deskcalc_uk[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

deskcalc_uk.exe
Size

6.2MB
MD5

f3e1ab7a142a64a21f91bd2ec7557d5c
SHA1

d53d1ac71389c6b23b7bda0c0d4d551544f7c3b7
SHA256

78759cd31e0a11d8497a0e097842a11475cfc6106ae771537643103c41a68a81
SHA512

db812d51622565b4a1ae78bc48c17681d67314e635de1c0912587134bcb27928d62b5e463828be044c5dc1547953b795f317fbde702ab170adf6db34178ffd11
SSDEEP

196608:M+0ehpPYse3x01b+qGoKLZ5fprBXLxIrLOBKeJt1:l0eh1YJC1bP7KLffHXL2rLOBKeN

Score

3^/10

Malware Config

Signatures

Unsigned PE 16 IoCs

Checks for missing Authenticode signature.

resource
deskcalc_uk.exe
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/CurrencyUpdater.exe
unpack001/FistWare.exe
unpack001/Module/Disagio.exe
unpack001/Module/Tilg2.exe
unpack001/Module/Zinsen.exe
unpack001/Uninstall.exe
unpack002/$PLUGINSDIR/LangDLL.dll
unpack001/deskcalc.exe
unpack001/deskcalc_runner.exe
unpack001/lang/ToolkitPro.ResourceDe.dll
unpack001/mrect.dll
unpack001/ws-setup.exe
unpack003/$PLUGINSDIR/System.dll

NSIS installer 5 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/Uninstall.exe	nsis_installer_1
static1/unpack001/Uninstall.exe	nsis_installer_2
static1/unpack001/ws-setup.exe	nsis_installer_1

Files

deskcalc_uk.exe
.exe windows:4 windows x86 arch:x86

7c2c71dfce9a27650634dc8b1ca03bf0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CreateFileA
GetFileSize
GetModuleFileNameA
ReadFile
GetCurrentProcess
CopyFileA
Sleep
GetTickCount
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
ExitProcess
SetFileAttributesA
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
GetExitCodeProcess
WaitForSingleObject
CompareFileTime
SetFileTime
GetFileAttributesA
SetCurrentDirectoryA
MoveFileA
GetFullPathNameA
GetShortPathNameA
SearchPathA
CloseHandle
lstrcmpiA
GlobalUnlock
GetDiskFreeSpaceA
lstrcmpA
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
SetFilePointer
GetPrivateProfileStringA
WritePrivateProfileStringA
MulDiv
MultiByteToWideChar
FreeLibrary
LoadLibraryExA
GetModuleHandleA
GlobalAlloc
GlobalFree
ExpandEnvironmentStringsA

user32

GetSystemMenu
SetClassLongA
EnableMenuItem
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ScreenToClient
GetWindowRect
GetDlgItem
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
LoadImageA
CreateDialogParamA
SetTimer
SetWindowTextA
SetForegroundWindow
ShowWindow
SetWindowLongA
SendMessageTimeoutA
FindWindowExA
IsWindow
AppendMenuA
TrackPopupMenu
CreatePopupMenu
DrawTextA
EndPaint
DestroyWindow
wsprintfA
PostQuitMessage

gdi32

SelectObject
SetTextColor
SetBkMode
CreateFontIndirectA
CreateBrushIndirect
DeleteObject
GetDeviceCaps
SetBkColor

shell32

SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA

advapi32

AdjustTokenPrivileges
RegCreateKeyExA
RegOpenKeyExA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ord17
ImageList_Destroy

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

610235b90207a63ccf481f0d4375d329

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileIntA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileStringA
SetCurrentDirectoryA
GetModuleHandleA
lstrcmpiA
WritePrivateProfileStringA
lstrcatA
lstrcpynA
GlobalFree
lstrlenA
lstrcpyA
GlobalUnlock
GlobalAlloc
GlobalLock

user32

MapWindowPoints
PtInRect
CloseClipboard
LoadCursorA
GetDlgCtrlID
OpenClipboard
GetClientRect
SetWindowRgn
DrawFocusRect
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
DrawTextA
SetCursor
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
CallWindowProcA
PostMessageA
MessageBoxA
GetSysColor
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetWindowLongA
EnableMenuItem
GetSystemMenu
GetClipboardData
LoadIconA

gdi32

DeleteObject
CombineRgn
SetTextColor
GetDIBits
SelectObject
CreateRectRgn
GetObjectA
CreateCompatibleDC

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
SHGetDesktopFolder

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

274b99a815ba574d8c9e1712916d8b30

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GlobalAlloc
lstrcmpA
GetModuleHandleA
lstrlenA
MulDiv
lstrcpynA
GetACP
lstrcpyA

user32

SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
SetWindowTextA
LoadIconA
GetDC
ShowWindow
SendMessageA

gdi32

DeleteObject
CreateFontIndirectA
GetDeviceCaps

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 362B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CurrencyUpdater.exe
.exe windows:4 windows x86 arch:x86

842c25b85a86fb355b0631ee903fac29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
HeapFree
CreateThread
ExitThread
HeapAlloc
RaiseException
GetACP
GetTimeZoneInformation
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
GetStartupInfoA
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
TerminateProcess
ExitProcess
RtlUnwind
GetProfileStringA
SetErrorMode
GetFileTime
GetFileSize
GetOEMCP
GetCPInfo
SizeofResource
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
LocalFree
MulDiv
SetLastError
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedIncrement
InterlockedDecrement
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
GetProcAddress
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
CreateEventA
SuspendThread
SetThreadPriority
SetEvent
CloseHandle
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
WritePrivateProfileStringA
GetModuleFileNameA
FindFirstFileA
GetFileAttributesA
GetVersionExA
WaitForSingleObject
GetTickCount
DeleteFileA
GetLastError
ResumeThread
HeapCreate
CopyFileA

user32

GetSysColorBrush
InflateRect
InvalidateRect
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
LoadIconA
SendMessageA
AppendMenuA
UnregisterClassA
HideCaret
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
PostQuitMessage
wsprintfA
GetWindowRect
PtInRect
GetClassNameA
RemovePropA
SetWindowPos
PostMessageA
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode
GetSystemMenu
LoadCursorA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
CharUpperA
GetDC
ReleaseDC
DestroyMenu
LoadStringA
ShowWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
OffsetRect
UpdateWindow

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
SetMapMode
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
PatBlt
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

comctl32

ord17

wininet

InternetReadFile
HttpQueryInfoA
InternetErrorDlg
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetSetStatusCallback
InternetOpenA
InternetCloseHandle
InternetCrackUrlA
InternetCanonicalizeUrlA

Sections

.text
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Deskcalc_Pro_Lizenzvereinbarung.txt
FistWare.exe
.exe windows:5 windows x86 arch:x86

a7077c674a96c2979c12939402ff46ff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpOpenRequestA
InternetOpenA
InternetSetStatusCallback
InternetConnectA
InternetCloseHandle
InternetErrorDlg
HttpSendRequestA
HttpQueryInfoA
InternetReadFile

