4e4e256a4d2316ed12b0e299cfab8dddc96b0477c67d3365330604d7672bd4e2

Sharing

Copy URL Twitter E-mail

General

Target

4e4e256a4d2316ed12b0e299cfab8dddc96b0477c67d3365330604d7672bd4e2
Size

6.1MB
MD5

932c74dbd91228e5f216b44ba87c7a80
SHA1

9f53d67b0e29a1202af119231d9ab7762fbe95b6
SHA256

4e4e256a4d2316ed12b0e299cfab8dddc96b0477c67d3365330604d7672bd4e2
SHA512

d8e2761534b6664ecb30ba52ead516f2366869b6c8888d9aaf1e86f5bf43b5418e37457ff7be0f9a4ee5c2b58b9ad06e7d749a9c5d219fd47db4bf5056f78160
SSDEEP

196608:AQxkfkc6d8aL9wQ2PxDzuy26VPvLvPxulmmmRAN:afj6dBl2Bz/2KvLviJmRc

Score

3^/10

Malware Config

Signatures

Unsigned PE 15 IoCs

Checks for missing Authenticode signature.

resource
unpack001/E_.7z/Driver/x64/SIUSBXP.sys
unpack001/E_.7z/Driver/x64/SiLib.sys
unpack001/E_.7z/Driver/x86/SIUSBXP.sys
unpack001/E_.7z/Driver/x86/SiLib.sys
unpack001/E_.7z/SETUPGUIDE.exe
unpack001/E_.7z/System32/Redist/MS/System/asycfilt.dll
unpack001/E_.7z/System32/Redist/MS/System/comcat.dll
unpack001/E_.7z/System32/Redist/MS/System/mfc42.dll
unpack001/E_.7z/System32/Redist/MS/System/msvcrt.dll
unpack001/E_.7z/System32/Redist/MS/System/oleaut32.dll
unpack001/E_.7z/System32/Redist/MS/System/olepro32.dll
unpack001/E_.7z/System32/Redist/MS/System/stdole2.tlb
unpack001/E_.7z/program files/Vibration Datalogger/Datalogger.exe
unpack001/E_.7z/program files/Vibration Datalogger/SiUSBXp.dll
unpack001/E_.7z/setup.exe

Files

4e4e256a4d2316ed12b0e299cfab8dddc96b0477c67d3365330604d7672bd4e2
.zip
E_.7z/0x0409.ini
E_.7z/Autorun.inf
E_.7z/Driver/SiUSBXp.inf
E_.7z/Driver/USBXpressInstaller.exe
.exe windows:4 windows x86 arch:x86

b67d5481936a1c271736ac995bddc87c

Code Sign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:58:9a:07:4b:46:a1:c3:5d:17:4e:1b:e7:a9:62:9d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

13/03/2006, 00:00

Not After

12/03/2009, 23:59

Subject

CN=Silicon Laboratories,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=MCU,O=Silicon Laboratories,L=Austin,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

51:0d:0b:84:52:fe:a3:46:66:e4:33:c7:2a:8e:6b:74:63:f6:1d:b4
Signer

Actual PE Digest

51:0d:0b:84:52:fe:a3:46:66:e4:33:c7:2a:8e:6b:74:63:f6:1d:b4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiSetDeviceRegistryPropertyA
SetupDiCreateDeviceInfoA
SetupDiCreateDeviceInfoList
SetupDiGetINFClassA
CM_Disconnect_Machine
CM_Reenumerate_DevNode_Ex
CM_Locate_DevNode_ExA
CM_Connect_MachineA
SetupDiGetDeviceRegistryPropertyA
SetupDiOpenDeviceInfoA
SetupDiCreateDeviceInfoListExA
SetupGetInfFileListA
SetupCopyOEMInfA
SetupDiEnumDeviceInfo
SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller
SetupDiClassGuidsFromNameExA
SetupDiGetClassDevsExA
SetupPromptReboot
SetupDiDestroyDeviceInfoList
SetupDiBuildClassInfoListExA
SetupDiClassNameFromGuidExA
SetupGetStringFieldA
SetupDiGetClassDescriptionExA
SetupDiOpenClassRegKeyExA
SetupDiGetDeviceInstallParamsA
SetupDiSetDeviceInstallParamsA
SetupDiBuildDriverInfoList
SetupDiEnumDriverInfoA
SetupDiGetDriverInfoDetailA
SetupDiGetDriverInstallParamsA
SetupDiDestroyDriverInfoList
CM_Get_First_Log_Conf_Ex
CM_Free_Log_Conf_Handle
CM_Get_Next_Res_Des_Ex
CM_Free_Res_Des_Handle
CM_Get_Res_Des_Data_Size_Ex
CM_Get_Res_Des_Data_Ex
CM_Get_DevNode_Status_Ex
SetupDiGetDeviceInfoListDetailA
CM_Get_Device_ID_ExA
SetupGetLineTextA
SetupOpenInfFileA
SetupFindFirstLineA
SetupCloseInfFile

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

advapi32

RegOpenKeyA
RegSetValueExA
RegCreateKeyA
RegDeleteKeyA
RegQueryValueExA
RegDeleteValueA
CloseServiceHandle
OpenServiceA
OpenSCManagerA
InitiateSystemShutdownExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey

mfc42

ord6055
ord3790
ord1776
ord5290
ord3402
ord3567
ord567
ord2302
ord6197
ord1158
ord5710
ord2763
ord6010
ord5442
ord3318
ord1168
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord641
ord2514
ord800
ord858
ord4278
ord6282
ord6283
ord537
ord2621
ord5265
ord4376
ord4998
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord860
ord1146
ord1576
ord540
ord324
ord2370
ord4234
ord4853
ord6334
ord6199
ord3874
ord6215
ord3092
ord665
ord1979
ord922
ord5186
ord354
ord926
ord535
ord924
ord4129
ord5683
ord4224
ord4710
ord2818
ord4204
ord2764
ord823
ord940
ord2379
ord755
ord470
ord2642
ord602
ord2652
ord1669
ord2086
ord6385
ord941
ord939
ord5572
ord2915
ord6153

msvcrt

_iob
_setmbcp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__CxxFrameHandler
_mbscmp
free
malloc
atoi
strstr
printf
_controlfp
fputs
_mbsicmp
_mbschr
_mbctolower
_mbctoupper
_ismbcalpha
_mbsnbicmp
__dllonexit

kernel32

FreeLibrary
FileTimeToSystemTime
GetDateFormatA
GetWindowsDirectoryA
CreateProcessA
WaitForSingleObject
CloseHandle
DeleteFileA
CopyFileA
GetProcAddress
GetLastError
FindResourceA
LoadResource
LockResource
SizeofResource
GetModuleFileNameA
SetCurrentDirectoryA
GetSystemDirectoryA
GetVersionExA
LoadLibraryA
GetFileAttributesA
GetFullPathNameA
lstrlenA
FindClose
FindNextFileA
FindFirstFileA
LocalFree
FormatMessageA
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
CreateDirectoryA

user32

GetClientRect
GetSystemMetrics
IsIconic
EnableWindow
DrawIcon
UpdateWindow
InvalidateRect
SendMessageA
CharPrevA
CharNextA
LoadIconA
GetWindowRect
LoadStringA

shell32

SHBrowseForFolderA
SHGetSpecialFolderPathA
SHGetPathFromIDListA
SHGetMalloc

ole32

CLSIDFromString

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
E_.7z/Driver/setup.ini
E_.7z/Driver/siusbxp.cat
E_.7z/Driver/x64/SIUSBXP.sys
.sys windows:6 windows x64 arch:x64

ea665e524abd35d65494ca3cdfdebcc4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\dev\development\librarypackages\usbxpress\drivers\usbxpress\windows_2k_xp_s2k3_vista\objfre_wlh_amd64\amd64\SIUSBXP.pdb

