bdadd2be26815bec34c3d1d1fae46019_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bdadd2be26815bec34c3d1d1fae46019_JaffaCakes118
Size

3.4MB
MD5

bdadd2be26815bec34c3d1d1fae46019
SHA1

27efceb7ac6a8cf2afba113acc72005242229d88
SHA256

5723fb967e2c984ba0f0926f9c33914561cdc72cf9aedcfb3a90dbe76be58e9a
SHA512

c6b440ba58aeca2fcfa1fe169547de49746aab15fdb77d181556ae0d1dea4efbeab88f3f8a90e27fd72fee32f1102a6a1e45f189777f0fabc805f796943ed1a7
SSDEEP

98304:n1LaA9Dn6EZM/sMVz/a6ZxiOCty1rB+Yzm:7V6mM06zC4iGrB+Yzm

Score

3^/10

Malware Config

Signatures

Unsigned PE 73 IoCs

Checks for missing Authenticode signature.

resource
bdadd2be26815bec34c3d1d1fae46019_JaffaCakes118
unpack001/$PLUGINSDIR/LockedList.dll
unpack001/Uninstall.exe
unpack001/mmcflasher.exe
unpack001/modules/module1.dll
unpack001/modules/module10.dll
unpack001/modules/module11.dll
unpack001/modules/module12.dll
unpack001/modules/module13.dll
unpack001/modules/module14.dll
unpack001/modules/module15.dll
unpack001/modules/module17.dll
unpack001/modules/module18.dll
unpack001/modules/module19.dll
unpack001/modules/module2.dll
unpack001/modules/module20.dll
unpack001/modules/module21.dll
unpack001/modules/module22.dll
unpack001/modules/module23.dll
unpack001/modules/module24.dll
unpack001/modules/module25.dll
unpack001/modules/module27.dll
unpack001/modules/module28.dll
unpack001/modules/module29.dll
unpack001/modules/module3.dll
unpack001/modules/module30.dll
unpack001/modules/module31.dll
unpack001/modules/module32.dll
unpack001/modules/module33.dll
unpack001/modules/module34.dll
unpack001/modules/module35.dll
unpack001/modules/module36.dll
unpack001/modules/module37.dll
unpack001/modules/module38.dll
unpack001/modules/module39.dll
unpack001/modules/module4.dll
unpack001/modules/module40.dll
unpack001/modules/module41.dll
unpack001/modules/module42.dll
unpack001/modules/module43.dll
unpack001/modules/module44.dll
unpack001/modules/module45.dll
unpack001/modules/module46.dll
unpack001/modules/module47.dll
unpack001/modules/module48.dll
unpack001/modules/module49.dll
unpack001/modules/module50.dll
unpack001/modules/module51.dll
unpack001/modules/module52.dll
unpack001/modules/module53.dll
unpack001/modules/module54.dll
unpack001/modules/module55.dll
unpack001/modules/module56.dll
unpack001/modules/module57.dll
unpack001/modules/module59.dll
unpack001/modules/module6.dll
unpack001/modules/module60.dll
unpack001/modules/module61.dll
unpack001/modules/module62.dll
unpack001/modules/module63.dll
unpack001/modules/module65.dll
unpack001/modules/module66.dll
unpack001/modules/module67.dll
unpack001/modules/module68.dll
unpack001/modules/module69.dll
unpack001/modules/module7.dll
unpack001/modules/module70.dll
unpack001/modules/module71.dll
unpack001/modules/module72.dll
unpack001/modules/module73.dll
unpack001/modules/module8.dll
unpack001/modules/module9.dll
unpack001/senselock_fix.exe

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/Uninstall.exe	nsis_installer_1
static1/unpack001/Uninstall.exe	nsis_installer_2

Files

bdadd2be26815bec34c3d1d1fae46019_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LockedList.dll
.dll windows:6 windows x86 arch:x86

1f24eeb49cd5ab55727208afd8ac7b2f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ImageList_ReplaceIcon
ImageList_Create

