b0033124d08666ba47ade2706a216e7a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b0033124d08666ba47ade2706a216e7a_JaffaCakes118
Size

2.8MB
MD5

b0033124d08666ba47ade2706a216e7a
SHA1

92b38a44c2cec2f3631aeff44e2f8720af51a3ee
SHA256

41dca22e5f639457d7260806fc546662abf064a36e4a4aae66c05a820e21cb4b
SHA512

d62458d544e7921e03a66cbb15f205e513f99cd901cca1e5b486126db49cb62ee15f11c868279079b33c49889839890adec9cb07147a25dfe3ef4324cd0e0073
SSDEEP

49152:IozHuzqi2qZ93HwpQAgmWHtdyslCb262YYYbGZyHu689OWLNBN/PydyEH8gXWf:ICWqi2OQ0NMsO6YJaZyHZ895LRydVcGc

Score

3^/10

Malware Config

Signatures

Unsigned PE 30 IoCs

Checks for missing Authenticode signature.

resource
b0033124d08666ba47ade2706a216e7a_JaffaCakes118
unpack001/$PLUGINSDIR/MoreInfo.dll
unpack001/$PLUGINSDIR/NSISdl.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/UAC.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/Plugins/AdvancedCPU.dll
unpack001/Plugins/CoreTemp.dll
unpack001/Plugins/ExamplePlugin.dll
unpack001/Plugins/FolderInfo.dll
unpack001/Plugins/InputText.dll
unpack001/Plugins/MediaKey.dll
unpack001/Plugins/PerfMon.dll
unpack001/Plugins/PingPlugin.dll
unpack001/Plugins/PowerPlugin.dll
unpack001/Plugins/QuotePlugin.dll
unpack001/Plugins/Rainmeter.dll
unpack001/Plugins/Rainmeter.exe
unpack001/Plugins/RecycleManager.dll
unpack001/Plugins/ResMon.dll
unpack001/Plugins/SpeedFanPlugin.dll
unpack001/Plugins/SysInfo.dll
unpack001/Plugins/VirtualDesktops.dll
unpack001/Plugins/WebParser.dll
unpack001/Plugins/WifiStatus.dll
unpack001/Plugins/Win7AudioPlugin.dll
unpack001/Plugins/WindowMessagePlugin.dll
unpack001/Plugins/iTunesPlugin.dll
unpack001/Rainmeter.dll
unpack001/Rainmeter.exe

Files

b0033124d08666ba47ade2706a216e7a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b729b61eb1515fcf7b3e511e4e66258b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/MoreInfo.dll
.dll windows:4 windows x86 arch:x86

149adf074d317fbf0d2f17314bd18969

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

t:\untgz\MoreInfo\SRC\Release\MoreInfo.pdb

Imports

user32

wsprintfW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

lstrlenW
lstrcpyW
lstrcpynW
lstrcatW
GlobalAlloc
GetSystemDirectoryW
GlobalFree

Exports

Exports

GetComments
GetCompanyName
GetFileDescription
GetFileVersion
GetInternalName
GetLegalCopyright
GetLegalTrademarks
GetOSUserinterfaceLanguage
GetOriginalFilename
GetPrivateBuild
GetProductName
GetProductVersion
GetSpecialBuild
GetUserDefined

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/NSISdl.dll
.dll windows:5 windows x86 arch:x86

cbc66eb3222e3fcdbee2e18ba7195f5e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
lstrlenA
lstrcpynA
lstrcatA
GlobalAlloc
GlobalFree
MulDiv
GetTickCount
DeleteFileA
Sleep
lstrcpyA
CreateFileA
lstrcpyW
lstrcpynW
WideCharToMultiByte
MultiByteToWideChar
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
CreateThread
WaitForSingleObject
WriteFile
CloseHandle
IsDebuggerPresent

user32

IsWindowVisible
GetFocus
GetDlgItem
ShowWindow
SetWindowTextA
SetDlgItemTextA
CharPrevA
SetWindowLongW
RegisterWindowMessageW
GetClientRect
GetWindowRect
CreateWindowExW
GetWindowLongW
wsprintfA
CallWindowProcW
DestroyWindow
EnableWindow
FindWindowExW
SendMessageW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

ws2_32

WSAGetLastError
send
closesocket
shutdown
ioctlsocket
htons
socket
WSACleanup
WSAStartup
recv
__WSAFDIsSet
connect
inet_addr
gethostbyname
select

Exports

Exports

download
download_quiet

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

039bcbc605477e8e87ec550c2e60e748

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
lstrlenW
lstrcmpiW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UAC.dll
.dll windows:4 windows x86 arch:x86

1fe003b76229a0ffee4a9219893de38e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExW
lstrcmpiW
GetCurrentThreadId
GetProcAddress
GetCommandLineW
UnmapViewOfFile
WaitForSingleObject
GetCurrentProcessId
SetEvent
SetLastError
SetCurrentDirectoryW
MapViewOfFile
Sleep
OpenProcess
GetExitCodeProcess
GetExitCodeThread
CreateThread
CreateFileMappingW
CreateEventW
lstrlenW
GlobalAlloc
CreateProcessW
GetLastError
FormatMessageW
LocalFree
GlobalFree
CloseHandle
GetModuleFileNameW
lstrcatW
GetPrivateProfileIntW
GetPrivateProfileStringW
DuplicateHandle
LoadLibraryA

user32

SetWindowsHookExW
DispatchMessageW
TranslateMessage
IsDialogMessageW
PeekMessageW
MsgWaitForMultipleObjects
DefWindowProcW
PostMessageW
SetForegroundWindow
CreateWindowExW
GetWindowThreadProcessId
CallWindowProcW
SetWindowPos
GetWindowRect
UnhookWindowsHookEx
GetClassNameW
CallNextHookEx
CharNextW
DialogBoxParamW
MessageBoxW
EndDialog
SetWindowLongW
LoadImageW
GetWindowLongW
EnableWindow
ShowWindow
wsprintfW
LoadStringW
GetDlgItem
SendMessageW
DestroyWindow

advapi32

GetUserNameW
OpenSCManagerW
GetTokenInformation
OpenProcessToken
FreeSid
CloseServiceHandle
EqualSid
AllocateAndInitializeSid
OpenThreadToken
AdjustTokenPrivileges
LookupPrivilegeValueW
QueryServiceStatus
OpenServiceW

shell32

ShellExecuteExW

ole32

CoInitialize

Exports

Exports

_

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 894B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:5 windows x86 arch:x86

