0c840c54f3a1982ac7647f195e80dfc3ab933b4a16792882ef5108a84bf263a2

Sharing

Copy URL Twitter E-mail

General

Target

0c840c54f3a1982ac7647f195e80dfc3ab933b4a16792882ef5108a84bf263a2
Size

3.2MB
MD5

bab1b01f3d4227fda71062f0d683ab03
SHA1

d751c2e9a1f46e06a3aa1628936e44b0adfe4d84
SHA256

0c840c54f3a1982ac7647f195e80dfc3ab933b4a16792882ef5108a84bf263a2
SHA512

f767c71fe756d4ee8724424b86763748d293be350bea814c7ca7da2cd3d59f50e2c1e2a808578e24f80a2dc1af7941038110fe046339ebd19323bcc8af3e20ab
SSDEEP

98304:hfvJLiqthcBa3krJyAperKseEfNnxox1S4twTXDw4:lRLNDYQA5sGfpwQ4

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/驱动/Driver_Install_Receipt_Label_GBSrv.exe	upx
static1/unpack001/驱动/Driver_Install_Receipt_Label_GBSrvSrv.exe	upx
static1/unpack001/驱动/Driver_Install_Receipt_Label_GBSrvSrvSrv.exe	upx

Unsigned PE 81 IoCs

Checks for missing Authenticode signature.

resource
unpack001/驱动/7-zip32.dll
unpack002/Barcode/x64/GCOCHI56.DLL
unpack002/Barcode/x64/GCOCRO56.DLL
unpack002/Barcode/x64/GCOCZE56.DLL
unpack002/Barcode/x64/GCODAN56.DLL
unpack002/Barcode/x64/GCODRV56.DLL
unpack002/Barcode/x64/GCODUT56.DLL
unpack002/Barcode/x64/GCOENG56.DLL
unpack002/Barcode/x64/GCOFIN56.DLL
unpack002/Barcode/x64/GCOFRA56.DLL
unpack002/Barcode/x64/GCOGER56.DLL
unpack002/Barcode/x64/GCOHEB56.DLL
unpack002/Barcode/x64/GCOHUN56.DLL
unpack002/Barcode/x64/GCOITA56.DLL
unpack002/Barcode/x64/GCOJAP56.DLL
unpack002/Barcode/x64/GCOKOR56.DLL
unpack002/Barcode/x64/GCOLIT56.DLL
unpack002/Barcode/x64/GCONOR56.DLL
unpack002/Barcode/x64/GCOPBR56.DLL
unpack002/Barcode/x64/GCOPOL56.DLL
unpack002/Barcode/x64/GCORUS56.DLL
unpack002/Barcode/x64/GCOSCH56.DLL
unpack002/Barcode/x64/GCOSLO56.DLL
unpack002/Barcode/x64/GCOSPA56.DLL
unpack002/Barcode/x64/GCOSVK56.DLL
unpack002/Barcode/x64/GCOSWE56.DLL
unpack002/Barcode/x64/GCOTAI56.DLL
unpack002/Barcode/x64/GCOTUR56.DLL
unpack002/Barcode/x64/GCOUI56.DLL
unpack002/Barcode/x64/GCOUKR56.DLL
unpack002/Barcode/x64/Prn64.bin
unpack002/Barcode/x64/ldaNLM64.dll
unpack002/Barcode/x86/GCOCHI50.DLL
unpack002/Barcode/x86/GCOCRO50.DLL
unpack002/Barcode/x86/GCOCZE50.DLL
unpack002/Barcode/x86/GCODAN50.DLL
unpack002/Barcode/x86/GCODRV50.DLL
unpack002/Barcode/x86/GCODUT50.DLL
unpack002/Barcode/x86/GCOENG50.DLL
unpack002/Barcode/x86/GCOFIN50.DLL
unpack002/Barcode/x86/GCOFRA50.DLL
unpack002/Barcode/x86/GCOGER50.DLL
unpack002/Barcode/x86/GCOHEB50.DLL
unpack002/Barcode/x86/GCOHUN50.DLL
unpack002/Barcode/x86/GCOITA50.DLL
unpack002/Barcode/x86/GCOJAP50.DLL
unpack002/Barcode/x86/GCOKOR50.DLL
unpack002/Barcode/x86/GCOLIT50.DLL
unpack002/Barcode/x86/GCONOR50.DLL
unpack002/Barcode/x86/GCOPBR50.DLL
unpack002/Barcode/x86/GCOPOL50.DLL
unpack002/Barcode/x86/GCORUS50.DLL
unpack002/Barcode/x86/GCOSCH50.DLL
unpack002/Barcode/x86/GCOSLO50.DLL
unpack002/Barcode/x86/GCOSPA50.DLL
unpack002/Barcode/x86/GCOSVK50.DLL
unpack002/Barcode/x86/GCOSWE50.DLL
unpack002/Barcode/x86/GCOTAI50.DLL
unpack002/Barcode/x86/GCOTUR50.DLL
unpack002/Barcode/x86/GCOUI50.DLL
unpack002/Barcode/x86/GCOUKR50.DLL
unpack002/Barcode/x86/ldaNLMNT.dll
unpack002/Ticket/x64/GP58N.DLL
unpack002/Ticket/x64/GP76BM.dll
unpack002/Ticket/x64/GP76N.DLL
unpack002/Ticket/x64/GP80N.DLL
unpack002/Ticket/x64/UNIDRV.DLL
unpack002/Ticket/x64/UNIDRVUI.DLL
unpack002/Ticket/x64/UNIRES.DLL
unpack002/Ticket/x86/GP58N.DLL
unpack002/Ticket/x86/GP76BM.dll
unpack002/Ticket/x86/GP76N.DLL
unpack002/Ticket/x86/GP80N.DLL
unpack002/Ticket/x86/UNIDRV.DLL
unpack002/Ticket/x86/UNIDRVUI.DLL
unpack002/Ticket/x86/UNIRES.DLL
unpack001/驱动/Driver_Install_Receipt_Label_GB.exe
unpack001/驱动/Driver_Install_Receipt_Label_GBSrv.exe
unpack001/驱动/Driver_Install_Receipt_Label_GBSrvSrv.exe
unpack001/驱动/Driver_Install_Receipt_Label_GBSrvSrvSrv.exe
unpack005/out.upx

