Windows XP[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Windows XP.zip
Size

3.1MB
MD5

092f889ab505a6babdf64265cbd1024a
SHA1

deb5e3967e143dcf896a11cfe92ed380dcc7591f
SHA256

44ea5719069f3b41db87aa0f5c5823ce780c57eac3efa08ad4b9b345c8229842
SHA512

215d4138d4b56162fb40893ce7b14319039b2e61a3e7cd30ec1dbc5b8656ef49050fee384fd82cfc5741a364f9010ff35252b48fe2d849efdf02b154f96ac975
SSDEEP

98304:9SRIsS6au4AFhZ/S48hj33EtB1RDOp2HBWgw9lRVbQkP3:ZGzZ/tootRKp2hW1XRQkP3

Score

3^/10

Malware Config

Signatures

Unsigned PE 32 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Windows XP/NOTEPAD.EXE
unpack001/Windows XP/calc.exe
unpack001/Windows XP/cards.dll
unpack001/Windows XP/charmap.exe
unpack001/Windows XP/cmd.exe
unpack001/Windows XP/dxdiag.exe
unpack001/Windows XP/explorer.exe
unpack001/Windows XP/freecell.exe
unpack001/Windows XP/logon.scr
unpack001/Windows XP/mag_hook.dll
unpack001/Windows XP/magnify.exe
unpack001/Windows XP/mshearts.exe
unpack001/Windows XP/mspaint.exe
unpack001/Windows XP/msswch.dll
unpack001/Windows XP/osk.exe
unpack001/Windows XP/regedit.exe
unpack001/Windows XP/scrnsave.scr
unpack001/Windows XP/sndrec32.exe
unpack001/Windows XP/sndvol32.exe
unpack001/Windows XP/sol.exe
unpack001/Windows XP/spider.exe
unpack001/Windows XP/ss3dfo.scr
unpack001/Windows XP/ssbezier.scr
unpack001/Windows XP/ssflwbox.scr
unpack001/Windows XP/ssmarque.scr
unpack001/Windows XP/ssmypics.scr
unpack001/Windows XP/ssmyst.scr
unpack001/Windows XP/sspipes.scr
unpack001/Windows XP/ssstars.scr
unpack001/Windows XP/sstext3d.scr
unpack001/Windows XP/taskmgr.exe
unpack001/Windows XP/winmine.exe

Files

Windows XP.zip
.zip
Windows XP/NOTEPAD.EXE
.exe windows:5 windows x86 arch:x86

419c3fe8c1eefea9336b96f74f0951dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

notepad.pdb

Imports

comdlg32

PageSetupDlgW
FindTextW
PrintDlgExW
ChooseFontW
GetFileTitleW
GetOpenFileNameW
ReplaceTextW
CommDlgExtendedError
GetSaveFileNameW

shell32

DragFinish
DragQueryFileW
DragAcceptFiles
ShellAboutW

winspool.drv

GetPrinterDriverW
ClosePrinter
OpenPrinterW

comctl32

CreateStatusWindowW

msvcrt

_XcptFilter
_exit
_c_exit
time
localtime
_cexit
iswctype
_except_handler3
_wtol
wcsncmp
_snwprintf
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
wcsncpy

advapi32

RegQueryValueExW
RegCloseKey
RegCreateKeyW
IsTextUnicode
RegQueryValueExA
RegOpenKeyExA
RegSetValueExW

kernel32

GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetLocalTime
GetUserDefaultLCID
GetDateFormatW
GetTimeFormatW
GlobalLock
GlobalUnlock
GetFileInformationByHandle
CreateFileMappingW
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
LoadLibraryA
GetModuleHandleA
GetStartupInfoA
GlobalFree
GetLocaleInfoW
LocalFree
LocalAlloc
lstrlenW
LocalUnlock
CompareStringW
LocalLock
FoldStringW
CloseHandle
lstrcpyW
ReadFile
CreateFileW
lstrcmpiW
GetCurrentProcessId
GetProcAddress
GetCommandLineW
lstrcatW
FindClose
FindFirstFileW
GetFileAttributesW
lstrcmpW
MulDiv
lstrcpynW
LocalSize
GetLastError
WriteFile
SetLastError
WideCharToMultiByte
LocalReAlloc
FormatMessageW
GetUserDefaultUILanguage
SetEndOfFile
DeleteFileW
GetACP
UnmapViewOfFile
MultiByteToWideChar
MapViewOfFile
UnhandledExceptionFilter

gdi32

EndPage
AbortDoc
EndDoc
DeleteDC
StartPage
GetTextExtentPoint32W
CreateDCW
SetAbortProc
GetTextFaceW
TextOutW
StartDocW
EnumFontsW
GetStockObject
GetObjectW
GetDeviceCaps
CreateFontIndirectW
DeleteObject
GetTextMetricsW
SetBkMode
LPtoDP
SetWindowExtEx
SetViewportExtEx
SetMapMode
SelectObject

user32

GetClientRect
SetCursor
ReleaseDC
GetDC
DialogBoxParamW
SetActiveWindow
GetKeyboardLayout
DefWindowProcW
DestroyWindow
MessageBeep
ShowWindow
GetForegroundWindow
IsIconic
GetWindowPlacement
CharUpperW
LoadStringW
LoadAcceleratorsW
GetSystemMenu
RegisterClassExW
LoadImageW
LoadCursorW
SetWindowPlacement
CreateWindowExW
GetDesktopWindow
GetFocus
LoadIconW
SetWindowTextW
PostQuitMessage
RegisterWindowMessageW
UpdateWindow
SetScrollPos
CharLowerW
PeekMessageW
EnableWindow
DrawTextExW
CreateDialogParamW
GetWindowTextW
GetSystemMetrics
MoveWindow
InvalidateRect
WinHelpW
GetDlgCtrlID
ChildWindowFromPoint
ScreenToClient
GetCursorPos
SendDlgItemMessageW
SendMessageW
CharNextW
CheckMenuItem
CloseClipboard
IsClipboardFormatAvailable
OpenClipboard
GetMenuState
EnableMenuItem
GetSubMenu
GetMenu
MessageBoxW
SetWindowLongW
GetWindowLongW
GetDlgItem
SetFocus
SetDlgItemTextW
wsprintfW
GetDlgItemTextW
EndDialog
GetParent
UnhookWinEvent
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
IsDialogMessageW
PostMessageW
GetMessageW
SetWinEventHook

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/calc.exe
.exe windows:5 windows x86 arch:x86

08f6a1b121da8cedde2d1089d0906ed8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellAboutW

msvcrt

__CxxFrameHandler
_CxxThrowException
wcstoul
toupper
wcschr
memmove
wcslen
_wcsrev
_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??3@YAXPAX@Z
??1type_info@@UAE@XZ
_controlfp
_except_handler3
?terminate@@YAXXZ

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
GlobalCompact
GlobalAlloc
GlobalFree
GlobalReAlloc
lstrcmpW
Sleep
WriteProfileStringW
GetStartupInfoA
GlobalSize
GlobalUnlock
CreateEventW
CreateThread
ResetEvent
lstrcpynW
SetEvent
WaitForSingleObject
CloseHandle
lstrcatW
lstrlenW
LocalReAlloc
LocalFree
LocalAlloc
GetProfileStringW
GlobalLock
GetCommandLineW
lstrcpyW
GetProfileIntW

gdi32

SetBkColor
SetTextColor
SetBkMode

user32

GetMenu
SetDlgItemInt
GetWindowTextW
CheckDlgButton
HideCaret
CallWindowProcW
DrawTextW
WinHelpW
PostQuitMessage
GetDlgCtrlID
ScreenToClient
ChildWindowFromPoint
DefWindowProcW
IsClipboardFormatAvailable
EnableMenuItem
TrackPopupMenuEx
GetDesktopWindow
OpenClipboard
GetClipboardData
CharNextA
CloseClipboard
GetSysColor
DialogBoxParamW
EndDialog
MessageBeep
GetSubMenu
CheckRadioButton
SetWindowTextW
SetFocus
SetCursor
CharNextW
RegisterClassExW
GetSysColorBrush
LoadCursorW
LoadIconW
InvalidateRect
UpdateWindow
ShowWindow
SendMessageW
SetDlgItemTextW
CheckMenuItem
CheckMenuRadioItem
SetWindowPos
OffsetRect
MapWindowPoints
GetClientRect
EnableWindow
LoadMenuW
SetWindowLongW
GetWindowLongW
CreateDialogParamW
GetDlgItem
DestroyMenu
DestroyWindow
SetMenu
GetWindowRect
SystemParametersInfoW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
IsChild
IsDialogMessageW
GetMessageW
LoadAcceleratorsW
CreateWindowExW
MessageBoxW
LoadStringW
SetProcessDefaultLayout
GetProcessDefaultLayout

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/cards.dll
.dll windows:5 windows x86 arch:x86

21ad5d0f3070f8021aa70abd96c5cd81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

LoadBitmapA

gdi32

BitBlt
PatBlt
GetPixel
SetPixel
DeleteObject
GetObjectA
DeleteDC
StretchBlt
SetBkColor
CreateCompatibleDC
SelectObject
SetBrushOrgEx
GetDCOrgEx
CreateSolidBrush

Exports

Exports

WEP
cdtAnimate
cdtDraw
cdtDrawExt
cdtInit
cdtTerm

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 346KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Windows XP/charmap.exe
.exe windows:5 windows x86 arch:x86

643e0950faa1bef0669f73f3898cbf8f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcscat
free
realloc
malloc
??3@YAXPAX@Z
_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_except_handler3
_wcsupr
wcsstr
towupper
wcslen
??2@YAPAXI@Z
swscanf
_wtol
wcscpy

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegEnumValueW
RegOpenKeyExW

kernel32

GlobalAlloc
MulDiv
lstrlenW
lstrcmpW
FreeResource
GlobalUnlock
LoadResource
FindResourceW
GetThreadLocale
lstrcpynW
GetLocaleInfoW
GetWindowsDirectoryW
GetProfileIntW
GetACP
FreeLibrary
LoadLibraryW
CompareStringW
IsValidCodePage
EnumSystemCodePagesW
GetProfileStringW
WriteProfileStringW
GetSystemDirectoryW
IsDBCSLeadByteEx
GetCPInfo
GlobalLock
MapViewOfFile
CloseHandle
CreateFileMappingW
GetFileSize
CreateFileW
lstrcatW
GetSystemWindowsDirectoryW
ExpandEnvironmentStringsW
UnmapViewOfFile
IsValidLanguageGroup
LocalFree
LocalAlloc
FindClose
FindNextFileW
FindFirstFileW
InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
GetStartupInfoA
GlobalFree
WideCharToMultiByte
MultiByteToWideChar
lstrcmpiW
LoadLibraryA
GetStringTypeW
lstrcpyW
GetProcAddress
LockResource

gdi32

GetTextExtentPoint32W
EnumFontFamiliesExW
GetFontData
GetCharWidth32W
CreateFontW
TextOutW
UnrealizeObject
CreateCompatibleBitmap
LineTo
CreateDIBitmap
CreateCompatibleDC
DeleteDC
GetObjectW
CreateFontIndirectW
SetTextAlign
GetDeviceCaps
BitBlt
CreateSolidBrush
PatBlt
GetStockObject
SetTextColor
SetBkColor
SetBkMode
MoveToEx
CreatePen
GetTextExtentPointW
GetTextAlign
DeleteObject
TranslateCharsetInfo
SelectObject
GetTextMetricsW
ExtTextOutW

user32

SetScrollPos
RegisterClipboardFormatW
UnregisterClassW
GetScrollInfo
SetScrollInfo
GetMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
CreateDialogParamW
UpdateWindow
FillRect
PostQuitMessage
WinHelpW
GetFocus
EnumChildWindows
LoadCursorW
RegisterClassW
DefDlgProcW
LoadIconW
GetKeyboardLayout
ClientToScreen
GetWindowDC
MapWindowPoints
SetWindowLongW
GetWindowLongW
GetClassNameW
ReleaseDC
GetDC
GetSysColor
DrawFocusRect
SendMessageW
GetWindowTextW
GetWindowTextLengthW
GetDlgItem
GetSystemMetrics
GetDesktopWindow
GetWindowRect
ShowWindow
MoveWindow
SetTimer
KillTimer
GetClientRect
SetDlgItemTextW
wsprintfW
EnableWindow
SendDlgItemMessageW
IsWindowEnabled
CreateWindowExW
DestroyWindow
CallWindowProcW
SetFocus
LoadStringW
ShowCursor
ReleaseCapture
InvalidateRect
BeginPaint
SetScrollRange
GetDlgItemTextW
SetWindowTextW
GetParent
GetDlgCtrlID
PostMessageW
ValidateRect
GetAsyncKeyState
GetMessageTime
GetCursorPos
ScreenToClient
WindowFromPoint
GetUpdateRect
SetCapture
DefWindowProcW
PtInRect
GetMessagePos
EndPaint

comctl32

ord17

ole32

OleUninitialize
DoDragDrop
CoGetMalloc
OleInitialize

getuname

GetUName

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/cmd.exe
.exe windows:5 windows x86 arch:x86

dbe5febb7a19ba19945a8e8ba6534abf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

cmd.pdb

Imports

kernel32

FlushConsoleInputBuffer
LoadLibraryA
InterlockedExchange
FreeLibrary
LocalAlloc
GetVDMCurrentDirectories
CmdBatNotification
GetModuleHandleA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetThreadLocale
GetDiskFreeSpaceExW
CompareFileTime
RemoveDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
TerminateProcess
WaitForSingleObject
GetExitCodeProcess
CopyFileW
SetFileAttributesW
DeleteFileW
SetFileTime
CreateDirectoryW
FillConsoleOutputAttribute
SetConsoleTextAttribute
ScrollConsoleScreenBufferW
FormatMessageW
DuplicateHandle
FlushFileBuffers
HeapReAlloc
HeapSize
GetFileAttributesExW
LocalFree
GetDriveTypeW
InitializeCriticalSection
SetConsoleCtrlHandler
GetWindowsDirectoryW
GetConsoleTitleW
GetModuleFileNameW
GetVersion
EnterCriticalSection
LeaveCriticalSection
ExpandEnvironmentStringsW
SearchPathW
WriteFile
GetVolumeInformationW
SetLastError
MoveFileW
SetConsoleTitleW
MoveFileExW
GetBinaryTypeW
GetFileAttributesW
GetCurrentThreadId
CreateProcessW
LoadLibraryW
ReadProcessMemory
SetErrorMode
GetConsoleMode
SetConsoleMode
VirtualAlloc
VirtualFree
SetEnvironmentVariableW
GetEnvironmentVariableW
GetCommandLineW
GetEnvironmentStringsW
GetLocalTime
GetTimeFormatW
FileTimeToLocalFileTime
GetDateFormatW
GetLastError
CloseHandle
SetThreadLocale
GetProcAddress
GetModuleHandleW
SetFilePointer
lstrcmpW
lstrcmpiW
HeapAlloc
GetProcessHeap
HeapFree
MultiByteToWideChar
ReadFile
WriteConsoleW
FillConsoleOutputCharacterW
SetConsoleCursorPosition
ReadConsoleW
GetConsoleScreenBufferInfo
GetStdHandle
GetFileType
VirtualQuery
RaiseException
GetCPInfo
GetConsoleOutputCP
WideCharToMultiByte
GetFileSize
CreateFileW
FindClose
FindNextFileW
FindFirstFileW
GetFullPathNameW
GetUserDefaultLCID
GetLocaleInfoW
SetLocalTime
SystemTimeToFileTime
GetSystemTime
FileTimeToSystemTime

msvcrt

__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__initenv
_cexit
_XcptFilter
_exit
_c_exit
calloc
_wcslwr
qsort
_vsnwprintf
wcsstr
_dup2
_dup
_open_osfhandle
_close
swscanf
_ultoa
_pipe
_seh_longjmp_unwind
_setmode
wcsncmp
iswxdigit
fflush
exit
_wtol
time
srand
__set_app_type
wcsrchr
malloc
free
wcstoul
_errno
iswalpha
printf
rand
swprintf
_iob
fprintf
towlower
realloc
setlocale
_snwprintf
wcscat
_wcsupr
wcsncpy
_wpopen
fgets
_pclose
memmove
wcschr
iswspace
_tell
longjmp
wcscmp
_wcsnicmp
_wcsicmp
wcstol
iswdigit
_getch
_get_osfhandle
_controlfp
_setjmp3
_except_handler3
wcscpy
wcslen
wcsspn
towupper

user32

GetUserObjectInformationW
GetThreadDesktop
MessageBeep
GetProcessWindowStation

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/dxdiag.exe
.exe windows:5 windows x86 arch:x86