Imports

ntoskrnl.exe

IoBuildDeviceIoControlRequest
KeInitializeEvent
IoCancelIrp
IofCallDriver
IoFreeIrp
IoAllocateIrp
KeBugCheckEx
IoCreateDevice
RtlCopyUnicodeString
IoIsWdmVersionAvailable
IoAttachDeviceToDeviceStack
ExFreePool
RtlFreeUnicodeString
IoDetachDevice
IoDeleteDevice
RtlInitUnicodeString
ExAllocatePoolWithTag
KeAcquireSpinLockRaiseToDpc
IoReleaseCancelSpinLock
IofCompleteRequest
KeWaitForSingleObject
KeReleaseSpinLock
__C_specific_handler
_local_unwind

silib.sys

GenericDispatchPnp
GenericAcquireRemoveLock
GenericRegisterInterface
GenericCleanupControlRequests
GenericSaveRestoreComplete
InitializeGenericExtension
GenericReleaseRemoveLock
GenericDispatchPower
GetSizeofGenericExtension
IsWin98

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseConfigurationDescriptorEx
USBD_ParseDescriptors

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

page
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

init
Size: 512B - Virtual size: 318B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
E_.7z/Driver/x64/SiLib.sys
.sys windows:6 windows x64 arch:x64

51d2f612dba8b59b1d57fa3361694409

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\dev\development\librarypackages\usbxpress\drivers\silib\windows_98se_2k_xp_s2k3\objfre_wlh_amd64\amd64\SiLib.pdb

Imports

ntoskrnl.exe

KeReleaseSpinLock
IofCompleteRequest
KeAcquireSpinLockAtDpcLevel
IoReleaseCancelSpinLock
KeAcquireSpinLockRaiseToDpc
KeInitializeEvent
RtlUnicodeStringToAnsiString
PoSetPowerState
ExFreePool
KeInitializeSemaphore
KeWaitForSingleObject
IoAcquireCancelSpinLock
IofCallDriver
ExAllocatePoolWithTag
KeSetEvent
KeClearEvent
KeReleaseSpinLockFromDpcLevel
RtlInitUnicodeString
ZwSetValueKey
PoRequestPowerIrp
IoCancelIrp
ZwQueryValueKey
PoStartNextPowerIrp
ZwClose
ExQueueWorkItem
IoFreeIrp
PoCallDriver
IoAllocateIrp
IoOpenDeviceRegistryKey
PoRegisterDeviceForIdleDetection
IoInvalidateDeviceState
ExReleaseFastMutex
ExAcquireFastMutex
IoRegisterDeviceInterface
IoSetDeviceInterfaceState
RtlFreeUnicodeString
KeBugCheckEx

Exports

Exports

AbortAllRequests
AbortRequests
AllowAllRequests
AllowRequests
AreRequestsBeingAborted
CancelRequest
CheckAnyBusyAndStall
CheckBusyAndStall
CleanupAllRequests
CleanupGenericExtension
CleanupRequests
GenericAcquireRemoveLock
GenericCacheControlRequest
GenericCleanupAllRequests
GenericCleanupControlRequests
GenericDeregisterInterface
GenericDispatchPnp
GenericDispatchPower
GenericEnableInterface
GenericGetVersion
GenericHandlePowerIoctl
GenericIdleDevice
GenericInitializeRemoveLock
GenericMarkDeviceBusy
GenericRegisterForIdleDetection
GenericRegisterInterface
GenericReleaseRemoveLock
GenericReleaseRemoveLockAndWait
GenericSaveRestoreComplete
GenericSetDeviceState
GenericUncacheControlRequest
GenericWakeupControl
GenericWakeupFromIdle
GetCurrentIrp
GetSizeofGenericExtension
InitializeGenericExtension
InitializeQueue
IsWin98
RestartAllRequests
RestartRequests
StallAllRequests
StallAllRequestsAndNotify
StallRequests
StallRequestsAndNotify
StartNextPacket
StartPacket
WaitForCurrentIrp
WaitForCurrentIrps

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

page
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

init
Size: 512B - Virtual size: 11B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
E_.7z/Driver/x86/SIUSBXP.sys
.sys windows:6 windows x86 arch:x86

a2b868b241fd85ded003834cd4e583a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\dev\development\librarypackages\usbxpress\drivers\usbxpress\windows_2k_xp_s2k3_vista\objfre_w2k_x86\i386\SIUSBXP.pdb

Imports

ntoskrnl.exe

IoAllocateIrp
KeWaitForSingleObject
IoBuildDeviceIoControlRequest
KeInitializeEvent
IoCancelIrp
IoFreeIrp
InterlockedDecrement
memmove
KeTickCount
KeBugCheckEx
IoIsWdmVersionAvailable
RtlInitUnicodeString
IoCreateDevice
KeInitializeSpinLock
ExAllocatePoolWithTag
RtlCopyUnicodeString
IoAttachDeviceToDeviceStack
ExFreePool
IoDetachDevice
IoDeleteDevice
IofCallDriver
RtlFreeUnicodeString
memset
memcpy
InterlockedExchange
IoReleaseCancelSpinLock
InterlockedIncrement
IofCompleteRequest
RtlUnwind

hal

KfAcquireSpinLock
KfReleaseSpinLock

silib.sys

_GenericSaveRestoreComplete@4
_GenericCleanupControlRequests@12
_IsWin98@0
_GetSizeofGenericExtension@0
_InitializeGenericExtension@8
_GenericRegisterInterface@8
_GenericDispatchPower@8
_GenericDispatchPnp@8
_GenericAcquireRemoveLock@8
_GenericReleaseRemoveLock@8

usbd.sys

_USBD_CreateConfigurationRequestEx@8
_USBD_ParseDescriptors@16
_USBD_ParseConfigurationDescriptorEx@28

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

page
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

init
Size: 256B - Virtual size: 232B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 640B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 896B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 478B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
E_.7z/Driver/x86/SiLib.sys
.sys windows:6 windows x86 arch:x86

47a631deb9325c656b318d7dc3f7125e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\dev\development\librarypackages\usbxpress\drivers\silib\windows_98se_2k_xp_s2k3\objfre_wlh_x86\i386\SiLib.pdb

Imports

ntoskrnl.exe

KeWaitForSingleObject
IofCallDriver
KeInitializeSemaphore
KeInitializeSpinLock
IoAcquireCancelSpinLock
RtlUnicodeStringToAnsiString
ExAllocatePoolWithTag
PoSetPowerState
memset
InterlockedIncrement
InterlockedDecrement
KefReleaseSpinLockFromDpcLevel
KeClearEvent
PoRegisterDeviceForIdleDetection
PoCallDriver
IoIsWdmVersionAvailable
ZwClose
ZwQueryValueKey
RtlInitUnicodeString
IoOpenDeviceRegistryKey
PoRequestPowerIrp
ZwSetValueKey
IoFreeIrp
ExQueueWorkItem
IoCancelIrp
IoAllocateIrp
IoInvalidateDeviceState
RtlFreeUnicodeString
IoSetDeviceInterfaceState
IoRegisterDeviceInterface
KeTickCount
KeSetEvent
ExFreePool
KeInitializeEvent
IoReleaseCancelSpinLock
KefAcquireSpinLockAtDpcLevel
InterlockedExchange
PoStartNextPowerIrp
IofCompleteRequest

hal

ExReleaseFastMutex
KeGetCurrentIrql
KfRaiseIrql
KfLowerIrql
KfAcquireSpinLock
KfReleaseSpinLock
ExAcquireFastMutex