9ea5bdc8c90dfcffe309465c26c89758

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
MulDiv
lstrlenW
HeapFree
GetProcessHeap
lstrcmpiW
HeapReAlloc
lstrcpynW
GetFileAttributesW
lstrcpyW
GetCurrentDirectoryW
SetCurrentDirectoryW
HeapAlloc
GlobalFree

user32

LoadCursorW
RemovePropW
DrawFocusRect
GetPropW
DrawTextW
GetWindowTextW
GetDlgItem
SetWindowLongW
SetWindowPos
CreateDialogParamW
MapWindowPoints
GetWindowRect
SetCursor
CreateWindowExW
IsWindow
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
GetClientRect
CharPrevW
CallWindowProcW
SetPropW
DestroyWindow
MapDialogRect
CharNextW
SendMessageW
GetWindowLongW

gdi32

SetTextColor

shell32

SHGetPathFromIDListW
SHBrowseForFolderW

comdlg32

GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 590B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Default.ini
Plugins/AdvancedCPU.dll
.dll windows:5 windows x86 arch:x86

0f6b07df440115e6988033ead42d5e04

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\RainTrunk\Plugins\PluginAdvancedCPU\x32\Release\AdvancedCPU.pdb

Imports

rainmeter

ReadConfigString

kernel32

lstrcpyW
lstrcpynW
IsBadStringPtrW
GetTickCount
GetCurrentThreadId
QueryPerformanceCounter
DisableThreadLibraryCalls
GetCurrentProcessId
lstrlenW
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
IsDebuggerPresent

user32

wsprintfW

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

msvcp100

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

msvcr100

__CxxFrameHandler3
wcstok
??2@YAPAXI@Z
wcsncpy
_wcsdup
free
memset
_unlock
__dllonexit
_lock
_onexit
_malloc_crt
_encoded_null
_initterm
_wcsicmp
_amsg_exit
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
memmove
memcpy
??3@YAXPAX@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
_initterm_e
_CxxThrowException
_wtoi

Exports

Exports

Finalize
GetPluginAuthor
GetPluginVersion
GetString
Initialize
Update2

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/CoreTemp.dll
.dll windows:5 windows x86 arch:x86

2b8051bc7feff1d78d229e0633c83697

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\RainTrunk\Plugins\PluginCoreTemp\x32\Release\CoreTemp.pdb

Imports

rainmeter

ReadConfigString
LSLog

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
FormatMessageW
GetLastError
DisableThreadLibraryCalls
UnmapViewOfFile
SetLastError
MapViewOfFile
CloseHandle
ReleaseMutex
OpenFileMappingW
WaitForSingleObject
CreateMutexW
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
GetTickCount

msvcr100

__CxxFrameHandler3
_lock
_onexit
_except_handler4_common
_malloc_crt
free
_encoded_null
_unlock
_initterm_e
_amsg_exit
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
memcpy_s
_initterm
_wtoi
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??2@YAPAXI@Z
vswprintf_s
_wcsicmp
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??3@YAXPAX@Z
wcscpy_s
memset
__dllonexit

msvcp100

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z

Exports

Exports

Finalize
GetPluginAuthor
GetPluginVersion
GetString
Initialize
Update2

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/ExamplePlugin.dll
.dll windows:5 windows x86 arch:x86

3a67b3a1f2ff46e1a68d66f1445c2e00

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\RainTrunk\Plugins\PluginExample\x32\Release\ExamplePlugin.pdb

Imports

rainmeter

ReadConfigString

msvcr100

_onexit
_crt_debugger_hook
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
_CIsin
_wtoi
_except_handler4_common

kernel32

IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
SetUnhandledExceptionFilter

Exports

Exports

Finalize
GetPluginAuthor
GetPluginVersion
Initialize
Update

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/FolderInfo.dll
.dll windows:5 windows x86 arch:x86

b4ab40c57c22ce5e94a59a6f3fb62e2a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\RainTrunk\Plugins\PluginFolderInfo\x32\Release\FolderInfo.pdb

Imports

rainmeter

ReadConfigString

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
WideCharToMultiByte
FindClose
FindNextFileW
FindFirstFileW
GetTickCount
DisableThreadLibraryCalls
GetCurrentThreadId
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
IsDebuggerPresent

user32

wsprintfW

msvcr100

isalnum
isupper
isdigit
toupper
islower
tolower
memset
wcsrchr
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
isprint
??2@YAPAXI@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
__CxxFrameHandler3
isspace
wcsncmp
_wcsicmp
_unlock
__dllonexit
_lock
_onexit
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
isxdigit
??_V@YAXPAX@Z
isgraph
ispunct
iscntrl
isalpha
strchr
free
malloc
memcpy
memmove
strncmp
??_U@YAPAXI@Z

msvcp100

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

Exports

Exports

Finalize
GetPluginAuthor
GetPluginVersion
Initialize
Update
pcre_callout
pcre_compile
pcre_compile2
pcre_config
pcre_copy_named_substring
pcre_copy_substring
pcre_dfa_exec
pcre_exec
pcre_free
pcre_free_substring
pcre_free_substring_list
pcre_fullinfo
pcre_get_named_substring
pcre_get_stringnumber
pcre_get_stringtable_entries
pcre_get_substring
pcre_get_substring_list
pcre_info
pcre_maketables
pcre_malloc
pcre_refcount
pcre_stack_free
pcre_stack_malloc
pcre_study
pcre_version

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/InputText.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Exports

Exports

Bang
Chopper
Chopper
ConfigHeight
ConfigHeight
ConfigWidth
ConfigWidth
ConfigX
ConfigX
ConfigY
ConfigY
ExecuteBang
Finalize
GetConfigWindow
GetPluginAuthor
GetPluginVersion
GetString
Initialize
Log
ParentIsTopmost
SkinName
String
Update
Update2
Version
Version

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 1024B - Virtual size: 679B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/MediaKey.dll
.dll windows:5 windows x86 arch:x86

502fc0ab5759afe64e8aac3f3238b34b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\RainTrunk\Plugins\PluginMediaKey\x32\Release\MediaKey.pdb

Imports

rainmeter

LSLog

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
DisableThreadLibraryCalls
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
GetSystemTimeAsFileTime

user32

SendInput
GetMessageExtraInfo

msvcr100

_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
_wcsicmp
__clean_type_info_names_internal

Exports

Exports

ExecuteBang
GetPluginAuthor
GetPluginVersion
Update

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/PerfMon.dll
.dll windows:5 windows x86 arch:x86

15b43201c9f47f68299e7f64bad906a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\RainTrunk\Plugins\PluginPerfMon\x32\Release\PerfMon.pdb

Imports

rainmeter

ReadConfigString

kernel32

DisableThreadLibraryCalls
IsBadStringPtrW
lstrcpynW
GetCurrentThreadId
GetTickCount
lstrcpyW
GetCurrentProcessId
lstrlenW
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
QueryPerformanceCounter

user32

wsprintfW

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

msvcr100

memset
_CxxThrowException
__dllonexit
_lock
_onexit
_malloc_crt
_encoded_null
_initterm
_wtoi
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
_wcsicmp
_initterm_e
??0exception@std@@QAE@ABV01@@Z
memmove
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
free
memcpy
_wcsdup
__CxxFrameHandler3
??2@YAPAXI@Z
??3@YAXPAX@Z
_unlock

msvcp100

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

Exports

Exports

Finalize
GetPluginAuthor
GetPluginVersion
Initialize
Update2

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/PingPlugin.dll
.dll windows:5 windows x86 arch:x86