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

shlwapi

PathRemoveFileSpecA
PathFileExistsA
PathAppendA

kernel32

LoadLibraryA
DuplicateHandle
ResetEvent
CreateFileA
lstrcmpA
lstrlenA
GetCurrentProcess
WaitForSingleObject
OpenProcess
GlobalAlloc
WideCharToMultiByte
Sleep
TerminateProcess
lstrcatA
lstrlenW
GetLastError
lstrcmpiA
GlobalFree
LocalAlloc
GetExitCodeThread
WaitForMultipleObjects
GetModuleFileNameA
GetModuleHandleA
CloseHandle
GetCurrentProcessId
LocalFree
CreateThread
lstrcpyA
lstrcpynA
QueryDosDeviceA
SetEvent
TerminateThread
CreateEventA
GetProcAddress
GetVersion

user32

CallWindowProcA
DestroyMenu
EnableWindow
MapWindowPoints
LoadImageA
SetWindowTextA
GetSystemMetrics
OpenClipboard
DispatchMessageA
PostMessageA
IsWindow
AppendMenuA
CreatePopupMenu
ShowWindow
GetCursorPos
SetWindowPos
SendMessageTimeoutA
GetDlgItem
EmptyClipboard
PeekMessageA
CreateWindowExA
CharLowerA
DestroyIcon
MessageBoxA
SetWindowLongA
GetWindowTextA
TranslateMessage
IsDialogMessageA
SendMessageA
GetClientRect
wsprintfA
MsgWaitForMultipleObjects
TrackPopupMenu
CreateDialogParamA
SetActiveWindow
GetWindowRect
ScreenToClient
GetClassNameA
CloseClipboard
GetMessageA
SetCursor
DestroyWindow
GetWindow
GetWindowThreadProcessId
GetWindowLongA
EnumWindows
MoveWindow
SetCursorPos
SetClipboardData

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

shell32

ShellExecuteExA
ExtractIconExA

Exports

Exports

AddApplications
AddCaption
AddClass
AddCustom
AddFile
AddFolder
AddModule
CloseProcess
Dialog
EnumProcesses
FindProcess
InitDialog
IsFileLocked
Show
SilentPercentComplete
SilentSearch
SilentWait

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Uninstall.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
mmcflasher.exe
.exe windows:1 windows x86 arch:x86

0e01ca843ee961f7ba0b848d0ac6adbd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
CloseHandle
CompareStringA
CompareStringW
CreateDirectoryA
CreateFileA
CreateFileW
CreateMutexA
CreateThread
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeviceIoControl
EnterCriticalSection
ExitProcess
FindAtomA
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
FreeResource
GetACP
GetAtomNameA
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentThreadId
GetEnvironmentStringsA
GetEnvironmentStringsW
GetEnvironmentVariableA
GetFileSize
GetFileType
GetLastError
GetLocalTime
GetLongPathNameW
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLCID
GetTempPathA
GetTempPathW
GetTickCount
GetTimeZoneInformation
GetVersion
GetVersionExA
GlobalAlloc
GlobalFree
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
LocalAlloc
LocalFree
MultiByteToWideChar
OpenMutexA
QueryDosDeviceA
ReadFile
ReleaseMutex
RtlUnwind
SetEnvironmentVariableA
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcatA
lstrcatW
lstrcmpA
lstrcmpiA
lstrcmpiW
lstrcpyA
lstrcpyW
lstrlenA
lstrlenW

user32

CreateIconIndirect
CreateWindowExA
CreateWindowExW
DefWindowProcA
DefWindowProcW
DestroyWindow
DispatchMessageA
DispatchMessageW
DrawIconEx
DrawTextA
DrawTextW
EnableWindow
GetClientRect
GetDC
GetFocus
GetIconInfo
GetMessageA
GetMessageW
GetSystemMetrics
GetWindowLongA
GetWindowRect
GetWindowTextLengthA
IsDialogMessageA
LoadCursorA
LoadIconA
LoadImageA
MapWindowPoints
MessageBoxW
PostMessageA
PostQuitMessage
RegisterClassA
RegisterClassW
ReleaseDC
SendMessageA
SendMessageW
SetForegroundWindow
SetWindowLongA
SetWindowPos
SetWindowTextW
ShowWindow
TranslateMessage
wsprintfA
wsprintfW