Exports

Exports

_AbortAllRequests@12
_AbortRequests@8
_AllowAllRequests@8
_AllowRequests@4
_AreRequestsBeingAborted@4
_CancelRequest@8
_CheckAnyBusyAndStall@12
_CheckBusyAndStall@4
_CleanupAllRequests@16
_CleanupGenericExtension@4
_CleanupRequests@12
_GenericAcquireRemoveLock@8
_GenericCacheControlRequest@12
_GenericCleanupAllRequests@12
_GenericCleanupControlRequests@12
_GenericDeregisterInterface@8
_GenericDispatchPnp@8
_GenericDispatchPower@8
_GenericEnableInterface@12
_GenericGetVersion@0
_GenericHandlePowerIoctl@8
_GenericIdleDevice@12
_GenericInitializeRemoveLock@16
_GenericMarkDeviceBusy@4
_GenericRegisterForIdleDetection@16
_GenericRegisterInterface@8
_GenericReleaseRemoveLock@8
_GenericReleaseRemoveLockAndWait@8
_GenericSaveRestoreComplete@4
_GenericSetDeviceState@8
_GenericUncacheControlRequest@8
_GenericWakeupControl@8
_GenericWakeupFromIdle@8
_GetCurrentIrp@4
_GetSizeofGenericExtension@0
_InitializeGenericExtension@8
_InitializeQueue@8
_IsWin98@0
_RestartAllRequests@12
_RestartRequests@8
_StallAllRequests@8
_StallAllRequestsAndNotify@16
_StallRequests@4
_StallRequestsAndNotify@12
_StartNextPacket@8
_StartPacket@16
_WaitForCurrentIrp@4
_WaitForCurrentIrps@8

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

page
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

init
Size: 512B - Virtual size: 11B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 389B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 706B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
E_.7z/SETUPGUIDE.exe
.exe windows:4 windows x86 arch:x86

8b665a365882746436ff68329e21332d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
_adj_fprem1
__vbaRecAnsiToUni
__vbaStrCat
__vbaLsetFixstr
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
__vbaStrFixstr
__vbaBoolVarNull
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
__vbaRecUniToAnsi
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
ord537
_CIlog
__vbaErrorOverflow
__vbaInStr
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
ord681
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaI4Var
__vbaStrToAnsi
ord616
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
E_.7z/Setup.ini
E_.7z/System32/Redist/MS/System/asycfilt.dll
.dll windows:4 windows x86 arch:x86

28b659576236be75a4bbcbfa9113e470

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ole32

ReleaseStgMedium

user32

UnionRect

gdi32

CreateSolidBrush
SetDIBits
SetMapMode
DeleteObject
PatBlt
GetCurrentObject
SelectObject
SetStretchBltMode
GetObjectA
GetNearestPaletteIndex
SetDIBColorTable
GetNearestColor
SelectPalette
SetDIBitsToDevice
StretchDIBits

kernel32

SetLastError
GetCPInfo
GetACP
GetStartupInfoA
InterlockedIncrement
InitializeCriticalSection
InterlockedDecrement
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetTickCount
lstrlenA
GlobalDeleteAtom
GlobalAddAtomA
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
HeapFree
GetModuleFileNameA
RtlUnwind
HeapAlloc
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetLocaleInfoA
GetLocaleInfoW
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
LoadLibraryA
FlushFileBuffers
SetFilePointer
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CloseHandle
ReadFile

Exports

Exports

DllCanUnloadNow
FilterCreateInstance

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
E_.7z/System32/Redist/MS/System/comcat.dll
.dll regsvr32 windows:4 windows x86 arch:x86

5316dd1ba7417f578451f902c4b4f845

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ole32

StringFromCLSID
StringFromGUID2
CoTaskMemAlloc
CLSIDFromString
CoTaskMemFree

kernel32

GetModuleFileNameA
lstrlenA
GlobalAlloc
lstrlenW
GetModuleHandleA
WideCharToMultiByte
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
IsBadReadPtr
GetUserDefaultLCID
IsBadWritePtr
GlobalFree

user32

wsprintfA

advapi32

RegCreateKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyW
RegEnumKeyA
RegOpenKeyA
RegCloseKey
RegDeleteKeyA
RegSetValueExW
RegSetValueExA
RegCreateKeyExW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 906B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
E_.7z/System32/Redist/MS/System/mfc42.dll
.dll regsvr32 windows:4 windows x86 arch:x86

1557eebc6134cee9eb9d0583a2b40341

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_initterm
?terminate@@YAXXZ
_except_handler3
_adjust_fdiv
_onexit
__dllonexit
??1type_info@@UAE@XZ
_mbsnbicmp
wcsncpy
wcscpy
_ltoa
_ultoa
swprintf
_itoa
modf
ceil
fabs
floor
labs
_ftol
_splitpath
_fullpath
atol
__p___argc
_EH_prolog
__p___argv
_beginthreadex
_endthreadex
_strdup
_mbsdec
_expand
strtod
strtol
strtoul
abs
calloc
_msize
_purecall
strftime
_mbctype
localtime
gmtime
time
_ismbcspace
atoi
_ismbcdigit
_mbsnbcmp
sprintf
strlen
_mbclen
vsprintf
_mbsrchr
_mbscspn
_mbsspn
_mbsstr
_mbsrev
_mbslwr
_mbsupr
_mbspbrk
_mbschr
wcslen
_mbscmp
realloc
fclose
fflush
fseek
ftell
fgets
fputs
fwrite
fread
clearerr
_open_osfhandle
_fdopen
__doserrno
_get_osfhandle
memset
_mbsinc
abort
free
malloc
memcmp
memmove
memcpy
_CxxThrowException
mktime
__CxxFrameHandler

kernel32

FindClose
FindFirstFileA
lstrcpyA
MultiByteToWideChar
GetFullPathNameA
GetStringTypeExA
GetThreadLocale
lstrcmpiA
GetShortPathNameA
GetModuleFileNameA
GlobalSize
GlobalLock
GlobalAlloc
GlobalReAlloc
GlobalUnlock
GlobalFree
GetFileAttributesA
GetFileSize
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
LocalFree
FormatMessageA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCPInfo
GetOEMCP
LocalAlloc
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
LeaveCriticalSection
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
WaitForSingleObject
CreateSemaphoreA
DeleteFileA
LoadLibraryA
ReleaseMutex
InterlockedExchange
WaitForMultipleObjects
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
lstrcatA
GetVersion
LockResource
LoadResource
FindResourceA
FreeLibrary
MulDiv
GetProfileIntA
VirtualProtect
FindResourceExA
SizeofResource
GetProcessVersion
GlobalFlags
GetTempFileNameA
GetDiskFreeSpaceA
LocalUnlock
LocalLock
GetTempPathA
SearchPathA
SetEvent
ResumeThread
SetThreadPriority
SuspendThread
GetCurrentThread
SetErrorMode
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentDirectoryA
FindNextFileA
GetTickCount
lstrlenW
CopyFileA
lstrcpyW
GetUserDefaultLCID
IsDBCSLeadByte
GetSystemDirectoryA
GetProcAddress
UnlockFile
MoveFileA
SetEndOfFile
FlushFileBuffers
LockFile
CloseHandle
ReadFile
SetFilePointer
WriteFile
DuplicateHandle
CreateFileA
GetCurrentProcess
lstrlenA
lstrcmpA
OutputDebugStringA
IsBadStringPtrA
IsBadReadPtr
IsBadWritePtr
GetLastError
IsBadStringPtrW
lstrcpynA
ReleaseSemaphore
SetLastError
CreateMutexA
GetVolumeInformationA
CreateEventA
RaiseException