0e77462563acee2aff0816cd3f111d2b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\RainTrunk\Plugins\PluginPing\x32\Release\PingPlugin.pdb

Imports

rainmeter

ReadConfigString
LSLog

ws2_32

WSACleanup
gethostbyname
WSAStartup
inet_addr

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DisableThreadLibraryCalls
LeaveCriticalSection
CloseHandle
EnterCriticalSection
CreateThread
DeleteCriticalSection
FreeLibrary
TerminateThread
WideCharToMultiByte
GetProcAddress
LoadLibraryW
InitializeCriticalSection
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
GetCurrentProcess

msvcp100

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

msvcr100

??2@YAPAXI@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
__CxxFrameHandler3
wcstod
_wtoi
_unlock
__dllonexit
_lock
_onexit
_malloc_crt
free
??3@YAXPAX@Z
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
memmove
_encoded_null
memcpy
??_V@YAXPAX@Z

Exports

Exports

Finalize
GetPluginAuthor
GetPluginVersion
Initialize
Update2

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/PowerPlugin.dll
.dll windows:5 windows x86 arch:x86

c6d4a51234583c88f1b07560f8190bf6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\RainTrunk\Plugins\PluginPower\x32\Release\PowerPlugin.pdb

Imports

rainmeter

ReadConfigString

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
DisableThreadLibraryCalls
GetSystemPowerStatus
FreeLibrary
GetSystemInfo
GetProcAddress
LoadLibraryW
GetCurrentThreadId
GetTickCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
QueryPerformanceCounter

user32

wsprintfW

msvcp100

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

msvcr100

memset
wcsftime
_wcsicmp
_CxxThrowException
__dllonexit
_lock
_onexit
_malloc_crt
free
_encoded_null
_initterm
_initterm_e
_amsg_exit
??_V@YAXPAX@Z
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
??2@YAPAXI@Z
memmove
memcpy
??3@YAXPAX@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
__CxxFrameHandler3
__CppXcptFilter
??0exception@std@@QAE@ABV01@@Z
_unlock

Exports

Exports

Finalize
GetPluginAuthor
GetPluginVersion
GetString
Initialize
Update2

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/QuotePlugin.dll
.dll windows:5 windows x86 arch:x86

9e51dc0b126315dada1f23c604d9aed9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\RainTrunk\Plugins\PluginQuote\x32\Release\QuotePlugin.pdb

Imports

rainmeter

ReadConfigString

shlwapi

PathMatchSpecW
PathIsDirectoryW

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
MultiByteToWideChar
WideCharToMultiByte
FindNextFileW
FindFirstFileW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
IsDebuggerPresent

msvcp100

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

msvcr100

_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
__CxxFrameHandler3
??_V@YAXPAX@Z
fclose
feof
rand
ftell
memcpy
fread
_wfopen
srand
_wtoi
_unlock
__dllonexit
_lock
_onexit
??2@YAPAXI@Z
free
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
??3@YAXPAX@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
wcsstr
strstr
_time64
_malloc_crt
memmove
fseek

Exports

Exports

Finalize
GetPluginAuthor
GetPluginVersion
GetString
Initialize
Update2

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/Rainmeter.dll
.dll windows:5 windows x64 arch:x64

4b51a8c1f07ea33c0c46fbc26bdaaa4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

comctl32

InitCommonControlsEx

wininet

InternetOpenUrlW
InternetReadFile
InternetCloseHandle
InternetOpenW

winmm

PlaySoundW

gdiplus

GdipDeleteBrush
GdipCreateSolidFill
GdipSetPixelOffsetMode
GdipSetSmoothingMode
GdipDrawLineI
GdipSetInterpolationMode
GdipSetMatrixElements
GdipDeleteMatrix
GdipCreateMatrix
GdipAlloc
GdipFree
GdipFillRectangleI
GdipCreateLineBrushFromRectWithAngleI
GdipCreatePen1
GdipSetCompositingQuality
GdipDrawImageRectRectI
GdipGetImageHeight
GdipGetImageWidth
GdipDeletePen
GdipCreateBitmapFromFile
GdipCreateHICONFromBitmap
GdipFillPolygonI
GdipDrawImageRectRect
GdipImageRotateFlip
GdipRotateMatrix
GdipTranslateMatrix
GdipSetImageAttributesColorMatrix
GdipGetImageRawFormat
GdipCreateBitmapFromStream
GdiplusShutdown
GdiplusStartup
GdipDrawImageI
GdipCreateFromHDC
GdipSetWorldTransform
GdipIsMatrixIdentity
GdipGraphicsClear
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHBITMAP
GdipPrivateAddFontFile
GdipNewPrivateFontCollection
GdipDeletePrivateFontCollection
GdipGetImagePixelFormat
GdipGetFamilyName
GdipGetFontCollectionFamilyList
GdipCloneFontFamily
GdipGetFontCollectionFamilyCount
GdipNewInstalledFontCollection
GdipDrawString
GdipMeasureString
GdipSetStringFormatMeasurableCharacterRanges
GdipSetStringFormatFlags
GdipSetStringFormatTrimming
GdipSetStringFormatAlign
GdipSetTextRenderingHint
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteFont
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipCreateFontFamilyFromName
ord1
GdipResetWorldTransform
GdipDrawImageRectI
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipDrawPath
GdipClosePathFigure
GdipAddPathLine
GdipDrawLine
GdipSetImageAttributesWrapMode
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipFillPath
GdipResetClip
GdipSetClipPath
GdipAddPathRectangleI
GdipDeletePath
GdipCreatePath
GdipBitmapGetPixel
GdipDrawCachedBitmap
GdipCreateCachedBitmap
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromScan0
GdipDeleteGraphics
GdipCreateFromHWND
GdipDeleteCachedBitmap

iphlpapi

GetNumberOfInterfaces
GetIfTable

shlwapi

PathCanonicalizeW
AssocQueryStringW

kernel32

ReadFile
GlobalLock
GlobalAlloc
GlobalFree
GetTempFileNameW
GetTempPathW
DeleteFileW
SetFileAttributesW
LoadLibraryW
GetVersionExW
ExpandEnvironmentStringsW
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetCurrentProcessId
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
DecodePointer
EncodePointer
CreateFileW
GetCurrentThreadId
CreateDirectoryW
GetModuleFileNameW
DeleteCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
GetLastError
Sleep
GlobalUnlock
GetTimeZoneInformation
SystemTimeToFileTime
GetSystemTime
GetLocalTime
GetDateFormatW
GetTimeFormatW
FileTimeToSystemTime
GetSystemTimeAsFileTime
SetDllDirectoryW
SetCurrentDirectoryW
GetCurrentDirectoryW
WritePrivateProfileStringW
GetPrivateProfileIntW
GlobalMemoryStatusEx
GetVolumeInformationW
GetDiskFreeSpaceExW
SetLastError
SetErrorMode
GetDriveTypeW
GetSystemTimes
GetSystemInfo
GetModuleHandleW
GetTickCount
MultiByteToWideChar
WideCharToMultiByte
GetFileAttributesW
GetPrivateProfileStringW
FindClose
FindNextFileW
FreeLibrary
GetProcAddress
FindFirstFileW
FormatMessageA
GetFileTime
LoadLibraryA
GetModuleFileNameA
GetFileSize
FormatMessageW
OutputDebugStringA