gdi32

CreateBitmap
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
DeleteObject
GetDIBits
GetStockObject
RoundRect
SelectObject
SetBkColor
SetBkMode
SetDIBits
SetTextColor

ntdll

memset
memcpy

comctl32

InitCommonControls

advapi32

InitializeSecurityDescriptor
RegCloseKey
RegCreateKeyExA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SetSecurityDescriptorDacl

ole32

OleInitialize
OleCreate
OleSetContainedObject
CoInitialize
CoCreateInstance
CLSIDFromProgID
OleInitialize
OleCreate
OleSetContainedObject
CoInitialize
CoCreateInstance
CLSIDFromProgID

oleaut32

VariantInit
SysAllocString
SysFreeString
VariantInit
SysAllocString
SysFreeString

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInstanceIdA
SetupDiDestroyDeviceInfoList

shell32

DragAcceptFiles
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA
SHGetFolderPathA

shlwapi

PathRemoveFileSpecA
PathFindExtensionA
PathFileExistsW
PathStripPathW
PathFindExtensionW

ws2_32

WSAStartup
socket
gethostbyname
connect
send
recv
select

msvcrt

_fdopen
fputc
fclose
fread
fwrite
fprintf
strcpy
strlen
fopen
fgetpos

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.code
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module1.dll
.dll windows:1 windows x86 arch:x86

9273a2d64d4e4b1652172f56edd38bb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module10.dll
.dll windows:1 windows x86 arch:x86

b328ad2abb30db2e86a8ec2f19af820f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module11.dll
.dll windows:1 windows x86 arch:x86

53ec04cfbf8fbecf9b5b47117ba98e5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module12.dll
.dll windows:1 windows x86 arch:x86

9273a2d64d4e4b1652172f56edd38bb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module13.dll
.dll windows:1 windows x86 arch:x86

9273a2d64d4e4b1652172f56edd38bb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module14.dll
.dll windows:1 windows x86 arch:x86

0be41d83d874d2867d00e06817a8de97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module15.dll
.dll windows:1 windows x86 arch:x86

53ec04cfbf8fbecf9b5b47117ba98e5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module17.dll
.dll windows:1 windows x86 arch:x86

b328ad2abb30db2e86a8ec2f19af820f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module18.dll
.dll windows:1 windows x86 arch:x86

0be41d83d874d2867d00e06817a8de97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module19.dll
.dll windows:1 windows x86 arch:x86

53ec04cfbf8fbecf9b5b47117ba98e5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module2.dll
.dll windows:1 windows x86 arch:x86

9273a2d64d4e4b1652172f56edd38bb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 660B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module20.dll
.dll windows:1 windows x86 arch:x86

d7f577bfac82b0874297ed3f0542bf63

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module21.dll
.dll windows:1 windows x86 arch:x86

53ec04cfbf8fbecf9b5b47117ba98e5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module22.dll
.dll windows:1 windows x86 arch:x86

53ec04cfbf8fbecf9b5b47117ba98e5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module23.dll
.dll windows:1 windows x86 arch:x86

0be41d83d874d2867d00e06817a8de97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module24.dll
.dll windows:1 windows x86 arch:x86

0be41d83d874d2867d00e06817a8de97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module25.dll
.dll windows:1 windows x86 arch:x86

9273a2d64d4e4b1652172f56edd38bb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 580B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module27.dll
.dll windows:1 windows x86 arch:x86

53ec04cfbf8fbecf9b5b47117ba98e5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module28.dll
.dll windows:1 windows x86 arch:x86

0be41d83d874d2867d00e06817a8de97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module29.dll
.dll windows:1 windows x86 arch:x86

9273a2d64d4e4b1652172f56edd38bb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module3.dll
.dll windows:1 windows x86 arch:x86

9273a2d64d4e4b1652172f56edd38bb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module30.dll
.dll windows:1 windows x86 arch:x86

9273a2d64d4e4b1652172f56edd38bb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module31.dll
.dll windows:1 windows x86 arch:x86

0be41d83d874d2867d00e06817a8de97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module32.dll
.dll windows:1 windows x86 arch:x86

9273a2d64d4e4b1652172f56edd38bb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module33.dll
.dll windows:1 windows x86 arch:x86

0be41d83d874d2867d00e06817a8de97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module34.dll
.dll windows:1 windows x86 arch:x86

9dc67a00d64b6717df1745be78242809

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module35.dll
.dll windows:1 windows x86 arch:x86

d7f577bfac82b0874297ed3f0542bf63

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module36.dll
.dll windows:1 windows x86 arch:x86

e9892b279783ce3d9cd785a78190413a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

CreateWindowExA
CreateWindowExW
DefWindowProcA
DestroyWindow
DispatchMessageA
EnableWindow
FindWindowA
GetFocus
GetMessageA
GetSystemMetrics
GetWindowLongA
LoadCursorA
LoadIconA
PostQuitMessage
RegisterClassA
SendMessageA
SendMessageW
SetWindowLongA
TranslateMessage
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

gdi32

CreateFontIndirectA

ntdll

memcpy
memset

Sections

.code
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module37.dll
.dll windows:1 windows x86 arch:x86

9273a2d64d4e4b1652172f56edd38bb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module38.dll
.dll windows:1 windows x86 arch:x86

9273a2d64d4e4b1652172f56edd38bb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module39.dll
.dll windows:1 windows x86 arch:x86

9273a2d64d4e4b1652172f56edd38bb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module4.dll
.dll windows:1 windows x86 arch:x86

9273a2d64d4e4b1652172f56edd38bb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module40.dll
.dll windows:1 windows x86 arch:x86

9273a2d64d4e4b1652172f56edd38bb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module41.dll
.dll windows:1 windows x86 arch:x86

4b7fe2c8286ee062bb4824ae6344546b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetTickCount
GlobalAlloc
GlobalFree
MultiByteToWideChar
ReadFile
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpW
lstrcpyA
lstrlenA
lstrlenW

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageW
wsprintfA
wsprintfW

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

ws2_32

WSAStartup
WSACleanup
socket
bind
setsockopt
connect
send
sendto
recv
recvfrom
closesocket
WSAGetLastError

ole32

CoInitialize
CoInitializeSecurity
CoCreateInstance

oleaut32

SysAllocString
SysFreeString
SafeArrayCreateVector
SafeArrayPutElement
SafeArrayDestroy

Sections

.code
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module42.dll
.dll windows:1 windows x86 arch:x86

9dc67a00d64b6717df1745be78242809

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module43.dll
.dll windows:1 windows x86 arch:x86

73227929826def5a6cba8299dcf022dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
FindResourceA
FreeResource
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
LoadResource
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
lstrlenW

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module44.dll
.dll windows:1 windows x86 arch:x86

9dc67a00d64b6717df1745be78242809

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module45.dll
.dll windows:1 windows x86 arch:x86

9273a2d64d4e4b1652172f56edd38bb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module46.dll
.dll windows:1 windows x86 arch:x86

53ec04cfbf8fbecf9b5b47117ba98e5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module47.dll
.dll windows:1 windows x86 arch:x86

53ec04cfbf8fbecf9b5b47117ba98e5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module48.dll
.dll windows:1 windows x86 arch:x86

0be41d83d874d2867d00e06817a8de97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module49.dll
.dll windows:1 windows x86 arch:x86

0be41d83d874d2867d00e06817a8de97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module50.dll
.dll windows:1 windows x86 arch:x86

d7f577bfac82b0874297ed3f0542bf63

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module51.dll
.dll windows:1 windows x86 arch:x86

53ec04cfbf8fbecf9b5b47117ba98e5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 580B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module52.dll
.dll windows:1 windows x86 arch:x86

53ec04cfbf8fbecf9b5b47117ba98e5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 580B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module53.dll
.dll windows:1 windows x86 arch:x86

53ec04cfbf8fbecf9b5b47117ba98e5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 580B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module54.dll
.dll windows:1 windows x86 arch:x86

53ec04cfbf8fbecf9b5b47117ba98e5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module55.dll
.dll windows:1 windows x86 arch:x86

0be41d83d874d2867d00e06817a8de97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module56.dll
.dll windows:1 windows x86 arch:x86

9273a2d64d4e4b1652172f56edd38bb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module57.dll
.dll windows:1 windows x86 arch:x86

d7f577bfac82b0874297ed3f0542bf63

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module59.dll
.dll windows:1 windows x86 arch:x86

9273a2d64d4e4b1652172f56edd38bb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module6.dll
.dll windows:1 windows x86 arch:x86

9273a2d64d4e4b1652172f56edd38bb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module60.dll
.dll windows:1 windows x86 arch:x86

53ec04cfbf8fbecf9b5b47117ba98e5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module61.dll
.dll windows:1 windows x86 arch:x86

f3372812a208e7f1472891f5fdb1c5c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileW
DeleteFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTempPathW
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcmpiW
lstrcpyA
lstrcpyW
lstrlenA
lstrlenW

user32

EnableWindow
FindWindowA
GetWindowLongA
MessageBoxW
SendMessageA
SendMessageW
wsprintfA
wsprintfW

comdlg32

GetOpenFileNameW

ntdll

memcpy
memset

ole32

CoUninitialize
CoInitialize
CoInitializeSecurity
CoCreateInstance
CLSIDFromProgID

oleaut32

SysAllocString
SysFreeString

shlwapi

PathFindExtensionW
PathStripPathW

Sections

.code
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module62.dll
.dll windows:1 windows x86 arch:x86

9dc67a00d64b6717df1745be78242809

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module63.dll
.dll windows:1 windows x86 arch:x86

b93545e6b5848a11362d4f43121b28da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
Sleep
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
LoadImageA
SendMessageW
wsprintfA

ntdll

memcpy
memset

Sections

.code
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module65.dll
.dll windows:1 windows x86 arch:x86

9dc67a00d64b6717df1745be78242809

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module66.dll
.dll windows:1 windows x86 arch:x86

4613920140626c68bebed3d16037c151

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module67.dll
.dll windows:1 windows x86 arch:x86

30615f9093ad9aa4f3edb9f6ea53793a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
DeleteFileA
FindResourceA
FreeResource
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
LoadResource
ReadFile
SizeofResource
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
MessageBoxW
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

ws2_32

WSAStartup
WSACleanup
socket
closesocket
gethostbyname
connect
send
recv
WSASocketA
WSAConnect
WSASend
WSACreateEvent
WSAWaitForMultipleEvents

shlwapi

PathStripPathA

Sections

.code
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module68.dll
.dll windows:1 windows x86 arch:x86

0ddf0d829eada35abbc8c66fb67fd616

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module69.dll
.dll windows:1 windows x86 arch:x86

0ddf0d829eada35abbc8c66fb67fd616

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module7.dll
.dll windows:1 windows x86 arch:x86

53ec04cfbf8fbecf9b5b47117ba98e5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module70.dll
.dll windows:1 windows x86 arch:x86

0ddf0d829eada35abbc8c66fb67fd616

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module71.dll
.dll windows:1 windows x86 arch:x86

a31f1663742a449794dde88c163089f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
DeleteFileA
FindResourceA
FreeResource
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
LoadResource
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

ws2_32

WSAStartup
WSACleanup
socket
closesocket
gethostbyname
connect
send
recv
WSASocketA
WSAConnect
WSASend
WSACreateEvent
WSAWaitForMultipleEvents

shlwapi

PathStripPathA

Sections

.code
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module72.dll
.dll windows:1 windows x86 arch:x86

d767e089d8e4beb2a5b46ae5521b9ac9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
DeleteFileA
FindResourceA
FreeResource
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
LoadResource
ReadFile
SizeofResource
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

ws2_32

WSAStartup
WSACleanup
socket
closesocket
gethostbyname
connect
send
recv
WSASocketA
WSAConnect
WSASend
WSACreateEvent
WSAWaitForMultipleEvents

shlwapi

PathStripPathA

Sections

.code
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module73.dll
.dll windows:1 windows x86 arch:x86

5cf56118dd2792568b5784e1b3583c9c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
DeleteFileA
FindResourceA
FreeResource
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
LoadResource
ReadFile
SizeofResource
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

ws2_32

WSAStartup
WSACleanup
socket
closesocket
gethostbyname
connect
send
recv
WSASocketA
WSAConnect
WSASend
WSACreateEvent
WSAWaitForMultipleEvents

shlwapi

PathStripPathA

Sections

.code
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module8.dll
.dll windows:1 windows x86 arch:x86