Files

0c840c54f3a1982ac7647f195e80dfc3ab933b4a16792882ef5108a84bf263a2
.zip
驱动/7-zip32.dll
.dll windows:4 windows x86 arch:x86

e6e9874e349e24e3f020b7e9fe4f8139

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
GetExitCodeThread
WaitForSingleObject
lstrcpynA
GetProcAddress
GetModuleHandleA
MultiByteToWideChar
GetCurrentProcessId
SetThreadPriority
ResumeThread
GetTickCount
FileTimeToDosDateTime
FileTimeToSystemTime
LockResource
SizeofResource
LoadResource
FindResourceA
SetFileApisToOEM
SetFileApisToANSI
AreFileApisANSI
GetLastError
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
FreeLibrary
LoadLibraryA
GetModuleFileNameA
LocalFree
FormatMessageA
FormatMessageW
GetWindowsDirectoryA
GetWindowsDirectoryW
SetFileTime
CreateFileW
SetLastError
SetFileAttributesA
RemoveDirectoryA
MoveFileA
SetFileAttributesW
RemoveDirectoryW
MoveFileW
CreateDirectoryA
CreateDirectoryW
DeleteFileA
DeleteFileW
lstrlenA
GetFullPathNameA
GetFullPathNameW
GetCurrentDirectoryA
SetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryW
SearchPathA
SearchPathW
GetTempPathA
GetTempPathW
GetTempFileNameA
GetTempFileNameW
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
CreateFileA
GetFileSize
SetFilePointer
DeviceIoControl
ReadFile
GetVersionExA
SetEndOfFile
GetCurrentProcess
CompareFileTime
GetSystemInfo
DosDateTimeToFileTime
SystemTimeToFileTime
GetSystemTime
GetStdHandle
WaitForMultipleObjects
LocalFileTimeToFileTime
OpenEventA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
QueryPerformanceCounter
GetCurrentThreadId
VirtualAlloc
VirtualFree
CreateEventA
SetEvent
ResetEvent
CreateSemaphoreA
ReleaseSemaphore
InitializeCriticalSection
GetStringTypeW
GetStringTypeA
SetStdHandle
GetOEMCP
GetACP
FlushFileBuffers
LCMapStringW
LCMapStringA
GetCPInfo
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
HeapSize
InterlockedIncrement
InterlockedDecrement
IsBadWritePtr
HeapCreate
HeapDestroy
GetEnvironmentVariableA
UnhandledExceptionFilter
TerminateProcess
SetUnhandledExceptionFilter
ExitProcess
TlsFree
TlsAlloc
GetVersion
GetCommandLineA
HeapReAlloc
HeapAlloc
HeapFree
ExitThread
TlsGetValue
TlsSetValue
CreateThread
RaiseException
RtlUnwind
WriteFile
FileTimeToLocalFileTime

user32

CharPrevExA
CharLowerW
CharLowerA
CharUpperW
CharUpperA
LoadIconA
InvalidateRect
EndDialog
EnumWindows
SetTimer
KillTimer
MoveWindow
wsprintfA
LoadStringA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
ScreenToClient
GetSystemMetrics
ShowWindow
IsDlgButtonChecked
EnableWindow
DestroyWindow
RegisterWindowMessageA
DialogBoxParamW
DialogBoxParamA
GetDC
GetClientRect
DrawTextExW
DrawTextExA
ReleaseDC
GetDlgItem
GetWindowTextLengthW
GetDlgItemTextW
GetWindowTextLengthA
GetDlgItemTextA
SetDlgItemTextW
SetDlgItemTextA
CreateDialogParamW
CreateDialogParamA
GetDesktopWindow
GetWindowRect
SystemParametersInfoA
SetWindowPos
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
SetWindowLongA
GetWindowLongA
SendMessageW
SendMessageA
GetWindowThreadProcessId
GetWindow
GetLastActivePopup
PostMessageA