mfc90

ord4434
ord793
ord4029
ord4952
ord4477
ord4113
ord6555
ord6584
ord6148
ord2672
ord3718
ord3650
ord4649
ord1723
ord1786
ord2286
ord784
ord1098
ord6557
ord5307
ord4756
ord4022
ord3234
ord1490
ord6154
ord3390
ord405
ord664
ord2209
ord6680
ord6674
ord4223
ord3553
ord4643
ord1698
ord2279
ord4497
ord1605
ord2105
ord6771
ord1492
ord692
ord4117
ord2902
ord3762
ord614
ord1177
ord338
ord3227
ord3568
ord2282
ord4498
ord2130
ord2591
ord1361
ord2082
ord585
ord3651
ord3270
ord2137
ord5594
ord5388
ord2622
ord5635
ord6774
ord5578
ord3659
ord1429
ord5414
ord1436
ord2227
ord2265
ord2269
ord2288
ord2297
ord2289
ord2078
ord4382
ord5785
ord4306
ord4602
ord6504
ord1724
ord1787
ord3150
ord787
ord553
ord3620
ord757
ord3845
ord1178
ord1030
ord1329
ord6493
ord6152
ord1144
ord4437
ord2097
ord2700
ord1588
ord6077
ord2143
ord2263
ord2469
ord3223
ord6497
ord6178
ord5876
ord2100
ord941
ord942
ord3143
ord686
ord5063
ord789
ord4513
ord6646
ord6760
ord1045
ord586
ord3663
ord3408
ord4280
ord1681
ord794
ord590
ord1868
ord6525
ord3611
ord4474
ord2254
ord3413
ord6810
ord1222
ord3920
ord6787
ord314
ord589
ord6255
ord4502
ord775
ord1783
ord1718
ord3641
ord4507
ord2904
ord4617
ord611
ord2274
ord1668
ord4638
ord3480
ord1607
ord1211
ord5963
ord5997
ord1062
ord2084
ord2899
ord2360
ord663
ord374
ord404
ord1108
ord607
ord1769
ord1666
ord3473
ord750
ord1779
ord1710
ord3617
ord777
ord2283
ord1720
ord4646
ord3643
ord3213
ord305
ord6613
ord1611
ord4760
ord1110
ord1111
ord3783
ord3980
ord5965
ord5808
ord729
ord4807
ord3126
ord4890
ord3485
ord491
ord587
ord1145
ord2752
ord2532
ord791
ord796
ord1536
ord3049
ord453
ord702
ord5756
ord4444
ord2481
ord2505
ord6676
ord6682
ord6710
ord4292
ord301
ord3796
ord4337
ord480
ord1369
ord6802
ord5761
ord436
ord1691
ord569
ord945
ord2691
ord6797
ord3183
ord2152
ord770
ord481
ord1424
ord1709
ord4409
ord2141
ord3676
ord2197
ord524
ord744
ord4516
ord6048
ord1220
ord1259
ord2753
ord6046
ord6552
ord6043
ord6546
ord4565
ord6549
ord6352
ord6527
ord6166
ord6084
ord5846
ord5833
ord6398
ord6157
ord3504
ord6554
ord4431
ord2698
ord5636
ord4668
ord639
ord2372
ord1387
ord4529
ord6074
ord3477
ord265
ord6791
ord266
ord2566
ord5750
ord1247
ord3579
ord1603
ord6492
ord6495
ord1855
ord4295
ord2351
ord6473
ord3674
ord6201
ord5372
ord711
ord6113
ord3578
ord463
ord1254
ord1258
ord3940
ord5828
ord4030
ord4116
ord6559
ord6615
ord2896
ord337
ord6023
ord6079
ord3175
ord5957
ord613
ord2069
ord2592
ord6153
ord3730
ord580
ord781
ord3519
ord654
ord4392
ord4506
ord6170
ord2470
ord333
ord320
ord525
ord6078
ord4527
ord4396
ord3479
ord3612
ord2588
ord1061
ord1252
ord1087
ord3726
ord1265
ord3856
ord2587
ord1358
ord3528
ord2106
ord3534
ord798
ord2327
ord4311
ord6291
ord367
ord636
ord820
ord1357
ord1137
ord5835
ord899
ord4222
ord2480
ord3178
ord817
ord5851
ord3987
ord4993
ord316
ord2539
ord6257
ord1938
ord5615
ord5309
ord2208
ord1810
ord1809
ord1678
ord3344
ord6388
ord1496
ord3506
ord4650
ord615
ord2103
ord1604
ord4496
ord2277
ord1670
ord3346
ord6391
ord1755
ord1752
ord4331
ord1497
ord4640
ord5585
ord2074
ord5497
ord6780
ord4589
ord5647
ord3732
ord5139
ord4688
ord1729
ord6446
ord5668
ord5666
ord958
ord963
ord967
ord965
ord969
ord2610
ord2630
ord2614
ord2620
ord2618
ord2616
ord2633
ord2628
ord2612
ord2635
ord2623
ord2605
ord2607
ord2625
ord2375
ord2368
ord1644
ord6784
ord4160
ord6782
ord3671
ord5389
ord6356
ord3218
ord1446
ord5608
ord2139
ord1792
ord1791
ord1728
ord5633
ord2766
ord2978
ord3107
ord4714
ord2961
ord3135
ord2769
ord2888
ord2759
ord3277
ord4066
ord4067
ord4057
ord2886
ord4334
ord4895
ord4667
ord3487
ord595
ord5152
ord1760
ord1183
ord910
ord300
ord310
ord1186
ord519
ord518
ord601
ord484
ord485
ord833
ord5842
ord825
ord800
ord6783
ord4159
ord6781
ord4733
ord2251
ord2206
ord6018
ord4165
ord1046
ord5533
ord6721
ord5813
ord4199
ord2087
ord3209
ord5657
ord5659
ord2447
ord4333
ord4981
ord5663
ord5646
ord6001
ord3110
ord1435
ord1276

msvcr90

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
?terminate@@YAXXZ
_stricmp
_except_handler4_common
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_crt_debugger_hook
atol
_ecvt
vsprintf
_mbsnbcpy
__RTDynamicCast
malloc
free
ceil
floor
qsort
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
_setmbcp
_localtime64_s
??0exception@std@@QAE@ABQBD@Z
memmove_s
memcpy_s
exit
sscanf
__argv
strncpy
strftime
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
rand
_controlfp_s
strtoul
_time64
_localtime64
_mbscmp
sprintf
memcpy
strrchr
memset
atof
__CxxFrameHandler3

kernel32

LockResource
LoadResource
FindResourceA
lstrcmpiA
lstrlenA
lstrlenW
GetCPInfo
lstrcpyA
GlobalFree
_lread
_llseek
_lclose
OpenFile
GetLocaleInfoA
Sleep
FreeLibrary
GetWindowsDirectoryA
ReleaseMutex
TerminateThread
GetCurrentThread
InterlockedExchange
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
FreeResource
WideCharToMultiByte
GetVersion
CopyFileA
WriteFile
GetCurrentDirectoryA
CreateFileA
GetFileSize
GetSystemTimeAsFileTime
ReadFile
SetCurrentDirectoryA
ExitProcess
CreateMutexA
SetThreadLocale
GetLocalTime
WritePrivateProfileStructA
GetPrivateProfileStructA
GetTickCount
DeleteFileA
ResumeThread
WaitForSingleObject
GlobalSize
GlobalReAlloc
MulDiv
GetLastError
SetLastError
LoadLibraryA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThreadId
GetModuleFileNameA
GlobalAlloc
GlobalLock
GlobalUnlock
MultiByteToWideChar
CloseHandle
GetFileAttributesA
CreateDirectoryA
GetModuleHandleA
GetProcAddress
GetCurrentProcess
GetVersionExA

user32

GetForegroundWindow
wsprintfA
ReleaseDC
GetDC
SystemParametersInfoA
SetRect
InflateRect
FillRect
FrameRect
DrawEdge
LoadCursorA
DrawTextA
GetSysColor
GetCursorPos
SetCursor
PostMessageA
GetParent
GetKeyState
IsWindow
PtInRect
IntersectRect
InvertRect
GetClientRect
ScreenToClient
SetTimer
KillTimer
GetCapture
SetCapture
GetFocus
TabbedTextOutA
DrawTextExA
GrayStringA
DefWindowProcA
GetClassInfoA
IsClipboardFormatAvailable
GetMessagePos
ClipCursor
ReleaseCapture
EndDialog
MessageBoxA
RegisterWindowMessageA
GetDesktopWindow
GetWindow
GetPropA
CheckMenuItem
LoadIconA
SetPropA
SetFocus
MessageBeep
GetMenuItemID
GetSubMenu
LoadMenuA
TrackPopupMenu
SetMenuDefaultItem
CopyRect
WindowFromDC
DrawFocusRect
GetDialogBaseUnits
LoadBitmapA
CreateMenu
CreatePopupMenu
AppendMenuA
GetMenuItemCount
GetMenuState
ModifyMenuA
DestroyIcon
DrawIconEx
GetSysColorBrush
GetMenuItemInfoA
IsMenu
DrawStateA
CreateIconIndirect
GetIconInfo
OffsetRect
ClientToScreen
GetActiveWindow
GetNextDlgTabItem
WindowFromPoint
GetWindowLongA
DestroyCursor
LoadImageA
GetWindowDC
RedrawWindow
SetRectEmpty
IsRectEmpty
UpdateWindow
ShowWindow
GetWindowTextA
IsWindowVisible
PostQuitMessage
PeekMessageA
CopyIcon
GetDoubleClickTime
GetWindowRect
SetWindowPos
GetSystemMetrics
SetForegroundWindow
SendMessageA
EnableWindow
InvalidateRect

