ammyyadmin | a533ab86bc7b1bdcfd05ff0c0f20b61d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a533ab86bc7b1bdcfd05ff0c0f20b61d_JaffaCakes118
Size

17.5MB
MD5

a533ab86bc7b1bdcfd05ff0c0f20b61d
SHA1

3511fa2f11fa1706bf9c14b725b980717feee396
SHA256

1ed88842968fc634ce7f3a0ec6436ed087b0e4dbcd96521f3182e7d89df2199a
SHA512

acdc316a18adce70c61440230624c6a35525f5624f9bc5989b2544424441f37f9e6fe393775bb40d19881f4c93aa93fc82809c3216f5f70edd74d5a52f3f3659
SSDEEP

393216:zZMEQ5cf9wDDyuIKy3Qznr6d/Pf2KsGaoc6GZmJONTshFHo6r3ELG7r:l7f9wKKq0r+PAgSUiT25TdP

Score

10^/10

ammyyadmin

Malware Config

Signatures

AmmyyAdmin payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/dll/UzakYardim.exe	family_ammyyadmin

Ammyyadmin family
ammyyadmin

Unsigned PE 17 IoCs

Checks for missing Authenticode signature.

Processes:

resource
a533ab86bc7b1bdcfd05ff0c0f20b61d_JaffaCakes118
unpack001/$PLUGINSDIR/AdvSplash.dll
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/PBWS32.DLL
unpack001/baro.exe
unpack001/dll/FreeImage.dll
unpack001/dll/Interop.WIA.dll
unpack001/dll/PdfSharp.dll
unpack001/dll/RegAsm.exe
unpack001/dll/SDD_TWAIN_SCANNER.dll
unpack001/dll/Saraff.Twain.dll
unpack001/dll/System.Drawing.dll
unpack001/dll/UzakYardim.exe
unpack001/dll/cl32.dll
unpack001/dll/sdd_regasm.exe
unpack001/gxps.exe

NSIS installer 2 IoCs

installer

Processes:

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

a533ab86bc7b1bdcfd05ff0c0f20b61d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/AdvSplash.dll
.dll windows:4 windows x86 arch:x86

741b6bafe355b63a372d737b30543a95

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
GetVersion
lstrcpyA
lstrcatA
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree

user32

LoadCursorA
RegisterClassA
SetWindowPos
SetWindowLongA
SystemParametersInfoA
EndPaint
GetClientRect
BeginPaint
DefWindowProcA
DestroyWindow
LoadImageA
CreateWindowExA
IsWindow
GetMessageA
DispatchMessageA
UnregisterClassA
wsprintfA
PostMessageA
SetWindowRgn
EnumDisplaySettingsA

gdi32

CombineRgn
CreateRectRgn
GetDIBits
SelectObject
CreateCompatibleDC
GetObjectA
DeleteDC
BitBlt
DeleteObject

winmm

timeSetEvent
PlaySoundA
timeKillEvent

Exports

Exports

show

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

9b6b6a7858e17fb0b17e1c1428330343

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GetACP
lstrlenA
lstrcmpA
lstrcpynA
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc

user32

SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
LoadIconA
SendMessageA
ShowWindow
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/splash.bmp
PBWS32.DLL
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GetHost
GetService

Sections

CODE
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Scan.ini
baro.exe
.exe windows:5 windows x86 arch:x86

ae86390549f5fe4a8cd8eb0b541a9234

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
GetCurrentThread
WriteFile
ReadFile
GetModuleHandleA
CloseHandle
LoadLibraryW
GetProcAddress
GetCurrentProcess
GetModuleHandleW
GetModuleFileNameW
CreateFileA
VirtualQuery
SetLastError
VirtualProtect
VirtualAlloc
InterlockedCompareExchange
GetCurrentThreadId
ResumeThread
FlushInstructionCache
GetThreadContext
SetThreadContext
SuspendThread
GetLastError
MultiByteToWideChar
WideCharToMultiByte
LoadLibraryA
FormatMessageA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetCommandLineA
GetStartupInfoA
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
Sleep
ExitProcess
GetConsoleCP
GetConsoleMode
FlushFileBuffers
RtlUnwind
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
HeapAlloc
RaiseException
HeapCreate
VirtualFree
HeapReAlloc
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
InitializeCriticalSectionAndSpinCount
InterlockedExchange
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileW
GetLocaleInfoW
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringA
SetEndOfFile
GetProcessHeap

user32

MessageBoxW

Exports

Exports

AddEncryptedLibrary

Sections

.text
Size: 185KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 258KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
butce.pbd
cmuk_d.pbd
cmuk_m.pbd
cmuk_r.pbd
cmuk_w.pbd
cmuk_wr.pbd
demirbas.pbd
disiplin.pbd
disiplin_r.pbd
disiplin_yeni.pbd
dll/FreeImage.dll
.dll windows:5 windows x86 arch:x86

f3db81844469ba23e814e3c02eedcc15

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
SetCurrentDirectoryA
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetCurrentDirectoryA
IsBadReadPtr
OutputDebugStringA
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetTempFileNameW
GetTempPathW
DeleteFileA
CloseHandle
CreateFileW
InterlockedExchangeAdd
ExitProcess
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
GetLastError
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
FindClose
RtlUnwind
MoveFileA
GetCurrentThreadId
GetCommandLineA
RaiseException
ReadFile
GetModuleHandleW
LCMapStringA
LCMapStringW
GetCPInfo
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
WriteFile
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleA
FlushFileBuffers
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetProcessHeap

ws2_32

htonl
ntohs
htons
ntohl

Exports

Exports

FreeImage_OutputMessageProc
_FreeImage_AcquireMemory@12
_FreeImage_AdjustBrightness@12
_FreeImage_AdjustColors@32
_FreeImage_AdjustContrast@12
_FreeImage_AdjustCurve@12
_FreeImage_AdjustGamma@12
_FreeImage_Allocate@24
_FreeImage_AllocateEx@36
_FreeImage_AllocateExT@40
_FreeImage_AllocateHeader@28
_FreeImage_AllocateHeaderT@32
_FreeImage_AllocateT@28
_FreeImage_AppendPage@8
_FreeImage_ApplyColorMapping@24
_FreeImage_ApplyPaletteIndexMapping@20
_FreeImage_Clone@4
_FreeImage_CloneMetadata@8
_FreeImage_CloneTag@4
_FreeImage_CloseMemory@4
_FreeImage_CloseMultiBitmap@8
_FreeImage_ColorQuantize@8
_FreeImage_ColorQuantizeEx@20
_FreeImage_Composite@16
_FreeImage_ConvertFromRawBits@36
_FreeImage_ConvertLine16To24_555@12
_FreeImage_ConvertLine16To24_565@12
_FreeImage_ConvertLine16To32_555@12
_FreeImage_ConvertLine16To32_565@12
_FreeImage_ConvertLine16To4_555@12
_FreeImage_ConvertLine16To4_565@12
_FreeImage_ConvertLine16To8_555@12
_FreeImage_ConvertLine16To8_565@12
_FreeImage_ConvertLine16_555_To16_565@12
_FreeImage_ConvertLine16_565_To16_555@12
_FreeImage_ConvertLine1To16_555@16
_FreeImage_ConvertLine1To16_565@16
_FreeImage_ConvertLine1To24@16
_FreeImage_ConvertLine1To32@16
_FreeImage_ConvertLine1To4@12
_FreeImage_ConvertLine1To8@12
_FreeImage_ConvertLine24To16_555@12
_FreeImage_ConvertLine24To16_565@12
_FreeImage_ConvertLine24To32@12
_FreeImage_ConvertLine24To4@12
_FreeImage_ConvertLine24To8@12
_FreeImage_ConvertLine32To16_555@12
_FreeImage_ConvertLine32To16_565@12
_FreeImage_ConvertLine32To24@12
_FreeImage_ConvertLine32To4@12
_FreeImage_ConvertLine32To8@12
_FreeImage_ConvertLine4To16_555@16
_FreeImage_ConvertLine4To16_565@16
_FreeImage_ConvertLine4To24@16
_FreeImage_ConvertLine4To32@16
_FreeImage_ConvertLine4To8@12
_FreeImage_ConvertLine8To16_555@16
_FreeImage_ConvertLine8To16_565@16
_FreeImage_ConvertLine8To24@16
_FreeImage_ConvertLine8To32@16
_FreeImage_ConvertLine8To4@16
_FreeImage_ConvertTo16Bits555@4
_FreeImage_ConvertTo16Bits565@4
_FreeImage_ConvertTo24Bits@4
_FreeImage_ConvertTo32Bits@4
_FreeImage_ConvertTo4Bits@4
_FreeImage_ConvertTo8Bits@4
_FreeImage_ConvertToFloat@4
_FreeImage_ConvertToGreyscale@4
_FreeImage_ConvertToRGB16@4
_FreeImage_ConvertToRGBF@4
_FreeImage_ConvertToRawBits@32
_FreeImage_ConvertToStandardType@8
_FreeImage_ConvertToType@12
_FreeImage_ConvertToUINT16@4
_FreeImage_Copy@20
_FreeImage_CreateICCProfile@12
_FreeImage_CreateTag@0
_FreeImage_DeInitialise@0
_FreeImage_DeletePage@8
_FreeImage_DeleteTag@4
_FreeImage_DestroyICCProfile@4
_FreeImage_Dither@8
_FreeImage_EnlargeCanvas@28
_FreeImage_FIFSupportsExportBPP@8
_FreeImage_FIFSupportsExportType@8
_FreeImage_FIFSupportsICCProfiles@4
_FreeImage_FIFSupportsNoPixels@4
_FreeImage_FIFSupportsReading@4
_FreeImage_FIFSupportsWriting@4
_FreeImage_FillBackground@12
_FreeImage_FindCloseMetadata@4
_FreeImage_FindFirstMetadata@12
_FreeImage_FindNextMetadata@8
_FreeImage_FlipHorizontal@4
_FreeImage_FlipVertical@4
_FreeImage_GetAdjustColorsLookupTable@32
_FreeImage_GetBPP@4
_FreeImage_GetBackgroundColor@8
_FreeImage_GetBits@4
_FreeImage_GetBlueMask@4
_FreeImage_GetChannel@8
_FreeImage_GetColorType@4
_FreeImage_GetColorsUsed@4
_FreeImage_GetComplexChannel@8
_FreeImage_GetCopyrightMessage@0
_FreeImage_GetDIBSize@4
_FreeImage_GetDotsPerMeterX@4
_FreeImage_GetDotsPerMeterY@4
_FreeImage_GetFIFCount@0
_FreeImage_GetFIFDescription@4
_FreeImage_GetFIFExtensionList@4
_FreeImage_GetFIFFromFilename@4
_FreeImage_GetFIFFromFilenameU@4
_FreeImage_GetFIFFromFormat@4
_FreeImage_GetFIFFromMime@4
_FreeImage_GetFIFMimeType@4
_FreeImage_GetFIFRegExpr@4
_FreeImage_GetFileType@8
_FreeImage_GetFileTypeFromHandle@12
_FreeImage_GetFileTypeFromMemory@8
_FreeImage_GetFileTypeU@8
_FreeImage_GetFormatFromFIF@4
_FreeImage_GetGreenMask@4
_FreeImage_GetHeight@4
_FreeImage_GetHistogram@12
_FreeImage_GetICCProfile@4
_FreeImage_GetImageType@4
_FreeImage_GetInfo@4
_FreeImage_GetInfoHeader@4
_FreeImage_GetLine@4
_FreeImage_GetLockedPageNumbers@12
_FreeImage_GetMetadata@16
_FreeImage_GetMetadataCount@8
_FreeImage_GetPageCount@4
_FreeImage_GetPalette@4
_FreeImage_GetPitch@4
_FreeImage_GetPixelColor@16
_FreeImage_GetPixelIndex@16
_FreeImage_GetRedMask@4
_FreeImage_GetScanLine@8
_FreeImage_GetTagCount@4
_FreeImage_GetTagDescription@4
_FreeImage_GetTagID@4
_FreeImage_GetTagKey@4
_FreeImage_GetTagLength@4
_FreeImage_GetTagType@4
_FreeImage_GetTagValue@4
_FreeImage_GetThumbnail@4
_FreeImage_GetTransparencyCount@4
_FreeImage_GetTransparencyTable@4
_FreeImage_GetTransparentIndex@4
_FreeImage_GetVersion@0
_FreeImage_GetWidth@4
_FreeImage_HasBackgroundColor@4
_FreeImage_HasPixels@4
_FreeImage_HasRGBMasks@4
_FreeImage_Initialise@4
_FreeImage_InsertPage@12
_FreeImage_Invert@4
_FreeImage_IsLittleEndian@0
_FreeImage_IsPluginEnabled@4
_FreeImage_IsTransparent@4
_FreeImage_JPEGCrop@24
_FreeImage_JPEGCropU@24
_FreeImage_JPEGTransform@16
_FreeImage_JPEGTransformCombined@32
_FreeImage_JPEGTransformCombinedFromMemory@32
_FreeImage_JPEGTransformCombinedU@32
_FreeImage_JPEGTransformFromHandle@40
_FreeImage_JPEGTransformU@16
_FreeImage_Load@12
_FreeImage_LoadFromHandle@16
_FreeImage_LoadFromMemory@12
_FreeImage_LoadMultiBitmapFromMemory@12
_FreeImage_LoadU@12
_FreeImage_LockPage@8
_FreeImage_LookupSVGColor@16
_FreeImage_LookupX11Color@16
_FreeImage_MakeThumbnail@12
_FreeImage_MovePage@12
_FreeImage_MultigridPoissonSolver@8
_FreeImage_OpenMemory@8
_FreeImage_OpenMultiBitmap@24
_FreeImage_OpenMultiBitmapFromHandle@16
_FreeImage_Paste@20
_FreeImage_PreMultiplyWithAlpha@4
_FreeImage_ReadMemory@16
_FreeImage_RegisterExternalPlugin@20
_FreeImage_RegisterLocalPlugin@20
_FreeImage_Rescale@16
_FreeImage_Rotate@16
_FreeImage_RotateClassic@12
_FreeImage_RotateEx@48
_FreeImage_Save@16
_FreeImage_SaveMultiBitmapToHandle@20
_FreeImage_SaveMultiBitmapToMemory@16
_FreeImage_SaveToHandle@20
_FreeImage_SaveToMemory@16
_FreeImage_SaveU@16
_FreeImage_SeekMemory@12
_FreeImage_SetBackgroundColor@8
_FreeImage_SetChannel@12
_FreeImage_SetComplexChannel@12
_FreeImage_SetDotsPerMeterX@8
_FreeImage_SetDotsPerMeterY@8
_FreeImage_SetMetadata@16
_FreeImage_SetOutputMessage@4
_FreeImage_SetOutputMessageStdCall@4
_FreeImage_SetPixelColor@16
_FreeImage_SetPixelIndex@16
_FreeImage_SetPluginEnabled@8
_FreeImage_SetTagCount@8
_FreeImage_SetTagDescription@8
_FreeImage_SetTagID@8
_FreeImage_SetTagKey@8
_FreeImage_SetTagLength@8
_FreeImage_SetTagType@8
_FreeImage_SetTagValue@8
_FreeImage_SetThumbnail@8
_FreeImage_SetTransparencyTable@12
_FreeImage_SetTransparent@8
_FreeImage_SetTransparentIndex@8
_FreeImage_SwapColors@16
_FreeImage_SwapPaletteIndices@12
_FreeImage_TagToString@12
_FreeImage_TellMemory@4
_FreeImage_Threshold@8
_FreeImage_TmoDrago03@20
_FreeImage_TmoFattal02@20
_FreeImage_TmoReinhard05@20
_FreeImage_TmoReinhard05Ex@36
_FreeImage_ToneMapping@24
_FreeImage_Unload@4
_FreeImage_UnlockPage@12
_FreeImage_WriteMemory@16
_FreeImage_ZLibCRC32@12
_FreeImage_ZLibCompress@16
_FreeImage_ZLibGUnzip@16
_FreeImage_ZLibGZip@16
_FreeImage_ZLibUncompress@16

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 925KB - Virtual size: 924KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 309KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dll/Interop.WIA.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dll/PdfSharp.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\@thho\TfsTest\PDFsharp_v-1.32\PDFsharp\Publish\PDFsharp\code\PdfSharp\obj\Release\PdfSharp.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 556KB - Virtual size: 555KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dll/RegAsm.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

RegAsm.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dll/SDD_TWAIN_SCANNER.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

v:\SDD_TWAIN_SCANNER\SDD_TWAIN_SCANNER\obj\Debug\SDD_TWAIN_SCANNER.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dll/Saraff.Twain.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\EVREN\Documents\Visual Studio 2012\Projects\Saraff.Twain\Sources\Saraff.Twain\obj\Debug\Saraff.Twain.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dll/System.Drawing.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

System.Drawing.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 544KB - Virtual size: 540KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dll/UzakYardim.exe
.exe windows:4 windows x86 arch:x86

59bc1054f3fb6d52d677cef7c12118a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAGetLastError
send
recv
select
WSAStartup
getpeername
getservbyport
ntohs
gethostbyaddr
gethostbyname
getservbyname
htonl
inet_ntoa
inet_addr
WSAIoctl
connect
accept
htons
bind
listen
socket
__WSAFDIsSet
shutdown
setsockopt
ioctlsocket
WSACleanup
closesocket

gdi32

GetDIBits
CreateCompatibleBitmap
RealizePalette
SelectPalette
CreatePalette
GetSystemPaletteEntries
GdiFlush
CombineRgn
GetRegionData
SetStretchBltMode
CreateDIBitmap
GetBitmapBits
GetObjectA
DeleteDC
SelectObject
CreateCompatibleDC
BitBlt
SetBkMode
CreateFontIndirectA
DPtoLP
StretchBlt
CreateRectRgn
ExtTextOutA
CreateDIBSection
SetBitmapBits
CreateRectRgnIndirect
SelectClipRgn
TextOutW
CreatePatternBrush
SetTextAlign
SetBrushOrgEx
ExtTextOutW
SetTextColor
SetBkColor
GetTextExtentPoint32W
GetStockObject
CreateSolidBrush
GetDeviceCaps
DeleteObject
CreateFontA

user32

FindWindowA
OpenDesktopA
VkKeyScanExA
SendMessageTimeoutA
LoadIconA
IntersectRect
IsWindowVisible
GetIconInfo
GetCursorInfo
EqualRect
OpenInputDesktop
CloseDesktop
GetUserObjectInformationA
LoadKeyboardLayoutA
EmptyClipboard
SetClipboardData
RegisterClassExA
GetDesktopWindow
PeekMessageA
MsgWaitForMultipleObjects
mouse_event
MapVirtualKeyA
LockWorkStation
SetThreadDesktop
keybd_event
SetDlgItemTextA
SetDlgItemInt
GetKeyboardState
ToAsciiEx
DestroyAcceleratorTable
TranslateAcceleratorA
CreateAcceleratorTableA
SetWindowTextA
ReleaseCapture
SetCapture
GetAsyncKeyState
GetThreadDesktop
SystemParametersInfoW
LoadBitmapA
ReleaseDC
GetDC
SwitchToThisWindow
SendMessageA
FindWindowW
RegisterClassExW
DestroyCursor
MessageBeep
wsprintfW
SetCursorPos
GetClipboardOwner
OpenClipboard
GetClipboardData
CloseClipboard
ShowWindowAsync
SetScrollInfo
GetWindow
WindowFromPoint
MessageBoxA
ShowWindow
wsprintfA
DestroyIcon
DrawIconEx
LoadImageA
EnableWindow
SetDlgItemTextW
DestroyWindow
SetClassLongW
InsertMenuItemW
ChangeClipboardChain
MapWindowPoints
InsertMenuItemA
EnumWindows
GetClassNameA
GetWindowTextA
KillTimer
GetWindowLongW
PostMessageA
SetRect
ShowScrollBar
IsIconic
ScrollWindowEx
AdjustWindowRectEx
GetMenuState
GetWindowPlacement
SetWindowPlacement
GetSysColorBrush
AppendMenuW
SetClipboardViewer
SetWindowsHookExA
UnhookWindowsHookEx
DrawTextA
EndDialog
CreateDialogParamW
DialogBoxParamA
CallWindowProcW
CallWindowProcA
DefWindowProcA
IsWindowUnicode
GetSystemMenu
RedrawWindow
InvalidateRect
DrawStateA
DrawEdge
GetClientRect
CreateWindowExA
IsWindow
GetParent
GetWindowLongA
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetActiveWindow
SetCursor
SetTimer
PostThreadMessageA
MoveWindow
BeginPaint
EndPaint
GetDlgItemInt
SendDlgItemMessageA
MapDialogRect
SetWindowLongA
ClientToScreen
LoadCursorA
RegisterClassW
CreateWindowExW
SetWindowLongW
UpdateWindow
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
ScreenToClient
SetWindowTextW
SetMenu
LoadMenuA
GetMenuItemInfoA
SetMenuItemInfoA
GetSubMenu
SetMenuItemInfoW
GetMenuItemID
EnableMenuItem
GetMenuItemCount
CheckMenuItem
GetKeyState
SetForegroundWindow
SetFocus
GetFocus
PostQuitMessage
DefWindowProcW
CreatePopupMenu
GetCursorPos
TrackPopupMenu
GetSysColor
GetSystemMetrics
GetMenuItemInfoW
DrawMenuBar
AppendMenuA
DestroyMenu
MessageBoxW
GetDlgItem
SendMessageW
GetWindowRect
SystemParametersInfoA
SetWindowPos