gdi32

TextOutA
GetPolyFillMode
EnumFontFamiliesA
GetPixel
CreatePalette
GetPaletteEntries
RealizePalette
OffsetRgn
SetBrushOrgEx
CreateMetaFileA
CopyMetaFileA
LPtoDP
SetAbortProc
StartPage
EndPage
EndDoc
AbortDoc
DPtoLP
CombineRgn
SetRectRgn
GetMapMode
CreateDIBPatternBrushPt
CreateHatchBrush
ExtCreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
CreateRectRgn
GetClipRgn
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
OffsetClipRgn
ExcludeClipRect
SelectClipRgn
OffsetWindowOrgEx
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
StartDocA
EnumFontFamiliesExA
CreateDCA
CreateRectRgnIndirect
Rectangle
UnrealizeObject
PatBlt
CreateBitmap
CreatePatternBrush
CreatePen
CloseMetaFile
DeleteMetaFile
RectVisible
PtVisible
IntersectClipRect
GetViewportOrgEx
GetWindowOrgEx
SetWindowOrgEx
GetDeviceCaps
Escape
GetCurrentPositionEx
MoveToEx
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetTextFaceA
GetWindowExtEx
GetViewportExtEx
GetROP2
GetBkMode
GetTextAlign
GetNearestColor
GetBkColor
GetTextColor
SaveDC
GetStockObject
RestoreDC
GetCharWidthA
DeleteObject
CreateFontA
StretchDIBits
DeleteDC
CreateCompatibleBitmap
GetTextExtentPoint32A
ExtTextOutA
CreateSolidBrush
BitBlt
CreateFontIndirectA
CreateCompatibleDC
GetTextMetricsA
GetObjectA
SelectObject
SetTextColor
GetClipBox
SetBkColor
GetStretchBltMode

user32

SetCapture
CharToOemA
OemToCharA
UnhookWindowsHookEx
MsgWaitForMultipleObjects
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
RegisterWindowMessageA
SetWindowPos
SetWindowLongA
GetWindowLongA
GetWindow
SendMessageA
SetForegroundWindow
GetForegroundWindow
GetLastActivePopup
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetKeyState
GetDlgCtrlID
GetWindowTextA
GetWindowTextLengthA
GetDlgItem
SetWindowPlacement
TrackPopupMenu
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetParent
IsChild
MessageBoxA
GetTopWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetScrollInfo
GetScrollInfo
ScrollWindow
IsWindowVisible
EnableWindow
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
GetClientRect
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
SetFocus
IsWindow
SetActiveWindow
GetFocus
DispatchMessageA
PeekMessageA
GetSysColor
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
PostMessageA
LoadIconA
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
SetCursor
IsWindowEnabled
GetDesktopWindow
ShowWindow
GetActiveWindow
DestroyMenu
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
InvalidateRect
BringWindowToTop
LoadCursorA
GetSystemMetrics
WaitMessage
GetCursorPos
GetWindowThreadProcessId
WindowFromPoint
ClientToScreen
TranslateMessage
GetMessageA
DefFrameProcA
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
RedrawWindow
LoadBitmapA
InflateRect
PtInRect
ReleaseDC
InvertRect
GetWindowDC
FillRect
SetTimer
KillTimer
SetRect
GetDC
IsZoomed
SetParent
IsRectEmpty
AppendMenuA
DeleteMenu
GetSystemMenu
GetDCEx
LockWindowUpdate
GetTabbedTextExtentA
DrawTextA
GrayStringA
UnionRect
DrawFocusRect
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
wvsprintfA
GetAsyncKeyState
MapDialogRect
GetDialogBaseUnits
BeginPaint
EndPaint
TabbedTextOutA
GetSysColorBrush
GetClassNameA
SetWindowTextA
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageA
MoveWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
DestroyIcon
SetCursorPos
DestroyCursor
FindWindowA
IsClipboardFormatAvailable
MessageBeep
RemoveMenu
ValidateRect
PostQuitMessage
UnregisterClassA
ShowOwnedPopups
InsertMenuA
GetMenuStringA
RegisterClipboardFormatA
CopyAcceleratorTableA
InSendMessage
PostThreadMessageA
CreateMenu
WindowFromDC
CountClipboardFormats
SetWindowContextHelpId
CharNextA
GetNextDlgGroupItem
ClipCursor
DrawEdge
EnumChildWindows
InvalidateRgn
FrameRect
LoadStringA
CharUpperA
wsprintfA

Exports

Exports

?classCCachedDataPathProperty@CCachedDataPathProperty@@2UCRuntimeClass@@B
?classCDataPathProperty@CDataPathProperty@@2UCRuntimeClass@@B
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 616KB - Virtual size: 613KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 212KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
E_.7z/System32/Redist/MS/System/msvcrt.dll
.dll windows:4 windows x86 arch:x86

8d26773106ed39fbb89a157d19d8aa89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
RtlUnwind
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetUnhandledExceptionFilter
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
ResumeThread
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapFree
HeapAlloc
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
SetEnvironmentVariableW
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
RaiseException
SetStdHandle
Sleep
CompareStringA
CompareStringW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
GetTimeZoneInformation
SetEnvironmentVariableA
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
HeapSize
ReadConsoleA
SetConsoleMode
GetConsoleMode
SetEndOfFile
WriteConsoleA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
GetSystemTimeAsFileTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime
GetSystemTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__argc
__argv
__badioinfo
__crtCompareStringA
__crtGetLocaleInfoW
__crtLCMapStringA
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__isascii
__iscsym
__iscsymf
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pioinfo
__pxcptinfoptrs
__set_app_type
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__unguarded_readlc_active
__wargv
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_creat
_cscanf
_ctype
_cwait
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirsti64
_findnext
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstati64
_ftime
_ftol
_fullpath
_futime
_gcvt
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getws
_global_unwind2
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putws
_pwctype
_read
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_searchenv
_seh_longjmp_unwind
_set_error_mode
_set_sbh_threshold
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snwprintf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_splitpath
_stat
_stati64
_statusfp
_strcmpi
_strdate
_strdup
_strerror
_stricmp
_stricoll
_strlwr
_strncoll
_strnicmp
_strnicoll
_strnset
_strrev
_strset
_strtime
_strupr
_swab
_sys_errlist
_sys_nerr
_tell
_telli64
_tempnam
_timezone
_tolower
_toupper
_tzname
_tzset
_ui64toa
_ui64tow
_ultoa
_ultow
_umask
_ungetch
_unlink
_unloaddll
_unlock
_utime
_vsnprintf
_vsnwprintf
_waccess
_wasctime
_wchdir
_wchmod
_wcmdln
_wcreat
_wcsdup
_wcsicmp
_wcsicoll
_wcslwr
_wcsncoll
_wcsnicmp
_wcsnicoll
_wcsnset
_wcsrev
_wcsset
_wcsupr

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
E_.7z/System32/Redist/MS/System/oleaut32.dll
.dll regsvr32 windows:4 windows x86 arch:x86

d7112004d3c345a2ed68d74bba3d37f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ole32

StgCreateDocfileOnILockBytes
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
MkParseDisplayName
StgCreateDocfile
CreateBindCtx
CoCreateInstance
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
CoSetState
ReleaseStgMedium
CoGetClassObject
StringFromGUID2
CreateItemMoniker
GetRunningObjectTable
CoGetMalloc
CLSIDFromString
CoUnmarshalInterface
CoMarshalInterface
CoUnmarshalHresult
CoMarshalHresult

user32

CreateWindowExA
RegisterClipboardFormatA
RegisterClassA
GetClassInfoA
GetWindowLongA
IsWindow
DestroyWindow
DefWindowProcA
GetSysColor
SetWindowLongA
SetFocus
SetActiveWindow
GetActiveWindow
PostQuitMessage
PostMessageA
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageW
GetMessageA
SendMessageA
EnableWindow
GetParent
GetFocus
CharNextA
GetWindowTextA
CharLowerA
SendMessageW
GetDlgItem
GetKeyState
ReleaseDC
GetDialogBaseUnits
GetDC
GetClientRect
IsWindowUnicode
GetTopWindow
WinHelpA
wsprintfA
DestroyIcon
CreateIcon
CreateCursor
DrawIcon
GetSystemMetrics
GetIconInfo
CopyIcon
CopyImage

