b93036da34592f07dfef6613da3f1387_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b93036da34592f07dfef6613da3f1387_JaffaCakes118
Size

11.3MB
MD5

b93036da34592f07dfef6613da3f1387
SHA1

9f04de99cb67d6dd0fe5e346503cc5a12e6750d1
SHA256

ce844141f27df4a9a3690c13b9e6ef8f359fc0ecceb73e530e0bb194f3121074
SHA512

b61bfbf7bd3e8c8ca823fdc26501298a91fb6cbd3d748ba51ed9f92d5ee1632b18b47be0a990e328fe9c06331bbbf124ee39bed6454229443fd4618d0b26c172
SSDEEP

196608:WmGseE3k0hu+ysgv+3fdG/LH3T4kM2UYEgCw/+pg+OPuBwu5IeeJPgqxSztpV82g:xTeEfwTLv+3fdQ3Te23CHmfP2t5yWqAw

Score

3^/10

Malware Config

Signatures

Unsigned PE 16 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PMC_MC.exe
unpack001/Tools/MP4Box.exe
unpack001/Tools/VSFilter.dll
unpack001/Tools/asfbin.exe
unpack001/Tools/ffmpeg.exe
unpack001/Tools/js32.dll
unpack001/Tools/libiconv-2.dll
unpack001/Tools/libintl-8.dll
unpack001/Tools/magic1.dll
unpack001/Tools/mencoder.exe
unpack001/Tools/mkvmerge.exe
unpack001/Tools/regex2.dll
unpack001/Tools/rmeditor.exe
unpack001/Tools/tools/rmmerge.dll
unpack001/Tools/tools/rmtools.dll
unpack001/Tools/zlib1.dll

Files

b93036da34592f07dfef6613da3f1387_JaffaCakes118
.rar
PMC_MC.exe
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 361KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PMC_MC.lic
PMC_MC.ver
Q&A.txt
Readme.txt
Tools/MP4Box.exe
.exe windows:4 windows x86 arch:x86

bd123484b301f0b79c074fd0c9968da4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_strdup
_pctype
__mb_cur_max
_isctype
cos
asin
acos
sin
sqrt
tan
atan2
ceil
exit
calloc
longjmp
_setjmp3
log
tolower
toupper
strtoul
strpbrk
_exit
_XcptFilter
fputs
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
abort
_snprintf
_errno
_fdopen
_strupr
_fileno
_strlwr
_strnicmp
_stricmp
getenv
fscanf
fgets
abs
fgetc
vsprintf
setlocale
_filelengthi64
fsetpos
fgetpos
tmpfile
rand
srand
time
_ftime
memchr
pow
floor
memmove
fputc
fputwc
realloc
memcmp
memcpy
mktime
strncpy
remove
rename
vfprintf
fflush
strncmp
atof
sscanf
atoi
gmtime
asctime
strstr
_ftol
strchr
strcmp
strcpy
strcat
fseek
memset
ftell
malloc
fread
strrchr
free
sprintf
fopen
fwrite
fclose
strlen
_iob
__p___initenv
fprintf

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod

js32

JS_GetProperty
JS_GetGlobalObject
JS_CallFunctionName
JS_CallFunctionValue
JS_ObjectIsFunction
JS_NewObject
JS_SetPrivate
JS_GetPrivate
JS_GetStringBytes
JS_GetContextPrivate

kernel32

GetEnvironmentVariableA
FindClose
FindNextFileA
FindFirstFileA
GetCurrentProcessId
LoadLibraryA
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
QueryPerformanceFrequency
FreeLibrary
CloseHandle
UnmapViewOfFile
WaitForSingleObject
GetCurrentThreadId
CreateMutexA
ReleaseMutex
DeleteFileA

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 168KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Tools/VSFilter.dll
.dll regsvr32 windows:4 windows x86 arch:x86

cda67450547ba48c4de07a147445e33f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

GetFileSize
GetFileTime
DeleteFileW
GetThreadLocale
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
RtlUnwind
HeapFree
RaiseException
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCommandLineA
GetProcessHeap
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapReAlloc
ExitProcess
SetStdHandle
GetFileType
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStdHandle
HeapDestroy
HeapCreate
VirtualQuery
SetHandleCount
GetStartupInfoA
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetLocaleInfoA
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
FileTimeToLocalFileTime
FileTimeToSystemTime
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetVersionExA
GetCurrentProcessId
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
DebugBreak
GetFullPathNameW
GetTempFileNameW
GetTempPathW
IsDBCSLeadByteEx
FindFirstFileW
FindClose
GetVolumeInformationW
CreateFileW
FindNextFileW
SetErrorMode
GetModuleFileNameA
lstrlenA
lstrlenW
DisableThreadLibraryCalls
GetVersionExW
GetTickCount
GetCurrentThread
FreeLibrary
VirtualAlloc
CreateSemaphoreW
GetCurrentThreadId
GetCurrentProcess
DuplicateHandle
VirtualFree
GetSystemInfo
ReleaseSemaphore
ResetEvent
InterlockedDecrement
InterlockedIncrement
lstrcmpW
GetStartupInfoW
lstrcpynW
OutputDebugStringA
GetModuleFileNameW
SetLastError
GetLastError
LoadLibraryW
GetFileAttributesW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
SetThreadPriority
WaitForMultipleObjects
FindNextChangeNotification
Sleep
GetVersion
TerminateThread
FindCloseChangeNotification
FindFirstChangeNotificationW
MulDiv
CreateThread
SetEvent
CreateEventW
InterlockedExchange
WaitForSingleObject
CloseHandle
WideCharToMultiByte
MultiByteToWideChar
DeleteCriticalSection
InitializeCriticalSection
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
IsDebuggerPresent