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteA
SHGetMalloc
ShellExecuteExW
SHGetFolderPathA
SHGetFolderPathW
SHGetFileInfoW
ShellExecuteW
SHGetSpecialFolderPathW
Shell_NotifyIconA

msvcp60

??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

msvcrt

_strnicmp
_strupr
_strlwr
_controlfp
_iob
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_wcsicmp
wcschr
__CxxFrameHandler
strlen
isspace
memchr
_errno
strtol
isdigit
strstr
memcpy
??2@YAPAXI@Z
_purecall
free
memset
malloc
sprintf
printf
fwrite
srand
time
_CxxThrowException
rand
atol
_stricmp
isprint
tolower
strncpy
atoi
abs
wcscpy
strcmp
strcpy
wcslen
memcmp
iswspace
wcsncmp
_wtoi
_ultow
_stat
strchr
_ftol
swprintf
strcat
strtoul
calloc
_rotl
_rotr
fopen
fread
fclose
fseek
ftell
fflush
wcsncpy
wcsrchr
vsprintf
vswprintf
memmove
strrchr
strncmp
mbstowcs
wcscmp
wcsstr
iswdigit
_beginthreadex
_endthreadex
atof
_i64tow
wcscat
realloc
exit
fprintf
sscanf
getenv
floor
fputc
_CIpow
_CIacos
??1type_info@@UAE@XZ
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
_exit
_XcptFilter
_acmdln

secur32

FreeCredentialsHandle
InitializeSecurityContextA
FreeContextBuffer
AcquireCredentialsHandleA
CompleteAuthToken
QuerySecurityPackageInfoA

setupapi

SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiClassGuidsFromNameA
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList

iphlpapi

GetAdaptersInfo

advapi32

RegOpenKeyExA
FreeSid
SetFileSecurityW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
ConvertSidToStringSidA
GetTokenInformation
OpenProcessToken
RegCloseKey
RegQueryValueExA
ImpersonateLoggedOnUser
RevertToSelf
GetUserNameA
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerExA
SetServiceStatus
SetTokenInformation
DuplicateTokenEx
CreateProcessAsUserW
QueryServiceStatus
CloseServiceHandle
OpenServiceA
OpenSCManagerA
CreateServiceW
DeleteService
ControlService
StartServiceA
StartServiceW
RegCreateKeyExA
RegQueryValueExW
RegSetValueExW
RegSetValueExA
RegDeleteKeyA
RegDeleteValueW
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExW
SetEntriesInAclA
AllocateAndInitializeSid

shlwapi

PathGetDriveNumberA

comdlg32

GetOpenFileNameW
GetSaveFileNameW

userenv

LoadUserProfileA
UnloadUserProfile

comctl32

CreateToolbarEx
ImageList_Add
ImageList_Create
ImageList_Draw
ord17
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Duplicate
_TrackMouseEvent
CreatePropertySheetPageW
PropertySheetW

wininet

HttpSendRequestA
HttpQueryInfoA
InternetConnectA
InternetSetOptionA
InternetCloseHandle
InternetReadFile
InternetOpenA
HttpOpenRequestA

dsound

ord7
ord6
ord2
ord1

kernel32

SizeofResource
LoadResource
LockResource
GetLocalTime
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetFileTime
GetFileTime
OpenMutexA
CreateMutexA
ResetEvent
FindResourceExA
OpenEventA
CreateEventA
ExitProcess
SetUnhandledExceptionFilter
GetSystemDirectoryA
CompareFileTime
GetSystemTimeAsFileTime
GetSystemDirectoryW
lstrcatW
LoadLibraryW
QueryPerformanceFrequency
ReadFile
QueryPerformanceCounter
GetExitCodeProcess
BeginUpdateResourceW
EndUpdateResourceW
UpdateResourceA
OpenProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
LoadLibraryA
FreeLibrary
GetFileSize
SetFilePointer
WriteFile
WaitForSingleObject
CreateThread
GetFileAttributesW
GetStartupInfoW
CreateProcessW
lstrcmpiW
lstrcmpW
MulDiv
FormatMessageW
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameW
GetComputerNameA
LocalAlloc
GetExitCodeThread
SystemTimeToFileTime
MoveFileW
DeleteFileW
GetTempPathW
CreateFileW
FindFirstFileW
FindClose
CreateFileA
DeviceIoControl
GetUserDefaultUILanguage
GetModuleHandleA
GetProcAddress
GetLocaleInfoA
CreateDirectoryW
SetCurrentDirectoryW
SetProcessShutdownParameters
GetVersionExA
GetCurrentProcess
GetLastError
CloseHandle
LocalFree
GetCurrentThreadId
GetCurrentProcessId
Sleep
GetTickCount
InterlockedIncrement
InterlockedDecrement
lstrlenA
lstrlenW
TerminateProcess
GlobalUnlock
GlobalLock
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFileSizeEx
SetEndOfFile
SetFilePointerEx
GlobalAlloc
GetDriveTypeW
RemoveDirectoryW
FindNextFileW
SetFileAttributesW
GetLogicalDrives
ProcessIdToSessionId
SleepEx
CreateDirectoryA
DeleteFileA
GlobalFree
IsBadReadPtr
lstrcmpA
LocalFileTimeToFileTime
WaitNamedPipeW
lstrcpyA
GetCurrentDirectoryA
FindResourceA
DuplicateHandle
CreateSemaphoreA
SetThreadPriority
TlsSetValue
GetCurrentThread
TlsAlloc
ResumeThread
TlsGetValue
InterlockedExchange
GetStartupInfoA
SetEvent
SetLastError

Sections

.text
Size: 520KB - Virtual size: 519KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dll/UzakYardim.log
dll/WinSCP.com
.exe windows:4 windows x86 arch:x86

e472c1fbe7bf0d8c224ae7ff368ef137

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2f:e7:f4:24:85:7b:0a:41:39:ad:cd:cd:d2:39:3b:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

01-10-2012 00:00

Not After

01-10-2013 23:59

Subject

CN=Martin Prikryl,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Individual Developer,O=No Organization Affiliation,L=Prague 2,ST=Prague,C=CZ

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

03:50:f4:7c:51:3d:c1:b6:ed:e6:73:7c:0a:18:d1:91:b6:f3:55:05
Signer

Actual PE Digest

03:50:f4:7c:51:3d:c1:b6:ed:e6:73:7c:0a:18:d1:91:b6:f3:55:05

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateEventW
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateProcessW
CreateThread
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
ExitProcess
FlushConsoleInputBuffer
GetACP
GetCPInfo
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetConsoleTitleW
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStrings
GetEnvironmentStringsW
GetExitCodeProcess
GetFileAttributesA
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GetVersionExW
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
IsDebuggerPresent
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
MapViewOfFile
MultiByteToWideChar
OpenEventW
OpenFileMappingA
PeekConsoleInputW
RaiseException
ReadConsoleInputW
ReadConsoleW
ReadFile
RtlUnwind
SetConsoleCP
SetConsoleCtrlHandler
SetConsoleMode
SetConsoleOutputCP
SetConsoleTitleW
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetThreadLocale
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleInputW
WriteConsoleW
WriteFile

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

user32

CharUpperBuffW
EnumThreadWindows
MessageBoxA
wsprintfA
wsprintfW

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 198KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dll/WinSCP.exe
.exe windows:4 windows x86 arch:x86

390bf18706bfb62796da45d5d3226076

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2f:e7:f4:24:85:7b:0a:41:39:ad:cd:cd:d2:39:3b:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

01-10-2012 00:00

Not After

01-10-2013 23:59

Subject

CN=Martin Prikryl,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Individual Developer,O=No Organization Affiliation,L=Prague 2,ST=Prague,C=CZ

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

12:bc:0e:17:5a:c8:c8:d4:25:e6:9a:33:6d:87:02:70:6a:25:28:0b
Signer

Actual PE Digest

12:bc:0e:17:5a:c8:c8:d4:25:e6:9a:33:6d:87:02:70:6a:25:28:0b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ws2_32

socket
shutdown
setsockopt
send
select
recv
ntohs
ntohl
listen
ioctlsocket
inet_ntoa
inet_addr
htons
htonl
getsockopt
getsockname
getservbyport
getservbyname
getpeername
gethostbyname
gethostbyaddr
connect
closesocket
bind
accept
__WSAFDIsSet
WSAStartup
WSASetLastError
WSASend
WSAGetLastError
WSAEventSelect
WSAEnumNetworkEvents
WSACleanup
WSACancelAsyncRequest
WSAAsyncSelect
WSAAsyncGetHostByName

crypt32

CertCreateCertificateChainEngine
CertCreateCertificateContext
CertFreeCertificateChain
CertFreeCertificateChainEngine
CertFreeCertificateContext
CertGetCertificateChain
CertVerifyCertificateChainPolicy
CryptProtectData
CryptUnprotectData

advapi32

AdjustTokenPrivileges
AllocateAndInitializeSid
CopySid
CreateProcessAsUserW
DeregisterEventSource
DuplicateTokenEx
EqualSid
FreeSid
GetEffectiveRightsFromAclW
GetLengthSid
GetNamedSecurityInfoA
GetNamedSecurityInfoW
GetSecurityInfo
GetSidIdentifierAuthority
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
GetUserNameA
ImpersonateLoggedOnUser
InitializeSecurityDescriptor
IsValidSid
LogonUserW
LookupAccountNameA
LookupAccountSidA
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegConnectRegistryW
RegCreateKeyExA
RegCreateKeyExW
RegDeleteKeyA
RegDeleteKeyW
RegDeleteValueA
RegDeleteValueW
RegEnumKeyA
RegEnumKeyExW
RegEnumValueW
RegFlushKey
RegLoadKeyW
RegOpenKeyA
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
RegReplaceKeyW
RegRestoreKeyW
RegSaveKeyW
RegSetValueExW
RegUnLoadKeyW
RegisterEventSourceA
ReportEventA
RevertToSelf
SetSecurityDescriptorDacl

kernel32

AllocConsole
CancelIo
CloseHandle
CompareStringA
CompareStringW
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateHardLinkW
CreateMutexA
CreateMutexW
CreateNamedPipeA
CreatePipe
CreateProcessA
CreateProcessW
CreateThread
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeviceIoControl
DuplicateHandle
EnterCriticalSection
EnumCalendarInfoW
EnumResourceNamesW
EnumSystemLocalesW
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationW
FindFirstFileA
FindFirstFileW
FindNextChangeNotification
FindNextFileA
FindNextFileW
FindResourceExW
FindResourceW
FlushConsoleInputBuffer
FlushFileBuffers
FormatMessageA
FormatMessageW
FreeConsole
FreeEnvironmentStringsW
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCPInfoExW
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDateFormatW
GetDiskFreeSpaceW
GetDriveTypeA
GetDriveTypeW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetFullPathNameW
GetHandleInformation
GetLargestConsoleWindowSize
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDriveStringsW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetNumberOfConsoleInputEvents
GetOEMCP
GetOverlappedResult
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetProcessTimes
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetSystemDefaultUILanguage
GetSystemDirectoryA
GetSystemInfo
GetSystemTime
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetTempPathW
GetThreadLocale
GetThreadPriority
GetThreadTimes
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultUILanguage
GetVersion
GetVersionExA
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFree
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsBadWritePtr
IsDBCSLeadByteEx
IsDebuggerPresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LocalReAlloc
LockFile
LockFileEx
LockResource
MapViewOfFile
MoveFileExW
MoveFileW
MulDiv
MultiByteToWideChar
OpenEventW
OpenFileMappingW
OpenMutexW
OpenProcess
PeekConsoleInputW
PeekNamedPipe
QueryDosDeviceW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleInputA
ReadConsoleInputW
ReadConsoleW
ReadFile
ReleaseMutex
RemoveDirectoryW
ResetEvent
ResumeThread
RtlUnwind
SetConsoleCtrlHandler
SetConsoleCursorPosition
SetConsoleMode
SetConsoleScreenBufferSize
SetConsoleTitleW
SetConsoleWindowInfo
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointer
SetFileTime
SetHandleCount
SetHandleInformation
SetLastError
SetStdHandle
SetThreadExecutionState
SetThreadLocale
SetThreadPriority
SizeofResource
Sleep
SleepEx
SuspendThread
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnlockFile
UnlockFileEx
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
VirtualQueryEx
WaitForMultipleObjects
WaitForMultipleObjectsEx
WaitForSingleObject
WideCharToMultiByte
WinExec
WriteConsoleInputA
WriteConsoleInputW
WriteConsoleW
WriteFile
WritePrivateProfileStringW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenA
lstrlenW

mpr

WNetCloseEnum
WNetEnumResourceW
WNetGetConnectionW
WNetGetUniversalNameW
WNetOpenEnumW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

winspool.drv

ClosePrinter
DocumentPropertiesW
EnumPrintersW
ord203
OpenPrinterW

comctl32

FlatSB_GetScrollInfo
FlatSB_GetScrollPos
FlatSB_SetScrollInfo
FlatSB_SetScrollPos
FlatSB_SetScrollProp
ImageList_Add
ImageList_BeginDrag
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_SetOverlayImage
ImageList_Write
ord17
InitializeFlatSB
_TrackMouseEvent

comdlg32

ChooseColorW
ChooseFontW
FindTextW
GetFileTitleW
GetSaveFileNameW
ReplaceTextW
GetOpenFileNameW

gdi32

AbortDoc
AngleArc
Arc
ArcTo
BitBlt
Chord
CombineRgn
CopyEnhMetaFileW
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
CreateDCW
CreateDIBSection
CreateDIBitmap
CreateFontIndirectW
CreateHalftonePalette
CreateICW
CreatePalette
CreatePatternBrush
CreatePen
CreatePenIndirect
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
Ellipse
EndDoc
EndPage
EnumFontFamiliesExW
EnumFontsW
ExcludeClipRect
ExtCreatePen
ExtCreateRegion
ExtFloodFill
ExtTextOutW
FillRgn
FrameRgn
GdiFlush
GetBitmapBits
GetBrushOrgEx
GetClipBox
GetCurrentObject
GetCurrentPositionEx
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetEnhMetaFileBits
GetEnhMetaFileDescriptionW
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetNearestColor
GetNearestPaletteIndex
GetObjectA
GetObjectW
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextColor
GetTextExtentPoint32W
GetTextExtentPointW
GetTextMetricsW
GetViewportOrgEx
GetWinMetaFileBits
GetWindowOrgEx
IntersectClipRect
LPtoDP
LineTo
MaskBlt
MoveToEx
OffsetClipRgn
OffsetWindowOrgEx
PatBlt
Pie
PlayEnhMetaFile
PolyBezier
PolyBezierTo
PolyPolyline
Polygon
Polyline
RealizePalette
RectVisible
Rectangle
ResizePalette
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetAbortProc
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetDIBits
SetEnhMetaFileBits
SetMapMode
SetPaletteEntries
SetPixel
SetPixelV
SetROP2
SetRectRgn
SetStretchBltMode
SetTextAlign
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWinMetaFileBits
SetWindowExtEx
SetWindowOrgEx
StartDocW
StartPage
StretchBlt
StretchDIBits
TextOutW
UnrealizeObject

msimg32

AlphaBlend
GradientFill
TransparentBlt

shell32

CommandLineToArgvW
DragAcceptFiles
DragFinish
DragQueryFileW
FindExecutableW
SHBrowseForFolderW
SHFileOperationW
SHFreeNameMappings
SHGetDesktopFolder
SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
ShellExecuteW
Shell_NotifyIconW

shfolder

SHGetFolderPathW

user32

ActivateKeyboardLayout
AdjustWindowRectEx
AppendMenuW
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcW
CharLowerBuffW
CharLowerW
CharNextW
CharUpperBuffW
CharUpperW
CheckMenuItem
ChildWindowFromPoint
ChildWindowFromPointEx
ClientToScreen
ClipCursor
CloseClipboard
CopyIcon
CopyImage
CountClipboardFormats
CreateAcceleratorTableW
CreateCaret
CreateIcon
CreateIconIndirect
CreateMenu
CreatePopupMenu
CreateWindowExW
DdeAccessData
DdeClientTransaction
DdeCmpStringHandles
DdeConnect
DdeCreateDataHandle
DdeCreateStringHandleA
DdeDisconnect
DdeFreeDataHandle
DdeFreeStringHandle
DdeGetLastError
DdeInitializeA
DdeNameService
DdePostAdvise
DdeQueryConvInfo
DdeQueryStringA
DdeSetUserHandle
DdeUnaccessData
DdeUninitialize
DefFrameProcW
DefMDIChildProcW
DefWindowProcW
DeleteMenu
DestroyCaret
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageA
DispatchMessageW
DrawCaption
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawTextExW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndMenu
EndPaint
EnumChildWindows
EnumClipboardFormats
EnumDisplayMonitors
EnumThreadWindows
EnumWindows
EqualRect
ExitWindowsEx
FillRect
FindWindowA
FindWindowExW
FindWindowW
FlashWindow
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetCaretPos
GetClassInfoExW
GetClassInfoW
GetClassLongW
GetClassNameW
GetClientRect
GetClipboardData
GetClipboardOwner
GetCursor
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyNameTextW
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardLayoutNameW
GetKeyboardState
GetLastActivePopup
GetMenu
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuState
GetMenuStringW
GetMessageExtraInfo
GetMessagePos
GetMessageTime
GetMessageW
GetMonitorInfoW
GetParent
GetProcessWindowStation
GetPropW
GetQueueStatus
GetScrollBarInfo
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetUpdateRect
GetUserObjectInformationW
GetWindow
GetWindowDC
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
HideCaret
InflateRect
InsertMenuItemW
InsertMenuW
IntersectRect
InvalidateRect
IsCharAlphaNumericW
IsCharAlphaW
IsChild
IsClipboardFormatAvailable
IsDialogMessageA
IsDialogMessageW
IsIconic
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapW
LoadCursorW
LoadIconW
LoadKeyboardLayoutW
LoadStringW
LockWindowUpdate
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxA
MessageBoxW
MonitorFromPoint
MonitorFromRect
MonitorFromWindow
MsgWaitForMultipleObjects
MsgWaitForMultipleObjectsEx
OffsetRect
OpenClipboard
PeekMessageA
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RedrawWindow
RegisterClassExW
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropW
ScreenToClient
ScrollWindow
ScrollWindowEx
SendDlgItemMessageW
SendMessageA
SendMessageTimeoutW
SendMessageW
SendNotifyMessageW
SetActiveWindow
SetCapture
SetCaretPos
SetClassLongW
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetKeyboardState
SetMenu
SetMenuDefaultItem
SetMenuItemInfoW
SetParent
SetPropW
SetRect
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowCaret
ShowCursor
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoW
TrackMouseEvent
TrackPopupMenu
TrackPopupMenuEx
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnregisterClassW
UpdateWindow
ValidateRect
WaitMessage
WinHelpW
WindowFromPoint
wsprintfA

winmm

PlaySoundA
PlaySoundW

ole32

CLSIDFromString
CoCreateInstance
CoDisconnectObject
CoFreeUnusedLibraries
CoInitialize
CoLockObjectExternal
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
DoDragDrop
IsEqualGUID
OleGetClipboard
OleInitialize
OleSetClipboard
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
StringFromCLSID

oleaut32

CreateErrorInfo
GetErrorInfo
SafeArrayCreate
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SetErrorInfo
SysAllocString
SysAllocStringLen
SysFreeString
SysReAllocStringLen
VariantChangeType
VariantClear
VariantCopy
VariantInit