53ec04cfbf8fbecf9b5b47117ba98e5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
modules/module9.dll
.dll windows:1 windows x86 arch:x86

53ec04cfbf8fbecf9b5b47117ba98e5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiW
lstrcpyA
lstrlenA

user32

EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA

comdlg32

GetOpenFileNameW
GetSaveFileNameA

ntdll

memcpy
memset

Sections

.code
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
op20pt32.dll
.dll windows:5 windows x86 arch:x86

399bf07481eb8e5e6478f4fcb19eff83

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

74:75:83:d7:89:20:7b:a1:80:7a:e1:b0:95:75:28:f0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

03/03/2013, 00:00

Not After

02/06/2015, 23:59

Subject

CN=Tactrix Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tactrix Inc.,L=San Francisco,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

c4:fc:e0:7e:fd:b8:9c:69:b4:55:ee:b0:3a:28:af:ec:99:97:3f:36
Signer

Actual PE Digest

c4:fc:e0:7e:fd:b8:9c:69:b4:55:ee:b0:3a:28:af:ec:99:97:3f:36

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW

kernel32

FlushFileBuffers
CompareStringW
GetUserDefaultLCID
GetLocalTime
GetSystemTime
WaitForSingleObject
GetThreadPriority
GetCurrentThread
TlsFree
TlsSetValue
GetCurrentThreadId
GetSystemInfo
Sleep
SetThreadPriority
TlsAlloc
TerminateThread
ResumeThread
TlsGetValue
CreateThread
DuplicateHandle
GetCurrentProcess
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
LocalFree
FormatMessageW
GetStartupInfoW
GetConsoleWindow
OutputDebugStringW
GetCurrentProcessId
GetProcAddress
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFileInformationByHandle
SetErrorMode
FindClose
FindFirstFileW
CreateDirectoryW
RemoveDirectoryW
GetFileAttributesW
CopyFileW
MoveFileW
DeleteFileW
GetFullPathNameW
GetCurrentDirectoryW
LoadLibraryW
DeviceIoControl
GetLogicalDrives
GetFileAttributesExW
GetLocaleInfoW
CreateEventW
GetTimeFormatW
GetCurrencyFormatW
GetUserDefaultUILanguage
CreateMutexW
ReleaseMutex
VirtualFree
MultiByteToWideChar
WideCharToMultiByte
GetGeoInfoW
GetUserGeoID
GetTimeZoneInformation
QueryPerformanceFrequency
GetModuleHandleW
GetTickCount
QueryPerformanceCounter
GetModuleFileNameW
GetSystemDirectoryW
GetFileType
SetFilePointerEx
MoveFileExW
SetEndOfFile
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
FindFirstFileExW
FreeLibrary
GetDriveTypeW
WriteConsoleW
SetEnvironmentVariableA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
DeleteCriticalSection
SetHandleCount
HeapSize
GetStdHandle
HeapDestroy
HeapCreate
InterlockedDecrement
SetLastError
InterlockedIncrement
IsProcessorFeaturePresent
ResetEvent
CreateFileW
SetEvent
CloseHandle
WriteFile
ReadFile
GetLastError
WaitForMultipleObjects
GetOverlappedResult
CancelIo
OutputDebugStringA
LCMapStringW
GetStringTypeW
GetDateFormatW
FindNextFileW
TerminateProcess
IsDebuggerPresent
RaiseException
RtlUnwind
HeapFree
HeapAlloc
EncodePointer
DecodePointer
GetCommandLineA
HeapReAlloc
ExitThread
SetFilePointer
ExitProcess
EnterCriticalSection
LeaveCriticalSection
GetConsoleCP
GetConsoleMode
SetStdHandle
InitializeCriticalSectionAndSpinCount
SetFileAttributesW
InterlockedExchange
UnhandledExceptionFilter
SetUnhandledExceptionFilter

user32

SetTimer
KillTimer
CharNextExA
MsgWaitForMultipleObjectsEx
TranslateMessage
DispatchMessageW
SetWindowsHookExW
UnhookWindowsHookEx
RegisterClassW
CreateWindowExW
SetWindowLongW
DestroyWindow
UnregisterClassW
GetQueueStatus
PostMessageW
CallNextHookEx
GetWindowLongW
DefWindowProcW
PeekMessageW

ole32

CoCreateInstance
CoInitialize
CoUninitialize

advapi32

RegQueryInfoKeyW
RegEnumKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
OpenProcessToken
GetTokenInformation
GetLengthSid
CopySid
FreeSid

ws2_32

WSAAsyncSelect

Exports

Exports

PassThruClose
PassThruConnect
PassThruDisconnect
PassThruGetLastError
PassThruIoctl
PassThruOpen
PassThruReadMsgs
PassThruReadVersion
PassThruSetProgrammingVoltage
PassThruStartMsgFilter
PassThruStartPeriodicMsg
PassThruStopMsgFilter
PassThruStopPeriodicMsg
PassThruWriteMsgs
z_adler32
z_adler32_combine
z_adler32_combine64
z_compress
z_compress2
z_compressBound
z_crc32
z_crc32_combine
z_crc32_combine64
z_deflate
z_deflateBound
z_deflateCopy
z_deflateEnd
z_deflateInit2_
z_deflateInit_
z_deflateParams
z_deflatePrime
z_deflateReset
z_deflateSetDictionary
z_deflateSetHeader
z_deflateTune
z_get_crc_table
z_inflate
z_inflateCopy
z_inflateEnd
z_inflateGetHeader
z_inflateInit2_
z_inflateInit_
z_inflateMark
z_inflatePrime
z_inflateReset
z_inflateReset2
z_inflateSetDictionary
z_inflateSync
z_inflateSyncPoint
z_inflateUndermine
z_uncompress
z_zError
z_zlibCompileFlags
z_zlibVersion

Sections

.text
Size: 827KB - Virtual size: 827KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
senselock_fix.exe
.exe windows:1 windows x86 arch:x86

985cfc26aee3276366f112c65b8b5275

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareStringA
CompareStringW
CreateFileA
CreateMutexA
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
ExitProcess
FindResourceA
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentThreadId
GetEnvironmentStringsA
GetEnvironmentStringsW
GetEnvironmentVariableA
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetVersion
GetVersionExA
GlobalAlloc
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
LocalFree
MultiByteToWideChar
QueryDosDeviceA
ReadConsoleA
ReleaseMutex
RtlUnwind
SetEnvironmentVariableA
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteFile
lstrcmpA
lstrlenA

user32

wsprintfA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInstanceIdA
SetupDiDestroyDeviceInfoList

Sections

.code
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 151KB

.ndata Size: - Virtual size: 60KB

.rsrc Size: 28KB - Virtual size: 27KB

1f24eeb49cd5ab55727208afd8ac7b2f

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

version

shlwapi

kernel32

user32

advapi32

shell32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 151KB

.ndata Size: - Virtual size: 60KB

.rsrc Size: 28KB - Virtual size: 27KB

0e01ca843ee961f7ba0b848d0ac6adbd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ntdll

comctl32

advapi32

ole32

oleaut32

setupapi

shell32

shlwapi

ws2_32

msvcrt

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 60KB

.rsrc
Size: 28KB - Virtual size: 27KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 60KB

.rsrc
Size: 28KB - Virtual size: 27KB

.code
Size: 195KB - Virtual size: 195KB

.data
Size: 71KB - Virtual size: 78KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

.code
Size: 17KB - Virtual size: 16KB

.idata
Size: 1024B - Virtual size: 90KB

.rsrc
Size: 1024B - Virtual size: 636B

.code
Size: 14KB - Virtual size: 13KB

.idata
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 592B

.code
Size: 9KB - Virtual size: 9KB

.idata
Size: 1024B - Virtual size: 10KB

.rsrc
Size: 1024B - Virtual size: 604B

.code
Size: 26KB - Virtual size: 26KB

.idata
Size: 1024B - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 612B

.code
Size: 10KB - Virtual size: 10KB

.idata
Size: 1024B - Virtual size: 17KB

.rsrc
Size: 1024B - Virtual size: 588B