aa54f68350b8a0bac01e02bbe3805ae3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

aa54f68350b8a0bac01e02bbe3805ae3_JaffaCakes118
Size

6.9MB
MD5

aa54f68350b8a0bac01e02bbe3805ae3
SHA1

4792f087fa16b4ab28d33ae80ba82538a92befa7
SHA256

ed863ad84b6756abb7bbc319f191e415302754222096d4742638a747d32bf6a5
SHA512

daaa109757e9a98fe9fc7f6add83317fb383a7e69a2c08f698839d3280a9795cc5ca910dc0932cf92407905dd874c58dfb6a535c9b62ef9303f04255c498cdce
SSDEEP

98304:Bc+7DKcZOHu3fX/spy8LpDt/4HJM26g9WwVuiYuvqfBgkLL08QHFzPoqDStke/m6:LDKpuvXRYx4Hz67wNbya8L9elGuH6

Score

3^/10

Malware Config

Signatures

Unsigned PE 10 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/Gossiper.exe
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/inetc.dll
unpack001/$SYSDIR/SkinCrafter3_vs2005.dll
unpack001/LimeWire Acceleration Tool.exe
unpack001/UpdateApp.exe
unpack001/gdiplus.dll
unpack001/mfc80.dll
unpack001/packet.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

aa54f68350b8a0bac01e02bbe3805ae3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

35:eb:63:3d:d2:ae:f0:f1:05:41:2c:09:d2:c3:b1:4e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

30-03-2011 00:00

Not After

29-03-2012 23:59

Subject

CN=Prospera Software\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Prospera Software\, Inc.,L=Suwanee,ST=Georgia,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

64:c5:5c:38:60:b5:7d:13:45:56:63:7d:fa:b0:b0:b4:32:0d:a7:8f
Signer

Actual PE Digest

64:c5:5c:38:60:b5:7d:13:45:56:63:7d:fa:b0:b0:b4:32:0d:a7:8f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Gossiper.exe
.exe windows:4 windows x86 arch:x86

81638d02019c0bfcaaf23a9c69f2f12c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
WaitForSingleObject
CreateProcessA
GetCommandLineA
CloseHandle
UnmapViewOfFile
WriteFile
MapViewOfFile
DeleteFileA
GetTempFileNameA
GetTempPathA
CreateFileA
GetShortPathNameA
GetModuleFileNameA

user32

wsprintfA

Sections

.text
Size: 512B - Virtual size: 510B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 533B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/gossiper-toolbar-screenshot.bmp
$PLUGINSDIR/inetc.dll
.dll windows:4 windows x86 arch:x86

5bdcdde5acd7b395f3f3d19ebbb8c6cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_mbschr
_adjust_fdiv
malloc
_initterm
free
strlen
strchr
strrchr
_mbsrchr
strtoul
memset
_mbsstr
strtol

kernel32

GlobalFree
CreateThread
WaitForSingleObject
TerminateThread
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc
LoadLibraryA
GetProcAddress
lstrcmpiA
CreateFileA
GetFileSize
lstrlenA
WriteFile
ReadFile
lstrcmpA
lstrcpynA
lstrcatA
GetLastError
DeleteFileA
CloseHandle
SleepEx
SetFilePointer
GetTickCount

user32

MessageBoxA
GetParent
ShowWindow
SetWindowLongA
IsWindow
SetWindowTextA
SendDlgItemMessageA
GetDlgItem
PostMessageA
GetWindowTextA
SendMessageA
SetDlgItemTextA
SetWindowPos
SystemParametersInfoA
GetClientRect
GetWindowRect
SetTimer
LoadIconA
UpdateWindow
DestroyWindow
KillTimer
RedrawWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
IsWindowVisible
EnableWindow
CreateDialogParamA
FindWindowExA
wsprintfA
GetWindowLongA

wininet

HttpSendRequestA
HttpSendRequestExA
HttpQueryInfoA
FtpCreateDirectoryA
FtpOpenFileA
InternetGetLastResponseInfoA
InternetSetFilePointer
InternetSetOptionA
InternetQueryOptionA
InternetCloseHandle
InternetErrorDlg
HttpOpenRequestA
HttpAddRequestHeadersA
HttpEndRequestA
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetReadFile
InternetWriteFile

comctl32

ord17

Exports

Exports

get
head
post
put

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/setup.ini
$SYSDIR/SkinCrafter3_vs2005.dll
.dll regsvr32 windows:4 windows x86 arch:x86

93db24525847a33a7c7574df49fe59ed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc80

ord3140
ord3360
ord2370
ord3397
ord6752
ord1084
ord3401
ord326
ord783
ord3406
ord3350
ord3935
ord2494
ord3989
ord2873
ord3402
ord2532
ord2794
ord3139
ord3799
ord2878
ord3991
ord2876
ord1929
ord5727
ord2367
ord5641
ord2264
ord4001
ord4123
ord5640
ord2263
ord3368
ord3012
ord2762
ord1425
ord3156
ord2531
ord3353
ord3076
ord6007
ord5717
ord564
ord755
ord1092
ord589
ord330
ord5833
ord3596
ord663
ord2322
ord1489
ord6118
ord299
ord6703
ord426
ord3236
ord4066
ord3022
ord5472
ord6286
ord1211
ord869
ord380
ord3201
ord2702
ord2703
ord5493
ord2306
ord1181
ord2259
ord5563
ord3997
ord5529
ord629
ord5430
ord1439
ord1434
ord301
ord305
ord5320
ord1159
ord2348
ord2271
ord4085
ord5089
ord384
ord667
ord433
ord2346
ord3255
ord1580
ord5331
ord6297
ord317
ord584
ord3204
ord5427
ord1968
ord765
ord315
ord1037
ord1206
ord1208
ord1098
ord371
ord1167
ord1120
ord1201
ord1175
ord1177
ord1209
ord581
ord3302
ord347
ord1279
ord2079
ord1966
ord602
ord567
ord758
ord2468
ord5403
ord5433
ord3863
ord3239
ord429
ord722
ord3295
ord530
ord666
ord872
ord6005
ord1280
ord3161
ord3233
ord423
ord660
ord502
ord5613
ord3210
ord1934
ord501
ord5642
ord6037
ord5731
ord709
ord907
ord2372
ord2368
ord764
ord1917
ord5444
ord2248
ord1049
ord3830
ord757
ord4038
ord4014
ord6278
ord3801
ord6276
ord4326
ord2063
ord2018
ord5583
ord3806
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord2931
ord5224
ord5226
ord3948
ord4568
ord5230
ord5213
ord5566
ord2537
ord2731
ord2835
ord4307
ord2714
ord2838
ord2540
ord2646
ord2533
ord3718
ord3719
ord3709
ord2644
ord3949
ord4481
ord4261
ord3333
ord566
ord866
ord5714
ord3019
ord5466
ord4063
ord3025
ord4069
ord1191
ord1187
ord1185
ord3683
ord297
ord266
ord265
ord314
ord300
ord310
ord781
ord762
ord304
ord578
ord3934
ord2902
ord876
ord1482
ord784
ord6754
ord3348