user32

GrayStringW
DrawTextExW
TabbedTextOutW
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
UnregisterClassA
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
GetKeyState
ClientToScreen
IsWindowVisible
UpdateWindow
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
PtInRect
GetDlgCtrlID
CallWindowProcW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
GetWindowThreadProcessId
GetParent
GetLastActivePopup
IsWindowEnabled
GetMenuItemID
GetMenuItemCount
GetSubMenu
InflateRect
IsWindow
CharLowerBuffW
SetRect
CopyRect
SetRectEmpty
UnionRect
IsRectEmpty
MessageBoxW
EqualRect
DefWindowProcW
ShowWindow
MoveWindow
GetWindowLongW
PeekMessageW
RegisterWindowMessageW
GetCursorPos
LoadCursorW
GetSysColorBrush
UnregisterClassW
CharUpperW
SetCursor
ValidateRect
DestroyMenu
EndPaint
BeginPaint
GetMessageW
DispatchMessageW
TranslateMessage
LoadIconW
DestroyIcon
SystemParametersInfoW
UnhookWindowsHookEx
PostQuitMessage
CallNextHookEx
SetForegroundWindow
SetTimer
PostMessageW
AppendMenuW
CreatePopupMenu
GetSysColor
GetClientRect
InvalidateRect
SetWindowLongW
GetDlgItem
GetDesktopWindow
GetWindowRect
DestroyWindow
CreateDialogParamW
EnableWindow
SendMessageW
GetDC
ReleaseDC
DrawTextW
IntersectRect
OffsetRect
GetMenuState
GetTopWindow

gdi32

PtVisible
RectVisible
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
SelectObject
SetWindowExtEx
ScaleWindowExtEx
GetStockObject
RestoreDC
SaveDC
SetTextColor
SetBkMode
SetMapMode
GetDeviceCaps
ScaleViewportExtEx
GetObjectW
ExtTextOutW
CreateBitmap
SetBkColor
GetClipBox
GetKerningPairsW
CloseFigure
BeginPath
GetPath
EndPath
AbortPath
GetTextMetricsW
GetTextExtentPoint32W
TextOutW
TranslateCharsetInfo
AddFontResourceW
CreateFontIndirectW
DeleteDC
CreateCompatibleDC
CreateDIBSection
DeleteObject

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegEnumKeyW
RegDeleteValueW
RegOpenKeyW
RegCreateKeyExW
RegCreateKeyW
RegSetValueW
RegSetValueExW
RegEnumKeyExW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueW

shell32

SHGetPathFromIDListW
Shell_NotifyIconW
SHBrowseForFolderW

shlwapi

PathStripToRootW
PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
UrlUnescapeW

ole32

CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CoInitialize
CoFreeUnusedLibraries
StringFromGUID2
CLSIDFromString

oleaut32

VariantInit
VariantChangeType
VarBstrCmp
SysFreeString
SysAllocString
VariantClear
OleCreatePropertyFrame
SysStringLen

wininet

InternetOpenUrlW
InternetReadFile
InternetWriteFile
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
InternetSetFilePointer
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetQueryOptionW
InternetQueryDataAvailable

Exports

Exports

DirectVobSub
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
VirtualdubFilterModuleDeinit
VirtualdubFilterModuleInit2
_AvisynthPluginInit2@4
_AvisynthPluginInit@4
csri_close
csri_open_file
csri_open_mem
csri_query_ext
csri_render
csri_renderer_byname
csri_renderer_default
csri_renderer_info
csri_renderer_next
csri_request_fmt

Sections

.text
Size: 676KB - Virtual size: 673KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT64
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tools/asfbin.exe
.exe windows:4 windows x86 arch:x86

cc5eedcab66395ec35b5ad41a2927d03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

msvfw32

ICCompress
ICOpen
ICGetInfo
ICGetDisplayFormat
ICDecompress
ICSendMessage
ICClose

msacm32

acmStreamOpen
acmFormatSuggest
acmMetrics
acmStreamPrepareHeader
acmStreamConvert
acmStreamUnprepareHeader
acmStreamClose
acmStreamSize

msdmo

MoFreeMediaType
DMOEnum
MoInitMediaType

kernel32

GetLocaleInfoW
IsBadCodePtr
IsBadReadPtr
InterlockedExchange
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
FlushFileBuffers
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
LCMapStringW
SystemTimeToFileTime
GetSystemTime
SetFileTime
CreateFileW
MulDiv
InterlockedIncrement
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetWindowsDirectoryA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetVersionExA
GetLocaleInfoA
GetProcAddress
LoadLibraryA
Beep
GetModuleFileNameA
SetEndOfFile
SetConsoleCursorPosition
GetStdHandle
GetConsoleScreenBufferInfo
ReadConsoleOutputCharacterA
LCMapStringA
GetCPInfo
GetDriveTypeA
GetCurrentDirectoryA
InterlockedDecrement
GetFileType
GetOEMCP
GetACP
HeapSize
UnhandledExceptionFilter
VirtualQuery
GetSystemInfo
VirtualProtect
WriteConsoleA
ExitProcess
SetStdHandle
GetLastError
GetFullPathNameA
RtlUnwind
SetFilePointer
WriteFile
ReadFile
HeapAlloc
HeapFree
HeapReAlloc
RaiseException
DuplicateHandle
GetCurrentProcess
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
CloseHandle
SetConsoleCtrlHandler
MultiByteToWideChar
CreateFileA
WideCharToMultiByte
GetFileAttributesA
GetFileAttributesW
GetModuleHandleA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
SetHandleCount
GetStartupInfoA
TerminateProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter

user32

MessageBoxA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA

ole32

CoTaskMemFree
CoCreateGuid
CoUninitialize
CoInitializeEx
CoCreateInstance

oleaut32

VariantInit

Sections

.text
Size: 292KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Tools/ffmpeg.exe
.exe windows:4 windows x86 arch:x86