gdi32

GetWindowOrgEx
CreateHalftonePalette
CreateDIBitmap
CreateDIBSection
Escape
SetBitmapBits
SetDIBits
PlayMetaFileRecord
CreatePalette
GetEnhMetaFileBits
GetMetaFileBitsEx
CreateCompatibleDC
BitBlt
DeleteDC
CreateCompatibleBitmap
GetBitmapBits
SetEnhMetaFileBits
SaveDC
IntersectClipRect
GetPaletteEntries
OffsetViewportOrgEx
PlayEnhMetaFile
EnumMetaFile
RestoreDC
SetStretchBltMode
SetBkColor
SetTextColor
SetMapMode
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
GetWinMetaFileBits
GetCurrentObject
GetObjectType
GetStockObject
SelectPalette
RealizePalette
StretchBlt
GetDIBits
StretchDIBits
GetObjectA
GetBitmapDimensionEx
GetEnhMetaFileHeader
SetMetaFileBitsEx
CreateBitmap
PatBlt
DeleteEnhMetaFile
DeleteMetaFile
GetTextExtentPointA
GetDeviceCaps
SelectObject
GetTextMetricsW
GetTextMetricsA
GetTextFaceW
GetTextFaceA
EnumFontFamiliesExA
CreateFontIndirectA
DeleteObject

kernel32

LoadLibraryA
GlobalSize
FreeLibrary
LockResource
FlushFileBuffers
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
GetCurrentDirectoryA
VirtualAlloc
HeapSize
HeapReAlloc
RaiseException
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
ExitProcess
DeleteFileA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
HeapFree
HeapAlloc
SetEnvironmentVariableA
SetFilePointer
GetLocalTime
MultiByteToWideChar
GetProcAddress
SetStdHandle
GetLocaleInfoA
GetSystemDefaultLCID
GetUserDefaultLCID
GetVersionExA
TlsGetValue
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
GetModuleHandleA
CompareStringA
CompareStringW
LCMapStringA
LCMapStringW
GetStringTypeExA
GetStringTypeExW
GetLocaleInfoW
GetLastError
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
IsBadWritePtr
IsBadReadPtr
InterlockedExchange
GetVersion
IsDBCSLeadByte
MulDiv
RtlUnwind
GetDriveTypeA
LoadResource
FindResourceA
_lclose
_lread
_lwrite
_llseek
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
MapViewOfFile
GlobalHandle
GlobalReAlloc
GlobalDeleteAtom
GlobalAddAtomA
lstrlenW
GetDriveTypeW
TlsAlloc
_lopen
lstrcmpiA
UnmapViewOfFile
CloseHandle
TlsSetValue
GetSystemInfo
CreateFileMappingA
GetFileSize
SearchPathA
TlsFree
CreateFileA
SetErrorMode
GetFullPathNameA
SetLastError
GetCommandLineA

advapi32

RegOpenKeyW
RegQueryInfoKeyA
RegDeleteKeyA
RegCreateKeyW
RegQueryValueExW
RegSetValueExW
RegQueryValueW
RegEnumKeyW
RegCloseKey
RegFlushKey
RegSetValueA
RegEnumKeyA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyA
RegSetValueExA

Exports

Exports

BSTR_UserFree
BSTR_UserMarshal
BSTR_UserSize
BSTR_UserUnmarshal
BstrFromVector
ClearCustData
CreateDispTypeInfo
CreateErrorInfo
CreateStdDispatch
CreateTypeLib
CreateTypeLib2
DispCallFunc
DispGetIDsOfNames
DispGetParam
DispInvoke
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
DosDateTimeToVariantTime
GetActiveObject
GetAltMonthNames
GetErrorInfo
GetRecordInfoFromGuids
GetRecordInfoFromTypeInfo
LHashValOfNameSys
LHashValOfNameSysA
LPSAFEARRAY_Marshal
LPSAFEARRAY_Size
LPSAFEARRAY_Unmarshal
LPSAFEARRAY_UserFree
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserSize
LPSAFEARRAY_UserUnmarshal
LoadRegTypeLib
LoadTypeLib
LoadTypeLibEx
OACreateTypeLib2
OaBuildVersion
OleCreateFontIndirect
OleCreatePictureIndirect
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPicture
OleLoadPictureEx
OleLoadPictureFile
OleLoadPictureFileEx
OleLoadPicturePath
OleSavePictureFile
OleTranslateColor
QueryPathOfRegTypeLib
RegisterActiveObject
RegisterTypeLib
RevokeActiveObject
SafeArrayAccessData
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayAllocDescriptorEx
SafeArrayCopy
SafeArrayCopyData
SafeArrayCreate
SafeArrayCreateEx
SafeArrayCreateVector
SafeArrayCreateVectorEx
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayGetDim
SafeArrayGetElement
SafeArrayGetElemsize
SafeArrayGetIID
SafeArrayGetLBound
SafeArrayGetRecordInfo
SafeArrayGetUBound
SafeArrayGetVartype
SafeArrayLock
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SafeArraySetIID
SafeArraySetRecordInfo
SafeArrayUnaccessData
SafeArrayUnlock
SetErrorInfo
SysAllocString
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
SysReAllocString
SysReAllocStringLen
SysStringByteLen
SysStringLen
SystemTimeToVariantTime
UnRegisterTypeLib
UserBSTR_free_inst
UserBSTR_free_local
UserBSTR_from_local
UserBSTR_to_local
UserEXCEPINFO_free_inst
UserEXCEPINFO_free_local
UserEXCEPINFO_from_local
UserEXCEPINFO_to_local
UserHWND_free_inst
UserHWND_free_local
UserHWND_from_local
UserHWND_to_local
UserMSG_free_inst
UserMSG_free_local
UserMSG_from_local
UserMSG_to_local
UserVARIANT_free_inst
UserVARIANT_free_local
UserVARIANT_from_local
UserVARIANT_to_local
VARIANT_UserFree
VARIANT_UserMarshal
VARIANT_UserSize
VARIANT_UserUnmarshal
VarAbs
VarAdd
VarAnd
VarBoolFromCy
VarBoolFromDate
VarBoolFromDec
VarBoolFromDisp
VarBoolFromI1
VarBoolFromI2
VarBoolFromI4
VarBoolFromR4
VarBoolFromR8
VarBoolFromStr
VarBoolFromUI1
VarBoolFromUI2
VarBoolFromUI4
VarBstrCat
VarBstrCmp
VarBstrFromBool
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarBstrFromDisp
VarBstrFromI1
VarBstrFromI2
VarBstrFromI4
VarBstrFromR4
VarBstrFromR8
VarBstrFromUI1
VarBstrFromUI2
VarBstrFromUI4
VarCat
VarCmp
VarCyAbs
VarCyAdd
VarCyCmp
VarCyCmpR8
VarCyFix
VarCyFromBool
VarCyFromDate
VarCyFromDec
VarCyFromDisp
VarCyFromI1
VarCyFromI2
VarCyFromI4
VarCyFromR4
VarCyFromR8
VarCyFromStr
VarCyFromUI1
VarCyFromUI2
VarCyFromUI4
VarCyInt
VarCyMul
VarCyMulI4
VarCyNeg
VarCyRound
VarCySub
VarDateFromBool
VarDateFromCy
VarDateFromDec
VarDateFromDisp
VarDateFromI1
VarDateFromI2
VarDateFromI4
VarDateFromR4
VarDateFromR8
VarDateFromStr
VarDateFromUI1
VarDateFromUI2
VarDateFromUI4
VarDateFromUdate
VarDateFromUdateEx
VarDecAbs
VarDecAdd
VarDecCmp
VarDecCmpR8
VarDecDiv
VarDecFix
VarDecFromBool
VarDecFromCy
VarDecFromDate
VarDecFromDisp
VarDecFromI1
VarDecFromI2
VarDecFromI4
VarDecFromR4
VarDecFromR8
VarDecFromStr
VarDecFromUI1
VarDecFromUI2
VarDecFromUI4
VarDecInt
VarDecMul
VarDecNeg
VarDecRound
VarDecSub
VarDiv
VarEqv
VarFix
VarFormat
VarFormatCurrency
VarFormatDateTime
VarFormatFromTokens
VarFormatNumber
VarFormatPercent
VarI1FromBool
VarI1FromCy
VarI1FromDate
VarI1FromDec
VarI1FromDisp
VarI1FromI2
VarI1FromI4
VarI1FromR4
VarI1FromR8
VarI1FromStr
VarI1FromUI1
VarI1FromUI2
VarI1FromUI4
VarI2FromBool
VarI2FromCy
VarI2FromDate
VarI2FromDec
VarI2FromDisp
VarI2FromI1
VarI2FromI4
VarI2FromR4
VarI2FromR8
VarI2FromStr
VarI2FromUI1
VarI2FromUI2
VarI2FromUI4
VarI4FromBool
VarI4FromCy
VarI4FromDate
VarI4FromDec
VarI4FromDisp
VarI4FromI1
VarI4FromI2
VarI4FromR4
VarI4FromR8
VarI4FromStr
VarI4FromUI1
VarI4FromUI2
VarI4FromUI4
VarIdiv
VarImp
VarInt
VarMod
VarMonthName
VarMul
VarNeg
VarNot
VarNumFromParseNum
VarOr
VarParseNumFromStr
VarPow
VarR4CmpR8
VarR4FromBool
VarR4FromCy
VarR4FromDate
VarR4FromDec
VarR4FromDisp
VarR4FromI1
VarR4FromI2
VarR4FromI4
VarR4FromR8
VarR4FromStr
VarR4FromUI1
VarR4FromUI2
VarR4FromUI4
VarR8FromBool
VarR8FromCy
VarR8FromDate
VarR8FromDec
VarR8FromDisp
VarR8FromI1
VarR8FromI2
VarR8FromI4
VarR8FromR4
VarR8FromStr
VarR8FromUI1
VarR8FromUI2
VarR8FromUI4
VarR8Pow
VarR8Round
VarRound
VarSub
VarTokenizeFormatString
VarUI1FromBool
VarUI1FromCy
VarUI1FromDate
VarUI1FromDec
VarUI1FromDisp
VarUI1FromI1
VarUI1FromI2
VarUI1FromI4
VarUI1FromR4
VarUI1FromR8
VarUI1FromStr
VarUI1FromUI2
VarUI1FromUI4
VarUI2FromBool
VarUI2FromCy
VarUI2FromDate
VarUI2FromDec
VarUI2FromDisp
VarUI2FromI1
VarUI2FromI2
VarUI2FromI4
VarUI2FromR4
VarUI2FromR8
VarUI2FromStr
VarUI2FromUI1
VarUI2FromUI4
VarUI4FromBool
VarUI4FromCy
VarUI4FromDate
VarUI4FromDec
VarUI4FromDisp
VarUI4FromI1
VarUI4FromI2
VarUI4FromI4
VarUI4FromR4
VarUI4FromR8
VarUI4FromStr
VarUI4FromUI1
VarUI4FromUI2
VarUdateFromDate
VarWeekdayName
VarXor
VariantChangeType
VariantChangeTypeEx
VariantClear
VariantCopy
VariantCopyInd
VariantInit
VariantTimeToDosDateTime
VariantTimeToSystemTime
VectorFromBstr

Sections

.text
Size: 520KB - Virtual size: 519KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
E_.7z/System32/Redist/MS/System/olepro32.dll
.dll regsvr32 windows:4 windows x86 arch:x86

8f50e2228a97d0224410529663a78a82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
GlobalAddAtomA
GlobalDeleteAtom
GlobalReAlloc
GlobalHandle
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
LockResource
FreeLibrary
MulDiv
IsDBCSLeadByte
LoadLibraryA
InterlockedDecrement
HeapDestroy
SetFilePointer
SetStdHandle
CloseHandle
FlushFileBuffers
RaiseException
GetLocaleInfoW
InterlockedIncrement
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetProcAddress
WideCharToMultiByte
VirtualAlloc
LCMapStringW
LCMapStringA
WriteFile
VirtualFree
HeapCreate
GetCommandLineA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
ExitProcess
HeapFree
HeapAlloc
GetVersion
GetLastError
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
RtlUnwind

user32

GetMessageA
SendMessageA
EnableWindow
CopyIcon
GetIconInfo
CopyImage
DrawIcon
CreateCursor
GetSystemMetrics
DestroyIcon
wsprintfA
GetSysColor
SetWindowLongA
GetWindowLongA
DestroyWindow
SetFocus
IsWindow
SetActiveWindow
GetActiveWindow
PostQuitMessage
PostMessageA
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageW
RegisterClipboardFormatA
GetDlgItem
CreateIcon
GetParent
GetFocus
CharNextA
GetWindowTextA
CharLowerA
SendMessageW
GetDC
GetKeyState
ReleaseDC
GetDialogBaseUnits
GetClientRect
IsWindowUnicode
GetTopWindow
WinHelpA

gdi32

SetViewportExtEx
SetMapMode
SetTextColor
DeleteDC
CreateCompatibleBitmap
PatBlt
DeleteEnhMetaFile
DeleteMetaFile
GetTextExtentPointA
GetPaletteEntries
DeleteObject
CreateFontIndirectA
EnumFontFamiliesExA
GetTextFaceA
GetTextFaceW
GetTextMetricsA
GetTextMetricsW
SelectObject
GetDeviceCaps
CreateBitmap
SetMetaFileBitsEx
GetEnhMetaFileHeader
GetBitmapDimensionEx
GetObjectA
StretchDIBits
GetDIBits
StretchBlt
RealizePalette
SelectPalette
GetStockObject
GetObjectType
GetCurrentObject
CreateHalftonePalette
CreateDIBitmap
CreateDIBSection
Escape
SetBitmapBits
SetDIBits
PlayMetaFileRecord
CreatePalette
GetEnhMetaFileBits
GetMetaFileBitsEx
CreateCompatibleDC
BitBlt
SetViewportOrgEx
GetWinMetaFileBits
GetBitmapBits
SetEnhMetaFileBits
SaveDC
IntersectClipRect
GetWindowOrgEx
OffsetViewportOrgEx
PlayEnhMetaFile
EnumMetaFile
RestoreDC
SetStretchBltMode
SetBkColor
SetWindowOrgEx
SetWindowExtEx

ole32

ReleaseStgMedium
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
StgCreateDocfile
CoCreateInstance
StringFromGUID2
CoGetMalloc

advapi32

RegFlushKey
RegQueryValueA
RegSetValueA
RegCreateKeyA
RegOpenKeyA
RegCloseKey

oleaut32

SysAllocString
VariantClear
VariantChangeType
SysFreeString
VariantInit
LoadTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
OleCreateFontIndirect
OleCreatePictureIndirect
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPicture
OleTranslateColor

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
E_.7z/System32/Redist/MS/System/stdole2.tlb
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
E_.7z/Vibration Datalogger.msi
.msi
E_.7z/instmsia.exe
.exe windows:5 windows x86 arch:x86

1494de9b53e05fc1f40cb92afbdd6ce4

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:06:2a:8d:00:00:00:00:00:0b
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

29/03/2001, 21:27

Not After

29/05/2002, 21:37

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2001 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
GetModuleFileNameA
lstrlenA
GetSystemDirectoryA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
lstrcatA
lstrcpyA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
GetProcAddress
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
CloseHandle
LoadResource
SizeofResource
FindResourceA
ReadFile
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
LockResource
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
GlobalFree

gdi32

GetDeviceCaps

user32

ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
E_.7z/instmsiw.exe
.exe windows:5 windows x86 arch:x86