8056a0dd1801858eacfb684462e97775

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

dxdiag.pdb

Imports

advapi32

RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyW
RegEnumKeyExW
RegDeleteKeyW
RegFlushKey
RegDeleteValueW
RegNotifyChangeKeyValue

kernel32

InitializeCriticalSection
GetFileAttributesW
GetModuleFileNameW
DeleteCriticalSection
CloseHandle
HeapFree
HeapAlloc
GetProcessHeap
lstrcpyW
lstrcmpW
GetWindowsDirectoryW
CompareFileTime
lstrlenA
GetVersionExW
WaitForMultipleObjects
WaitForSingleObject
SetEvent
GetCurrentThreadId
FreeLibrary
LoadLibraryW
Sleep
GetCommandLineW
CreateEventW
GetSystemInfo
GetFullPathNameW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapReAlloc
RtlUnwind
ExitThread
TlsSetValue
TlsGetValue
GetLastError
CreateThread
InterlockedDecrement
GetProcAddress
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetCurrentDirectoryW
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsFree
SetLastError
TlsAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
HeapSize
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
InterlockedExchange
VirtualQuery
GetStringTypeA
GetStringTypeW
VirtualProtect
MultiByteToWideChar
IsBadReadPtr
IsBadCodePtr
SetFilePointer
LCMapStringA
LCMapStringW
GetLocaleInfoA
SetStdHandle
FlushFileBuffers
CreateFileW
SetEndOfFile
ReadFile
GetEnvironmentStrings
GetSystemDirectoryW
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
lstrlenW
ExitProcess

gdi32

GetTextExtentPointW

user32

GetKeyState
DestroyWindow
MessageBoxA
wsprintfA
LoadStringA
SetDlgItemTextW
ShowWindow
CheckDlgButton
SetWindowTextW
ReleaseDC
GetDC
SetDlgItemInt
GetDlgItemInt
GetDlgItemTextW
CheckRadioButton
LoadIconW
SetForegroundWindow
KillTimer
SetTimer
SetFocus
CallNextHookEx
IsWindowEnabled
AdjustWindowRectEx
GetWindowRect
CreateDialogParamW
GetClientRect
UpdateWindow
PostQuitMessage
UnhookWindowsHookEx
SetWindowsHookExW
DispatchMessageW
TranslateMessage
IsDialogMessageW
PeekMessageW
MsgWaitForMultipleObjects
GetDesktopWindow
LoadStringW
MessageBoxW
GetDlgItem
SendMessageW
EnableWindow
GetWindowLongW
DialogBoxParamW
SetWindowPos
PostMessageW
EndDialog
GetFocus
wsprintfW

comctl32

ImageList_ReplaceIcon
ImageList_Create
ord17
ImageList_Destroy

comdlg32

GetSaveFileNameW

shell32

ShellExecuteW

ole32

CoInitializeSecurity
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

VariantInit
SysFreeString
SysAllocString
VariantClear

Sections

.text
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/explorer.exe
.exe windows:5 windows x86 arch:x86

c3eb9567e9430e65e703dca7bb8343fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

explorer.pdb

Imports

advapi32

RegSetValueW
RegEnumKeyExW
GetUserNameW
RegNotifyChangeKeyValue
RegEnumValueW
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyW
RegCloseKey
RegCreateKeyW
RegQueryInfoKeyW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegQueryValueW

browseui

ord118
ord135
ord107
ord106

gdi32

GetStockObject
CreatePatternBrush
OffsetViewportOrgEx
GetLayout
CombineRgn
CreateDIBSection
GetTextExtentPoint32W
StretchBlt
CreateRectRgnIndirect
CreateRectRgn
GetClipRgn
IntersectClipRect
GetViewportOrgEx
SetViewportOrgEx
SelectClipRgn
PatBlt
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
OffsetWindowOrgEx
DeleteDC
SetBkColor
BitBlt
ExtTextOutW
GetTextExtentPointW
GetClipBox
GetObjectW
SetTextColor
SetBkMode
CreateFontIndirectW
DeleteObject
GetTextMetricsW
SelectObject
GetDeviceCaps
TranslateCharsetInfo
SetStretchBltMode

kernel32

GetSystemDirectoryW
CreateThread
CreateJobObjectW
ExitProcess
SetProcessShutdownParameters
ReleaseMutex
CreateMutexW
SetPriorityClass
GetCurrentProcess
GetStartupInfoW
GetCommandLineW
SetErrorMode
LeaveCriticalSection
EnterCriticalSection
ResetEvent
LoadLibraryExA
CompareFileTime
GetSystemTimeAsFileTime
SetThreadPriority
GetCurrentThreadId
GetThreadPriority
GetCurrentThread
GetUserDefaultLangID
Sleep
GetBinaryTypeW
GetModuleHandleExW
SystemTimeToFileTime
GetLocalTime
GetCurrentProcessId
GetEnvironmentVariableW
UnregisterWait
GlobalGetAtomNameW
GetFileAttributesW
MoveFileW
lstrcmpW
LoadLibraryExW
FindClose
FindNextFileW
FindFirstFileW
lstrcmpiA
SetEvent
AssignProcessToJobObject
GetDateFormatW
GetTimeFormatW
FlushInstructionCache
lstrcpynW
GetSystemWindowsDirectoryW
SetLastError
GetProcessHeap
HeapFree
HeapReAlloc
HeapSize
HeapAlloc
GetUserDefaultLCID
ReadProcessMemory
OpenProcess
InterlockedCompareExchange
LoadLibraryA
QueryPerformanceCounter
UnhandledExceptionFilter
SetUnhandledExceptionFilter
VirtualFree
VirtualAlloc
ResumeThread
TerminateProcess
TerminateThread
GetSystemDefaultLCID
GetLocaleInfoW
CreateEventW
GetLastError
OpenEventW
DelayLoadFailureHook
WaitForSingleObject
GetTickCount
ExpandEnvironmentStringsW
GetModuleFileNameW
GetPrivateProfileStringW
lstrcmpiW
CreateProcessW
FreeLibrary
GetWindowsDirectoryW
LocalAlloc
CreateFileW
DeviceIoControl
LocalFree
GetQueuedCompletionStatus
CreateIoCompletionPort
SetInformationJobObject
CloseHandle
LoadLibraryW
GetModuleHandleW
ActivateActCtx
DeactivateActCtx
GetFileAttributesExW
GetProcAddress
DeleteCriticalSection
CreateEventA
HeapDestroy
InitializeCriticalSection
MulDiv
InitializeCriticalSectionAndSpinCount
lstrlenW
InterlockedDecrement
InterlockedIncrement
GlobalAlloc
InterlockedExchange
GetModuleHandleA
GetVersionExA
GlobalFree
GetProcessTimes
lstrcpyW
GetLongPathNameW
RegisterWaitForSingleObject

msvcrt

_itow
free
memmove
realloc
_except_handler3
malloc
_ftol
_vsnwprintf

ntdll

RtlNtStatusToDosError
NtQueryInformationProcess

ole32

CoFreeUnusedLibraries
RegisterDragDrop
CreateBindCtx
RevokeDragDrop
CoInitializeEx
CoUninitialize
OleInitialize
CoRevokeClassObject
CoRegisterClassObject
CoMarshalInterThreadInterfaceInStream
CoCreateInstance
OleUninitialize
DoDragDrop

oleaut32

SysAllocString
VariantClear

shdocvw

ord110
ord125
ord111

shell32

ord182
ord162
SHGetFolderPathW
ord67
ord72
ord90
ord181
ord727
ExtractIconExW
ord137
ord645
ord644
ord2
ord236
ord149
ord147
ord188
ord660
ord201
ord245
ord68
ord723
ord200
SHGetSpecialFolderLocation
ShellExecuteExW
ord100
ord85
ord653
SHGetSpecialFolderPathW
ord196
ord25
ord152
SHBindToParent
ord719
ord732
ord148
SHParseDisplayName
ord154
ord77
ord6
ord193
ord747
ord71
ord17
ord23
ord132
ord680
ord233
ord195
ord155
ord89
ord241
ord134
ord22
SHChangeNotify
SHGetDesktopFolder
SHAddToRecentDocs
ord127
ord21
ord102
DuplicateIcon
ord202
ord82
ord244
ord54
ord161
ord91
ord254
ord60
SHUpdateRecycleBinIcon
SHGetFolderLocation
SHGetPathFromIDListA
ord711
ord731
ord4
ord733
ord190
ord64
ord61
SHGetPathFromIDListW
ord753
ord16
ord18

shlwapi

StrCpyNW
ord215
ord217
ord476
ord157
StrRetToBufW
StrRetToStrW
ord176
ord154
ord439
ord156
SHQueryValueExW
PathIsNetworkPathW
ord513
AssocCreate
ord512
ord171
ord178
ord177
ord193
StrCatW
StrCpyW
ord225
ord413
ord219
ord175
ord164
ord172
SHGetValueW
ord437
StrCmpNIW
PathRemoveBlanksW
PathRemoveArgsW
PathFindFileNameW
StrStrIW
PathGetArgsW
ord563
StrToIntW
SHRegGetBoolUSValueW
SHRegWriteUSValueW
SHRegCloseUSKey
SHRegCreateUSKeyW
SHRegGetUSValueW
SHSetValueW
ord433
PathAppendW
PathUnquoteSpacesW
ord460
ord194
PathQuoteSpacesW
ord244
SHSetThreadRef
SHCreateThreadRef
ord241
ord236
ord279
PathCombineW
ord192
ord204
ord509
SHStrDupW
PathIsPrefixW
PathParseIconLocationW
AssocQueryKeyW
ord16
AssocQueryStringW
StrCmpW
ord174
ord548
ord165
ord240
ord163
ord479
ord9
ord8
SHRegQueryUSValueW
SHRegOpenUSKeyW
SHRegSetUSValueW
PathIsDirectoryW
PathFileExistsW
PathGetDriveNumberW
ord10
StrChrW
PathFindExtensionW
ord260
ord292
PathRemoveFileSpecW
PathStripToRootW
ord250
ord478
ord184
SHOpenRegStream2W
ord212
ord213
ord158
StrDupW
SHDeleteValueW
StrCatBuffW
SHDeleteKeyW
StrCmpIW
ord467
ord346
wnsprintfW
ord197
ord278
StrCmpNW
ord237
ord199

user32

TileWindows
GetDoubleClickTime
GetSystemMetrics
GetSysColorBrush
AllowSetForegroundWindow
LoadMenuW
GetSubMenu
RemoveMenu
SetParent
GetMessagePos
CheckDlgButton
EnableWindow
GetDlgItemInt
SetDlgItemInt
CopyIcon
AdjustWindowRectEx
DrawFocusRect
DrawEdge
ExitWindowsEx
WindowFromPoint
SetRect
AppendMenuW
LoadAcceleratorsW
LoadBitmapW
SendNotifyMessageW
SetWindowPlacement
CheckMenuItem
EndDialog
SendDlgItemMessageW
MessageBeep
GetActiveWindow
PostQuitMessage
MoveWindow
GetDlgItem
RemovePropW
GetClassNameW
GetDCEx
SetCursorPos
ChildWindowFromPoint
ChangeDisplaySettingsW
RegisterHotKey
UnregisterHotKey
SetCursor
SendMessageTimeoutW
GetWindowPlacement
LoadImageW
SetWindowRgn
IntersectRect
OffsetRect
EnumDisplayMonitors
RedrawWindow
SubtractRect
TranslateAcceleratorW
WaitMessage
InflateRect
CallWindowProcW
GetDlgCtrlID
SetCapture
LockSetForegroundWindow
SystemParametersInfoW
FindWindowW
CreatePopupMenu
GetMenuDefaultItem
DestroyMenu
GetShellWindow
EnumChildWindows
GetWindowLongW
SendMessageW
RegisterWindowMessageW
GetKeyState
CopyRect
MonitorFromRect
MonitorFromPoint
RegisterClassW
SetPropW
GetWindowLongA
SetWindowLongW
FillRect
GetCursorPos
MessageBoxW
LoadStringW
ReleaseDC
GetDC
EnumDisplaySettingsExW
EnumDisplayDevicesW
PostMessageW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
PtInRect
BeginPaint
EndPaint
SetWindowTextW
GetAsyncKeyState
InvalidateRect
GetWindow
ShowWindowAsync
TrackPopupMenuEx
UpdateWindow
DestroyIcon
IsRectEmpty
SetActiveWindow
GetSysColor
DrawTextW
IsHungAppWindow
SetTimer
GetMenuItemID
TrackPopupMenu
EndTask
SendMessageCallbackW
GetClassLongW
LoadIconW
OpenInputDesktop
CloseDesktop
SetScrollPos
ShowWindow
BringWindowToTop
GetDesktopWindow
CascadeWindows
CharUpperBuffW
SwitchToThisWindow
InternalGetWindowText
GetScrollInfo
GetMenuItemCount
CreateWindowExW
DialogBoxParamW
MsgWaitForMultipleObjects
CharNextA
RegisterClipboardFormatW
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
PrintWindow
SetClassLongW
GetPropW
GetNextDlgGroupItem
GetNextDlgTabItem
ChildWindowFromPointEx
IsChild
NotifyWinEvent
TrackMouseEvent
GetCapture
GetAncestor
CharUpperW
SetWindowLongA
DrawCaption
ModifyMenuW
InsertMenuW
IsWindowEnabled
GetMenuState
LoadCursorW
GetParent
IsDlgButtonChecked
DestroyWindow
EnumWindows
IsWindowVisible
GetClientRect
UnionRect
EqualRect
GetWindowThreadProcessId
GetForegroundWindow
KillTimer
GetClassInfoExW
DefWindowProcW
RegisterClassExW
GetIconInfo
SetScrollInfo
GetLastActivePopup
SetForegroundWindow
IsWindow
GetSystemMenu
IsIconic
IsZoomed
EnableMenuItem
SetMenuDefaultItem
MonitorFromWindow
GetMonitorInfoW
GetWindowInfo
GetFocus
SetFocus
MapWindowPoints
ScreenToClient
ClientToScreen
GetWindowRect
SetWindowPos
DeleteMenu
GetMenuItemInfoW
SetMenuItemInfoW
CharNextW

uxtheme

GetThemeBackgroundContentRect
GetThemeBool
GetThemePartSize
DrawThemeParentBackground
OpenThemeData
DrawThemeBackground
GetThemeTextExtent
DrawThemeText
CloseThemeData
SetWindowTheme
GetThemeBackgroundRegion
ord47
GetThemeMargins
GetThemeColor
GetThemeFont
GetThemeRect
IsAppThemed

Sections

.text
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 713KB - Virtual size: 712KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Windows XP/freecell.exe
.exe windows:5 windows x86 arch:x86

dcf6308d9663882cb9775a4d74cd7fe3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
isdigit
time
srand
rand

advapi32

RegSetValueExW
RegFlushKey
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueW
RegQueryValueExW
RegCreateKeyW
RegCloseKey

kernel32

GetStartupInfoA
GetModuleHandleA
lstrlenW
GetModuleFileNameA
lstrcpynW
GetPrivateProfileIntW
GetProcAddress
LoadLibraryA

gdi32

StretchBlt
BitBlt
SetBkColor
SetRectRgn
GetTextExtentPoint32W
SetTextColor
TextOutW
SetPixel
CreateRectRgn
GetPixel
GetTextMetricsW
GetDeviceCaps
CombineRgn
CreatePen
CreateSolidBrush
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
PatBlt
CreateFontIndirectW
DeleteDC
LineTo
MoveToEx
GetStockObject
CreateICW

user32

SetCursor
LoadCursorW
BeginPaint
ShowCursor
FlashWindow
SetTimer
EndPaint
KillTimer
LoadBitmapW
UpdateWindow
ShowWindow
CreateWindowExW
LoadStringW
GetSystemMetrics
SystemParametersInfoW
PostQuitMessage
MessageBoxW
MessageBeep
ReleaseDC
GetDC
DefWindowProcW
GetDesktopWindow
DialogBoxParamW
EnableMenuItem
GetMenu
InvalidateRect
SendMessageW
PostMessageW
SetCapture
ReleaseCapture
DrawMenuBar
RegisterClassW
LoadIconW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
LoadAcceleratorsW
EndDialog
GetDlgItem
SetWindowPos
GetWindowRect
GetClientRect
WinHelpW
SetDlgItemInt
GetDlgItemInt
SetWindowTextW
wsprintfW
GetSysColor
GetWindowDC
IsIconic

cards

cdtTerm
cdtInit
cdtDrawExt

shell32

ShellAboutW

comctl32

InitCommonControlsEx

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/logon.scr
.exe windows:5 windows x86 arch:x86

7dd9c0754662ed8de05bd9e38a65c0a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

logon.pdb

Imports

user32

PeekMessageW
SendMessageW
DialogBoxParamW
GetParent
IsWindow
SetCursor
GetForegroundWindow
TranslateMessage
GetMessageW
SetForegroundWindow
FindWindowW
GetClientRect
CharNextW
ReleaseDC
DispatchMessageW
LoadStringW
MessageBoxW
EndDialog
DefWindowProcW
ShowWindow
SetRect
FillRect
DrawIcon
LoadImageW
RegisterClassW
CreateWindowExW
SetTimer
PostMessageW
GetSystemMetrics
LoadIconW
InvalidateRect
SetWindowPos
BeginPaint
EndPaint
GetDC
RegisterWindowMessageW
SystemParametersInfoW
GetCursorPos
PostQuitMessage

gdi32

GetStockObject
SelectPalette
RealizePalette
BitBlt
GetObjectW
CreateCompatibleDC
SelectObject
GetDIBColorTable
CreatePalette
DeleteObject
GetClipBox

shlwapi

ord437

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__initenv
exit
_cexit
_XcptFilter
_exit
_c_exit
_except_handler3

advapi32

RegQueryValueExW
RegOpenKeyW
RegCloseKey

kernel32

QueryPerformanceCounter
LoadLibraryExW
FreeLibrary
ExitProcess
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
GetProcAddress
GetModuleHandleW
LoadLibraryW
GlobalAlloc
GlobalLock
GetSystemPowerStatus
GetVersionExW
GlobalUnlock
GlobalFree
GetStartupInfoW
GetCommandLineW
GetModuleHandleA
GetTickCount

comctl32

InitCommonControlsEx

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 205KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/mag_hook.dll
.dll windows:5 windows x86 arch:x86

3570ce799cb64dd88586e437bb480ed7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_purecall
__CxxFrameHandler
??3@YAXPAX@Z
??2@YAPAXI@Z

kernel32

LoadLibraryW
GetCurrentThreadId
GetTickCount
WaitForSingleObject
CreateMutexW
CloseHandle
ReleaseMutex
GetLastError
CreateFileMappingW
MapViewOfFile
IsBadWritePtr
UnmapViewOfFile
GetModuleHandleW
GetProcAddress
lstrcmpiW

user32

SetRectEmpty
GetClassNameW
SendMessageW
CallNextHookEx
SetWindowsHookExW
GetCursor
UnhookWindowsHookEx
PostMessageW

oleaut32

VariantInit

Exports

Exports

_FakeCursorMove@8
_GetCursorHack@0
_GetPopupInfo@4
_InstallEventHook@4
_SetZoomRect@8

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 414B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Windows XP/magnify.exe
.exe windows:5 windows x86 arch:x86

20f30398beae32b86d10ffa7cd5eddbd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

magnify.pdb

Imports

mfc42u

ord4215
ord2576
ord3649
ord2430
ord2858
ord1637
ord1143
ord640
ord4155
ord323
ord2397
ord6266
ord613
ord6153
ord5787
ord289
ord755
ord5871
ord283
ord470
ord2634
ord3087
ord6330
ord2078
ord2403
ord2015
ord4213
ord2570
ord6051
ord1768
ord4392
ord5286
ord3397
ord4418
ord3577
ord567
ord616
ord5781
ord2294
ord1761
ord2637
ord4269
ord815
ord6371
ord4480
ord2546
ord2504
ord5727
ord3917
ord1089
ord5193
ord2388
ord3341
ord5296
ord5298
ord2717
ord4074
ord4692
ord5303
ord5285
ord5710
ord4616
ord3733
ord561
ord2613
ord4270
ord6195
ord3737
ord818
ord2144
ord1230
ord1633
ord1634
ord1569
ord3687
ord2855
ord3568
ord2406
ord3621
ord1165
ord823
ord3658
ord6456
ord4279
ord6211
ord6451
ord6374
ord6376
ord6373
ord4229
ord825
ord324
ord641
ord3592
ord4419
ord4621
ord4075
ord3074
ord3820
ord3826
ord3825
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord5273
ord2116
ord2438
ord5257
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord4435
ord4831
ord3793
ord5276
ord4347
ord6370
ord5157
ord2377
ord5237
ord4401
ord1767
ord4073
ord6048
ord2506
ord4704
ord4992
ord4847
ord4370
ord5261
ord3792
ord540
ord3871
ord800
ord6193
ord2371
ord2859
ord3133
ord2293

msvcrt

_XcptFilter
_cexit
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
??1type_info@@UAE@XZ
_onexit
__CxxFrameHandler
_wcsicmp
wcscpy
_exit
_c_exit
_controlfp
?terminate@@YAXXZ
__dllonexit

advapi32

RegOpenKeyExA
AllocateAndInitializeSid
DuplicateTokenEx
OpenProcessToken
IsWellKnownSid
GetAce
GetAclInformation
GetSecurityDescriptorDacl
FreeSid
RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
CheckTokenMembership

kernel32

GetTickCount
GetProcAddress
GetModuleHandleW
MulDiv
CloseHandle
lstrcmpiW
WaitForMultipleObjects
CreateThread
GetCurrentThreadId
OpenEventW
CreateEventW
SetEvent
GetLastError
lstrlenW
OpenProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoW
GetVersionExA
LoadLibraryA

gdi32

CreateFontIndirectW
SetBitmapDimensionEx
ExtTextOutW
StretchBlt
BitBlt
GetStockObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
RealizePalette
GetObjectW
GetDeviceCaps
DeleteObject
CreatePalette
PatBlt

user32

OpenWindowStationW
SetProcessWindowStation
GetSystemMetrics
PtInRect
SetRectEmpty
InflateRect
CopyRect
EqualRect
GetWindowRect
GetClientRect
ClientToScreen
UpdateWindow
IsWindowVisible
SetTimer
KillTimer
GetActiveWindow
SystemParametersInfoW
GetKeyState
MessageBoxW
GetAsyncKeyState
GetMessagePos
AdjustWindowRectEx
EnableWindow
IsWindow
RegisterWindowMessageW
IsIconic
IntersectRect
IsRectEmpty
SetRect
FillRect
EnableMenuItem
GetSubMenu
LoadMenuW
PostMessageW
GetSystemMenu
InvalidateRect
OpenClipboard
GetProcessWindowStation
LoadCursorW
DrawIconEx
GetIconInfo
CloseClipboard
SetClipboardData
EmptyClipboard
SetCursor
ReleaseDC
GetDC
GetCursorPos
SetWindowLongW
CloseDesktop
GetUserObjectInformationW
OpenDesktopW
OpenInputDesktop
SetThreadDesktop
GetThreadDesktop
WinHelpW
RedrawWindow
DrawIcon
AppendMenuW
SendMessageW
LoadIconW
UnregisterHotKey
wsprintfW
RegisterHotKey
GetUserObjectSecurity
SetForegroundWindow

mag_hook

_GetPopupInfo@4
_InstallEventHook@4
_SetZoomRect@8
_FakeCursorMove@8

shell32

ord258
SHAppBarMessage
ShellExecuteW

ole32

CoUninitialize
CoInitialize

comctl32

ord17

psapi

GetProcessImageFileNameW
EnumProcesses

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/mshearts.exe
.exe windows:5 windows x86 arch:x86

1ec4d2a7f82d47b79984147bb730e918

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord2377
ord5157
ord6370
ord4347
ord5276
ord3793
ord4831
ord4435
ord2640
ord2047
ord6372
ord3744
ord5059
ord1720
ord5257
ord2438
ord2116
ord5273
ord2977
ord3142
ord3254
ord4459
ord3131
ord3257
ord2980
ord3076
ord2971
ord3825
ord3826
ord3820
ord3074
ord4075
ord4621
ord4419
ord3592
ord324
ord6195
ord940
ord755
ord858
ord6168
ord5785
ord5871
ord470
ord4704
ord641
ord3087
ord3356
ord2637
ord3093
ord6193
ord5977
ord2578
ord6051
ord1768
ord4399
ord5286
ord3397
ord4418
ord3718
ord567
ord797
ord2110
ord5783
ord5237
ord2858
ord2567
ord4390
ord3569
ord609
ord6211
ord2634
ord6371
ord4480
ord2546
ord2504
ord5727
ord3917
ord1089
ord5193
ord2388
ord3341
ord5296
ord5298
ord2717
ord4074
ord4692
ord5303
ord5285
ord5710
ord3396
ord4616
ord3733
ord561
ord815
ord4237
ord2715
ord2382
ord3054
ord5094
ord5097
ord4461
ord4298
ord3345
ord5006
ord975
ord5468
ord3398
ord2874
ord2873
ord4146
ord4072
ord5233
ord5278
ord2641
ord1658
ord4430
ord5248
ord4421
ord3618
ord674
ord2084
ord4140
ord366
ord2070
ord4219
ord538
ord860
ord4401
ord1767
ord1569
ord4073
ord6048
ord2506
ord4992
ord4847
ord4370
ord5261
ord4229
ord2859
ord3133
ord1165
ord537
ord922
ord823
ord2606
ord535
ord2910
ord5568
ord540
ord861
ord4155
ord289
ord613
ord800
ord3614
ord5782
ord2442
ord825
ord323
ord2397
ord640
ord5781
ord1633
ord3701
ord1634
ord3566
ord2406
ord3621
ord3568
ord3658

msvcrt

rand
qsort
_errno
_c_exit
_exit
_XcptFilter
_cexit
exit
_wcmdln
__wgetmainargs
time
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
__dllonexit
_onexit
?terminate@@YAXXZ
_controlfp
_except_handler3
srand
_initterm
_wtoi
wcscmp
_purecall
__CxxFrameHandler

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyW
RegQueryValueExW
RegSetValueExW
RegFlushKey
RegDeleteValueW

kernel32

lstrcpyW
GetStartupInfoW
GetModuleHandleA
lstrcmpiW
FindResourceW
LoadResource
LockResource
SetErrorMode
lstrlenW
FreeLibrary
LoadLibraryW
GetProcAddress
LoadLibraryA
WinExec

gdi32

CombineRgn
GetTextExtentPoint32W
GetTextMetricsW
GetDeviceCaps
CreateSolidBrush
UnrealizeObject
PatBlt
CreateFontW
SetLayout
SetPixel
GetPixel
BitBlt
CreateCompatibleBitmap
CreateRectRgn
SetRectRgn
CreateICW
CreateCompatibleDC

user32

MessageBeep
DdeGetLastError
IntersectRect
SystemParametersInfoW
GetSystemMetrics
GetDesktopWindow
UpdateWindow
GetMenu
EnableMenuItem
CheckMenuItem
FillRect
KillTimer
GetProcessDefaultLayout
SetTimer
InvalidateRect
LoadIconW
wsprintfW
EnableWindow
SendMessageW
GetParent
ClientToScreen
GetClientRect
SetRect
PostMessageW
DdeCreateDataHandle
DdeCreateStringHandleW
DdeFreeStringHandle
DdeGetData
DdeInitializeW
DdePostAdvise
DdeClientTransaction
DdeUninitialize
DdeNameService
DdeConnect
DdeDisconnect
DrawIcon
DrawTextW
GetWindowRect

shell32

ShellAboutW

winmm

waveOutGetNumDevs
sndPlaySoundW

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/mspaint.exe
.exe windows:5 windows x86 arch:x86

39d030d5578d4c069903ba6c5e5684f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

mspaint.pdb

Imports

mfc42u

ord2933
ord2634
ord3087
ord4050
ord2755
ord6195
ord2810
ord1771
ord940
ord942
ord2286
ord2354
ord755
ord470
ord2281
ord2362
ord6153
ord5147
ord4225
ord2371
ord5784
ord5790
ord5783
ord4358
ord5244
ord3578
ord298
ord620
ord4753
ord3687
ord3867
ord2066
ord1257
ord1196
ord4470
ord5947
ord5977
ord3090
ord4768
ord4532
ord858
ord922
ord5579
ord4124
ord5679
ord5706
ord536
ord4199
ord5641
ord4315
ord816
ord562
ord4018
ord6115
ord6190
ord1941
ord4270
ord5286
ord818
ord4215
ord2576
ord3649
ord2430
ord2858
ord1637
ord3133
ord567
ord1230
ord3747
ord6124
ord6266
ord3490
ord3016
ord4357
ord5083
ord4444
ord4665
ord4679
ord1878
ord4246
ord4940
ord3249
ord2433
ord1688
ord5000
ord4464
ord2715
ord2382
ord3054
ord5094
ord5097
ord4461
ord4298
ord5006
ord975
ord5472
ord3398
ord2874
ord2873
ord4149
ord4072
ord5233
ord5281
ord2641
ord1658
ord4430
ord5248
ord4421
ord739
ord747
ord736
ord4407
ord5728
ord5491
ord2096
ord4454
ord5652
ord5028
ord439
ord450
ord442
ord4237
ord4787
ord3345
ord5468
ord4146
ord5278
ord674
ord366
ord2084
ord4451
ord5048
ord5092
ord4614
ord4612
ord1886
ord4249
ord4010
ord4951
ord4855
ord4820
ord3182
ord4944
ord2429
ord2163
ord4511
ord4634
ord4910
ord4996
ord4485
ord5015
ord3101
ord4599
ord4994
ord4410
ord5497
ord4622
ord2986
ord3412
ord5019
ord3509
ord6340
ord5623
ord1003
ord3444
ord3782
ord3245
ord4691
ord3055
ord3061
ord6332
ord2502
ord5240
ord4417
ord2394
ord4381
ord3449
ord3193
ord6077
ord6171
ord3256
ord4617
ord4424
ord748
ord5650
ord5738
ord4610
ord5014
ord6193
ord4488
ord5734
ord4615
ord5573
ord2776
ord4651
ord1255
ord2721
ord6466
ord2719
ord2722
ord957
ord2007
ord962
ord750
ord603
ord1262
ord6386
ord1985
ord1961
ord273
ord2247
ord458
ord5200
ord4819
ord4854
ord4950
ord1740
ord456
ord4356
ord5082
ord4442
ord4675
ord1263
ord1229
ord3865
ord4493
ord3480
ord4904
ord4504
ord4589
ord5024
ord4989
ord5153
ord6191
ord4609
ord3614
ord4269
ord743
ord4480
ord2546
ord2504
ord5727
ord3917
ord4847
ord2388
ord3341
ord5296
ord5298
ord4074
ord5303
ord5285
ord5710
ord4616
ord3733
ord815
ord2717
ord6371
ord1197
ord4604
ord459
ord561
ord5496
ord2550
ord5712
ord5713
ord2028
ord986
ord6133
ord520
ord1202
ord6112
ord1149
ord925
ord927
ord4692
ord3442
ord3191
ord3998
ord5228
ord1173
ord1561
ord5264
ord6238
ord1897
ord1937
ord4268
ord4583
ord5070
ord4335
ord4525
ord4539
ord4537
ord4520
ord4523
ord4518
ord4958
ord4955
ord4103
ord5236
ord3743
ord1719
ord560
ord5256
ord4364
ord4893
ord4343
ord4426
ord4607
ord4608
ord813
ord1891
ord4884
ord4458
ord4502
ord4294
ord4141
ord2486
ord2618
ord2619
ord1651
ord4369
ord4846
ord3379
ord482
ord2527
ord2238
ord2529
ord3512
ord1807
ord2966
ord5755
ord6188
ord5752
ord6182
ord4324
ord6185
ord6017
ord5674
ord5732
ord5575
ord5567
ord6057
ord5860
ord5788
ord2518
ord469
ord3517
ord3516
ord4154
ord6399
ord6398
ord1887
ord4952
ord3402
ord4984
ord4921
ord4711
ord5102
ord4906
ord4640
ord4974
ord4516
ord4531
ord5069
ord4033
ord3276
ord3348
ord4620
ord749
ord5012
ord4682
ord2378
ord2379
ord457
ord2548
ord4647
ord4987
ord4851
ord2958
ord430
ord4931
ord4926
ord1821
ord656
ord5871
ord3397
ord3605
ord6376
ord3871
ord6375
ord2081
ord1930
ord1809
ord5878
ord4263
ord3290
ord4360
ord5080
ord1703
ord1708
ord5058
ord554
ord807
ord4230
ord5076
ord1705
ord6049
ord642
ord2403
ord2015
ord4213
ord2570
ord4392
ord3577
ord616
ord4143
ord2079
ord3312
ord5879
ord2112
ord327
ord1259
ord2455
ord1644
ord1795
ord5855
ord4491
ord1704
ord414
ord4128
ord4292
ord6137
ord1258
ord713
ord5808
ord3570
ord610
ord6135
ord287
ord3974
ord2767
ord996
ord3971
ord5438
ord3313
ord1567
ord6381
ord6006
ord765
ord3693
ord5677
ord2100
ord4704
ord5949
ord1775
ord6330
ord5777
ord2109
ord1569
ord4229
ord2914
ord324
ord3592
ord4419
ord2438
ord5257
ord5276
ord5996
ord268
ord289
ord3477
ord6063
ord613
ord825
ord4155
ord5047
ord1710
ord323
ord5785
ord2397
ord640
ord529
ord540
ord796
ord800
ord4418
ord4621
ord4075
ord3074
ord3820
ord3826
ord3825
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142

msvcrt

wcschr
_ftol
_itow
_except_handler3
wcstok
_beginthreadex
_c_exit
_exit
_XcptFilter
_cexit
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_controlfp
?terminate@@YAXXZ
__CxxFrameHandler
_wsplitpath
_wtoi
_ltow
_wtol
_CxxThrowException
wcscmp
free
_getdcwd
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
__dllonexit
_onexit
wcscat
_wcsdup
_wcsicmp
_purecall
rand

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyW
RegEnumKeyW
RegQueryValueExA

kernel32

QueryPerformanceCounter
GetExitCodeThread
TerminateThread
InterlockedDecrement
InterlockedIncrement
GlobalReAlloc
lstrcmpW
IsDBCSLeadByte
lstrcpyW
LoadLibraryW
GetACP
GetThreadLocale
GetModuleHandleA
GetTickCount
GetModuleHandleW
lstrcpynW
GetLastError
GetCommandLineW
lstrcmpiW
GetProcAddress
SetEndOfFile
FindFirstFileW
FindClose
GetCurrentThreadId
LocalAlloc
LocalFree
lstrlenA
MultiByteToWideChar
GetTempPathW
GetTempFileNameW
GetFileAttributesW
CreateDirectoryW
CreateFileW
GetFileSize
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDateFormatW
GetTimeFormatW
CloseHandle
GetNumberFormatW
MulDiv
GetLocaleInfoW
lstrcatW
GlobalLock
GlobalUnlock
GlobalFree
GlobalAlloc
lstrlenW
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetErrorMode
LoadLibraryA
FreeLibrary
InterlockedExchange
RaiseException
GetStartupInfoW

gdi32

SetDIBitsToDevice
GetNearestColor
CreatePalette
SetViewportExtEx
PlayMetaFile
SaveDC
SetMapMode
LPtoDP
RestoreDC
Rectangle
SetDIBColorTable
GetStockObject
FillRgn
GetDIBColorTable
GetCurrentObject
CreatePatternBrush
CreateSolidBrush
ResizePalette
GetNearestPaletteIndex
SetPaletteEntries
GetPaletteEntries
GetDeviceCaps
SetDIBits
DeleteObject
DeleteDC
CreateCompatibleBitmap
CreateBitmap
SelectPalette
RealizePalette
SetBkMode
SetTextColor
SetBkColor
PatBlt
CreateDIBSection
SetTextAlign
ExtTextOutW
GetTextMetricsW
GetTextExtentPoint32W
BitBlt
CreateCompatibleDC
CreateICW
CreateRectRgnIndirect
GetObjectW
CreateDIBitmap
StretchBlt
OffsetRgn
Polygon
GetPixel
CreateHalftonePalette
GetDIBits
CreatePen
SetPixel
LineTo
MoveToEx
UnrealizeObject
SetBrushOrgEx
ExtFloodFill
RoundRect
CreatePolygonRgn
CreateFontIndirectW
CreateDCW
PtVisible
RectVisible
TextOutW
Escape
StretchDIBits
TranslateCharsetInfo
GetBkMode
GetTextColor
EnumFontFamiliesW
EnumFontFamiliesExW
PolyBezier
SetROP2
Polyline
SelectObject
Ellipse
SetStretchBltMode

user32

SetClassLongW
LoadIconW
DestroyCaret
CreateCaret
ShowCaret
SendDlgItemMessageW
GetDlgItemInt
CheckDlgButton
SetDlgItemInt
GetDlgItem
MsgWaitForMultipleObjects
TranslateMessage
DispatchMessageW
PeekMessageW
EnableScrollBar
DestroyWindow
GetKeyboardLayout
SetRectEmpty
InflateRect
LoadBitmapW
SendMessageW
GetWindowRect
UpdateWindow
InvalidateRect
EnableWindow
GetSysColor
wsprintfW
IsWindow
GetSystemMetrics
SetRect
FillRect
MessageBeep
GetParent
MessageBoxW
wvsprintfW
SetWindowTextW
ReleaseDC
DrawFocusRect
GetDC
PtInRect
OffsetRect
WinHelpW
GetClientRect
FrameRect
GetCapture
IsClipboardFormatAvailable
RegisterClipboardFormatW
CopyRect
CharNextW
IntersectRect
UnionRect
ScreenToClient
WindowFromPoint
GetCursorPos
GetKeyState
IsRectEmpty
EqualRect
SetTimer
KillTimer
ReleaseCapture
GetSubMenu
LoadMenuW
BringWindowToTop
ClientToScreen
SetActiveWindow
SetCapture
GetFocus
LoadCursorW
GetWindowLongW
SetCursor
GetDesktopWindow
RemoveMenu
PostMessageW
GetSystemMenu
HideCaret
GetClassInfoW
IsWindowVisible
SystemParametersInfoW
DestroyIcon
LoadStringW
EnableMenuItem
GetMenu
IsMenu
SetWindowLongW
TabbedTextOutW
DrawTextW
GrayStringW
GetWindowDC
CheckMenuItem
BeginPaint
EndPaint
GetUpdateRect
ValidateRect
RedrawWindow
GetWindow
GetCaretPos
SetCaretPos
ShowCursor

comdlg32

CommDlgExtendedError
GetSaveFileNameW
GetFileTitleW
GetOpenFileNameW

ole32

CoUninitialize
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
PropVariantClear
CoTaskMemFree
CoCreateInstance
CLSIDFromString
WriteClassStg
WriteFmtUserTypeStg
OleGetClipboard
ReleaseStgMedium
CoInitialize

oleaut32

SysFreeString
SysAllocString

shell32

ShellAboutW
CommandLineToArgvW
SHChangeNotify

imm32

ImmGetCompositionStringW
ImmGetCompositionWindow
ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext
ImmAssociateContext
ImmNotifyIME

Sections

.text
Size: 239KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/msswch.dll
.dll windows:5 windows x86 arch:x86

ffbf95e3f84516135c61627fe4bfb360

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

malloc
free

kernel32

LocalAlloc
WinExec
CloseHandle
GetCommModemStatus
CreateFileW
SetCommState
GetCommState
GetModuleHandleW
LocalFree
DeviceIoControl
WaitForSingleObject
CreateMutexW
ReleaseMutex
MapViewOfFile
CreateFileMappingW
lstrcatW
lstrcpyW
lstrlenW
SetLastError
GetVersionExW
UnmapViewOfFile

user32

UnhookWindowsHookEx
SendMessageW
CloseDesktop
GetUserObjectInformationW
OpenDesktopW
OpenInputDesktop
wsprintfW
SetWindowsHookExW
GetAsyncKeyState
CallNextHookEx
PostMessageW
IsWindow

advapi32

RegEnumValueW
RegSetValueExW
RegCreateKeyExW
RegCloseKey

winmm

joyGetPosEx
timeGetTime

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Windows XP/osk.exe
.exe windows:5 windows x86 arch:x86

1744867817464bf7dd34561e44925565

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

osk.pdb

Imports

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_controlfp
_initterm
__getmainargs
_acmdln
exit
_cexit
__setusermatherr
_XcptFilter
_exit
_c_exit
wcscpy
_wcsicmp
free
_ftol
malloc

advapi32

RegOpenKeyExA
RegQueryValueExA
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey
AllocateAndInitializeSid
FreeSid
OpenThreadToken
OpenProcessToken
GetTokenInformation
CheckTokenMembership

kernel32

lstrlenW
GetSystemWindowsDirectoryW
LocalFree
LocalAlloc
GetCurrentProcess
GetLastError
GetCurrentThread
GetProcAddress
CloseHandle
lstrcmpiW
WaitForMultipleObjects
CreateThread
GetCurrentThreadId
OpenEventW
CreateEventW
SetEvent
CreateMutexW
SetLastError
GetCommandLineW
GetWindowsDirectoryW
lstrcmpW
ExitProcess
GetVersionExW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoA
lstrcatW
GetNumberFormatW
lstrcpyW
LoadLibraryA

gdi32

CreateFontIndirectW
CreatePenIndirect
SetTextColor
BitBlt
SetBkColor
CreateSolidBrush
CreateCompatibleDC
SetMapMode
TextOutW
GetTextMetricsW
SetBkMode
RealizePalette
SelectPalette
GetObjectW
StretchBlt
CreateBitmap
DeleteDC
CreateRoundRectRgn
SelectObject
Polyline
DeleteObject

user32

FindWindowW
MapVirtualKeyW
GetAsyncKeyState
GetMenu
SetTimer
SendMessageW
GetDlgItem
EndDialog
LoadStringW
EnableWindow
MessageBoxW
DialogBoxParamW
IsWindow
GetKeyboardLayout
GetWindowThreadProcessId
wsprintfW
CheckDlgButton
GetClientRect
DestroyWindow
InvalidateRect
WinHelpW
GetKeyboardType
SetClassLongW
RegisterClassW
GetClassInfoW
LoadCursorW
CreateWindowExW
GetSystemMetrics
SetWindowPos
SetWindowLongW
GetKeyState
wsprintfA
DrawIconEx
LoadImageW
SetWindowRgn
ToUnicodeEx
LoadIconW
GetWindowLongW
GetSysColor
ReleaseDC
GetDC
MapVirtualKeyExW
CloseDesktop
GetUserObjectInformationW
OpenDesktopW
OpenInputDesktop
PostMessageW
SetThreadDesktop
GetThreadDesktop
EndPaint
BeginPaint
DefWindowProcW
SetProcessWindowStation
OpenWindowStationW
GetProcessWindowStation
CloseWindowStation
MoveWindow
GetDesktopWindow
GetWindowRect
AllowSetForegroundWindow
SetForegroundWindow
GetForegroundWindow
ShowWindow
IsIconic
DispatchMessageW
TranslateMessage
GetMessageW
UpdateWindow
RegisterWindowMessageW
KillTimer
EnableMenuItem
CheckMenuRadioItem
CheckMenuItem
ReleaseCapture
SetCapture
SetCursor
ChildWindowFromPointEx
ScreenToClient
GetCursorPos
PostQuitMessage
SendInput
ActivateKeyboardLayout

msswch

ord8
ord13
ord12
ord11
ord9
ord1
ord14
ord10

comdlg32

ChooseFontW

winmm

PlaySoundW

shell32

ord258
ShellExecuteW

comctl32

ord17

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/regedit.exe
.exe windows:5 windows x86 arch:x86

dccff42573edbebc16f4c14991579bbc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

regedit.pdb

Imports

msvcrt

__p__commode
_adjust_fdiv
__p__fmode
_initterm
__getmainargs
_acmdln
__set_app_type
_except_handler3
__setusermatherr
_controlfp
exit
_XcptFilter
_exit
_c_exit
swprintf
iswprint
wcsncpy
wcslen
wcscat
wcscpy
_purecall
iswctype
wcscmp
wcschr
wcsncmp
wcsrchr
_cexit
memmove

advapi32

RegQueryValueExA
RegOpenKeyExA
InitializeSecurityDescriptor
RegDeleteValueW
InitializeAcl
SetSecurityDescriptorDacl
SetSecurityDescriptorSacl
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetInheritanceSourceW
LookupAccountSidW
GetSidSubAuthorityCount
GetSidSubAuthority
GetSecurityDescriptorControl
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
SetSecurityInfo
SetNamedSecurityInfoW
GetNamedSecurityInfoW
MapGenericMask
RegSetValueExA
RegSetValueW
RegFlushKey
RegSaveKeyW
RegRestoreKeyW
RegConnectRegistryW
RegQueryValueExW
RegCloseKey
RegOpenKeyW
RegSetValueExW
RegCreateKeyW
RegEnumValueW
RegEnumKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegUnLoadKeyW
RegLoadKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegDeleteKeyW

kernel32

ReadFile
DeleteFileW
WriteFile
WideCharToMultiByte
CreateFileW
OutputDebugStringW
GetLastError
SetFilePointer
GetFileSize
SearchPathW
GetTimeFormatW
GetDateFormatW
GetSystemDefaultLCID
FileTimeToSystemTime
FileTimeToLocalFileTime
FreeLibrary
LoadLibraryW
MulDiv
lstrcpynW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoA
MultiByteToWideChar
lstrcmpW
FormatMessageW
GetThreadLocale
GetModuleHandleW
ExitProcess
GetCommandLineW
GetProcessHeap
lstrcatW
LocalAlloc
GetCurrentProcess
CloseHandle
LocalFree
GetComputerNameW
lstrcmpiW
lstrlenW
lstrcpyW
LocalReAlloc
GlobalAlloc
GlobalLock
GlobalUnlock
GetProcAddress
LoadLibraryA

gdi32

GetStockObject
SetAbortProc
StartDocW
StartPage
SetViewportOrgEx
EndPage
EndDoc
AbortDoc
DeleteDC
CreateBitmap
CreatePatternBrush
PatBlt
ExcludeClipRect
SelectClipRgn
DeleteObject
SetBkColor
SetTextColor
ExtTextOutW
GetDeviceCaps
CreateFontIndirectW
SelectObject
GetTextMetricsW

user32

SendDlgItemMessageW
SetDlgItemTextW
SetWindowLongW
DefWindowProcW
ReleaseDC
GetDC
SetScrollInfo
wsprintfW
DestroyCaret
ReleaseCapture
KillTimer
SetCaretPos
ScrollWindowEx
ShowCaret
HideCaret
InvalidateRect
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
WinHelpW
EndDialog
GetWindowLongW
EndPaint
BeginPaint
CreateCaret
SetTimer
SetCapture
SetFocus
CharLowerW
GetDlgItem
DestroyMenu
TrackPopupMenuEx
IsClipboardFormatAvailable
EnableMenuItem
GetSubMenu
LoadMenuW
GetKeyState
RegisterClassW
LoadCursorW
RegisterClipboardFormatW
CheckRadioButton
SendMessageW
GetWindowTextW
GetParent
GetDlgItemTextW
IsDlgButtonChecked
GetDlgCtrlID
CallWindowProcW
GetWindowTextLengthW
GetDlgItemInt
PostQuitMessage
GetWindowPlacement
SetWindowTextW
EnableWindow
GetWindowRect
DrawMenuBar
InsertMenuItemW
DeleteMenu
SetMenuItemInfoW
GetMenu
GetMenuItemInfoW
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsIconic
DestroyIcon
LoadImageW
GetSysColor
SetCursor
ShowCursor
ShowWindow
SetWindowPlacement
CreateWindowExW
GetProcessDefaultLayout
GetMessageW
ScreenToClient
SetCursorPos
DispatchMessageW
ClientToScreen
GetDesktopWindow
LoadIconW
PostMessageW
SetMenuDefaultItem
InsertMenuW
GetMenuItemID
CheckMenuItem
UpdateWindow
RegisterClassExW
CharNextW
GetClientRect
DestroyWindow
CreateDialogParamW
CheckDlgButton
DrawAnimatedRects
IntersectRect
ModifyMenuW
GetMessagePos
TranslateMessage
TranslateAcceleratorW
LoadAcceleratorsW
SetForegroundWindow
GetLastActivePopup
BringWindowToTop
FindWindowW
LoadStringW
GetWindow
IsDialogMessageW
PeekMessageW
MessageBoxW
CharUpperBuffW
CharUpperW
IsCharAlphaNumericW
GetSystemMetrics
MoveWindow
MapWindowPoints
DialogBoxParamW
SetWindowPos
MessageBeep

comctl32

ord338
ord334
ord236
ord340
InitCommonControlsEx
ord365
ord337
ImageList_SetBkColor
ImageList_Create
ImageList_Destroy
ord2
ord4
ImageList_ReplaceIcon
ord329
ord359
ord358
ord363
CreateStatusWindowW

comdlg32

GetOpenFileNameW
GetSaveFileNameW
PrintDlgExW

shell32

ShellAboutW
DragQueryFileW
DragFinish

authz

AuthzInitializeContextFromSid
AuthzAccessCheck
AuthzFreeContext
AuthzFreeResourceManager
AuthzInitializeResourceManager

aclui

ord2

ole32

CoCreateInstance
CoUninitialize
CoInitializeEx
ReleaseStgMedium

ulib

?Resize@DSTRING@@UAEEK@Z
?Initialize@ARRAY@@QAEEKK@Z
?NewBuf@DSTRING@@UAEEK@Z
??1DSTRING@@UAE@XZ
??1OBJECT@@UAE@XZ
??0OBJECT@@IAE@XZ
?Compare@OBJECT@@UBEJPBV1@@Z
??0DSTRING@@QAE@XZ
?Initialize@WSTRING@@QAEEPBV1@KK@Z
?Strcat@WSTRING@@QAEEPBV1@@Z
??0ARRAY@@QAE@XZ
?Initialize@WSTRING@@QAEEPBGK@Z

clb

ClbAddData
ClbSetColumnWidths

ntdll

RtlFreeHeap
RtlAllocateHeap

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/scrnsave.scr
.exe windows:5 windows x86 arch:x86

83ac3435ce75a7addd17a1fe2144a37d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

scrnsave.pdb

Imports

user32

GetMessageA
TranslateMessage
DispatchMessageA
LoadStringA
GetActiveWindow
MessageBoxA
LoadCursorA
RegisterClassA
GetDC
ReleaseDC
RegisterWindowMessageA
IsRectEmpty
GetSystemMetrics
CreateWindowExA
SetCursor
PostQuitMessage
GetCursorPos
PostMessageA
DefWindowProcA

gdi32

GetClipBox
GetStockObject

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
exit
_cexit
_XcptFilter
_exit
_c_exit
strchr
atoi
__initenv

kernel32

OpenFile
GetVersionExA
GetModuleHandleA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
LoadLibraryA
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetProcAddress
GetCurrentThreadId
FreeLibrary

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/sndrec32.exe
.exe windows:5 windows x86 arch:x86

c86d10d715e0a8f08cc68ae46e3fc52f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

SndRec32.pdb

Imports

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExA
RegQueryValueExA

kernel32

GetCommandLineA
GetVersionExA
ExitProcess
GetProcAddress
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
HeapAlloc
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
GetStartupInfoA
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
GetStringTypeA
GetStringTypeW
LCMapStringA
MultiByteToWideChar
LCMapStringW
VirtualProtect
GetSystemInfo
GetLocaleInfoA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetTempFileNameW
lstrcpynW
GlobalReAlloc
WaitForSingleObject
CreateThread
GlobalMemoryStatus
GetLocaleInfoW
GetCommandLineW
GetFullPathNameW
lstrlenW
lstrcatW
DeleteFileW
CreateFileW
CloseHandle
GlobalAlloc
GlobalLock
GlobalSize
GetCurrentThreadId
lstrcmpiW
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
FreeResource
lstrcmpW
MulDiv
lstrcpyW
GlobalFree
GlobalUnlock
GlobalHandle
VirtualAlloc

gdi32

SetMapMode
GetStockObject
CreateMetaFileW
SetWindowOrgEx
SetWindowExtEx
StretchBlt
CloseMetaFile
DeleteMetaFile
GetDeviceCaps
CreateCompatibleBitmap
GetObjectW
SelectPalette
RealizePalette
GetDIBits
PatBlt
BitBlt
DeleteDC
CreateCompatibleDC
CreateBitmap
SetTextColor
SelectObject
SetBkColor
GetTextExtentPointW
ExtTextOutW
DeleteObject
CreateSolidBrush
SetBrushOrgEx
CreateHatchBrush

user32

SetCursor
LoadCursorW
GetClipboardData
OpenClipboard
wsprintfW
MessageBoxW
wvsprintfW
GetWindowLongW
MessageBeep
CharPrevW
CharNextW
SetClassLongW
SetWindowTextW
LoadAcceleratorsW
DefDlgProcW
RegisterClassW
LoadIconW
GetDlgItem
ShowWindow
GetWindowTextW
ReleaseDC
GetDC
EndPaint
BeginPaint
DefWindowProcW
InflateRect
PeekMessageW
InvalidateRect
SetDlgItemTextW
GetActiveWindow
EnableWindow
GetFocus
SetTimer
KillTimer
RegisterWindowMessageW
DrawIcon
SetRect
GetSystemMetrics
ModifyMenuW
DrawMenuBar
DeleteMenu
GetMenu
IsWindow
EndDialog
SetPropW
RemovePropW
CloseClipboard
GetDlgCtrlID
DialogBoxParamW
MoveWindow
IsIconic
GetWindowRect
DrawFocusRect
CopyRect
DrawEdge
CallWindowProcW
SetWindowLongW
MapWindowPoints
CreateWindowExW
SetForegroundWindow
SetFocus
RemoveMenu
GetMenuStringW
GetSubMenu
InsertMenuW
GetParent
SetWindowPos
DestroyMenu
CreateMenu
RedrawWindow
RegisterClipboardFormatW
DispatchMessageW
UnhookWindowsHookEx
GetSysColor
GetClientRect
FillRect
DestroyWindow
PostQuitMessage
LoadStringW
ScreenToClient
UpdateWindow
IsWindowEnabled
SetActiveWindow
PostMessageW
GetWindow
GetKeyState
EnableMenuItem
IsClipboardFormatAvailable
SetWindowsHookExW
CreateDialogParamW
GetMessageW
TranslateAcceleratorW
IsDialogMessageW
GetPropW
TranslateMessage
WinHelpW
GetDesktopWindow
IsWindowVisible
GetAsyncKeyState
SendMessageW
CallNextHookEx
ClientToScreen

winmm

waveOutUnprepareHeader
mmioOpenW
mmioWrite
mmioAscend
mmioCreateChunk
mmioRead
mmioSeek
mmioDescend
waveOutGetNumDevs
waveInGetNumDevs
waveInOpen
waveOutWrite
waveInAddBuffer
waveOutPrepareHeader
waveInPrepareHeader
waveInUnprepareHeader
waveOutOpen
waveInReset
waveOutReset
mmioGetInfo
waveInStart
waveOutPause
waveOutRestart
waveOutClose
waveInClose
waveOutGetPosition
waveInGetPosition
mmioClose

comdlg32

GetSaveFileNameW
GetOpenFileNameW

shell32

ShellAboutW
DragQueryFileW
DragFinish
SHGetFileInfoW
ShellExecuteW
DragAcceptFiles

ole32

OleFlushClipboard
OleUninitialize
OleInitialize
OleBuildVersion
CoRevokeClassObject
CoLockObjectExternal
CoCreateInstance
OleSetClipboard
WriteClassStg
OleNoteObjectVisible
StgCreateDocfile
OleSave
CreateFileMoniker
OleIsCurrentClipboard
CoRegisterClassObject
CLSIDFromString
OleDraw
WriteClassStm
CreateStreamOnHGlobal
ReleaseStgMedium
CreateDataAdviseHolder
WriteFmtUserTypeStg
StgOpenStorage
CreateOleAdviseHolder
GetRunningObjectTable
CreateBindCtx
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CoGetMalloc

msacm32

acmFormatSuggest
acmStreamOpen
acmStreamSize
acmFormatDetailsW
acmStreamPrepareHeader
acmStreamConvert
acmStreamUnprepareHeader
acmStreamClose
acmMetrics
acmFormatChooseW
acmFormatTagDetailsW

comctl32

ord17
ord8
PropertySheetW

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/sndvol32.exe
.exe windows:5 windows x86 arch:x86

00ba7da047cf6673979e19130b9460d0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExA
RegOpenKeyExA

kernel32

SizeofResource
LockResource
LoadResource
FindResourceW
LocalAlloc
LocalFree
lstrcpynW
lstrcpyW
lstrcmpW
GetProcAddress
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
LoadLibraryW
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
VirtualAlloc
HeapReAlloc
GetLocaleInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
LCMapStringA
LCMapStringW
RtlUnwind
GetSystemDirectoryW
FreeLibrary
WideCharToMultiByte
GlobalReAlloc
CloseHandle
GlobalAlloc
GlobalHandle
GlobalLock
SetHandleCount
CreateFileW
GlobalFree
GlobalUnlock

gdi32

CreateCompatibleBitmap
SelectObject
CreateSolidBrush
DeleteDC
BitBlt
DeleteObject
CreateCompatibleDC

user32

SendMessageW
GetWindowRect
GetClientRect
SetScrollPos
ScrollWindowEx
SubtractRect
MapWindowPoints
GetWindowTextW
GetFocus
GetDlgCtrlID
KillTimer
EnableWindow
ShowWindow
GetWindow
EndPaint
DrawEdge
BeginPaint
DestroyWindow
SetFocus
SetForegroundWindow
SetWindowPos
OffsetRect
GetMonitorInfoW
MonitorFromPoint
GetCursorPos
GetDesktopWindow
WinHelpW
DestroyIcon
SetPropW
SetWindowLongW
EnableMenuItem
CreateWindowExW
MonitorFromRect
GetSystemMetrics
RegisterDeviceNotificationW
MapDialogRect
LoadIconW
LoadImageW
IsIconic
RemovePropW
RegisterClassW
DefDlgProcW
LoadCursorW
CreateDialogIndirectParamW
PostQuitMessage
DefWindowProcW
UnhookWindowsHook
DispatchMessageW
TranslateMessage
IsDialogMessageW
TranslateAcceleratorW
GetMessageW
LoadAcceleratorsW
FindWindowW
SetWindowsHookW
LoadStringW
IsWindowEnabled
IsDlgButtonChecked
CheckRadioButton
EndDialog
DialogBoxParamW
FillRect
GetSysColor
GetUpdateRect
InvalidateRect
wsprintfW
SetWindowTextW
MessageBoxW
GetPropW
UnregisterDeviceNotification
IsWindow
CallWindowProcW
GetDlgItem
GetWindowLongW
GetMenu
SetScrollInfo
CheckMenuItem
PostMessageW
MoveWindow
GetForegroundWindow

shell32

ShellAboutW

winmm

waveInGetNumDevs
mixerGetNumDevs
mixerGetControlDetailsW
mixerGetLineControlsW
mixerSetControlDetails
waveOutGetDevCapsW
midiOutGetDevCapsW
midiOutGetNumDevs
auxGetDevCapsW
auxGetNumDevs
waveOutMessage
waveInMessage
mixerOpen
mixerClose
timeKillEvent
timeSetEvent
mixerGetDevCapsW
mixerGetLineInfoW
mixerGetID
mixerMessage
PlaySoundW
waveOutGetNumDevs

comctl32

ord17

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiOpenDeviceInterfaceW
SetupDiCreateDeviceInfoList
SetupDiOpenDevRegKey

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/sol.exe
.exe windows:5 windows x86 arch:x86

cf5d8ccd40ccf8c8e461f297b97c5818

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
rand
time
srand

advapi32

RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
RegSetValueExW
RegCloseKey

kernel32

GetStartupInfoA
GetModuleHandleA
MulDiv
lstrlenW
LocalFree
LocalAlloc
GetCommandLineW
GetProcAddress
LoadLibraryA

gdi32

SetTextColor
SetPixel
LineDDA
BitBlt
CreateCompatibleDC
GetStockObject
GetTextExtentPoint32W
CreateFontW
DeleteDC
TextOutW
PtVisible
SetBrushOrgEx
SelectObject
PatBlt
SetROP2
MoveToEx
LineTo
GetTextMetricsW
DeleteObject
CreateSolidBrush
GetDeviceCaps
CreateCompatibleBitmap

user32

SetFocus
RegisterClassW
CopyRect
MoveWindow
DestroyWindow
GetSysColor
EndPaint
BeginPaint
GetDC
ReleaseDC
InvalidateRect
EndDialog
GetDesktopWindow
LoadStringA
ReleaseCapture
GetCapture
SetCapture
PostMessageW
EnableMenuItem
GetMenu
DefWindowProcW
ShowCursor
PostQuitMessage
KillTimer
GetClientRect
IsIconic
LoadAcceleratorsW
UpdateWindow
ShowWindow
SetTimer
CreateWindowExW
AdjustWindowRect
RegisterClassExW
LoadImageW
LoadIconW
RegisterWindowMessageW
LoadCursorW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
InvertRect
IntersectRect
MessageBoxW
LoadStringW
SetCursorPos
ClientToScreen
GetKeyState
PtInRect
PeekMessageW
MsgWaitForMultipleObjects
DrawTextW
WinHelpW
CheckDlgButton
IsDlgButtonChecked
EnableWindow
GetDlgItem
CheckRadioButton
DialogBoxParamW
InflateRect
FrameRect

cards

cdtDrawExt
cdtInit
cdtTerm
cdtDraw

shell32

ShellAboutW

comctl32

InitCommonControlsEx

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/spider.exe
.exe windows:5 windows x86 arch:x86

62ff38f10b39db8a0856c327b9755044

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

spider.pdb

Imports

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExA
RegOpenKeyExA

kernel32

GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
HeapAlloc
HeapReAlloc
HeapSize
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
RaiseException
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
GetStdHandle
GetModuleHandleA
GetProcAddress
ExitProcess
GetCommandLineA
GetStartupInfoA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
CreateFileW
QueryPerformanceCounter
MulDiv
lstrlenW
GetVersionExA
WriteFile
GetModuleHandleW
Sleep
GetFileSize
GlobalAlloc
ReadFile
lstrcpyW
CloseHandle
GlobalFree
lstrcatW

gdi32

SaveDC
GetDeviceCaps
CreateFontIndirectW
Ellipse
GetTextExtentPoint32W
GetPixel
GdiFlush
ExcludeClipRect
RestoreDC
CreateCompatibleBitmap
CreateSolidBrush
GetStockObject
GetBkMode
GetTextColor
SetBkMode
SetTextColor
SetPixel
MoveToEx
LineTo
CreateCompatibleDC
SelectObject
BitBlt
DeleteObject
DeleteDC

user32

GetWindowRect
InvalidateRect
EndDialog
PeekMessageW
EnableMenuItem
GetMenu
DialogBoxParamW
LoadStringW
MessageBoxW
ReleaseDC
GetDC
SetCapture
GetWindowPlacement
IsIconic
IsZoomed
DrawMenuBar
DrawTextW
SetRect
FrameRect
FillRect
OffsetRect
InvertRect
IntersectRect
ReleaseCapture
UpdateWindow
PostMessageW
PtInRect
GetSubMenu
GetDesktopWindow
MoveWindow
DefWindowProcW
GetForegroundWindow
ShowWindow
GetSystemMetrics
PostQuitMessage
EndPaint
BeginPaint
DestroyWindow
WaitMessage
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
LoadAcceleratorsW
CreateWindowExW
RegisterClassW
LoadCursorW
LoadIconW
MessageBoxA
LoadStringA
SetDlgItemTextW
GetDlgItem
WinHelpW
CheckDlgButton
IsDlgButtonChecked
CheckRadioButton
GetDlgItemTextW
UnionRect
SendMessageW
SetTimer
LoadBitmapW
wsprintfW
GetClientRect
GetParent

shell32

SHGetSpecialFolderPathW

winmm

timeGetTime
PlaySoundW

comctl32

InitCommonControlsEx

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 459KB - Virtual size: 459KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/ss3dfo.scr
.exe windows:5 windows x86 arch:x86

2f39da48745a2334d9c8e9c5473cdb86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ss3dfo.pdb

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW
RegSetValueExW
RegOpenKeyA
RegQueryValueExA

kernel32

lstrcatW
GetWindowsDirectoryW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapAlloc
HeapFree
ExitProcess
GetProcAddress
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
lstrcmpiW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
RtlUnwind
InterlockedExchange
VirtualQuery
RaiseException
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
SearchPathW
lstrlenW
GetVersionExW
GetPrivateProfileStringW
GetLastError
GetPrivateProfileIntW
FlushFileBuffers
SetStdHandle
SetFilePointer
IsBadCodePtr
IsBadReadPtr
HeapSize
GetPrivateProfileSectionW
FindResourceW
QueryPerformanceFrequency
SizeofResource
LoadResource
LockResource
lstrcpyW
DebugBreak
IsProcessorFeaturePresent
GetFileSize
MapViewOfFile
CreateFileMappingA
CreateFileA
CreateFileW
CloseHandle
UnmapViewOfFile
GetModuleHandleW
FreeLibrary
LoadLibraryW
GetCommandLineW
SetThreadPriority
GetCurrentThread
Sleep

user32

GetWindowTextW
PeekMessageW
wsprintfW
MessageBoxW
DialogBoxParamW
EndDialog
IsDlgButtonChecked
IntersectRect
OffsetRect
LoadStringW
CheckDlgButton
GetDlgItem
EnableWindow
SendDlgItemMessageW
GetSystemMetrics
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
SetRectEmpty
EnumDisplaySettingsW
UpdateWindow
SetRect
InvalidateRect
ScreenToClient
DrawTextW
FrameRect
FillRect
SetWindowPos
CheckRadioButton
SetWindowTextW
SendMessageW
GetClientRect
CreateWindowExW
AdjustWindowRect
RegisterClassW
LoadIconW
LoadCursorW
PostQuitMessage
SystemParametersInfoW
SetCursor
ShowWindow
DispatchMessageW
TranslateMessage
GetMessageW
PostMessageW
DefWindowProcW
SetTimer
KillTimer
EndPaint
BeginPaint
UnionRect

comctl32

ord17

comdlg32

GetOpenFileNameW

gdi32

ExcludeClipRect
GetStockObject

winmm

timeGetTime

d3d8

Direct3DCreate8

Exports

Exports

??0PrimProcessor@@QAE@XZ
??1PrimProcessor@@QAE@XZ
??4PrimProcessor@@QAEAAV0@ABV0@@Z
?AllocSpans@PrimProcessor@@QAEJPAIPAPAUtagD3DI_RASTSPAN@@@Z
?AppendPrim@PrimProcessor@@AAEJXZ
?Begin@PrimProcessor@@QAEXXZ
?BeginPrimSet@PrimProcessor@@QAEXW4_D3DPRIMITIVETYPE@@W4_RAST_VERTEX_TYPE@@@Z
?ClrFlags@PrimProcessor@@QAEXI@Z
?End@PrimProcessor@@QAEJXZ
?FillPointSpan@PrimProcessor@@AAEXPAU_D3DTLVERTEX@@PAUtagD3DI_RASTSPAN@@@Z
?Flush@PrimProcessor@@AAEJXZ
?FlushPartial@PrimProcessor@@AAEJXZ
?FreeSpans@PrimProcessor@@QAEXI@Z
?GetFlags@PrimProcessor@@QAEIXZ
?Initialize@PrimProcessor@@QAEJXZ
?Line@PrimProcessor@@QAEJPAU_D3DTLVERTEX@@00@Z
?LineSetup@PrimProcessor@@AAEHPAU_D3DTLVERTEX@@0@Z
?NormalizeLineRHW@PrimProcessor@@AAEXPAU_D3DTLVERTEX@@0@Z
?NormalizePointRHW@PrimProcessor@@AAEXPAU_D3DTLVERTEX@@@Z
?NormalizeTriRHW@PrimProcessor@@AAEXPAU_D3DTLVERTEX@@00@Z
?Point@PrimProcessor@@QAEJPAU_D3DTLVERTEX@@0@Z
?PointDiamondCheck@PrimProcessor@@AAEHHHHH@Z
?ResetBuffer@PrimProcessor@@AAEXXZ
?SetCtx@PrimProcessor@@QAEXPAUtagD3DI_RASTCTX@@@Z
?SetFlags@PrimProcessor@@QAEXI@Z
?SetTriFunctions@PrimProcessor@@AAEXXZ
?StateChanged@PrimProcessor@@QAEXXZ
?Tri@PrimProcessor@@QAEJPAU_D3DTLVERTEX@@00@Z
?TriSetup@PrimProcessor@@AAEHPAU_D3DTLVERTEX@@00@Z

Sections

.text
Size: 520KB - Virtual size: 518KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/ssbezier.scr
.exe windows:5 windows x86 arch:x86

37f5a23f24ea6ad3c909b7df73ddf983

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ssbezier.pdb

Imports

comctl32

InitCommonControlsEx
ord17

msvcrt

rand
_ftol
_except_handler3
_c_exit
_exit
_XcptFilter
_cexit
exit
__initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
srand

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyW

kernel32

WaitForSingleObject
lstrcpyW
LocalAlloc
CreateThread
CreateEventW
GetTickCount
WritePrivateProfileStringW
SetEvent
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
GetProcAddress
GetModuleHandleW
FreeLibrary
LoadLibraryW
GetSystemPowerStatus
GetVersionExW
ExitProcess
GetStartupInfoW
GetCommandLineW
GetModuleHandleA
GetPrivateProfileIntW

gdi32

GetPaletteEntries
SetSystemPaletteUse
CreateDIBSection
CreateCompatibleDC
CreateFontIndirectW
GdiSetBatchLimit
BitBlt
SetTextColor
GetDeviceCaps
CreatePalette
SelectPalette
RealizePalette
GetSystemPaletteEntries
GetStockObject
SelectObject
DeleteObject
CreatePen
SetBkColor
GetClipBox
AnimatePalette
PolyBezier
PatBlt

user32

CharNextW
LoadIconW
GetClientRect
GetSystemMetrics
FindWindowW
SetForegroundWindow
RegisterWindowMessageW
RegisterClassW
CreateWindowExW
GetMessageW
TranslateMessage
DispatchMessageW
GetForegroundWindow
PeekMessageW
DialogBoxParamW
GetParent
IsWindow
PostMessageW
DefWindowProcW
SetCursor
LoadStringW
FillRect
SetTimer
WinHelpW
SendDlgItemMessageW
SetDlgItemInt
SetScrollRange
SendMessageW
EndDialog
wsprintfW
EnableWindow
GetDlgItem
GetDlgItemInt
SetScrollPos
GetDC
ReleaseDC
KillTimer
EndPaint
BeginPaint
InvalidateRect
SystemParametersInfoW
GetCursorPos
PostQuitMessage

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/ssflwbox.scr
.exe windows:5 windows x86 arch:x86

d60a7354eeb3be2f166806a2cbb267aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ssflwbox.pdb

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyA
RegQueryValueExA

kernel32

GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
GetProcAddress
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
LoadLibraryA
GetACP
GetCurrentProcessId
GetCPInfo
HeapAlloc
VirtualAlloc
HeapReAlloc
IsBadWritePtr
RtlUnwind
InterlockedExchange
VirtualQuery
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapFree
GetSystemTimeAsFileTime
FlushFileBuffers
SetStdHandle
SetFilePointer
IsBadCodePtr
IsBadReadPtr
HeapSize
GetOEMCP
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetPrivateProfileIntW
GetPrivateProfileSectionW
lstrcpyW
DebugBreak
IsProcessorFeaturePresent
GetModuleHandleW
lstrcatW
FreeLibrary
LoadLibraryW
GetCommandLineW
SetThreadPriority
GetCurrentThread
Sleep
GetVersionExW
CloseHandle
QueryPerformanceFrequency
RaiseException

user32

IntersectRect
OffsetRect
DialogBoxParamW
GetDlgItem
SendMessageW
EndDialog
CheckRadioButton
CheckDlgButton
SetFocus
SendDlgItemMessageW
LoadStringW
GetSystemMetrics
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
SetRectEmpty
EnumDisplaySettingsW
UpdateWindow
SetRect
InvalidateRect
ScreenToClient
DrawTextW
FrameRect
FillRect
MessageBoxW
wsprintfW
GetWindowTextW
IsDlgButtonChecked
EnableWindow
SetWindowTextW
GetClientRect
CreateWindowExW
AdjustWindowRect
RegisterClassW
LoadIconW
LoadCursorW
PostQuitMessage
SystemParametersInfoW
SetCursor
ShowWindow
DispatchMessageW
TranslateMessage
GetMessageW
PostMessageW
DefWindowProcW
SetTimer
KillTimer
EndPaint
BeginPaint
UnionRect
SetWindowPos
PeekMessageW

comctl32

ord17

gdi32

ExcludeClipRect
GetStockObject

winmm

timeGetTime

d3d8

Direct3DCreate8

Exports

Exports

??0PrimProcessor@@QAE@XZ
??1PrimProcessor@@QAE@XZ
??4PrimProcessor@@QAEAAV0@ABV0@@Z
?AllocSpans@PrimProcessor@@QAEJPAIPAPAUtagD3DI_RASTSPAN@@@Z
?AppendPrim@PrimProcessor@@AAEJXZ
?Begin@PrimProcessor@@QAEXXZ
?BeginPrimSet@PrimProcessor@@QAEXW4_D3DPRIMITIVETYPE@@W4_RAST_VERTEX_TYPE@@@Z
?ClrFlags@PrimProcessor@@QAEXI@Z
?End@PrimProcessor@@QAEJXZ
?FillPointSpan@PrimProcessor@@AAEXPAU_D3DTLVERTEX@@PAUtagD3DI_RASTSPAN@@@Z
?Flush@PrimProcessor@@AAEJXZ
?FlushPartial@PrimProcessor@@AAEJXZ
?FreeSpans@PrimProcessor@@QAEXI@Z
?GetFlags@PrimProcessor@@QAEIXZ
?Initialize@PrimProcessor@@QAEJXZ
?Line@PrimProcessor@@QAEJPAU_D3DTLVERTEX@@00@Z
?LineSetup@PrimProcessor@@AAEHPAU_D3DTLVERTEX@@0@Z
?NormalizeLineRHW@PrimProcessor@@AAEXPAU_D3DTLVERTEX@@0@Z
?NormalizePointRHW@PrimProcessor@@AAEXPAU_D3DTLVERTEX@@@Z
?NormalizeTriRHW@PrimProcessor@@AAEXPAU_D3DTLVERTEX@@00@Z
?Point@PrimProcessor@@QAEJPAU_D3DTLVERTEX@@0@Z
?PointDiamondCheck@PrimProcessor@@AAEHHHHH@Z
?ResetBuffer@PrimProcessor@@AAEXXZ
?SetCtx@PrimProcessor@@QAEXPAUtagD3DI_RASTCTX@@@Z
?SetFlags@PrimProcessor@@QAEXI@Z
?SetTriFunctions@PrimProcessor@@AAEXXZ
?StateChanged@PrimProcessor@@QAEXXZ
?Tri@PrimProcessor@@QAEJPAU_D3DTLVERTEX@@00@Z
?TriSetup@PrimProcessor@@AAEHPAU_D3DTLVERTEX@@00@Z

Sections

.text
Size: 328KB - Virtual size: 327KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/ssmarque.scr
.exe windows:5 windows x86 arch:x86

53468c76fae684926c250afb24188ad4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ssmarque.pdb

Imports

comdlg32

ChooseFontW

msvcrt

_exit
_XcptFilter
_cexit
exit
__initenv
__getmainargs
_initterm
_c_exit
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
__setusermatherr
_except_handler3

advapi32

RegCloseKey
RegOpenKeyW
RegQueryValueExW

kernel32

WideCharToMultiByte
lstrlenW
GetVersionExW
GetUserDefaultLCID
GetPrivateProfileStringW
GetTickCount
lstrcatW
GetPrivateProfileIntW
WritePrivateProfileStringW
lstrcpyW
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
GetProcAddress
GetModuleHandleW
FreeLibrary
LoadLibraryW
GetSystemPowerStatus
ExitProcess
GetStartupInfoW
GetCommandLineW
GetModuleHandleA
IsDBCSLeadByte
GetACP

gdi32

GetPaletteEntries
GetObjectW
GetNearestPaletteIndex
PatBlt
CreateFontW
GetStockObject
CreateFontIndirectW
DeleteObject
SelectObject
GetTextExtentPoint32W
GetTextMetricsW
SetTextColor
SetBkColor
ExtTextOutW
GetTextFaceW
GetClipBox
CreateSolidBrush
GetDeviceCaps
TranslateCharsetInfo

user32

CharNextW
LoadIconW
FindWindowW
SetForegroundWindow
CreateWindowExW
GetMessageW
TranslateMessage
DispatchMessageW
GetForegroundWindow
PeekMessageW
SendMessageW
DialogBoxParamW
GetParent
IsWindow
PostMessageW
SetCursor
PostQuitMessage
GetSystemMetrics
wsprintfW
LoadStringW
SetWindowTextW
ShowWindow
ReleaseDC
GetDC
SetTimer
KillTimer
EndPaint
GetWindowTextW
BeginPaint
DefWindowProcW
FillRect
InvalidateRect
GetClientRect
RegisterClassW
LoadCursorW
InflateRect
WinHelpW
SetScrollRange
RegisterWindowMessageW
EndDialog
SetDlgItemTextW
GetDlgItemTextW
CheckRadioButton
SendDlgItemMessageW
SetScrollPos
GetScrollPos
GetDlgItem
SystemParametersInfoW
GetCursorPos

comctl32

InitCommonControlsEx

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/ssmypics.scr
.exe windows:5 windows x86 arch:x86

cc88326c6e98340b3210fe4a5e38b684

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ssmypics.pdb

Imports

msvcrt

exit
__initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_cexit
_XcptFilter
_exit
_vsnwprintf
_c_exit

kernel32

GetSystemPowerStatus
UnhandledExceptionFilter
GetVersionExW
ExitProcess
GetStartupInfoW
GetCommandLineW
CreateEventW
WaitForSingleObject
SetEvent
CloseHandle
CompareStringW
lstrlenW
DuplicateHandle
GetCurrentProcess
SetThreadPriority
CreateThread
lstrcpyW
MulDiv
FindClose
FindNextFileW
lstrcmpW
FindFirstFileW
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
SetUnhandledExceptionFilter
LoadLibraryW
FreeLibrary
GetModuleHandleW
GetProcAddress
Sleep
GetModuleHandleA
SetErrorMode
LocalFree
LocalAlloc
GetLastError
lstrcpynW
GetTickCount

user32

ReleaseDC
GetDC
GetSystemMetrics
GetClientRect
LoadIconW
CharNextW
MapWindowPoints
LoadCursorW
LoadBitmapW
EndPaint
BeginPaint
KillTimer
IntersectRect
SetTimer
LoadStringW
EndDialog
SendDlgItemMessageW
GetDlgItem
GetMonitorInfoW
EnumDisplayMonitors
LoadImageW
FillRect
OffsetRect
FindWindowW
InflateRect
SetForegroundWindow
RegisterWindowMessageW
PostMessageW
CreateWindowExW
GetMessageW
TranslateMessage
DispatchMessageW
GetForegroundWindow
PeekMessageW
SendMessageW
DialogBoxParamW
DefWindowProcW
SetCursor
PostQuitMessage
GetCursorPos
SystemParametersInfoW
SetWindowLongW
GetWindowLongW
GetParent
DrawTextW
IsWindow
RegisterClassW
WinHelpW

ole32

CoInitialize
CoUninitialize

comctl32

ord17
InitCommonControlsEx

advapi32

RegOpenKeyW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW

gdi32

SetBkColor
CreateDIBSection
GetDeviceCaps
GetDIBColorTable
CreatePalette
CreateHalftonePalette
GetObjectW
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
RealizePalette
SetBrushOrgEx
SetBkMode
DeleteDC
SetTextColor
SelectObject
DeleteObject
SelectPalette
GetStockObject
GetClipBox

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetPathFromIDListW

msimg32

AlphaBlend

gdiplus

GdipGetImageWidth
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImageDecoders
GdipGetImageDecodersSize
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCloneImage
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromFile
GdipGetImageHeight

shlwapi

SHCreateStreamOnFileW

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/ssmyst.scr
.exe windows:5 windows x86 arch:x86

93261d752ebedfe088c75cfec60d234f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ssmyst.pdb

Imports

comctl32

InitCommonControlsEx
ord17

msvcrt

_c_exit
_exit
_XcptFilter
_cexit
exit
__initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_except_handler3

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyW

kernel32

GetTickCount
WritePrivateProfileStringW
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
GetProcAddress
GetModuleHandleW
FreeLibrary
LoadLibraryW
GetSystemPowerStatus
GetVersionExW
ExitProcess
GetStartupInfoW
GetCommandLineW
GetModuleHandleA
GetPrivateProfileIntW
GetPrivateProfileStringW

gdi32

GetPaletteEntries
SelectPalette
RealizePalette
AnimatePalette
CreatePen
GetNearestPaletteIndex
CreatePalette
GetObjectW
SetBkColor
ExtTextOutW
SelectObject
GetStockObject
GetClipBox
DeleteObject
MoveToEx
LineTo

user32

CharNextW
LoadIconW
GetClientRect
GetSystemMetrics
FindWindowW
SetForegroundWindow
RegisterWindowMessageW
RegisterClassW
CreateWindowExW
GetMessageW
TranslateMessage
DispatchMessageW
GetForegroundWindow
PeekMessageW
DialogBoxParamW
GetParent
IsWindow
PostMessageW
InvalidateRect
EnableWindow
GetDlgItem
InflateRect
wsprintfW
LoadStringW
SetTimer
KillTimer
ReleaseDC
GetDC
WinHelpW
SendMessageW
GetWindowRect
EndDialog
GetDlgItemInt
SetDlgItemInt
CheckDlgButton
SendDlgItemMessageW
CheckRadioButton
SystemParametersInfoW
GetCursorPos
PostQuitMessage
SetCursor
DefWindowProcW

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/sspipes.scr
.exe windows:5 windows x86 arch:x86

be549f1f092af1ba66eb04e8a18b62f3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

sspipes.pdb

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyA
RegQueryValueExA

kernel32

GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoA
GetCommandLineA
GetVersionExA
GetTimeZoneInformation
HeapFree
ExitProcess
GetProcAddress
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetCurrentProcessId
HeapCreate
GetPrivateProfileIntW
HeapAlloc
VirtualAlloc
HeapReAlloc
IsBadWritePtr
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
RtlUnwind
InterlockedExchange
VirtualQuery
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
FindFirstFileW
HeapDestroy
GetPrivateProfileStringW
FlushFileBuffers
SetStdHandle
SetFilePointer
VirtualFree
GetPrivateProfileSectionW
IsBadCodePtr
IsBadReadPtr
GetWindowsDirectoryW
lstrlenW
lstrcpyW
Sleep
LocalAlloc
LocalFree
DebugBreak
IsProcessorFeaturePresent
GetFileSize
MapViewOfFile
CreateFileMappingA
CreateFileA
CreateFileW
CloseHandle
UnmapViewOfFile
LockResource
LoadResource
SizeofResource
FindResourceA
FindResourceW
GetModuleHandleW
lstrcatW
FreeLibrary
LoadLibraryW
GetCommandLineW
SetThreadPriority
GetCurrentThread
GetVersionExW
QueryPerformanceFrequency
RaiseException
HeapSize

user32

wsprintfW
PeekMessageW
DialogBoxParamW
CheckRadioButton
GetDlgItem
EnableWindow
IsDlgButtonChecked
SendMessageW
SendDlgItemMessageW
EndDialog
LoadStringW
GetSystemMetrics
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
SetRectEmpty
EnumDisplaySettingsW
UpdateWindow
SetRect
InvalidateRect
ScreenToClient
DrawTextW
FrameRect
FillRect
MessageBoxW
SetWindowPos
GetWindowTextW
CheckDlgButton
SetWindowTextW
GetClientRect
CreateWindowExW
AdjustWindowRect
RegisterClassW
LoadIconW
LoadCursorW
PostQuitMessage
SystemParametersInfoW
SetCursor
ShowWindow
DispatchMessageW
TranslateMessage
GetMessageW
PostMessageW
DefWindowProcW
SetTimer
KillTimer
EndPaint
BeginPaint
UnionRect

comctl32

ord17

comdlg32

GetOpenFileNameW

gdi32

DeleteObject
ExcludeClipRect
GetStockObject

winmm

timeGetTime

d3d8

Direct3DCreate8

Exports

Exports

??0PrimProcessor@@QAE@XZ
??1PrimProcessor@@QAE@XZ
??4PrimProcessor@@QAEAAV0@ABV0@@Z
?AllocSpans@PrimProcessor@@QAEJPAIPAPAUtagD3DI_RASTSPAN@@@Z
?AppendPrim@PrimProcessor@@AAEJXZ
?Begin@PrimProcessor@@QAEXXZ
?BeginPrimSet@PrimProcessor@@QAEXW4_D3DPRIMITIVETYPE@@W4_RAST_VERTEX_TYPE@@@Z
?ClrFlags@PrimProcessor@@QAEXI@Z
?End@PrimProcessor@@QAEJXZ
?FillPointSpan@PrimProcessor@@AAEXPAU_D3DTLVERTEX@@PAUtagD3DI_RASTSPAN@@@Z
?Flush@PrimProcessor@@AAEJXZ
?FlushPartial@PrimProcessor@@AAEJXZ
?FreeSpans@PrimProcessor@@QAEXI@Z
?GetFlags@PrimProcessor@@QAEIXZ
?Initialize@PrimProcessor@@QAEJXZ
?Line@PrimProcessor@@QAEJPAU_D3DTLVERTEX@@00@Z
?LineSetup@PrimProcessor@@AAEHPAU_D3DTLVERTEX@@0@Z
?NormalizeLineRHW@PrimProcessor@@AAEXPAU_D3DTLVERTEX@@0@Z
?NormalizePointRHW@PrimProcessor@@AAEXPAU_D3DTLVERTEX@@@Z
?NormalizeTriRHW@PrimProcessor@@AAEXPAU_D3DTLVERTEX@@00@Z
?Point@PrimProcessor@@QAEJPAU_D3DTLVERTEX@@0@Z
?PointDiamondCheck@PrimProcessor@@AAEHHHHH@Z
?ResetBuffer@PrimProcessor@@AAEXXZ
?SetCtx@PrimProcessor@@QAEXPAUtagD3DI_RASTCTX@@@Z
?SetFlags@PrimProcessor@@QAEXI@Z
?SetTriFunctions@PrimProcessor@@AAEXXZ
?StateChanged@PrimProcessor@@QAEXXZ
?Tri@PrimProcessor@@QAEJPAU_D3DTLVERTEX@@00@Z
?TriSetup@PrimProcessor@@AAEHPAU_D3DTLVERTEX@@00@Z

Sections

.text
Size: 520KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/ssstars.scr
.exe windows:5 windows x86 arch:x86

090cc88a6bb9c62736e61573901ab33a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ssstars.pdb

Imports

comctl32

InitCommonControlsEx
ord17

msvcrt

_except_handler3
_c_exit
_exit
_XcptFilter
_cexit
exit
__initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyW

kernel32

ExitProcess
GetStartupInfoW
GetSystemPowerStatus
LoadLibraryW
GetCommandLineW
GetModuleHandleW
GetProcAddress
Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleHandleA
FreeLibrary
GetVersionExW
GetPrivateProfileIntW
GetTickCount
WritePrivateProfileStringW
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess

gdi32

GetClipBox
GetStockObject
PatBlt

user32

SendMessageW
CharNextW
LoadIconW
GetClientRect
GetSystemMetrics
FindWindowW
SetForegroundWindow
RegisterWindowMessageW
RegisterClassW
CreateWindowExW
GetMessageW
TranslateMessage
DispatchMessageW
GetForegroundWindow
DialogBoxParamW
GetParent
IsWindow
PostMessageW
LoadStringW
KillTimer
SetTimer
PeekMessageW
ReleaseDC
GetDC
WinHelpW
SetDlgItemInt
SetScrollRange
SendDlgItemMessageW
EndDialog
wsprintfW
EnableWindow
GetDlgItem
GetDlgItemInt
SetScrollPos
SystemParametersInfoW
GetCursorPos
PostQuitMessage
SetCursor
DefWindowProcW

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/sstext3d.scr
.exe windows:5 windows x86 arch:x86

84d824e39e1d73a5239207e8e20dc095

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

sstext3d.pdb

Imports

advapi32

RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyW
RegOpenKeyA

kernel32

GetCommandLineA
GetVersionExA
ExitProcess
GetProcAddress
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
GetStartupInfoA
lstrlenW
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
VirtualAlloc
HeapReAlloc
IsBadWritePtr
RtlUnwind
InterlockedExchange
VirtualQuery
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetTickCount
GetWindowsDirectoryW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileSectionW
GetTimeFormatW
HeapFree
lstrcmpW
FindResourceW
lstrcpyW
FlushFileBuffers
SizeofResource
LoadResource
LockResource
LoadLibraryA
GetModuleHandleW
lstrcatW
FreeLibrary
LoadLibraryW
GetCommandLineW
SetThreadPriority
GetCurrentThread
Sleep
GetVersionExW
CloseHandle
CreateFileW
QueryPerformanceFrequency
DebugBreak
OutputDebugStringA
IsDBCSLeadByte
IsProcessorFeaturePresent
GetFileSize
MapViewOfFile
CreateFileMappingA
CreateFileA
UnmapViewOfFile
RaiseException
HeapSize
SetFilePointer
IsBadReadPtr
IsBadCodePtr
SetStdHandle

gdi32

ExcludeClipRect
GetStockObject
CreateFontIndirectA
GetObjectA
GetCurrentObject
GetOutlineTextMetricsA
DeleteObject
GetGlyphOutlineA
GetGlyphOutlineW
CreateFontIndirectW
CreateDCW
SelectObject
DeleteDC

user32

MessageBoxW
PeekMessageW
SetWindowPos
UnionRect
DialogBoxParamW
EndDialog
SetDlgItemTextW
CheckRadioButton
IntersectRect
OffsetRect
GetDlgItem
EnableWindow
IsDlgButtonChecked
SendDlgItemMessageW
GetDlgItemTextW
LoadStringW
GetSystemMetrics
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
SetRectEmpty
EnumDisplaySettingsW
UpdateWindow
SetRect
InvalidateRect
ScreenToClient
DrawTextW
FrameRect
FillRect
BeginPaint
wsprintfW
GetWindowTextW
CheckDlgButton
SetWindowTextW
SendMessageW
GetClientRect
CreateWindowExW
AdjustWindowRect
RegisterClassW
LoadIconW
LoadCursorW
PostQuitMessage
SystemParametersInfoW
SetCursor
ShowWindow
DispatchMessageW
TranslateMessage
GetMessageW
PostMessageW
DefWindowProcW
SetTimer
KillTimer
EndPaint

comctl32

ord17

comdlg32

GetOpenFileNameW
ChooseFontW
ChooseColorW

winmm

timeGetTime

d3d8

Direct3DCreate8

Exports

Exports

??0PrimProcessor@@QAE@XZ
??1PrimProcessor@@QAE@XZ
??4PrimProcessor@@QAEAAV0@ABV0@@Z
?AllocSpans@PrimProcessor@@QAEJPAIPAPAUtagD3DI_RASTSPAN@@@Z
?AppendPrim@PrimProcessor@@AAEJXZ
?Begin@PrimProcessor@@QAEXXZ
?BeginPrimSet@PrimProcessor@@QAEXW4_D3DPRIMITIVETYPE@@W4_RAST_VERTEX_TYPE@@@Z
?ClrFlags@PrimProcessor@@QAEXI@Z
?End@PrimProcessor@@QAEJXZ
?FillPointSpan@PrimProcessor@@AAEXPAU_D3DTLVERTEX@@PAUtagD3DI_RASTSPAN@@@Z
?Flush@PrimProcessor@@AAEJXZ
?FlushPartial@PrimProcessor@@AAEJXZ
?FreeSpans@PrimProcessor@@QAEXI@Z
?GetFlags@PrimProcessor@@QAEIXZ
?Initialize@PrimProcessor@@QAEJXZ
?Line@PrimProcessor@@QAEJPAU_D3DTLVERTEX@@00@Z
?LineSetup@PrimProcessor@@AAEHPAU_D3DTLVERTEX@@0@Z
?NormalizeLineRHW@PrimProcessor@@AAEXPAU_D3DTLVERTEX@@0@Z
?NormalizePointRHW@PrimProcessor@@AAEXPAU_D3DTLVERTEX@@@Z
?NormalizeTriRHW@PrimProcessor@@AAEXPAU_D3DTLVERTEX@@00@Z
?Point@PrimProcessor@@QAEJPAU_D3DTLVERTEX@@0@Z
?PointDiamondCheck@PrimProcessor@@AAEHHHHH@Z
?ResetBuffer@PrimProcessor@@AAEXXZ
?SetCtx@PrimProcessor@@QAEXPAUtagD3DI_RASTCTX@@@Z
?SetFlags@PrimProcessor@@QAEXI@Z
?SetTriFunctions@PrimProcessor@@AAEXXZ
?StateChanged@PrimProcessor@@QAEXXZ
?Tri@PrimProcessor@@QAEJPAU_D3DTLVERTEX@@00@Z
?TriSetup@PrimProcessor@@AAEHPAU_D3DTLVERTEX@@00@Z

Sections

.text
Size: 568KB - Virtual size: 565KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/taskmgr.exe
.exe windows:5 windows x86 arch:x86

a91ce4b8d930e2a6762727a205af58c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

taskmgr.pdb

Imports

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
IsValidSid
AdjustTokenPrivileges
OpenThreadToken
OpenProcessToken
RegOpenKeyExA
RegQueryValueExA
LookupPrivilegeValueW

kernel32

GetProcessAffinityMask
OpenProcess
MultiByteToWideChar
GetThreadTimes
TerminateProcess
GetPriorityClass
lstrcmpW
SetEvent
CreateEventW
GetComputerNameW
Sleep
FreeLibrary
SetProcessAffinityMask
LoadLibraryA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentDirectoryW
SetUnhandledExceptionFilter
lstrcmpiW
GetTickCount
HeapSize
GetProcAddress
GetNumberFormatW
HeapReAlloc
lstrlenW
GetCurrentProcess
SetPriorityClass
GetCommandLineW
GetStartupInfoW
GetModuleHandleW
ExitProcess
CreateMutexW
GetCurrentProcessId
ProcessIdToSessionId
ReleaseMutex
SetProcessShutdownParameters
WaitForSingleObject
ExpandEnvironmentStringsW
CreateProcessW
GetCurrentThreadId
FormatMessageW
lstrcatW
GetVersionExW
GetLocaleInfoW
LocalAlloc
LocalFree
HeapFree
HeapAlloc
GetProcessHeap
CreateThread
CloseHandle
lstrcpynW
lstrcpyW
GetLastError
LoadLibraryW
InterlockedCompareExchange
GetVersionExA
IsBadWritePtr
SetLastError
GetCurrentThread
DelayLoadFailureHook
UnhandledExceptionFilter

gdi32

CreateFontIndirectW
GetCharWidth32W
CreateCompatibleBitmap
Rectangle
SetBkMode
SetTextColor
CreateCompatibleDC
DeleteDC
GetCurrentObject
GetObjectW
BitBlt
SelectObject
MoveToEx
LineTo
CreatePen
GetStockObject
CreateRectRgn
DeleteObject
CreateSolidBrush
CombineRgn
SetRectRgn
GetDeviceCaps
FillRgn

user32

DestroyIcon
LoadImageW
BeginDeferWindowPos
GetMenuItemCount
EnableMenuItem
GetSystemMetrics
SetMenuItemInfoW
LoadMenuW
DestroyMenu
ExitWindowsEx
LockWorkStation
GetAsyncKeyState
SetForegroundWindow
OpenIcon
LoadAcceleratorsW
MessageBoxW
CheckDlgButton
EndDialog
GetWindowTextW
IsDlgButtonChecked
GetSubMenu
InvalidateRect
GetSysColor
MonitorFromRect
SetTimer
LoadIconW
GetThreadDesktop
GetDialogBaseUnits
KillTimer
GetDesktopWindow
DestroyWindow
MessageBeep
MoveWindow
PostQuitMessage
IsZoomed
DispatchMessageW
TranslateMessage
IsDialogMessageW
TranslateAcceleratorW
GetMessageW
CreateDialogParamW
SendMessageTimeoutW
AllowSetForegroundWindow
GetWindowThreadProcessId
FindWindowW
RegisterWindowMessageW
FillRect
DrawTextW
UpdateWindow
GetDlgCtrlID
SetFocus
CreateWindowExW
DialogBoxParamW
GetShellWindow
SetScrollPos
GetScrollInfo
IsWindow
EnableWindow
GetFocus
CharLowerBuffW
TrackPopupMenuEx
GetGuiResources
EnumWindowStationsW
GetClassLongW
IsHungAppWindow
InternalGetWindowText
IsWindowVisible
GetWindow
SetMenuDefaultItem
EnumWindows
CloseDesktop
SetThreadDesktop
OpenDesktopW
EnumDesktopsW
CloseWindowStation
SetProcessWindowStation
GetProcessWindowStation
OpenWindowStationW
CascadeWindows
TileWindows
SwitchToThisWindow
GetLastActivePopup
EndTask
PostMessageW
ShowWindowAsync
GetCursorPos
SetDlgItemTextW
GetParent
GetWindowTextLengthW
SetRect
SetCursor
LoadCursorW
GetWindowRect
DeferWindowPos
EndDeferWindowPos
GetMenuItemInfoW
IsIconic
BeginPaint
EndPaint
DrawEdge
GetForegroundWindow
GetKeyState
PostThreadMessageW
wsprintfW
GetClientRect
SetScrollInfo
ShowWindow
SetWindowPos
SetMenu
GetDlgItem
MapWindowPoints
SendMessageW
GetMenu
CheckMenuRadioItem
CheckMenuItem
DeleteMenu
LoadStringW
SetWindowTextW
GetClassInfoW
RegisterClassW
GetDC
ReleaseDC
SystemParametersInfoW
GetWindowLongW
SetWindowLongW
CallWindowProcW
DefWindowProcW
RemoveMenu
GetWindowLongA

ntdll

_chkstk
_snwprintf
RtlUnwind
_wcsicmp
NtQueryVirtualMemory
NtOpenThread
NtClose
strrchr
RtlLargeIntegerToChar
RtlAnsiStringToUnicodeString
_ui64tow
mbstowcs
memmove
NtQuerySystemInformation
wcstol
NtShutdownSystem
NtInitiatePowerAction
NtPowerInformation
RtlTimeToElapsedTimeFields

iphlpapi

GetInterfaceInfo
GetNumberOfInterfaces
NhGetInterfaceNameFromDeviceGuid
GetIfEntry

comctl32

ord17
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetIconSize
ImageList_Create
CreateStatusWindowW

shlwapi

StrStrIW
ord413
StrFormatByteSizeW
ord437
wnsprintfW

shell32

Shell_NotifyIconW
ord245
ShellAboutW
ord236
ord241
ord100
ord61

secur32

GetUserNameExW

vdmdbg

VDMEnumTaskWOWEx
VDMTerminateTaskWOW

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows XP/winmine.exe
.exe windows:5 windows x86 arch:x86

de5490f8d3fb044d081bdaec5ef47bf7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
__set_app_type
__p__fmode
_except_handler3
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
__p__commode
_cexit
_XcptFilter
_exit
_c_exit
srand
rand

advapi32

RegQueryValueExW
RegSetValueExW
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExW
RegCloseKey

kernel32

FindResourceW
OutputDebugStringA
LockResource
LoadResource
lstrlenW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetTickCount
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoA
GetProcAddress
lstrcpyW
LoadLibraryA

gdi32

SetROP2
GetLayout
SetLayout
GetDeviceCaps
DeleteObject
LineTo
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
SetDIBitsToDevice
DeleteDC
MoveToEx
SetPixel
BitBlt
GetStockObject

user32

LoadIconW
GetDesktopWindow
SetTimer
MessageBoxW
LoadCursorW
CheckMenuItem
SetMenu
GetDlgItemInt
RegisterClassW
LoadStringW
LoadMenuW
ReleaseCapture
PeekMessageW
MapWindowPoints
SetCapture
PtInRect
WinHelpW
SetDlgItemInt
EndDialog
SetDlgItemTextW
wsprintfW
SendMessageW
GetDlgItem
GetDlgItemTextW
GetSystemMetrics
InvalidateRect
SetRect
MoveWindow
GetMenuItemRect
DialogBoxParamW
DefWindowProcW
ReleaseDC
GetDC
PostMessageW
ShowWindow
PostQuitMessage
KillTimer
EndPaint
BeginPaint
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
UpdateWindow
CreateWindowExW
LoadAcceleratorsW

shell32

ShellAboutW

winmm

PlaySoundW

comctl32

InitCommonControlsEx

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

419c3fe8c1eefea9336b96f74f0951dd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comdlg32

shell32

winspool.drv

comctl32

msvcrt

advapi32

kernel32

gdi32

user32

Sections

.text Size: 30KB - Virtual size: 29KB

.data Size: 2KB - Virtual size: 6KB

.rsrc Size: 35KB - Virtual size: 34KB

08f6a1b121da8cedde2d1089d0906ed8

Headers

DLL Characteristics

File Characteristics

Imports

shell32

msvcrt

advapi32

kernel32

gdi32

user32

Sections

.text Size: 74KB - Virtual size: 73KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 34KB - Virtual size: 34KB

21ad5d0f3070f8021aa70abd96c5cd81

Headers

File Characteristics

Imports

user32

gdi32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.data Size: - Virtual size: 256B

.rsrc Size: 346KB - Virtual size: 345KB

.reloc Size: 1KB - Virtual size: 1KB

643e0950faa1bef0669f73f3898cbf8f

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

comctl32

ole32

getuname

Sections

.text Size: 44KB - Virtual size: 43KB

.data Size: 512B - Virtual size: 132KB

.rsrc Size: 33KB - Virtual size: 32KB

dbe5febb7a19ba19945a8e8ba6534abf

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcrt

user32

Sections

.text Size: 126KB - Virtual size: 125KB

.text
Size: 30KB - Virtual size: 29KB

.data
Size: 2KB - Virtual size: 6KB

.rsrc
Size: 35KB - Virtual size: 34KB

.text
Size: 74KB - Virtual size: 73KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 34KB - Virtual size: 34KB

.text
Size: 3KB - Virtual size: 2KB

.data
Size: - Virtual size: 256B

.rsrc
Size: 346KB - Virtual size: 345KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 44KB - Virtual size: 43KB

.data
Size: 512B - Virtual size: 132KB

.rsrc
Size: 33KB - Virtual size: 32KB

.text
Size: 126KB - Virtual size: 125KB

.data
Size: 114KB - Virtual size: 114KB

.rsrc
Size: 137KB - Virtual size: 137KB

.text
Size: 212KB - Virtual size: 211KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

.text
Size: 275KB - Virtual size: 275KB

.data
Size: 6KB - Virtual size: 7KB

.rsrc
Size: 713KB - Virtual size: 712KB

.reloc
Size: 14KB - Virtual size: 13KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 32KB - Virtual size: 31KB