gdi32

SelectObject

shell32

SHGetFileInfoA

oleaut32

SysFreeString
VariantCopy
VariantClear
SysAllocStringByteLen
SysAllocString

Exports

Exports

SevenZip
SevenZipCheckArchive
SevenZipClearOwnerWindow
SevenZipCloseArchive
SevenZipConfigDialog
SevenZipFindFirst
SevenZipFindNext
SevenZipGetAccessTime
SevenZipGetAccessTimeEx
SevenZipGetArcAccessTimeEx
SevenZipGetArcCompressedSize
SevenZipGetArcCompressedSizeEx
SevenZipGetArcCreateTimeEx
SevenZipGetArcDate
SevenZipGetArcFileName
SevenZipGetArcFileSize
SevenZipGetArcFileSizeEx
SevenZipGetArcOSType
SevenZipGetArcOriginalSize
SevenZipGetArcOriginalSizeEx
SevenZipGetArcRatio
SevenZipGetArcTime
SevenZipGetArcWriteTimeEx
SevenZipGetArchiveType
SevenZipGetAttribute
SevenZipGetBackGroundMode
SevenZipGetCRC
SevenZipGetCompressedSize
SevenZipGetCompressedSizeEx
SevenZipGetCreateTime
SevenZipGetCreateTimeEx
SevenZipGetCursorInterval
SevenZipGetCursorMode
SevenZipGetDate
SevenZipGetDefaultPassword
SevenZipGetFileCount
SevenZipGetFileName
SevenZipGetMethod
SevenZipGetOSType
SevenZipGetOriginalSize
SevenZipGetOriginalSizeEx
SevenZipGetRatio
SevenZipGetRunning
SevenZipGetSubVersion
SevenZipGetTime
SevenZipGetVersion
SevenZipGetWriteTime
SevenZipGetWriteTimeEx
SevenZipIsSFXFile
SevenZipKillOwnerWindowEx
SevenZipKillOwnerWindowEx64
SevenZipOpenArchive
SevenZipPasswordDialog
SevenZipQueryFunctionList
SevenZipSetBackGroundMode
SevenZipSetCursorInterval
SevenZipSetCursorMode
SevenZipSetDefaultPassword
SevenZipSetOwnerWindow
SevenZipSetOwnerWindowEx
SevenZipSetOwnerWindowEx64
SevenZipSetPriority
SevenZipSetUnicodeMode

Sections

.text
Size: 445KB - Virtual size: 445KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
驱动/DriverData.Drv
.7z
Barcode/Common/GP212T.BA0
Barcode/Common/GP212T.DAT
Barcode/Common/GP212T.PP0
Barcode/Common/GP212TF.BA0
Barcode/Common/GP212TF.DAT
Barcode/Common/GP212TF.PP0
Barcode/Common/GP212TL.BA0
Barcode/Common/GP212TL.DAT
Barcode/Common/GP212TL.PP0
Barcode/Common/GP58T.BA0
Barcode/Common/GP58T.DAT
Barcode/Common/GP58T.PP0
Barcode/Common/GPA83I.BA0
Barcode/Common/GPA83I.DAT
Barcode/Common/GPA83I.PP0
Barcode/Common/THERMAL.chm
.chm
Barcode/x64/DIFxAPI.dll
.dll windows:6 windows x64 arch:x64

fa7bbfc375651121b7223cafa40dc7b8

Code Sign

61:03:dc:f6:00:00:00:00:00:0c
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:12

Not After

25/07/2011, 19:22

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:159C-A3F7-2570,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:15:23:0f:00:00:00:00:00:0a
Certificate

Issuer

CN=Microsoft Windows Verification PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 21:57

Not After

07/03/2011, 21:57

Subject

CN=Microsoft Windows,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:07:02:dc:00:00:00:00:00:0b
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

15/09/2005, 21:55

Not After

15/03/2016, 22:05

Subject

CN=Microsoft Windows Verification PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

6b:55:60:61:36:ea:2b:db:06:1f:e0:d9:92:1a:27:14:39:e5:af:db
Signer

Actual PE Digest

6b:55:60:61:36:ea:2b:db:06:1f:e0:d9:92:1a:27:14:39:e5:af:db

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

difxapi.pdb

Imports

msvcrt

_unlock
__dllonexit
_lock
_onexit
??3@YAXPEAX@Z
mbtowc
__mb_cur_max
isleadbyte
_iob
_snprintf
_itoa
ferror
__badioinfo
__pioinfo
memcpy
??1type_info@@UEAA@XZ
_amsg_exit
_XcptFilter
__C_specific_handler
memset
_wcsupr
_wcslwr
_errno
__CxxFrameHandler
iswdigit
_vscwprintf
wcsrchr
wcspbrk
_wcsnicmp
iswalpha
?_set_se_translator@@YAP6AXIPEAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
_fileno
_lseeki64
wcsstr
wcschr
_write
_isatty
_CxxThrowException
??2@YAPEAX_K@Z
_wcsicmp
??_U@YAPEAX_K@Z
memmove
_initterm
_vsnwprintf
_resetstkoflw
malloc
free
??_V@YAXPEAX@Z
memcmp