user32

CreateDialogParamW
LoadIconW
SendMessageW
GetWindowPlacement
SetWindowPlacement
IsZoomed
ShowWindow
IsWindowVisible
GetDlgItem
GetClientRect
SetWindowPos
MapWindowPoints
SetWindowTextW
CheckDlgButton
SetTimer
PostMessageW
IsDlgButtonChecked
DestroyWindow
SystemParametersInfoW
GetSystemMetrics
MessageBoxW
CreateWindowExW
LoadImageW
DestroyIcon
IsWindow
PostQuitMessage
CopyIcon
EnumWindows
GetClassNameW
GetShellWindow
EnumDisplayMonitors
EnumDisplaySettingsW
EnumDisplayDevicesW
UnhookWinEvent
SetWinEventHook
RegisterClassW
ModifyMenuW
GetMenuState
GetMenuItemID
GetMenuStringW
GetMenuItemCount
RemoveMenu
DestroyMenu
TrackPopupMenu
SetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
SetMenuDefaultItem
InsertMenuW
AppendMenuW
CreatePopupMenu
CheckMenuItem
EnableMenuItem
GetSubMenu
LoadMenuW
SendMessageTimeoutW
GetPropW
RemovePropW
SetPropW
GetWindowRect
DefWindowProcW
GetParent
LoadCursorW
SetCursor
FindWindowExW
GetAncestor
WindowFromPoint
GetCursorPos
EndPaint
BeginPaint
UpdateLayeredWindow
InvalidateRect
SetWindowRgn
MonitorFromRect
SetParent
GetWindow
GetMonitorInfoW
MonitorFromPoint
TrackMouseEvent
SetWindowLongW
GetWindowLongW
RegisterClassExW
UnregisterClassW
ReleaseDC
GetDC
GetKeyState
GetDesktopWindow
KillTimer

gdi32

GetStockObject
CreateCompatibleBitmap
CreateEllipticRgn
CreateRoundRectRgn
GetDeviceCaps
DeleteDC
DeleteObject
CombineRgn
BitBlt
SelectObject
CreateDIBSection
GetObjectW
CreateCompatibleDC
CreateRectRgn

advapi32

RegQueryValueExW
CheckTokenMembership
RegEnumKeyExW
RegOpenKeyExW
AllocateAndInitializeSid
RegCloseKey
FreeSid

shell32

SHFileOperationW
SHGetFolderPathW
ShellExecuteExW
ShellExecuteW
Shell_NotifyIconW

ole32

CoUninitialize
CreateStreamOnHGlobal
CoInitializeEx

msvcp100

?in@?$codecvt@DDH@std@@QEBAHAEAHPEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDH@std@@QEBAHAEAHPEBD1AEAPEBDPEAD3AEAPEAD@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Getcat@?$codecvt@DDH@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?unshift@?$codecvt@DDH@std@@QEBAHAEAHPEAD1AEAPEAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Orphan_all@_Container_base0@std@@QEAAXXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Decref@facet@locale@std@@QEAAPEAV123@XZ
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_BADOFF@std@@3_JB
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Incref@facet@locale@std@@QEAAXXZ
??Bid@locale@std@@QEAA_KXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?uncaught_exception@std@@YA_NXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?id@?$codecvt@DDH@std@@2V0locale@2@A
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z

msvcr100

_pclose
_popen
ftell
fseek
tmpfile
fscanf
exit
longjmp
fgets
strtoul
fputs
isspace
getc
freopen
clearerr
fprintf
fread
fopen
strchr
__iob_func
strstr
strerror
feof
strncat
_strdup
_snprintf_s
_vsnprintf_s
sin
asin
fabs
exp
atan
log10
acos
tan
log
calloc
modf
strncmp
cos
sqrt
realloc
strncpy
strtol
malloc
strtod
memchr
_beginthread
atoi
sprintf
??0bad_cast@std@@QEAA@PEBD@Z
??1bad_cast@std@@UEAA@XZ
??0bad_cast@std@@QEAA@AEBV01@@Z
fflush
setvbuf
fsetpos
fgetpos
_fseeki64
memcpy_s
fgetc
ungetc
fwrite
fputc
_unlock_file
_lock_file
_wasctime
_wstat64i32
_wtof
_wtoi64
wcsrchr
setlocale
towupper
_localtime64
wcsftime
_tzset
rand
_time64
srand
_purecall
wcsncat_s
wcsncpy_s
_snwprintf_s
_set_invalid_parameter_handler
fputws
fclose
_wfopen
_wcsnicmp
_waccess
swscanf
iswspace
wcsncmp
free
_wtoi
wcstok
_wcsdup
wcschr
wcstod
_errno
towlower
_vsnwprintf_s
_wcsicmp
??_V@YAXPEAX@Z
memmove
??2@YAPEAX_K@Z
??0exception@std@@QEAA@AEBQEBD@Z
??1exception@std@@UEAA@XZ
?what@exception@std@@UEBAPEBDXZ
??0exception@std@@QEAA@AEBV01@@Z
??3@YAXPEAX@Z
localeconv
isalnum
isalpha
isdigit
iscntrl
ldexp
frexp
_HUGE
strrchr
getenv
strcspn
rename
_mktime64
_gmtime64
tmpnam
system
remove
clock
strftime
_difftime64
ispunct
tolower
isupper
toupper
islower
strpbrk
isxdigit
strcoll
__CxxFrameHandler3
__C_specific_handler
_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
_malloc_crt
_initterm
_initterm_e
_encoded_null
_amsg_exit
__CppXcptFilter
__crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__clean_type_info_names_internal
_strnicmp
memcmp
memset
_setjmp
memcpy
floor
ceil
pow
fmod
cosf
sinf
_CxxThrowException
__RTDynamicCast
atan2
tanh
cosh
ferror
sinh

Exports

Exports

ExecuteBang
Initialize
LSLog
PluginBridge
ReadConfigString
initModuleEx
quitModule