1494de9b53e05fc1f40cb92afbdd6ce4

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:06:2a:8d:00:00:00:00:00:0b
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

29/03/2001, 21:27

Not After

29/05/2002, 21:37

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2001 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
GetModuleFileNameA
lstrlenA
GetSystemDirectoryA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
lstrcatA
lstrcpyA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
GetProcAddress
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
CloseHandle
LoadResource
SizeofResource
FindResourceA
ReadFile
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
LockResource
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
GlobalFree

gdi32

GetDeviceCaps

user32

ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
E_.7z/program files/Vibration Datalogger/Datalogger.exe
.exe windows:4 windows x86 arch:x86

263d2e4af5cd8946e46f9c869f4e1da8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

siusbxp

ord1
ord2
ord7
ord11
ord10
ord6
ord3
ord4

kernel32

HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
Sleep
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
GetVersionExA
GetProfileStringA
GetLocalTime
GetPrivateProfileStringA
GetPrivateProfileIntA
GetWindowsDirectoryA
lstrcpyA
GetModuleFileNameA
WritePrivateProfileStringA
GetProcAddress
GetEnvironmentVariableA
LoadLibraryA
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
GetCurrentThreadId
lstrcatA
GetVersion
LockResource
LoadResource
FindResourceA
FreeLibrary
GlobalFree
GlobalUnlock
GlobalLock
InterlockedIncrement
InterlockedDecrement
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
LocalFree
FormatMessageA
SetLastError
MulDiv
lstrcpynA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
FatalAppExitA
HeapReAlloc
HeapSize
ExitThread
lstrcmpA
GetCurrentThread
GlobalAlloc
CloseHandle
WaitForSingleObject
SetEvent
CreateThread
TerminateProcess
GetACP
GetSystemTime
GetTimeZoneInformation
HeapFree
HeapAlloc
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
GetTickCount
CopyFileA
GlobalSize
SetErrorMode
SetFileAttributesA
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetCurrentDirectoryA
SizeofResource
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
lstrlenW
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFullPathNameA
GetTempFileNameA
GetFileAttributesA
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread

user32

PostThreadMessageA
RegisterClipboardFormatA
RemoveMenu
LockWindowUpdate
GetDCEx
InvertRect
GetTabbedTextExtentA
MessageBeep
GetNextDlgGroupItem
CopyAcceleratorTableA
CharNextA
DestroyIcon
GetMenuStringA
InsertMenuA
FindWindowA
LoadStringA
GetDialogBaseUnits
GetSysColorBrush
GetClassNameA
WindowFromPoint
CharUpperA
GetSystemMenu
DeleteMenu
AppendMenuA
IsRectEmpty
SetParent
IsZoomed
SetRect
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
ShowOwnedPopups
PostQuitMessage
DestroyCursor
SetCursorPos
PtInRect
SetCapture
RedrawWindow
InflateRect
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
DestroyMenu
GetDesktopWindow
SetCursor
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
wvsprintfA
GetDC
ReleaseDC
OemToCharA
CharToOemA
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
PostMessageA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
EnableWindow
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
LoadBitmapA
SetTimer
SendMessageA
GrayStringA
GetScrollPos
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetSysColor
CopyRect
FillRect
DrawFocusRect
InvalidateRect
UpdateWindow
GetCursorPos
GetClientRect
ScreenToClient
KillTimer
GetParent
GetWindowRect
InvalidateRgn
SetScrollPos
SetScrollRange
RegisterDeviceNotificationA
UnregisterDeviceNotification
GetSubMenu
LoadMenuA
ClientToScreen
LoadIconA
LoadCursorA
LoadImageA
GetSystemMetrics
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
RegisterWindowMessageA
SetWindowPos
SetWindowLongA
GetWindowLongA
GetWindow
SetForegroundWindow
GetForegroundWindow

gdi32

SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
DeleteObject
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
GetStockObject
PlayMetaFile
GetViewportExtEx
GetWindowExtEx
ExtCreatePen
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
DPtoLP
GetViewportOrgEx
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
CreateDCA
GetMapMode
SetRectRgn
CreateFontIndirectA
StretchDIBits
GetCharWidthA
GetTextExtentPoint32A
LPtoDP
GetTextColor
GetBkColor
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetWindowOrgEx
CopyMetaFileA
RestoreDC
SaveDC
StartDocA
DeleteDC
PatBlt
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
SetPixelV
CombineRgn
CreateRectRgnIndirect
Ellipse
GetTextMetricsA
StretchBlt
BitBlt
SelectObject
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
CreatePen
GetObjectA
CreateFontA
Rectangle
EnumMetaFile
CreateDIBitmap
CreateSolidBrush
GetTextExtentPointA

comdlg32

PrintDlgA
PageSetupDlgA
GetOpenFileNameA
GetFileTitleA
CommDlgExtendedError
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
SetFileSecurityA
RegSetValueA
RegCloseKey
GetFileSecurityA

shell32

ExtractIconA
SHGetFileInfoA
DragQueryFileA
DragFinish
DragAcceptFiles

comctl32

ImageList_ReplaceIcon
ImageList_AddMasked
ord17
ord13
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_Write

oledlg

ord8

ole32

CoDisconnectObject
OleRun
ReleaseStgMedium
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
OleInitialize
CreateBindCtx
OleDuplicateData
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
SetConvertStg

olepro32

ord253

oleaut32

VarBstrFromCy
LoadTypeLi
SysStringLen
SysReAllocStringLen
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
VariantClear
SysFreeString
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SysAllocString
SysAllocStringByteLen
VariantChangeType
SysStringByteLen
VarCyFromStr
SafeArrayUnlock
VarDateFromStr
VarBstrFromDate
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock

Sections

.text
Size: 672KB - Virtual size: 669KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
E_.7z/program files/Vibration Datalogger/Help.chm
.chm
E_.7z/program files/Vibration Datalogger/SiUSBXp.dll
.dll windows:4 windows x86 arch:x86

fd15c9b8cae89136f2b6e9ec3be2d8cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsSetValue
LocalAlloc
TlsAlloc
GetLastError
CloseHandle
DeviceIoControl
CancelIo
TlsGetValue
WaitForSingleObject
CreateEventA
WriteFile
GetSystemDirectoryA
CreateFileA
GetVersionExA
LocalFree
GetOverlappedResult
TlsFree
LCMapStringW
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
RaiseException
GetCurrentThreadId
SetLastError
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
GetProcAddress
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA

advapi32

RegQueryValueExA
RegOpenKeyExA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

Exports

Exports

?SI_ResetDevice@@YGHPAX@Z
SI_CheckRXQueue
SI_Close
SI_DeviceIOControl
SI_FlushBuffers
SI_GetDLLVersion
SI_GetDriverVersion
SI_GetModemStatus
SI_GetNumDevices
SI_GetPartNumber
SI_GetProductString
SI_GetTimeouts
SI_Open
SI_Read
SI_ReadLatch
SI_SetBaudDivisor
SI_SetBaudRate
SI_SetBreak
SI_SetFlowControl
SI_SetLineControl
SI_SetTimeouts
SI_Write
SI_WriteLatch
_SI_GetDeviceProductString@16

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
E_.7z/setup.exe
.exe windows:4 windows x86 arch:x86

de43819f6987002d63a5772e7e87ff4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shell32