ntdll

RtlNtStatusToDosError
VerSetConditionMask
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

kernel32

WaitForSingleObjectEx
SetEndOfFile
WaitForMultipleObjectsEx
GetThreadLocale
LCMapStringW
SetFilePointer
CreateEventW
SetEvent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetVersionExA
RaiseException
HeapSize
VirtualProtect
Sleep
GetProcessHeap
GetSystemTimeAsFileTime
DeviceIoControl
ReleaseMutex
WaitForSingleObject
CreateMutexW
LocalReAlloc
LocalAlloc
GetSystemDirectoryW
LocalFree
CompareStringW
WideCharToMultiByte
GetEnvironmentVariableW
GetSystemWindowsDirectoryW
CopyFileW
HeapReAlloc
HeapAlloc
HeapFree
InitializeCriticalSection
HeapDestroy
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
OutputDebugStringA
GetLastError
lstrcmpiW
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
lstrlenW
SetLastError
LoadLibraryW
GetProcAddress
FreeLibrary
GetVersionExW
VerifyVersionInfoW
SetFileAttributesW
DeleteFileW
GetFullPathNameW
GetFileAttributesW
CreateDirectoryW
GetTempFileNameW
MoveFileExW
CreateFileW
CloseHandle
FindFirstFileW
lstrcmpW
FindNextFileW
FindClose
RemoveDirectoryW
GetFileSize
CreateFileMappingW
MapViewOfFile
MultiByteToWideChar
UnmapViewOfFile

user32

UnregisterClassA
CharLowerW

setupapi

pSetupGetGlobalFlags
pSetupSetGlobalFlags
SetupDiClassNameFromGuidW
SetupDiSetSelectedDevice
SetupDiOpenDeviceInfoW
SetupDiSetClassInstallParamsW
SetupDiGetDriverInfoDetailW
SetupDiGetSelectedDriverW
SetupDiCallClassInstaller
SetupDiBuildDriverInfoList
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceInstallParamsW
SetupDiCreateDeviceInfoList
SetupDiGetDeviceInstanceIdW
SetupDiOpenDevRegKey
CM_Get_Device_IDW
SetupDiSetDeviceRegistryPropertyW
CM_Setup_DevNode
CM_Query_And_Remove_SubTreeW
CM_Get_DevNode_Status
CM_Locate_DevNodeW
CM_Get_Device_ID_List_SizeW
CM_Get_Device_ID_ListW
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
CM_Enumerate_Classes
SetupDiOpenClassRegKey
SetupGetTargetPathW
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDefaultQueueCallbackW
SetupCommitFileQueueW
SetupQueueCopyW
SetupTermDefaultQueueCallback
SetupInitDefaultQueueCallbackEx
SetupCloseFileQueue
SetupOpenFileQueue
SetupCopyOEMInfW
SetupOpenInfFileW
SetupCloseInfFile
SetupDiGetActualSectionToInstallW
SetupGetLineCountW
SetupOpenAppendInfFileW
SetupFindFirstLineW
SetupInstallFilesFromInfSectionW
SetupPromptReboot
SetupInstallFromInfSectionW
SetupInstallServicesFromInfSectionW
SetupFindNextLine
SetupFindNextMatchLineW
SetupGetStringFieldW
SetupGetIntField
SetupGetFieldCount

advapi32

DeleteService
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegQueryValueExW
RegDeleteValueW
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetEntriesInAclW
QueryServiceStatus
OpenSCManagerW
OpenServiceW
ControlService
StartServiceW
RegCloseKey
CloseServiceHandle

ole32

CoInitialize
CoUninitialize
StringFromCLSID
CoTaskMemFree
CoCreateInstance

wintrust

CryptCATAdminCalcHashFromFileHandle
WinVerifyTrust

crypt32

CertGetCTLContextProperty
CertFreeCertificateContext
CertFreeCTLContext
CryptQueryObject

Exports

Exports

DIFXAPISetLogCallbackA
DIFXAPISetLogCallbackW
DriverPackageGetPathA
DriverPackageGetPathW
DriverPackageInstallA
DriverPackageInstallW
DriverPackagePreinstallA
DriverPackagePreinstallW
DriverPackageUninstallA
DriverPackageUninstallW
SetDifxLogCallbackA
SetDifxLogCallbackW

Sections

.text
Size: 452KB - Virtual size: 451KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOCHI56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\chi\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOCRO56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\cro\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOCZE56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\cze\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCODAN56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\dan\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCODRV56.DLL
.dll windows:5 windows x64 arch:x64

fdcb8b067d4c6351fa4224fa3ced27a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\DRIVER\DRVCURRENT\DRIVERCORE\THRM\lib\amd64\thdrv56.pdb