gdi32

EndDoc
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
EndPage
StartPage
StartDocA
SetPixel
BitBlt
GetBkMode
Ellipse
Rectangle
PatBlt
GetPixel
GetTextExtentPoint32W
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
CreatePen
GetCurrentObject
GetTextMetricsA
GetTextExtentPoint32A
CreateFontIndirectA
GetDeviceCaps
CreateSolidBrush
GetViewportOrgEx
SelectPalette
RealizePalette
GetDIBits
SetViewportOrgEx
StretchDIBits
Polyline
Polygon
LPtoDP
DPtoLP
GetTextColor
ResetDCA
GetMapMode
CreateBitmap
SetBkColor
GetStockObject
CreateDIBSection
SelectObject
DeleteObject
DeleteDC

comdlg32

CommDlgExtendedError
PrintDlgA

advapi32

RegCreateKeyExA
RegSetValueExA
GetTokenInformation
OpenProcessToken
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA

shell32

ShellExecuteExA
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
Shell_NotifyIconA

comctl32

_TrackMouseEvent
InitCommonControlsEx

oleaut32

VarUdateFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear

msvcp90

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

ws2_32

__WSAFDIsSet
select
recv
recvfrom
shutdown
closesocket
accept
gethostname
gethostbyname
ntohs

winmm

PlaySoundA

Sections

.text
Size: 451KB - Virtual size: 450KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 471KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 289KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HELP/DeskCalc_uk.chm
.chm
Module/Disagio.exe
.exe windows:4 windows x86 arch:x86

c035df825e2c8ae16eb9d2c25f280b1a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord561
ord815
ord537
ord2621
ord1134
ord6877
ord926
ord6055
ord1776
ord5290
ord3402
ord3610
ord1146
ord567
ord2298
ord2370
ord2302
ord6334
ord2379
ord755
ord470
ord2688
ord640
ord763
ord2405
ord6021
ord483
ord4160
ord1640
ord2527
ord482
ord323
ord859
ord1829
ord4275
ord3573
ord3663
ord3626
ord2414
ord3619
ord1641
ord922
ord536
ord4129
ord2763
ord939
ord3874
ord6199
ord2915
ord5856
ord5710
ord4278
ord4220
ord2584
ord3654
ord2438
ord6270
ord2863
ord1644
ord6874
ord5933
ord3758
ord3408
ord3227
ord3810
ord2864
ord940
ord3337
ord3811
ord2859
ord1871
ord4133
ord4297
ord5788
ord2860
ord472
ord2380
ord1567
ord268
ord283
ord2754
ord4277
ord1949
ord5821
ord3662
ord812
ord818
ord2841
ord1200
ord1205
ord1176
ord414
ord559
ord713
ord2809
ord2970
ord1270
ord1727
ord4299
ord6880
ord4287
ord6144
ord3089
ord3571
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6172
ord5873
ord5789
ord5794
ord5678
ord5736
ord2512
ord5571
ord6061
ord5864
ord3596
ord5785
ord5053
ord3693
ord2652
ord1669
ord1706
ord430
ord786
ord2461
ord3318
ord5572
ord6389
ord941
ord519
ord6311
ord6283
ord6282
ord2784
ord4171
ord5445
ord703
ord404
ord3216
ord4042
ord2504
ord5903
ord5510
ord1652
ord429
ord4083
ord3754
ord3752
ord6128
ord2634
ord6141
ord2233
ord4045
ord5981
ord2107
ord6605
ord4333
ord2814
ord2096
ord384
ord5450
ord5440
ord6383
ord6394
ord4544
ord3274
ord3579
ord439
ord736
ord5495
ord5685
ord4226
ord2089
ord816
ord562
ord3742
ord2152
ord613
ord5787
ord6197
ord6379
ord289
ord6215
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4853
ord4376
ord5265
ord2764
ord6779
ord5216
ord3054
ord3425
ord3880
ord535
ord2818
ord2614
ord5860
ord5875
ord858
ord6142
ord823
ord1168
ord3517
ord825
ord540
ord2554
ord4486
ord6375
ord4274
ord4673
ord4710
ord656
ord4234
ord641
ord324
ord3597
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5579
ord5261
ord500
ord6194
ord860
ord800
ord1232
ord772
ord1576

msvcrt

_iob
__set_app_type
_setmbcp
__CxxFrameHandler
_ftol
vsprintf
_mbscmp
_ecvt
sprintf
atof
atoi
tolower
_purecall
strtoul
_except_handler3
strrchr
malloc
free
memmove
realloc
strstr
exit
fprintf
?terminate@@YAXXZ
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_controlfp

kernel32

GetPrivateProfileIntA
GetModuleFileNameA
GetFileAttributesA
CreateDirectoryA
GetModuleHandleA
GetTickCount
GlobalSize
GetVersionExA
GetLocaleInfoA
GetLocalTime
GetSystemTime
SetThreadLocale
_lread
GlobalAlloc
GlobalReAlloc
GlobalFree
OpenFile
_llseek
_lclose
MulDiv
lstrcpyA
GlobalLock
GlobalUnlock
GetStartupInfoA

user32

ClientToScreen
LoadIconA
SetRectEmpty
IsRectEmpty
EnableWindow
RegisterWindowMessageA
FillRect
WindowFromPoint
IsWindowVisible
CopyRect
GetDoubleClickTime
GetCapture
ReleaseCapture
SetCapture
ClipCursor
SetTimer
PtInRect
InvertRect
GetMessagePos
IsClipboardFormatAvailable
GrayStringA
TabbedTextOutA
GetCursorPos
ScreenToClient
KillTimer
GetKeyState
IntersectRect
GetWindowRect
GetClassInfoA
DefWindowProcA
IsWindow
LoadCursorA
SetCursor
FrameRect
DrawEdge
InflateRect
DrawTextA
GetDC
ReleaseDC
SystemParametersInfoA
GetParent
PostMessageA
GetFocus
LoadMenuA
GetSubMenu
InvalidateRect
GetSysColor
SetRect
IsIconic
SendMessageA
GetSystemMetrics
DrawIcon
GetClientRect

gdi32

GetTextMetricsA
DPtoLP
Rectangle
CreateFontIndirectA
LPtoDP
StretchDIBits
EndDoc
EndPage
StartPage
StartDocA
GetObjectA
CreateSolidBrush
GetTextExtentPoint32A
Polyline
BitBlt
GetBkColor
CreateCompatibleBitmap
CreateCompatibleDC
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateFontA
PatBlt
GetTextColor
CreatePen
Polygon
GetStockObject
SelectObject
DeleteObject
GetCurrentObject
GetDeviceCaps
GetMapMode

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

comctl32

ord17
ImageList_Draw
ImageList_GetImageInfo
ImageList_AddMasked

Sections

.text
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Module/Tilg2.exe
.exe windows:4 windows x86 arch:x86