Sections

.text
Size: 775KB - Virtual size: 774KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/Rainmeter.exe
.exe windows:5 windows x64 arch:x64

b6661e149ed68e0b2578822e0095974b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

rainmeter

ExecuteBang
quitModule
Initialize
initModuleEx

kernel32

Sleep
EncodePointer
RtlCaptureContext
GetCommandLineW
CreateMutexW
FreeLibrary
SetDllDirectoryW
GetModuleHandleW
GetSystemDirectoryW
LoadLibraryW
GetLastError
GetProcAddress
ReleaseMutex
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DecodePointer
SetUnhandledExceptionFilter
GetStartupInfoW

user32

FindWindowW
TranslateMessage
LoadIconW
CreateWindowExW
LoadCursorW
RegisterClassW
SendMessageW
DefWindowProcW
DispatchMessageW
PostQuitMessage
GetMessageW
DestroyWindow
MessageBoxW

gdi32

GetStockObject

msvcp100

?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z

msvcr100

memcpy
_CxxThrowException
_wcsicmp
towlower
?what@exception@std@@UEBAPEBDXZ
??1exception@std@@UEAA@XZ
??0exception@std@@QEAA@AEBQEBD@Z
??0exception@std@@QEAA@AEBV01@@Z
memmove
??3@YAXPEAX@Z
??2@YAPEAX_K@Z
memset
__wgetmainargs
__C_specific_handler
_XcptFilter
_exit
_cexit
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
__crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__CxxFrameHandler3
_amsg_exit

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/RecycleManager.dll
.dll windows:5 windows x86 arch:x86

3a0adfee71eac1f1e9a9555cbae77ad3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\RainTrunk\Plugins\PluginRecycleManager\x32\Release\RecycleManager.pdb

Imports

rainmeter

ReadConfigString

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
DisableThreadLibraryCalls
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
GetCurrentProcess

user32

MessageBoxW

shell32

SHQueryRecycleBinW
ShellExecuteW
SHEmptyRecycleBinW

msvcp100

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

msvcr100

_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
__CxxFrameHandler3
_wcsicmp
??3@YAXPAX@Z
__dllonexit
_lock
_onexit
_malloc_crt
free
_encoded_null
??2@YAPAXI@Z
_initterm_e
_amsg_exit
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
memmove
_initterm
memcpy
_unlock

Exports

Exports

ExecuteBang
Finalize
GetPluginAuthor
GetPluginVersion
Initialize
Update2

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/ResMon.dll
.dll windows:5 windows x86 arch:x86

72962f806f853a6e0535ceb25f83dbc1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\RainTrunk\Plugins\PluginResMon\x32\Release\ResMon.pdb

Imports

rainmeter

ReadConfigString

psapi

GetModuleBaseNameW
EnumProcessModules
EnumProcesses

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
DisableThreadLibraryCalls
CloseHandle
GetProcessHandleCount
OpenProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
InterlockedExchange
DecodePointer
EncodePointer
InterlockedCompareExchange

user32

GetGuiResources
MessageBoxW
EnumChildWindows

msvcp100

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

msvcr100

memmove
??2@YAPAXI@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABV01@@Z
__CxxFrameHandler3
_wcsicmp
_unlock
__dllonexit
_lock
_onexit
_malloc_crt
memcpy
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
??0exception@std@@QAE@ABQBD@Z
??3@YAXPAX@Z
free
??1exception@std@@UAE@XZ
_CxxThrowException

Exports

Exports

Finalize
GetPluginAuthor
GetPluginVersion
Initialize
Update

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 986B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/SpeedFanPlugin.dll
.dll windows:5 windows x86 arch:x86

cca1b9450b5666c0cc35f4f3d9b129cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\RainTrunk\Plugins\PluginSpeedFan\x32\Release\SpeedFanPlugin.pdb

Imports

rainmeter

ReadConfigString
LSLog

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
DisableThreadLibraryCalls
UnmapViewOfFile
CloseHandle
MapViewOfFile
OpenFileMappingW
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
IsDebuggerPresent

user32

MessageBoxW

msvcp100

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

msvcr100

_wtoi
_wcsicmp
??2@YAPAXI@Z
__dllonexit
_lock
_onexit
_malloc_crt
free
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CxxFrameHandler3
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
memmove
memcpy
??3@YAXPAX@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
__CppXcptFilter
_CxxThrowException
_unlock

Exports

Exports

Finalize
GetPluginAuthor
GetPluginVersion
Initialize
Update2

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/SysInfo.dll
.dll windows:5 windows x86 arch:x86

0879f281d0c0fc89d609d1fc35f5fc01

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\RainTrunk\Plugins\PluginSysInfo\x32\Release\SysInfo.pdb

Imports

rainmeter

ReadConfigString

rasapi32

RasGetConnectStatusW
RasEnumConnectionsW

iphlpapi

GetAdaptersInfo
GetIpAddrTable
GetNetworkParams

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
DisableThreadLibraryCalls
GetVersionExW
GetCurrentProcessId
MultiByteToWideChar
GetComputerNameW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
GetNativeSystemInfo
GetSystemTimeAsFileTime
InterlockedExchange
DecodePointer
EncodePointer
Sleep

user32

MessageBoxW
GetSystemMetrics
wsprintfW
GetMonitorInfoW
EnumDisplayMonitors

advapi32

GetUserNameW

msvcp100

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

msvcr100

memcpy
??0exception@std@@QAE@ABQBD@Z
free
malloc
??2@YAPAXI@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
__CxxFrameHandler3
exit
_wtoi
_wcsicmp
??_V@YAXPAX@Z
_unlock
??3@YAXPAX@Z
_lock
_onexit
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
??1exception@std@@UAE@XZ
__dllonexit
?what@exception@std@@UBEPBDXZ
memmove

Exports

Exports

Finalize
GetPluginAuthor
GetPluginVersion
GetString
Initialize
Update2

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/VirtualDesktops.dll
.dll windows:5 windows x86 arch:x86

2669d7d380931fe156d4a13437571716

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\RainTrunk\Plugins\PluginVirtualDesktops\x32\Release\VirtualDesktops.pdb

Imports

rainmeter

ReadConfigString

kernel32

GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
DisableThreadLibraryCalls
OpenMutexW
WaitForSingleObject
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CloseHandle
ReleaseMutex
GetCurrentProcessId
UnhandledExceptionFilter
GetSystemTimeAsFileTime

user32

RegisterClassW
CreateWindowExW
SetWindowLongW
SetWindowPos
MoveWindow
DefWindowProcW
GetDC
ReleaseDC
DestroyWindow
UnregisterClassW
SystemParametersInfoW
SendNotifyMessageW
SendMessageW
IsWindow
FindWindowW
RegisterWindowMessageW

gdi32

CreateDIBSection
SetStretchBltMode
StretchBlt
GdiFlush
DeleteObject
DeleteDC
SetDIBits
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject

msvcp100

?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
?_Decref@facet@locale@std@@QAEPAV123@XZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Incref@facet@locale@std@@QAEXXZ
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??1_Lockit@std@@QAE@XZ
?_Id_cnt@id@locale@std@@0HA
?id@?$codecvt@DDH@std@@2V0locale@2@A
??0_Lockit@std@@QAE@H@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?_BADOFF@std@@3_JB
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7ios_base@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@

msvcr100

fclose
_crt_debugger_hook
__clean_type_info_names_internal
_purecall
??3@YAXPAX@Z
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
memcpy
memmove
memset
swprintf_s
_wtoi
_wcsicmp
??0bad_cast@std@@QAE@PBD@Z
__CxxFrameHandler3
_CxxThrowException
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
fgetc
fputc
ungetc
_lock_file
_unlock_file
fflush
setvbuf
memcpy_s
fwrite
fgetpos
_fseeki64
fsetpos
_unlock
__dllonexit
_lock
_onexit
_malloc_crt
free
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common