Imports

kernel32

OutputDebugStringW
OutputDebugStringA
EnterCriticalSection
GetUserDefaultLangID
GetPrivateProfileIntA
FindFirstFileA
GetProcAddress
GetPrivateProfileStringA
CloseHandle
GetFileSize
MapViewOfFile
CreateFileW
CreateFileMappingW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
MultiByteToWideChar
UnmapViewOfFile
InitializeCriticalSection
WideCharToMultiByte
GlobalSize
DisableThreadLibraryCalls
MulDiv
HeapFree
LeaveCriticalSection
GetLastError
GlobalAlloc
HeapAlloc
HeapCreate
HeapDestroy
GlobalFree
DeleteCriticalSection
SetLastError

ntdll

memcmp
memset
atoi
strrchr
atol
RtlUnicodeToMultiByteN
strchr
_itoa
sprintf
strncmp
strncat
strstr
strncpy
wcstombs
memmove
_wcsnicmp
wcsncpy
strtol
_strcmpi
wcsncmp
toupper
_ultoa
RtlMultiByteToUnicodeN
_ltoa
memcpy
__chkstk

winspool.drv

SetPrinterDataExA
EnumPortsW
EnumFormsW
GetPrinterDataW
GetPrinterDriverW
WritePrinter
GetPrinterDataExA
GetPrinterW

user32

SetRect
LoadStringW
SetRectEmpty

advapi32

RegEnumKeyExW
RegCreateKeyW
RegQueryValueExW
RegSetValueExW
RegFlushKey
RegCloseKey
RegOpenKeyExW
RegOpenKeyW

gdi32

EngDeleteSurface
FONTOBJ_pxoGetXform
EngCreateBitmap
EngDeletePalette
XFORMOBJ_bApplyXform
STROBJ_vEnumStart
STROBJ_bEnum
EngTextOut
PATHOBJ_vEnumStart
PATHOBJ_bEnum
EngLineTo
XFORMOBJ_iGetXform
EngAssociateSurface
EngStrokeAndFillPath
EngFillPath
BRUSHOBJ_pvAllocRbrush
XLATEOBJ_iXlate
EngBitBlt
EngLockSurface
EngStretchBlt
EngUnlockSurface
EngCopyBits
CLIPOBJ_cEnumStart
CLIPOBJ_bEnum
EngPaint
EngComputeGlyphSet
FONTOBJ_pfdg
EngCreatePalette
EngStrokePath

shell32

SHGetPathFromIDListA
SHGetFolderLocation

ole32

CoTaskMemFree

Exports

Exports

DllEntryPoint
DrvDisableDriver
DrvEnableDriver
DrvQueryDriverInfo
GetCDatStructure
InstallDefine

Sections

.text
Size: 545KB - Virtual size: 545KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCODUT56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\dut\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOENG56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\eng\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOFIN56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\fin\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOFRA56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\fra\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOGER56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\ger\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOHEB56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\heb\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOHUN56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\hun\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOITA56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\ita\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOJAP56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\jap\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOKOR56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\kor\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOLIT56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\lit\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCONOR56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\nor\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOPBR56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\pbr\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOPOL56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\pol\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCORUS56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\rus\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOSCH56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\sch\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOSLO56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\slo\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOSPA56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\spa\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOSVK56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\svk\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOSWE56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\swe\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOTAI56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\tai\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOTUR56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\tur\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOUI56.DLL
.dll windows:5 windows x64 arch:x64

7a39f9c44df3e2d31287ebb70a3be98d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\DRIVER\DRVCURRENT\DRIVERCORE\THRM\lib\amd64\thui56.pdb

Imports

kernel32

OpenFile
_lclose
_lopen
LocalAlloc
LocalFree
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CreateFileMappingW
_lread
MapViewOfFile
GetFileSize
OutputDebugStringA
DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetVersionExW
GetPrivateProfileIntA
GetUserDefaultLangID
WriteFile
_lcreat
_lwrite
UnmapViewOfFile
_llseek
GetProfileIntA
GetSystemDirectoryW
GetLocalTime
GetProfileStringA
WaitForSingleObject
Sleep
GetTickCount
FindResourceW
DeleteFileW
WritePrivateProfileStringW
WritePrivateProfileStringA
CopyFileA
CloseHandle
CompareFileTime
GetFileTime
CreateFileA
DeleteFileA
GetPrivateProfileStringA
FindClose
lstrlenW
FindNextFileA
FindFirstFileA
HeapFree
SetLastError
HeapDestroy
HeapAlloc
HeapCreate
GetProcAddress
LeaveCriticalSection
FreeLibrary
LoadLibraryW
GlobalFree
GlobalAlloc
GetLastError
lstrcpynW
CreateFileW

ntdll

RtlMultiByteToUnicodeN
wcstombs
atol
strncat
strchr
strcspn
toupper
atoi
wcsncmp
strstr
strncmp
sprintf
_strcmpi
strncpy
swprintf
wcsncpy
memmove
_wcsicmp
strtol
strrchr
RtlUnicodeToMultiByteN
_ultoa
_ltoa
memset
memcpy
__chkstk