4e51295253133e7df7353b50c759a41b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateEventA
CreateMutexA
CreateSemaphoreA
CreateThread
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
ExitProcess
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetLastError
GetProcAddress
GetProcessAffinityMask
GetProcessTimes
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseMutex
ReleaseSemaphore
ResetEvent
ResumeThread
SetEvent
SetLastError
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte

msvcrt

_close
_fdopen
_getch
_isatty
_kbhit
_open
_read
_setmode
_strdup
_swab
_tempnam
_unlink
_write
__getmainargs
__lc_codepage
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_atoi64
_beginthreadex
_cexit
_endthreadex
_errno
_filbuf
_ftime
_iob
_isctype
_lseeki64
_onexit
_pctype
_setjmp
_setmode
_stricmp
_strnicmp
abort
acos
asin
atan
atexit
atof
atoi
calloc
ceil
cos
cosh
exit
exp
fclose
fflush
fgetc
floor
fopen
fprintf
fputc
fputs
fread
free
frexp
fscanf
fseek
ftell
fwrite
getenv
gmtime
isalpha
isprint
isspace
ldexp
localeconv
localtime
log
log10
longjmp
malloc
memchr
memcpy
memmove
memset
mktime
perror
pow
qsort
rand
realloc
rename
signal
sin
sinh
sprintf
sqrt
srand
sscanf
strcat
strchr
strcmp
strcpy
strcspn
strerror
strlen
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtok
strtol
strtoul
tan
tanh
time
tolower
toupper
ungetc
vfprintf
vsprintf
wcslen

user32

DestroyWindow
GetWindowLongA
SendMessageA
SetWindowLongA

avicap32

capCreateCaptureWindowA

avifil32

AVIFileExit
AVIFileGetStream
AVIFileInfoA
AVIFileInit
AVIFileOpenA
AVIFileRelease
AVIStreamInfoA
AVIStreamRead
AVIStreamReadFormat
AVIStreamRelease

ws2_32

WSACleanup
WSAGetLastError
WSASetLastError
WSAStartup
__WSAFDIsSet
bind
closesocket
connect
gethostbyname
gethostname
getsockname
getsockopt
htonl
htons
inet_ntoa
ioctlsocket
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
socket

Sections

.text
Size: 6.8MB - Virtual size: 6.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rotext
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Tools/js32.dll
.dll windows:4 windows x86 arch:x86

8a4081abc2c833f164926e41bfa8b681

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTimeAsFileTime
DebugBreak

msvcrt

free
strlen
strcmp
_errno
_iob
fputc
fprintf
strchr
getenv
setlocale
atoi
ungetc
fgetc
strerror
fopen
strcpy
fgets
fflush
fwrite
fputs
_pctype
_isctype
__mb_cur_max
strncmp
memset
malloc
realloc
memcpy
memmove
_ftol
floor
fmod
fabs
acos
asin
atan
atan2
ceil
cos
exp
log
pow
sin
sqrt
tan
localeconv
_control87
_HUGE
sprintf
fclose
getc
tolower
calloc
exit
memcmp
log10
mktime
localtime
strftime
_initterm
_adjust_fdiv
_strdup
_putenv
_isatty
_fileno

Exports

Exports

@JS_DHashTableOperate@12
JSLL_MaxInt
JSLL_MinInt
JSLL_Zero
JS_AddArgumentFormatter
JS_AddExternalStringFinalizer
JS_AddNamedRoot
JS_AddNamedRootRT
JS_AddRoot
JS_AliasElement
JS_AliasProperty
JS_ArenaAllocate
JS_ArenaFinish
JS_ArenaFreeAllocation
JS_ArenaGrow
JS_ArenaRealloc
JS_ArenaRelease
JS_ArenaShutDown
JS_Assert
JS_BufferIsCompilableUnit
JS_CStringsAreUTF8
JS_CallFunction
JS_CallFunctionName
JS_CallFunctionValue
JS_CeilingLog2
JS_CheckAccess
JS_ClearAllTraps
JS_ClearAllWatchPoints
JS_ClearInterrupt
JS_ClearNewbornRoots
JS_ClearPendingException
JS_ClearRegExpRoots
JS_ClearRegExpStatics
JS_ClearScope
JS_ClearScriptTraps
JS_ClearTrap
JS_ClearWatchPoint
JS_ClearWatchPointsForObject
JS_CloneFunctionObject
JS_CompareStrings
JS_CompareValues
JS_CompileFile
JS_CompileFileHandle
JS_CompileFileHandleForPrincipals
JS_CompileFunction
JS_CompileFunctionForPrincipals
JS_CompileScript
JS_CompileScriptForPrincipals
JS_CompileUCFunction
JS_CompileUCFunctionForPrincipals
JS_CompileUCScript
JS_CompileUCScriptForPrincipals
JS_ConcatStrings
JS_ConstructObject
JS_ConstructObjectWithArguments
JS_ContextIterator
JS_ConvertArguments
JS_ConvertArgumentsVA
JS_ConvertStub
JS_ConvertValue
JS_DHashAllocTable
JS_DHashClearEntryStub
JS_DHashFinalizeStub
JS_DHashFreeStringKey
JS_DHashFreeTable
JS_DHashGetKeyStub
JS_DHashGetStubOps
JS_DHashMatchEntryStub
JS_DHashMatchStringKey
JS_DHashMoveEntryStub
JS_DHashStringKey
JS_DHashTableDestroy
JS_DHashTableEnumerate
JS_DHashTableFinish
JS_DHashTableInit
JS_DHashTableRawRemove
JS_DHashTableSetAlphaBounds
JS_DHashVoidPtrKeyStub
JS_DecodeBytes
JS_DecompileFunction
JS_DecompileFunctionBody
JS_DecompileScript
JS_DefineConstDoubles
JS_DefineElement
JS_DefineFunction
JS_DefineFunctions
JS_DefineObject
JS_DefineProperties
JS_DefineProperty
JS_DefinePropertyWithTinyId
JS_DefineUCFunction
JS_DefineUCProperty
JS_DefineUCPropertyWithTinyId
JS_DeleteElement
JS_DeleteElement2
JS_DeleteProperty
JS_DeleteProperty2
JS_DeleteUCProperty2
JS_DestroyContext
JS_DestroyContextMaybeGC
JS_DestroyContextNoGC
JS_DestroyIdArray
JS_DestroyScript
JS_DropExceptionState
JS_EncodeCharacters
JS_EnterLocalRootScope
JS_Enumerate
JS_EnumerateResolvedStandardClasses
JS_EnumerateStandardClasses
JS_EnumerateStub
JS_ErrorFromException
JS_EvalFramePrincipals
JS_EvaluateInStackFrame
JS_EvaluateScript
JS_EvaluateScriptForPrincipals
JS_EvaluateUCInStackFrame
JS_EvaluateUCScript
JS_EvaluateUCScriptForPrincipals
JS_ExecuteScript
JS_ExecuteScriptPart
JS_FinalizeStub
JS_Finish
JS_FinishArenaPool
JS_FlagScriptFilenamePrefix
JS_FlagSystemObject
JS_FloorLog2
JS_ForgetLocalRoot
JS_FrameIterator
JS_FreeArenaPool
JS_GC
JS_GetArrayLength
JS_GetClass
JS_GetClassObject
JS_GetConstructor
JS_GetContextPrivate
JS_GetElement
JS_GetEmptyStringValue
JS_GetExternalStringGCType
JS_GetFrameAnnotation
JS_GetFrameCallObject
JS_GetFrameCalleeObject
JS_GetFrameFunction
JS_GetFrameFunctionObject
JS_GetFrameObject
JS_GetFramePC
JS_GetFramePrincipalArray
JS_GetFrameReturnValue
JS_GetFrameScopeChain
JS_GetFrameScript
JS_GetFrameThis
JS_GetFunctionArity
JS_GetFunctionFlags
JS_GetFunctionId
JS_GetFunctionName
JS_GetFunctionNative
JS_GetFunctionObject
JS_GetFunctionScript
JS_GetFunctionTotalSize
JS_GetGlobalObject
JS_GetImplementationVersion
JS_GetInstancePrivate
JS_GetLocaleCallbacks
JS_GetMethod
JS_GetMethodById
JS_GetNaNValue
JS_GetNegativeInfinityValue
JS_GetObjectId
JS_GetObjectTotalSize
JS_GetOptions
JS_GetParent
JS_GetPendingException
JS_GetPositiveInfinityValue
JS_GetPrivate
JS_GetProperty
JS_GetPropertyAttributes
JS_GetPropertyAttrsGetterAndSetter
JS_GetPropertyDesc
JS_GetPropertyDescArray
JS_GetPrototype
JS_GetReservedSlot
JS_GetRuntime
JS_GetRuntimePrivate
JS_GetScopeChain
JS_GetScriptBaseLineNumber
JS_GetScriptFilename
JS_GetScriptFilenameFlags
JS_GetScriptLineExtent
JS_GetScriptObject
JS_GetScriptPrincipals
JS_GetScriptTotalSize
JS_GetScriptVersion
JS_GetScriptedCaller
JS_GetStringBytes
JS_GetStringChars
JS_GetStringLength
JS_GetTopScriptFilenameFlags
JS_GetTrapOpcode
JS_GetTypeName
JS_GetUCProperty
JS_GetUCPropertyAttributes
JS_GetUCPropertyAttrsGetterAndSetter
JS_GetVersion
JS_HandleTrap
JS_HasArrayLength
JS_HasElement
JS_HasInstance
JS_HasProperty
JS_HasUCProperty
JS_HashString
JS_HashTableAdd
JS_HashTableDestroy
JS_HashTableDump
JS_HashTableEnumerateEntries
JS_HashTableLookup
JS_HashTableRawAdd
JS_HashTableRawLookup
JS_HashTableRawRemove
JS_HashTableRemove
JS_IdToValue
JS_Init
JS_InitArenaPool
JS_InitClass
JS_InitStandardClasses
JS_InstanceOf
JS_InternString
JS_InternUCString
JS_InternUCStringN
JS_IsAboutToBeFinalized
JS_IsArrayObject
JS_IsAssigning
JS_IsConstructing
JS_IsConstructorFrame
JS_IsDebuggerFrame
JS_IsExceptionPending
JS_IsNativeFrame
JS_IsRunning
JS_IsSystemObject
JS_LeaveLocalRootScope
JS_LeaveLocalRootScopeWithResult
JS_LineNumberToPC
JS_Lock
JS_LockGCThing
JS_LockGCThingRT
JS_LookupElement
JS_LookupProperty
JS_LookupPropertyWithFlags
JS_LookupUCProperty
JS_MakeStringImmutable
JS_MapGCRoots
JS_MarkGCThing
JS_MaybeGC
JS_NewArrayObject
JS_NewContext
JS_NewDHashTable
JS_NewDependentString
JS_NewDouble
JS_NewDoubleValue
JS_NewExternalString
JS_NewFunction
JS_NewGrowableString
JS_NewHashTable
JS_NewNumberValue
JS_NewObject
JS_NewPropertyIterator
JS_NewRegExpObject
JS_NewScriptObject
JS_NewString
JS_NewStringCopyN
JS_NewStringCopyZ
JS_NewUCRegExpObject
JS_NewUCString
JS_NewUCStringCopyN
JS_NewUCStringCopyZ
JS_NextProperty
JS_Now
JS_ObjectIsFunction
JS_PCToLineNumber
JS_PopArguments
JS_PropertyIterator
JS_PropertyStub
JS_PushArguments
JS_PushArgumentsVA
JS_PutPropertyDescArray
JS_RemoveArgumentFormatter
JS_RemoveExternalStringFinalizer
JS_RemoveRoot
JS_RemoveRootRT
JS_ReportError
JS_ReportErrorFlagsAndNumber
JS_ReportErrorFlagsAndNumberUC
JS_ReportErrorNumber
JS_ReportErrorNumberUC
JS_ReportOutOfMemory
JS_ReportPendingException
JS_ReportWarning
JS_ResolveStandardClass
JS_ResolveStub
JS_RestoreExceptionState
JS_RestoreFrameChain
JS_SaveExceptionState
JS_SaveFrameChain
JS_SealObject
JS_SetArrayLength
JS_SetBranchCallback
JS_SetCallHook
JS_SetCallReturnValue2
JS_SetCheckObjectAccessCallback
JS_SetContextCallback
JS_SetContextPrivate
JS_SetDebugErrorHook
JS_SetDebuggerHandler
JS_SetDestroyScriptHookProc
JS_SetElement
JS_SetErrorReporter
JS_SetExecuteHook
JS_SetFrameAnnotation
JS_SetFrameReturnValue
JS_SetGCCallback
JS_SetGCCallbackRT
JS_SetGCParameter
JS_SetGlobalObject
JS_SetInterrupt
JS_SetLocaleCallbacks
JS_SetNewScriptHookProc
JS_SetObjectHook
JS_SetObjectPrincipalsFinder
JS_SetOptions
JS_SetParent
JS_SetPendingException
JS_SetPrincipalsTranscoder
JS_SetPrivate
JS_SetProperty
JS_SetPropertyAttributes
JS_SetPrototype
JS_SetRegExpInput
JS_SetReservedSlot
JS_SetRuntimePrivate
JS_SetSourceHandler
JS_SetThreadStackLimit
JS_SetThrowHook
JS_SetTrap
JS_SetUCProperty
JS_SetUCPropertyAttributes
JS_SetVersion
JS_SetWatchPoint
JS_ShutDown
JS_StackFramePrincipals
JS_StringToVersion
JS_ThrowReportedError
JS_ToggleOptions
JS_TypeOfValue
JS_UndependString
JS_Unlock
JS_UnlockGCThing
JS_UnlockGCThingRT
JS_ValueToBoolean
JS_ValueToConstructor
JS_ValueToECMAInt32
JS_ValueToECMAUint32
JS_ValueToFunction
JS_ValueToId
JS_ValueToInt32
JS_ValueToNumber
JS_ValueToObject
JS_ValueToString
JS_ValueToUint16
JS_VersionToString
JS_XDRBytes
JS_XDRCString
JS_XDRCStringOrNull
JS_XDRDestroy
JS_XDRDouble
JS_XDRFindClassById
JS_XDRFindClassIdByName
JS_XDRInitBase
JS_XDRMemDataLeft
JS_XDRMemGetData
JS_XDRMemResetData
JS_XDRMemSetData
JS_XDRNewMem
JS_XDRRegisterClass
JS_XDRScript
JS_XDRString
JS_XDRStringOrNull
JS_XDRUint16
JS_XDRUint32
JS_XDRUint8
JS_XDRValue
JS_dtobasestr
JS_dtostr
JS_free
JS_malloc
JS_realloc
JS_smprintf
JS_smprintf_free
JS_snprintf
JS_sprintf_append
JS_strdup
JS_strtod
JS_sxprintf
JS_vsmprintf
JS_vsnprintf
JS_vsprintf_append
JS_vsxprintf
js_AllocRawStack
js_AllocStack
js_AnyNameClass
js_AtomToPrintableString
js_Atomize
js_AtomizeChars
js_AttributeNameClass
js_CallDestroyScriptHook
js_CallNewScriptHook
js_CloseTokenStream
js_CompileTokenStream
js_DateGetDate
js_DateGetHours
js_DateGetMinutes
js_DateGetMonth
js_DateGetMsecSinceEpoch
js_DateGetSeconds
js_DateGetYear
js_DateIsValid
js_DateSetDate
js_DateSetHours
js_DateSetMinutes
js_DateSetMonth
js_DateSetSeconds
js_DateSetYear
js_FindProperty
js_FinishCodeGenerator
js_FreeAtomMap
js_FreeRawStack
js_FreeStack
js_FunctionClass
js_GetAtom
js_GetScriptLineExtent
js_GetSrcNoteOffset
js_InitAtomMap
js_InitCodeGenerator
js_Invoke
js_LookupProperty
js_MapKeywords
js_NamespaceClass
js_NewBufferTokenStream
js_NewDateObject
js_NewDateObjectMsec
js_NewFileTokenStream
js_NewScriptFromCG
js_ObjectOps
js_ParseTokenStream
js_ParseXMLTokenStream
js_QNameClass
js_ReportErrorAgain
js_ScriptClass
js_SearchScope
js_SrcNoteLength
js_SrcNoteSpec
js_ValueToPrintable
js_ValueToSource
js_ValueToString
js_WithObjectOps
js_XMLClass
js_XMLObjectOps
js_fgets
resolving_MatchEntry