Exports

Exports

ExecuteBang
Finalize
GetPluginAuthor
GetPluginVersion
GetString
Initialize
Update

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/WebParser.dll
.dll windows:5 windows x86 arch:x86

98257c8a0b648f7edfe72c44edcc8596

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\RainTrunk\Plugins\PluginWebParser\x32\Release\WebParser.pdb

Imports

rainmeter

ReadConfigString
LSLog

urlmon

URLDownloadToFileW

wininet

InternetOpenW
InternetOpenUrlW
InternetOpenUrlA
InternetReadFile
InternetCloseHandle
DeleteUrlCacheEntryW
InternetGetLastResponseInfoW

shlwapi

PathIsDirectoryW
PathFileExistsW
PathAddBackslashW
PathRemoveFileSpecW
PathCanonicalizeW

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
GetTickCount
GetCurrentThreadId
TerminateProcess
InitializeCriticalSection
DisableThreadLibraryCalls
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
LocalFree
FormatMessageW
GetModuleHandleW
GetLastError
MultiByteToWideChar
WideCharToMultiByte
GetShortPathNameW
DeleteFileW
CloseHandle
CreateFileW
GetFileAttributesW
GetTempPathW
CreateDirectoryW
DeleteCriticalSection
TerminateThread
GetSystemTimeAsFileTime

user32

FindWindowExW
wsprintfW
SendMessageW
GetWindowThreadProcessId

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

ole32

CoInitialize
CoUninitialize

msvcr100

?terminate@@YAXXZ
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_crt_debugger_hook
_except_handler4_common
_amsg_exit
_initterm_e
_initterm
strncmp
memmove
memcpy
malloc
free
strchr
isalpha
iscntrl
ispunct
isprint
isgraph
isxdigit
isspace
isalnum
isupper
isdigit
toupper
islower
tolower
memset
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
??2@YAPAXI@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
__CxxFrameHandler3
wcstol
_errno
??_V@YAXPAX@Z
??_U@YAPAXI@Z
_wcsnicmp
_beginthreadex
fclose
fwrite
_wfopen
wcstod
_wtoi
_unlock
__dllonexit
_lock
_onexit
_malloc_crt
_encoded_null

msvcp100

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

Exports

Exports

Finalize
GetPluginAuthor
GetPluginVersion
GetString
Initialize
Update2
pcre_callout
pcre_compile
pcre_compile2
pcre_config
pcre_copy_named_substring
pcre_copy_substring
pcre_dfa_exec
pcre_exec
pcre_free
pcre_free_substring
pcre_free_substring_list
pcre_fullinfo
pcre_get_named_substring
pcre_get_stringnumber
pcre_get_stringtable_entries
pcre_get_substring
pcre_get_substring_list
pcre_info
pcre_maketables
pcre_malloc
pcre_refcount
pcre_stack_free
pcre_stack_malloc
pcre_study
pcre_version

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/WifiStatus.dll
.dll windows:5 windows x86 arch:x86

136decaaf30ca32e5946190b7e058acb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\RainTrunk\Plugins\PluginWifiStatus\x32\Release\WifiStatus.pdb

Imports

rainmeter

LSLog
ReadConfigString

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
DisableThreadLibraryCalls
GetTickCount
QueryPerformanceCounter
DecodePointer
EncodePointer
InterlockedExchange
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep

user32

wsprintfW

msvcp100

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z

wlanapi

WlanEnumInterfaces
WlanGetAvailableNetworkList
WlanFreeMemory
WlanCloseHandle
WlanOpenHandle
WlanQueryInterface

msvcr100

??1exception@std@@UAE@XZ
??3@YAXPAX@Z
??2@YAPAXI@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
?what@exception@std@@UBEPBDXZ
_wtoi
_wcsicmp
mbstowcs
free
malloc
memset
_unlock
??0exception@std@@QAE@ABQBD@Z
_lock
_onexit
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
__dllonexit
wcsstr
__CxxFrameHandler3

Exports

Exports

Finalize
GetPluginAuthor
GetPluginVersion
GetString
Initialize
Update

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/Win7AudioPlugin.dll
.dll windows:5 windows x86 arch:x86

4822e86c9bce0765db978bfce19f3a76

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\RainTrunk\Plugins\PluginWin7Audio\x32\Release\Win7AudioPlugin.pdb

Imports

rainmeter

LSLog

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
DisableThreadLibraryCalls
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
InterlockedExchange
DecodePointer
EncodePointer
InterlockedCompareExchange

user32

wsprintfW

ole32

CoUninitialize
CoTaskMemFree
CoInitialize
CoCreateInstance
PropVariantClear

msvcp100

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

msvcr100

memmove
??2@YAPAXI@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
__CxxFrameHandler3
?what@exception@std@@UBEPBDXZ
wcsncpy
swscanf_s
_wcsicmp
_unlock
__dllonexit
_lock
_onexit
memcpy
free
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
??0exception@std@@QAE@ABQBD@Z
??3@YAXPAX@Z
_malloc_crt
??1exception@std@@UAE@XZ
floor

Exports

Exports

ExecuteBang
Finalize
GetPluginAuthor
GetPluginVersion
GetString
Initialize
Update2

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/WindowMessagePlugin.dll
.dll windows:5 windows x86 arch:x86

523f5a06eb5a33249ee5e226744e8047

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\RainTrunk\Plugins\PluginWindowMessage\x32\Release\WindowMessagePlugin.pdb

Imports

rainmeter

ReadConfigString
LSLog

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
DisableThreadLibraryCalls
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
GetCurrentProcess

user32

SendMessageW
GetWindowTextW
FindWindowW
PostMessageW

msvcp100

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

msvcr100

_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
__CxxFrameHandler3
_itow
swscanf
??3@YAXPAX@Z
_unlock
__dllonexit
_lock
_onexit
_malloc_crt
free
??2@YAPAXI@Z
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
memmove
_encoded_null
memcpy
_wcsicmp

Exports

Exports

ExecuteBang
Finalize
GetPluginAuthor
GetPluginVersion
GetString
Initialize
Update2

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 846B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/iTunesPlugin.dll
.dll windows:5 windows x86 arch:x86