msvcr80

_recalloc
_resetstkoflw
_purecall
strcat_s
wcsncpy_s
strcpy_s
memcpy
memcpy_s
free
malloc
_mbsnbcpy_s
_strnicmp
_wcsnset
memset
__CxxFrameHandler3
mbstowcs
printf
rand
isdigit
_strupr
srand
sscanf
strncpy
strstr
__RTDynamicCast
strncmp
_stricmp
__clean_type_info_names_internal
wcschr
_vswprintf
ceil
_itow
toupper
wcsstr
atoi
_CxxThrowException
?terminate@@YAXXZ
_unlock
_encode_pointer
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ

kernel32

GetVersion
InterlockedExchange
GetModuleHandleA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
IsDBCSLeadByte
GetModuleFileNameA
InterlockedDecrement
InterlockedIncrement
lstrcmpiA
lstrlenA
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
LocalSize
LocalLock
LocalUnlock
lstrlenW
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
GlobalFree
lstrcmpA
lstrcpyA
LoadLibraryW
MulDiv
LoadLibraryA
SetLastError
GetDateFormatW
GetLocaleInfoW
GetTimeFormatW
GetLocalTime
FindResourceExA
GetUserDefaultLangID
LocalFree
HeapFree
GetProcessHeap
HeapAlloc
OutputDebugStringA
Sleep
GlobalUnlock
GlobalLock
GetVersionExA
LocalAlloc
LocalReAlloc
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetProcAddress
GetACP
GetLocaleInfoA
GetThreadLocale
GlobalAlloc

user32

KillTimer
GetMessagePos
EnableScrollBar
SetScrollPos
ShowScrollBar
GetMenuBarInfo
IsWindow
RemovePropA
SetPropA
IsWindowUnicode
SetWindowLongW
SetWindowLongA
IsWindowEnabled
GetTopWindow
GetForegroundWindow
RedrawWindow
SetWindowPos
IsWindowVisible
GetPropA
ScreenToClient
GetWindowLongA
BeginPaint
GetWindow
GetDC
ReleaseDC
GetWindowRect
GetSystemMetrics
ShowWindow
SetForegroundWindow
SetActiveWindow
GetWindowPlacement
SetWindowPlacement
OffsetRect
CopyRect
SetCursor
LoadCursorA
GetParent
GetClientRect
SendMessageA
PtInRect
SetTimer
PostMessageA
GetClassLongA
SetClassLongA
EnumThreadWindows
DrawEdge
EnumChildWindows
CharNextA
DrawStateA
GetIconInfo
TrackMouseEvent
CallWindowProcW
CallWindowProcA
GetWindowTextLengthW
GetWindowTextW
GetWindowTextLengthA
GetWindowTextA
GetMenuStringW
GetMenuStringA
SetFocus
UnionRect
GetMenuItemID
SetMenuItemInfoA
GetMenuItemRect
GetMenuState
GetMenuItemInfoA
GetMenuItemCount
GetWindowDC
GetScrollPos
DrawFrameControl
FillRect
FrameRect
DrawFocusRect
InvertRect
DrawIconEx
EqualRect
InflateRect
DestroyIcon
GetDlgCtrlID
IntersectRect
UpdateWindow
SubtractRect
GetNextDlgTabItem
HideCaret
ShowCaret
GetFocus
SendMessageW
GetKeyState
DrawTextW
MapWindowPoints
DrawTextA
SetCaretPos
GetCaretPos
GetScrollInfo
GetSysColor
GetDlgItem
SetCapture
IsIconic
IsZoomed
SetWindowRgn
GetCapture
SystemParametersInfoA
GetAncestor
PeekMessageA
DispatchMessageA
GetMessageA
GetSysColorBrush
SetScrollInfo
GetClassInfoA
RegisterClassA
DefWindowProcA
CreateWindowExA
DestroyWindow
CopyImage
WindowFromPoint
AppendMenuA
LoadIconA
RemoveMenu
GetSubMenu
GetClassNameA
EndPaint
GetDCEx
AdjustWindowRectEx
GetMenu
IsMenu
GetSystemMenu
DrawMenuBar
TrackPopupMenu
InvalidateRect
LockWindowUpdate
GetCursorPos
GetWindowRgn
ClientToScreen
SetRectEmpty
IsRectEmpty
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
ReleaseCapture
GetDesktopWindow
UnhookWindowsHookEx
SetRect
AdjustWindowRect
UnregisterClassA

gdi32

SetViewportOrgEx
PtInRegion
CreateRectRgnIndirect
ExcludeClipRect
CreateFontIndirectA
CreateEllipticRgn
CreateRoundRectRgn
SetBkMode
CreateSolidBrush
SetTextColor
SetBkColor
GetTextExtentPointA
GetTextExtentPointW
GetTextMetricsW
ExtSelectClipRgn
GetTextColor
SetBoundsRect
GetObjectA
GetPixel
SetWindowOrgEx
SetPixel
SelectClipRgn
DeleteDC
BitBlt
CreateCompatibleDC
GetCurrentObject
GetTextExtentPoint32A
GetTextExtentPoint32W
RestoreDC
CreatePen
CreateCompatibleBitmap
PatBlt
GetStockObject
SelectObject
BeginPath
MoveToEx
LineTo
EndPath
WidenPath
PathToRegion
GetRgnBox
CreateRectRgn
CombineRgn
DeleteObject
OffsetRgn
GetRegionData
GetBkColor
SetDIBColorTable
GetPaletteEntries
SelectPalette
RealizePalette
CreateDIBSection
GetDIBColorTable
CreatePalette
GetDeviceCaps
CreateHalftonePalette
CreatePatternBrush
UnrealizeObject
CreateBitmap
GetBkMode
GetObjectW
IntersectClipRect
SetStretchBltMode
SetBrushOrgEx
StretchBlt
GetLayout
SetLayout
CreateFontIndirectW
ExtCreateRegion
GetTextMetricsA
ExtTextOutA
Rectangle
PlayEnhMetaFile
Ellipse
Arc
GetViewportOrgEx
SaveDC

advapi32

RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueExA

comctl32

InitializeFlatSB
UninitializeFlatSB
ImageList_Draw
ImageList_GetIcon
ImageList_GetIconSize
ImageList_SetBkColor
ImageList_DrawEx

ole32

CreateStreamOnHGlobal
GetHGlobalFromStream
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VarUdateFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear
VariantInit
LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysStringLen
SysAllocString
SysFreeString

gdiplus

GdipMultiplyWorldTransform
GdipBeginContainer2
GdipEndContainer
GdipCreateStringFormat
GdipDeleteStringFormat
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipCreateFont
GdipDeleteFont
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromHICON
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatTrimming
GdipSetTextRenderingHint
GdipDrawString
GdiplusShutdown
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdipSaveImageToStream
GdipGetImageRawFormat
GdipCreateBitmapFromStream
GdipGetImagePixelFormat
GdipCloneBitmapAreaI
GdipGetDC
GdipCreateFromHDC
GdipTranslateMatrix
GdipMultiplyMatrix
GdipCreateMatrix2
GdipCreateMatrix
GdipDeleteMatrix
GdipCloneImage
GdipCloneBrush
GdipDrawImageRectRectI
GdipGetImageGraphicsContext
GdipCreateSolidFill
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipDeleteBrush
GdipAlloc
GdipFree
GdipReleaseDC

oleacc

AccessibleObjectFromWindow

msimg32

TransparentBlt

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 420KB - Virtual size: 416KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LimeWire Acceleration Tool.exe
.exe windows:5 windows x86 arch:x86

68cfe01559c174412f2e8c9c5d89059b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasEnumConnectionsA
RasHangUpA

wininet

InternetGetConnectedState

packet

PacketAllocatePacket
PacketSetReadTimeout
PacketSetBuff
PacketSetHwFilter
PacketInitPacket
PacketFreePacket
PacketCloseAdapter
PacketReceivePacket
PacketOpenAdapter
PacketGetNetType

iphlpapi

AddIPAddress
GetIpAddrTable
GetAdaptersInfo
GetInterfaceInfo
DeleteIPAddress

kernel32

ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetShortPathNameA
CreateFileA
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesExA
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
GetFileAttributesA
GetFileSizeEx
GetFileTime
LoadLibraryW
GetSystemDirectoryW
RtlUnwind
HeapFree
HeapAlloc
lstrcmpiA
GetCommandLineA
GetStartupInfoA
RaiseException
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
ExitProcess
ExitThread
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
HeapCreate
HeapDestroy
VirtualFree
FatalAppExitA
GetStdHandle
SetHandleCount
GetFileType
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
GetStringTypeExA
DeleteFileA
MoveFileA
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
GetModuleHandleW
GetAtomNameA
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryExA
InterlockedExchange
lstrcmpA
InterlockedDecrement
GetModuleFileNameW
CopyFileA
GlobalSize
GlobalAlloc
FormatMessageA
LocalFree
lstrlenW
MulDiv
GetCurrentProcessId
lstrlenA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
CompareStringA
SetLastError
MultiByteToWideChar
lstrcmpW
GetModuleHandleA
GetVersionExA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetLocalTime
GetVersion
CreateThread
SetThreadPriority
GetTickCount
Sleep
TerminateThread
GetLastError
LoadLibraryA
GetProcAddress
GetCurrentDirectoryA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrcpynA
GetModuleFileNameA
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
GetSystemTimeAsFileTime

user32

ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
InflateRect
GetMenuItemInfoA
DestroyMenu
GetKeyNameTextA
MapVirtualKeyA
GetDialogBaseUnits
GetSysColorBrush
LoadCursorA
UnregisterClassA
DeleteMenu
SetCapture
ReleaseCapture
WaitMessage
CharUpperA
CharNextA
CopyAcceleratorTableA
IsRectEmpty
SetRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
SetRectEmpty
TranslateAcceleratorA
BringWindowToTop
CreatePopupMenu
InsertMenuItemA
LoadAcceleratorsA
GetMenuBarInfo
ReuseDDElParam
UnpackDDElParam
RegisterClipboardFormatA
UnionRect
PostThreadMessageA
GetDCEx
LockWindowUpdate
TabbedTextOutA
GetMenuStringA
InsertMenuA
RemoveMenu
GetWindowThreadProcessId
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
SetCursor
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
IsWindowVisible
UpdateWindow
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
GetWindowPlacement
GetWindow
GetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
RegisterWindowMessageA
SetActiveWindow
RedrawWindow
DrawAnimatedRects
SetParent
FindWindowA
EnumChildWindows
SystemParametersInfoA
GetClassNameA
SetForegroundWindow
PostMessageA
GetCursorPos
TrackPopupMenu
LoadMenuA
SetMenuDefaultItem
IsWindow
GetMenuItemID
GetMenu
GetMenuItemCount
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
WindowFromPoint
EndPaint
BeginPaint
GetWindowDC
GetSubMenu
IsIconic
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
GetWindowTextLengthA
DrawTextA
DrawIcon
GetSystemMetrics
GetDesktopWindow
GetWindowRect
GetSystemMenu
AppendMenuA
SetWindowRgn
LoadIconA
MessageBoxA
SetTimer
FillRect
GetClientRect
SendMessageA
InvalidateRect
LoadImageA
DestroyIcon
DestroyCursor
KillTimer
EnableWindow
CreateWindowExA

gdi32

SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
StartDocA
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDCA
CreateDIBPatternBrushPt
GetDeviceCaps
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
ExtCreatePen
CreateHatchBrush
CreateFontIndirectA
GetTextExtentPoint32A
CreateRectRgnIndirect
PatBlt
GetTextMetricsA
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
GetCharWidthA
CreateFontA
StretchDIBits
DeleteDC
CopyMetaFileA
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
GetStockObject
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
CreatePen
CreatePatternBrush
DeleteObject
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
PtVisible

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueA
RegCreateKeyA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

shell32

DragQueryFileA
Shell_NotifyIconA
SHAppBarMessage
ExtractIconA
SHGetFileInfoA
DragFinish
ShellExecuteA

comctl32

ord17

shlwapi

PathFindExtensionA
PathRemoveExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathRemoveFileSpecW

oledlg

ord8

ole32

ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
WriteClassStg
CoTaskMemAlloc
SetConvertStg
CoTaskMemFree
CoInitialize
CoDisconnectObject
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleDuplicateData
OleRun
CoCreateInstance
CLSIDFromProgID
WriteFmtUserTypeStg
CLSIDFromString
CoRevokeClassObject
CoRegisterClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
CoUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromGUID2
OleRegGetUserType

oleaut32

SystemTimeToVariantTime
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
SysAllocString
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
VariantTimeToSystemTime
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysReAllocStringLen
VarDateFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromDate
OleCreateFontIndirect

ws2_32

htons
recvfrom
closesocket
WSAGetLastError
bind
WSASocketA
gethostbyaddr
WSAStartup
inet_ntoa
inet_addr
WSAIoctl
ntohs

Sections

.text
Size: 540KB - Virtual size: 540KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Skin.skf
UpdateApp.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Work\UpdateApp\UpdateApp\obj\Release\UpdateApp.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 219KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
gdiplus.dll
.dll windows:5 windows x86 arch:x86

7941976a82dd7ff8b1a2ea069878fab3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetOEMCP
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
InterlockedExchange
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
RaiseException
Sleep
CloseHandle
WriteFile
CreateFileA
WaitForSingleObject
SetEvent
lstrcmpiA
CreateThread
CreateEventA
WideCharToMultiByte
MultiByteToWideChar
GetTickCount
GetSystemDefaultLCID
GetProcAddress
GetModuleHandleW
GetACP
GetVersionExA
VirtualQuery
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
ExitProcess
GetCommandLineA
GetSystemInfo
HeapReAlloc
HeapFree
VirtualAlloc
IsValidLocale
ConvertDefaultLocale
GetLocaleInfoW
GetModuleFileNameW
GetModuleFileNameA
FindResourceA
LoadResource
LockResource
GetProfileIntA
GetProfileStringA
lstrcmpiW
IsDBCSLeadByteEx
LocalReAlloc
MulDiv
SetLastError
LocalAlloc
LocalFree
GetFileTime
SearchPathW
SearchPathA
InterlockedIncrement
CreateSemaphoreA
lstrcpyW
lstrcatW
LoadLibraryW
lstrcpyA
lstrcatA
GetSystemDirectoryA
CreateFileMappingW
ReleaseSemaphore
GetProfileSectionA
CreateFileW
SetEndOfFile
SetFilePointer
ReadFile
UnlockFile
GetFileInformationByHandle
LockFile
FlushFileBuffers
GetLastError
VirtualFree
GlobalAlloc
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GlobalLock
GlobalSize
GlobalUnlock
GlobalFree
HeapCreate
GetModuleHandleA
GetSystemDirectoryW
GetWindowsDirectoryA
FreeLibrary
HeapDestroy
LoadLibraryA

user32

ReleaseDC
LoadBitmapW
LoadBitmapA
wsprintfW
SystemParametersInfoA
GetDC
wsprintfA
GetSysColor
UnregisterClassA
DestroyWindow
GetSystemMetrics
DefWindowProcA
CreateWindowExA
RegisterClassA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageA
GetClientRect
GetDesktopWindow
GetWindowRect
WindowFromDC
CreateIconIndirect
GetIconInfo
ClientToScreen
wvsprintfA
GetDCEx
GetWindowLongA
GetClassLongA

gdi32

GetNearestPaletteIndex
GetDIBColorTable
FillRgn
SetMiterLimit
CreateSolidBrush
StrokePath
GetGraphicsMode
SetPolyFillMode
FillPath
StrokeAndFillPath
GetViewportExtEx
ExtTextOutA
GetTextCharsetInfo
TranslateCharsetInfo
PolylineTo
Polyline
LineTo
GetCurrentPositionEx
ArcTo
SetArcDirection
SelectClipPath
GetPath
CloseFigure
AbortPath
FlattenPath
WidenPath
BeginPath
Ellipse
AngleArc
PolyBezierTo
PolyBezier
RoundRect
PolyDraw
Pie
Chord
Arc
EndPath
OffsetClipRgn
GetRgnBox
CombineRgn
SetPaletteEntries
ResizePalette
ExcludeClipRect
MoveToEx
PlayEnhMetaFile
GetWinMetaFileBits
PlgBlt
BitBlt
OffsetViewportOrgEx
StretchBlt
ScaleViewportExtEx
ScaleWindowExtEx
CombineTransform
SetMapperFlags
CreatePen
CreateDIBitmap
CreatePatternBrush
ExtSelectClipRgn
GetBkMode
GetTextAlign
ModifyWorldTransform
ExtCreateRegion
CreateCompatibleBitmap
GetNearestColor
SetStretchBltMode
StretchDIBits
SetTextAlign
SetTextJustification
PolyPolygon
PlayMetaFileRecord
ExtCreatePen
GetWorldTransform
GetROP2
SetROP2
Rectangle
Polygon
IntersectClipRect
SetBrushOrgEx
GetClipRgn
SelectClipRgn
GetBkColor
GetTextColor
CreatePenIndirect
GetObjectW
DPtoLP
CreateDIBPatternBrushPt
ExtTextOutW
SetBitmapBits
CreateEnhMetaFileW
GdiComment
GetMetaFileW
GetMetaFileA
SaveDC
SetWindowOrgEx
SetViewportOrgEx
SetGraphicsMode
SetWorldTransform
GetEnhMetaFileW
GetEnhMetaFileA
GetEnhMetaFileBits
CopyEnhMetaFileA
CopyMetaFileA
DeleteMetaFile
GetEnhMetaFileHeader
SetMetaFileBitsEx
SetEnhMetaFileBits
CreateEnhMetaFileA
SetMapMode
SetViewportExtEx
SetWindowExtEx
PlayMetaFile
CloseEnhMetaFile
DeleteEnhMetaFile
SetMetaRgn
GetMetaFileBitsEx
EnumMetaFile
EnumEnhMetaFile
PlayEnhMetaFileRecord
RestoreDC
GetStockObject
CreateBitmap
SetTextColor
SetBkColor
SetBkMode
SetDIBits
CreatePalette
GetSystemPaletteEntries
GetSystemPaletteUse
GetDeviceCaps
ExtEscape
GetObjectType
GetPixel
SetDIBColorTable
DeleteObject
SelectPalette
GetTextFaceA
GetTextMetricsA
GetTextFaceW
GetTextMetricsW
EnumFontFamiliesExA
EnumFontFamiliesExW
SelectObject
CreateFontIndirectW
CreateFontIndirectA
GetRegionData
DeleteDC
CreateDCA
CreateICA
CreateRectRgn
GetRandomRgn
LPtoDP
GetWindowExtEx
PolyPolyline
GetWindowOrgEx
GetViewportOrgEx
GetMapMode
SetICMMode
Escape
GetDCOrgEx
GetObjectA
GetCurrentObject
GetDIBits
CreateCompatibleDC
CreateDIBSection
RealizePalette
GetPaletteEntries
GdiFlush
PatBlt
CreateBrushIndirect

ole32

CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal

advapi32

RegSetValueExA
RegCloseKey
RegEnumValueW
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegEnumKeyExA
RegEnumKeyExW
RegCreateKeyExA
RegQueryValueExW
RegSetValueExW
RegEnumValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW

Exports

Exports

GdipAddPathArc
GdipAddPathArcI
GdipAddPathBezier
GdipAddPathBezierI
GdipAddPathBeziers
GdipAddPathBeziersI
GdipAddPathClosedCurve
GdipAddPathClosedCurve2
GdipAddPathClosedCurve2I
GdipAddPathClosedCurveI
GdipAddPathCurve
GdipAddPathCurve2
GdipAddPathCurve2I
GdipAddPathCurve3
GdipAddPathCurve3I
GdipAddPathCurveI
GdipAddPathEllipse
GdipAddPathEllipseI
GdipAddPathLine
GdipAddPathLine2
GdipAddPathLine2I
GdipAddPathLineI
GdipAddPathPath
GdipAddPathPie
GdipAddPathPieI
GdipAddPathPolygon
GdipAddPathPolygonI
GdipAddPathRectangle
GdipAddPathRectangleI
GdipAddPathRectangles
GdipAddPathRectanglesI
GdipAddPathString
GdipAddPathStringI
GdipAlloc
GdipBeginContainer
GdipBeginContainer2
GdipBeginContainerI
GdipBitmapGetPixel
GdipBitmapLockBits
GdipBitmapSetPixel
GdipBitmapSetResolution
GdipBitmapUnlockBits
GdipClearPathMarkers
GdipCloneBitmapArea
GdipCloneBitmapAreaI
GdipCloneBrush
GdipCloneCustomLineCap
GdipCloneFont
GdipCloneFontFamily
GdipCloneImage
GdipCloneImageAttributes
GdipCloneMatrix
GdipClonePath
GdipClonePen
GdipCloneRegion
GdipCloneStringFormat
GdipClosePathFigure
GdipClosePathFigures
GdipCombineRegionPath
GdipCombineRegionRect
GdipCombineRegionRectI
GdipCombineRegionRegion
GdipComment
GdipCreateAdjustableArrowCap
GdipCreateBitmapFromDirectDrawSurface
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromHICON
GdipCreateBitmapFromResource
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateCachedBitmap
GdipCreateCustomLineCap
GdipCreateFont
GdipCreateFontFamilyFromName
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCreateFontFromLogfontW
GdipCreateFromHDC
GdipCreateFromHDC2
GdipCreateFromHWND
GdipCreateFromHWNDICM
GdipCreateHBITMAPFromBitmap
GdipCreateHICONFromBitmap
GdipCreateHalftonePalette
GdipCreateHatchBrush
GdipCreateImageAttributes
GdipCreateLineBrush
GdipCreateLineBrushFromRect
GdipCreateLineBrushFromRectI
GdipCreateLineBrushFromRectWithAngle
GdipCreateLineBrushFromRectWithAngleI
GdipCreateLineBrushI
GdipCreateMatrix
GdipCreateMatrix2
GdipCreateMatrix3
GdipCreateMatrix3I
GdipCreateMetafileFromEmf
GdipCreateMetafileFromFile
GdipCreateMetafileFromStream
GdipCreateMetafileFromWmf
GdipCreateMetafileFromWmfFile
GdipCreatePath
GdipCreatePath2
GdipCreatePath2I
GdipCreatePathGradient
GdipCreatePathGradientFromPath
GdipCreatePathGradientI
GdipCreatePathIter
GdipCreatePen1
GdipCreatePen2
GdipCreateRegion
GdipCreateRegionHrgn
GdipCreateRegionPath
GdipCreateRegionRect
GdipCreateRegionRectI
GdipCreateRegionRgnData
GdipCreateSolidFill
GdipCreateStreamOnFile
GdipCreateStringFormat
GdipCreateTexture
GdipCreateTexture2
GdipCreateTexture2I
GdipCreateTextureIA
GdipCreateTextureIAI
GdipDeleteBrush
GdipDeleteCachedBitmap
GdipDeleteCustomLineCap
GdipDeleteFont
GdipDeleteFontFamily
GdipDeleteGraphics
GdipDeleteMatrix
GdipDeletePath
GdipDeletePathIter
GdipDeletePen
GdipDeletePrivateFontCollection
GdipDeleteRegion
GdipDeleteStringFormat
GdipDisposeImage
GdipDisposeImageAttributes
GdipDrawArc
GdipDrawArcI
GdipDrawBezier
GdipDrawBezierI
GdipDrawBeziers
GdipDrawBeziersI
GdipDrawCachedBitmap
GdipDrawClosedCurve
GdipDrawClosedCurve2
GdipDrawClosedCurve2I
GdipDrawClosedCurveI
GdipDrawCurve
GdipDrawCurve2
GdipDrawCurve2I
GdipDrawCurve3
GdipDrawCurve3I
GdipDrawCurveI
GdipDrawDriverString
GdipDrawEllipse
GdipDrawEllipseI
GdipDrawImage
GdipDrawImageI
GdipDrawImagePointRect
GdipDrawImagePointRectI
GdipDrawImagePoints
GdipDrawImagePointsI
GdipDrawImagePointsRect
GdipDrawImagePointsRectI
GdipDrawImageRect
GdipDrawImageRectI
GdipDrawImageRectRect
GdipDrawImageRectRectI
GdipDrawLine
GdipDrawLineI
GdipDrawLines
GdipDrawLinesI
GdipDrawPath
GdipDrawPie
GdipDrawPieI
GdipDrawPolygon
GdipDrawPolygonI
GdipDrawRectangle
GdipDrawRectangleI
GdipDrawRectangles
GdipDrawRectanglesI
GdipDrawString
GdipEmfToWmfBits
GdipEndContainer
GdipEnumerateMetafileDestPoint
GdipEnumerateMetafileDestPointI
GdipEnumerateMetafileDestPoints
GdipEnumerateMetafileDestPointsI
GdipEnumerateMetafileDestRect
GdipEnumerateMetafileDestRectI
GdipEnumerateMetafileSrcRectDestPoint
GdipEnumerateMetafileSrcRectDestPointI
GdipEnumerateMetafileSrcRectDestPoints
GdipEnumerateMetafileSrcRectDestPointsI
GdipEnumerateMetafileSrcRectDestRect
GdipEnumerateMetafileSrcRectDestRectI
GdipFillClosedCurve
GdipFillClosedCurve2
GdipFillClosedCurve2I
GdipFillClosedCurveI
GdipFillEllipse
GdipFillEllipseI
GdipFillPath
GdipFillPie
GdipFillPieI
GdipFillPolygon
GdipFillPolygon2
GdipFillPolygon2I
GdipFillPolygonI
GdipFillRectangle
GdipFillRectangleI
GdipFillRectangles
GdipFillRectanglesI
GdipFillRegion
GdipFlattenPath
GdipFlush
GdipFree
GdipGetAdjustableArrowCapFillState
GdipGetAdjustableArrowCapHeight
GdipGetAdjustableArrowCapMiddleInset
GdipGetAdjustableArrowCapWidth
GdipGetAllPropertyItems
GdipGetBrushType
GdipGetCellAscent
GdipGetCellDescent
GdipGetClip
GdipGetClipBounds
GdipGetClipBoundsI
GdipGetCompositingMode
GdipGetCompositingQuality
GdipGetCustomLineCapBaseCap
GdipGetCustomLineCapBaseInset
GdipGetCustomLineCapStrokeCaps
GdipGetCustomLineCapStrokeJoin
GdipGetCustomLineCapType
GdipGetCustomLineCapWidthScale
GdipGetDC
GdipGetDpiX
GdipGetDpiY
GdipGetEmHeight
GdipGetEncoderParameterList
GdipGetEncoderParameterListSize
GdipGetFamily
GdipGetFamilyName
GdipGetFontCollectionFamilyCount
GdipGetFontCollectionFamilyList
GdipGetFontHeight
GdipGetFontHeightGivenDPI
GdipGetFontSize
GdipGetFontStyle
GdipGetFontUnit
GdipGetGenericFontFamilyMonospace
GdipGetGenericFontFamilySansSerif
GdipGetGenericFontFamilySerif
GdipGetHatchBackgroundColor
GdipGetHatchForegroundColor
GdipGetHatchStyle
GdipGetHemfFromMetafile
GdipGetImageAttributesAdjustedPalette
GdipGetImageBounds
GdipGetImageDecoders
GdipGetImageDecodersSize
GdipGetImageDimension
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImageFlags
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipGetImageHorizontalResolution
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageRawFormat
GdipGetImageThumbnail
GdipGetImageType
GdipGetImageVerticalResolution
GdipGetImageWidth
GdipGetInterpolationMode
GdipGetLineBlend
GdipGetLineBlendCount
GdipGetLineColors
GdipGetLineGammaCorrection
GdipGetLinePresetBlend
GdipGetLinePresetBlendCount
GdipGetLineRect
GdipGetLineRectI
GdipGetLineSpacing
GdipGetLineTransform
GdipGetLineWrapMode
GdipGetLogFontA
GdipGetLogFontW
GdipGetMatrixElements
GdipGetMetafileDownLevelRasterizationLimit
GdipGetMetafileHeaderFromEmf
GdipGetMetafileHeaderFromFile
GdipGetMetafileHeaderFromMetafile
GdipGetMetafileHeaderFromStream
GdipGetMetafileHeaderFromWmf
GdipGetNearestColor
GdipGetPageScale
GdipGetPageUnit
GdipGetPathData
GdipGetPathFillMode
GdipGetPathGradientBlend
GdipGetPathGradientBlendCount
GdipGetPathGradientCenterColor
GdipGetPathGradientCenterPoint
GdipGetPathGradientCenterPointI
GdipGetPathGradientFocusScales
GdipGetPathGradientGammaCorrection
GdipGetPathGradientPath
GdipGetPathGradientPointCount
GdipGetPathGradientPresetBlend
GdipGetPathGradientPresetBlendCount
GdipGetPathGradientRect
GdipGetPathGradientRectI
GdipGetPathGradientSurroundColorCount
GdipGetPathGradientSurroundColorsWithCount
GdipGetPathGradientTransform
GdipGetPathGradientWrapMode
GdipGetPathLastPoint
GdipGetPathPoints
GdipGetPathPointsI
GdipGetPathTypes
GdipGetPathWorldBounds
GdipGetPathWorldBoundsI
GdipGetPenBrushFill
GdipGetPenColor
GdipGetPenCompoundArray
GdipGetPenCompoundCount
GdipGetPenCustomEndCap
GdipGetPenCustomStartCap
GdipGetPenDashArray
GdipGetPenDashCap197819
GdipGetPenDashCount
GdipGetPenDashOffset
GdipGetPenDashStyle
GdipGetPenEndCap
GdipGetPenFillType
GdipGetPenLineJoin
GdipGetPenMiterLimit
GdipGetPenMode
GdipGetPenStartCap
GdipGetPenTransform
GdipGetPenUnit
GdipGetPenWidth
GdipGetPixelOffsetMode
GdipGetPointCount
GdipGetPropertyCount
GdipGetPropertyIdList
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipGetPropertySize
GdipGetRegionBounds
GdipGetRegionBoundsI
GdipGetRegionData
GdipGetRegionDataSize
GdipGetRegionHRgn
GdipGetRegionScans
GdipGetRegionScansCount
GdipGetRegionScansI
GdipGetRenderingOrigin
GdipGetSmoothingMode
GdipGetSolidFillColor
GdipGetStringFormatAlign
GdipGetStringFormatDigitSubstitution
GdipGetStringFormatFlags
GdipGetStringFormatHotkeyPrefix
GdipGetStringFormatLineAlign
GdipGetStringFormatMeasurableCharacterRangeCount
GdipGetStringFormatTabStopCount
GdipGetStringFormatTabStops
GdipGetStringFormatTrimming
GdipGetTextContrast
GdipGetTextRenderingHint
GdipGetTextureImage
GdipGetTextureTransform
GdipGetTextureWrapMode
GdipGetVisibleClipBounds
GdipGetVisibleClipBoundsI
GdipGetWorldTransform
GdipGraphicsClear
GdipImageForceValidation
GdipImageGetFrameCount
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageRotateFlip
GdipImageSelectActiveFrame
GdipInvertMatrix
GdipIsClipEmpty
GdipIsEmptyRegion
GdipIsEqualRegion
GdipIsInfiniteRegion
GdipIsMatrixEqual
GdipIsMatrixIdentity
GdipIsMatrixInvertible
GdipIsOutlineVisiblePathPoint
GdipIsOutlineVisiblePathPointI
GdipIsStyleAvailable
GdipIsVisibleClipEmpty
GdipIsVisiblePathPoint
GdipIsVisiblePathPointI
GdipIsVisiblePoint
GdipIsVisiblePointI
GdipIsVisibleRect
GdipIsVisibleRectI
GdipIsVisibleRegionPoint
GdipIsVisibleRegionPointI
GdipIsVisibleRegionRect
GdipIsVisibleRegionRectI
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipMeasureCharacterRanges
GdipMeasureDriverString
GdipMeasureString
GdipMultiplyLineTransform
GdipMultiplyMatrix
GdipMultiplyPathGradientTransform
GdipMultiplyPenTransform
GdipMultiplyTextureTransform
GdipMultiplyWorldTransform
GdipNewInstalledFontCollection
GdipNewPrivateFontCollection
GdipPathIterCopyData
GdipPathIterEnumerate
GdipPathIterGetCount
GdipPathIterGetSubpathCount
GdipPathIterHasCurve
GdipPathIterIsValid
GdipPathIterNextMarker
GdipPathIterNextMarkerPath
GdipPathIterNextPathType
GdipPathIterNextSubpath
GdipPathIterNextSubpathPath
GdipPathIterRewind
GdipPlayMetafileRecord
GdipPrivateAddFontFile
GdipPrivateAddMemoryFont
GdipRecordMetafile
GdipRecordMetafileFileName
GdipRecordMetafileFileNameI
GdipRecordMetafileI
GdipRecordMetafileStream
GdipRecordMetafileStreamI
GdipReleaseDC
GdipRemovePropertyItem
GdipResetClip
GdipResetImageAttributes
GdipResetLineTransform
GdipResetPageTransform
GdipResetPath
GdipResetPathGradientTransform
GdipResetPenTransform
GdipResetTextureTransform
GdipResetWorldTransform
GdipRestoreGraphics
GdipReversePath
GdipRotateLineTransform
GdipRotateMatrix
GdipRotatePathGradientTransform
GdipRotatePenTransform
GdipRotateTextureTransform
GdipRotateWorldTransform
GdipSaveAdd
GdipSaveAddImage
GdipSaveGraphics
GdipSaveImageToFile
GdipSaveImageToStream
GdipScaleLineTransform
GdipScaleMatrix
GdipScalePathGradientTransform
GdipScalePenTransform
GdipScaleTextureTransform
GdipScaleWorldTransform
GdipSetAdjustableArrowCapFillState
GdipSetAdjustableArrowCapHeight
GdipSetAdjustableArrowCapMiddleInset
GdipSetAdjustableArrowCapWidth
GdipSetClipGraphics
GdipSetClipHrgn
GdipSetClipPath
GdipSetClipRect
GdipSetClipRectI
GdipSetClipRegion
GdipSetCompositingMode
GdipSetCompositingQuality
GdipSetCustomLineCapBaseCap
GdipSetCustomLineCapBaseInset
GdipSetCustomLineCapStrokeCaps
GdipSetCustomLineCapStrokeJoin

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mfc80.dll
.dll windows:4 windows x86 arch:x86

171634aabc6eff9406d434016ff974c3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

MFC80.i386.pdb

Imports

msvcr80

_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
?terminate@@YAXXZ
_itoa_s
wcsncpy_s
_ultoa_s
_ltoa_s
_ismbcdigit
ceil
_snwprintf_s
_mbsnbcmp
_mbsnbicmp
_fullpath
atol
__argv
__argc
sscanf_s
_beginthreadex
_endthreadex
_mbsdec
_strdup
atoi
_expand
strtod
strtoul
strtol
_makepath_s
memcpy_s
_splitpath_s
_vsnprintf_s
_snscanf_s
labs
abs
_ismbblead
_msize
strcat_s
strncpy_s
_snprintf_s
_errno
_purecall
_mktime64
_localtime64_s
realloc
fclose
fflush
ftell
fseek
fgets
fputs
fwrite
clearerr_s
ferror
feof
fread
__doserrno
_fdopen
_open_osfhandle
_fileno
_get_osfhandle
strcpy_s
abort
memcmp
sprintf_s
_mbsnbcpy_s
_wcsicmp
_mbschr
memcpy
calloc
vswprintf_s
_mbspbrk
memmove_s
wcsspn
_mbsrchr
_vscprintf
wcscmp
_mbscoll
memmove
_mbsspn
wcsstr
memset
_mbsinc
_ismbcspace
wcscpy_s
wcspbrk
free
vsprintf_s
_mbsstr
_wcsupr_s
strlen
wcslen
_mbscspn
_mbscmp
wcsrchr
wcscoll
_vscwprintf
_mbslwr_s
_recalloc
_mbsicoll
_wcslwr_s
malloc
_resetstkoflw
_mbsicmp
iswspace
wcscspn
_mbsupr_s
_wcsicoll
_mbsrev
wcschr
_wcsrev
_CxxThrowException
__clean_type_info_names_internal
__CxxFrameHandler3

kernel32

GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
Sleep
GetEnvironmentVariableW
WideCharToMultiByte
LoadResource
LockResource
MultiByteToWideChar
GetStringTypeExW
CompareStringA
lstrlenA
GetLastError
FormatMessageA
FindResourceExA
lstrlenW
FindResourceA
InterlockedExchange
LocalFree
lstrcmpiA
GetStringTypeExA
GetEnvironmentVariableA
CompareStringW
SizeofResource
lstrcmpiW
GetVersion
SetLastError
GetAtomNameA
GlobalGetAtomNameA
lstrcmpA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
CreateFileA
FindClose
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
CloseHandle
LockFile
GetThreadLocale
UnlockFile
SetEndOfFile
GetFileSize
MoveFileA
DeleteFileA
GetModuleFileNameA
GetShortPathNameA
LoadLibraryA
GetProcAddress
DuplicateHandle
GetCurrentProcess
GlobalLock
GlobalSize
GlobalAlloc
GlobalUnlock
GlobalReAlloc
GlobalFree
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileAttributesA
SetFileTime
GetFileTime
GetFileAttributesA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCPInfo
GetOEMCP
GetModuleHandleA
GetModuleFileNameW
FreeLibrary
InterlockedDecrement
LeaveCriticalSection
TlsGetValue
LocalReAlloc
TlsSetValue
LocalAlloc
TlsAlloc
InitializeCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
EnterCriticalSection
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
CreateMutexA
ReleaseMutex
CreateEventA
WaitForMultipleObjects
GlobalAddAtomA
GetCurrentThreadId
GetVersionExA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GetCurrentProcessId
MulDiv
GetProfileIntA
VirtualProtect
RaiseException
GlobalFlags
GetDiskFreeSpaceA
GetTempFileNameA
LocalLock
LocalUnlock
GetTempPathA
SearchPathA
ResumeThread
SuspendThread
SetEvent
SetThreadPriority
ConvertDefaultLocale
EnumResourceLanguagesA
GetCurrentThread
GetLocaleInfoA
SetErrorMode
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentDirectoryA
InterlockedIncrement
FindNextFileA
GetTickCount
CopyFileA
GetUserDefaultLCID
IsDBCSLeadByte
lstrcpyW
lstrcpyA
GetSystemTime
LoadLibraryExA
GetACP

gdi32

GetNearestColor
OffsetRgn
SetBrushOrgEx
GetRgnBox
CreateMetaFileA
CopyMetaFileA
LPtoDP
Ellipse
CreateEllipticRgn
SetAbortProc
AbortDoc
EndDoc
EndPage
StartPage
DPtoLP
SetRectRgn
CombineRgn
GetMapMode
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
OffsetClipRgn
GetPixel
ExcludeClipRect
SelectClipRgn
OffsetWindowOrgEx
EnumMetaFile
PlayMetaFile
ModifyWorldTransform
PlayMetaFileRecord
SetWorldTransform
GetObjectType
SetGraphicsMode
ExtSelectClipRgn
SetStretchBltMode
CreateDIBPatternBrushPt
GetClipRgn
SetROP2
CreateRectRgn
SetPolyFillMode
CreateHatchBrush
SelectClipPath
SetBkMode
CreateSolidBrush
PolyBezierTo
ExtCreatePen
SelectPalette
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
StartDocA
ArcTo
EnumFontFamiliesExA
CreateDCA
BitBlt
CreateRectRgnIndirect
UnrealizeObject
Rectangle
CreatePen
CreatePatternBrush
CreateBitmap
PatBlt
TextOutA
DeleteMetaFile
CloseMetaFile
GetBkMode
GetCurrentPositionEx
GetROP2
GetTextAlign
ScaleWindowExtEx
RestoreDC
SetWindowExtEx
ScaleViewportExtEx
SaveDC
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
CreateFontIndirectA
SetWindowOrgEx
GetWindowOrgEx
GetTextFaceA
GetViewportOrgEx
GetDeviceCaps
GetTextColor
Escape
GetStretchBltMode
RectVisible
GetPolyFillMode
ExtTextOutA
PtVisible
MoveToEx
GetStockObject
GetTextMetricsA
GetTextExtentPoint32A
DeleteDC
StretchDIBits
SelectObject
DeleteObject
GetCharWidthA
CreateFontA
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
SetBkColor
GetObjectA
GetClipBox
SetTextColor

user32

ScreenToClient
GetSysColor
GetClassInfoExA
EnableWindow
GetParent
GetMenu
IsWindow
GetWindow
EqualRect
GetClassNameA
IsChild
DeferWindowPos
GetClientRect
GetLastActivePopup
GetClassInfoA
AdjustWindowRectEx
MapWindowPoints
MessageBoxA
GetForegroundWindow
SetPropA
GetFocus
RegisterClassA
GetTopWindow
SetForegroundWindow
SetWindowsHookExA
SetActiveWindow
SetFocus
GetMessageTime
SetScrollPos
CreateWindowExA
SendDlgItemMessageA
GetMessagePos
GetScrollPos
RegisterWindowMessageA
SetScrollRange
UpdateWindow
DestroyWindow
GetKeyState
GetScrollRange
WinHelpA
PostMessageA
GetDlgCtrlID
ShowScrollBar
IsIconic
SendMessageA
GetWindowPlacement
DefWindowProcA
GetCapture
LoadIconA
GetWindowTextLengthA
SetScrollInfo
GetWindowRect
GetWindowTextA
GetScrollInfo
SystemParametersInfoA
GetPropA
GetDlgItem
IsWindowVisible
CallWindowProcA
SetWindowPlacement
ScrollWindow
PtInRect
RemovePropA
TrackPopupMenu
OffsetRect
GetWindowLongA
TrackPopupMenuEx
IntersectRect
SetWindowLongA
GetMenuItemCount
PeekMessageA
CallNextHookEx
BeginDeferWindowPos
SetWindowPos
DispatchMessageA
GetClassLongA
CopyRect
GetSubMenu
EndDeferWindowPos
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
InsertMenuItemA
ReleaseCapture
SetCursor
UnpackDDElParam
BringWindowToTop
ReuseDDElParam
GetDesktopWindow
IsWindowEnabled
ShowWindow
GetWindowThreadProcessId
GetActiveWindow
LoadMenuA
DestroyMenu
CreatePopupMenu
InvalidateRect
GetMenuItemID
ClientToScreen
GetMessageA
TranslateMessage
LoadCursorA
GetCursorPos
WaitMessage
WindowFromPoint
SetCapture
DefFrameProcA
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
RedrawWindow
InflateRect
SetRect
KillTimer
SetTimer
GetDC
ReleaseDC
IsZoomed
AppendMenuA
SetParent
IsRectEmpty
GetSystemMenu
DeleteMenu
GetDCEx
LockWindowUpdate
DrawTextA
DrawTextExA
GetTabbedTextExtentA
GrayStringA
UnionRect
MapVirtualKeyA
GetKeyNameTextA
LoadBitmapA
FillRect
DrawFocusRect
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetAsyncKeyState
MapDialogRect
GetDialogBaseUnits
TabbedTextOutA
GetWindowDC
BeginPaint
EndPaint
GetMenuItemInfoA
GetMenuStringA
GetSysColorBrush
SetWindowTextA
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageA
MoveWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
ModifyMenuA
GetMenuCheckMarkDimensions
DestroyIcon
SetCursorPos
DestroyCursor
SetWindowRgn
DrawIcon
FindWindowA
MessageBeep
IsClipboardFormatAvailable
RemoveMenu
ValidateRect
PostQuitMessage
UnregisterClassA
ShowOwnedPopups
InsertMenuA
RegisterClipboardFormatA
CopyAcceleratorTableA
SendNotifyMessageA
InSendMessage
PostThreadMessageA
CreateMenu
WindowFromDC
CountClipboardFormats
SetWindowContextHelpId
CharNextA
InvalidateRgn
GetNextDlgGroupItem
ClipCursor
DrawEdge
EnumChildWindows
MsgWaitForMultipleObjects
UnhookWindowsHookEx
GetSystemMetrics
CharUpperA
CharUpperW
OemToCharBuffA
SetMenu
CharLowerW
CharLowerA
CharToOemBuffA

shlwapi

UrlUnescapeA
PathFindFileNameA
PathRemoveExtensionA
PathFindExtensionA
PathStripToRootA
PathIsUNCA

Sections

.text
Size: 924KB - Virtual size: 923KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
packet.dll
.dll windows:4 windows x86 arch:x86

dc8c0d40b34348cdabb47af1cd619332

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DefineDosDeviceW
GetSystemDirectoryW
SetLastError
GetFileAttributesW
CreateFileW
ReadFile
WaitForSingleObject
WriteFile
GetLastError
DeviceIoControl
CreateEventW
GlobalLock
CloseHandle
GlobalAlloc
GlobalFree
GlobalHandle
GlobalUnlock
GetCurrentDirectoryW
SetEvent
VirtualFree
TlsFree
TlsAlloc
HeapAlloc
HeapFree
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
MultiByteToWideChar
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
RtlUnwind
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetCPInfo
GetOEMCP
GetACP
GetProcAddress
LoadLibraryA
GetStringTypeA
GetStringTypeW

user32

wsprintfW
MessageBoxW

advapi32

QueryServiceStatus
StartServiceW
RegOpenKeyExW
OpenSCManagerW
OpenServiceW
RegCloseKey
CreateServiceW
CloseServiceHandle
ControlService
RegEnumKeyW
RegQueryValueExW

Exports

Exports

PacketAllocatePacket
PacketCloseAdapter
PacketFreePacket
PacketGetAdapterNames
PacketGetNetInfo
PacketGetNetInfoEx
PacketGetNetType
PacketGetReadEvent
PacketGetStats
PacketGetVersion
PacketInitPacket
PacketLibraryVersion
PacketOpenAdapter
PacketReceivePacket
PacketRequest
PacketSendPacket
PacketSetBpf
PacketSetBuff
PacketSetHwFilter
PacketSetMinToCopy
PacketSetMode
PacketSetNumWrites
PacketSetReadTimeout
PacketStopDriver

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninstall.exe.nsis

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4aCertificate

Key Usages

35:eb:63:3d:d2:ae:f0:f1:05:41:2c:09:d2:c3:b1:4eCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

64:c5:5c:38:60:b5:7d:13:45:56:63:7d:fa:b0:b0:b4:32:0d:a7:8fSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 40KB

.rsrc Size: 26KB - Virtual size: 25KB

81638d02019c0bfcaaf23a9c69f2f12c

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 512B - Virtual size: 510B

.rdata Size: 1024B - Virtual size: 533B

.data Size: 512B - Virtual size: 20B

.rsrc Size: 5.1MB - Virtual size: 5.1MB

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

35:eb:63:3d:d2:ae:f0:f1:05:41:2c:09:d2:c3:b1:4e
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

64:c5:5c:38:60:b5:7d:13:45:56:63:7d:fa:b0:b0:b4:32:0d:a7:8f
Signer

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 40KB

.rsrc
Size: 26KB - Virtual size: 25KB

.text
Size: 512B - Virtual size: 510B

.rdata
Size: 1024B - Virtual size: 533B

.data
Size: 512B - Virtual size: 20B

.rsrc
Size: 5.1MB - Virtual size: 5.1MB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 420KB - Virtual size: 416KB

.rdata
Size: 80KB - Virtual size: 76KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 12KB - Virtual size: 9KB

.reloc
Size: 36KB - Virtual size: 32KB

.text
Size: 540KB - Virtual size: 540KB

.rdata
Size: 126KB - Virtual size: 125KB

.data
Size: 18KB - Virtual size: 1.0MB