833aec3534ca8afcca08dac1f57153b5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

833aec3534ca8afcca08dac1f57153b5_JaffaCakes118
Size

2.1MB
MD5

833aec3534ca8afcca08dac1f57153b5
SHA1

0540b7d9b32b611bc4a43e441fab833d4d2ef7f4
SHA256

07c191271ec4bc0abab568b44c2b66b350c2be59636c57ab08b9802eb98368ea
SHA512

ef78be8dd9d3310a0f8b78bc2a38f9c107aa6e671bf89d22cd90dd834861a68e2458be97b78b8186681d9ce0917495d39f71a5c7595508ed9d1919a3666eee20
SSDEEP

49152:24rvakTf1KJah7YHc/Jcy0nLZnNv14tpnT2DPpTuiDUlVPFp:24rCANKJCMHc/7ANv1IT2FAdFp

Score

3^/10

Malware Config

Signatures

Unsigned PE 39 IoCs

Checks for missing Authenticode signature.

resource
unpack001/KeyGen/Keygen.exe
unpack002/$PLUGINSDIR/AdvSplash.dll
unpack002/$PLUGINSDIR/HaaliMkx.exe
unpack003/$PLUGINSDIR/InstallOptions.dll
unpack003/$PLUGINSDIR/StartMenu.dll
unpack003/$PLUGINSDIR/System.dll
unpack003/avi.dll.new
unpack003/avi.x64.dll.new
unpack003/avs.dll.new
unpack003/avss.dll.new
unpack003/dsmux.exe.new
unpack003/dsmux.x64.exe.new
unpack003/dxr.dll.new
unpack003/dxr.x64.dll.new
unpack003/gdsmux.exe.new
unpack003/gdsmux.x64.exe.new
unpack003/mkunicode.dll.new
unpack003/mkunicode.x64.dll.new
unpack003/mkv2vfr.exe
unpack003/mkv2vfr.x64.exe
unpack003/mkx.dll.new
unpack003/mkx.x64.dll.new
unpack003/mkzlib.dll.new
unpack003/mkzlib.x64.dll.new
unpack003/mp4.dll.new
unpack003/mp4.x64.dll.new
unpack003/ogm.dll.new
unpack003/ogm.x64.dll.new
unpack003/splitter.ax.new
unpack003/splitter.x64.ax.new
unpack003/ts.dll.new
unpack003/ts.x64.dll.new
unpack003/uninstall.exe
unpack004/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/avcreg.dll
unpack002/CoreAVCDecoder.ax
unpack002/CoreAVCDecoder64.ax

NSIS installer 6 IoCs

installer

resource	yara_rule
static1/unpack001/Setup.exe	nsis_installer_1
static1/unpack001/Setup.exe	nsis_installer_2
static1/unpack002/$PLUGINSDIR/HaaliMkx.exe	nsis_installer_1
static1/unpack002/$PLUGINSDIR/HaaliMkx.exe	nsis_installer_2
static1/unpack003/uninstall.exe	nsis_installer_1
static1/unpack003/uninstall.exe	nsis_installer_2

Files

833aec3534ca8afcca08dac1f57153b5_JaffaCakes118
.rar
HERiTAGE.nfo
KeyGen/Keygen.exe
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

LoadLi
Size: 4KB - Virtual size: 1830.1MB

Size: 416KB - Virtual size: 4B

��
Size: - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
Setup.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Code Sign

1b
Certificate

Issuer

CN=Equifax Secure eBusiness CA-1,O=Equifax Secure Inc.,C=US

Not Before

07/10/2002, 14:54

Not After

21/06/2020, 04:00

Subject

CN=GeoTrust True Credentials CA 2,O=GeoTrust Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

10:f2:3f
Certificate

Issuer

CN=GeoTrust True Credentials CA 2,O=GeoTrust Inc.,C=US

Not Before

04/07/2010, 04:35

Not After

20/07/2011, 00:31

Subject

CN=CoreCodec Inc.,OU=CPS terms incorporated by reference liability limited.+OU=See Public S/MIME CPS www.geotrust.com/resources/CPS.+OU=Phone Validation - 1(415) 449-7995+OU=Email and phone validated only.,1.2.840.113549.1.9.1=#0c156b7461796c6f7240636f7265636f6465632e636f6d

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageKeyEncipherment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/AdvSplash.dll
.dll windows:4 windows x86 arch:x86

741b6bafe355b63a372d737b30543a95

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
GetVersion
lstrcpyA
lstrcatA
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree

user32

LoadCursorA
RegisterClassA
SetWindowPos
SetWindowLongA
SystemParametersInfoA
EndPaint
GetClientRect
BeginPaint
DefWindowProcA
DestroyWindow
LoadImageA
CreateWindowExA
IsWindow
GetMessageA
DispatchMessageA
UnregisterClassA
wsprintfA
PostMessageA
SetWindowRgn
EnumDisplaySettingsA

gdi32

CombineRgn
CreateRectRgn
GetDIBits
SelectObject
CreateCompatibleDC
GetObjectA
DeleteDC
BitBlt
DeleteObject

winmm

timeSetEvent
PlaySoundA
timeKillEvent

Exports

Exports

show

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/HaaliMkx.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/StartMenu.dll
.dll windows:4 windows x86 arch:x86

a648aeaa164b592c1e8892a10400b5ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
lstrcatA
FindClose
FindNextFileA
MulDiv
GlobalFree
lstrcpynA
GlobalAlloc
lstrcmpiA
FindFirstFileA
lstrcpyA

user32

TranslateMessage
GetMessageA
IsDialogMessageA
PostMessageA
DispatchMessageA
GetWindowLongA
CheckDlgButton
ShowWindow
LoadIconA
GetClientRect
MoveWindow
ScreenToClient
GetWindowRect
ReleaseDC
GetDC
EnableWindow
SetWindowTextA
SendMessageA
IsDlgButtonChecked
GetWindowTextA
DestroyWindow
GetDlgItem
CreateDialogParamA
SetWindowLongA
wsprintfA
CallWindowProcA

gdi32

GetTextMetricsA
SelectObject

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoTaskMemFree

Exports

Exports

Init
Select
Show

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 518B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/options.ini
avi.dll.new
.dll regsvr32 windows:5 windows x86 arch:x86

137c2204050ee4bb5202bad653832958

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadResource
SizeofResource
LoadLibraryExW
MultiByteToWideChar
FreeLibrary
GetThreadLocale
SetThreadLocale
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
lstrcmpiW
GetModuleHandleW
GetProcAddress
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
FindResourceW
lstrlenW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
lstrlenA
GetTickCount
CloseHandle
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCommandLineA
VirtualFree
VirtualAlloc
HeapCreate
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
VirtualQuery
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetModuleHandleA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

CharNextW

advapi32

RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegSetValueExW

ole32

CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc

oleaut32

SysStringLen
SafeArrayCreate
SafeArrayAccessData
SafeArrayDestroy
VariantClear
SysAllocStringLen
VariantChangeType
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SafeArrayUnaccessData

mkunicode

Utf8ToUtf16

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avi.x64.dll.new
.dll regsvr32 windows:5 windows x64 arch:x64

88c2c898c10c959123104c59ececc357

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
GetThreadLocale
SetThreadLocale
GetModuleFileNameW
lstrcmpiW
GetModuleHandleW
GetProcAddress
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
LoadLibraryExW
lstrlenW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
lstrlenA
GetTickCount
CloseHandle
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RtlUnwindEx
GetCurrentThreadId
FlsSetValue
GetCommandLineA
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
HeapSetInformation
HeapCreate
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
RtlPcToFileHeader
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

CharNextW

advapi32

RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegSetValueExW

ole32

CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc

oleaut32

SysStringLen
SafeArrayCreate
SafeArrayAccessData
SafeArrayDestroy
VariantClear
SysAllocStringLen
VariantChangeType
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SafeArrayUnaccessData

mkunicode.x64

Utf8ToUtf16

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avs.dll.new
.dll regsvr32 windows:5 windows x86 arch:x86

6b20afe02d526ed71972f2d1712f0ea1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
lstrcmpiW
GetProcAddress
GetModuleHandleA
GetThreadLocale
GetLastError
SetThreadLocale
RaiseException
lstrlenW
MultiByteToWideChar
GetModuleFileNameW
LeaveCriticalSection
SizeofResource
InitializeCriticalSection
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
LoadResource
FreeLibrary
DeleteCriticalSection
FindResourceW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
lstrlenA
GetTickCount
CloseHandle
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
VirtualFree
VirtualAlloc
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualQuery

user32

CharNextW

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
StringFromGUID2

oleaut32

VariantClear
VariantInit
SysAllocStringLen
SysFreeString
VarUI4FromStr
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
VariantChangeType

mkunicode

Utf8ToUtf16

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avss.dll.new
.dll windows:5 windows x86 arch:x86

d09205a0efe7fb1cd0791fba2a764d7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
CloseHandle
CreateEventW
ResetEvent
GetLastError
MultiByteToWideChar
SetEvent
WaitForSingleObject
InterlockedDecrement
InterlockedIncrement
lstrlenA
RaiseException
GetTickCount
GetProcAddress
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
Sleep
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
LoadLibraryA
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
GetModuleHandleA

ole32

CreateItemMoniker
CoCreateInstance
CoTaskMemFree
GetRunningObjectTable

oleaut32

VariantClear

Exports

Exports

_AvisynthPluginInit2@4

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cue2xml.js
.js
dsmux.exe.new
.exe windows:5 windows x86 arch:x86

a1011808f6bcb162775c8fb7ccc3f3ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleOutputCP
GetStdHandle
VirtualAlloc
SetConsoleCtrlHandler
GetACP
GetModuleFileNameA
VirtualProtect
CloseHandle
DeleteFileW
GetModuleFileNameW
SizeofResource
GetConsoleMode
WideCharToMultiByte
WriteFile
GetModuleHandleW
WaitForSingleObject
CreateProcessW
LoadResource
FindResourceW
FindResourceExW
VirtualQuery
LockResource
GetCommandLineW
RaiseException
MultiByteToWideChar
GetTickCount
GetProcAddress
CreateFileW
GetTempPathW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetLastError
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
VirtualFree
Sleep
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetConsoleCP
LoadLibraryA
SetStdHandle
WriteConsoleA
WriteConsoleW
ReadFile
CreateFileA
FlushFileBuffers
GetModuleHandleA

ole32

CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocStringLen
VariantClear

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dsmux.x64.exe.new
.exe windows:5 windows x64 arch:x64

e8ea481a4589400f011867893e0a74e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetConsoleOutputCP
GetStdHandle
VirtualAlloc
SetConsoleCtrlHandler
GetACP
GetModuleFileNameA
VirtualProtect
CloseHandle
DeleteFileW
GetModuleFileNameW
SizeofResource
GetConsoleMode
WideCharToMultiByte
WriteFile
GetModuleHandleW
WaitForSingleObject
CreateProcessW
LoadResource
FindResourceW
FindResourceExW
VirtualQuery
LockResource
GetCommandLineW
RaiseException
MultiByteToWideChar
GetTickCount
GetProcAddress
CreateFileW
GetTempPathW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetLastError
GetCommandLineA
RtlUnwindEx
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
GetOEMCP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
HeapSetInformation
HeapCreate
Sleep
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
RtlPcToFileHeader
SetFilePointer
GetConsoleCP
LoadLibraryA
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
WriteConsoleW
ReadFile
CreateFileA
FlushFileBuffers

ole32

CoTaskMemFree
CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocStringLen
VariantClear

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dxr.dll.new
.dll regsvr32 windows:5 windows x86 arch:x86

10f6dc7f7cd187587dd715e428f866be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeSetEvent
timeEndPeriod
timeBeginPeriod
timeGetTime

d3d9

Direct3DCreate9

gdi32

DeleteDC
CreateRectRgnIndirect
DeleteObject
CombineRgn
CreateSolidBrush
FillRgn
SetBkColor
ExtTextOutW
GetGlyphOutlineW
GetTextMetricsW
SelectObject
CreateFontW
CreateCompatibleDC
CreateRectRgn

kernel32

InterlockedCompareExchange
CreateEventW
CreateThread
CloseHandle
SetThreadPriority
CreateSemaphoreW
WaitForMultipleObjects
InterlockedDecrement
MultiByteToWideChar
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
WideCharToMultiByte
GetCommandLineA
ResetEvent
WaitForSingleObject
SetEvent
ReleaseSemaphore
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FlushFileBuffers
CreateFileA
InitializeCriticalSection
GetModuleHandleA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
SetFilePointer
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
SetLastError
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
WriteFile
ExitProcess
ReadFile
lstrcpynW
GetCurrentProcess
VirtualFree
lstrcmpW
lstrlenW
VirtualAlloc
GetSystemInfo
GetCurrentThreadId
DuplicateHandle
FreeLibrary
LoadLibraryW
GetLastError
GetProcAddress
GetVersionExW
DisableThreadLibraryCalls
lstrlenA
GetModuleFileNameA
GetModuleHandleW
GetTickCount
InterlockedExchange
lstrcmpiA
RaiseException
OutputDebugStringA
Sleep

user32

SetRectEmpty
UnionRect
InflateRect
GetClientRect
ScreenToClient
IntersectRect
GetDC
ReleaseDC
GetDlgItem
EnableWindow
SetDlgItemTextA
SendDlgItemMessageA
AttachThreadInput
GetWindowThreadProcessId
SetWindowTextW
GetWindowPlacement
IsWindowVisible
GetWindowTextW
SendMessageTimeoutW
EnumDisplayDevicesA
GetMonitorInfoW
GetWindowRect
GetWindowLongW
SetWindowLongW
RegisterClassW
LoadCursorW
DestroyWindow
SetParent
MsgWaitForMultipleObjects
DispatchMessageW
PeekMessageW
CreateWindowExW
DefWindowProcW
ValidateRect
SetCursor
GetClassLongW
GetParent
SetWindowPos
PostQuitMessage
PostMessageW
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
GetKeyState
SendMessageW
ShowWindow
KillTimer
MoveWindow
CreateDialogParamW
InvalidateRect
LoadStringW
GetDesktopWindow
SetTimer

advapi32

RegQueryValueExW
RegCloseKey
CryptReleaseContext
CryptAcquireContextW
CryptGenRandom
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegSetValueW
RegCreateKeyW
RegSetValueExW

ole32

CoInitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoFreeUnusedLibraries
StringFromGUID2
CoInitializeEx

oleaut32

SysFreeString
VariantChangeType
SysAllocString
VariantClear
VariantInit
SafeArrayUnaccessData
SafeArrayAccessData
SysAllocStringLen
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dxr.x64.dll.new
.dll regsvr32 windows:5 windows x64 arch:x64

a25bd6d106023309a765de862be6a65b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

winmm

timeSetEvent
timeEndPeriod
timeBeginPeriod
timeGetTime

d3d9

Direct3DCreate9

gdi32

DeleteDC
CreateRectRgnIndirect
DeleteObject
CombineRgn
CreateSolidBrush
FillRgn
SetBkColor
ExtTextOutW
GetGlyphOutlineW
GetTextMetricsW
SelectObject
CreateFontW
CreateCompatibleDC
CreateRectRgn

kernel32

CreateThread
CloseHandle
SetThreadPriority
CreateSemaphoreW
WaitForMultipleObjects
MultiByteToWideChar
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
WideCharToMultiByte
SetUnhandledExceptionFilter
CreateEventW
ResetEvent
WaitForSingleObject
SetEvent
ReleaseSemaphore
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FlushFileBuffers
CreateFileA
ReadFile
WriteConsoleW
InitializeCriticalSection
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlPcToFileHeader
SetHandleCount
FlsAlloc
SetLastError
FlsFree
FlsGetValue
UnhandledExceptionFilter
TerminateProcess
RtlUnwindEx
GetCommandLineA
FlsSetValue
GetProcessHeap
HeapSize
HeapReAlloc
DecodePointer
EncodePointer
GetStdHandle
WriteFile
ExitProcess
Sleep
HeapSetInformation
GetConsoleOutputCP
VirtualAlloc
GetCurrentProcess
VirtualFree
lstrcpynW
lstrcmpW
lstrlenW
HeapFree
GetSystemInfo
GetCurrentThreadId
DuplicateHandle
FreeLibrary
LoadLibraryW
GetLastError
GetProcAddress
GetVersionExW
DisableThreadLibraryCalls
lstrlenA
GetModuleFileNameA
GetModuleHandleW
GetTickCount
lstrcmpiA
RaiseException
OutputDebugStringA
HeapDestroy
HeapAlloc
HeapCreate

user32

SetRectEmpty
UnionRect
InflateRect
GetClientRect
ScreenToClient
IntersectRect
GetDC
ReleaseDC
GetDlgItem
EnableWindow
SetDlgItemTextA
SendDlgItemMessageA
SetWindowLongW
AttachThreadInput
GetWindowThreadProcessId
SetWindowTextW
GetWindowLongW
GetWindowPlacement
IsWindowVisible
GetWindowTextW
SendMessageTimeoutW
EnumDisplayDevicesA
GetMonitorInfoW
GetWindowRect
GetWindowLongPtrW
SetWindowLongPtrW
RegisterClassW
LoadCursorW
DestroyWindow
SetParent
MsgWaitForMultipleObjects
DispatchMessageW
PeekMessageW
CreateWindowExW
DefWindowProcW
ValidateRect
SetCursor
GetClassLongPtrW
GetParent
SetWindowPos
PostQuitMessage
PostMessageW
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
GetKeyState
SendMessageW
ShowWindow
KillTimer
MoveWindow
CreateDialogParamW
InvalidateRect
LoadStringW
GetDesktopWindow
SetTimer

advapi32

RegQueryValueExW
RegCloseKey
CryptReleaseContext
CryptAcquireContextW
CryptGenRandom
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegSetValueW
RegCreateKeyW
RegSetValueExW

ole32

CoInitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoFreeUnusedLibraries
StringFromGUID2
CoInitializeEx

oleaut32

SysFreeString
VariantChangeType
SysAllocString
VariantClear
VariantInit
SafeArrayUnaccessData
SafeArrayAccessData
SysAllocStringLen
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
gdsmux.exe.new
.exe windows:5 windows x86 arch:x86

bd820d10cb5f94e7df124a16dcf57992

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetSaveFileNameW
GetOpenFileNameW

rpcrt4

RpcStringFreeA
UuidToStringA
UuidCreate

kernel32

InterlockedIncrement
LocalAlloc
GetCommandLineW
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringA
InterlockedExchange
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStdHandle
WriteFile
ExitProcess
Sleep
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetStartupInfoW
HeapSize
HeapReAlloc
HeapDestroy
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
WideCharToMultiByte
CreateFileA
GetFileSize
FormatMessageA
SetFilePointer
ReadFile
GetTempPathW
CreateFileW
CloseHandle
FormatMessageW
GetVersionExA
lstrlenA
VirtualQuery
lstrcpynA
FindResourceExW
FindResourceW
FreeLibrary
LoadResource
LoadLibraryExW
GetModuleHandleA
InterlockedDecrement
GetCurrentProcess
GlobalLock
GetModuleHandleW
GetTickCount
InitializeCriticalSection
GlobalAlloc
LoadLibraryW
SizeofResource
GetVersionExW
LeaveCriticalSection
lstrcpynW
MulDiv
GetModuleFileNameW
lstrcmpW
MultiByteToWideChar
lstrlenW
GlobalUnlock
FlushInstructionCache
RaiseException
GetLastError
SetLastError
lstrcpyW
GetCurrentProcessId
DeleteFileW
GetCurrentThreadId
DeleteCriticalSection
VirtualProtect
lstrcmpiW
GetModuleFileNameA
LockResource
EnterCriticalSection
VirtualAlloc
GetProcAddress

user32

ScreenToClient
SetTimer
DestroyAcceleratorTable
GetDlgItemInt
SendMessageW
TranslateAcceleratorW
SetDlgItemTextW
IsWindowVisible
GetWindowTextLengthW
SetCursor
DestroyWindow
ClientToScreen
EndPaint
GetWindowRect
SetWindowTextW
SetMenuItemInfoW
GetDialogBaseUnits
GetMonitorInfoW
CallWindowProcW
DefWindowProcW
CopyRect
GetWindow
GetSystemMetrics
ReleaseCapture
MessageBoxW
EqualRect
SetMenuDefaultItem
CreateWindowExW
RemoveMenu
MapDialogRect
EnableWindow
GetDlgCtrlID
MapWindowPoints
GetMessageW
MonitorFromPoint
PostQuitMessage
CharNextW
TrackPopupMenu
GetWindowDC
RegisterWindowMessageW
MoveWindow
UnregisterClassA
DispatchMessageW
FillRect
IsChild
LoadImageW
SetCapture
PostMessageW
DrawTextW
KillTimer
GetKeyState
LoadStringA
GetFocus
DialogBoxParamW
GetParent
InvalidateRgn
LoadCursorW
MessageBeep
GetClientRect
CreateAcceleratorTableW
SetFocus
DrawEdge
GetMenuItemInfoW
SetRectEmpty
BeginPaint
GetClassLongW
PtInRect
GetClassInfoExW
wsprintfW
GetDoubleClickTime
GetDC
GetCapture
DrawFocusRect
TranslateMessage
LoadAcceleratorsW
InflateRect
SetDlgItemInt
IsDialogMessageW
RegisterClassExW
OffsetRect
TrackPopupMenuEx
IntersectRect
InvalidateRect
LoadMenuW
GetWindowLongW
AppendMenuW
GetWindowTextW
SystemParametersInfoW
PeekMessageW
GetDCEx
GetClassNameW
ReleaseDC
MonitorFromWindow
GetDlgItem
SetWindowLongW
EndDialog
RedrawWindow
DestroyCursor
GetDesktopWindow
GetSysColor
SetWindowPos
GetCursorPos
LoadStringW
ShowWindow
CreatePopupMenu
GetSysColorBrush
CreateDialogParamW
GetMenuItemCount
IsWindow
DestroyMenu