3bec3ba491e3277d9fd9fcf4578cae99

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\RainTrunk\Plugins\PluginiTunes\x32\Release\iTunesPlugin.pdb

Imports

rainmeter

LSLog
ReadConfigString

kernel32

InterlockedCompareExchange
lstrlenW
GetLastError
DisableThreadLibraryCalls
InterlockedDecrement
InterlockedIncrement
CreateDirectoryW
LocalFree
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedExchange
DecodePointer
EncodePointer
Sleep

user32

wsprintfW
FindWindowW

ole32

CoInitialize
CoCreateInstance
OleRun

oleaut32

LoadRegTypeLi
SysFreeString
SysAllocString
CreateErrorInfo
SetErrorInfo
VariantInit
VariantClear
VariantChangeType
GetErrorInfo

msvcr100

??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
clock
wcsncpy
_wcsicmp
_unlock
__dllonexit
_lock
_onexit
_malloc_crt
_CxxThrowException
_encoded_null
memset
_initterm_e
_amsg_exit
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
??1exception@std@@UAE@XZ
free
?what@exception@std@@UBEPBDXZ
??3@YAXPAX@Z
??2@YAPAXI@Z
wcsrchr
__CxxFrameHandler3
_initterm

msvcp100

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z

Exports

Exports

ExecuteBang
Finalize
GetPluginAuthor
GetPluginVersion
GetString
Initialize
Update

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Rainmeter.dll
.dll windows:5 windows x86 arch:x86

8d7e9f4653e72516b471b11ab402776d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\RainTrunk\Library\x32\Release\Rainmeter.pdb

Imports

comctl32

InitCommonControlsEx

wininet

InternetOpenUrlW
InternetReadFile
InternetCloseHandle
InternetOpenW

winmm

PlaySoundW

gdiplus

GdipDrawImageRectRectI
GdipGetImageHeight
GdipGetImageWidth
GdipGetFontCollectionFamilyList
GdipDeleteMatrix
GdipDeleteBrush
GdipFree
GdipAlloc
GdipCreatePen1
GdipDeletePen
GdipCreateMatrix
GdipSetMatrixElements
GdipCreateSolidFill
GdipCreateLineBrushFromRectWithAngleI
GdipSetCompositingQuality
GdipSetInterpolationMode
GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipDrawLineI
GdipFillRectangleI
GdipFillPolygonI
GdipCreateHICONFromBitmap
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipDrawImageRectRect
GdipTranslateMatrix
GdipRotateMatrix
GdipSetImageAttributesColorMatrix
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipImageRotateFlip
GdipGetImageRawFormat
GdiplusShutdown
GdiplusStartup
GdipDrawImageI
GdipGraphicsClear
GdipSetWorldTransform
GdipCreateFromHDC
GdipIsMatrixIdentity
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHBITMAP
GdipGetImagePixelFormat
GdipPrivateAddFontFile
GdipDeletePrivateFontCollection
GdipNewPrivateFontCollection
GdipCreateFont
GdipGetFamilyName
GdipCloneBrush
GdipCloneFontFamily
GdipMeasureString
GdipDrawString
GdipSetTextRenderingHint
GdipSetStringFormatMeasurableCharacterRanges
GdipSetStringFormatTrimming
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipDeleteFont
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipNewInstalledFontCollection
GdipGetFontCollectionFamilyCount
GdipDeleteStringFormat
GdipCreateStringFormat
GdipFillPie
ord1
GdipDrawImageRectI
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipResetWorldTransform
GdipDrawPath
GdipDrawLine
GdipAddPathLine
GdipClosePathFigure
GdipSetImageAttributesWrapMode
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipResetClip
GdipSetClipPath
GdipFillPath
GdipAddPathRectangleI
GdipDeletePath
GdipCreatePath
GdipCloneImage
GdipDrawCachedBitmap
GdipGetImageGraphicsContext
GdipCreateFromHWNDICM
GdipCreateFromHWND
GdipBitmapGetPixel
GdipCreateBitmapFromScan0
GdipDisposeImage
GdipDeleteCachedBitmap
GdipCreateCachedBitmap
GdipDeleteGraphics

iphlpapi

GetIfTable
GetNumberOfInterfaces

shlwapi

PathCanonicalizeW
AssocQueryStringW

kernel32

IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
LoadLibraryW
GetVersionExW
GetModuleFileNameW
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateDirectoryW
GetCurrentThreadId
CreateFileW
CloseHandle
ExpandEnvironmentStringsW
DisableThreadLibraryCalls
GetLastError
Sleep
FormatMessageW
GetLocalTime
GetSystemTime
SystemTimeToFileTime
GetTimeZoneInformation
QueryPerformanceCounter
FileTimeToSystemTime
GetTimeFormatW
GetDateFormatW
SetDllDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetPrivateProfileIntW
WritePrivateProfileStringW
GlobalMemoryStatusEx
GetDriveTypeW
SetErrorMode
SetLastError
GetDiskFreeSpaceExW
GetVolumeInformationW
GetSystemTimes
GetModuleHandleW
GetSystemInfo
GetTickCount
WideCharToMultiByte
MultiByteToWideChar
GetFileAttributesW
GetPrivateProfileStringW
FindFirstFileW
GetProcAddress
FreeLibrary
FindNextFileW
FindClose
SetFileAttributesW
GetTempFileNameW
GetTempPathW
GetCurrentProcessId
GetSystemTimeAsFileTime
DeleteFileW
LoadLibraryA
FormatMessageA
GetModuleFileNameA
OutputDebugStringA
GetFileSize
GetFileTime
GlobalAlloc
GlobalLock
ReadFile
GlobalUnlock
GlobalFree

user32

SendMessageW
MapWindowPoints
PostQuitMessage
IsWindow
CopyIcon
RegisterClassW
SetWinEventHook
EnumDisplaySettingsW
EnumDisplayMonitors
EnumDisplayDevicesW
EnumWindows
GetClassNameW
GetShellWindow
UnhookWinEvent
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
TrackPopupMenu
SendMessageTimeoutW
LoadMenuW
RemoveMenu
DestroyMenu
SetMenuDefaultItem
EnableMenuItem
AppendMenuW
CreatePopupMenu
InsertMenuW
CheckMenuItem
GetMenuItemCount
GetMenuStringW
GetMenuItemID
GetMenuState
ModifyMenuW
RegisterClassExW
SetPropW
RemovePropW
GetPropW
SetParent
UnregisterClassW
GetWindowRect
GetParent
InvalidateRect
MonitorFromRect
DefWindowProcW
GetCursorPos
BeginPaint
EndPaint
WindowFromPoint
GetAncestor
FindWindowExW
SetWindowRgn
LoadCursorW
SetCursor
SetWindowLongW
UpdateLayeredWindow
GetWindow
GetWindowLongW
MonitorFromPoint
GetMonitorInfoW
TrackMouseEvent
GetDC
ReleaseDC
GetDesktopWindow
GetKeyState
CreateWindowExW
LoadImageW
DestroyIcon
MessageBoxW
SystemParametersInfoW
GetSystemMetrics
CreateDialogParamW
LoadIconW
SetWindowPlacement
IsZoomed
ShowWindow
KillTimer
GetWindowPlacement
DestroyWindow
IsDlgButtonChecked
PostMessageW
IsWindowVisible
SetWindowTextW
CheckDlgButton
SetTimer
GetClientRect
GetDlgItem
SetWindowPos
GetSubMenu