user32

GetWindowTextA
SetWindowTextA
IsWindowEnabled
SetWindowLongW
GetParent
MoveWindow
IsWindowVisible
CheckDlgButton
CheckRadioButton
GetDlgItemTextW
LoadBitmapA
MapWindowPoints
DrawTextW
GetCursorPos
InvalidateRect
DrawTextA
LoadCursorW
PostMessageW
WinHelpA
GetSystemMetrics
SetWindowTextW
LoadCursorA
GetWindowLongPtrW
SetScrollPos
GetScrollPos
GetScrollRange
ScreenToClient
GetWindowRect
SetScrollRange
IsDlgButtonChecked
PtInRect
SetCursor
LoadStringW
DialogBoxParamW
EnumChildWindows
SetWindowLongPtrW
GetClassNameA
GetWindowLongW
CallWindowProcW
EndPaint
GetClientRect
GetWindowTextW
BeginPaint
GetSysColor
GetDlgItemTextA
SendDlgItemMessageW
SendDlgItemMessageA
GetDlgItemInt
SetDlgItemTextA
wsprintfA
EndDialog
SetDlgItemTextW
ShowWindow
MessageBoxW
SetDlgItemInt
EnableWindow
GetDlgItem
SendMessageA
SendMessageW
wsprintfW
SetRect

winspool.drv

EnumFormsW
GetPrinterDriverW
GetPrinterDataExA
GetPrinterDataA
SetPrinterW
SetPrinterDataExA
ClosePrinter
OpenPrinterW
DeletePrinterKeyA
DeleteFormW
AddFormW
WritePrinter
EndDocPrinter
GetPrinterW
SetPrinterDataW
GetPrinterDataW
StartDocPrinterA

gdi32

LineTo
MoveToEx
StretchDIBits
CreateFontIndirectA
GetObjectA
SetTextColor
DeleteObject
CreateFontIndirectW
CreateSolidBrush
SetBkColor
GetStockObject
ExtTextOutW
SelectObject
GetTextExtentPointW
SetBkMode
TextOutW
CreatePen
Rectangle
CreateCompatibleDC
GetObjectW
DPtoLP
CreateBitmap
CreateCompatibleBitmap
SetMapMode
GetMapMode
BitBlt
DeleteDC
StretchBlt

shell32

ShellExecuteW
ShellExecuteA
SHGetPathFromIDListA
SHGetFolderLocation
ShellExecuteExW

comdlg32

GetSaveFileNameA
ChooseColorW
GetOpenFileNameW
GetOpenFileNameA

advapi32

RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegOpenCurrentUser
RegQueryValueExW

ole32

CoTaskMemFree

Exports

Exports

DevQueryPrintEx
DllInitialize
DrvConvertDevMode
DrvDeviceCapabilities
DrvDevicePropertySheets
DrvDocumentPropertySheets
DrvPrinterEvent
DrvUpgradePrinter
GetCDatStructure
InstallDefine

Sections

.text
Size: 474KB - Virtual size: 473KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024KB - Virtual size: 1023KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/GCOUKR56.DLL
.dll windows:5 windows x64 arch:x64

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\driver\drvcurrent\drivercore\thrm\lang\ukr\lib\amd64\resdll.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllInitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x64/Prn64.bin
.exe windows:5 windows x64 arch:x64

9ba174ec9cd7880dcb50b17b3840e5c4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\Driver\DrvCurrent\PrnInst\Prn64\Create\Release\x64\Prn64.pdb

Imports

kernel32

OpenProcess
GetVersionExW
GetCurrentThread
GetCurrentProcess
CloseHandle
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CreateFileW
WriteFile
SetLastError
HeapAlloc
HeapFree
ReadProcessMemory
ExpandEnvironmentStringsW
GetCommandLineW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetLastError
FreeLibrary
GetProcAddress
GetProcessHeap
LoadLibraryW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapReAlloc
GetConsoleMode
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RaiseException
RtlPcToFileHeader
RtlUnwindEx
GetModuleHandleW
Sleep
ExitProcess
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
GetCurrentThreadId
FlsAlloc
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSectionAndSpinCount
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
SetFilePointer
GetConsoleCP

user32

MessageBoxA
MessageBoxW

winspool.drv

AddPortW

advapi32

LookupPrivilegeValueW
OpenProcessToken
OpenThreadToken
AdjustTokenPrivileges

shell32

CommandLineToArgvW

psapi

GetModuleFileNameExW
EnumProcessModules

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Barcode/x64/ldaNLM64.dll
.dll windows:5 windows x64 arch:x64

4741e6bf4a78763d0843c82afcfa181d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\Driver\DrvCurrent\LangMon\LMlda\Release\x64\ldaNLM64.pdb

Imports

kernel32

GlobalAlloc
FormatMessageW
MultiByteToWideChar
VerifyVersionInfoW
GlobalFree
GetLastError
GetComputerNameA
CreateFileA
WriteFile
GetFileAttributesA
GetTempFileNameA
CloseHandle
LoadLibraryW
CreateMutexW
FreeLibrary
WaitForSingleObject
GetProcAddress
ReleaseMutex
SetFilePointer
InitializeCriticalSection
WideCharToMultiByte
LeaveCriticalSection
VerSetConditionMask
CreateFileW
EnterCriticalSection
GetLocalTime
DeleteCriticalSection
GetFileSize
lstrlenA
MapViewOfFile
UnmapViewOfFile
OpenFileMappingW
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
SetLastError
Sleep
ReadFile
GetTickCount
LoadLibraryA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
HeapAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
HeapFree
GetCurrentThreadId
FlsSetValue
GetCommandLineA
RaiseException
RtlPcToFileHeader
RtlUnwindEx
GetCPInfo
LCMapStringA
LCMapStringW
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSetInformation
HeapCreate
HeapDestroy
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
HeapSize
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW

user32

wsprintfW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter
GetPrinterDriverW
SetJobW
GetJobW

shell32

ord165
SHGetPathFromIDListW
SHGetSpecialFolderLocation

ole32

CoTaskMemFree

Exports

Exports

DllEntryPoint
InitializePrintMonitor2

Sections

.text
Size: 281KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/DIFxAPI.dll
.dll windows:6 windows x86 arch:x86

bced6390751f7df672767c6c60fd16dc

Code Sign

61:03:dc:f6:00:00:00:00:00:0c
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:12

Not After

25/07/2011, 19:22

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:159C-A3F7-2570,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:15:23:0f:00:00:00:00:00:0a
Certificate

Issuer

CN=Microsoft Windows Verification PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 21:57

Not After

07/03/2011, 21:57

Subject

CN=Microsoft Windows,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:07:02:dc:00:00:00:00:00:0b
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

15/09/2005, 21:55

Not After

15/03/2016, 22:05

Subject

CN=Microsoft Windows Verification PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

b4:3a:2e:c6:32:74:1f:7f:5a:ac:1d:1e:5f:70:f7:d0:71:69:58:ba
Signer

Actual PE Digest

b4:3a:2e:c6:32:74:1f:7f:5a:ac:1d:1e:5f:70:f7:d0:71:69:58:ba

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

difxapi.pdb

Imports

ntdll

RtlNtStatusToDosError
VerSetConditionMask
RtlUnwind

kernel32

VerifyVersionInfoW
GetVersionExW
lstrlenW
FreeLibrary
GetProcAddress
LoadLibraryW
DeleteFileW
SetFileAttributesW
GetEnvironmentVariableW
CompareStringW
GetFileAttributesW
MoveFileExW
GetTempFileNameW
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
CreateFileW
GetSystemWindowsDirectoryW
MultiByteToWideChar
WideCharToMultiByte
GetSystemDirectoryW
GetFullPathNameW
CopyFileW
LocalFree
RemoveDirectoryW
FindClose
FindNextFileW
lstrcmpW
FindFirstFileW
CreateDirectoryW
LocalReAlloc
LocalAlloc
GetProcessHeap
ReleaseMutex
DeviceIoControl
WaitForSingleObject
CreateMutexW
GetSystemTimeAsFileTime
Sleep
RaiseException
GetVersionExA
HeapSize
GetCommandLineA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetModuleHandleA
ExitProcess
TlsGetValue
SetLastError
TlsSetValue
TlsFree
GetCurrentThreadId
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
LoadLibraryExA
SetFilePointer
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
GetThreadLocale
WaitForMultipleObjectsEx
InterlockedCompareExchange
WaitForSingleObjectEx
SetEvent
CreateEventW
SetEndOfFile
InterlockedExchange
lstrcmpiW
GetLastError
InterlockedIncrement
InterlockedDecrement
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
HeapFree
HeapReAlloc
EnterCriticalSection
HeapAlloc
LeaveCriticalSection
HeapDestroy
GetModuleHandleW
DeleteCriticalSection
GetModuleFileNameA
OutputDebugStringA
HeapCreate
InitializeCriticalSection
TlsAlloc
CreateFileA

user32

UnregisterClassA
CharLowerW

setupapi

SetupDiSetDeviceRegistryPropertyW
SetupQueueCopyIndirectW
SetupDiCallClassInstaller
SetupDiBuildDriverInfoList
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceInstallParamsW
SetupDiSetSelectedDevice
SetupDiOpenDeviceInfoW
SetupDiOpenDevRegKey
SetupDiGetDeviceInstanceIdW
SetupDiCreateDeviceInfoList
SetupDiGetDriverInfoDetailW
SetupDiGetSelectedDriverW
SetupDiSetClassInstallParamsW
SetupDiClassNameFromGuidW
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
CM_Get_Device_IDW
CM_Get_Device_ID_ListW
CM_Get_Device_ID_List_SizeW
CM_Locate_DevNodeW
CM_Get_DevNode_Status
CM_Query_And_Remove_SubTreeW
SetupDiOpenClassRegKey
SetupGetTargetPathW
SetupInstallFilesFromInfSectionW
SetupPromptReboot
SetupInstallFromInfSectionW
SetupInstallServicesFromInfSectionW
SetupDiGetActualSectionToInstallW
SetupFindNextLine
SetupFindNextMatchLineW
SetupOpenInfFileW
SetupOpenFileQueue
SetupCommitFileQueueW
SetupQueueCopyW
SetupCloseFileQueue
SetupFindFirstLineW
SetupCopyOEMInfW
SetupCloseInfFile
SetupGetLineCountW
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupOpenAppendInfFileW
CM_Enumerate_Classes
CM_Setup_DevNode
SetupGetIntField
SetupGetFieldCount
pSetupGetGlobalFlags
pSetupSetGlobalFlags
SetupTermDefaultQueueCallback
SetupInitDefaultQueueCallbackEx
SetupDefaultQueueCallbackW
SetupGetStringFieldW