30d7c8aeec6963034886d1d196846219

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5290
ord3402
ord3610
ord3573
ord6055
ord1776
ord4424
ord567
ord3626
ord3663
ord2414
ord3619
ord1641
ord922
ord536
ord4129
ord537
ord2763
ord939
ord3874
ord6199
ord2915
ord5856
ord5710
ord4278
ord4220
ord2584
ord3654
ord2438
ord6270
ord2863
ord1644
ord1146
ord2379
ord6874
ord5933
ord3758
ord3408
ord3227
ord3810
ord2864
ord859
ord940
ord3337
ord3811
ord640
ord1640
ord323
ord5981
ord1200
ord5572
ord2859
ord1871
ord4133
ord4297
ord5788
ord2860
ord472
ord2380
ord1567
ord268
ord283
ord2754
ord4277
ord2089
ord925
ord816
ord4299
ord5789
ord562
ord941
ord3089
ord6334
ord1949
ord5821
ord3662
ord812
ord818
ord2841
ord1205
ord1176
ord414
ord559
ord713
ord2809
ord2970
ord1270
ord1232
ord6880
ord4287
ord6144
ord3571
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord6172
ord5873
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord755
ord5785
ord470
ord5053
ord3693
ord2652
ord1669
ord1706
ord430
ord786
ord2461
ord3318
ord6389
ord519
ord1727
ord6283
ord6282
ord2784
ord4171
ord5445
ord703
ord404
ord3216
ord4042
ord2504
ord5903
ord5510
ord1652
ord429
ord4083
ord3754
ord3752
ord6128
ord2634
ord6141
ord3984
ord4275
ord5859
ord5862
ord2233
ord4045
ord5610
ord5604
ord4160
ord2107
ord6605
ord763
ord483
ord2527
ord482
ord4333
ord2814
ord3127
ord3616
ord798
ord1997
ord6407
ord5651
ord5194
ord350
ord533
ord5466
ord2096
ord384
ord5450
ord5440
ord6383
ord6394
ord4544
ord3274
ord4622
ord3579
ord439
ord736
ord5495
ord5685
ord4226
ord2575
ord4396
ord3574
ord2358
ord2301
ord2302
ord2086
ord3092
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3738
ord561
ord815
ord2621
ord1134
ord926
ord6877
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord3708
ord554
ord2370
ord2298
ord5655
ord2645
ord4163
ord2120
ord2642
ord2688
ord3177
ord2515
ord355
ord924
ord2405
ord3742
ord2152
ord613
ord5787
ord6197
ord6379
ord289
ord6215
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4853
ord4376
ord5265
ord2764
ord6779
ord5216
ord3054
ord3425
ord3880
ord535
ord2818
ord2614
ord5860
ord5875
ord858
ord6142
ord823
ord1168
ord3517
ord825
ord540
ord500
ord6194
ord1829
ord4710
ord609
ord807
ord656
ord781
ord616
ord4234
ord641
ord324
ord3597
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord3989
ord5261
ord860
ord800
ord6311
ord772
ord1576

msvcrt

_iob
__set_app_type
_strcmpi
_setmbcp
__CxxFrameHandler
_ftol
vsprintf
_mbscmp
_ecvt
sprintf
atof
atoi
tolower
_except_handler3
strrchr
_purecall
strtoul
floor
malloc
free
memmove
realloc
strstr
exit
fprintf
?terminate@@YAXXZ
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_controlfp

kernel32

GetTickCount
GetSystemTime
SetThreadLocale
GlobalSize
GetLocalTime
GetPrivateProfileIntA
GetModuleFileNameA
GetFileAttributesA
CreateDirectoryA
GetModuleHandleA
GetVersionExA
GetLocaleInfoA
_lread
GlobalAlloc
GlobalReAlloc
GlobalFree
OpenFile
_llseek
_lclose
MulDiv
lstrcpyA
GlobalLock
GlobalUnlock
GetStartupInfoA

user32

LoadIconA
OffsetRect
GetWindow
DrawIcon
IsIconic
GetDoubleClickTime
CopyRect
SetTimer
WindowFromPoint
ClientToScreen
IsRectEmpty
EnableWindow
RegisterWindowMessageA
FillRect
PtInRect
InvertRect
GetFocus
GetMessagePos
IsClipboardFormatAvailable
GrayStringA
TabbedTextOutA
GetCursorPos
ScreenToClient
KillTimer
IntersectRect
GetCapture
DefWindowProcA
IsWindow
GetClientRect
GetKeyState
SetRect
LoadCursorA
SetCursor
FrameRect
DrawEdge
InflateRect
DrawTextA
GetDC
ReleaseDC
SystemParametersInfoA
GetSystemMetrics
GetWindowRect
ReleaseCapture
SetCapture
GetClassInfoA
ClipCursor
GetParent
PostMessageA
LoadMenuA
GetSubMenu
InvalidateRect
SendMessageA
GetSysColor
IsWindowVisible
SetRectEmpty

gdi32

GetTextMetricsA
DPtoLP
Rectangle
CreateFontIndirectA
LPtoDP
StretchDIBits
GetObjectA
CreateSolidBrush
GetTextExtentPoint32A
GetCurrentObject
BitBlt
GetBkColor
Polyline
CreateCompatibleDC
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
EndDoc
EndPage
StartPage
StartDocA
CreateFontA
PatBlt
GetTextColor
CreatePen
Polygon
GetStockObject
SelectObject
DeleteObject
CreateCompatibleBitmap
GetDeviceCaps
GetMapMode

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

comctl32

ImageList_Draw
ImageList_GetImageInfo
ImageList_AddMasked
ord17

Sections

.text
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Module/Zinsen.exe
.exe windows:4 windows x86 arch:x86

62d12a0ec34a92b45108e939dfffd201

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3079
ord4080
ord4627
ord4425
ord3597
ord324
ord825
ord641
ord4234
ord656
ord795
ord616
ord4376
ord1146
ord1168
ord4710
ord823
ord1829
ord4275
ord6055
ord1776
ord5290
ord3402
ord4424
ord3610
ord3573
ord567
ord3663
ord3626
ord2414
ord3619
ord1641
ord922
ord536
ord4129
ord537
ord858
ord2763
ord860
ord939
ord3874
ord6199
ord2915
ord5856
ord5710
ord4278
ord4220
ord2584
ord3654
ord2438
ord6270
ord2863
ord1644
ord2379
ord6874
ord5933
ord3758
ord3408
ord3227
ord2864
ord859
ord940
ord3825
ord3811
ord3692
ord3571
ord640
ord4133
ord4297
ord926
ord4200
ord5785
ord2450
ord2557
ord1640
ord323
ord5875
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord1134
ord6877
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord3721
ord2358
ord2370
ord2298
ord2302
ord6334
ord755
ord470
ord2642
ord3092
ord2688
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4853
ord5265
ord2764
ord6779
ord5216
ord3054
ord3425
ord3880
ord540
ord2818
ord535
ord3337
ord800
ord1576

msvcrt

_iob
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_setmbcp
__CxxFrameHandler
_mbscmp
_ecvt
sprintf
atof
atoi
tolower
_ftol
atol
_except_handler3
strrchr
malloc
free
memmove
realloc
strstr
exit
fprintf
__dllonexit
_onexit
?terminate@@YAXXZ
_controlfp

kernel32

GetStartupInfoA
GetPrivateProfileIntA
GetModuleFileNameA
GetFileAttributesA
CreateDirectoryA
GetModuleHandleA
GetLocaleInfoA
GlobalFree
GlobalUnlock
GlobalLock
GlobalReAlloc
GlobalAlloc
MulDiv
SetThreadLocale
GetSystemTime

user32

GetForegroundWindow
GetWindowTextA
GetDC
ReleaseDC
GetClientRect
GetDesktopWindow
GetWindowRect
CopyRect
OffsetRect
SetWindowPos
UpdateWindow
GetWindowDC
ShowWindow
MessageBoxA
GetParent
PostMessageA
LoadMenuA
GetSubMenu
GetSysColor
EnableWindow
RegisterWindowMessageA
IsIconic
DrawIcon
LoadIconA
SendMessageA
ClientToScreen
GetSystemMetrics

gdi32

GetTextExtentPoint32A
GetStockObject
SelectPalette
RealizePalette
GetDIBits
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
ResetDCA
PatBlt
StartDocA
StartPage
StretchDIBits
EndPage
EndDoc
DeleteDC
CreateSolidBrush
CreateFontIndirectA
GetObjectA

comdlg32

PrintDlgA
CommDlgExtendedError

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

comctl32

ord17

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RES/10prozent.bmp
RES/page0.jpg
.jpg
RES/page1.jpg
.jpg
RES/page2.jpg
.jpg
RES/page3.jpg
.jpg
RES/page4.jpg
.jpg
RES/page5.jpg
.jpg
RES/page_uk0.jpg
.jpg
RES/page_uk1.jpg
.jpg
RES/page_uk2.jpg
.jpg
RES/page_uk3.jpg
.jpg
RES/page_uk4.jpg
.jpg
RES/page_uk5.jpg
.jpg
Styles/Office2007.dll
.dll windows:4 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e7:b5:76:07:2b:e2:21:98:b1:73:18:ba:88:a6:16
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

02/10/2012, 00:00

Not After

19/10/2013, 23:59

Subject

CN=Codejock Technologies\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Codejock Software,O=Codejock Technologies\, LLC,L=Owosso,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

05:13:21:86:fb:57:da:09:7b:f7:83:ca:bb:a1:5f:07:99:68:b0:dd
Signer

Actual PE Digest

05:13:21:86:fb:57:da:09:7b:f7:83:ca:bb:a1:5f:07:99:68:b0:dd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Styles/Office2010.dll
.dll windows:4 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e7:b5:76:07:2b:e2:21:98:b1:73:18:ba:88:a6:16
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

02/10/2012, 00:00

Not After

19/10/2013, 23:59

Subject

CN=Codejock Technologies\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Codejock Software,O=Codejock Technologies\, LLC,L=Owosso,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ea:c5:1c:3c:f5:f0:cd:9c:cf:f0:53:54:0b:4d:15:b0:c4:29:c8:e9
Signer

Actual PE Digest

ea:c5:1c:3c:f5:f0:cd:9c:cf:f0:53:54:0b:4d:15:b0:c4:29:c8:e9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Styles/Office2013.dll
.dll windows:4 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e7:b5:76:07:2b:e2:21:98:b1:73:18:ba:88:a6:16
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

02/10/2012, 00:00

Not After

19/10/2013, 23:59

Subject

CN=Codejock Technologies\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Codejock Software,O=Codejock Technologies\, LLC,L=Owosso,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:7c:25:94:0c:43:19:6a:8a:ba:3b:75:22:1b:f3:2f:f4:87:11:f6
Signer

Actual PE Digest

78:7c:25:94:0c:43:19:6a:8a:ba:3b:75:22:1b:f3:2f:f4:87:11:f6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Styles/Windows7.dll
.dll windows:4 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e7:b5:76:07:2b:e2:21:98:b1:73:18:ba:88:a6:16
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

02/10/2012, 00:00

Not After

19/10/2013, 23:59

Subject

CN=Codejock Technologies\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Codejock Software,O=Codejock Technologies\, LLC,L=Owosso,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ee:6b:93:57:58:47:69:ae:0d:38:63:e3:ed:68:29:45:71:b6:d9:3a
Signer

Actual PE Digest

ee:6b:93:57:58:47:69:ae:0d:38:63:e3:ed:68:29:45:71:b6:d9:3a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 496KB - Virtual size: 495KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Uninstall.exe
.exe windows:4 windows x86 arch:x86

7c2c71dfce9a27650634dc8b1ca03bf0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CreateFileA
GetFileSize
GetModuleFileNameA
ReadFile
GetCurrentProcess
CopyFileA
Sleep
GetTickCount
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
ExitProcess
SetFileAttributesA
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
GetExitCodeProcess
WaitForSingleObject
CompareFileTime
SetFileTime
GetFileAttributesA
SetCurrentDirectoryA
MoveFileA
GetFullPathNameA
GetShortPathNameA
SearchPathA
CloseHandle
lstrcmpiA
GlobalUnlock
GetDiskFreeSpaceA
lstrcmpA
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
SetFilePointer
GetPrivateProfileStringA
WritePrivateProfileStringA
MulDiv
MultiByteToWideChar
FreeLibrary
LoadLibraryExA
GetModuleHandleA
GlobalAlloc
GlobalFree
ExpandEnvironmentStringsA

user32

GetSystemMenu
SetClassLongA
EnableMenuItem
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ScreenToClient
GetWindowRect
GetDlgItem
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
LoadImageA
CreateDialogParamA
SetTimer
SetWindowTextA
SetForegroundWindow
ShowWindow
SetWindowLongA
SendMessageTimeoutA
FindWindowExA
IsWindow
AppendMenuA
TrackPopupMenu
CreatePopupMenu
DrawTextA
EndPaint
DestroyWindow
wsprintfA
PostQuitMessage

gdi32

SelectObject
SetTextColor
SetBkMode
CreateFontIndirectA
CreateBrushIndirect
DeleteObject
GetDeviceCaps
SetBkColor

shell32

SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA

advapi32

AdjustTokenPrivileges
RegCreateKeyExA
RegOpenKeyExA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ord17
ImageList_Destroy

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

274b99a815ba574d8c9e1712916d8b30

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GlobalAlloc
lstrcmpA
GetModuleHandleA
lstrlenA
MulDiv
lstrcpynA
GetACP
lstrcpyA

user32

SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
SetWindowTextA
LoadIconA
GetDC
ShowWindow
SendMessageA

gdi32

DeleteObject
CreateFontIndirectA
GetDeviceCaps

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 362B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
convert/area.all
convert/area.conv
convert/density.all
convert/density.conv
convert/dynvisc.all
convert/dynvisc.conv
convert/energy.all
convert/energy.conv
convert/force.all
convert/force.conv
convert/kinvisc.all
convert/kinvisc.conv
convert/length.all
convert/length.conv
convert/mass.all
convert/mass.conv
convert/power.all
convert/power.conv
convert/pressure.all
convert/pressure.conv
convert/temperature.all
convert/temperature.conv
convert/volume.all
convert/volume.conv
dc_logo.bmp
dc_logo_uk.bmp
deskcalc.exe
.exe windows:6 windows x86 arch:x86

179b6f678b4969e5a6f996a6a63b9979

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\DeskCalc10\Release\deskcalc.pdb

Imports

wininet

FtpRenameFileA
FtpOpenFileA
FtpCreateDirectoryA
FtpRemoveDirectoryA
FtpSetCurrentDirectoryA
FtpGetCurrentDirectoryA
FtpCommandA
GopherCreateLocatorA
GopherFindFirstFileA
GopherOpenFileA
GopherGetAttributeA
FtpDeleteFileA
HttpSendRequestExA
HttpEndRequestA
InternetSetCookieA
InternetGetCookieA
HttpSendRequestA
HttpQueryInfoA
InternetErrorDlg
FtpPutFileA
FtpGetFileA
FtpFindFirstFileA
InternetGetLastResponseInfoA
InternetSetOptionExA
InternetQueryOptionA
InternetFindNextFileA
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetOpenUrlA
HttpOpenRequestA
InternetSetStatusCallback
InternetReadFile
InternetConnectA
InternetCanonicalizeUrlA
HttpAddRequestHeadersA
InternetOpenA
InternetCloseHandle
InternetCrackUrlA

mpr

WNetGetUniversalNameA

winmm

PlaySoundA

kernel32

SetFilePointerEx
GetTimeZoneInformation
UnhandledExceptionFilter
CreateSemaphoreW
GetStringTypeW
SetConsoleCtrlHandler
ReadConsoleW
GetFileAttributesExW
SetFileAttributesW
CreateDirectoryW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDriveTypeW
OutputDebugStringW
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
WriteConsoleW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateFileW
SetEnvironmentVariableA
lstrcpynA
lstrcatA
GetUserDefaultLangID
lstrlenW
GetExitCodeThread
ResetEvent
EnumResourceTypesA
EnumResourceNamesA
EnumResourceLanguagesA
GetTimeFormatA
GetDateFormatA
GetPrivateProfileSectionNamesA
InitializeCriticalSectionEx
LoadResource
LockResource
SizeofResource
FindResourceW
WideCharToMultiByte
SetLastError
lstrlenA
GetModuleFileNameA
GetCurrentThreadId
DeleteFileA
GetLocalTime
MultiByteToWideChar
GetLocaleInfoA
CreateDirectoryA
FindFirstFileA
GetFileAttributesA
CloseHandle
GetCurrentProcess
GetVersionExA
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalLock
GlobalUnlock
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
SetCurrentDirectoryA
GetCurrentDirectoryA
CreateFileA
ReadFile
WriteFile
GetLastError
GlobalSize
GlobalFree
FindResourceA
GetPrivateProfileStructA
WritePrivateProfileStructA
Beep
Sleep
GetVersion
CreateMutexA
SetPriorityClass
CopyFileA
SetErrorMode
InterlockedDecrement
ExitProcess
MulDiv
GetTickCount
GetFileSize
LocalFree
FormatMessageA
GlobalReAlloc
lstrcpyA
OpenFile
_lread
_lclose
_llseek
FreeResource
lstrcmpiA
GetCPInfo
WaitForSingleObject
ResumeThread
FreeLibrary
LoadLibraryA
SetFilePointer
SetUnhandledExceptionFilter
VirtualQuery
IsBadWritePtr
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
FindClose
GetWindowsDirectoryA
InterlockedIncrement
SuspendThread
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
ReleaseMutex
GetCurrentThread
TerminateThread
GetCalendarInfoA
GetDriveTypeA
GetSystemDirectoryA
GetTempPathA
GetComputerNameA
HeapAlloc
HeapFree
GetProcessHeap
OpenProcess
TerminateProcess
SearchPathA
GetProfileIntA
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
GetFileAttributesW
OutputDebugStringA
EncodePointer
DecodePointer
GetSystemDirectoryW
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
LoadLibraryW
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
CompareStringA
GetCurrentProcessId
FlushFileBuffers
GetFullPathNameA
LockFile
SetEndOfFile
UnlockFile
DuplicateHandle
LoadLibraryExA
GetShortPathNameA
MoveFileA
GetVolumeInformationA
GetThreadLocale
GetStringTypeExA
lstrcmpA
SetEvent
CreateEventA
SetThreadPriority
FileTimeToSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
FindNextFileA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
LocalFileTimeToFileTime
SetFileAttributesA
SetFileTime
LocalAlloc
ReleaseSemaphore
WaitForMultipleObjects
CreateSemaphoreA
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalReAlloc
GetAtomNameA
GlobalFlags
GetACP
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetOEMCP
VerSetConditionMask
VerifyVersionInfoA
GetTempFileNameA
GetDiskFreeSpaceA
ReplaceFileA
GetUserDefaultLCID
VirtualProtect
FindResourceExW
LocalLock
LocalUnlock
RaiseException
RtlUnwind
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
GetModuleHandleExW
AreFileApisANSI
GetSystemInfo
VirtualAlloc
GetFileInformationByHandle
GetFileType
PeekNamedPipe
CreateThread
ExitThread
HeapReAlloc
GetCommandLineA
SetStdHandle
HeapSize
HeapQueryInformation
GetStartupInfoW
GetStdHandle
IsValidCodePage
GetConsoleCP
GetConsoleMode
FatalAppExitA

user32

ScrollWindow
ValidateRect
TrackPopupMenuEx
SetMenu
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
CreateWindowExA
GetClassInfoExA
RegisterClassA
GetMessageTime
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
SendDlgItemMessageA
GetMenuStringA
SetWindowTextA
SetMenuDefaultItem
TrackPopupMenu
LoadBitmapA
GetTopWindow
SetParent
AdjustWindowRectEx
EndPaint
BeginPaint
GetDlgCtrlID
PostQuitMessage
wvsprintfA
EndDialog
ShowCaret
HideCaret
CopyIcon
SetWindowLongA
CallWindowProcA
GetIconInfo
CreateIconIndirect
DestroyCursor
GetWindowLongA
DrawStateA
GetActiveWindow
GetNextDlgTabItem
DrawIconEx
DestroyIcon
LoadBitmapW
GetSysColorBrush
GetMenuItemInfoA
DeleteMenu
RemoveMenu
ModifyMenuA
AppendMenuA
InsertMenuA
CreatePopupMenu
CreateMenu
GetMenuState
DrawFocusRect
WindowFromDC
GetDialogBaseUnits
GetWindowDC
UpdateWindow
IntersectRect
InvertRect
ClipCursor
TabbedTextOutA
GrayStringA
DrawTextExA
IsClipboardFormatAvailable
GetMessagePos
ShowCursor
OffsetRect
DrawFrameControl
FrameRect
FillRect
SetCursor
DrawTextA
DrawEdge
SystemParametersInfoA
ReleaseDC
SetScrollPos
CopyRect
WindowFromPoint
ScreenToClient
ClientToScreen
ReleaseCapture
SetCapture
GetCapture
IsWindowVisible
GetClassInfoA
GetDoubleClickTime
DefWindowProcA
GetMonitorInfoA
MonitorFromWindow
CharUpperA
LoadImageA
PtInRect
EqualRect
IsRectEmpty
InflateRect
SetRectEmpty
MessageBeep
RemovePropA
SetPropA
DrawIcon
GetMenuItemCount
GetMenuItemID
GetSubMenu
EnableMenuItem
CheckMenuItem
DrawMenuBar
GetMenu
LoadMenuW
LoadAcceleratorsA
GetClipboardData
CloseWindow
IsMenu
IsWindow
PostMessageA
RegisterHotKey
GetKeyboardLayout
ChangeWindowMessageFilter
GetWindow
GetTabbedTextExtentA
GetWindowRgn
GetDesktopWindow
GetPropA
GetWindowInfo
EnumChildWindows
InSendMessage
SendNotifyMessageA
SubtractRect
GetScrollPos
SetRect
MessageBoxA
GetClassNameA
EnumWindows
FindWindowA
GetWindowTextA
MapVirtualKeyA
SendInput
VkKeyScanA
SetFocus
ShowWindow
PeekMessageA
DispatchMessageA
TranslateMessage
GetParent
IsIconic
InvalidateRect
GetWindowThreadProcessId
SetForegroundWindow
GetForegroundWindow
keybd_event
SetScrollRange
GetScrollRange
ShowScrollBar
GetWindowTextLengthA
MapWindowPoints
GetClassLongA
GetLastActivePopup
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
GetKeyNameTextA
LoadIconA
SetScrollInfo
GetScrollInfo
WinHelpA
SetDlgItemInt
SetKeyboardState
GetKeyboardState
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
AttachThreadInput
wsprintfA
GetDC
GetFocus
GetDlgItemInt
SetDlgItemTextA
GetDlgItemTextA
CheckDlgButton
CheckRadioButton
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageA
LoadCursorA
CreateDialogIndirectParamA
GetUpdateRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
CharUpperBuffA
MapVirtualKeyExA
IsCharLowerA
WaitMessage
GetComboBoxInfo
GetDCEx
SetClassLongA
LockWindowUpdate
SetCursorPos
GetCursorPos
LoadIconW
GetSysColor
GetClientRect
EnableScrollBar
IsZoomed
TrackMouseEvent
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
UpdateLayeredWindow
UnionRect
GetClipboardFormatNameA
SendMessageTimeoutA
SetWindowLongW
GetWindowLongW
IsWindowUnicode
DrawAnimatedRects
CreateIconFromResourceEx
LookupIconIdFromDirectoryEx
GetMenuStringW
LoadMenuIndirectA
mouse_event
GetKeyboardLayoutList
GetUserObjectInformationA
CloseDesktop
OpenInputDesktop
GetCursor
CharNextW
LoadStringA
CharNextExA
RedrawWindow
GetSystemMetrics
SetWindowPos
MoveWindow
GetWindowRect
SetActiveWindow
EnableWindow
KillTimer
SetTimer
GetKeyState
SendMessageA
RegisterWindowMessageA
SetWindowRgn
LoadImageW
GetMenuDefaultItem
NotifyWinEvent
GetAsyncKeyState
GetSystemMenu
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
BringWindowToTop
EnumDisplayMonitors
LoadCursorW
SetLayeredWindowAttributes
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
PostThreadMessageA
UnregisterClassA
CopyImage
RealChildWindowFromPoint
MsgWaitForMultipleObjectsEx
GetTabbedTextExtentW
DestroyMenu
ShowOwnedPopups
CharNextA
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatA
MonitorFromPoint
GetMessageA
IsWindowEnabled

gdi32

SetBrushOrgEx
ExtTextOutW
StrokePath
StrokeAndFillPath
FillPath
EndPath
CloseFigure
BeginPath
GetBitmapBits
ExtCreateRegion
TranslateCharsetInfo
SelectObject
Rectangle
GetCurrentObject
CreateFontIndirectA
GetDeviceCaps
BitBlt
CreateMetaFileA
GetTextFaceA
GetStretchBltMode
GetPolyFillMode
GetNearestColor
GetROP2
SetPixelV
GetWindowOrgEx
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
SetPaletteEntries
RoundRect
OffsetRgn
EnumFontFamiliesExA
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
GetRgnBox
DeleteMetaFile
CloseMetaFile
SetRectRgn
CombineRgn
SetAbortProc
CreateRectRgnIndirect
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportExtEx
PolylineTo
PolyBezierTo
MoveToEx
ExtCreatePen
SetArcDirection
SelectClipPath
PolyDraw
ArcTo
SetColorAdjustment
ModifyWorldTransform
SetWorldTransform
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
SetTextAlign
SetTextCharacterExtra
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetGraphicsMode
SetMapperFlags
SetBkMode
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
CreateRectRgn
CreatePatternBrush
CreateDIBPatternBrushPt
CreateDCA
CopyMetaFileA
CreatePenIndirect
GetTextAlign
GetCharWidthA
ExtFloodFill
GetTextExtentPointA
CreateFontW
SetDIBColorTable
SetBitmapBits
SetViewportOrgEx
GetViewportOrgEx
GetColorAdjustment
StretchBlt
SetTextColor
SetBkColor
CreateBitmap
CreateDIBSection
GetTextExtentPoint32W
GetPixel
GetBkMode
Ellipse
CreateHatchBrush
CreateHalftonePalette
GetDIBColorTable
CreatePalette
SelectPalette
RealizePalette
GetDIBits
DeleteDC
StretchDIBits
Polyline
Polygon
LPtoDP
DPtoLP
GetTextColor
GetStockObject
ResetDCA
GetMapMode
ExtTextOutA
TextOutA
AbortDoc
DeleteEnhMetaFile
CreateEnhMetaFileA
CloseEnhMetaFile
SetPixel
RectVisible
PtVisible
GetBkColor
Escape
DeleteObject
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
GetTextMetricsA
PatBlt
GetTextExtentPoint32A
EndPage
StartPage
EndDoc
StartDocA
CreateSolidBrush
CreateFontA
GetObjectA
CreateICA

msimg32

TransparentBlt
AlphaBlend

comdlg32

CommDlgExtendedError
PrintDlgA

winspool.drv

GetJobA
ClosePrinter
DocumentPropertiesA
GetPrinterA
SetPrinterA
OpenPrinterA

advapi32

RegEnumKeyA
RegQueryValueA
RegEnumValueA
GetFileSecurityA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
OpenProcessToken
GetTokenInformation
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
GetUserNameA
RegSetValueA
RegOpenKeyExW
RegDeleteKeyA
RegEnumKeyExA
SetFileSecurityA

shell32

DragFinish
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA
ShellExecuteExA
SHFileOperationA
Shell_NotifyIconA
SHGetFileInfoA
SHBrowseForFolderA
SHGetDesktopFolder
SHAppBarMessage
DragQueryFileA
ExtractIconA
SHAddToRecentDocs

comctl32

_TrackMouseEvent
ImageList_GetIconSize
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_GetImageCount
InitCommonControlsEx
ImageList_Create
ImageList_GetImageInfo
ImageList_Draw
ImageList_Add
ImageList_DrawEx
ImageList_Destroy
ImageList_AddMasked

shlwapi

PathAddBackslashA
PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathRemoveExtensionA
PathRemoveFileSpecW
UrlUnescapeA
PathAppendA
StrFormatKBSizeA

uxtheme

CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeParentBackground
DrawThemeText
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme
OpenThemeData

ole32

OleRegGetMiscStatus
OleRegEnumVerbs
OleGetIconOfClass
OleSetContainedObject
OleSaveToStream
OleSave
OleLoad
OleCreateFromFile
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleCreate
WriteClassStm
CreateItemMoniker
CreateGenericComposite
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleQueryLinkFromData
CreateFileMoniker
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
OleLockRunning
OleQueryCreateFromData
OleIsRunning
OleSetMenuDescriptor
PropVariantCopy
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
CoRevokeClassObject
CoRegisterClassObject
CoGetClassObject
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
OleGetClipboard
CoCreateGuid
StringFromGUID2
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleRun
CLSIDFromProgID
CLSIDFromString
CoDisconnectObject
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
CreateBindCtx
CoTreatAsClass
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoInitialize
CoCreateInstance
CoInitializeEx
CoUninitialize
CoGetMalloc
GetRunningObjectTable
CreateDataAdviseHolder
GetClassFile
CreateOleAdviseHolder
OleCreateMenuDescriptor
GetHGlobalFromILockBytes

oleaut32

SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SysReAllocStringLen
SysStringLen
VariantChangeType
SysAllocStringByteLen
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
SysStringByteLen
VarUdateFromDate
SafeArrayCreateVector
VariantChangeTypeEx
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
OleCreateFontIndirect
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SysFreeString
SysAllocStringLen
GetErrorInfo
SetErrorInfo
CreateErrorInfo
OleLoadPicturePath
VariantInit
SysAllocString
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear

ws2_32

select
send
sendto
setsockopt
recvfrom
socket
gethostbyname
gethostname
getservbyname
recv
ntohs
ntohl
listen
inet_ntoa
inet_addr
htons
shutdown
htonl
WSAStartup
WSACleanup
__WSAFDIsSet
accept
bind
closesocket
connect
getpeername
getsockname

gdiplus

GdipDrawImageI
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipSetCompositingMode
GdipSetCompositingQuality
GdipFillRectangle
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipDrawString
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipFree
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipAlloc
GdipGetImageHeight

iphlpapi

GetAdaptersInfo

netapi32

NetApiBufferFree
NetShareEnum

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

oledlg

ord8
ord1
ord3
ord4
ord5
ord6
ord7
ord9

Sections

.text
Size: 6.8MB - Virtual size: 6.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 153KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
deskcalc_runner.exe
.exe windows:4 windows x86 arch:x86

6678bcbfa17155647155724d48c7d95a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord800
ord941
ord2864
ord860
ord540
ord2621
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord5300
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord1168
ord2379
ord755
ord470
ord5572
ord2919
ord2614
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4078
ord4673
ord1576

msvcrt

__set_app_type
_except_handler3
_controlfp
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_setmbcp
_strcmpi
__p___argv
__CxxFrameHandler
__dllonexit
_onexit
__p__fmode
_exit
_XcptFilter

kernel32

GetStartupInfoA
GetModuleHandleA
Sleep
GetLastError
CreateMutexA

user32

EnableWindow
GetClientRect
IsIconic
GetDesktopWindow
GetWindow
DrawIcon
GetSystemMetrics
GetPropA
SendMessageA

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyA

shell32

ShellExecuteA

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
eurofxref-hist.xml
.xml
lang/DeskCalcDEU.lng
lang/DeskCalcENU.lng
lang/DeskCalcESU.lng
lang/DeskCalcKOR.lng
lang/DeskCalcKSA.lng
lang/ToolkitPro.ResourceDe.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mini.bmp
mrect.dll
.dll windows:4 windows x86 arch:x86

dbccf1703bbcc083174274202f063ce3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
SetEvent
OpenEventA
WaitForSingleObject
CreateEventA
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
FlushFileBuffers
CloseHandle
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
InterlockedIncrement
InterlockedDecrement
SetFilePointer
HeapSize
SetUnhandledExceptionFilter
LeaveCriticalSection
LoadLibraryW
LoadLibraryA
FreeLibrary
GetProcAddress
GetModuleFileNameA
GetModuleFileNameW
GetStringTypeW
OutputDebugStringA
EnterCriticalSection
InitializeCriticalSection
IsBadWritePtr
HeapReAlloc
VirtualAlloc
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
RaiseException
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile

user32

GetDesktopWindow
MapWindowPoints
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
ShowCursor
InvalidateRect
UpdateWindow
LoadCursorA
SetCursor
GetFocus
SetFocus
GetForegroundWindow
GetParent
SetForegroundWindow
ClipCursor
LockWindowUpdate
GetAsyncKeyState
ScreenToClient
GetWindowInfo
DrawFocusRect
GetClientRect
GetDC
GetWindowRect
GetWindowDC
ReleaseDC
GetWindowThreadProcessId
IsWindowUnicode
SendMessageA
GetWindowTextA

gdi32

DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteDC
CreateDIBSection

msimg32

AlphaBlend

oleaut32

SysReAllocString
SysAllocString

Exports

Exports

AutoCapture
Capture
CaptureFromPoint
CaptureFromRect
ChangeShortCutKey
StopCapture
TestBStr

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARDAT
Size: 4KB - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
shlob010.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

c45ade2ecfd229543f17d3077e790461

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5c:3c:9b:bc:c2:56:8c:23:6e:c7:e2:a1:7b:d9:ef:ca
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/02/2010, 00:00

Not After

23/02/2013, 23:59

Subject

CN=LogicNP Software,O=LogicNP Software,POSTALCODE=411052,STREET=28\, Manmohan Soc\, Karve Nagar,L=Pune,ST=Maharashtra,C=IN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f1:a2:da:33:de:4f:9d:53:6e:59:fc:97:7d:d0:2c:6a:74:3a:e6:7b
Signer

Actual PE Digest

f1:a2:da:33:de:4f:9d:53:6e:59:fc:97:7d:d0:2c:6a:74:3a:e6:7b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msimg32

GradientFill

shlwapi

PathFindFileNameA

winmm

PlaySoundA

kernel32

GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
ExitProcess
TerminateProcess
HeapSize
HeapReAlloc
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
RaiseException
HeapAlloc
HeapFree
RtlUnwind
GetProfileIntA
GetFileTime
GetFileSize
WritePrivateProfileStringA
CopyFileA
GetOEMCP
GetCPInfo
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
DuplicateHandle
GlobalFlags
GetProcessVersion
FindResourceExA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetLastError
GetUserDefaultLCID
IsDBCSLeadByte
lstrcmpA
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageA
LocalFree
MulDiv
SetLastError
GlobalAlloc
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalFindAtomA
InterlockedDecrement
GetModuleFileNameA
lstrcpyA
lstrlenW
GlobalFree
lstrcmpiA
GlobalLock
CreateFileA
GlobalSize
WriteFile
CloseHandle
GlobalUnlock
GetFileAttributesA
GlobalAddAtomA
GlobalDeleteAtom
LoadLibraryExA
lstrlenA
InterlockedIncrement
Sleep
GetCurrentThread
GetThreadPriority
SetThreadPriority
GetCurrentThreadId
FindResourceA
SizeofResource
LoadResource
LockResource
GetVersionExA
WideCharToMultiByte
FindFirstFileA
FindClose
GetTickCount
FindAtomA
AddAtomA
lstrcpynA
MultiByteToWideChar
FreeLibrary
GetModuleHandleA
LoadLibraryA
GetProcAddress
SetUnhandledExceptionFilter

user32

GetDCEx
BeginPaint
GetDC
ValidateRect
DrawEdge
wvsprintfA
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetFocus
EqualRect
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
IsIconic
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
IsWindowEnabled
wsprintfA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetTopWindow
LockWindowUpdate
GetDlgCtrlID
GetParent
GetFocus
IsChild
RegisterClipboardFormatA
UnregisterHotKey
RegisterHotKey
GrayStringA
TabbedTextOutA
ClientToScreen
ScreenToClient
LoadIconA
GetTabbedTextExtentA
PostMessageA
FindWindowA
EnumChildWindows
GetClassNameA
SetActiveWindow
SetForegroundWindow
GetWindowPlacement
DrawAnimatedRects
SetParent
DefWindowProcA
SetMenuItemBitmaps
CreatePopupMenu
InsertMenuItemA
SetMenuDefaultItem
GetMenuItemInfoA
SetMenuItemInfoA
GetMenuStringA
InsertMenuA
AppendMenuA
GetSubMenu
RemoveMenu
DestroyMenu
GetMenuItemCount
GetMonitorInfoA
GetForegroundWindow
PtInRect
GetWindow
KillTimer
SetWindowPos
GetWindowDC
ReleaseDC
GetCapture
SetCapture
GetCursorPos
SetRect
OffsetRect
ReleaseCapture
CallWindowProcA
CopyRect
SetTimer
IsWindow
IsWindowVisible
RedrawWindow
MoveWindow
GetWindowRect
GetClientRect
ShowWindow
CharUpperA
GetSysColorBrush
GetDialogBaseUnits
UnregisterClassA
GetMessageA
TranslateMessage
PostQuitMessage
LoadStringA
CreateMenu
AdjustWindowRectEx
RegisterWindowMessageA
MonitorFromPoint
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindowLongA
DestroyWindow
CreateWindowExA
SetWindowLongA
FrameRect
DrawIconEx
DestroyIcon
SendMessageA
LoadCursorA
SetCursor
LoadBitmapA
GetKeyState
SystemParametersInfoA
GetSystemMetrics
SetRectEmpty
InflateRect
IsRectEmpty
LoadImageA
CopyImage
CreateIconIndirect
FillRect
DrawTextA
IntersectRect
GetDesktopWindow
InvalidateRect
EnableWindow
GetSysColor
TrackPopupMenu
EndPaint
MessageBoxA

gdi32

CreateSolidBrush
SetRectRgn
CreateRectRgnIndirect
DPtoLP
OffsetViewportOrgEx
GetTextExtentPoint32A
GetTextMetricsA
EnumFontFamiliesExA
CopyMetaFileA
CreateDCA
GetTextAlign
UnrealizeObject
Rectangle
SetViewportOrgEx
SetMapMode
SetROP2
RestoreDC
SaveDC
CreateMetaFileA
GetCurrentPositionEx
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetBkMode
SetTextColor
GetObjectA
CreateCompatibleDC
CloseMetaFile
DeleteMetaFile
LPtoDP
GetDeviceCaps
GetClipBox
Escape
TextOutA
RectVisible
PtVisible
PatBlt
CreateFontIndirectA
GetStockObject
CreateBitmap
CreateCompatibleBitmap
SetStretchBltMode
DeleteDC
CreatePen
SelectObject
CreatePatternBrush
MoveToEx
LineTo
CreateHatchBrush
SetBkColor
ExtTextOutA
CreateRectRgn
CombineRgn
DeleteObject
BitBlt
StretchBlt
SetViewportExtEx

comdlg32

GetFileTitleA
GetOpenFileNameA
ChooseColorA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

CryptImportKey
RegQueryValueExA
RegCreateKeyExA
RegQueryValueA
RegDeleteKeyA
RegSetValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteValueA
RegOpenKeyExA
RegCloseKey
CryptVerifySignatureA
CryptDestroyKey
CryptReleaseContext
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptAcquireContextA
RegSetValueExA
RegCreateKeyA

shell32

Shell_NotifyIconA
ExtractIconA
ShellExecuteExA
SHAddToRecentDocs
ShellExecuteA
SHGetPathFromIDListA
SHGetMalloc
SHGetDesktopFolder
SHFileOperationA
SHAppBarMessage

comctl32

_TrackMouseEvent
ord17

ole32

OleDuplicateData
ReadFmtUserTypeStg
StringFromCLSID
CoDisconnectObject
CreateOleAdviseHolder
CreateDataAdviseHolder
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
ReadClassStm
CoTaskMemAlloc
CreateDataCache
CoRevokeClassObject
CoRegisterClassObject
ReleaseStgMedium
PropVariantClear
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleLoadFromStream
OleSaveToStream

olepro32

ord253
ord252
ord250
ord254
ord251

oleaut32

SysAllocStringByteLen
SysAllocStringLen
SysAllocString
VariantChangeType
LoadTypeLi
RegisterTypeLi
SysStringByteLen
SysFreeString
VariantClear
VariantCopy
VariantInit
LoadRegTypeLi
SysStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 296KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ws-setup.exe
.exe windows:4 windows x86 arch:x86

18bc6fa81e19f21156316b1ae696ed6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
lstrcmpiA
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA

user32

ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c2c71dfce9a27650634dc8b1ca03bf0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 106KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 6KB - Virtual size: 6KB

610235b90207a63ccf481f0d4375d329

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

274b99a815ba574d8c9e1712916d8b30

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 697B

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 352B

.reloc Size: 512B - Virtual size: 362B

842c25b85a86fb355b0631ee903fac29

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

wininet

Sections

.text Size: 108KB - Virtual size: 104KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 16KB - Virtual size: 31KB

.rsrc Size: 28KB - Virtual size: 26KB

a7077c674a96c2979c12939402ff46ff

Headers

DLL Characteristics

File Characteristics

Imports

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 106KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 6KB - Virtual size: 6KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 697B

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 362B

.text
Size: 108KB - Virtual size: 104KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 16KB - Virtual size: 31KB

.rsrc
Size: 28KB - Virtual size: 26KB

.text
Size: 451KB - Virtual size: 450KB

.rdata
Size: 107KB - Virtual size: 106KB

.data
Size: 10KB - Virtual size: 471KB

.rsrc
Size: 289KB - Virtual size: 289KB

.text
Size: 160KB - Virtual size: 157KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 101KB

.rsrc
Size: 12KB - Virtual size: 8KB

.text
Size: 256KB - Virtual size: 255KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 8KB - Virtual size: 106KB

.rsrc
Size: 32KB - Virtual size: 31KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 100KB

.rsrc
Size: 12KB - Virtual size: 10KB