gdi32

GetStockObject
CreateEllipticRgn
CreateRoundRectRgn
CreateCompatibleBitmap
GetDeviceCaps
CreateRectRgn
CreateCompatibleDC
GetObjectW
CreateDIBSection
SelectObject
BitBlt
CombineRgn
DeleteObject
DeleteDC

advapi32

RegOpenKeyExW
CheckTokenMembership
RegEnumKeyExW
RegQueryValueExW
FreeSid
RegCloseKey
AllocateAndInitializeSid

shell32

Shell_NotifyIconW
SHFileOperationW
SHGetFolderPathW
ShellExecuteW
ShellExecuteExW

ole32

CoUninitialize
CreateStreamOnHGlobal
CoInitializeEx

msvcp100

?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
??Bios_base@std@@QBEPAXXZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?_BADOFF@std@@3_JB
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Decref@facet@locale@std@@QAEPAV123@XZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
??1_Lockit@std@@QAE@XZ
?_Incref@facet@locale@std@@QAEXXZ
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??Bid@locale@std@@QAEIXZ
?id@?$codecvt@DDH@std@@2V0locale@2@A
??0_Lockit@std@@QAE@H@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?good@ios_base@std@@QBE_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?width@ios_base@std@@QAE_J_J@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

msvcr100

_CIpow
modf
floor
_pclose
_popen
tmpfile
fscanf
clearerr
ftell
fseek
iscntrl
localeconv
isalnum
isdigit
isalpha
_CIfmod
ceil
calloc
atan
cos
sin
tan
fabs
_CIsinh
log
log10
sqrt
asin
acos
strtol
strtod
malloc
strncpy
realloc
_beginthread
atoi
memchr
sprintf
_wstat64i32
fsetpos
_fseeki64
fgetpos
_wasctime
fwrite
memcpy_s
??0bad_cast@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
fflush
setvbuf
ungetc
fputc
fgetc
_unlock_file
_lock_file
setlocale
wcsrchr
_wtof
__RTDynamicCast
towupper
_CIcos
_CIsin
_tzset
wcsftime
_localtime64
srand
rand
_time64
_purecall
wcsncat_s
wcsncpy_s
_set_invalid_parameter_handler
_snwprintf_s
_wfopen
fclose
strncmp
fputws
memset
_waccess
_wcsnicmp
towlower
_errno
wcstod
wcsncmp
iswspace
swscanf
wcschr
_wcsdup
wcstok
_wtoi
free
??_V@YAXPAX@Z
_wcsicmp
__CxxFrameHandler3
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??2@YAPAXI@Z
memmove
memcpy
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
_vsnwprintf_s
??3@YAXPAX@Z
_CIcosh
longjmp
exit
_setjmp3
fgets
strtoul
isspace
fputs
strstr
fprintf
__iob_func
getc
freopen
fopen
ferror
strerror
feof
fread
strchr
_CItan
_CItanh
_CIasin
_CIacos
_CIatan
_CIatan2
_CIsqrt
_CIlog
_CIlog10
_CIexp
frexp
strncat
_strdup
_vsnprintf_s
_snprintf_s
ldexp
_HUGE
strrchr
getenv
strcspn
_difftime64
_gmtime64
_mktime64
system
remove
rename
tmpnam
clock
strftime
tolower
toupper
isxdigit
isupper
ispunct
islower
strpbrk
printf
strcoll
isprint
putchar
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
exp
_strnicmp

Exports

Exports

ExecuteBang
Initialize
LSLog
PluginBridge
ReadConfigString
initModuleEx
quitModule

Sections

.text
Size: 658KB - Virtual size: 657KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Rainmeter.exe
.exe windows:5 windows x86 arch:x86

a9679c9961e547cd9567ac501e582bf1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\RainTrunk\Application\x32\Release\Rainmeter.pdb

Imports

rainmeter

quitModule
initModuleEx
Initialize
ExecuteBang

kernel32

GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
LoadLibraryW
GetSystemDirectoryW
GetLastError
CreateMutexW
FreeLibrary
GetCommandLineW
GetProcAddress
ReleaseMutex
GetModuleHandleW
UnhandledExceptionFilter
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DecodePointer
SetUnhandledExceptionFilter
EncodePointer
GetStartupInfoW
HeapSetInformation
InterlockedCompareExchange
Sleep
InterlockedExchange
SetDllDirectoryW
IsDebuggerPresent

user32

LoadIconW
LoadCursorW
RegisterClassW
DefWindowProcW
DispatchMessageW
FindWindowW
SendMessageW
MessageBoxW
CreateWindowExW
TranslateMessage
GetMessageW
DestroyWindow
PostQuitMessage

gdi32

GetStockObject

msvcp100

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z

msvcr100

_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
memcpy
memmove
_wcsicmp
??2@YAPAXI@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
__CxxFrameHandler3
towlower
memset
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_invoke_watson
_controlfp_s

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Rainmeter.exe.config
Themes/illustro default/Rainmeter.thm

Sharing

General

Malware Config

Signatures

Files

b729b61eb1515fcf7b3e511e4e66258b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 409KB

.ndata Size: - Virtual size: 1.4MB

.rsrc Size: 28KB - Virtual size: 27KB

149adf074d317fbf0d2f17314bd18969

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

version

kernel32

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: - Virtual size: 44B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 188B

cbc66eb3222e3fcdbee2e18ba7195f5e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 24KB

.CRT Size: 512B - Virtual size: 4B

.reloc Size: 1KB - Virtual size: 1KB

039bcbc605477e8e87ec550c2e60e748

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 963B

.data Size: 512B - Virtual size: 64B

.reloc Size: 1024B - Virtual size: 588B

1fe003b76229a0ffee4a9219893de38e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 409KB

.ndata
Size: - Virtual size: 1.4MB

.rsrc
Size: 28KB - Virtual size: 27KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: - Virtual size: 44B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 188B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 24KB

.CRT
Size: 512B - Virtual size: 4B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 963B

.data
Size: 512B - Virtual size: 64B

.reloc
Size: 1024B - Virtual size: 588B

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 1024B - Virtual size: 894B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: - Virtual size: 48B

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 590B

.text
Size: 31KB - Virtual size: 31KB

.data
Size: 512B - Virtual size: 1000B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 512B - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB