bd693e233e52af91f8e30d887a630e14_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bd693e233e52af91f8e30d887a630e14_JaffaCakes118
Size

2.0MB
MD5

bd693e233e52af91f8e30d887a630e14
SHA1

39508fb51614b2b7f1f518863e01039e9b39923d
SHA256

9d3f59683fec728d77ea2806bb134c0f3c6766dc2f34d684fcb4809d4e8fa629
SHA512

ad3881b703125380940858b66275a24b4b7a227099ff546a34850f32696af76a0984b5aedaa8c6fad779b651dc2376fe4b438ff5579f127627b53efac0973f6e
SSDEEP

49152:tn45XcpcQO4sk+9IMNSGLehZzSAfPbAliNzoHhne:tIM2k8fJLehhbAkQhne

Score

3^/10

Malware Config

Signatures

Unsigned PE 52 IoCs

Checks for missing Authenticode signature.

resource
bd693e233e52af91f8e30d887a630e14_JaffaCakes118
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/inetc.dll
unpack001/App/WinRAR-x64/Default.SFX
unpack001/App/WinRAR-x64/Default64.SFX
unpack001/App/WinRAR-x64/Formats/7z.fmt
unpack001/App/WinRAR-x64/Formats/7zxa.dll
unpack001/App/WinRAR-x64/Formats/UNACEV2.DLL
unpack001/App/WinRAR-x64/Formats/ace.fmt
unpack001/App/WinRAR-x64/Formats/ace32loader.exe
unpack001/App/WinRAR-x64/Formats/arj.fmt
unpack001/App/WinRAR-x64/Formats/bz2.fmt
unpack001/App/WinRAR-x64/Formats/cab.fmt
unpack001/App/WinRAR-x64/Formats/gz.fmt
unpack001/App/WinRAR-x64/Formats/iso.fmt
unpack001/App/WinRAR-x64/Formats/lzh.fmt
unpack001/App/WinRAR-x64/Formats/tar.fmt
unpack001/App/WinRAR-x64/Formats/uue.fmt
unpack001/App/WinRAR-x64/Formats/z.fmt
unpack001/App/WinRAR-x64/Rar.exe
unpack001/App/WinRAR-x64/UnRAR.exe
unpack001/App/WinRAR-x64/WinCon.SFX
unpack001/App/WinRAR-x64/WinCon64.SFX
unpack001/App/WinRAR-x64/WinRAR.exe
unpack001/App/WinRAR-x64/Zip.SFX
unpack001/App/WinRAR-x64/Zip64.SFX
unpack001/App/WinRAR/Default.SFX
unpack001/App/WinRAR/Formats/7z.fmt
unpack001/App/WinRAR/Formats/7zxa.dll
unpack001/App/WinRAR/Formats/UNACEV2.DLL
unpack001/App/WinRAR/Formats/ace.fmt
unpack001/App/WinRAR/Formats/arj.fmt
unpack001/App/WinRAR/Formats/bz2.fmt
unpack001/App/WinRAR/Formats/cab.fmt
unpack001/App/WinRAR/Formats/gz.fmt
unpack001/App/WinRAR/Formats/iso.fmt
unpack001/App/WinRAR/Formats/lzh.fmt
unpack001/App/WinRAR/Formats/tar.fmt
unpack001/App/WinRAR/Formats/uue.fmt
unpack001/App/WinRAR/Formats/z.fmt
unpack001/App/WinRAR/Rar.exe
unpack001/App/WinRAR/UnRAR.exe
unpack001/App/WinRAR/WinCon.SFX
unpack001/App/WinRAR/WinRAR.exe
unpack001/App/WinRAR/Zip.SFX
unpack001/WinRARPortable.exe
unpack002/$PLUGINSDIR/FindProcDLL.dll
unpack002/$PLUGINSDIR/Registry.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/newadvsplash.dll

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/WinRARPortable.exe	nsis_installer_1
static1/unpack001/WinRARPortable.exe	nsis_installer_2

Files

bd693e233e52af91f8e30d887a630e14_JaffaCakes118
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

9b6b6a7858e17fb0b17e1c1428330343

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GetACP
lstrlenA
lstrcmpA
lstrcpynA
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc

user32

SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
LoadIconA
SendMessageA
ShowWindow
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/inetc.dll
.dll windows:4 windows x86 arch:x86

8773e19ae02f331332db1b00671fdecf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_mbschr
_adjust_fdiv
malloc
_initterm
free
_mbsrchr
strtoul
memset
_mbsstr
strtol

kernel32

CloseHandle
CreateThread
WaitForSingleObject
TerminateThread
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc
LoadLibraryA
GetProcAddress
lstrlenA
WriteFile
ReadFile
lstrcmpA
lstrcpynA
GetLastError
GlobalFree
lstrcmpiA
DeleteFileA
SleepEx
SetFilePointer
GetTickCount
lstrcatA
GetFileSize
CreateFileA

user32

MessageBoxA
GetParent
ShowWindow
SetWindowLongA
GetWindowLongA
SetWindowTextA
IsWindow
GetDlgItem
PostMessageA
GetWindowTextA
SendMessageA
SetDlgItemTextA
SetWindowPos
SystemParametersInfoA
GetClientRect
GetWindowRect
SetTimer
LoadIconA
UpdateWindow
DestroyWindow
KillTimer
RedrawWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
IsWindowVisible
EnableWindow
CreateDialogParamA
FindWindowExA
wsprintfA
SendDlgItemMessageA

wininet

HttpSendRequestA
HttpSendRequestExA
HttpQueryInfoA
FtpCreateDirectoryA
FtpOpenFileA
InternetGetLastResponseInfoA
InternetSetFilePointer
InternetSetOptionA
InternetQueryOptionA
InternetCloseHandle
InternetErrorDlg
HttpOpenRequestA
HttpAddRequestHeadersA
HttpEndRequestA
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetReadFile
InternetWriteFile

comctl32

ord17

Exports

Exports

get
head
post
put

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
App/WinRAR-x64/Default.SFX
.exe windows:5 windows x86 arch:x86

93ff054b805e17efd7f7ae1730680391

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\SFX\build\sfxrar32\Release\sfxrar.pdb

Imports

comctl32

InitCommonControlsEx
ord17

shlwapi

SHAutoComplete

kernel32

DeleteFileW
DeleteFileA
CreateDirectoryA
CreateDirectoryW
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
GetTickCount
WideCharToMultiByte
GlobalAlloc
GetVersionExW
GetFullPathNameA
GetFullPathNameW
GetModuleFileNameW
FindResourceW
GetModuleHandleW
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
CompareStringA
ExitProcess
GetLocaleInfoW
GetNumberFormatW
DosDateTimeToFileTime
GetTimeFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
WaitForSingleObject
Sleep
GetTempPathW
MoveFileExW
UnmapViewOfFile
GetCommandLineW
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
SetEnvironmentVariableW
GetProcAddress
LocalFileTimeToFileTime
SystemTimeToFileTime
GetSystemTime
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
SetCurrentDirectoryW
GetCurrentDirectoryW
LoadLibraryW
FreeLibrary
SetFileAttributesW
SetFileAttributesA
GetFileAttributesW
GetFileAttributesA
WriteFile
GetStdHandle
SetLastError
ReadFile
CreateFileW
CreateFileA
GetFileType
SetEndOfFile
SetFilePointer
MoveFileW
SetFileTime
GetCurrentProcess
CloseHandle
GetLastError
GetDateFormatW

user32

wvsprintfW
ReleaseDC
GetDC
SendMessageW
SetDlgItemTextW
SetFocus
EndDialog
DestroyIcon
SendDlgItemMessageW
GetDlgItemTextW
GetClassNameW
DialogBoxParamW
IsWindowVisible
WaitForInputIdle
SetForegroundWindow
GetSysColor
PostMessageW
LoadBitmapW
LoadIconW
CharToOemA
OemToCharA
FindWindowExW
wvsprintfA
GetParent
MapWindowPoints
CreateWindowExW
UpdateWindow
SetWindowTextW
LoadCursorW
RegisterClassExW
SetWindowLongW
GetWindowLongW
DefWindowProcW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
GetClientRect
IsWindow
CharToOemBuffW
MessageBoxW
ShowWindow
GetDlgItem
EnableWindow
OemToCharBuffA
CharUpperA
CharToOemBuffA
LoadStringW
SetWindowPos
GetWindowTextW
GetSystemMetrics
GetWindow
CharUpperW
GetWindowRect
CopyRect

gdi32

GetDeviceCaps
GetObjectW
CreateCompatibleBitmap
SelectObject
StretchBlt
CreateCompatibleDC
DeleteObject
DeleteDC

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

advapi32

RegOpenKeyExW
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
SetFileSecurityW
SetFileSecurityA
AdjustTokenPrivileges

shell32

SHChangeNotify
ShellExecuteExW
SHFileOperationW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

CreateStreamOnHGlobal
OleInitialize
CoCreateInstance
OleUninitialize
CLSIDFromString

oleaut32

VariantInit

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
App/WinRAR-x64/Default64.SFX
.exe windows:5 windows x64 arch:x64

94d515ee8c46f2ab73506665e8beee5a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\Projects\WinRAR\SFX\build\sfxrar64\Release\sfxrar.pdb

Imports

comctl32

InitCommonControlsEx
ord17

shlwapi

SHAutoComplete

kernel32

DeleteFileW
DeleteFileA
CreateDirectoryA
CreateDirectoryW
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
GetTickCount
WideCharToMultiByte
GlobalAlloc
GetVersionExW
GetFullPathNameA
GetFullPathNameW
GetModuleFileNameW
FindResourceW
GetModuleHandleW
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
CompareStringA
ExitProcess
GetLocaleInfoW
GetNumberFormatW
DosDateTimeToFileTime
GetTimeFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
WaitForSingleObject
Sleep
GetTempPathW
MoveFileExW
UnmapViewOfFile
GetCommandLineW
MapViewOfFile
CreateFileMappingW
SetEnvironmentVariableW
OpenFileMappingW
GetProcAddress
LocalFileTimeToFileTime
SystemTimeToFileTime
GetSystemTime
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
SetCurrentDirectoryW
GetCurrentDirectoryW
LoadLibraryW
FreeLibrary
SetFileAttributesW
SetFileAttributesA
GetFileAttributesW
GetFileAttributesA
WriteFile
GetStdHandle
ReadFile
SetLastError
CreateFileW
CreateFileA
GetFileType
SetEndOfFile
SetFilePointer
MoveFileW
SetFileTime
GetCurrentProcess
CloseHandle
GetLastError
GetDateFormatW

user32

wvsprintfA
wvsprintfW
ReleaseDC
GetDC
SendMessageW
SetDlgItemTextW
SetFocus
EndDialog
DestroyIcon
SendDlgItemMessageW
GetDlgItemTextW
GetClassNameW
DialogBoxParamW
IsWindowVisible
WaitForInputIdle
SetForegroundWindow
GetSysColor
PostMessageW
LoadBitmapW
LoadIconW
CharToOemA
OemToCharA
CharUpperA
GetParent
MapWindowPoints
CreateWindowExW
UpdateWindow
SetWindowTextW
LoadCursorW
RegisterClassExW
SetWindowLongPtrW
GetWindowLongPtrW
DefWindowProcW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
CopyRect
IsWindow
CharToOemBuffW
MessageBoxW
ShowWindow
GetDlgItem
EnableWindow
OemToCharBuffA
CharToOemBuffA
LoadStringW
SetWindowPos
GetWindowTextW
GetSystemMetrics
GetWindow
GetWindowLongW
SetWindowLongW
CharUpperW
FindWindowExW
GetWindowRect
GetClientRect

gdi32

GetDeviceCaps
GetObjectW
CreateCompatibleBitmap
SelectObject
StretchBlt
CreateCompatibleDC
DeleteObject
DeleteDC

comdlg32

GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW

advapi32

RegOpenKeyExW
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
SetFileSecurityW
SetFileSecurityA
AdjustTokenPrivileges

shell32

SHChangeNotify
ShellExecuteExW
SHFileOperationW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

CreateStreamOnHGlobal
OleInitialize
CoCreateInstance
OleUninitialize
CLSIDFromString

oleaut32

VariantInit

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
App/WinRAR-x64/Descript.ion
App/WinRAR-x64/File_Id.diz
App/WinRAR-x64/Formats/7z.fmt
.dll windows:5 windows x64 arch:x64

2e80634c95d9d845f6012eb28e7d0cc3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\7z\build\64\Release\7z.pdb

Imports

kernel32

GetLastError
SetFilePointer
WriteFile
ReadFile
CompareStringA
MultiByteToWideChar
WideCharToMultiByte
CompareStringW
FreeLibrary
LoadLibraryA
AreFileApisANSI
LoadLibraryW
SetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
SetFileAttributesA
RemoveDirectoryA
CreateDirectoryA
CloseHandle
RemoveDirectoryW
CreateDirectoryW
FindClose
FindFirstFileA
FindFirstFileW
SetLastError
GetFileSize
SetEndOfFile
GetProcAddress
lstrcmpiW
GetModuleFileNameW
LCMapStringW
LCMapStringA
GetStringTypeW
GetVersionExA
CreateFileW
SetFileAttributesW
CreateFileA
GetStringTypeA
EnterCriticalSection
LeaveCriticalSection
GetFileType
RtlLookupFunctionEntry
RtlUnwindEx
RaiseException
RtlPcToFileHeader
RtlFillMemory
GetCurrentThreadId
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
GetModuleFileNameA
HeapFree
HeapAlloc
GetModuleHandleW
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
HeapSize

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

oleaut32

VariantClear
SysFreeString
SysAllocString

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR-x64/Formats/7zxa.dll
.dll windows:4 windows x64 arch:x64

d13f5a2ef917f3051e8fad2a9edab196

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

oleaut32

SysAllocStringByteLen
SysAllocString
VariantClear
SysFreeString

user32

CharUpperW

msvcrt

__dllonexit
??1type_info@@UEAA@XZ
__C_specific_handler
_beginthreadex
memset
memcmp
_onexit
memmove
memcpy
__CxxFrameHandler
free
_CxxThrowException
malloc
_initterm
_purecall
?terminate@@YAXXZ

kernel32

GetSystemInfo
EnterCriticalSection
Sleep
InitializeCriticalSection
ResetEvent
SetEvent
CreateEventW
WaitForSingleObject
CloseHandle
GetLastError
VirtualFree
VirtualAlloc
DeleteCriticalSection
WaitForMultipleObjects
LeaveCriticalSection

Exports

Exports

CreateObject
GetHandlerProperty
GetHandlerProperty2
GetMethodProperty
GetNumberOfFormats
GetNumberOfMethods
SetLargePageMode

Sections

.text
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR-x64/Formats/UNACEV2.DLL
.dll windows:1 windows x86 arch:x86

8390514c40641509cd0941c1fb7588ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

ShellExecuteA
ShellExecuteExA

kernel32

AllocConsole
CloseHandle
CreateDirectoryA
CreateFileA
CreateProcessA
DeleteFileA
DeviceIoControl
DisableThreadLibraryCalls
DosDateTimeToFileTime
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeConsole
GetCommandLineA
GetConsoleCursorInfo
GetConsoleScreenBufferInfo
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFileInformationByHandle
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetSystemTime
GetTempPathA
GetTimeZoneInformation
GetVersion
GetVolumeInformationA
GlobalMemoryStatus
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
LCMapStringA
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
PeekConsoleInputA
ReadConsoleInputA
ReadConsoleOutputAttribute
ReadConsoleOutputA
ReadFile
RemoveDirectoryA
ScrollConsoleScreenBufferA
SearchPathA
SetConsoleCtrlHandler
SetConsoleCursorInfo
SetConsoleCursorPosition
SetConsoleScreenBufferSize
SetConsoleWindowInfo
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetStdHandle
Sleep
SystemTimeToFileTime
TerminateProcess
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteConsoleOutputA
WriteConsoleOutputCharacterA
WriteFile

advapi32

RegCloseKey
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

gdi32

CreateFontA
DeleteObject

user32

CharToOemBuffA
CreateDialogParamA
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
GetDlgItem
GetDlgItemTextA
GetKeyState
GetWindowTextA
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
MessageBeep
MessageBoxA
OemToCharBuffA
PeekMessageA
SendDlgItemMessageA
SetCursor
SetDlgItemTextA
SetFocus
SetTimer
SetWindowTextA
ShowCursor
ShowWindow
TranslateMessage

Exports

Exports

ACEExtract
ACEInitDll
ACEList
ACEReadArchiveData
ACETest
___DllMainCRTStartup@12

Sections

AUTO
Size: 59KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 210KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
App/WinRAR-x64/Formats/ace.fmt
.dll windows:5 windows x64 arch:x64

3dd7080fdae39e89326098df6ce06c2a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\ace\build\64\Release\ace.pdb

Imports

kernel32

LocalFileTimeToFileTime
DosDateTimeToFileTime
GetCurrentDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
CreateProcessA
Sleep
GetTickCount
UnmapViewOfFile
GetModuleFileNameA
MapViewOfFile
CreateFileMappingA
GetCurrentProcessId
SetEndOfFile
ReadFile
SetEnvironmentVariableA
RaiseException
RtlPcToFileHeader
RtlFillMemory
RtlLookupFunctionEntry
RtlUnwindEx
GetLastError
HeapFree
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFileType
HeapAlloc
GetCurrentThreadId
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
HeapSetInformation
HeapCreate
HeapDestroy
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
WideCharToMultiByte
GetModuleHandleW
ExitProcess
WriteFile
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetVersion
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
HeapReAlloc
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
CreateFileA
FlushFileBuffers
CompareStringA
CompareStringW
GetProcessHeap

user32

wsprintfA
OemToCharA

Exports

Exports

Close
Extract
GetComment
GetListItem
GetNextName
Open
Prepare

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR-x64/Formats/ace32loader.exe
.exe windows:5 windows x86 arch:x86

8d6c680dc6e79bf7cb92b3f32d9d19f7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\FormatSrc\ace\build\ace32loader\Release\ace32loader.pdb

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
Sleep
GetTickCount
CreateDirectoryA
GetCurrentDirectoryA
SetCurrentDirectoryA
CloseHandle
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
RaiseException
GetLastError
HeapReAlloc
HeapAlloc
RtlUnwind
HeapFree
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapCreate
VirtualFree
VirtualAlloc
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetModuleHandleA
WideCharToMultiByte
ExitProcess
WriteFile
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersion
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR-x64/Formats/arj.fmt
.dll windows:5 windows x64 arch:x64

4767de227e3159cab860e1f677aaac15

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\arj\build\64\Release\arj.pdb

Imports

kernel32

GetFileAttributesA
SetFileAttributesA
CloseHandle
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateFileA
CreateDirectoryA
HeapAlloc
GetLastError
HeapFree
RtlFillMemory
DeleteFileA
GetCurrentThreadId
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
MultiByteToWideChar
ReadFile
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
Sleep
GetProcAddress
GetModuleHandleW
ExitProcess
GetModuleFileNameA
HeapSetInformation
HeapCreate
HeapDestroy
SetFilePointer
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersion
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
LoadLibraryA
CreateFileW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
HeapSize
GetLocaleInfoA
SetEndOfFile
GetProcessHeap
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

user32

OemToCharA

Exports

Exports

Close
Extract
GetComment
GetListItem
GetNextName
Open
Prepare

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR-x64/Formats/bz2.fmt
.dll windows:5 windows x64 arch:x64

9105736b08efc9f72881ae51c5591f2f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\bzip2\build\64\Release\bz2.pdb

Imports

kernel32

GetProcAddress
GetModuleHandleA
CreateFileA
CloseHandle
GetLastError
SetFilePointer
WriteFile
CreateHardLinkA
GetFullPathNameA
GetFileAttributesA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetFileSize
ReadFile
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFileTime
CreateDirectoryA
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
DeleteFileA
HeapFree
HeapAlloc
RtlFillMemory
GetCurrentThreadId
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
RtlUnwindEx
SetLastError
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
HeapSetInformation
HeapCreate
HeapDestroy
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetModuleHandleW
ExitProcess
GetModuleFileNameA
MultiByteToWideChar
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapReAlloc
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
SetEndOfFile
GetProcessHeap
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR-x64/Formats/cab.fmt
.dll windows:5 windows x64 arch:x64

5a746023ecfac28104f5c941bed4d40d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\cab\build\64\Release\cab.pdb

Imports

kernel32

LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFilePointer
ReadFile
CloseHandle
CreateFileA
HeapAlloc
HeapFree
DeleteFileA
WaitForSingleObject
CreateProcessA
CreateFileW
lstrcmpiA
CreateDirectoryA
SetFileAttributesA
SetFileTime
HeapDestroy
FreeLibrary
HeapCreate
GetProcAddress
GetShortPathNameA
LoadLibraryA
GetLastError
RtlFillMemory
GetCurrentThreadId
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
HeapSetInformation
Sleep
WideCharToMultiByte
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
RtlUnwindEx
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetVersion
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
HeapSize
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
SetEndOfFile
GetProcessHeap

Exports

Exports

Close
Extract
GetListItem
GetNextName
Open
Prepare

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR-x64/Formats/gz.fmt
.dll windows:5 windows x64 arch:x64

375f15741fff5d7d8e296b846ef1f1dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\gz\build\64\Release\gz.pdb

Imports

kernel32

CreateFileA
CreateFileW
GetVersionExA
CloseHandle
GetLastError
SetFilePointer
WriteFile
GetProcAddress
GetModuleHandleA
ReadFile
CreateHardLinkA
GetFullPathNameA
GetFileAttributesA
SetCurrentDirectoryA
GetCurrentDirectoryA
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileTime
SetFileTime
CreateDirectoryA
FileTimeToDosDateTime
FileTimeToLocalFileTime
DeleteFileA
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
HeapFree
HeapReAlloc
HeapAlloc
RtlFillMemory
GetCurrentThreadId
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
RtlUnwindEx
SetLastError
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
HeapSetInformation
HeapCreate
HeapDestroy
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetModuleHandleW
ExitProcess
GetModuleFileNameA
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
FlushFileBuffers
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
SetEndOfFile
GetProcessHeap
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR-x64/Formats/iso.fmt
.dll windows:5 windows x64 arch:x64

4a08fc97c7eb192b3288e92d39a3c9b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\iso\build\64\Release\iso.pdb

Imports

kernel32

CreateFileA
CreateFileW
GetVersionExA
CloseHandle
GetLastError
SetFilePointer
WriteFile
SystemTimeToFileTime
ReadFile
DeleteFileW
SetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
CreateDirectoryW
SetFileAttributesW
GetFileAttributesW
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
HeapFree
HeapAlloc
RtlFillMemory
RtlLookupFunctionEntry
RtlUnwindEx
HeapReAlloc
GetCurrentThreadId
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
SetLastError
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
HeapSetInformation
HeapCreate
HeapDestroy
WideCharToMultiByte
GetProcAddress
GetModuleHandleW
ExitProcess
GetModuleFileNameA
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
RaiseException
RtlPcToFileHeader
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
SetEndOfFile
GetProcessHeap

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR-x64/Formats/lzh.fmt
.dll windows:5 windows x64 arch:x64

8132f36c6235c3b09b77874cbc025972

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\lzh\build\64\Release\lzh.pdb

Imports

kernel32

LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFileAttributesA
CreateDirectoryA
SetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
RtlFillMemory
GetLastError
HeapFree
HeapAlloc
RtlLookupFunctionEntry
RtlUnwindEx
DeleteFileA
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
RaiseException
RtlPcToFileHeader
GetCurrentThreadId
FlsSetValue
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
ReadFile
SetFilePointer
CloseHandle
HeapSetInformation
HeapCreate
HeapDestroy
Sleep
GetProcAddress
GetModuleHandleW
ExitProcess
GetModuleFileNameA
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
GetVersion
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CreateFileW
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
CreateFileA
HeapReAlloc
SetEndOfFile
GetProcessHeap
HeapSize
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

user32

OemToCharA

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR-x64/Formats/tar.fmt
.dll windows:5 windows x64 arch:x64

10cffe81406ba1adbe9cd4edf09a423f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\tar\build\64\Release\tar.pdb

Imports

kernel32

CreateFileA
CreateFileW
GetVersionExA
CloseHandle
GetLastError
SetFilePointer
WriteFile
GetFileSize
GetProcAddress
GetModuleHandleA
ReadFile
CreateHardLinkA
GetFullPathNameA
GetFileAttributesA
SetCurrentDirectoryA
GetCurrentDirectoryA
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFileTime
CreateDirectoryA
FileTimeToDosDateTime
FileTimeToLocalFileTime
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
HeapFree
DeleteFileA
HeapAlloc
RtlFillMemory
GetCurrentThreadId
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
RtlUnwindEx
SetLastError
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
HeapSetInformation
HeapCreate
HeapDestroy
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetModuleHandleW
ExitProcess
GetModuleFileNameA
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapReAlloc
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
FlushFileBuffers
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
SetEndOfFile
GetProcessHeap
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR-x64/Formats/uue.fmt
.dll windows:5 windows x64 arch:x64

086007e3c8de93226bc5d5435305297a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\uue\build\64\Release\uue.pdb

Imports

kernel32

CreateFileA
CreateFileW
CloseHandle
GetLastError
SetFilePointer
WriteFile
ReadFile
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
RtlFillMemory
RtlCompareMemory
GetCurrentThreadId
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
RtlUnwindEx
SetLastError
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
HeapFree
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
GetProcAddress
GetModuleHandleW
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapAlloc
HeapReAlloc
FlushFileBuffers
MultiByteToWideChar
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
HeapSize
SetEndOfFile
GetProcessHeap
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 674B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR-x64/Formats/z.fmt
.dll windows:5 windows x64 arch:x64

a551c60d2f21b3f9bdc7ec5cee2cf4fb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\Z\build\64\Release\z.pdb

Imports

kernel32

CreateFileA
CreateFileW
GetVersionExA
CloseHandle
GetLastError
SetFilePointer
WriteFile
GetProcAddress
GetModuleHandleA
ReadFile
CreateHardLinkA
GetFullPathNameA
GetFileAttributesA
SetCurrentDirectoryA
GetCurrentDirectoryA
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFileTime
CreateDirectoryA
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileTime
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
HeapReAlloc
HeapFree
DeleteFileA
HeapAlloc
RtlFillMemory
GetCurrentThreadId
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
RtlUnwindEx
SetLastError
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
HeapSetInformation
HeapCreate
HeapDestroy
GetModuleHandleW
ExitProcess
GetModuleFileNameA
FlushFileBuffers
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
SetEndOfFile
GetProcessHeap
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 437KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR-x64/License.txt
App/WinRAR-x64/Rar.exe
.exe windows:5 windows x64 arch:x64

6418d4051bbcfdf5199e8bfc4bfde292

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\Projects\WinRAR\rar\build\rar64\Release\RAR.pdb

Imports

kernel32

GetLastError
GetCurrentDirectoryW
CloseHandle
GetCurrentProcess
CreateFileW
BackupRead
BackupSeek
SetFileTime
MoveFileW
FlushFileBuffers
SetFilePointer
SetEndOfFile
GetFileTime
GetFileType
CreateFileA
ReadFile
WriteFile
GetDriveTypeA
GetDiskFreeSpaceA
GetVolumeInformationA
GetFileAttributesA
GetFileAttributesW
SetFileAttributesA
SetFileAttributesW
MoveFileA
DeleteFileA
DeleteFileW
RemoveDirectoryA
RemoveDirectoryW
DeviceIoControl
CreateDirectoryA
CreateDirectoryW
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
GetVersionExW
CreateThread
FormatMessageW
GetProcessAffinityMask
WaitForSingleObject
SetEvent
ResetEvent
WaitForMultipleObjects
CreateEventW
GetFullPathNameA
GetFullPathNameW
GetModuleFileNameA
GetModuleFileNameW
SetErrorMode
FreeLibrary
LoadLibraryW
LoadLibraryExW
CompareStringA
SetThreadPriority
GetCurrentThread
SetPriorityClass
SetCurrentDirectoryA
GetCurrentDirectoryA
LocalFileTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetEnvironmentVariableA
GetLocaleInfoA
LocalFree
SetConsoleCtrlHandler
Sleep
GetTickCount
GetSystemTime
SystemTimeToFileTime
GetStdHandle
GetConsoleMode
SetConsoleMode
ReadConsoleW
SetLastError
GetModuleHandleW
ExitThread
GetProcAddress
GetStringTypeW
GetStringTypeA
GetConsoleCP
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
HeapFree
HeapReAlloc
HeapAlloc
RtlFillMemory
RtlLookupFunctionEntry
RtlUnwindEx
RtlCompareMemory
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
HeapCreate
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
GetCurrentThreadId
FlsAlloc
RaiseException
RtlPcToFileHeader
GetACP
GetOEMCP
IsValidCodePage
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapSize
LoadLibraryA
GetVersion
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount

user32

CharLowerW
ExitWindowsEx
CharUpperA
CharLowerA
CharUpperW
CharToOemBuffW
OemToCharBuffW
CharToOemA
CharToOemBuffA
OemToCharA
OemToCharBuffA
LoadStringW

advapi32

RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetFileSecurityW
GetFileSecurityA
GetSecurityDescriptorLength
SetFileSecurityW
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW

shell32

SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHFileOperationW

Sections

.text
Size: 311KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR-x64/Rar.txt
App/WinRAR-x64/RarFiles.lst
App/WinRAR-x64/ReadMe.txt
App/WinRAR-x64/TechNote.txt
.vbs
App/WinRAR-x64/UnRAR.exe
.exe windows:5 windows x64 arch:x64

5378db51194850435d2ba2fbb8b530a4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\Projects\WinRAR\rar\build\unrar64\Release\UnRAR.pdb

Imports

kernel32

GetCurrentProcess
SetFileTime
MoveFileW
FlushFileBuffers
SetFilePointer
SetEndOfFile
GetFileType
CreateFileA
CreateFileW
ReadFile
SetLastError
WriteFile
GetDriveTypeA
GetDiskFreeSpaceA
GetProcAddress
GetModuleHandleW
GetFileAttributesA
GetFileAttributesW
SetFileAttributesA
SetFileAttributesW
MoveFileA
DeleteFileA
DeleteFileW
DeviceIoControl
CreateDirectoryA
CreateDirectoryW
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
GetVersionExW
CloseHandle
GetModuleFileNameA
GetModuleFileNameW
SetErrorMode
FreeLibrary
LoadLibraryW
LoadLibraryExW
CompareStringA
SetThreadPriority
GetCurrentThread
SetPriorityClass
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemTime
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetEnvironmentVariableA
GetLocaleInfoA
GetCurrentDirectoryW
ReadConsoleW
GetLastError
FormatMessageW
LocalFree
SetConsoleCtrlHandler
Sleep
GetStdHandle
GetConsoleMode
SetConsoleMode
GetFullPathNameA
GetStringTypeW
GetStringTypeA
GetConsoleCP
GetCurrentProcessId
GetTickCount
RtlLookupFunctionEntry
RtlUnwindEx
HeapAlloc
HeapFree
HeapReAlloc
RtlFillMemory
RtlCompareMemory
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
GetCurrentThreadId
FlsAlloc
RaiseException
RtlPcToFileHeader
HeapSetInformation
HeapCreate
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
GetACP
GetOEMCP
IsValidCodePage
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapSize
LoadLibraryA
GetVersion
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
QueryPerformanceCounter

user32

CharLowerW
ExitWindowsEx
CharUpperA
LoadStringW
CharUpperW
CharToOemBuffW
OemToCharBuffW
CharToOemA
OemToCharA
OemToCharBuffA
CharLowerA

advapi32

LookupPrivilegeValueW
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
SetFileSecurityW
SetFileSecurityA
OpenProcessToken
AdjustTokenPrivileges

shell32

SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

Sections

.text
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR-x64/UnrarSrc.txt
App/WinRAR-x64/WhatsNew.txt
App/WinRAR-x64/WinCon.SFX
.exe windows:5 windows x86 arch:x86

d664338ea009589942dd6aacfe0873b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\rar\build\sfxcon32\Release\sfxcon.pdb

Imports

kernel32

GetLastError
GetCurrentProcess
SetFileTime
MoveFileW
SetFilePointer
SetEndOfFile
GetFileType
CreateFileA
CreateFileW
ReadFile
WriteFile
GetDriveTypeA
GetFileAttributesA
GetFileAttributesW
SetFileAttributesA
SetFileAttributesW
DeleteFileA
DeleteFileW
CreateDirectoryA
CreateDirectoryW
FindClose
FindNextFileA
FindFirstFileA
CloseHandle
FindFirstFileW
GetVersionExW
GetCommandLineA
SetErrorMode
GetModuleFileNameW
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
CompareStringA
ExitProcess
GetProcAddress
GetModuleHandleW
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemTime
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
Sleep
GetStdHandle
GetConsoleMode
SetConsoleMode
FindNextFileW
ReadConsoleW

user32

CharUpperW
LoadStringW
CharToOemBuffA
CharUpperA
wvsprintfW
CharToOemBuffW
OemToCharBuffW
wvsprintfA
CharToOemA
OemToCharBuffA
OemToCharA

advapi32

LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityA
SetFileSecurityW
AdjustTokenPrivileges

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
App/WinRAR-x64/WinCon64.SFX
.exe windows:5 windows x64 arch:x64

d664338ea009589942dd6aacfe0873b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\Projects\WinRAR\rar\build\sfxcon64\Release\sfxcon.pdb

Imports

kernel32

GetLastError
GetCurrentProcess
SetFileTime
MoveFileW
SetFilePointer
SetEndOfFile
GetFileType
CreateFileA
CreateFileW
ReadFile
WriteFile
GetDriveTypeA
GetFileAttributesA
GetFileAttributesW
SetFileAttributesA
SetFileAttributesW
DeleteFileA
DeleteFileW
CreateDirectoryA
CreateDirectoryW
FindClose
FindNextFileA
FindFirstFileA
CloseHandle
FindFirstFileW
GetVersionExW
GetCommandLineA
SetErrorMode
GetModuleFileNameW
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
CompareStringA
ExitProcess
GetProcAddress
GetModuleHandleW
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemTime
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
Sleep
GetStdHandle
GetConsoleMode
SetConsoleMode
FindNextFileW
ReadConsoleW

user32

CharUpperW
LoadStringW
CharToOemBuffA
CharUpperA
wvsprintfW
CharToOemBuffW
OemToCharBuffW
wvsprintfA
CharToOemA
OemToCharBuffA
OemToCharA

advapi32

LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityA
SetFileSecurityW
AdjustTokenPrivileges

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
App/WinRAR-x64/WinRAR.chm
.chm
App/WinRAR-x64/WinRAR.exe
.exe windows:5 windows x64 arch:x64

b270a3855a4edc5514963773315000b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\Projects\WinRAR\build\winrar64\Release\WinRAR.pdb

Imports

comctl32

InitCommonControlsEx
ImageList_ReplaceIcon
ord8
CreateStatusWindowW
ImageList_Destroy
ImageList_Create
ImageList_Remove
ImageList_Add
ImageList_AddMasked
PropertySheetW

shlwapi

SHAutoComplete

kernel32

WriteFile
GetDriveTypeA
GetDiskFreeSpaceA
GetVolumeInformationA
GetFileAttributesA
SetFileAttributesA
SetFileAttributesW
MoveFileA
DeleteFileW
DeleteFileA
RemoveDirectoryA
RemoveDirectoryW
DeviceIoControl
CreateDirectoryA
CreateDirectoryW
GetCurrentDirectoryA
ExpandEnvironmentStringsW
FindNextFileA
FindFirstFileA
GetDiskFreeSpaceW
Sleep
GetVersionExW
CompareFileTime
FindCloseChangeNotification
FindFirstChangeNotificationW
GetLocaleInfoW
GetNumberFormatW
CreateThread
ExitThread
GetProcessAffinityMask
SetEvent
ResetEvent
WaitForMultipleObjects
CreateEventW
GetFullPathNameA
GetFullPathNameW
GetModuleFileNameA
GetCompressedFileSizeW
FindResourceW
SizeofResource
LoadResource
LoadLibraryExW
UpdateResourceW
EnumResourceLanguagesW
EndUpdateResourceW
EnumResourceNamesW
BeginUpdateResourceW
CompareStringA
SetThreadPriority
GetCurrentThread
SetPriorityClass
SetCurrentDirectoryA
WideCharToMultiByte
CompareStringW
IsDBCSLeadByte
GetCPInfo
GlobalMemoryStatus
GetVolumeInformationW
GetLogicalDrives
SetCurrentDirectoryW
ResumeThread
SuspendThread
GetStdHandle
GetDateFormatA
GetTimeFormatA
GetLocalTime
GetThreadPriority
GetPriorityClass
SetErrorMode
GetCommandLineW
GetCurrentProcessId
MulDiv
FindNextChangeNotification
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
GetVersion
HeapSize
GetConsoleMode
GetConsoleCP
DeleteCriticalSection
SetHandleCount
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
DecodePointer
EncodePointer
HeapCreate
HeapSetInformation
ExitProcess
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
GetCommandLineA
LeaveCriticalSection
EnterCriticalSection
SetStdHandle
RtlPcToFileHeader
RaiseException
RtlCompareMemory
RtlFillMemory
RtlUnwindEx
RtlLookupFunctionEntry
HeapReAlloc
HeapFree
HeapAlloc
ReadFile
CreateFileA
GetFileType
GetFileTime
SetFilePointer
FlushFileBuffers
SetEndOfFile
SetFileTime
BackupSeek
BackupRead
CreateFileW
GetCurrentProcess
GetCurrentDirectoryW
FormatMessageW
LocalFree
CreateMutexW
ReleaseMutex
GetProcessHeap
GetLastError
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
MultiByteToWideChar
GetVersionExA
GetTickCount
GetSystemTime
SystemTimeToFileTime
CreateFileMappingW
WaitForSingleObject
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetTempPathW
MoveFileW
GetModuleFileNameW
FindNextFileW
LoadLibraryW
CopyFileW
GetCurrentThreadId
FreeLibrary
LocalFileTimeToFileTime
GetTempPathA
ExpandEnvironmentStringsA
GetDriveTypeW
FileTimeToDosDateTime
SetLastError
FindFirstFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTimeFormatW
GetDateFormatW
FindClose
DosDateTimeToFileTime
GetFileAttributesW
GetModuleHandleW
GetProcAddress
SetEnvironmentVariableA
GetSystemTimeAsFileTime

user32

GetClipboardData
GetMenuItemID
SetMenu
InsertMenuW
LoadMenuW
PostQuitMessage
RegisterClassW
LoadAcceleratorsW
GetMenuState
GetIconInfo
CreateIconIndirect
TranslateAcceleratorW
IsDialogMessageW
SetPropW
FindWindowW
GetForegroundWindow
RegisterWindowMessageW
FindWindowExW
EnumWindows
CreateIcon
GetDlgItemTextA
SetDlgItemTextA
FlashWindow
ValidateRect
GetSysColor
CopyImage
FillRect
ExitWindowsEx
CharUpperA
CharLowerA
DrawIconEx
LoadStringW
GetWindow
SetMenuItemInfoW
GetLastActivePopup
SetWindowLongW
RedrawWindow
GetComboBoxInfo
IsCharUpperW
IsCharAlphaW
CharLowerW
OpenClipboard
EmptyClipboard
SetClipboardData
CharToOemA
CloseClipboard
MessageBeep
PeekMessageW
CharUpperW
GetFocus
SetForegroundWindow
EnableMenuItem
MoveWindow
LoadBitmapW
InsertMenuItemW
SetTimer
KillTimer
GetClientRect
UpdateWindow
LoadImageW
BeginPaint
EndPaint
IsWindow
SetWindowTextW
GetWindowTextLengthW
AppendMenuW
DrawMenuBar
GetMenu
GetSubMenu
DeleteMenu
DispatchMessageW
IsChild
PostThreadMessageW
CreateDialogParamW
SetScrollPos
ScrollWindowEx
PtInRect
LoadIconW
SetScrollRange
GetDialogBaseUnits
CreateDialogIndirectParamW
GetSystemMenu
BringWindowToTop
SetWindowPlacement
GetPropW
RemovePropW
GetMessageW
TranslateMessage
GetWindowLongW
SendMessageW
SetFocus
CreateWindowExW
DestroyWindow
GetWindowTextW
DefWindowProcW
SetDlgItemTextW
GetMenuItemCount
GetMenuItemInfoW
CharToOemBuffW
ScreenToClient
ClientToScreen
CreatePopupMenu
SetWindowLongPtrW
TrackPopupMenu
DestroyMenu
CallWindowProcW
RegisterClipboardFormatW
GetKeyState
LoadCursorW
SetCursor
WindowFromPoint
GetWindowThreadProcessId
GetDC
ReleaseDC
GetDesktopWindow
GetCursorPos
GetMonitorInfoW
GetWindowLongPtrW
ShowWindow
EnableWindow
IntersectRect
IsIconic
GetWindowPlacement
GetSystemMetrics
IsWindowEnabled
SetDlgItemInt
GetDlgItemInt
IsDlgButtonChecked
EnumChildWindows
GetClassNameW
GetWindowRect
MapWindowPoints
SetWindowPos
InvalidateRect
GetParent
CheckDlgButton
PostMessageW
MessageBoxW
IsWindowVisible
OemToCharBuffA
CharToOemBuffA
DialogBoxParamW
SendDlgItemMessageW
DestroyIcon
GetDlgItem
OemToCharA
GetDlgItemTextW
EndDialog
CheckMenuItem

gdi32

GetDeviceCaps
LineTo
MoveToEx
DPtoLP
SetPixel
CreatePatternBrush
TextOutA
StretchBlt
GetMapMode
SetMapMode
Rectangle
CreateCompatibleBitmap
GetTextExtentPoint32W
SetBkColor
ExtTextOutW
BitBlt
GetObjectW
CreateCompatibleDC
GetPixel
DeleteDC
CreatePen
CreateSolidBrush
SetTextColor
TextOutW
Polygon
Polyline
SelectObject
GetTextFaceW
GetTextMetricsW
CreateFontW
CreateBitmap
DeleteObject