Sections

.text
Size: 620KB - Virtual size: 616KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tools/libiconv-2.dll
.dll windows:4 windows x86 arch:x86

4b10c1ef119ea3d46439977b03f17e1c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetACP
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
IsDBCSLeadByteEx
MultiByteToWideChar
WideCharToMultiByte

msvcrt

_strdup
__dllonexit
__lc_codepage
__mb_cur_max
_errno
abort
fflush
free
malloc
memcpy
qsort
sprintf
strchr
strcmp
strcpy
strlen
strncmp

Exports

Exports

_libiconv_version
aliases2_lookup
aliases_lookup
iconv_canonicalize
libiconv
libiconv_close
libiconv_open
libiconv_relocate
libiconv_set_relocation_prefix
libiconvctl
libiconvlist
locale_charset

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 816KB - Virtual size: 815KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 536B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 370B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 772B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tools/libintl-8.dll
.dll windows:4 windows x86 arch:x86

20f0bf0b7c3dee59835e4d9d93d2ad03

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

libiconv-2

libiconv
libiconv_open
libiconv_set_relocation_prefix

kernel32

CloseHandle
CreateEventA
DeleteCriticalSection
EnterCriticalSection
GetACP
GetCurrentThreadId
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetThreadLocale
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
SetEvent
Sleep
WaitForSingleObject
WideCharToMultiByte

msvcrt

_close
_fstat
_getcwd
_open
_read
_strdup
__dllonexit
__lc_codepage
__mb_cur_max
_errno
_flsbuf
_iob
_isctype
_pctype
_snprintf
_snwprintf
_stricmp
_vsnprintf
_vsnwprintf
abort
bsearch
calloc
fclose
fflush
fgets
fopen
fputc
fputwc
free
fwrite
getenv
localeconv
malloc
memcpy
qsort
realloc
strchr
strcmp
strcpy
strcspn
strlen
strncmp
strstr
strtoul
tolower
vfwprintf
wcschr
wcslen

Exports

Exports

__printf__
_get_output_format
_nl_expand_alias
_nl_explode_name
_nl_find_domain
_nl_find_msg
_nl_language_preferences_default
_nl_load_domain
_nl_locale_name
_nl_locale_name_default
_nl_locale_name_posix
_nl_log_untranslated
_nl_make_l10nflist
_nl_msg_cat_cntr
_nl_normalize_codeset
_nl_state_lock
bind_textdomain_codeset
bindtextdomain
dcgettext
dcngettext
dgettext
dngettext
gettext
libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_dcgettext
libintl_dcigettext
libintl_dcngettext
libintl_dgettext
libintl_dngettext
libintl_fprintf
libintl_fwprintf
libintl_gettext
libintl_gettext_extract_plural
libintl_gettext_free_exp
libintl_gettext_germanic_plural
libintl_gettextparse
libintl_hash_string
libintl_lock_destroy
libintl_lock_init
libintl_lock_lock
libintl_lock_unlock
libintl_ngettext
libintl_nl_current_default_domain
libintl_nl_default_default_domain
libintl_nl_default_dirname
libintl_nl_domain_bindings
libintl_once
libintl_recursive_lock_destroy
libintl_recursive_lock_init
libintl_recursive_lock_lock
libintl_recursive_lock_unlock
libintl_relocate
libintl_rwlock_destroy
libintl_rwlock_init
libintl_rwlock_rdlock
libintl_rwlock_unlock
libintl_rwlock_wrlock
libintl_set_relocation_prefix
libintl_snprintf
libintl_sprintf
libintl_swprintf
libintl_textdomain
libintl_vasnprintf
libintl_vasnwprintf
libintl_version
libintl_vfprintf
libintl_vfwprintf
libintl_vprintf
libintl_vsnprintf
libintl_vsprintf
libintl_vswprintf
libintl_vwprintf
libintl_wprintf
locale_charset
ngettext
textdomain

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tools/magic1.dll
.dll windows:4 windows x86 arch:x86

d8adf44f90c973053779f7dd96649e25

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

regex2

regcomp
regerror
regexec
regfree

zlib1

inflate
inflateEnd
inflateInit2_

kernel32

AddAtomA
DeleteCriticalSection
EnterCriticalSection
FindAtomA
GetAtomNameA
GetFileAttributesA
GetLastError
InitializeCriticalSection
InterlockedExchange
LeaveCriticalSection
Sleep

msvcrt

_close
_dup2
_mktemp
_open
_read
_strdup
_unlink
_utime
_write
__dllonexit
__mb_cur_max
_access
_assert
_errno
_findclose
_findfirst
_findnext
_fstati64
_fullpath
_iob
_isctype
_lseeki64
_pctype
_pipe
_stati64
abort
asctime
calloc
ctime
exit
fclose
fflush
fgets
fopen
fprintf
fputc
free
fwrite
getenv
gmtime
localtime
malloc
memcpy
memset
qsort
realloc
sprintf
strchr
strcpy
strcspn
strerror
strlen
strncmp
strrchr
strstr
strtod
strtol
strtoul
time
tolower
toupper
vfprintf
vsprintf

Exports

Exports

DllGetVersion
magic_buffer
magic_check
magic_close
magic_compile
magic_descriptor
magic_errno
magic_error
magic_file
magic_load
magic_open
magic_setflags

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 325B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tools/mencoder.exe
.exe windows:4 windows x86 arch:x86

71c3feeecf97f548221eb4cb1c628f30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateFileMappingA
CreateSemaphoreA
CreateThread
DeleteCriticalSection
DeviceIoControl
DuplicateHandle
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsA
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FreeLibrary
GetACP
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDriveTypeA
GetFileAttributesA
GetFileAttributesExA
GetFullPathNameA
GetLastError
GetLogicalDrives
GetLongPathNameA
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathA
GetThreadContext
GetThreadPriority
GetVersion
GetWindowsDirectoryA
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LoadResource
LockResource
MapViewOfFile
MultiByteToWideChar
OpenProcess
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
ReadConsoleInputA
ReadFile
ReleaseSemaphore
ResetEvent
ResumeThread
SetConsoleMode
SetConsoleTextAttribute
SetEnvironmentVariableA
SetEvent
SetFilePointer
SetLastError
SetPriorityClass
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnmapViewOfFile
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte

msvcrt

_access
_close
_fdopen
_ftime
_memccpy
_mkdir
_open
_putenv
_read
_rmdir
_setmode
_stat
_strdup
_swab
_tempnam
_unlink
_write
__getmainargs
__lc_codepage
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_beginthread
_beginthreadex
_cexit
_endthread
_endthreadex
_errno
_filbuf
_findclose
_findfirst
_findnext
_flsbuf
_fstati64
_ftime
_fullpath
_get_osfhandle
_iob
_isctype
_lseeki64
_mkdir
_onexit
_open_osfhandle
_pctype
_setjmp
_setmode
_snprintf
_stati64
_stricmp
_strnicmp
_telli64
abort
acos
asin
atan
atan2
atexit
atof
atoi
atol
bsearch
calloc
ceil
clearerr
cos
cosh
ctime
exit
exp
fclose
fflush
fgetc
fgets
floor
fopen
fprintf
fputc
fputs
fread
free
frexp
fscanf
fseek
ftell
fwrite
getenv
gmtime
ldexp
localeconv
localtime
log
log10
longjmp
malloc
mbstowcs
memchr
memcmp
memcpy
memmove
memset
mktime
modf
perror
pow
printf
putchar
puts
qsort
rand
realloc
rename
rewind
setbuf
setlocale
signal
sin
sinh
sprintf
sqrt
srand
sscanf
strcat
strchr
strcmp
strcoll
strcpy
strcspn
strerror
strftime
strlen
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtok
strtol
strtoul
tan
tanh
time
tolower
toupper
ungetc
vfprintf
vsprintf
wcslen
wcstombs

ole32

CoCreateInstance
CoInitialize
CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateItemMoniker
GetRunningObjectTable

user32

wsprintfW

winmm

timeGetTime

ws2_32

WSACleanup
WSAGetLastError
WSASetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
gethostbyname
gethostname
getsockname
getsockopt
htonl
htons
inet_addr
inet_ntoa
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
socket

Sections

.text
Size: 8.2MB - Virtual size: 8.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

/4
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rotext
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 249KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Tools/mkvmerge.exe
.exe windows:4 windows x86 arch:x86

61ec602f979753ec71d2df361c3b80c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

libiconv-2

libiconv
libiconv_close
libiconv_open

libintl-8

__printf__
libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_gettext
libintl_textdomain

magic1

magic_buffer
magic_close
magic_load
magic_open

zlib1

deflate
deflateEnd
deflateInit_
inflate
inflateEnd
inflateInit_

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

AddAtomA
CloseHandle
CreateFileA
CreateFileW
ExitProcess
FindAtomA
FormatMessageA
GetACP
GetAtomNameA
GetCommandLineW
GetCurrentProcess
GetCurrentThread
GetEnvironmentVariableA
GetLastError
GetLocaleInfoA
GetOEMCP
GetTickCount
GetVersionExA
LocalFree
ReadFile
SetEndOfFile
SetEnvironmentVariableA
SetFilePointer
SetPriorityClass
SetThreadPriority
SetUnhandledExceptionFilter
WideCharToMultiByte
WriteFile

msvcrt

_fdopen
_fstat
_lseek
_open
_read
_setmode
_strdup
_swab
_write
__getmainargs
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_atoi64
_cexit
_ctype
_errno
_filbuf
_flsbuf
_ftime
_iob
_isctype
_mkdir
_onexit
_pctype
_putenv
_setjmp
_setmode
_snprintf
_stat
_stricmp
_strnicmp
_vsnprintf
_wmkdir
_wstat
abort
acos
atan
atexit
atoi
atol
calloc
ceil
cos
exit
exp
fclose
ferror
fflush
fgetc
fgets
floor
fopen
fprintf
fputc
fread
free
frexp
fseek
ftell
fwrite
getenv
ldexp
log
longjmp
malloc
memchr
memcmp
memcpy
memmove
memset
perror
pow
qsort
rand
realloc
rename
setlocale
setvbuf
signal
sin
sprintf
sqrt
srand
sscanf
strcat
strchr
strcmp
strcoll
strcpy
strerror
strftime
strlen
strncmp
strncpy
strstr
strtod
strtol
strxfrm
time
tolower
toupper
ungetc
vfprintf

rpcrt4

UuidCreate

shell32

CommandLineToArgvW

wsock32

ntohl

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 799KB - Virtual size: 799KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 812B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Tools/regex2.dll
.dll windows:4 windows x86 arch:x86

034666ac012e8ddbed7c20dac60b4b4f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetAtomNameA

msvcrt

__dllonexit
__mb_cur_max
_assert
_errno
_isctype
_pctype
_stricmp
abort
calloc
fflush
free
getenv
malloc
memcpy
memmove
memset
realloc
strchr
tolower
toupper

Exports

Exports

DllGetVersion
re_comp
re_compile_fastmap
re_compile_pattern
re_exec
re_match
re_match_2
re_search
re_search_2
re_set_registers
re_set_syntax
re_syntax_options
regcomp
regerror
regexec
regfree

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 256B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 403B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tools/rmeditor.exe
.exe windows:4 windows x86 arch:x86

97906afa30fc2e1fd849b156a41c8fe8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\src\producerapps_rn\rmeditor\rmeditor.pdb

Imports

kernel32

GetModuleFileNameA
LoadLibraryA
SetErrorMode
FreeLibrary
GetProcAddress
GetModuleHandleA

msvcr71

??2@YAPAXI@Z
_purecall
strlen
fprintf
_iob
sprintf
strrchr
printf
atoi
tolower
isupper
strncpy
??3@YAXPAX@Z
__dllonexit
_onexit
_c_exit
_exit
_XcptFilter
_cexit
exit
__p___initenv
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_putenv
_stricmp
strchr

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Tools/tools/rmmerge.dll
.dll windows:4 windows x86 arch:x86

b7bf0979a70fb6721cf4052ece649ea0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\src\producersdk_rn\common\rmmerge\rmmerge.pdb

Imports

ole32

CoInitializeEx
CoUninitialize
CoCreateGuid

user32

CharNextA
GetSystemMetrics
wsprintfA
GetMessageA
PostThreadMessageA
KillTimer
SetTimer
RegisterWindowMessageA
SendMessageA
PostMessageA
RegisterClassA
UnregisterClassA
CreateWindowExA
SetWindowLongA
DefWindowProcA
GetWindowLongA
PeekMessageA
DispatchMessageA
PostQuitMessage
DestroyWindow

advapi32

RegEnumKeyA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueA
RegCreateKeyA
RegSetValueA
RegOpenKeyA

msvcr71

??0exception@@QAE@ABV0@@Z
_CxxThrowException
strncmp
??_U@YAPAXI@Z
tolower
isupper
memmove
qsort
strchr
strtol
_vsnprintf
__CxxFrameHandler
time
_assert
isdigit
_endthreadex
_beginthreadex
atol
isspace
??1exception@@UAE@XZ
strtok
strstr
atof
_unlink
_strnicmp
fclose
fprintf
fopen
_iob
__dllonexit
_onexit
free
_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3
??1type_info@@UAE@XZ
?terminate@@YAXXZ
??0exception@@QAE@XZ
atoi
??_V@YAXPAX@Z
strncpy
_purecall
strrchr
sprintf
remove
??2@YAPAXI@Z
??3@YAXPAX@Z
_strcmpi
_putenv
_ftime
_errno
_open
_close
_lseek
_read
_write
_get_osfhandle
_fstat
_chsize
_findfirst
_findnext
_findclose
_timezone
localtime
_tzset
_creat
_sopen
_tell
_stricmp
malloc

msvcp71

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

kernel32

ResetEvent
SetEvent
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetLastError
WaitForSingleObject
CloseHandle
GetThreadPriority
InitializeCriticalSection
ResumeThread
SuspendThread
SetErrorMode
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
GetCurrentThreadId
GetSystemDirectoryA
GlobalMemoryStatus
CreateEventA
DeleteFileA
GetFileSize
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
GetTempFileNameA
GetTempPathA
GetSystemInfo
GetVersion
SetThreadPriority
FreeLibrary
GetCurrentProcessId
GetVersionExA
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetTickCount

Exports

Exports

?AsyncNotifyProc@CAsyncNetThread@@KGJPAUHWND__@@IIJ@Z
?AsyncNotifyProc@CAsyncSockN@@KGJPAUHWND__@@IIJ@Z
RMACreateAsmConversionFilter
RMACreateRM1Merge
RMACreateRM2Converter
RMACreateRM2Converter2
RMClose
RMInit
RMMerge
RMMergeConvert

Sections

.text
Size: 312KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tools/tools/rmtools.dll
.dll windows:4 windows x86 arch:x86

727990838bd8b2264bbbd2688c4ac9e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\src\producersdk_rn\common\rmtools\rmtools.pdb

Imports

user32

LoadStringA
CharPrevA
CharNextA
GetSystemMetrics

advapi32

RegOpenKeyExA
RegEnumKeyA
RegEnumKeyExA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegQueryValueA
RegCreateKeyA
RegSetValueA
RegOpenKeyA

msvcr71

strrchr
strstr
strtol
_vsnprintf
getenv
_errno
strncpy
_chsize
_strnicmp
_timezone
localtime
time
_tzset
sscanf
atof
strchr
malloc
free
_assert
_ftime
_findclose
_findnext
_findfirst
vfprintf
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3
?terminate@@YAXXZ
_mbctype
isupper
__CxxFrameHandler
_stricmp
memmove
rename
remove
fgets
tolower
fopen
atol
fgetc
isspace
isalpha
ungetc
isdigit
_iob
fprintf
fclose
strtok
ceil
floor
atoi
sprintf
??_U@YAPAXI@Z
??_V@YAXPAX@Z
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
_purecall
_read
_write
_unlink
_putenv
_strlwr
_getpid
strpbrk
_get_osfhandle
_fstat
_control87
_tell
_lseek
_sopen
_open
_creat
_close
_strcmpi
_getcwd
_chdir

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

kernel32

GlobalMemoryStatus
WinExec
lstrcpyA
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
GetVersion
GetVersionExA
CopyFileA
GetProcAddress
FreeLibrary
SetErrorMode
LoadLibraryA
GetTempPathA
GetTempFileNameA
CloseHandle
CreateFileA
GetFileSize
CreateFileMappingA
MapViewOfFile
GetLastError
UnmapViewOfFile
GetSystemInfo
MoveFileA
FindNextFileA
GetFileAttributesA
SetFileAttributesA
DeleteFileA
RemoveDirectoryA
GetDriveTypeA
FindFirstFileA
CreateDirectoryA
GetModuleFileNameA
GetWindowsDirectoryA
GetDiskFreeSpaceA
FindClose
GetFullPathNameA
GetTickCount
GetSystemDirectoryA

ole32

CoCreateGuid

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Exports

Exports

RMACreateRMEdit
RMACreateRMEvents
RMACreateRMFF2Reader
RMACreateRMFFCopy
RMACreateRMFFDump
RMACreateRMFile
RMACreateRealMediaRegistration
SetDLLAccessPath

Sections

.text
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tools/zlib1.dll
.dll windows:4 windows x86 arch:x86

07761085e6d5abbc4cbf0976d6b9a264

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetAtomNameA

msvcrt

_fdopen
__dllonexit
_errno
_filelengthi64
_vsnprintf
abort
clearerr
fclose
fflush
fgetpos
fopen
fprintf
fputc
fread
free
fsetpos
fwrite
malloc
memcpy
memset
sprintf
strcat
strcpy
strerror
strlen

Exports

Exports

DllGetVersion
_dist_code
_length_code
_tr_align
_tr_flush_block
_tr_init
_tr_stored_block
_tr_tally
adler32
adler32_combine
compress
compress2
compressBound
crc32
crc32_combine
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePrime
deflateReset
deflateSetDictionary
deflateSetHeader
deflateTune
deflate_copyright
get_crc_table
gzclearerr
gzclose
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgets
gzopen
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzsetparams
gztell
gzungetc
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCopy
inflateEnd
inflateGetHeader
inflateInit2_
inflateInit_
inflatePrime
inflateReset
inflateSetDictionary
inflateSync
inflateSyncPoint
inflate_copyright
inflate_fast
inflate_table
uncompress
zError
z_errmsg
zcalloc
zcfree
zlibCompileFlags
zlibVersion

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 144B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Update.txt

Sharing

General

Malware Config

Signatures

Files

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 361KB - Virtual size: 2.3MB

.rsrc Size: 27KB - Virtual size: 28KB

bd123484b301f0b79c074fd0c9968da4

Headers

File Characteristics

Imports

msvcrt

winmm

js32

kernel32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 168KB - Virtual size: 175KB

.rsrc Size: 4KB - Virtual size: 960B

cda67450547ba48c4de07a147445e33f

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

wininet

Exports

Exports

Sections

.text Size: 676KB - Virtual size: 673KB

_TEXT64 Size: 4KB - Virtual size: 1KB

.rdata Size: 172KB - Virtual size: 170KB

.data Size: 40KB - Virtual size: 62KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 64KB - Virtual size: 61KB

cc5eedcab66395ec35b5ad41a2927d03

Headers

File Characteristics

Imports

version

msvfw32

msacm32

msdmo

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 292KB - Virtual size: 288KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 944B

4e51295253133e7df7353b50c759a41b

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

avicap32

avifil32

ws2_32

Sections

.text
Size: 361KB - Virtual size: 2.3MB

.rsrc
Size: 27KB - Virtual size: 28KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 168KB - Virtual size: 175KB

.rsrc
Size: 4KB - Virtual size: 960B

.text
Size: 676KB - Virtual size: 673KB

_TEXT64
Size: 4KB - Virtual size: 1KB

.rdata
Size: 172KB - Virtual size: 170KB

.data
Size: 40KB - Virtual size: 62KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 64KB - Virtual size: 61KB

.text
Size: 292KB - Virtual size: 288KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 944B

.text
Size: 6.8MB - Virtual size: 6.8MB

.rotext
Size: 107KB - Virtual size: 106KB

.data
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.rodata
Size: 13KB - Virtual size: 12KB

.bss
Size: - Virtual size: 5.1MB

.idata
Size: 6KB - Virtual size: 5KB

.text
Size: 620KB - Virtual size: 616KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 32KB - Virtual size: 32KB

.reloc
Size: 16KB - Virtual size: 13KB

.text
Size: 74KB - Virtual size: 74KB

.data
Size: 512B - Virtual size: 16B

.rdata
Size: 816KB - Virtual size: 815KB

.bss
Size: - Virtual size: 536B

.edata
Size: 512B - Virtual size: 370B

.idata
Size: 1024B - Virtual size: 772B

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 58KB - Virtual size: 58KB

.data
Size: 1024B - Virtual size: 548B

.rdata
Size: 6KB - Virtual size: 6KB

.bss
Size: - Virtual size: 3KB

.edata
Size: 2KB - Virtual size: 2KB

.idata
Size: 2KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 98KB - Virtual size: 97KB

.data
Size: 1024B - Virtual size: 784B

.rdata
Size: 17KB - Virtual size: 16KB

.bss
Size: - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 325B

.idata
Size: 2KB - Virtual size: 2KB