gdi32

GetClipRgn
MoveToEx
SetWindowOrgEx
BitBlt
PatBlt
SetViewportOrgEx
LineTo
LPtoDP
SetTextColor
DeleteDC
Polygon
CreateFontIndirectW
GetDeviceCaps
SetBkColor
ExcludeClipRect
RemoveFontMemResourceEx
SetBkMode
DeleteObject
SelectObject
SelectClipRgn
CreateCompatibleDC
CreateRectRgnIndirect
DPtoLP
CombineRgn
CreateCompatibleBitmap
ExtTextOutW
SaveDC
CreateFontW
GetObjectW
AddFontMemResourceEx
CreateRectRgn
Polyline
CreatePen
GetClipBox
IntersectClipRect
GetStockObject
RestoreDC
CreateSolidBrush

advapi32

RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueExW
RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegEnumKeyExW

ole32

CoTaskMemFree
DoDragDrop
CreateItemMoniker
CoGetClassObject
CoTaskMemAlloc
StringFromGUID2
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoTaskMemRealloc
OleLockRunning
OleInitialize
CoCreateInstance
GetRunningObjectTable
OleUninitialize

oleaut32

SysStringLen
LoadRegTypeLi
SysFreeString
VarUI4FromStr
OleCreateFontIndirect
OleCreatePropertyFrame
VariantChangeType
SysAllocStringLen
VarBstrCmp
VariantInit
LoadTypeLi
VariantClear
DispCallFunc
SysAllocString

mkzlib

inflateEnd
inflateInit_
inflate
inflateReset

mkunicode

iso_getentry
Utf16ToUtf8

shlwapi

SHAutoComplete
StrCmpIW
UrlEscapeW

comctl32

ImageList_Draw
ImageList_SetOverlayImage
InitCommonControlsEx
ImageList_GetImageInfo
ImageList_LoadImageW
_TrackMouseEvent

Sections

.text
Size: 231KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
gdsmux.x64.exe.new
.exe windows:5 windows x64 arch:x64

c9a0304905e801d3ffcc31cdf94bff94

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

comdlg32

GetSaveFileNameW
GetOpenFileNameW

rpcrt4

UuidToStringA
RpcStringFreeA
UuidCreate

kernel32

GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlPcToFileHeader
LCMapStringW
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
DecodePointer
EncodePointer
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStdHandle
WriteFile
ExitProcess
Sleep
HeapCreate
HeapSetInformation
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwindEx
GetStartupInfoW
HeapSize
HeapReAlloc
HeapDestroy
InterlockedPopEntrySList
VirtualFree
GetProcessHeap
HeapAlloc
HeapFree
InterlockedPushEntrySList
WideCharToMultiByte
CreateFileA
GetFileSize
FormatMessageA
SetFilePointer
ReadFile
GetTempPathW
CreateFileW
CloseHandle
FormatMessageW
GetVersionExA
lstrlenA
VirtualQuery
lstrcpynA
FindResourceExW
FindResourceW
FreeLibrary
LoadResource
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
GetCommandLineW
LocalAlloc
LoadLibraryExW
GetCurrentProcess
GlobalLock
GetModuleHandleW
GetTickCount
InitializeCriticalSection
GlobalAlloc
LoadLibraryW
SizeofResource
GetVersionExW
LeaveCriticalSection
lstrcpynW
MulDiv
GetModuleFileNameW
lstrcmpW
MultiByteToWideChar
lstrlenW
GlobalUnlock
FlushInstructionCache
RaiseException
GetLastError
lstrcpyW
GetCurrentProcessId
DeleteFileW
GetCurrentThreadId
DeleteCriticalSection
VirtualProtect
lstrcmpiW
GetModuleFileNameA
LockResource
EnterCriticalSection
VirtualAlloc
GetProcAddress
SetLastError

user32

SetTimer
UnregisterClassA
ScreenToClient
GetWindowTextLengthW
SetCursor
DestroyWindow
ClientToScreen
EndPaint
EnableWindow
DestroyMenu
GetDlgCtrlID
TranslateAcceleratorW
SetMenuItemInfoW
GetDialogBaseUnits
GetMonitorInfoW
CallWindowProcW
DefWindowProcW
CopyRect
MapDialogRect
GetMessageW
MonitorFromPoint
PostQuitMessage
CharNextW
TrackPopupMenu
GetWindowDC
GetDlgItemInt
DestroyAcceleratorTable
SetWindowTextW
MapWindowPoints
RegisterWindowMessageW
FillRect
IsChild
LoadImageW
SetCapture
PostMessageW
DrawTextW
GetWindow
MoveWindow
GetWindowRect
KillTimer
GetKeyState
LoadStringA
GetFocus
DialogBoxParamW
GetParent
InvalidateRgn
LoadCursorW
MessageBeep
GetWindowLongPtrW
GetClientRect
CreateAcceleratorTableW
SetFocus
DrawEdge
GetMenuItemInfoW
SetRectEmpty
BeginPaint
PtInRect
GetClassInfoExW
wsprintfW
GetDoubleClickTime
GetDC
GetCapture
DrawFocusRect
TranslateMessage
LoadAcceleratorsW
InflateRect
SetDlgItemInt
IsDialogMessageW
RegisterClassExW
OffsetRect
TrackPopupMenuEx
IntersectRect
InvalidateRect
LoadMenuW
GetWindowLongW
AppendMenuW
GetClassLongPtrW
GetWindowTextW
SystemParametersInfoW
PeekMessageW
GetDCEx
GetClassNameW
ReleaseDC
MonitorFromWindow
GetDlgItem
SetWindowLongW
EndDialog
RedrawWindow
DestroyCursor
GetDesktopWindow
GetSysColor
SetWindowPos
GetCursorPos
LoadStringW
ShowWindow
CreatePopupMenu
GetSysColorBrush
CreateDialogParamW
GetMenuItemCount
IsWindow
RemoveMenu
CreateWindowExW
SetMenuDefaultItem
EqualRect
MessageBoxW
ReleaseCapture
GetSystemMetrics
IsWindowVisible
SetWindowLongPtrW
SetDlgItemTextW
SendMessageW
DispatchMessageW

gdi32

GetClipRgn
MoveToEx
SetWindowOrgEx
BitBlt
PatBlt
SetViewportOrgEx
LineTo
LPtoDP
SetTextColor
DeleteDC
Polygon
CreateFontIndirectW
GetDeviceCaps
SetBkColor
ExcludeClipRect
RemoveFontMemResourceEx
SetBkMode
DeleteObject
SelectObject
SelectClipRgn
CreateCompatibleDC
CreateRectRgnIndirect
DPtoLP
CombineRgn
CreateCompatibleBitmap
ExtTextOutW
SaveDC
CreateFontW
GetObjectW
AddFontMemResourceEx
CreateRectRgn
Polyline
CreatePen
GetClipBox
IntersectClipRect
GetStockObject
RestoreDC
CreateSolidBrush

advapi32

RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueExW
RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegEnumKeyExW

ole32

CoGetClassObject
CoTaskMemFree
CoTaskMemAlloc
CreateItemMoniker
OleInitialize
StringFromGUID2
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoTaskMemRealloc
OleLockRunning
OleUninitialize
DoDragDrop
GetRunningObjectTable
CoCreateInstance

oleaut32

LoadRegTypeLi
SysFreeString
VarUI4FromStr
OleCreateFontIndirect
OleCreatePropertyFrame
VariantChangeType
SysAllocStringLen
VarBstrCmp
VariantInit
LoadTypeLi
VariantClear
SysStringLen
DispCallFunc
SysAllocString

mkzlib.x64

inflateReset
inflateEnd
inflateInit_
inflate

mkunicode.x64

iso_getentry
Utf16ToUtf8

shlwapi

SHAutoComplete
StrCmpIW
UrlEscapeW

comctl32

ImageList_Draw
ImageList_SetOverlayImage
InitCommonControlsEx
ImageList_GetImageInfo
ImageList_LoadImageW
_TrackMouseEvent

Sections

.text
Size: 309KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mkunicode.dll.new
.dll windows:5 windows x86 arch:x86

1da5d5aea5082cc09bfa84c92764c4f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocaleInfoA
MultiByteToWideChar

Exports

Exports

Utf16ToUtf8
Utf8ToUtf16
iso_code2tocode3
iso_code3tocode2
iso_code3tocode3
iso_codetoname
iso_getentry
iso_getlcid
iso_getsyslang
iso_nametocode3

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 158B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mkunicode.x64.dll.new
.dll windows:5 windows x64 arch:x64

1da5d5aea5082cc09bfa84c92764c4f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetLocaleInfoA
MultiByteToWideChar

Exports

Exports

Utf16ToUtf8
Utf8ToUtf16
iso_code2tocode3
iso_code3tocode2
iso_code3tocode3
iso_codetoname
iso_getentry
iso_getlcid
iso_getsyslang
iso_nametocode3

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
mkv2vfr.exe
.exe windows:5 windows x86 arch:x86

ade293a585eb79dab2b7a2ee063e1967

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GetLastError
SetFilePointer
CreateFileW
CloseHandle
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
WideCharToMultiByte
GetConsoleOutputCP
GetConsoleMode
GetACP
GetStdHandle
GetCommandLineW
GetTickCount
SetEndOfFile
GetVersionExA
ReadFile
FormatMessageW
MultiByteToWideChar
FormatMessageA
GetFileSize
CreateFileA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
RtlUnwind
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleFileNameA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
VirtualAlloc
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
Sleep
ExitProcess
GetCPInfo
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
GetModuleHandleA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
WriteConsoleA
WriteConsoleW

mkzlib

inflateEnd
inflateInit_
inflateReset
inflate

mkunicode

Utf16ToUtf8

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mkv2vfr.x64.exe
.exe windows:5 windows x64 arch:x64

5d2ed88419b60fe965d809f6f7d3149d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WriteFile
GetLastError
SetFilePointer
CreateFileW
CloseHandle
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
WideCharToMultiByte
GetConsoleOutputCP
GetConsoleMode
GetACP
GetStdHandle
GetCommandLineW
GetTickCount
SetEndOfFile
GetVersionExA
ReadFile
FormatMessageW
MultiByteToWideChar
FormatMessageA
GetFileSize
CreateFileA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlCaptureContext
GetModuleFileNameA
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
HeapSetInformation
HeapCreate
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
RtlVirtualUnwind
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
GetCPInfo
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
WriteConsoleA
WriteConsoleW

mkzlib.x64

inflateEnd
inflateInit_
inflateReset
inflate

mkunicode.x64

Utf16ToUtf8

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mkx.dll.new
.dll regsvr32 windows:5 windows x86 arch:x86

ffba31037d99e8d5c93426513a3f3a48

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

inet_ntoa
htonl
getservbyname
htons
gethostbyname
ntohs
getservbyport
WSASetLastError
WSACleanup
closesocket
recv
shutdown
WSAGetLastError
gethostbyaddr
WSAStartup
socket
setsockopt
ioctlsocket
connect
select
__WSAFDIsSet
send
inet_addr

kernel32

FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
RaiseException
LeaveCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
Sleep
InterlockedExchange
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
HeapFree
EnterCriticalSection
HeapAlloc
GetProcessHeap
GetLastError
ReadFile
SetFilePointer
GetFileSize
GetFileTime
CreateFileA
WideCharToMultiByte
CreateFileW
VirtualFree
CloseHandle
lstrlenW
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
GetModuleHandleW
lstrcmpiW
GetModuleFileNameW
SetThreadLocale
GetThreadLocale
MultiByteToWideChar
LoadLibraryExW
FormatMessageW
FormatMessageA
HeapReAlloc
HeapCreate
HeapDestroy
SetStdHandle
VirtualQuery
LCMapStringW
SetHandleCount
FreeEnvironmentStringsW
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
VirtualAlloc
GetConsoleMode
GetConsoleCP
ExitProcess
GetModuleFileNameA
GetStdHandle
WriteFile
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
GetVersionExA
lstrlenA
GetTickCount
HeapSize
GetCurrentThreadId
GetCommandLineA
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP

user32

CharNextW

advapi32

RegCreateKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW

ole32

CoCreateInstance
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VariantChangeType
VariantClear
VariantInit
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysFreeString
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayAccessData
SafeArrayCreate
SysAllocStringLen

mkzlib

inflate
inflateInit_
inflateEnd
inflateReset

mkunicode

Utf8ToUtf16
Utf16ToUtf8

rpcrt4

UuidToStringA
RpcStringFreeA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mkx.x64.dll.new
.dll regsvr32 windows:5 windows x64 arch:x64

c0400ed0c2fe026261d62814c1bd618e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

ws2_32

WSAStartup
socket
setsockopt
ioctlsocket
connect
select
__WSAFDIsSet
inet_addr
shutdown
recv
closesocket
WSACleanup
WSASetLastError
getservbyport
ntohs
gethostbyaddr
htons
getservbyname
htonl
inet_ntoa
gethostbyname
WSAGetLastError
send

kernel32

GetLocaleInfoA
RaiseException
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
Sleep
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
HeapFree
VirtualAlloc
HeapAlloc
GetProcessHeap
GetLastError
ReadFile
SetFilePointer
GetFileSize
GetFileTime
CreateFileA
WideCharToMultiByte
CreateFileW
VirtualFree
CloseHandle
lstrlenW
InitializeCriticalSection
GetModuleHandleW
lstrcmpiW
GetModuleFileNameW
SetThreadLocale
GetThreadLocale
MultiByteToWideChar
LoadLibraryExW
FormatMessageW
FormatMessageA
HeapReAlloc
HeapCreate
HeapDestroy
GetStringTypeW
GetStringTypeA
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
RtlPcToFileHeader
FreeEnvironmentStringsW
ExitProcess
GetModuleFileNameA
GetStdHandle
WriteFile
FlsAlloc
SetLastError
FlsFree
FlsGetValue
DecodePointer
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
FlushFileBuffers
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
GetVersionExA
lstrlenA
GetTickCount
HeapSize
RtlUnwindEx
GetCurrentThreadId
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
HeapSetInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer

user32

CharNextW

advapi32

RegEnumKeyExW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegQueryValueExW
RegDeleteKeyW

ole32

StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance

oleaut32

SafeArrayUnaccessData
SysAllocStringLen
VariantChangeType
VariantClear
VariantInit
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SafeArrayDestroy
SafeArrayAccessData
SafeArrayCreate
SysStringLen

mkzlib.x64

inflateReset
inflateEnd
inflateInit_
inflate

mkunicode.x64

Utf8ToUtf16
Utf16ToUtf8

rpcrt4

UuidToStringA
RpcStringFreeA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mkzlib.dll.new
.dll windows:5 windows x86 arch:x86

efcc761811aa76f93e9c981878270d69

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
RtlUnwind
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

adler32
adler32_combine
compress
compress2
compressBound
crc32
crc32_combine
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePrime
deflateReset
deflateSetDictionary
deflateSetHeader
deflateTune
get_crc_table
inflate
inflateCopy
inflateEnd
inflateGetHeader
inflateInit2_
inflateInit_
inflatePrime
inflateReset
inflateSetDictionary
inflateSync
inflateSyncPoint
zError
zlibCompileFlags
zlibVersion

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mkzlib.x64.dll.new
.dll windows:5 windows x64 arch:x64

4188e1c9b299cdc32db0f3f73faa550b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
HeapFree
HeapAlloc
GetCurrentThreadId
FlsSetValue
GetCommandLineA
HeapSetInformation
HeapCreate
HeapDestroy
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
RtlUnwindEx
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
HeapSize
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

adler32
adler32_combine
compress
compress2
compressBound
crc32
crc32_combine
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePrime
deflateReset
deflateSetDictionary
deflateSetHeader
deflateTune
get_crc_table
inflate
inflateCopy
inflateEnd
inflateGetHeader
inflateInit2_
inflateInit_
inflatePrime
inflateReset
inflateSetDictionary
inflateSync
inflateSyncPoint
zError
zlibCompileFlags
zlibVersion

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 714B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mp4.dll.new
.dll regsvr32 windows:5 windows x86 arch:x86

3f440f513153ae823175c3bf5cd0945f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
lstrcmpiW
GetModuleFileNameW
GetProcAddress
GetThreadLocale
FreeLibrary
LoadLibraryExW
lstrlenW
InterlockedDecrement
InterlockedIncrement
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
SetThreadLocale
RaiseException
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
SetFilePointer
GetTickCount
CloseHandle
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
VirtualQuery
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapCreate
VirtualFree
VirtualAlloc
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

user32

CharNextW

advapi32

RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegSetValueExW

ole32

CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VariantChangeType
SafeArrayCreate
SafeArrayAccessData
SafeArrayDestroy
SafeArrayUnaccessData
VariantClear
SysFreeString
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysAllocStringLen

mkzlib

inflate
inflateInit_
inflateEnd

mkunicode

Utf16ToUtf8
Utf8ToUtf16

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mp4.x64.dll.new
.dll regsvr32 windows:5 windows x64 arch:x64

53cc1ce9c695979f07bc09e7ded54e51

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
SetThreadLocale
lstrcmpiW
FreeLibrary
LoadLibraryExW
GetModuleHandleW
GetProcAddress
lstrlenW
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
GetThreadLocale
RaiseException
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
GetTickCount
CloseHandle
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RtlUnwindEx
GetCurrentThreadId
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
HeapSetInformation
HeapCreate
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RtlPcToFileHeader
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

CharNextW

advapi32

RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegSetValueExW

ole32

CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VariantChangeType
SafeArrayCreate
SafeArrayAccessData
SafeArrayDestroy
SafeArrayUnaccessData
VariantClear
SysFreeString
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysAllocStringLen

mkzlib.x64

inflate
inflateInit_
inflateEnd

mkunicode.x64

Utf16ToUtf8
Utf8ToUtf16

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ogm.dll.new
.dll regsvr32 windows:5 windows x86 arch:x86

b917edfd761f1ce9e8e8288156f4e023

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GetModuleFileNameW
SetThreadLocale
GetModuleHandleW
FreeLibrary
LoadLibraryExW
GetProcAddress
GetLastError
lstrlenW
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetThreadLocale
RaiseException
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryA
lstrlenA
GetTickCount
CloseHandle
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
LCMapStringA
LCMapStringW
RtlUnwind
VirtualQuery
HeapCreate
VirtualFree
VirtualAlloc
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount

user32

CharNextW

advapi32

RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegSetValueExW

ole32

CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc

oleaut32

VariantChangeType
SafeArrayDestroy
SafeArrayUnaccessData
SysAllocStringLen
VariantClear
VariantInit
SafeArrayCreate
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SafeArrayAccessData
SysFreeString

mkunicode

iso_nametocode3
Utf8ToUtf16
iso_code3tocode3

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ogm.x64.dll.new
.dll regsvr32 windows:5 windows x64 arch:x64

2c90a9b0b6091ae06d33892d042f0778

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

SetThreadLocale
GetThreadLocale
GetModuleFileNameW
LoadLibraryExW
lstrcmpiW
GetModuleHandleW
GetProcAddress
GetLastError
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
RaiseException
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
InitializeCriticalSectionAndSpinCount
LoadLibraryA
lstrlenA
GetTickCount
CloseHandle
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RtlUnwindEx
GetCurrentThreadId
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
LCMapStringA
LCMapStringW
HeapSetInformation
HeapCreate
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RtlPcToFileHeader
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

user32

CharNextW

advapi32

RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegSetValueExW

ole32

CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc

oleaut32

VariantChangeType
SafeArrayDestroy
SafeArrayUnaccessData
SysAllocStringLen
VariantClear
VariantInit
SafeArrayCreate
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SafeArrayAccessData
SysFreeString

mkunicode.x64

iso_nametocode3
Utf8ToUtf16
iso_code3tocode3

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
splitter.ax.new
.dll regsvr32 windows:5 windows x86 arch:x86

414ec1bc0de0d85027929ca19e0d6be5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

InitCommonControlsEx

gdi32

BitBlt
AddFontResourceW
DeleteObject
CreateCompatibleDC
CreateDIBSection
SelectObject
CreateFontW
GetDeviceCaps
GetTextMetricsW
SetBkColor
SetBkMode
ExtTextOutW
DeleteDC
GdiFlush
SetTextColor
SetTextAlign
CreateDCA
RemoveFontResourceW

kernel32

GetModuleFileNameW
MultiByteToWideChar
GetCurrentProcessId
GetModuleFileNameA
DeleteFileW
GetTempPathW
GetTempFileNameW
CreateFileW
WriteFile
GetLastError
GetSystemTime
SystemTimeToFileTime
CreateFileA
SetFilePointer
ReadFile
CreateThread
VirtualFree
VirtualAlloc
SetEndOfFile
GetVersion
InterlockedExchange
SetThreadPriority
GetCurrentThread
GetCurrentThreadId
GetProcAddress
GetModuleHandleW
MulDiv
lstrlenW
EnterCriticalSection
FindFirstFileW
FindNextFileW
FindClose
lstrlenA
VirtualQuery
FreeLibrary
WideCharToMultiByte
DeleteCriticalSection
InitializeCriticalSection
FindResourceW
LeaveCriticalSection
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
LoadLibraryA
GetModuleHandleA
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ExitProcess
LoadResource
LockResource
SizeofResource
WaitForSingleObject
HeapAlloc
WaitForMultipleObjects
HeapFree
InterlockedDecrement
HeapDestroy
CreateEventW
HeapCreate
InterlockedIncrement
CloseHandle
ResetEvent
SetEvent
FindResourceExW
GetTickCount
Sleep
SetLastError
TlsFree
TlsSetValue
GetCurrentProcess
TlsAlloc
TlsGetValue
GetStdHandle
RtlUnwind
lstrcpynW
lstrcmpW
ReleaseSemaphore
CreateSemaphoreW
GetSystemInfo
DuplicateHandle
GetVersionExW
DisableThreadLibraryCalls
lstrcmpiA
RaiseException
OutputDebugStringA
FormatMessageW
HeapReAlloc
HeapSize
GetCommandLineA
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetProcessHeap
LoadLibraryW

user32

GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SetDlgItemTextW
ShowWindow
GetWindowThreadProcessId
IsWindowVisible
MessageBoxW
EnumWindows
CreatePopupMenu
SendDlgItemMessageW
GetDesktopWindow
LoadStringW
DestroyWindow
InvalidateRect
CreateDialogParamW
GetMenuItemCount
CheckMenuRadioItem
DestroyMenu
GetDlgItem
SendMessageW
AppendMenuW
PostMessageW
TrackPopupMenu
GetCursorPos
SetForegroundWindow
LoadIconW
PostQuitMessage
DefWindowProcW
GetSystemMetrics
CreateWindowExW
RegisterClassW
DispatchMessageW
TranslateMessage
GetMessageW
SetTimer
RegisterWindowMessageW
CallWindowProcW
EndPaint
BeginPaint
RedrawWindow
ReleaseDC
GetDC
GetClientRect
MoveWindow
ScreenToClient
GetWindowRect
SetWindowLongW
GetWindowLongW
KillTimer
GetSysColor

advapi32

RegEnumKeyExW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
RegEnumValueA
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
CryptReleaseContext
CryptAcquireContextW
CryptGenRandom
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyW
RegSetValueW
RegQueryValueExW

shell32

Shell_NotifyIconW

ole32

CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
CoInitialize
CoFreeUnusedLibraries
CoInitializeEx
CoTaskMemFree
CoUninitialize

oleaut32

SafeArrayDestroy
SafeArrayCreateVector
VariantChangeType
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
VarBstrCmp
SysStringLen
SysStringByteLen
SysAllocStringByteLen
VariantClear
SysAllocString
VariantInit
OleCreatePropertyFrame
SysFreeString
SysAllocStringLen
OleLoadPicture
SafeArrayCreate
SafeArrayGetDim

mkzlib

deflateBound
deflate
deflateInit_
deflateEnd
crc32
deflateReset
compress

mkunicode

iso_getlcid
iso_codetoname
iso_getentry
Utf8ToUtf16
Utf16ToUtf8
iso_getsyslang

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

rpcrt4

UuidToStringA
UuidFromStringA
RpcStringFreeA

Exports

Exports

Configure
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 390KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
splitter.x64.ax.new
.dll regsvr32 windows:5 windows x64 arch:x64

5354f4c90316b55780955ffb065da2d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

comctl32

InitCommonControlsEx

gdi32

CreateDCA
AddFontResourceW
DeleteObject
CreateCompatibleDC
CreateDIBSection
SelectObject
CreateFontW
GetDeviceCaps
GetTextMetricsW
SetBkColor
SetBkMode
ExtTextOutW
DeleteDC
GdiFlush
SetTextColor
SetTextAlign
BitBlt
RemoveFontResourceW

kernel32

GetCurrentProcessId
GetModuleFileNameA
DeleteFileW
GetTempPathW
GetTempFileNameW
CreateFileW
WriteFile
GetLastError
GetSystemTime
SystemTimeToFileTime
CreateFileA
SetFilePointer
ReadFile
CreateThread
VirtualFree
VirtualAlloc
SetEndOfFile
GetVersion
SetThreadPriority
GetCurrentThread
GetCurrentThreadId
GetProcAddress
GetModuleHandleW
MulDiv
lstrlenW
GetTickCount
FindFirstFileW
FindNextFileW
FindClose
lstrlenA
VirtualQuery
CreateSemaphoreW
ReleaseSemaphore
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
GetModuleFileNameW
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
LoadLibraryA
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
HeapSetInformation
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ExitProcess
FindResourceExW
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
WaitForSingleObject
HeapAlloc
WaitForMultipleObjects
HeapFree
HeapDestroy
CreateEventW
HeapCreate
CloseHandle
ResetEvent
SetEvent
Sleep
FlsAlloc
SetLastError
FlsFree
FlsGetValue
DecodePointer
EncodePointer
GetStdHandle
lstrcmpW
lstrcpynW
GetCurrentProcess
LoadLibraryW
FreeLibrary
LeaveCriticalSection
DuplicateHandle
GetVersionExW
DisableThreadLibraryCalls
lstrcmpiA
RaiseException
OutputDebugStringA
FormatMessageW
HeapReAlloc
RtlUnwindEx
RtlPcToFileHeader
GetCommandLineA
FlsSetValue
ExitThread
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetProcessHeap
HeapSize
GetSystemInfo

user32

MessageBoxW
EnumWindows
CreatePopupMenu
AppendMenuW
GetDesktopWindow
LoadStringW
DestroyWindow
InvalidateRect
GetWindowLongW
IsWindowVisible
CreateDialogParamW
GetMenuItemCount
CheckMenuRadioItem
DestroyMenu
GetDlgItem
SendMessageW
GetSysColor
SendDlgItemMessageW
GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
GetWindowThreadProcessId
SetWindowLongW
TrackPopupMenu
GetCursorPos
SetForegroundWindow
LoadIconW
PostQuitMessage
DefWindowProcW
GetSystemMetrics
CreateWindowExW
RegisterClassW
DispatchMessageW
TranslateMessage
GetMessageW
PostMessageW
RegisterWindowMessageW
CallWindowProcW
EndPaint
BeginPaint
RedrawWindow
ReleaseDC
GetDC
GetClientRect
MoveWindow
ScreenToClient
GetWindowRect
SetWindowLongPtrW
GetWindowLongPtrW
KillTimer
SetTimer
ShowWindow
SetDlgItemTextW

advapi32

RegQueryValueExW
RegSetValueW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
RegEnumValueA
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
CryptReleaseContext
CryptAcquireContextW
CryptGenRandom
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyW
RegEnumKeyExW

shell32

Shell_NotifyIconW

ole32

CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
CoInitialize
CoFreeUnusedLibraries
CoUninitialize
CoInitializeEx
CoTaskMemFree

oleaut32

SafeArrayDestroy
SafeArrayCreateVector
VariantChangeType
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
VarBstrCmp
SysStringLen
SysStringByteLen
SysAllocStringByteLen
VariantClear
SysAllocString
VariantInit
OleCreatePropertyFrame
SysFreeString
SysAllocStringLen
SafeArrayCreate
SafeArrayGetDim
OleLoadPicture

mkzlib.x64

compress
deflateEnd
deflateInit_
deflate
deflateBound
deflateReset
crc32

mkunicode.x64

iso_getlcid
iso_codetoname
iso_getentry
Utf8ToUtf16
Utf16ToUtf8
iso_getsyslang

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

rpcrt4

RpcStringFreeA
UuidToStringA
UuidFromStringA

Exports

Exports

Configure
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 596KB - Virtual size: 596KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ts.dll.new
.dll regsvr32 windows:5 windows x86 arch:x86

282ab4084f47e3d52f7361377f375f8f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GetModuleHandleA
GetProcAddress
GetThreadLocale
GetLastError
SetThreadLocale
lstrlenW
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
FreeLibrary
DeleteCriticalSection
LockResource
EnterCriticalSection
RaiseException
MultiByteToWideChar
GetFileAttributesW
LeaveCriticalSection
SizeofResource
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LoadResource
FindResourceW
FindResourceExW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
lstrlenA
OutputDebugStringA
GetTickCount
CloseHandle
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
VirtualFree
VirtualAlloc
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
LoadLibraryA
LCMapStringA
GetStringTypeA
GetStringTypeW
VirtualQuery

user32

CharNextW

advapi32

RegOpenKeyExW
CryptGetHashParam
CryptAcquireContextW
CryptReleaseContext
CryptCreateHash
CryptDestroyHash
CryptHashData
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegQueryValueExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegCreateKeyExW

ole32

CoCreateInstance
CoTaskMemAlloc
StringFromGUID2
CoTaskMemRealloc
CoTaskMemFree

oleaut32

VariantInit
SysAllocStringLen
SafeArrayUnaccessData
VarUI4FromStr
SysFreeString
VariantChangeType
SafeArrayCreate
SafeArrayDestroy
SafeArrayAccessData
VariantClear

mkunicode

Utf8ToUtf16

rpcrt4

RpcStringFreeA
UuidToStringA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ts.x64.dll.new
.dll regsvr32 windows:5 windows x64 arch:x64

39f79f6efc0dafbdc31a1e961f0e646c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GetProcAddress
GetThreadLocale
GetLastError
SetThreadLocale
lstrlenW
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
FreeLibrary
DeleteCriticalSection
LockResource
EnterCriticalSection
RaiseException
MultiByteToWideChar
GetFileAttributesW
LeaveCriticalSection
SizeofResource
InitializeCriticalSection
LoadResource
FindResourceW
FindResourceExW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
lstrlenA
OutputDebugStringA
GetTickCount
CloseHandle
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
FlsSetValue
GetCommandLineA
RtlUnwindEx
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
HeapSetInformation
HeapCreate
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
LCMapStringW
RtlPcToFileHeader
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
LoadLibraryA
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetStringTypeA
GetStringTypeW

user32

CharNextW

advapi32

RegQueryValueExW
CryptAcquireContextW
CryptReleaseContext
CryptCreateHash
CryptDestroyHash
CryptHashData
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
CryptGetHashParam

ole32

CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc

oleaut32

VariantClear
SysAllocStringLen
SafeArrayUnaccessData
VarUI4FromStr
SysFreeString
VariantChangeType
SafeArrayCreate
SafeArrayDestroy
SafeArrayAccessData
VariantInit

mkunicode.x64

Utf8ToUtf16

rpcrt4

RpcStringFreeA
UuidToStringA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninstall.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/atilogo.bmp
$PLUGINSDIR/avcreg.dll
.dll windows:4 windows x86 arch:x86

966745bf94c0195eef2055e5caabc97a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

RegCloseKey

Exports

Exports

check_key
filter_reg_win7
filter_unreg_win7

Sections

.text
Size: 20KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$PLUGINSDIR/cuda.ini
$PLUGINSDIR/cudalogo.bmp
$PLUGINSDIR/cudataskbar.bmp
$PLUGINSDIR/dxva.ini
$PLUGINSDIR/dxvataskbar.bmp
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/serial.ini
$PLUGINSDIR/splash.bmp
CoreAVC Professional Edition-uninstall.exe.nsis
CoreAVCDecoder.ax
.dll regsvr32 windows:4 windows x86 arch:x86

024aa61621a5d416b270cc02ab01d134

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

shell32

ShellExecuteA

advapi32

RegEnumKeyExA

ole32

CoTaskMemFree

oleaut32

SafeArrayAccessData

user32

GetSystemMenu

version

GetFileVersionInfoA

comctl32

InitCommonControlsEx

gdi32

SetTextColor

Exports

Exports

Configure
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 276KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
CoreAVCDecoder64.ax
.dll regsvr32 windows:4 windows x64 arch:x64

c0490735f509e93f7d22afd39782fca4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

version

VerQueryValueA

comctl32

InitCommonControlsEx

user32

SetTimer

gdi32

SetBkMode

advapi32

FreeSid

shell32

ShellExecuteA

ole32

CoInitialize

oleaut32

SysAllocStringLen

Exports

Exports

Configure
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 363KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
CoreAVCReadme.txt
file_id.diz
iOTA [EXTRA KEY].rar
.rar
iOTA [USE ONLY IF HERiTAGE KEY DOES NOT WORK]/Serial/Serial.txt
iOTA [USE ONLY IF HERiTAGE KEY DOES NOT WORK]/iOTA.nfo

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

LoadLi Size: 4KB - Virtual size: 1830.1MB

Size: 416KB - Virtual size: 4B

���� Size: - Virtual size:

7fa974366048f9c551ef45714595665e

Code Sign

1bCertificate

Key Usages

10:f2:3fCertificate

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 151KB

.ndata Size: - Virtual size: 48KB

.rsrc Size: 30KB - Virtual size: 30KB

741b6bafe355b63a372d737b30543a95

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 208B

.reloc Size: 512B - Virtual size: 412B

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 40KB

.rsrc Size: 4KB - Virtual size: 3KB

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

LoadLi
Size: 4KB - Virtual size: 1830.1MB

��
Size: - Virtual size:

1b
Certificate

10:f2:3f
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 48KB

.rsrc
Size: 30KB - Virtual size: 30KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 208B

.reloc
Size: 512B - Virtual size: 412B

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 40KB

.rsrc
Size: 4KB - Virtual size: 3KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 296B

.reloc
Size: 1024B - Virtual size: 518B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

.text
Size: 77KB - Virtual size: 77KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 792B

.reloc
Size: 7KB - Virtual size: 7KB