SHBrowseForFolderA
SHGetMalloc
SHGetPathFromIDListA

comctl32

ord17

kernel32

GetLastError
WideCharToMultiByte
DeleteFileA
lstrlenW
InterlockedIncrement
InterlockedDecrement
QueryPerformanceFrequency
CreateEventA
Sleep
lstrcatA
CompareStringA
CompareStringW
GetVersionExA
SetFilePointer
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
FreeLibrary
GetProcAddress
LoadLibraryA
LockResource
LoadResource
SizeofResource
FindResourceA
CreateProcessA
GetSystemDefaultLCID
GlobalHandle
VerLanguageNameA
SetCurrentDirectoryA
WaitForSingleObject
GetSystemInfo
MulDiv
GetModuleFileNameA
IsValidCodePage
GetVersion
FlushFileBuffers
SetEndOfFile
LocalFree
FormatMessageA
GetDiskFreeSpaceA
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
GetExitCodeProcess
GetCurrentProcess
GetCurrentThread
GetLocaleInfoA
UnhandledExceptionFilter
lstrlenA
GetACP
GetCPInfo
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
SetLastError
HeapDestroy
GetEnvironmentVariableA
LCMapStringW
LCMapStringA
DeleteCriticalSection
InitializeCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
HeapSize
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
TerminateProcess
ExitProcess
RaiseException
RtlUnwind
SystemTimeToFileTime
QueryPerformanceCounter
ResetEvent
SetEvent
GetShortPathNameA
SearchPathA
FindFirstFileA
VirtualProtect
VirtualQuery
FindClose
GetStdHandle
GetFileType
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CreateFileA
GetFileSize
GlobalAlloc
CloseHandle
GlobalLock
ReadFile
GlobalUnlock
GlobalFree
CopyFileA
MultiByteToWideChar
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
CreateThread
GetExitCodeThread
GetTickCount
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GetTempPathA
SetErrorMode
GetWindowsDirectoryA
GetTempFileNameA
GetFileAttributesA
GetProcessHeap
HeapAlloc
HeapFree
WriteFile
lstrcpynA
lstrcpyA
CreateFileMappingA
MapViewOfFile
HeapCreate
UnmapViewOfFile
SetHandleCount
GetOEMCP

user32

GetParent
GetWindowTextLengthA
GetWindowTextA
MoveWindow
GetWindowPlacement
DrawIcon
DestroyIcon
GetDlgCtrlID
SetWindowTextA
FillRect
GetSysColor
GetSysColorBrush
IsDialogMessageA
SendMessageA
EnableWindow
GetDlgItemTextA
GetWindow
SetCursor
UpdateWindow
GetClassInfoA
wvsprintfA
LoadStringA
GetSystemMetrics
SetRect
FindWindowA
IntersectRect
SubtractRect
CharPrevA
DestroyWindow
CreateDialogParamA
MessageBoxIndirectA
CharNextA
MessageBoxA
WaitForInputIdle
GetWindowLongA
BeginPaint
EndPaint
SetWindowLongA
GetClientRect
ClientToScreen
SetWindowPos
GetWindowDC
EndDialog
GetDlgItem
ShowWindow
DialogBoxParamA
GetDesktopWindow
wsprintfA
MsgWaitForMultipleObjects
PeekMessageA
DefWindowProcA
PostMessageA
KillTimer
PostQuitMessage
SetTimer
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
GetDC
ReleaseDC
ExitWindowsEx
SendDlgItemMessageA
IsWindow
CharLowerBuffA
GetWindowRect

gdi32

GetTextExtentPoint32A
SetBkMode
SetTextColor
GetObjectA
CreateFontIndirectA
CreateSolidBrush
CreateCompatibleDC
SelectObject
CreateFontA
DeleteDC
DeleteObject
GetStockObject
GetSystemPaletteEntries
CreatePalette
GetDeviceCaps
SelectPalette
RealizePalette
CreateDIBitmap
BitBlt
TranslateCharsetInfo

advapi32

RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegEnumValueA
RegDeleteKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenThreadToken
RegOpenKeyExA

ole32

StringFromCLSID
CoTaskMemFree
CoCreateGuid
CoCreateInstance
GetRunningObjectTable
StgIsStorageFile
StgOpenStorage
CoUninitialize
CoInitialize
CreateItemMoniker

oleaut32

VariantChangeType
SysAllocString
SysAllocStringLen
SysStringLen
SysReAllocStringLen
SysFreeString
VariantClear

Sections

.text
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b67d5481936a1c271736ac995bddc87c

Code Sign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

08:58:9a:07:4b:46:a1:c3:5d:17:4e:1b:e7:a9:62:9dCertificate

Extended Key Usages

Key Usages

51:0d:0b:84:52:fe:a3:46:66:e4:33:c7:2a:8e:6b:74:63:f6:1d:b4Signer

Headers

File Characteristics

Imports

setupapi

version

advapi32

mfc42

msvcrt

kernel32

user32

shell32

ole32

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 8KB - Virtual size: 5KB

.rsrc Size: 100KB - Virtual size: 96KB

ea665e524abd35d65494ca3cdfdebcc4

Headers

File Characteristics

PDB Paths

Imports

ntoskrnl.exe

silib.sys

usbd.sys

Sections

.text Size: 5KB - Virtual size: 5KB

page Size: 7KB - Virtual size: 6KB

init Size: 512B - Virtual size: 318B

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 304B

.pdata Size: 512B - Virtual size: 444B

INIT Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 824B

51d2f612dba8b59b1d57fa3361694409

Headers

File Characteristics

PDB Paths

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

page Size: 5KB - Virtual size: 5KB

init Size: 512B - Virtual size: 11B

.rdata Size: 1024B - Virtual size: 948B

.data Size: 1024B - Virtual size: 688B

.pdata Size: 1024B - Virtual size: 720B

.edata Size: 2KB - Virtual size: 1KB

INIT Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 816B

.reloc Size: 512B - Virtual size: 252B

a2b868b241fd85ded003834cd4e583a7

Headers

File Characteristics

PDB Paths

Imports

ntoskrnl.exe

hal

silib.sys

usbd.sys

Sections

.text Size: 4KB - Virtual size: 4KB

page Size: 4KB - Virtual size: 4KB

init Size: 256B - Virtual size: 232B

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

08:58:9a:07:4b:46:a1:c3:5d:17:4e:1b:e7:a9:62:9d
Certificate

51:0d:0b:84:52:fe:a3:46:66:e4:33:c7:2a:8e:6b:74:63:f6:1d:b4
Signer

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 100KB - Virtual size: 96KB

.text
Size: 5KB - Virtual size: 5KB

page
Size: 7KB - Virtual size: 6KB

init
Size: 512B - Virtual size: 318B

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 304B

.pdata
Size: 512B - Virtual size: 444B

INIT
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 824B

.text
Size: 9KB - Virtual size: 8KB

page
Size: 5KB - Virtual size: 5KB

init
Size: 512B - Virtual size: 11B

.rdata
Size: 1024B - Virtual size: 948B

.data
Size: 1024B - Virtual size: 688B

.pdata
Size: 1024B - Virtual size: 720B

.edata
Size: 2KB - Virtual size: 1KB

INIT
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 816B

.reloc
Size: 512B - Virtual size: 252B

.text
Size: 4KB - Virtual size: 4KB

page
Size: 4KB - Virtual size: 4KB

init
Size: 256B - Virtual size: 232B

.rdata
Size: 640B - Virtual size: 544B

.data
Size: 128B - Virtual size: 24B

INIT
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 896B - Virtual size: 824B

.reloc
Size: 512B - Virtual size: 478B

.text
Size: 6KB - Virtual size: 6KB

page
Size: 4KB - Virtual size: 3KB

init
Size: 512B - Virtual size: 11B

.rdata
Size: 512B - Virtual size: 389B

.data
Size: 512B - Virtual size: 308B

.edata
Size: 2KB - Virtual size: 1KB

INIT
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 816B

.reloc
Size: 1024B - Virtual size: 706B

.text
Size: 100KB - Virtual size: 99KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 132KB - Virtual size: 131KB

.text
Size: 104KB - Virtual size: 100KB

.data
Size: 20KB - Virtual size: 25KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 12KB - Virtual size: 12KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 972B

.reloc
Size: 1024B - Virtual size: 906B