uxtheme

CloseThemeData
DrawThemeBackground
OpenThemeData

Exports

Exports

@$xp$12TLogLineType
@$xp$12TUnixDirView
@$xp$12Tbx@TTBXDock
@$xp$12Tbx@TTBXItem
@$xp$13Tbx@TFontSize
@$xp$13Tbx@TTriState
@$xp$15Tb2dock@TTBDock
@$xp$15Tb2item@TTBItem
@$xp$15Tb2item@TTBView
@$xp$15Tbx@TTBXToolbar
@$xp$15Tbxutils@PColor
@$xp$16Tb2item@ITBItems
@$xp$16Tbx@TTBXRootItem
@$xp$16Tbxlists@TSBZone
@$xp$16Tbxutils@TShadow
@$xp$17Tb2hook@THookProc
@$xp$17Tbx@TFontSettings
@$xp$17Tbx@TTBXPopupMenu
@$xp$17Tbx@TTBXPopupView
@$xp$17Tbx@TTextWrapping
@$xp$17Tbxutils@TShadows
@$xp$18Tb2anim@Tb2anim__1
@$xp$18Tb2dock@Tb2dock__3
@$xp$18Tb2item@Tb2item__1
@$xp$18Tb2item@Tb2item__8
@$xp$18Tb2item@Tb2item__9
@$xp$18Tbx@TAnimationMode
@$xp$18Tbx@TMenuAnimation
@$xp$18Tbx@TTBXCustomItem
@$xp$18Tbx@TTBXItemViewer
@$xp$18Tbx@TTBXThemeClass
@$xp$19Tb2dock@TTBDockMode
@$xp$19Tb2dock@TTBDockType
@$xp$19Tb2item@TTBItemData
@$xp$19Tb2item@TTBRootItem
@$xp$19Tb2item@Tb2item__01
@$xp$19Tbx@TAnimationModes
@$xp$19Tbx@TDrawImageEvent
@$xp$19Tbx@TTBXChevronItem
@$xp$19Tbx@TTBXPopupWindow
@$xp$19Tbx@TTBXSubmenuItem
@$xp$19Tbx@TTBXToolbarView
@$xp$19Tbx@TTextTruncation
@$xp$19Tbxthemes@TTBXTheme
@$xp$20Tb2acc@ITBAccessible
@$xp$20Tb2item@ETBItemError
@$xp$20Tb2item@TTBGroupItem
@$xp$20Tb2item@TTBImageList
@$xp$20Tb2item@TTBItemStyle
@$xp$20Tb2item@TTBPopupMenu
@$xp$20Tb2item@TTBPopupView
@$xp$20Tb2item@TTBViewClass
@$xp$20Tb2item@TTBViewState
@$xp$20Tb2item@TTBViewStyle
@$xp$20Tbx@TAdjustFontEvent
@$xp$20Tbxutils@TAlphaBlend
@$xp$20Tbxutils@THorzShadow
@$xp$20Tbxutils@TVertShadow
@$xp$20Tbxutils@Tbxutils__1
@$xp$21Tb2dock@TTBDockableTo
@$xp$21Tb2dock@TTBShrinkMode
@$xp$21Tb2dock@TTBSizeHandle
@$xp$21Tb2hook@THookProcCode
@$xp$21Tb2item@TTBCustomItem
@$xp$21Tb2item@TTBDoneAction
@$xp$21Tb2item@TTBItemOption
@$xp$21Tb2item@TTBItemViewer
@$xp$21Tb2item@TTBPopupEvent
@$xp$21Tb2toolbar@TTBToolbar
@$xp$21Tbx@TTBXMenuAnimation
@$xp$21Tbx@TTBXSeparatorItem
@$xp$21Tbxlists@TSBIncrement
@$xp$21Tbxthemes@TTBXMargins
@$xp$21Tbxutils@TShadowEdges
@$xp$21Tbxutils@TShadowStyle
@$xp$22Tb2extitems@TEditClass
@$xp$22Tb2hook@THookProcCodes
@$xp$22Tb2item@ITBPopupWindow
@$xp$22Tb2item@TTBControlItem
@$xp$22Tb2item@TTBItemOptions
@$xp$22Tb2item@TTBPopupWindow
@$xp$22Tb2item@TTBSelectEvent
@$xp$22Tb2item@TTBSubmenuItem
@$xp$22Tb2item@TTBViewTimerID
@$xp$22Tbxlists@TTBXScrollBar
@$xp$22Tbxstatusbars@TPercent
@$xp$22Tbxthemes@TTBXEditInfo
@$xp$22Tbxthemes@TTBXItemInfo
@$xp$22Tbxutils@TGradientFill
@$xp$22Tbxutils@TGradientKind
@$xp$23Tb2acc@TTBViewAccObject
@$xp$23Tb2dock@TTBDockPosition
@$xp$23Tb2dock@TTBFloatingMode
@$xp$23Tb2extitems@TTBEditItem
@$xp$23Tb2item@TTBModalHandler
@$xp$23Tbxlists@TTBXCustomList
@$xp$23Tbxlists@TTBXStringList
@$xp$23Tbxthemes@TTBXComboPart
@$xp$23Tbxthemes@TTBXHoverKind
@$xp$23Tbxthemes@TTBXPopupInfo
@$xp$23Tbxtoolpals@TTPCalcSize
@$xp$23Tbxutils@PBlendFunction
@$xp$23Tbxutils@TBlendFunction
@$xp$24Tb2item@PTBItemDataArray
@$xp$24Tb2item@TTBBaseAccObject
@$xp$24Tb2item@TTBItemContainer
@$xp$24Tb2item@TTBItemDataArray
@$xp$24Tb2item@TTBRootItemClass
@$xp$24Tb2item@TTBSeparatorItem
@$xp$24Tbx@TTBXItemTransparency
@$xp$24Tbxextitems@TTBXEditItem
@$xp$24Tbxlists@TTBXLPaintEvent
@$xp$24Tbxthemes@TTBXItemLayout
@$xp$24Tbxthemes@TTBXThemeClass
@$xp$24Tbxthemes@TTBXWindowInfo
@$xp$24Tbxtoolpals@TRowColCount
@$xp$24Tbxtoolpals@TTBXColorSet
@$xp$24Tbxtoolpals@TTPCellClick
@$xp$25Tb2acc@TTBCustomAccObject
@$xp$25Tb2dock@TTBDockBoundLines
@$xp$25Tb2extitems@TTBEditAction
@$xp$25Tb2item@PTBDoneActionData
@$xp$25Tb2item@TTBDoneActionData
@$xp$25Tb2item@TTBInsertItemProc
@$xp$25Tb2item@TTBPopupAlignment
@$xp$25Tb2item@_TTBItemViewer@_1
@$xp$25Tb2toolbar@TTBChevronItem
@$xp$25Tb2toolbar@TTBToolbarView
@$xp$25Tbx@TTBXChevronItemViewer
@$xp$25Tbx@TTBXPopupPositionInfo
@$xp$25Tbxextitems@TTBXColorItem
@$xp$25Tbxextitems@TTBXLabelItem
@$xp$25Tbxthemes@TTBXEditBtnInfo
@$xp$25Tbxthemes@TTBXToolbarInfo
@$xp$26Tb2dock@TTBDragHandleStyle
@$xp$26Tb2item@PTBItemViewerArray
@$xp$26Tb2item@TTBCustomImageList
@$xp$26Tb2item@TTBCustomItemClass
@$xp$26Tb2item@TTBImageChangeLink
@$xp$26Tb2item@TTBItemChangedProc
@$xp$26Tb2item@TTBItemDisplayMode
@$xp$26Tb2item@TTBItemViewerArray
@$xp$26Tb2item@TTBItemViewerClass
@$xp$26Tb2item@TTBViewOrientation
@$xp$26Tbx@TTBXChevronPopupWindow
@$xp$26Tbxextitems@TTBXEditChange
@$xp$26Tbxlists@TTBXLMeasureWidth
@$xp$26Tbxofficexptheme@TItemPart
@$xp$26Tbxtoolpals@TTBXToolViewer
@$xp$26Tbxtoolpals@TTPGetCellHint
@$xp$26Tbxtoolpals@Tbxtoolpals__1
@$xp$27Tb2dock@TTBReadPositionData
@$xp$27Tb2dock@TTBRequestDockEvent
@$xp$27Tb2item@TTBPopupPositionRec
@$xp$27Tb2item@TTBPopupWindowClass
@$xp$27Tb2toolbar@TTBCustomToolbar
@$xp$27Tbx@TTBXSeparatorItemViewer
@$xp$27Tbxextitems@TNonNegativeInt
@$xp$27Tbxlists@TSBAutoScrollEvent
@$xp$27Tbxlists@TTBXLMeasureHeight
@$xp$27Tbxstatusbars@TSBAdjustFont
@$xp$27Tbxstatusbars@TSBPanelEvent
@$xp$27Tbxstatusbars@TTBXStatusBar
@$xp$27Tbxthemes@TTBXDockPanelInfo
@$xp$27Tbxtoolpals@TCSGetColorInfo
@$xp$27Tbxtoolpals@TTBXToolPalette
@$xp$28Tb2common@TListSortExCompare
@$xp$28Tb2dock@TTBDockChangingEvent
@$xp$28Tb2dock@TTBInsertRemoveEvent
@$xp$28Tb2dock@TTBWritePositionData
@$xp$28Tb2item@TTBItemChangedAction
@$xp$28Tbx@TTBXFloatingWindowParent
@$xp$28Tbxextitems@TTBXComboBoxItem
@$xp$28Tbxextitems@TTBXDropDownItem
@$xp$28Tbxlists@TTBXStringListClass
@$xp$28Tbxoffice2003theme@TItemPart
@$xp$28Tbxtoolpals@TTBXColorPalette
@$xp$28Tbxtoolpals@TTPDrawCellImage
@$xp$29Tb2acc@TTBItemViewerAccObject
@$xp$29Tb2anim@TTBAnimationDirection
@$xp$29Tb2extitems@TTBBeginEditEvent
@$xp$29Tb2extitems@TTBEditItemOption
@$xp$29Tb2extitems@TTBEditItemViewer
@$xp$29Tbxlists@TTBXCustomListViewer
@$xp$29Tbxstatusbars@TTBXStatusPanel
@$xp$29Tbxtoolpals@TTPGetCellVisible
@$xp$29Tbxutils@TUpdateLayeredWindow
@$xp$30Tb2dock@TTBPositionReadIntProc
@$xp$30Tb2extitems@TTBAcceptTextEvent
@$xp$30Tb2extitems@TTBEditItemOptions
@$xp$30Tb2item@TTBSeparatorItemViewer
@$xp$30Tb2toolbar@TTBChevronItemClass
@$xp$30Tb2toolbar@TTBToolbarViewClass
@$xp$30Tb2version@TToolbar2000Version
@$xp$30Tbxextitems@TTBXEditItemViewer
@$xp$30Tbxlists@TTBXLAdjustImageIndex
@$xp$30Tbxofficexptheme@TBtnItemState
@$xp$30Tbxofficexptheme@TWinFramePart
@$xp$30Tbxstatusbars@TTBXStatusPanels
@$xp$30Tbxtoolpals@TTBXCustomColorSet
@$xp$31Tb2dock@TTBCustomDockableWindow
@$xp$31Tb2dock@TTBDockBoundLinesValues
@$xp$31Tb2dock@TTBDockableWindowStyles
@$xp$31Tb2dock@TTBFloatingWindowParent
@$xp$31Tb2dock@TTBPositionWriteIntProc
@$xp$31Tb2item@TTBCustomItemActionLink
@$xp$31Tb2toolbar@TTBChevronItemViewer
@$xp$31Tbxextitems@TTBXColorItemViewer
@$xp$31Tbxextitems@TTBXLabelItemViewer
@$xp$31Tbxofficexptheme@TMenuItemState
@$xp$31Tbxofficexptheme@TWinFrameState
@$xp$32Tbxdefaulttheme@TTBXDefaultTheme
@$xp$32Tbxextitems@TTBXLabelOrientation
@$xp$32Tbxoffice2003theme@TBtnItemState
@$xp$32Tbxoffice2003theme@TWinFramePart
@$xp$33Tb2dock@TTBPositionReadStringProc
@$xp$33Tb2dock@TTBToolWindowNCRedrawWhat
@$xp$33Tb2extitems@TTBEditItemActionLink
@$xp$33Tb2extitems@_TTBEditItemViewer@_1
@$xp$33Tbxextitems@TTBXCAdjustImageIndex
@$xp$33Tbxoffice2003theme@TMenuItemState
@$xp$33Tbxstatusbars@TTBXCustomStatusBar
@$xp$33Tbxtoolpals@TTBXCustomToolPalette
@$xp$34Tb2dock@TTBPositionWriteStringProc
@$xp$34Tb2item@TTBEnterToolbarLoopOptions
@$xp$34Tbxextitems@TTBXComboBoxItemViewer
@$xp$34Tbxextitems@TTBXCustomDropDownItem
@$xp$34Tbxextitems@TTBXDropDownItemViewer
@$xp$34Tbxofficexptheme@TTBXOfficeXPTheme
@$xp$34Tbxstatusbars@TSBAdjustContentRect
@$xp$34Tbxtoolpals@TTBXToolPaletteOptions
@$xp$35Tb2common@THandleWMPrintNCPaintProc
@$xp$35Tb2toolbar@TToolbarGetBaseSizeEvent
@$xp$36Tb2dock@TTBFloatingWindowParentClass
@$xp$36Tb2item@TTBCustomItemActionLinkClass
@$xp$36Tbxoffice2003theme@TOffice2003Scheme
@$xp$38Tbxoffice2003theme@TTBXOffice2003Theme
@$xp$40Tb2dock@TTBToolWindowNCRedrawWhatElement
@$xp$40Tb2toolbar@TTBChevronPriorityForNewItems
@$xp$8TLogMemo
@$xp$ynpqqrp14System@TObject20System@UnicodeStringoj16System@TDateTimet2ro$v
@$xp$ynpqqrp14System@TObject22Customdirview@TDDError$v
@$xp$ynpqqrp14System@TObject27System@Uitypes@TMouseButton60System@%Set$t32System@Classes@System_Classes__1$iuc$0$iuc$9%ii$v
@$xp$ynpqqrp14System@TObject39System@%DelphiInterface$t11IDataObject%irx19System@Types@TPointri$v
@$xp$ynpqqrp14System@TObject39System@%DelphiInterface$t11IDataObject%irx19System@Types@TPointriro$v
@$xp$ynpqqrp14System@TObject60System@%Set$t32System@Classes@System_Classes__1$iuc$0$iuc$9%ii$v
@$xp$ynpqqrp14System@TObject60System@%Set$t32System@Classes@System_Classes__1$iuc$0$iuc$9%irx19System@Types@TPointro$v
@$xp$ynpqqrp14System@TObject60System@%Set$t32System@Classes@System_Classes__1$iuc$0$iuc$9%rx19System@Types@TPointro$v
@$xp$ynpqqrp14System@TObjecti$v
@$xp$ynpqqrp14System@TObjecti20System@UnicodeStringt3$v
@$xp$ynpqqrp14System@TObjecti20System@UnicodeStringt3ro$v
@$xp$ynpqqrp14System@TObjectiirl$v
@$xp$ynpqqrp14System@TObjectiri$v
@$xp$ynpqqrp14System@TObjectirl$v
@$xp$ynpqqrp14System@TObjectirx19System@Types@TPointri$v
@$xp$ynpqqrp14System@TObjectirx19System@Types@TPointt326Dragdrop@TDragDetectStatus$v
@$xp$ynpqqrp14System@TObjectp11TRemoteFiler20System@UnicodeString$v
@$xp$ynpqqrp14System@TObjectp22Vcl@Comctrls@TListItem20System@UnicodeString$v
@$xp$ynpqqrp14System@TObjectp22Vcl@Comctrls@TListItemriro$v
@$xp$ynpqqrp14System@TObjectp22Vcl@Comctrls@TListItemro$v
@$xp$ynpqqrp14System@TObjectp22Vcl@Comctrls@TListItemrus$v
@$xp$ynpqqrp14System@TObjectp25Dragdropfilesex@TFileListro$v
@$xp$ynpqqrp14System@TObjectp7HMENU__39System@%DelphiInterface$t11IDataObject%iirx19System@Types@TPoint$v
@$xp$ynpqqrp14System@TObjectrb$v
@$xp$ynpqqrp14System@TObjectrp20Dragdrop@TDataObject$v
@$xp$ynpqqrp14System@TObjectrp24Vcl@Controls@TDragObject$v
@$xp$ynpqqrp14System@TObjectrp28Vcl@Controls@TDragDockObject$v
@$xp$ynpqqrp14System@TObjectrus60System@%Set$t32System@Classes@System_Classes__1$iuc$0$iuc$9%$v
@$xp$ynpqqrp14System@TObjectrx19System@Types@TPointro$v
@$xp$ynpqqrp14System@TObjectrx29Customdirview@TStatusFileInfo$v
@$xp$ynpqqrp14System@TObjectt1ii$v
@$xp$ynpqqrp14System@TObjectt1ii25System@Uitypes@TDragStatero$v
@$xp$ynpqqrp28Customdirview@TCustomDirView$v
@$xp$ynpqqrp28Customdirview@TCustomDirViewiro$v
@$xp$ynpqqrp28Customdirview@TCustomDirViewor25Customdirview@TFileFilter$v
@@Authenticate@Finalize
@@Authenticate@Initialize
@@Bookmarks@Finalize
@@Bookmarks@Initialize
@@Configuration@Finalize
@@Configuration@Initialize
@@Consolerunner@Finalize
@@Consolerunner@Initialize
@@Copyparamcustom@Finalize
@@Copyparamcustom@Initialize
@@Copyparampreset@Finalize
@@Copyparampreset@Initialize
@@Copyparams@Finalize
@@Copyparams@Initialize
@@Coremain@Finalize
@@Coremain@Initialize
@@Customcommand@Finalize
@@Customcommand@Initialize
@@Customscpexplorer@Finalize
@@Customscpexplorer@Initialize
@@Customwinconfiguration@Finalize
@@Customwinconfiguration@Initialize
@@Editmask@Finalize
@@Editmask@Initialize
@@Editor@Finalize
@@Editor@Initialize
@@Editormanager@Finalize
@@Editormanager@Initialize
@@Editorpreferences@Finalize
@@Editorpreferences@Initialize
@@Exceptions@Finalize
@@Exceptions@Initialize
@@Filebuffer@Finalize
@@Filebuffer@Initialize
@@Filefind@Finalize
@@Filefind@Initialize
@@Fileinfo@Finalize
@@Fileinfo@Initialize
@@Filesystems@Finalize
@@Filesystems@Initialize
@@Filezillaintern@Finalize
@@Filezillaintern@Initialize
@@Filezillaintf@Finalize
@@Filezillaintf@Initialize
@@Ftpfilesystem@Finalize
@@Ftpfilesystem@Initialize
@@Fullsynchronize@Finalize
@@Fullsynchronize@Initialize
@@Generalsettings@Finalize
@@Generalsettings@Initialize
@@Glyphs@Finalize
@@Glyphs@Initialize
@@Guiconfiguration@Finalize
@@Guiconfiguration@Initialize
@@Guitools@Finalize
@@Guitools@Initialize
@@Hierarchicalstorage@Finalize
@@Hierarchicalstorage@Initialize
@@Inputdlg@Finalize
@@Inputdlg@Initialize
@@License@Finalize
@@License@Initialize
@@Log@Finalize
@@Log@Initialize
@@Logmemo@Finalize
@@Logmemo@Initialize
@@Logsettings@Finalize
@@Logsettings@Initialize
@@Messagedlg@Finalize
@@Messagedlg@Initialize
@@Namedobjs@Finalize
@@Namedobjs@Initialize
@@Nonvisual@Finalize
@@Nonvisual@Initialize
@@Option@Finalize
@@Option@Initialize
@@Progparams@Finalize
@@Progparams@Initialize
@@Queue@Finalize
@@Queue@Initialize
@@Queuecontroller@Finalize
@@Queuecontroller@Initialize
@@Remotetransfer@Finalize
@@Remotetransfer@Initialize
@@Rights@Finalize
@@Rights@Initialize
@@Rightsext@Finalize
@@Rightsext@Initialize
@@Scpcommander@Finalize
@@Scpcommander@Initialize
@@Scpexplorer@Finalize
@@Scpexplorer@Initialize
@@Scpfilesystem@Finalize
@@Scpfilesystem@Initialize
@@Script@Finalize
@@Script@Initialize
@@Secureshell@Finalize
@@Secureshell@Initialize
@@Security@Finalize
@@Security@Initialize
@@Selectmask@Finalize
@@Selectmask@Initialize
@@Sessiondata@Finalize
@@Sessiondata@Initialize
@@Sessioninfo@Finalize
@@Sessioninfo@Initialize
@@Sftpfilesystem@Finalize
@@Sftpfilesystem@Initialize
@@Symlink@Finalize
@@Symlink@Initialize
@@Synchronize@Finalize
@@Synchronize@Initialize
@@Synchronizecontroller@Finalize
@@Synchronizecontroller@Initialize
@@Synchronizeprogress@Finalize
@@Synchronizeprogress@Initialize
@@Terminal@Finalize
@@Terminal@Initialize
@@Terminalmanager@Finalize
@@Terminalmanager@Initialize
@@Themepagecontrol@Finalize
@@Themepagecontrol@Initialize
@@Tools@Finalize
@@Tools@Initialize
@@Unixdirview@Finalize
@@Unixdirview@Initialize
@@Unixdriveview@Finalize
@@Unixdriveview@Initialize
@@Usage@Finalize
@@Usage@Initialize
@@Userinterface@Finalize
@@Userinterface@Initialize
@@Vclcommon@Finalize
@@Vclcommon@Initialize
@@Webdavfilesystem@Finalize
@@Webdavfilesystem@Initialize
@@Winconfiguration@Finalize
@@Winconfiguration@Initialize
@@Winhelp@Finalize
@@Winhelp@Initialize
@@Wininterface@Finalize
@@Wininterface@Initialize
@@Winmain@Finalize
@@Winmain@Initialize
@@common@Finalize
@@common@Initialize
@@copy@Finalize
@@copy@Initialize
@Logmemo@Register$qqrv
@System@Ioutils@TFile@FCMinFileNameLen
@System@Syncobjs@TSpinLock@AnonymouslyOwned
@System@Syncobjs@TSpinLock@LockAvailable
@System@Syncobjs@TSpinLock@MaxWaitingThreads
@System@Syncobjs@TSpinLock@ThreadTrackingDisabled
@System@Syncobjs@TSpinLock@WaitingThreadMask
@System@Syncobjs@TSpinWait@Sleep0Threshold
@System@Syncobjs@TSpinWait@Sleep1Threshold
@System@Syncobjs@TSpinWait@YieldThreshold
@System@TMonitor@TSpinWait@Sleep0Threshold
@System@TMonitor@TSpinWait@Sleep1Threshold
@System@TMonitor@TSpinWait@YieldThreshold
@System@Timespan@TTimeSpan@MaxMilliseconds
@System@Timespan@TTimeSpan@MaxSeconds
@System@Timespan@TTimeSpan@MillisPerDay
@System@Timespan@TTimeSpan@MillisPerHour
@System@Timespan@TTimeSpan@MillisPerMinute
@System@Timespan@TTimeSpan@MillisPerSecond
@System@Timespan@TTimeSpan@MinMilliseconds
@System@Timespan@TTimeSpan@MinSeconds
@System@Timespan@TTimeSpan@TicksPerDay
@System@Timespan@TTimeSpan@TicksPerHour
@System@Timespan@TTimeSpan@TicksPerMillisecond
@System@Timespan@TTimeSpan@TicksPerMinute
@System@Timespan@TTimeSpan@TicksPerSecond
@System@Uitypes@TAlphaColorRec@Aliceblue
@System@Uitypes@TAlphaColorRec@Alpha
@System@Uitypes@TAlphaColorRec@Antiquewhite
@System@Uitypes@TAlphaColorRec@Aqua
@System@Uitypes@TAlphaColorRec@Aquamarine
@System@Uitypes@TAlphaColorRec@Azure
@System@Uitypes@TAlphaColorRec@Beige
@System@Uitypes@TAlphaColorRec@Bisque
@System@Uitypes@TAlphaColorRec@Black
@System@Uitypes@TAlphaColorRec@Blanchedalmond
@System@Uitypes@TAlphaColorRec@Blue
@System@Uitypes@TAlphaColorRec@Blueviolet
@System@Uitypes@TAlphaColorRec@Brown
@System@Uitypes@TAlphaColorRec@Burlywood
@System@Uitypes@TAlphaColorRec@Cadetblue
@System@Uitypes@TAlphaColorRec@Chartreuse
@System@Uitypes@TAlphaColorRec@Chocolate
@System@Uitypes@TAlphaColorRec@Coral
@System@Uitypes@TAlphaColorRec@Cornflowerblue
@System@Uitypes@TAlphaColorRec@Cornsilk
@System@Uitypes@TAlphaColorRec@Cream
@System@Uitypes@TAlphaColorRec@Crimson
@System@Uitypes@TAlphaColorRec@Cyan
@System@Uitypes@TAlphaColorRec@Darkblue
@System@Uitypes@TAlphaColorRec@Darkcyan
@System@Uitypes@TAlphaColorRec@Darkgoldenrod
@System@Uitypes@TAlphaColorRec@Darkgray
@System@Uitypes@TAlphaColorRec@Darkgreen
@System@Uitypes@TAlphaColorRec@Darkgrey
@System@Uitypes@TAlphaColorRec@Darkkhaki
@System@Uitypes@TAlphaColorRec@Darkmagenta
@System@Uitypes@TAlphaColorRec@Darkolivegreen
@System@Uitypes@TAlphaColorRec@Darkorange
@System@Uitypes@TAlphaColorRec@Darkorchid
@System@Uitypes@TAlphaColorRec@Darkred
@System@Uitypes@TAlphaColorRec@Darksalmon
@System@Uitypes@TAlphaColorRec@Darkseagreen
@System@Uitypes@TAlphaColorRec@Darkslateblue
@System@Uitypes@TAlphaColorRec@Darkslategray
@System@Uitypes@TAlphaColorRec@Darkslategrey
@System@Uitypes@TAlphaColorRec@Darkturquoise
@System@Uitypes@TAlphaColorRec@Darkviolet
@System@Uitypes@TAlphaColorRec@Deeppink
@System@Uitypes@TAlphaColorRec@Deepskyblue
@System@Uitypes@TAlphaColorRec@Dimgray
@System@Uitypes@TAlphaColorRec@Dimgrey
@System@Uitypes@TAlphaColorRec@DkGray
@System@Uitypes@TAlphaColorRec@Dodgerblue
@System@Uitypes@TAlphaColorRec@Firebrick
@System@Uitypes@TAlphaColorRec@Floralwhite
@System@Uitypes@TAlphaColorRec@Forestgreen