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
ChooseFontW

advapi32

LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityA
SetFileSecurityW
GetSecurityDescriptorLength
GetFileSecurityA
GetFileSecurityW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
IsTextUnicode
RegEnumValueW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
AdjustTokenPrivileges

shell32

SHGetFileInfoW
SHGetSpecialFolderLocation
FindExecutableW
DragFinish
DragQueryFileW
DragAcceptFiles
Shell_NotifyIconW
ShellExecuteW
SHGetPathFromIDListA
SHFileOperationW
ShellExecuteExW
SHGetMalloc
SHBrowseForFolderW
SHChangeNotify
SHGetDesktopFolder
SHGetPathFromIDListW

ole32

OleUninitialize
OleInitialize
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
OleSetClipboard
DoDragDrop
CoInitializeEx

Sections

.text
Size: 761KB - Virtual size: 760KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR-x64/Zip.SFX
.exe windows:5 windows x86 arch:x86

ececc473fe0400492818c3054a72770e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\SFX\build\sfxzip32\Release\sfxzip.pdb

Imports

comctl32

InitCommonControlsEx
ord17

shlwapi

SHAutoComplete

kernel32

SetFileAttributesA
SetFileAttributesW
MoveFileW
DeleteFileW
DeleteFileA
CreateDirectoryA
CreateDirectoryW
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
GetTickCount
WideCharToMultiByte
GlobalAlloc
GetVersionExW
GetFullPathNameA
GetFullPathNameW
GetModuleFileNameW
FindResourceW
GetModuleHandleW
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
CompareStringA
ExitProcess
GetLocaleInfoW
GetFileAttributesW
DosDateTimeToFileTime
GetDateFormatW
GetTimeFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
WaitForSingleObject
Sleep
GetTempPathW
MoveFileExW
UnmapViewOfFile
GetCommandLineW
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
SetEnvironmentVariableW
GetProcAddress
LocalFileTimeToFileTime
SystemTimeToFileTime
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
SetCurrentDirectoryW
GetCurrentDirectoryW
LoadLibraryW
FreeLibrary
GetFileAttributesA
WriteFile
SetFileTime
GetStdHandle
SetLastError
ReadFile
CreateFileW
CreateFileA
GetFileType
SetFilePointer
CloseHandle
SetEndOfFile
GetLastError
GetNumberFormatW

user32

CharUpperA
OemToCharBuffA
wvsprintfA
wvsprintfW
ReleaseDC
GetDC
SendMessageW
SetDlgItemTextW
SetFocus
EndDialog
DestroyIcon
SendDlgItemMessageW
GetDlgItemTextW
GetClassNameW
DialogBoxParamW
IsWindowVisible
WaitForInputIdle
SetForegroundWindow
GetSysColor
PostMessageW
LoadBitmapW
CharToOemBuffA
CharToOemA
OemToCharA
FindWindowExW
UpdateWindow
SetWindowTextW
LoadCursorW
RegisterClassExW
SetWindowLongW
GetWindowLongW
DefWindowProcW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
GetClientRect
IsWindow
MessageBoxW
ShowWindow
GetDlgItem
EnableWindow
LoadStringW
SetWindowPos
GetWindowTextW
GetSystemMetrics
GetWindow
CharUpperW
GetWindowRect
GetParent
MapWindowPoints
LoadIconW
CreateWindowExW
CopyRect

gdi32

CreateCompatibleDC
GetDeviceCaps
GetObjectW
CreateCompatibleBitmap
SelectObject
StretchBlt
DeleteObject
DeleteDC

advapi32

RegCloseKey
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW

shell32

SHChangeNotify
ShellExecuteExW
SHFileOperationW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

CreateStreamOnHGlobal
OleInitialize
CoCreateInstance
OleUninitialize
CLSIDFromString

oleaut32

VariantInit

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
App/WinRAR-x64/Zip64.SFX
.exe windows:5 windows x64 arch:x64

dfe98f9b8e5a8d134cc697c1c0f3be22

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\Projects\WinRAR\SFX\build\sfxzip64\Release\sfxzip.pdb

Imports

comctl32

InitCommonControlsEx
ord17

shlwapi

SHAutoComplete

kernel32

SetFileAttributesA
SetFileAttributesW
MoveFileW
DeleteFileW
DeleteFileA
CreateDirectoryA
CreateDirectoryW
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
GetTickCount
WideCharToMultiByte
GlobalAlloc
GetVersionExW
GetFullPathNameA
GetFullPathNameW
GetModuleFileNameW
FindResourceW
GetModuleHandleW
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
CompareStringA
ExitProcess
GetLocaleInfoW
GetFileAttributesW
DosDateTimeToFileTime
GetDateFormatW
GetTimeFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
WaitForSingleObject
Sleep
GetTempPathW
MoveFileExW
UnmapViewOfFile
GetCommandLineW
MapViewOfFile
CreateFileMappingW
SetEnvironmentVariableW
OpenFileMappingW
GetProcAddress
LocalFileTimeToFileTime
SystemTimeToFileTime
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
SetCurrentDirectoryW
GetCurrentDirectoryW
LoadLibraryW
FreeLibrary
GetFileAttributesA
WriteFile
SetFileTime
GetStdHandle
ReadFile
SetLastError
CreateFileW
CreateFileA
GetFileType
SetFilePointer
CloseHandle
SetEndOfFile
GetLastError
GetNumberFormatW

user32

LoadStringW
CharToOemBuffA
CharUpperA
OemToCharBuffA
wvsprintfA
wvsprintfW
ReleaseDC
GetDC
SendMessageW
SetDlgItemTextW
SetFocus
EndDialog
DestroyIcon
SendDlgItemMessageW
GetDlgItemTextW
GetClassNameW
DialogBoxParamW
IsWindowVisible
WaitForInputIdle
SetForegroundWindow
GetSysColor
PostMessageW
SetWindowPos
LoadIconW
CharToOemA
OemToCharA
FindWindowExW
UpdateWindow
SetWindowTextW
LoadCursorW
RegisterClassExW
SetWindowLongPtrW
GetWindowLongPtrW
DefWindowProcW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
CopyRect
IsWindow
MessageBoxW
ShowWindow
GetDlgItem
EnableWindow
GetWindowTextW
GetSystemMetrics
GetWindow
GetWindowLongW
SetWindowLongW
CharUpperW
GetWindowRect
GetParent
MapWindowPoints
LoadBitmapW
CreateWindowExW
GetClientRect

gdi32

CreateCompatibleDC
GetDeviceCaps
GetObjectW
CreateCompatibleBitmap
SelectObject
StretchBlt
DeleteObject
DeleteDC

advapi32

RegCloseKey
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW

shell32

SHChangeNotify
ShellExecuteExW
SHFileOperationW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

CreateStreamOnHGlobal
OleInitialize
CoCreateInstance
OleUninitialize
CLSIDFromString

oleaut32

VariantInit

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
App/WinRAR/Default.SFX
.exe windows:5 windows x86 arch:x86

93ff054b805e17efd7f7ae1730680391

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\SFX\build\sfxrar32\Release\sfxrar.pdb

Imports

comctl32

InitCommonControlsEx
ord17

shlwapi

SHAutoComplete

kernel32

DeleteFileW
DeleteFileA
CreateDirectoryA
CreateDirectoryW
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
GetTickCount
WideCharToMultiByte
GlobalAlloc
GetVersionExW
GetFullPathNameA
GetFullPathNameW
GetModuleFileNameW
FindResourceW
GetModuleHandleW
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
CompareStringA
ExitProcess
GetLocaleInfoW
GetNumberFormatW
DosDateTimeToFileTime
GetTimeFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
WaitForSingleObject
Sleep
GetTempPathW
MoveFileExW
UnmapViewOfFile
GetCommandLineW
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
SetEnvironmentVariableW
GetProcAddress
LocalFileTimeToFileTime
SystemTimeToFileTime
GetSystemTime
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
SetCurrentDirectoryW
GetCurrentDirectoryW
LoadLibraryW
FreeLibrary
SetFileAttributesW
SetFileAttributesA
GetFileAttributesW
GetFileAttributesA
WriteFile
GetStdHandle
SetLastError
ReadFile
CreateFileW
CreateFileA
GetFileType
SetEndOfFile
SetFilePointer
MoveFileW
SetFileTime
GetCurrentProcess
CloseHandle
GetLastError
GetDateFormatW

user32

wvsprintfW
ReleaseDC
GetDC
SendMessageW
SetDlgItemTextW
SetFocus
EndDialog
DestroyIcon
SendDlgItemMessageW
GetDlgItemTextW
GetClassNameW
DialogBoxParamW
IsWindowVisible
WaitForInputIdle
SetForegroundWindow
GetSysColor
PostMessageW
LoadBitmapW
LoadIconW
CharToOemA
OemToCharA
FindWindowExW
wvsprintfA
GetParent
MapWindowPoints
CreateWindowExW
UpdateWindow
SetWindowTextW
LoadCursorW
RegisterClassExW
SetWindowLongW
GetWindowLongW
DefWindowProcW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
GetClientRect
IsWindow
CharToOemBuffW
MessageBoxW
ShowWindow
GetDlgItem
EnableWindow
OemToCharBuffA
CharUpperA
CharToOemBuffA
LoadStringW
SetWindowPos
GetWindowTextW
GetSystemMetrics
GetWindow
CharUpperW
GetWindowRect
CopyRect

gdi32

GetDeviceCaps
GetObjectW
CreateCompatibleBitmap
SelectObject
StretchBlt
CreateCompatibleDC
DeleteObject
DeleteDC

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

advapi32

RegOpenKeyExW
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
SetFileSecurityW
SetFileSecurityA
AdjustTokenPrivileges

shell32

SHChangeNotify
ShellExecuteExW
SHFileOperationW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

CreateStreamOnHGlobal
OleInitialize
CoCreateInstance
OleUninitialize
CLSIDFromString

oleaut32

VariantInit

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
App/WinRAR/Descript.ion
App/WinRAR/File_Id.diz
App/WinRAR/Formats/7z.fmt
.dll windows:5 windows x86 arch:x86

810ff85253ea0da9e4270285b177dcc2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\7z\build\32\Release\7z.pdb

Imports

kernel32

GetLastError
SetFilePointer
WriteFile
ReadFile
CompareStringA
MultiByteToWideChar
WideCharToMultiByte
CompareStringW
FreeLibrary
LoadLibraryA
AreFileApisANSI
LoadLibraryW
SetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
SetFileAttributesA
RemoveDirectoryA
CreateDirectoryA
CloseHandle
RemoveDirectoryW
CreateDirectoryW
FindClose
FindFirstFileA
FindFirstFileW
SetLastError
GetFileSize
SetEndOfFile
GetProcAddress
lstrcmpiW
GetModuleFileNameW
LCMapStringW
LCMapStringA
GetStringTypeW
GetVersionExA
CreateFileW
SetFileAttributesW
CreateFileA
GetStringTypeA
EnterCriticalSection
LeaveCriticalSection
GetFileType
RtlUnwind
RaiseException
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameA
HeapFree
HeapAlloc
GetModuleHandleA
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
VirtualAlloc
HeapSize

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

oleaut32

VariantClear
SysFreeString
SysAllocString

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR/Formats/7zxa.dll
.dll windows:4 windows x86 arch:x86

961ffb8f71d3099e6afd08b41dae82e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

SysAllocString
VariantClear
SysFreeString
SysAllocStringByteLen

user32

CharUpperA
CharUpperW

kernel32

GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
GetLastError
GetSystemInfo
GetProcAddress
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
WaitForMultipleObjects
GetVersionExA
DeleteCriticalSection
VirtualAlloc
VirtualFree
CloseHandle
WaitForSingleObject
CreateEventA
SetEvent
ResetEvent
InitializeCriticalSection
HeapAlloc
RaiseException
HeapFree
RtlUnwind
HeapReAlloc
CreateThread
GetCurrentThreadId
TlsSetValue
TlsGetValue
ExitThread
GetCommandLineA
GetVersion
ExitProcess
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
IsBadWritePtr
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
SetLastError
TerminateProcess
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
LCMapStringA
LCMapStringW
GetStringTypeA

Exports

Exports

CreateObject
GetHandlerProperty
GetHandlerProperty2
GetMethodProperty
GetNumberOfFormats
GetNumberOfMethods
SetLargePageMode

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR/Formats/UNACEV2.DLL
.dll windows:1 windows x86 arch:x86

8390514c40641509cd0941c1fb7588ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

ShellExecuteA
ShellExecuteExA

kernel32

AllocConsole
CloseHandle
CreateDirectoryA
CreateFileA
CreateProcessA
DeleteFileA
DeviceIoControl
DisableThreadLibraryCalls
DosDateTimeToFileTime
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeConsole
GetCommandLineA
GetConsoleCursorInfo
GetConsoleScreenBufferInfo
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFileInformationByHandle
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetSystemTime
GetTempPathA
GetTimeZoneInformation
GetVersion
GetVolumeInformationA
GlobalMemoryStatus
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
LCMapStringA
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
PeekConsoleInputA
ReadConsoleInputA
ReadConsoleOutputAttribute
ReadConsoleOutputA
ReadFile
RemoveDirectoryA
ScrollConsoleScreenBufferA
SearchPathA
SetConsoleCtrlHandler
SetConsoleCursorInfo
SetConsoleCursorPosition
SetConsoleScreenBufferSize
SetConsoleWindowInfo
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetStdHandle
Sleep
SystemTimeToFileTime
TerminateProcess
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteConsoleOutputA
WriteConsoleOutputCharacterA
WriteFile

advapi32

RegCloseKey
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

gdi32

CreateFontA
DeleteObject

user32

CharToOemBuffA
CreateDialogParamA
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
GetDlgItem
GetDlgItemTextA
GetKeyState
GetWindowTextA
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
MessageBeep
MessageBoxA
OemToCharBuffA
PeekMessageA
SendDlgItemMessageA
SetCursor
SetDlgItemTextA
SetFocus
SetTimer
SetWindowTextA
ShowCursor
ShowWindow
TranslateMessage

Exports

Exports

ACEExtract
ACEInitDll
ACEList
ACEReadArchiveData
ACETest
___DllMainCRTStartup@12

Sections

AUTO
Size: 59KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 210KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
App/WinRAR/Formats/ace.fmt
.dll windows:5 windows x86 arch:x86

03ee27585fbe4280f8bce8f0a2a3c262

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\ace\build\32\Release\ace.pdb

Imports

kernel32

LocalFileTimeToFileTime
DosDateTimeToFileTime
GetCurrentDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
SetEndOfFile
ReadFile
RaiseException
GetLastError
HeapFree
HeapAlloc
RtlUnwind
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFileType
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetModuleHandleA
Sleep
WideCharToMultiByte
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetStdHandle
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersion
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
CreateFileA
CloseHandle
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProcessHeap

user32

OemToCharA

Exports

Exports

Close
Extract
GetComment
GetListItem
GetNextName
Open
Prepare

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR/Formats/arj.fmt
.dll windows:5 windows x86 arch:x86

1e364ee23def5d605ef85e53a4bded2d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\arj\build\32\Release\arj.pdb

Imports

kernel32

GetFileAttributesA
SetFileAttributesA
CloseHandle
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateFileA
CreateDirectoryA
HeapAlloc
GetLastError
HeapFree
DeleteFileA
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
MultiByteToWideChar
ReadFile
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
HeapDestroy
GetModuleHandleA
Sleep
GetProcAddress
GetModuleHandleW
ExitProcess
GetModuleFileNameA
SetFilePointer
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersion
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
LoadLibraryA
CreateFileW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
SetEndOfFile
GetProcessHeap
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

user32

OemToCharA

Exports

Exports

Close
Extract
GetComment
GetListItem
GetNextName
Open
Prepare

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR/Formats/bz2.fmt
.dll windows:5 windows x86 arch:x86

a571b72321514a15e5ef913d5ddebafb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\bzip2\build\32\Release\bz2.pdb

Imports

kernel32

GetProcAddress
GetModuleHandleA
CreateFileA
CloseHandle
GetLastError
SetFilePointer
WriteFile
CreateHardLinkA
GetFullPathNameA
GetFileAttributesA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetFileSize
ReadFile
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFileTime
CreateDirectoryA
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
DeleteFileA
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
SetLastError
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
RtlUnwind
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetModuleHandleW
ExitProcess
GetModuleFileNameA
MultiByteToWideChar
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
SetEndOfFile
GetProcessHeap
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR/Formats/cab.fmt
.dll windows:5 windows x86 arch:x86

18a24461d3867eae573f22f70e5bc4cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\cab\build\32\Release\cab.pdb

Imports

kernel32

LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFilePointer
ReadFile
CloseHandle
CreateFileA
HeapAlloc
HeapFree
DeleteFileA
WaitForSingleObject
CreateProcessA
CreateFileW
lstrcmpiA
SetFileAttributesA
SetFileTime
CreateDirectoryA
HeapDestroy
FreeLibrary
HeapCreate
GetProcAddress
GetShortPathNameA
LoadLibraryA
GetLastError
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetModuleHandleA
Sleep
WideCharToMultiByte
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersion
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
SetEndOfFile
GetProcessHeap

Exports

Exports

Close
Extract
GetListItem
GetNextName
Open
Prepare

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR/Formats/gz.fmt
.dll windows:5 windows x86 arch:x86

a5558bec30dbda6969f609ece32f46dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\gz\build\32\Release\gz.pdb

Imports

kernel32

CreateFileA
CreateFileW
GetVersionExA
CloseHandle
GetLastError
SetFilePointer
WriteFile
GetProcAddress
GetModuleHandleA
ReadFile
CreateHardLinkA
GetFullPathNameA
GetFileAttributesA
SetCurrentDirectoryA
GetCurrentDirectoryA
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileTime
SetFileTime
CreateDirectoryA
FileTimeToDosDateTime
FileTimeToLocalFileTime
DeleteFileA
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
HeapFree
HeapReAlloc
HeapAlloc
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
SetLastError
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetModuleHandleW
ExitProcess
GetModuleFileNameA
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
FlushFileBuffers
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
SetEndOfFile
GetProcessHeap
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR/Formats/iso.fmt
.dll windows:5 windows x86 arch:x86

abfb7f92f2f56435c1982b30abece301

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\iso\build\32\Release\iso.pdb

Imports

kernel32

CreateFileA
CreateFileW
GetVersionExA
CloseHandle
GetLastError
SetFilePointer
WriteFile
SystemTimeToFileTime
ReadFile
DeleteFileW
SetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
CreateDirectoryW
SetFileAttributesW
GetFileAttributesW
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
HeapFree
HeapAlloc
RtlUnwind
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
SetLastError
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
GetModuleHandleA
WideCharToMultiByte
GetProcAddress
GetModuleHandleW
ExitProcess
GetModuleFileNameA
GetConsoleCP
GetConsoleMode
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
SetEndOfFile
GetProcessHeap

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR/Formats/lzh.fmt
.dll windows:5 windows x86 arch:x86

d1fafdeb635fd965ec8877edeb363ff6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\lzh\build\32\Release\lzh.pdb

Imports

kernel32

LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFileAttributesA
CreateDirectoryA
SetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetLastError
HeapFree
HeapAlloc
RtlUnwind
DeleteFileA
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
RaiseException
GetCurrentThreadId
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
ReadFile
SetFilePointer
CloseHandle
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
GetModuleHandleA
Sleep
GetProcAddress
GetModuleHandleW
ExitProcess
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetVersion
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CreateFileW
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
CreateFileA
SetEndOfFile
GetProcessHeap
HeapSize
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

user32

OemToCharA

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR/Formats/tar.fmt
.dll windows:5 windows x86 arch:x86

5cba4bbbe1a10a51c0adbfce2eea3e54

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\tar\build\32\Release\tar.pdb

Imports

kernel32

CreateFileA
CreateFileW
GetVersionExA
CloseHandle
GetLastError
SetFilePointer
WriteFile
GetFileSize
GetProcAddress
GetModuleHandleA
ReadFile
CreateHardLinkA
GetFullPathNameA
GetFileAttributesA
SetCurrentDirectoryA
GetCurrentDirectoryA
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFileTime
CreateDirectoryA
FileTimeToDosDateTime
FileTimeToLocalFileTime
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
HeapFree
DeleteFileA
HeapAlloc
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
SetLastError
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
RtlUnwind
GetModuleHandleW
ExitProcess
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
FlushFileBuffers
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
SetEndOfFile
GetProcessHeap
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR/Formats/uue.fmt
.dll windows:5 windows x86 arch:x86

92d227f3b96bb1ef31d08aaeb66b079a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\uue\build\32\Release\uue.pdb

Imports

kernel32

CreateFileA
CreateFileW
CloseHandle
GetLastError
SetFilePointer
WriteFile
ReadFile
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
SetLastError
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
HeapFree
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
RtlUnwind
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapAlloc
HeapReAlloc
VirtualAlloc
FlushFileBuffers
MultiByteToWideChar
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
HeapSize
SetEndOfFile
GetProcessHeap
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR/Formats/z.fmt
.dll windows:5 windows x86 arch:x86

690706108c4d5618e6012f84061ddfa3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\Z\build\32\Release\z.pdb

Imports

kernel32

CreateFileA
CreateFileW
GetVersionExA
CloseHandle
GetLastError
SetFilePointer
WriteFile
GetProcAddress
GetModuleHandleA
ReadFile
CreateHardLinkA
GetFullPathNameA
GetFileAttributesA
SetCurrentDirectoryA
GetCurrentDirectoryA
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFileTime
CreateDirectoryA
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileTime
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetFileType
HeapReAlloc
HeapAlloc
HeapFree
DeleteFileA
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
SetLastError
GetVersion
InitializeCriticalSectionAndSpinCount
Sleep
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
RtlUnwind
GetModuleHandleW
ExitProcess
GetModuleFileNameA
FlushFileBuffers
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
SetEndOfFile
GetProcessHeap
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

Close
Extract
GetListItem
Open
Prepare

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 434KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR/License.txt
App/WinRAR/Rar.exe
.exe windows:5 windows x86 arch:x86

434e8913d710f61d1d0d6dfce78e8d29

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\rar\build\rar32\Release\RAR.pdb

Imports

kernel32

GetLastError
GetCurrentDirectoryW
CloseHandle
GetCurrentProcess
CreateFileW
BackupRead
BackupSeek
SetFileTime
MoveFileW
FlushFileBuffers
SetFilePointer
SetEndOfFile
GetFileTime
GetFileType
CreateFileA
ReadFile
WriteFile
GetDriveTypeA
GetDiskFreeSpaceA
GetVolumeInformationA
GetFileAttributesA
GetFileAttributesW
SetFileAttributesA
SetFileAttributesW
MoveFileA
DeleteFileA
DeleteFileW
RemoveDirectoryA
RemoveDirectoryW
DeviceIoControl
CreateDirectoryA
CreateDirectoryW
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
GetVersionExW
CreateThread
FormatMessageW
GetProcessAffinityMask
WaitForSingleObject
SetEvent
ResetEvent
WaitForMultipleObjects
CreateEventW
GetFullPathNameA
GetFullPathNameW
GetModuleFileNameA
GetModuleFileNameW
SetErrorMode
FreeLibrary
LoadLibraryW
LoadLibraryExW
CompareStringA
SetThreadPriority
GetCurrentThread
SetPriorityClass
SetCurrentDirectoryA
GetCurrentDirectoryA
LocalFileTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetEnvironmentVariableA
GetLocaleInfoA
LocalFree
SetConsoleCtrlHandler
Sleep
GetTickCount
GetSystemTime
SystemTimeToFileTime
GetStdHandle
GetConsoleMode
SetConsoleMode
ReadConsoleW
SetLastError
GetModuleHandleW
ExitThread
GetProcAddress
GetStringTypeW
GetStringTypeA
GetConsoleCP
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
HeapFree
HeapReAlloc
HeapAlloc
RtlUnwind
GetModuleHandleA
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
RaiseException
GetACP
GetOEMCP
IsValidCodePage
HeapSize
LoadLibraryA
GetVersion
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount

user32

CharLowerW
ExitWindowsEx
CharUpperA
CharLowerA
LoadStringW
CharUpperW
OemToCharBuffW
CharToOemA
CharToOemBuffA
OemToCharA
OemToCharBuffA
CharToOemBuffW

advapi32

RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetFileSecurityW
GetFileSecurityA
GetSecurityDescriptorLength
SetFileSecurityW
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW

shell32

SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHFileOperationW

Sections

.text
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR/Rar.txt
App/WinRAR/RarFiles.lst
App/WinRAR/ReadMe.txt
App/WinRAR/TechNote.txt
.vbs
App/WinRAR/UnRAR.exe
.exe windows:5 windows x86 arch:x86

1da1fb3d1356bfe063e7074a84c82ba0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\rar\build\unrar32\Release\UnRAR.pdb

Imports

kernel32

GetCurrentProcess
SetFileTime
MoveFileW
FlushFileBuffers
SetFilePointer
SetEndOfFile
GetFileType
CreateFileA
CreateFileW
ReadFile
SetLastError
WriteFile
GetDriveTypeA
GetDiskFreeSpaceA
GetProcAddress
GetModuleHandleW
GetFileAttributesA
GetFileAttributesW
SetFileAttributesA
SetFileAttributesW
MoveFileA
DeleteFileA
DeleteFileW
DeviceIoControl
CreateDirectoryA
CreateDirectoryW
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
CloseHandle
GetFullPathNameA
GetModuleFileNameA
GetModuleFileNameW
SetErrorMode
FreeLibrary
LoadLibraryW
LoadLibraryExW
CompareStringA
SetThreadPriority
GetCurrentThread
SetPriorityClass
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemTime
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetEnvironmentVariableA
GetLocaleInfoA
GetCurrentDirectoryW
GetLastError
FormatMessageW
LocalFree
SetConsoleCtrlHandler
Sleep
GetStdHandle
GetConsoleMode
SetConsoleMode
GetVersionExW
ReadConsoleW
GetStringTypeW
GetStringTypeA
GetConsoleCP
GetCurrentProcessId
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
GetModuleHandleA
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapCreate
GetACP
GetOEMCP
IsValidCodePage
RaiseException
HeapSize
LoadLibraryA
GetVersion
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
QueryPerformanceCounter
GetTickCount

user32

CharLowerW
ExitWindowsEx
CharUpperA
CharLowerA
LoadStringW
CharUpperW
CharToOemBuffW
OemToCharBuffW
CharToOemA
OemToCharA
OemToCharBuffA

advapi32

RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
SetFileSecurityW
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW

shell32

SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

Sections

.text
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR/UnrarSrc.txt
App/WinRAR/WhatsNew.txt
App/WinRAR/WinCon.SFX
.exe windows:5 windows x86 arch:x86

d664338ea009589942dd6aacfe0873b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\rar\build\sfxcon32\Release\sfxcon.pdb

Imports

kernel32

GetLastError
GetCurrentProcess
SetFileTime
MoveFileW
SetFilePointer
SetEndOfFile
GetFileType
CreateFileA
CreateFileW
ReadFile
WriteFile
GetDriveTypeA
GetFileAttributesA
GetFileAttributesW
SetFileAttributesA
SetFileAttributesW
DeleteFileA
DeleteFileW
CreateDirectoryA
CreateDirectoryW
FindClose
FindNextFileA
FindFirstFileA
CloseHandle
FindFirstFileW
GetVersionExW
GetCommandLineA
SetErrorMode
GetModuleFileNameW
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
CompareStringA
ExitProcess
GetProcAddress
GetModuleHandleW
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemTime
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
Sleep
GetStdHandle
GetConsoleMode
SetConsoleMode
FindNextFileW
ReadConsoleW

user32

CharUpperW
LoadStringW
CharToOemBuffA
CharUpperA
wvsprintfW
CharToOemBuffW
OemToCharBuffW
wvsprintfA
CharToOemA
OemToCharBuffA
OemToCharA

advapi32

LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityA
SetFileSecurityW
AdjustTokenPrivileges

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
App/WinRAR/WinRAR.chm
.chm
App/WinRAR/WinRAR.exe
.exe windows:5 windows x86 arch:x86

f228f0db3de9943ad6af41c6fcfa7010

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\build\winrar32\Release\WinRAR.pdb

Imports

comctl32

InitCommonControlsEx
ImageList_ReplaceIcon
ord8
CreateStatusWindowW
ImageList_Destroy
ImageList_Create
ImageList_Remove
ImageList_AddMasked
ImageList_Add
PropertySheetW

shlwapi

SHAutoComplete

kernel32

WriteFile
GetDriveTypeA
GetDiskFreeSpaceA
GetVolumeInformationA
GetFileAttributesA
SetFileAttributesA
SetFileAttributesW
MoveFileA
DeleteFileW
DeleteFileA
RemoveDirectoryA
RemoveDirectoryW
DeviceIoControl
CreateDirectoryA
CreateDirectoryW
GetCurrentDirectoryA
ExpandEnvironmentStringsW
FindNextFileA
FindFirstFileA
GetDiskFreeSpaceW
Sleep
GetVersionExW
CompareFileTime
FindCloseChangeNotification
FindFirstChangeNotificationW
GetLocaleInfoW
GetNumberFormatW
CreateThread
ExitThread
GetProcessAffinityMask
SetEvent
ResetEvent
WaitForMultipleObjects
CreateEventW
GetFullPathNameA
GetFullPathNameW
GetModuleFileNameA
GetCompressedFileSizeW
FindResourceW
SizeofResource
LoadResource
LoadLibraryExW
UpdateResourceW
EnumResourceLanguagesW
EndUpdateResourceW
EnumResourceNamesW
BeginUpdateResourceW
CompareStringA
SetThreadPriority
GetCurrentThread
SetPriorityClass
SetCurrentDirectoryA
WideCharToMultiByte
CompareStringW
IsDBCSLeadByte
GetCPInfo
GlobalMemoryStatus
GetVolumeInformationW
GetLogicalDrives
SetCurrentDirectoryW
GetStdHandle
SuspendThread
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
GetLocalTime
GetThreadPriority
GetPriorityClass
SetErrorMode
GetCommandLineW
GetCurrentProcessId
MulDiv
FindNextChangeNotification
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
GetVersion
HeapSize
GetConsoleMode
GetConsoleCP
SetHandleCount
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
ExitProcess
GetModuleHandleA
HeapCreate
VirtualAlloc
VirtualFree
DeleteCriticalSection
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
GetCommandLineA
LeaveCriticalSection
EnterCriticalSection
SetStdHandle
RaiseException
RtlUnwind
HeapReAlloc
HeapFree
HeapAlloc
ReadFile
CreateFileA
GetFileType
GetFileTime
SetFilePointer
FlushFileBuffers
SetEndOfFile
SetFileTime
BackupSeek
BackupRead
CreateFileW
GetCurrentProcess
GetCurrentDirectoryW
FormatMessageW
LocalFree
CreateMutexW
ReleaseMutex
GetLastError
GlobalSize
GetProcessHeap
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
MultiByteToWideChar
GetVersionExA
GetTickCount
GetSystemTime
SystemTimeToFileTime
CreateFileMappingW
WaitForSingleObject
OpenFileMappingW
MapViewOfFile
CloseHandle
UnmapViewOfFile
GetTempPathW
MoveFileW
GetModuleFileNameW
FindNextFileW
LoadLibraryW
CopyFileW
GetCurrentThreadId
FreeLibrary
LocalFileTimeToFileTime
GetTempPathA
ExpandEnvironmentStringsA
GetDriveTypeW
FileTimeToDosDateTime
SetLastError
FindFirstFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTimeFormatW
GetDateFormatW
FindClose
DosDateTimeToFileTime
GetFileAttributesW
GetModuleHandleW
GetProcAddress
SetEnvironmentVariableA
ResumeThread

user32

PostThreadMessageW
IsChild
GetLastActivePopup
GetClipboardData
GetMenuItemID
PostQuitMessage
SetMenu
InsertMenuW
LoadMenuW
RegisterClassW
LoadAcceleratorsW
GetMenuState
IsDialogMessageW
SetPropW
FindWindowW
GetForegroundWindow
RegisterWindowMessageW
FindWindowExW
EnumWindows
CreateIcon
GetDlgItemTextA
SetDlgItemTextA
FlashWindow
ValidateRect
GetSysColor
CopyImage
FillRect
ExitWindowsEx
CharUpperA
CharLowerA
DrawIconEx
LoadStringW
GetWindow
SetMenuItemInfoW
RedrawWindow
CreateDialogParamW
IsCharUpperW
IsCharAlphaW
CharLowerW
OpenClipboard
EmptyClipboard
SetClipboardData
CharToOemA
CloseClipboard
MessageBeep
PeekMessageW
CharUpperW
GetFocus
SetForegroundWindow
EnableMenuItem
MoveWindow
CheckMenuItem
LoadBitmapW
InsertMenuItemW
BeginPaint
GetClientRect
EndPaint
SetTimer
KillTimer
UpdateWindow
IsWindow
SetWindowTextW
GetWindowTextLengthW
AppendMenuW
DrawMenuBar
GetMenu
GetSubMenu
DeleteMenu
GetMenuItemCount
GetMenuItemInfoW
CharToOemBuffW
ScreenToClient
ClientToScreen
SetScrollPos
ScrollWindowEx
PtInRect
LoadIconW
SetScrollRange
GetDialogBaseUnits
CreateDialogIndirectParamW
GetPropW
RemovePropW
GetSystemMenu
BringWindowToTop
SetWindowPlacement
GetMessageW
TranslateMessage
DispatchMessageW
GetIconInfo
CreateIconIndirect
GetComboBoxInfo
TranslateAcceleratorW
SendMessageW
SetFocus
CreateWindowExW
DestroyWindow
GetWindowTextW
DefWindowProcW
SetDlgItemTextW
CreatePopupMenu
SetWindowLongW
TrackPopupMenu
DestroyMenu
CallWindowProcW
RegisterClipboardFormatW
GetKeyState
LoadCursorW
SetCursor
WindowFromPoint
GetWindowThreadProcessId
GetDC
ReleaseDC
GetDesktopWindow
GetCursorPos
GetMonitorInfoW
GetWindowLongW
ShowWindow
EnableWindow
IntersectRect
IsIconic
GetWindowPlacement
GetSystemMetrics
IsWindowEnabled
SetDlgItemInt
GetDlgItemInt
IsDlgButtonChecked
EnumChildWindows
GetClassNameW
GetWindowRect
MapWindowPoints
SetWindowPos
InvalidateRect
GetParent
CheckDlgButton
PostMessageW
MessageBoxW
IsWindowVisible
OemToCharBuffA
CharToOemBuffA
DialogBoxParamW
SendDlgItemMessageW
DestroyIcon
GetDlgItem
OemToCharA
EndDialog
GetDlgItemTextW
LoadImageW

gdi32

GetDeviceCaps
LineTo
MoveToEx
DPtoLP
SetPixel
CreatePatternBrush
TextOutA
StretchBlt
GetMapMode
SetMapMode
Rectangle
CreateCompatibleBitmap
GetTextExtentPoint32W
SetBkColor
ExtTextOutW
BitBlt
GetObjectW
CreateCompatibleDC
GetPixel
DeleteDC
CreatePen
CreateSolidBrush
SetTextColor
TextOutW
Polygon
Polyline
SelectObject
GetTextFaceW
GetTextMetricsW
CreateFontW
CreateBitmap
DeleteObject

comdlg32

GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError
ChooseFontW

advapi32

LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityA
SetFileSecurityW
GetSecurityDescriptorLength
GetFileSecurityA
GetFileSecurityW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
IsTextUnicode
RegEnumValueW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
AdjustTokenPrivileges

shell32

SHFileOperationW
FindExecutableW
DragFinish
DragQueryFileW
DragAcceptFiles
Shell_NotifyIconW
ShellExecuteW
SHGetPathFromIDListA
SHGetFileInfoW
ShellExecuteExW
SHGetMalloc
SHBrowseForFolderW
SHChangeNotify
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW

ole32

OleUninitialize
OleInitialize
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
OleSetClipboard
DoDragDrop
CoInitializeEx

Sections

.text
Size: 730KB - Virtual size: 729KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/WinRAR/Zip.SFX
.exe windows:5 windows x86 arch:x86

ececc473fe0400492818c3054a72770e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\SFX\build\sfxzip32\Release\sfxzip.pdb

Imports

comctl32

InitCommonControlsEx
ord17

shlwapi

SHAutoComplete

kernel32

SetFileAttributesA
SetFileAttributesW
MoveFileW
DeleteFileW
DeleteFileA
CreateDirectoryA
CreateDirectoryW
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
GetTickCount
WideCharToMultiByte
GlobalAlloc
GetVersionExW
GetFullPathNameA
GetFullPathNameW
GetModuleFileNameW
FindResourceW
GetModuleHandleW
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
CompareStringA
ExitProcess
GetLocaleInfoW
GetFileAttributesW
DosDateTimeToFileTime
GetDateFormatW
GetTimeFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
WaitForSingleObject
Sleep
GetTempPathW
MoveFileExW
UnmapViewOfFile
GetCommandLineW
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
SetEnvironmentVariableW
GetProcAddress
LocalFileTimeToFileTime
SystemTimeToFileTime
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
SetCurrentDirectoryW
GetCurrentDirectoryW
LoadLibraryW
FreeLibrary
GetFileAttributesA
WriteFile
SetFileTime
GetStdHandle
SetLastError
ReadFile
CreateFileW
CreateFileA
GetFileType
SetFilePointer
CloseHandle
SetEndOfFile
GetLastError
GetNumberFormatW

user32

CharUpperA
OemToCharBuffA
wvsprintfA
wvsprintfW
ReleaseDC
GetDC
SendMessageW
SetDlgItemTextW
SetFocus
EndDialog
DestroyIcon
SendDlgItemMessageW
GetDlgItemTextW
GetClassNameW
DialogBoxParamW
IsWindowVisible
WaitForInputIdle
SetForegroundWindow
GetSysColor
PostMessageW
LoadBitmapW
CharToOemBuffA
CharToOemA
OemToCharA
FindWindowExW
UpdateWindow
SetWindowTextW
LoadCursorW
RegisterClassExW
SetWindowLongW
GetWindowLongW
DefWindowProcW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
GetClientRect
IsWindow
MessageBoxW
ShowWindow
GetDlgItem
EnableWindow
LoadStringW
SetWindowPos
GetWindowTextW
GetSystemMetrics
GetWindow
CharUpperW
GetWindowRect
GetParent
MapWindowPoints
LoadIconW
CreateWindowExW
CopyRect

gdi32

CreateCompatibleDC
GetDeviceCaps
GetObjectW
CreateCompatibleBitmap
SelectObject
StretchBlt
DeleteObject
DeleteDC

advapi32

RegCloseKey
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW

shell32

SHChangeNotify
ShellExecuteExW
SHFileOperationW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

CreateStreamOnHGlobal
OleInitialize
CoCreateInstance
OleUninitialize
CLSIDFromString

oleaut32

VariantInit

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
WinRARPortable.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$EXEDIR/App/WinRAR-x64/rarreg
$EXEDIR/App/WinRAR/rarreg
$PLUGINSDIR/FindProcDLL.dll
.dll windows:4 windows x86 arch:x86

8df26927f8978d4eb40ff179c0aa961b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
lstrcmpA
OpenProcess
lstrcpyA
LoadLibraryA
CloseHandle
FreeLibrary
GetVersionExA
lstrlenA
GlobalFree

user32

wsprintfA

Exports

Exports

FindProc

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Registry.dll
.dll windows:4 windows x86 arch:x86

cd53277eaa7bbb8fb5b2b678274dcb4e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateProcessA
SearchPathA
CloseHandle
CreateFileA
lstrcpynA
lstrcatA
FindFirstFileA
FindClose
lstrlenA
lstrcmpiA
lstrcpyA
GlobalFree
GlobalAlloc
WriteFile

user32

SendMessageA
FindWindowExA
GetDlgItem
wsprintfA
CharUpperA

advapi32

RegCreateKeyExA
RegEnumKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumValueA
RegDeleteValueA
RegQueryValueExA
RegSetValueExA
RegCloseKey

Exports

Exports

_Close
_CopyKey
_CopyValue
_CreateKey
_DeleteKey
_DeleteKeyEmpty
_DeleteValue
_Find
_HexToStr
_KeyExists
_MoveKey
_MoveValue
_Open
_Read
_ReadExtra
_RestoreKey
_SaveKey
_StrToHex
_Unload
_Write
_WriteExtra

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/newadvsplash.dll
.dll windows:4 windows x86 arch:x86

eee37c14e102da3f62385f9796c701ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GetProcAddress
GetModuleHandleA
CloseHandle
CreateThread
lstrcpynA
lstrlenA
GetCurrentThreadId
Sleep
lstrcpyA
lstrcmpiA
lstrcatA
GlobalAlloc
GlobalFree
WaitForSingleObject

user32

DefWindowProcA
DestroyWindow
IsWindowVisible
UnregisterClassA
EnumDisplaySettingsA
wsprintfA
SetWindowPos
LoadCursorA
BeginPaint
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
IsWindow
GetClientRect
SetWindowLongA
SetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
RegisterClassA
SystemParametersInfoA
SendMessageA
ShowWindow
PostMessageA
SetWindowRgn
EndPaint

gdi32

CombineRgn
GetObjectA
CreateCompatibleDC
SelectObject
GetDIBits
CreateRectRgn
DeleteObject

msvfw32

MCIWndCreateA

winmm

timeSetEvent
PlaySoundA
timeKillEvent

oleaut32

OleLoadPicturePath

msvcrt

_lseek
memset
memcmp
_read
memcpy
_close
_open
strtol

Exports

Exports

hwnd
play
show
stop

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 289B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 634B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/splash.bmp

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 40KB

.rsrc Size: 30KB - Virtual size: 29KB

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

9b6b6a7858e17fb0b17e1c1428330343

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 697B

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 352B

.reloc Size: 512B - Virtual size: 320B

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 784B

.data Size: 512B - Virtual size: 100B

.reloc Size: 1024B - Virtual size: 520B

8773e19ae02f331332db1b00671fdecf

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

wininet

comctl32

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 40KB

.rsrc
Size: 30KB - Virtual size: 29KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 697B

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 320B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 70KB - Virtual size: 69KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 63KB

.CRT
Size: 512B - Virtual size: 16B

.rsrc
Size: 16KB - Virtual size: 16KB

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 1024B - Virtual size: 65KB

.pdata
Size: 4KB - Virtual size: 4KB

.CRT
Size: 512B - Virtual size: 32B

.rsrc
Size: 16KB - Virtual size: 16KB

.text
Size: 54KB - Virtual size: 53KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 5KB - Virtual size: 20KB

.pdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB