
GetDriveTypeA
GetCommandLineA
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
GetSystemTimeAsFileTime
ExitProcess
RtlUnwind
SetErrorMode
GetFullPathNameA
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GlobalFlags
VirtualProtect
FindNextFileA
FindClose
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GetCurrentThreadId
GlobalFindAtomA
lstrcatA
lstrcmpW
InterlockedDecrement
SetLastError
MulDiv
GlobalAlloc
FormatMessageA
LocalFree
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
HeapReAlloc
FreeLibrary
LoadLibraryA
ExpandEnvironmentStringsA
FindFirstFileA
HeapAlloc
HeapFree
WritePrivateProfileStringA
GetPrivateProfileIntA
GetUserDefaultLangID
CreateFileA
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcpynA
GlobalAddAtomA
GlobalGetAtomNameA
GlobalDeleteAtom
GetCurrentProcess
CreateMutexA
ReleaseMutex
DeleteCriticalSection
InitializeCriticalSection
RaiseException
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
MultiByteToWideChar
GetModuleHandleA
GetModuleFileNameA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetProcAddress
CreateDirectoryA
MoveFileA
DeleteFileA
CloseHandle
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetFileType

user32

GetSysColorBrush
WindowFromPoint
DestroyMenu
wsprintfA
GetMessageA
ValidateRect
PostQuitMessage
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
SetWindowTextA
IsDialogMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
MessageBoxA
TrackPopupMenu
UpdateWindow
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
CopyRect
GetWindow
GetSysColor
EndPaint
BeginPaint
ReleaseDC
GetDC
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnhookWindowsHookEx
GetMenuState
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
GetNextDlgTabItem
EndDialog
ShowWindow
SetFocus
GetWindowLongA
GetFocus
InvalidateRect
ClientToScreen
AppendMenuA
CreatePopupMenu
TranslateMessage
DispatchMessageA
RegisterWindowMessageA
BroadcastSystemMessageA
UnregisterClassA
SetForegroundWindow
GetLastActivePopup
IsWindowVisible
BringWindowToTop
PostMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetClassNameA
GetParent
LoadBitmapA
AdjustWindowRectEx
IsWindow
DeferWindowPos
DestroyIcon
GetMenu
GetSystemMetrics
IsIconic
GetSubMenu
GetMenuItemID
GetMenuItemCount
DrawIcon
GetCursorPos
PtInRect
LoadCursorA
SetCursor
EnableWindow
LoadIconA
GetClientRect
GetWindowRect
SendMessageA
GetKeyState

gdi32

PtVisible
GetObjectA
DeleteObject
RectVisible
GetStockObject
CreateBitmap
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
GetDeviceCaps
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateSolidBrush
CreateFontA
TextOutA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumValueA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegQueryValueA
RegEnumKeyA
RegCreateKeyExA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA
RegDeleteValueA

shell32

ExtractIconExA
ShellExecuteA

comctl32

ord17
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create

shlwapi

PathFindExtensionA
PathFindFileNameA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

VariantChangeType
VariantInit
VariantClear

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
startup.ico
uninst.ico
uninstall.exe
.exe windows:4 windows x86 arch:x86

1433f2e02f7db60c6c8547c52a3f8504

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
ImageList_AddMasked
ImageList_Destroy
ImageList_Create

kernel32

ExpandEnvironmentStringsA
GetEnvironmentVariableA
lstrcmpiA
CloseHandle
SetFileTime
GetFileAttributesA
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetCurrentDirectoryA
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
ExitProcess
lstrcpynA
GlobalFree
GetWindowsDirectoryA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
GetSystemDirectoryA
MulDiv
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
SetFilePointer
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
ReadFile
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
GetCommandLineA

user32

ExitWindowsEx
CharNextA
DialogBoxParamA
GetClassInfoA
CreateWindowExA
SystemParametersInfoA
RegisterClassA
EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
DispatchMessageA
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
PeekMessageA

gdi32

GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SetBkColor
SelectObject

advapi32

RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegEnumKeyA

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHFileOperationA

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

922b855d216a21490e4bcbf6c29b7f7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GetModuleHandleA
GetPrivateProfileIntA
GlobalAlloc
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
lstrcmpiA

user32

GetDlgCtrlID
GetClientRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
MapWindowPoints
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
PtInRect
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
SendMessageA
SetWindowTextA
GetWindowTextA
wsprintfA
CharNextA
CreateWindowExA

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

comdlg32

GetOpenFileNameA
CommDlgExtendedError
GetSaveFileNameA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
ShellExecuteA

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 930B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallerUtils.dll
.dll windows:4 windows x86 arch:x86

558c809eeacc192bb5a15c618ddd90de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

StrToIntA
StrRChrA

kernel32

GetProcAddress
CreateFileMappingA
MapViewOfFile
GlobalFree
lstrcpyA
lstrcpynA
GlobalAlloc
CloseHandle
lstrcmpiA
UnmapViewOfFile
GetModuleHandleA
Sleep

user32

IsWindow
PostMessageA

Exports

Exports

CheckProcessExecution
StopInstance

Sections

.text
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 706B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

48cfa0ea7e353e4a7dd23572da8374ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetCurrentThread
GetCurrentProcess
GetLastError
GlobalFree
CloseHandle
lstrcpynA
GlobalAlloc

advapi32

OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetUserNameA
OpenThreadToken

Exports

Exports

GetAccountType
GetName

Sections

.text
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 45B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
au.dll
.dll windows:4 windows x86 arch:x86

d7ccc5c4dc65c6da2385efa6f28a624d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
ResumeThread
CreateProcessA
MoveFileA
DeleteFileA
lstrcpyA
GetModuleFileNameA
SetEvent
lstrcatA
lstrcpynA
lstrcmpA
GetLastError
CompareStringA
GetLocalTime
SetFilePointer
GetFileSize
SetFileAttributesA
CreateFileA
GetModuleHandleA
GetVersionExA
Sleep
GetTickCount
WaitForSingleObject
CreateEventA
LoadLibraryA
CreateThread
CloseHandle
InitializeCriticalSection
GlobalFree
lstrlenA
WriteFile
GlobalAlloc

user32

SendMessageA
MoveWindow
ScreenToClient
GetWindowRect
GetDlgItem
SetWindowTextA
DispatchMessageA
TranslateMessage
IsDialogMessageA
GetMessageA
SetWindowLongA
CreateDialogParamA
SetDlgItemTextA
GetWindowLongA
ShowWindow
DestroyWindow
CharLowerBuffA
IsWindow
PostMessageA
wsprintfA
MessageBoxA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCloseKey

wininet

InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable
InternetOpenUrlA
InternetSetOptionA
InternetOpenA
HttpQueryInfoA
InternetGetLastResponseInfoA
FtpCommandA
InternetConnectA
InternetCrackUrlA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
augui.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avcore.dll
.dll windows:4 windows x86 arch:x86

bede9aa7917ad6e40c29a99227d0d45a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

UnmapViewOfFile
GetLastError
MapViewOfFile
SetLastError
GlobalAlloc
GlobalFree
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetVersion
RaiseException

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 483B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
delfile.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
hlib.dll
.dll windows:4 windows x86 arch:x86

ddb4c9ac191abd4ac45584b56924a70b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
GetModuleHandleA
GetVersion
SetLastError
GetLastError
CloseHandle
GlobalReAlloc
SetErrorMode
GetCurrentProcess
CreateFileA
DeviceIoControl
WriteFile
LockResource
LoadResource
SizeofResource
FindResourceA
lstrlenA
GlobalFree
OpenProcess
GlobalSize
FreeLibrary
GetOEMCP
GetVersionExA
GlobalAlloc
HeapAlloc
RtlUnwind
RaiseException
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
HeapFree
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetUnhandledExceptionFilter
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
LCMapStringW
TerminateProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP

user32

CharUpperA

advapi32

RegQueryInfoKeyA

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lang/master_es.lx
reg2.dll
.dll windows:4 windows x86 arch:x86

e138c4e6473122a449cdae116d26d30a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GetProcAddress
GetModuleHandleA
GlobalAlloc

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 521B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 614B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
shields.dat
swnxt.chm
.chm
swnxt.da2
swnxt.dat
swnxt.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 111KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 36B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
unicows.dll
.dll windows:6 windows x86 arch:x86

785d5607ed2f18f4ea0be5809350b169

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:07:11:43:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/05/2002, 00:55

Not After

25/11/2003, 01:05

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

unicows.pdb

Imports

kernel32

GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetDriveTypeA
GetDriveTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
FindClose
IsDBCSLeadByte
GetFullPathNameA
GetFullPathNameW
GetLocaleInfoW
GetLogicalDriveStringsA
GetLogicalDriveStringsW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
GetNamedPipeHandleStateA
GetNamedPipeHandleStateW
GetNumberFormatA
GetNumberFormatW
GetPrivateProfileIntA
GetPrivateProfileIntW
GetPrivateProfileSectionA
GetPrivateProfileSectionW
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionNamesW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetPrivateProfileStructA
GetPrivateProfileStructW
GetProfileIntA
GetProfileIntW
GetProfileSectionA
GetProfileSectionW
GetProfileStringA
GetProfileStringW
GetShortPathNameA
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStringTypeExA
GetStringTypeExW
GetSystemDirectoryA
GetSystemDirectoryW
GetTempFileNameW
GetTempPathW
GetTimeFormatA
GetTimeFormatW
GetVersionExA
GetVersionExW
GetVolumeInformationA
GetVolumeInformationW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAddAtomW
GlobalFindAtomA
GlobalFindAtomW
GlobalGetAtomNameA
GlobalGetAtomNameW
IsBadStringPtrW
IsValidCodePage
LCMapStringA
LCMapStringW
LoadLibraryW
LoadLibraryExW
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
MoveFileW
OpenEventA
OpenEventW
GetDefaultCommConfigW
OpenFileMappingW
OpenMutexA
OpenMutexW
OpenSemaphoreA
OpenSemaphoreW
OutputDebugStringA
OutputDebugStringW
PeekConsoleInputA
PeekConsoleInputW
QueryDosDeviceA
QueryDosDeviceW
ReadConsoleA
ReadConsoleW
ReadConsoleInputA
ReadConsoleInputW
ReadConsoleOutputA
ReadConsoleOutputW
ReadConsoleOutputCharacterA
ReadConsoleOutputCharacterW
RemoveDirectoryA
RemoveDirectoryW
ScrollConsoleScreenBufferA
ScrollConsoleScreenBufferW
SearchPathA
SearchPathW
SetComputerNameA
SetComputerNameW
SetConsoleTitleA
SetConsoleTitleW
SetCurrentDirectoryA
SetCurrentDirectoryW
SetDefaultCommConfigA
SetDefaultCommConfigW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetFileAttributesA
SetFileAttributesW
SetLocaleInfoA
SetLocaleInfoW
SetVolumeLabelA
SetVolumeLabelW
VerLanguageNameA
VerLanguageNameW
WaitNamedPipeA
WaitNamedPipeW
WriteConsoleA
WriteConsoleW
WriteConsoleInputA
WriteConsoleInputW
WriteConsoleOutputA
WriteConsoleOutputW
WriteConsoleOutputCharacterA
WriteConsoleOutputCharacterW
WritePrivateProfileSectionA
WritePrivateProfileSectionW
WritePrivateProfileStringA
WritePrivateProfileStringW
WritePrivateProfileStructA
WritePrivateProfileStructW
WriteProfileSectionA
WriteProfileSectionW
WriteProfileStringA
WriteProfileStringW
FindResourceA
lstrcpyA
IsBadWritePtr
SetErrorMode
GetStringTypeW
FindResourceW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
GetDefaultCommConfigA
GetDateFormatW
GetDateFormatA
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrencyFormatW
GetCurrencyFormatA
GetConsoleTitleW
GetConsoleTitleA
GetComputerNameW
GetComputerNameA
GetAtomNameW
GetAtomNameA
FormatMessageW
FormatMessageA
LocalFree
HeapReAlloc
LocalAlloc
FreeEnvironmentStringsW
FindNextFileW
FindNextFileA
FindFirstFileW
FindFirstFileA
FindFirstChangeNotificationW
FindFirstChangeNotificationA
FindAtomW
FindAtomA
FillConsoleOutputCharacterW
FillConsoleOutputCharacterA
FatalAppExitW
FatalAppExitA
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
EnumTimeFormatsW
EnumTimeFormatsA
EnumSystemLocalesW
EnumSystemLocalesA
EnumSystemCodePagesW
EnumDateFormatsW
EnumDateFormatsA
EnumCalendarInfoW
EnumCalendarInfoA
DeleteFileW
CreateSemaphoreW
CreateSemaphoreA
CreateProcessW
CreateProcessA
CreateNamedPipeW
CreateNamedPipeA
CreateMutexW
CreateMutexA
CreateMailslotW
CreateMailslotA
CreateFileMappingW
CreateFileMappingA
CreateFileW
CreateEventW
CreateEventA
CreateDirectoryExW
CreateDirectoryExA
CreateDirectoryW
CreateDirectoryA
CopyFileW
CopyFileA
CompareStringW
CommConfigDialogW
CommConfigDialogA
CallNamedPipeW
CallNamedPipeA
BuildCommDCBAndTimeoutsW
BuildCommDCBAndTimeoutsA
BuildCommDCBW
BuildCommDCBA
AddAtomW
AddAtomA
InitializeCriticalSection
GetACP
GetOEMCP
DeleteCriticalSection
GetFileAttributesA
LoadLibraryExA
EnumResourceTypesW
EnumResourceNamesW
EnumResourceLanguagesW
lstrlenW
FindResourceExW
SizeofResource
LoadResource
LockResource
FreeResource
GetTempFileNameA
GetTempPathA
DeleteFileA
MoveFileA
_lclose
_lread
_lwrite
_llseek
VirtualQuery
GetSystemInfo
VirtualFree
VirtualAlloc
VirtualProtect
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection
CompareStringA
GlobalAddAtomA
AreFileApisANSI
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
GetCurrentThreadId
lstrcmpA
WideCharToMultiByte
lstrcmpiA
GetLocaleInfoA
CreateFileA
GetFileSize
CloseHandle
IsDBCSLeadByteEx
LoadLibraryA
InterlockedExchange
FreeLibrary
GetModuleHandleA
GetProcAddress
GetCPInfo
GetVersion
GetFileAttributesW
GetLastError
lstrlenA
GetProcessHeap
HeapAlloc
SetLastError
MultiByteToWideChar
OpenFileMappingA
HeapFree
RtlUnwind

user32

SystemParametersInfoW
TranslateAcceleratorW
TabbedTextOutA
TabbedTextOutW
UnregisterClassA
UnregisterClassW
VkKeyScanExA
VkKeyScanExW
WinHelpA
WinHelpW
wvsprintfW
EnumClipboardFormats
GetClipboardData
VkKeyScanW
wsprintfW
IsCharLowerW
IsCharAlphaNumericW
IsCharAlphaW
InsertMenuItemW
InsertMenuItemA
InsertMenuW
InsertMenuA
GrayStringW
GrayStringA
GetWindowTextLengthW
GetWindowTextLengthA
GetWindowTextW
GetWindowTextA
GetWindowLongW
GetTabbedTextExtentW
GetTabbedTextExtentA
GetPropW
GetMessageW
GetMenuStringW
GetMenuStringA
GetMenuItemInfoW
GetMenuItemInfoA
GetKeyNameTextW
GetKeyboardLayout
GetKeyNameTextA
GetKeyboardLayoutNameW
GetKeyboardLayoutNameA
GetDlgItemTextW
GetDlgItemTextA
GetClipboardFormatNameW
GetClipboardFormatNameA
GetClassNameW
GetClassLongW
GetClassLongA
GetClassInfoExW
GetClassInfoExA
GetClassInfoW
GetClassInfoA
FindWindowExW
FindWindowExA
FindWindowW
FindWindowA
EnableWindow
EnumPropsExW
EnumPropsExA
EnumPropsW
EnumPropsA
EnumDisplaySettingsW
EnumDisplaySettingsA
DrawTextExW
DrawTextExA
DrawTextW
DrawTextA
DrawStateW
DrawStateA
DlgDirSelectExW
DlgDirSelectExA
DlgDirSelectComboBoxExW
DlgDirSelectComboBoxExA
DlgDirListComboBoxW
DlgDirListComboBoxA
DlgDirListW
SystemParametersInfoA
DispatchMessageW
DialogBoxParamW
DialogBoxParamA
DialogBoxIndirectParamW
DialogBoxIndirectParamA
DefMDIChildProcW
DefFrameProcW
DefDlgProcW
DdeQueryStringW
DdeQueryStringA
DdeQueryConvInfo
DdeInitializeW
DdeInitializeA
DdeCreateStringHandleW
DdeCreateStringHandleA
DdeConnectList
DdeConnect
CharUpperBuffW
CharUpperW
CharToOemBuffW
CharToOemW
CharPrevW
CharNextW
CharLowerBuffW
CharLowerW
ChangeMenuW
SetWindowTextW
SetWindowTextA
SetWindowsHookExW
SetWindowsHookW
SetWindowsHookA
SetWindowLongW
SetPropW
SetMenuItemInfoW
SetMenuItemInfoA
SetDlgItemTextW
SetDlgItemTextA
SetClassLongW
SetClassLongA
SendNotifyMessageW
SendMessageTimeoutW
SendMessageCallbackW
SendMessageW
SendDlgItemMessageW
RemovePropW
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClipboardFormatA
RegisterClassExW
RegisterClassExA
RegisterClassW
RegisterClassA
PostThreadMessageW
PostMessageW
PeekMessageW
OemToCharBuffW
OemToCharW
ModifyMenuW
ModifyMenuA
MessageBoxIndirectW
MessageBoxIndirectA
MessageBoxExW
MessageBoxW
MapVirtualKeyExW
MapVirtualKeyExA
ChangeMenuA
ChangeDisplaySettingsW
ChangeDisplaySettingsA
CreateWindowExW
CreateWindowExA
CreateMDIWindowW
CreateMDIWindowA
CreateDialogParamW
CreateDialogParamA
CreateDialogIndirectParamW
CreateDialogIndirectParamA
CreateAcceleratorTableW
CreateAcceleratorTableA
CopyAcceleratorTableW
CopyAcceleratorTableA
CallWindowProcW
CallMsgFilterW
CallMsgFilterA
AppendMenuW
AppendMenuA
GetWindowThreadProcessId
SetWindowLongA
TranslateAcceleratorA
IsDialogMessageA
DispatchMessageA
PeekMessageA
GetMessageA
PostThreadMessageA
PostMessageA
SendNotifyMessageA
SendMessageTimeoutA
SendMessageCallbackA
SendMessageA
DefWindowProcA
CallWindowProcA
DefMDIChildProcA
DefFrameProcA
DefDlgProcA
GetWindowLongA
GetParent
GetDlgItem
SetPropA
RemovePropA
GetPropA
IsDlgButtonChecked
GetClassNameA
CharLowerA
CharUpperA
UnhookWindowsHookEx
SetWindowsHookExA
MapVirtualKeyW
CallNextHookEx
MapVirtualKeyA
LoadStringW
LoadMenuIndirectW
LoadMenuIndirectA
EnumChildWindows
RegisterWindowMessageA
LoadMenuW
LoadMenuA
LoadKeyboardLayoutW
LoadKeyboardLayoutA
LoadImageW
LoadImageA
LoadIconW
LoadIconA
LoadCursorFromFileW
LoadCursorFromFileA
LoadCursorW
LoadCursorA
LoadBitmapW
LoadBitmapA
LoadAcceleratorsW
LoadAcceleratorsA
IsWindowUnicode
IsWindow
IsDialogMessageW
DlgDirListA
IsClipboardFormatAvailable
IsCharUpperW

gdi32

GetEnhMetaFileDescriptionW
GetGlyphOutlineA
GetGlyphOutlineW
GetICMProfileA
GetICMProfileW
GetKerningPairsA
GetKerningPairsW
GetLogColorSpaceA
GetLogColorSpaceW
GetMetaFileA
GetMetaFileW
GetObjectA
GetObjectType
GetObjectW
GetOutlineTextMetricsA
GetOutlineTextMetricsW
GetTextExtentExPointA
GetTextExtentExPointW
GetTextExtentPointA
GetEnhMetaFileDescriptionA
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextFaceA
GetTextFaceW
GetTextMetricsA
GetTextMetricsW
PolyTextOutA
PolyTextOutW
RemoveFontResourceA
RemoveFontResourceW
ResetDCA
ResetDCW
SetICMProfileA
SetICMProfileW
StartDocA
StartDocW
TextOutW
UpdateICMRegKeyA
UpdateICMRegKeyW
GetEnhMetaFileW
GetEnhMetaFileA
GetCharacterPlacementW
GetCharacterPlacementA
GetCharWidthFloatW
GetCharWidthFloatA
GetCharWidth32W
GetCharWidthW
GetCharWidthA
GetCharABCWidthsFloatW
GetCharABCWidthsFloatA
GetCharABCWidthsW
GetCharABCWidthsA
ExtTextOutW
ExtTextOutA
EnumICMProfilesW
EnumICMProfilesA
EnumFontsW
EnumFontsA
EnumFontFamiliesExW
EnumFontFamiliesExA
EnumFontFamiliesW
EnumFontFamiliesA
CreateScalableFontResourceW
CreateScalableFontResourceA
CreateMetaFileW
CreateMetaFileA
CreateICW
CreateICA
CreateFontIndirectW
CreateFontIndirectA
CreateFontW
CreateFontA
CreateEnhMetaFileW
CreateEnhMetaFileA
CreateDCW
CreateDCA
CreateColorSpaceW
CreateColorSpaceA
CopyMetaFileW
CopyMetaFileA
CopyEnhMetaFileW
CopyEnhMetaFileA
AddFontResourceW
AddFontResourceA
GetFontData
GetTextExtentPointW
TranslateCharsetInfo
GetTextCharset

mpr

WNetGetUniversalNameW
MultinetGetConnectionPerformanceW
WNetAddConnectionA
WNetAddConnectionW
WNetAddConnection2A
WNetAddConnection2W
WNetAddConnection3A
WNetAddConnection3W
WNetCancelConnectionA
WNetCancelConnectionW
WNetCancelConnection2A
WNetCancelConnection2W
WNetConnectionDialog1A
WNetConnectionDialog1W
WNetDisconnectDialog1A
WNetDisconnectDialog1W
WNetEnumResourceA
WNetEnumResourceW
WNetGetConnectionA
WNetGetConnectionW
WNetGetLastErrorA
WNetGetLastErrorW
WNetGetNetworkInformationA
WNetGetNetworkInformationW
WNetGetProviderNameA
WNetUseConnectionW
WNetUseConnectionA
WNetOpenEnumW
WNetOpenEnumA
WNetGetUserW
WNetGetUserA
MultinetGetConnectionPerformanceA
WNetGetUniversalNameA
WNetGetResourceParentW
WNetGetResourceParentA
WNetGetResourceInformationW
WNetGetResourceInformationA
WNetGetProviderNameW

advapi32

RegOpenKeyA
RegEnumValueA
RegUnLoadKeyW
RegUnLoadKeyA
RegSetValueExW
RegSetValueExA
RegSetValueW
RegSetValueA
RegSaveKeyW
RegSaveKeyA
RegReplaceKeyW
RegReplaceKeyA
RegQueryValueExW
RegQueryValueExA
RegQueryValueW
RegQueryValueA
RegQueryMultipleValuesW
RegQueryMultipleValuesA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyW
RegCloseKey
RegLoadKeyW
RegLoadKeyA
RegEnumValueW
RegEnumKeyExW
RegEnumKeyExA
RegEnumKeyW
RegEnumKeyA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW
RegCreateKeyExA
RegCreateKeyW
RegCreateKeyA
RegConnectRegistryW
RegConnectRegistryA
IsTextUnicode
GetUserNameW
GetUserNameA
RegOpenKeyExA

comdlg32

GetOpenFileNameW
GetFileTitleW
GetFileTitleA
FindTextW
ChooseFontW
ChooseFontA
ChooseColorW
ChooseColorA
ReplaceTextW
FindTextA
ReplaceTextA
GetOpenFileNameA
GetSaveFileNameA
PageSetupDlgA
PageSetupDlgW
PrintDlgA
PrintDlgW
GetSaveFileNameW

version

VerQueryValueW
VerQueryValueA
VerInstallFileW
VerInstallFileA
VerFindFileW
VerFindFileA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoA

shell32

SHGetPathFromIDListA
ord180
ord179
SHGetFileInfoA
SHFileOperationA
SHChangeNotify
SHBrowseForFolderA
Shell_NotifyIconA
ShellExecuteExA
ShellExecuteW
ShellExecuteA
ShellAboutW
ShellAboutA
FindExecutableW
FindExecutableA
ExtractIconExA
DragQueryFileA
DragQueryFileW
ExtractIconW
ExtractIconA

winspool.drv

GetPrinterW
GetPrinterDataW
GetPrinterDriverW
GetPrinterDriverDirectoryA
GetPrinterDriverDirectoryW
GetPrintProcessorDirectoryA
GetPrintProcessorDirectoryW
GetJobW
OpenPrinterW
ResetPrinterA
ResetPrinterW
SetJobA
SetJobW
SetPrinterA
SetPrinterW
SetPrinterDataA
SetPrinterDataW
StartDocPrinterA
EnumPrintProcessorsW
EnumPrintProcessorDatatypesW
EnumPrintersW
EnumPrinterDriversW
EnumPortsW
EnumMonitorsW
DocumentPropertiesW
DocumentPropertiesA
DeviceCapabilitiesW
DeviceCapabilitiesA
DeletePrintProvidorW
DeletePrintProvidorA
DeletePrintProcessorW
DeletePrintProcessorA
DeletePrinterDriverW
DeletePrinterDriverA
DeletePortW
DeletePortA
DeleteMonitorW
DeleteMonitorA
ConfigurePortW
ConfigurePortA
AdvancedDocumentPropertiesW
AdvancedDocumentPropertiesA
AddPrintProvidorW
AddPrintProvidorA
AddPrintProcessorW
AddPrintProcessorA
AddPrinterDriverW
AddPrinterDriverA
AddPrinterW
AddPrinterA
AddPortW
AddPortA
AddMonitorW
AddMonitorA
AddJobW
AddJobA
OpenPrinterA
StartDocPrinterW

oledlg

OleUIUpdateLinksW
OleUIPromptUserW
OleUIPasteSpecialW
OleUIObjectPropertiesW
OleUIInsertObjectW
OleUIEditLinksW
OleUIConvertW
OleUIChangeSourceW
OleUIChangeIconW
OleUIBusyW
ord8
OleUIAddVerbMenuW
ord1
ord6

winmm

waveOutGetErrorTextW
waveOutGetErrorTextA
waveOutGetDevCapsW
waveOutGetDevCapsA
waveInGetErrorTextW
mixerGetControlDetailsW
midiOutGetErrorTextW
midiOutGetErrorTextA
midiOutGetDevCapsW
midiOutGetDevCapsA
midiInGetErrorTextW
midiInGetDevCapsW
midiInGetDevCapsA
mciSendStringW
mciSendStringA
mciSendCommandW
mciGetErrorStringW
mciGetErrorStringA
midiInGetErrorTextA
mciGetDeviceIDW
mciGetDeviceIDA
joyGetDevCapsW
joyGetDevCapsA
auxGetDevCapsW
auxGetDevCapsA
PlaySoundW
PlaySoundA
mixerGetDevCapsW
mixerGetLineControlsW
mixerGetLineInfoW
mmioInstallIOProcW
mmioOpenA
mmioOpenW
mmioRenameA
mmioRenameW
mmioStringToFOURCCA
mmioStringToFOURCCW
sndPlaySoundA
sndPlaySoundW
waveInGetDevCapsA
waveInGetDevCapsW
waveInGetErrorTextA
mixerGetDevCapsA

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

msvfw32

MCIWndCreateW
MCIWndCreateA
GetSaveFileNamePreviewW
GetOpenFileNamePreviewW

imm32

ImmReleaseContext
ImmGetCompositionStringA
ImmGetContext
ImmGetCompositionStringW

Exports

Exports

AcquireCredentialsHandleW
AddAtomW
AddFontResourceW
AddJobW
AddMonitorW
AddPortW
AddPrintProcessorW
AddPrintProvidorW
AddPrinterDriverW
AddPrinterW
AdvancedDocumentPropertiesW
AppendMenuW
BeginUpdateResourceA
BeginUpdateResourceW
BroadcastSystemMessageW
BuildCommDCBAndTimeoutsW
BuildCommDCBW
CallMsgFilterW
CallNamedPipeW
CallWindowProcA
CallWindowProcW
ChangeDisplaySettingsExW
ChangeDisplaySettingsW
ChangeMenuW
CharLowerBuffW
CharLowerW
CharNextW
CharPrevW
CharToOemBuffW
CharToOemW
CharUpperBuffW
CharUpperW
ChooseColorW
ChooseFontW
CommConfigDialogW
CompareStringW
ConfigurePortW
CopyAcceleratorTableW
CopyEnhMetaFileW
CopyFileExW
CopyFileW
CopyMetaFileW
CreateAcceleratorTableW
CreateColorSpaceW
CreateDCW
CreateDialogIndirectParamW
CreateDialogParamW
CreateDirectoryExW
CreateDirectoryW
CreateEnhMetaFileW
CreateEventW
CreateFileMappingW
CreateFileW
CreateFontIndirectW
CreateFontW
CreateICW
CreateMDIWindowW
CreateMailslotW
CreateMetaFileW
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateScalableFontResourceW
CreateSemaphoreW
CreateStdAccessibleProxyW
CreateWaitableTimerW
CreateWindowExW
CryptAcquireContextW
CryptEnumProviderTypesW
CryptEnumProvidersW
CryptGetDefaultProviderW
CryptSetProviderExW
CryptSetProviderW
CryptSignHashW
CryptVerifySignatureW
DdeConnect
DdeConnectList
DdeCreateStringHandleW
DdeInitializeW
DdeQueryConvInfo
DdeQueryStringW
DefDlgProcW
DefFrameProcW
DefMDIChildProcW
DefWindowProcW
DeleteFileW
DeleteMonitorW
DeletePortW
DeletePrintProcessorW
DeletePrintProvidorW
DeletePrinterDriverW
DeviceCapabilitiesW
DialogBoxIndirectParamW
DialogBoxParamW
DispatchMessageW
DlgDirListComboBoxW
DlgDirListW
DlgDirSelectComboBoxExW
DlgDirSelectExW
DocumentPropertiesW
DragQueryFileW
DrawStateW
DrawTextExW
DrawTextW
EnableWindow
EndUpdateResourceA
EndUpdateResourceW
EnumCalendarInfoExW
EnumCalendarInfoW
EnumClipboardFormats
EnumDateFormatsExW
EnumDateFormatsW
EnumDisplayDevicesW
EnumDisplaySettingsExW
EnumDisplaySettingsW
EnumFontFamiliesExW
EnumFontFamiliesW
EnumFontsW
EnumICMProfilesW
EnumMonitorsW
EnumPortsW
EnumPrintProcessorDatatypesW
EnumPrintProcessorsW
EnumPrinterDriversW
EnumPrintersW
EnumPropsA
EnumPropsExA
EnumPropsExW
EnumPropsW
EnumSystemCodePagesW
EnumSystemLocalesW
EnumTimeFormatsW
EnumerateSecurityPackagesW
ExpandEnvironmentStringsW
ExtTextOutW
ExtractIconExW
ExtractIconW
FatalAppExitW
FillConsoleOutputCharacterW
FindAtomW
FindExecutableW
FindFirstChangeNotificationW
FindFirstFileW
FindNextFileW
FindResourceExW
FindResourceW
FindTextW
FindWindowExW
FindWindowW
FormatMessageW
FreeContextBuffer
FreeEnvironmentStringsW
GetAltTabInfoW
GetAtomNameW
GetCPInfo
GetCPInfoExW
GetCalendarInfoW
GetCharABCWidthsFloatW
GetCharABCWidthsW
GetCharWidth32W
GetCharWidthFloatW
GetCharWidthW
GetCharacterPlacementW
GetClassInfoExW
GetClassInfoW
GetClassLongW
GetClassNameW
GetClipboardData
GetClipboardFormatNameW
GetComputerNameW
GetConsoleTitleW
GetCurrencyFormatW
GetCurrentDirectoryW
GetCurrentHwProfileW
GetDateFormatW
GetDefaultCommConfigW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDlgItemTextW
GetDriveTypeW
GetEnhMetaFileDescriptionW
GetEnhMetaFileW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesExW
GetFileAttributesW
GetFileTitleW
GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFullPathNameW
GetGlyphOutlineW
GetICMProfileW
GetJobW
GetKerningPairsW
GetKeyNameTextW
GetKeyboardLayoutNameW
GetLocaleInfoW
GetLogColorSpaceW
GetLogicalDriveStringsW
GetLongPathNameW
GetMenuItemInfoW
GetMenuStringW
GetMessageW
GetMetaFileW
GetModuleFileNameW
GetModuleHandleW
GetMonitorInfoW
GetNamedPipeHandleStateW
GetNumberFormatW
GetObjectW
GetOpenFileNamePreviewW
GetOpenFileNameW
GetOutlineTextMetricsW
GetPrintProcessorDirectoryW
GetPrinterDataW
GetPrinterDriverDirectoryW
GetPrinterDriverW
GetPrinterW
GetPrivateProfileIntW
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
GetPrivateProfileStringW
GetPrivateProfileStructW
GetProcAddress
GetProfileIntW
GetProfileSectionW
GetProfileStringW
GetPropA
GetPropW
GetRoleTextW
GetSaveFileNamePreviewW
GetSaveFileNameW
GetShortPathNameW
GetStartupInfoW
GetStateTextW
GetStringTypeExW
GetStringTypeW
GetSystemDirectoryW
GetSystemWindowsDirectoryW
GetTabbedTextExtentW
GetTempFileNameW
GetTempPathW
GetTextExtentExPointW
GetTextExtentPoint32W
GetTextExtentPointW
GetTextFaceW
GetTextMetricsW
GetTimeFormatW
GetUserNameW
GetVersionExW
GetVolumeInformationW
GetWindowLongA
GetWindowLongW
GetWindowModuleFileNameW
GetWindowTextLengthW
GetWindowTextW
GetWindowsDirectoryW
GlobalAddAtomW
GlobalFindAtomW
GlobalGetAtomNameW
GrayStringW
InitSecurityInterfaceW
InitializeSecurityContextW
InsertMenuItemW
InsertMenuW
IsBadStringPtrW
IsCharAlphaNumericW
IsCharAlphaW
IsCharLowerW
IsCharUpperW
IsClipboardFormatAvailable
IsDestinationReachableW
IsDialogMessageW
IsTextUnicode
IsValidCodePage
IsWindowUnicode
LCMapStringW
LoadAcceleratorsW
LoadBitmapW
LoadCursorFromFileW
LoadCursorW
LoadIconW
LoadImageW
LoadKeyboardLayoutW
LoadLibraryExW
LoadLibraryW
LoadMenuIndirectW
LoadMenuW
LoadStringW
MCIWndCreateW
MapVirtualKeyExW
MapVirtualKeyW
MessageBoxExW
MessageBoxIndirectW
MessageBoxW
ModifyMenuW
MoveFileW
MultiByteToWideChar
MultinetGetConnectionPerformanceW
OemToCharBuffW
OemToCharW
OleUIAddVerbMenuW
OleUIBusyW
OleUIChangeIconW
OleUIChangeSourceW
OleUIConvertW
OleUIEditLinksW
OleUIInsertObjectW
OleUIObjectPropertiesW
OleUIPasteSpecialW
OleUIPromptUserW
OleUIUpdateLinksW
OpenEventW
OpenFileMappingW
OpenMutexW
OpenPrinterW
OpenSemaphoreW
OpenWaitableTimerW
OutputDebugStringW
PageSetupDlgW
PeekConsoleInputW
PeekMessageW
PlaySoundW
PolyTextOutW
PostMessageW
PostThreadMessageW
PrintDlgW
QueryContextAttributesW
QueryCredentialsAttributesW
QueryDosDeviceW
QuerySecurityPackageInfoW
RasConnectionNotificationW
RasCreatePhonebookEntryW
RasDeleteEntryW
RasDeleteSubEntryW
RasDialW
RasEditPhonebookEntryW
RasEnumConnectionsW
RasEnumDevicesW
RasEnumEntriesW
RasGetConnectStatusW
RasGetEntryDialParamsW
RasGetEntryPropertiesW
RasGetErrorStringW
RasGetProjectionInfoW
RasHangUpW
RasRenameEntryW
RasSetEntryDialParamsW
RasSetEntryPropertiesW
RasSetSubEntryPropertiesW
RasValidateEntryNameW
ReadConsoleInputW
ReadConsoleOutputCharacterW
ReadConsoleOutputW
ReadConsoleW
RegConnectRegistryW
RegCreateKeyExW
RegCreateKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumKeyW
RegEnumValueW
RegLoadKeyW
RegOpenKeyExW
RegOpenKeyW
RegQueryInfoKeyW
RegQueryMultipleValuesW
RegQueryValueExW
RegQueryValueW
RegReplaceKeyW
RegSaveKeyW
RegSetValueExW
RegSetValueW
RegUnLoadKeyW
RegisterClassExW
RegisterClassW
RegisterClipboardFormatW
RegisterDeviceNotificationW
RegisterWindowMessageW
RemoveDirectoryW
RemoveFontResourceW
RemovePropA
RemovePropW
ReplaceTextW
ResetDCW
ResetPrinterW
SHBrowseForFolderW
SHChangeNotify
SHFileOperationW
SHGetFileInfoW
SHGetNewLinkInfoW
SHGetPathFromIDListW
ScrollConsoleScreenBufferW
SearchPathW
SendDlgItemMessageW
SendMessageCallbackW
SendMessageTimeoutW
SendMessageW
SendNotifyMessageW
SetCalendarInfoW
SetClassLongW
SetComputerNameW
SetConsoleTitleW
SetCurrentDirectoryW
SetDefaultCommConfigW
SetDlgItemTextW
SetEnvironmentVariableW
SetFileAttributesW
SetICMProfileW
SetJobW
SetLocaleInfoW
SetMenuItemInfoW
SetPrinterDataW
SetPrinterW
SetPropA
SetPropW
SetVolumeLabelW
SetWindowLongA
SetWindowLongW
SetWindowTextW
SetWindowsHookExW
SetWindowsHookW
ShellAboutW
ShellExecuteExW
ShellExecuteW
Shell_NotifyIconW
StartDocPrinterW
StartDocW
SystemParametersInfoW
TabbedTextOutW
TextOutW
TranslateAcceleratorW
UnregisterClassW
UpdateICMRegKeyW
UpdateResourceA
UpdateResourceW
VerFindFileW
VerInstallFileW
VerLanguageNameW
VerQueryValueW
VkKeyScanExW
VkKeyScanW
WNetAddConnection2W
WNetAddConnection3W
WNetAddConnectionW
WNetCancelConnection2W
WNetCancelConnectionW
WNetConnectionDialog1W
WNetDisconnectDialog1W
WNetEnumResourceW
WNetGetConnectionW
WNetGetLastErrorW
WNetGetNetworkInformationW
WNetGetProviderNameW
WNetGetResourceInformationW
WNetGetResourceParentW
WNetGetUniversalNameW
WNetGetUserW
WNetOpenEnumW
WNetUseConnectionW
WaitNamedPipeW
WideCharToMultiByte
WinHelpW
WriteConsoleInputW
WriteConsoleOutputCharacterW
WriteConsoleOutputW
WriteConsoleW
WritePrivateProfileSectionW
WritePrivateProfileStringW
WritePrivateProfileStructW
WriteProfileSectionW
WriteProfileStringW
__FreeAllLibrariesInMsluDll
auxGetDevCapsW
capCreateCaptureWindowW
capGetDriverDescriptionW
joyGetDevCapsW
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW
mciGetDeviceIDW
mciGetErrorStringW
mciSendCommandW
mciSendStringW
midiInGetDevCapsW
midiInGetErrorTextW
midiOutGetDevCapsW
midiOutGetErrorTextW
mixerGetControlDetailsW
mixerGetDevCapsW
mixerGetLineControlsW
mixerGetLineInfoW
mmioInstallIOProcW
mmioOpenW
mmioRenameW
mmioStringToFOURCCW

Sections

.text
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
crack.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 92KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3c1b27083f9fe9eb9b4f9671a370a84d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 158KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 27KB - Virtual size: 27KB

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 954B

5c38cb7ec6746a0e2706bc5272d21696

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 1KB

.rdata Size: 4KB - Virtual size: 501B

.data Size: 4KB - Virtual size: 309B

.reloc Size: 4KB - Virtual size: 186B

2db813254ea8b4d2a92d703ecb659f39

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 681B

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 352B

.reloc Size: 512B - Virtual size: 254B

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 127KB - Virtual size: 127KB

DATA Size: 3KB - Virtual size: 2KB

BSS Size: - Virtual size: 7KB

.idata Size: 3KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 169B

.reloc Size: 8KB - Virtual size: 8KB

.rsrc Size: 6KB - Virtual size: 6KB

1433f2e02f7db60c6c8547c52a3f8504

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 158KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 27KB - Virtual size: 27KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 954B

.text
Size: 4KB - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 501B

.data
Size: 4KB - Virtual size: 309B

.reloc
Size: 4KB - Virtual size: 186B

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 681B

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 254B

CODE
Size: 127KB - Virtual size: 127KB

DATA
Size: 3KB - Virtual size: 2KB

BSS
Size: - Virtual size: 7KB

.idata
Size: 3KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 169B

.reloc
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 6KB - Virtual size: 6KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 152KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 27KB - Virtual size: 28KB

.text
Size: 1024B - Virtual size: 672B

.rdata
Size: 1024B - Virtual size: 706B

.data
Size: - Virtual size: 12B

.reloc
Size: 512B - Virtual size: 136B

.text
Size: 1024B - Virtual size: 572B

.rdata
Size: 1024B - Virtual size: 576B

.data
Size: 512B - Virtual size: 45B

.reloc
Size: 512B - Virtual size: 132B

.text
Size: 180KB - Virtual size: 176KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 8KB - Virtual size: 21KB

.rsrc
Size: 168KB - Virtual size: 166KB