Sections

.text
Size: 6.6MB - Virtual size: 6.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 154KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 418KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dll/WinSCPnet.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2f:e7:f4:24:85:7b:0a:41:39:ad:cd:cd:d2:39:3b:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

01-10-2012 00:00

Not After

01-10-2013 23:59

Subject

CN=Martin Prikryl,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Individual Developer,O=No Organization Affiliation,L=Prague 2,ST=Prague,C=CZ

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

82:19:dc:5d:9e:9c:af:e5:48:96:f3:ba:d1:2f:fd:ad:9b:be:8c:3b
Signer

Actual PE Digest

82:19:dc:5d:9e:9c:af:e5:48:96:f3:ba:d1:2f:fd:ad:9b:be:8c:3b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Release\WinSCPnet.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dll/cl32.dll
.dll regsvr32 windows:5 windows x86 arch:x86

36600284ee7106703504347a91112909

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Work\cryptlib\binaries32_vs10\cl32.pdb

Imports

kernel32

GetFileAttributesA
ReadFile
FlushFileBuffers
CreateDirectoryA
GetLastError
GetFileType
CloseHandle
DeleteFileA
GlobalFree
GetCurrentThreadId
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
VirtualUnlock
VirtualLock
WaitForSingleObject
Sleep
GetSystemDirectoryA
DisableThreadLibraryCalls
LoadLibraryA
GetSystemInfo
GetVersionExA
GetDriveTypeA
MapViewOfFile
UnmapViewOfFile
QueryPerformanceCounter
GetTickCount
GetProcessHeap
GetProcessTimes
GetStartupInfoA
GetProcessWorkingSetSize
DeviceIoControl
GetModuleHandleA
GetCurrentProcessId
GetThreadTimes
OpenFileMappingA
WriteFile
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
GetWindowsDirectoryA
SetFileTime
GetCurrentThread
GetCurrentProcess
SetErrorMode
SetEndOfFile
SetFilePointer
GetFileSize
CreateFileA
GetFullPathNameA
GetProcAddress
FreeLibrary
IsBadReadPtr
GlobalMemoryStatus
IsBadWritePtr

user32

GetProcessWindowStation
GetCapture
GetInputState
GetDesktopWindow
GetCursorPos
GetCaretPos
GetActiveWindow
GetClipboardViewer
GetClipboardOwner
GetMessageTime
GetMessagePos
GetOpenClipboardWindow
MessageBoxA
GetFocus

advapi32

InitializeSecurityDescriptor
InitializeSid
LookupAccountSidA
EqualSid
GetTokenInformation
OpenThreadToken
GetSidSubAuthority
OpenProcessToken
InitializeAcl
SetSecurityDescriptorOwner
AddAccessAllowedAce
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
SetSecurityDescriptorDacl

msvcr100

_lock
_onexit
_except_handler4_common
memcpy
memset
__dllonexit
free
malloc
sprintf_s
toupper
isalnum
isprint
isdigit
_strnicmp
memmove
strncpy_s
_mktime64
_gmtime64_s
strncat_s
isalpha
_stricmp
wcstombs_s
mbstowcs_s
_endthreadex
_beginthreadex
tolower
vsprintf_s
isxdigit
_time64
realloc
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock

Exports

Exports

DllRegisterServer
cryptAddCertExtension
cryptAddPrivateKey
cryptAddPublicKey
cryptAddRandom
cryptCAAddItem
cryptCACertManagement
cryptCADeleteItem
cryptCAGetItem
cryptCheckCert
cryptCheckSignature
cryptCheckSignatureEx
cryptCreateCert
cryptCreateContext
cryptCreateEnvelope
cryptCreateSession
cryptCreateSignature
cryptCreateSignatureEx
cryptDecrypt
cryptDeleteAttribute
cryptDeleteCertExtension
cryptDeleteKey
cryptDestroyCert
cryptDestroyContext
cryptDestroyEnvelope
cryptDestroyObject
cryptDestroySession
cryptDeviceClose
cryptDeviceCreateContext
cryptDeviceOpen
cryptDeviceQueryCapability
cryptEncrypt
cryptEnd
cryptExportCert
cryptExportKey
cryptExportKeyEx
cryptFlushData
cryptGenerateKey
cryptGetAttribute
cryptGetAttributeString
cryptGetCertExtension
cryptGetKey
cryptGetPrivateKey
cryptGetPublicKey
cryptImportCert
cryptImportKey
cryptImportKeyEx
cryptInit
cryptKeysetClose
cryptKeysetOpen
cryptLogin
cryptLogout
cryptPopData
cryptPushData
cryptQueryCapability
cryptQueryObject
cryptSetAttribute
cryptSetAttributeString
cryptSignCert

Sections

.text
Size: 995KB - Virtual size: 995KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dll/sdd_regasm.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\EVREN\Documents\Visual Studio 2012\Projects\SDD_REGASM\sdd_regasm\obj\Debug\sdd_regasm.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 384KB - Virtual size: 383KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
doorbell1.wav
emubasir.pbd
evrak.pbd
fatura.pbd
gundem.pbd
gxps.exe
.exe windows:4 windows x86 arch:x86

30c57c50884b31ccd9b068732d733ff6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragQueryFileA
DragAcceptFiles
DragFinish

gdi32

SetDIBitsToDevice
RealizePalette
SelectPalette
SetBkMode
SetMapMode
DeleteObject
CreateBrushIndirect
GetDeviceCaps
CreatePalette

user32

DispatchMessageA
TranslateMessage
GetMessageA
PostThreadMessageA
wsprintfW
DialogBoxParamA
PostMessageA
EndDialog
SendDlgItemMessageA
LoadIconA
LoadCursorA
RegisterClassA
SetWindowLongA
GetWindowLongA
GetWindowRect
GetParent
BeginPaint
FillRect
EndPaint
VkKeyScanA
GetKeyState
MessageBoxA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
ScrollWindow
DefWindowProcA
SetScrollInfo
IsZoomed
GetClientRect
SendMessageA
BringWindowToTop
KillTimer
IsWindow
IsIconic
SetTimer
GetSysColor
CreateWindowExA
MoveWindow
ShowWindow
CheckMenuItem
InvalidateRect
UpdateWindow
GetSystemMenu
RemoveMenu
AppendMenuA
GetMenuStringA
EnableMenuItem
DestroyWindow
GetDC
ReleaseDC
GetForegroundWindow
SetForegroundWindow

winspool.drv

OpenPrinterW
ClosePrinter
EndDocPrinter
WritePrinter
AbortPrinter
StartDocPrinterA
EnumPrintersA

advapi32

RegQueryValueExW
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExW

kernel32

GetStringTypeW
GetStringTypeA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
WriteConsoleA
GetCurrentDirectoryA
GetFullPathNameA
SetEndOfFile
GetTimeZoneInformation
HeapSize
LoadLibraryW
FlushFileBuffers
RaiseException
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
SetFilePointer
GetStartupInfoA
SetHandleCount
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsDebuggerPresent
TerminateProcess
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetProcessHeap
GetVersionExA
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
WriteFile
FindFirstFileA
GetDriveTypeA
LCMapStringA
SetEnvironmentVariableW
FreeEnvironmentStringsA
GetCurrentProcess
CloseHandle
GetCurrentThread
GetCurrentThreadId
CreateMutexA
WaitForSingleObject
ReleaseMutex
Sleep
SetConsoleOutputCP
GetConsoleOutputCP
GetModuleHandleA
GetPrivateProfileStringA
GetModuleFileNameA
GetSystemTime
GlobalUnlock
GlobalLock
GlobalAlloc
WriteConsoleInputA
GenerateConsoleCtrlEvent
GetStdHandle
lstrlenA
GetLastError
CreateProcessW
DuplicateHandle
CreatePipe
CreateDirectoryA
CreateFileW
GetTempFileNameW
GetTempPathW
GetProfileStringW
GetVersion
GetLocaleInfoA
FindClose
FindNextFileW
FindFirstFileW
MultiByteToWideChar
IsDBCSLeadByte
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CreateSemaphoreA
ReleaseSemaphore
HeapFree
HeapAlloc
ExitThread
ResumeThread
CreateThread
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFileType
GetProcAddress
SetStdHandle
ReadFile
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
DeleteFileA
WriteConsoleW
GetModuleFileNameW
HeapReAlloc
GetSystemTimeAsFileTime
CreateFileA
MoveFileA

Exports

Exports

jxr_create_container
jxr_create_image
jxr_create_input
jxr_destroy
jxr_destroy_container
jxr_flag_SKIP_FLEX_DATA
jxr_flag_SKIP_HP_DATA
jxr_get_ALPHACHANNEL_FLAG
jxr_get_EXTENDED_IMAGE_HEIGHT
jxr_get_EXTENDED_IMAGE_WIDTH
jxr_get_IMAGE_CHANNELS
jxr_get_IMAGE_HEIGHT
jxr_get_IMAGE_WIDTH
jxr_get_OUTPUT_BITDEPTH
jxr_get_OUTPUT_CLR_FMT
jxr_get_TILE_COLUMNS
jxr_get_TILE_HEIGHT
jxr_get_TILE_ROWS
jxr_get_TILE_WIDTH
jxr_get_TILING_FLAG
jxr_get_pixel_format
jxr_get_user_data
jxr_read_image_bitstream
jxr_read_image_container
jxr_set_ALPHA_IMAGE_PLANE_FLAG
jxr_set_BANDS_PRESENT
jxr_set_DISABLE_TILE_OVERLAP
jxr_set_FLOAT
jxr_set_FREQUENCY_MODE_CODESTREAM_FLAG
jxr_set_INDEX_TABLE_PRESENT_FLAG
jxr_set_INTERNAL_CLR_FMT
jxr_set_LEVEL_IDC
jxr_set_LONG_WORD_FLAG
jxr_set_NUM_HOR_TILES_MINUS1
jxr_set_NUM_VER_TILES_MINUS1
jxr_set_OUTPUT_BITDEPTH
jxr_set_OUTPUT_CLR_FMT
jxr_set_OVERLAP_FILTER
jxr_set_PROFILE_IDC
jxr_set_QP_DISTRIBUTED
jxr_set_QP_INDEPENDENT
jxr_set_QP_LOSSLESS
jxr_set_QP_SEPARATE
jxr_set_QP_UNIFORM
jxr_set_SHIFT_BITS
jxr_set_TILE_HEIGHT_IN_MB
jxr_set_TILE_WIDTH_IN_MB
jxr_set_TILING_FLAG
jxr_set_TRIM_FLEXBITS
jxr_set_block_input
jxr_set_block_output
jxr_set_container_parameters
jxr_set_pixel_format
jxr_set_user_data
jxr_test_LEVEL_IDC
jxr_test_LONG_WORD_FLAG
jxr_test_PROFILE_IDC
jxr_write_image_bitstream
jxrc_alpha_band_presence
jxrc_alpha_bytecount
jxrc_alpha_offset
jxrc_artist_name
jxrc_begin_ifd_entry
jxrc_begin_image_data
jxrc_color_space
jxrc_copyright_notice
jxrc_date_time
jxrc_document_name
jxrc_equipment_make
jxrc_equipment_model
jxrc_get_pixel_format
jxrc_height_resolution
jxrc_host_computer
jxrc_image_band_presence
jxrc_image_bytecount
jxrc_image_count
jxrc_image_description
jxrc_image_height
jxrc_image_offset
jxrc_image_pixelformat
jxrc_image_type
jxrc_image_width
jxrc_padding_data
jxrc_page_name
jxrc_page_number
jxrc_profile_level_container
jxrc_ptm_color_info
jxrc_set_image_band_presence
jxrc_set_image_shape
jxrc_set_pixel_format
jxrc_set_separate_alpha_image_plane
jxrc_software_name_version
jxrc_spatial_xfrm_primary
jxrc_start_file
jxrc_width_resolution
jxrc_write_container_post
jxrc_write_container_post_alpha

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ihm.pbd
khk.pbd
kimlik.pbd
kiraci.pbd
komisyon.pbd
magdur.pbd
mali.pbd
muhasebe.pbd
muhasebe_r.pbd
muzaharet.pbd
ortak_d.pbd
ortak_f.pbd
ortak_u.pbd
ortak_w.pbd
pbsoapclient105.pbd
pbsoapclient90.pbd
personel.pbd
sdd_d.pbd
sdd_degisen.pbd
sdd_f.pbd
sdd_inherit.pbd
sdd_m.pbd
sdd_n_cst.pbd
sdd_s.pbd
sdd_security.pbd
sdd_u.pbd
sdd_w.pbd
sddproxy.pbd
sem.pbd
seminer.pbd
sicil.pbd
sicil_r.pbd
sigorta.pbd
staj.pbd
staj_r.pbd
stok.pbd
sydf.pbd
tsk_ek2.pbd
uyecari.pbd
uzlasma.pbd
yardim.pbd
yardim_r.pbd
yardim_yk.pbd
yazisma.pbd
ys.pbd

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 17KB - Virtual size: 16KB

741b6bafe355b63a372d737b30543a95

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 188B

.reloc Size: 512B - Virtual size: 436B

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

9b6b6a7858e17fb0b17e1c1428330343

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 697B

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 352B

.reloc Size: 512B - Virtual size: 320B

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 14KB - Virtual size: 16KB

BSS Size: - Virtual size: 8KB

BSS Size: 5KB - Virtual size: 8KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 17KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 188B

.reloc
Size: 512B - Virtual size: 436B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 697B

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 320B

CODE
Size: 14KB - Virtual size: 16KB

BSS
Size: - Virtual size: 8KB

BSS
Size: 5KB - Virtual size: 8KB

.idata
Size: 1024B - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB

.debug
Size: 14KB - Virtual size: 16KB

.text
Size: 185KB - Virtual size: 184KB

.rdata
Size: 33KB - Virtual size: 32KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 258KB - Virtual size: 258KB

.reloc
Size: 21KB - Virtual size: 20KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 925KB - Virtual size: 924KB

.data
Size: 309KB - Virtual size: 335KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 74KB - Virtual size: 74KB

.text
Size: 32KB - Virtual size: 31KB

.rsrc
Size: 4KB - Virtual size: 840B

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 556KB - Virtual size: 555KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 40KB - Virtual size: 37KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 12B