advapi32

RegCloseKey
CheckTokenMembership
AllocateAndInitializeSid
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAce
InitializeAcl
GetLengthSid
SetEntriesInAclW
QueryServiceStatus
DeleteService
ControlService
CloseServiceHandle
OpenServiceW
OpenSCManagerW
StartServiceW
FreeSid

ole32

StringFromCLSID
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance

wintrust

WinVerifyTrust
CryptCATAdminCalcHashFromFileHandle

crypt32

CertFreeCertificateContext
CertGetCTLContextProperty
CryptQueryObject
CertFreeCTLContext

Exports

Exports

DIFXAPISetLogCallbackA
DIFXAPISetLogCallbackW
DriverPackageGetPathA
DriverPackageGetPathW
DriverPackageInstallA
DriverPackageInstallW
DriverPackagePreinstallA
DriverPackagePreinstallW
DriverPackageUninstallA
DriverPackageUninstallW
SetDifxLogCallbackA
SetDifxLogCallbackW

Sections

.text
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOCHI50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOCRO50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOCZE50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCODAN50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCODRV50.DLL
.dll windows:5 windows x86 arch:x86

0c32674e9a0918ab52bfedcd988acc3f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

_chkstk
atol
atoi
memcmp
RtlUnicodeToMultiByteN
strchr
_itoa
strncmp
wcstombs
strncpy
strcat
strstr
strcmp
strncat
memmove
_ftol
abs
strlen
memcpy
strcpy
wcscmp
memset
_wcsnicmp
wcscpy
sprintf
wcscat
strrchr
wcslen
_ltoa
_ultoa
_strcmpi
strtol
wcsncmp
wcsncpy
toupper
RtlMultiByteToUnicodeN

winspool.drv

EnumPortsW
GetPrinterDataExA
SetPrinterDataExA
GetPrinterDataW
WritePrinter
GetPrinterW
GetPrinterDriverW
EnumFormsW

user32

SetRectEmpty
SetRect
LoadStringW

kernel32

GetProcAddress
CreateFileW
GetFileSize
CreateFileMappingW
MapViewOfFile
OutputDebugStringW
_lcreat
_lwrite
_lclose
SetLastError
InitializeCriticalSection
GlobalFree
DeleteCriticalSection
HeapDestroy
LeaveCriticalSection
GetLastError
GlobalAlloc
HeapAlloc
HeapCreate
HeapFree
MulDiv
DisableThreadLibraryCalls
GlobalSize
WideCharToMultiByte
UnmapViewOfFile
MultiByteToWideChar
OutputDebugStringA
EnterCriticalSection
GetPrivateProfileStringA
GetPrivateProfileIntA
FindFirstFileA
GetUserDefaultLangID
CloseHandle

advapi32

RegCloseKey
RegSetValueExW
RegQueryValueExW
RegCreateKeyW
RegOpenKeyW
RegEnumKeyExW
RegOpenKeyExW
RegFlushKey

gdi32

EngLockSurface
EngStretchBlt
EngUnlockSurface
BRUSHOBJ_pvAllocRbrush
XLATEOBJ_iXlate
EngFillPath
EngStrokeAndFillPath
XFORMOBJ_iGetXform
PATHOBJ_vEnumStart
PATHOBJ_bEnum
EngBitBlt
EngLineTo
STROBJ_vEnumStart
STROBJ_bEnum
EngTextOut
FONTOBJ_pxoGetXform
XFORMOBJ_bApplyXform
EngAssociateSurface
EngDeleteSurface
EngCreateBitmap
EngDeletePalette
EngCopyBits
EngPaint
CLIPOBJ_bEnum
CLIPOBJ_cEnumStart
EngComputeGlyphSet
FONTOBJ_pfdg
EngCreatePalette
EngStrokePath

shell32

SHGetFolderLocation
SHGetPathFromIDListA

ole32

CoTaskMemFree

Exports

Exports

DllEntryPoint
DrvDisableDriver
DrvEnableDriver
DrvQueryDriverInfo
_GetCDatStructure@8
_InstallDefine@8

Sections

.text
Size: 428KB - Virtual size: 428KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCODUT50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOENG50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOFIN50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOFRA50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOGER50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOHEB50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOHUN50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOITA50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOJAP50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOKOR50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOLIT50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCONOR50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOPBR50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOPOL50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCORUS50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOSCH50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOSLO50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOSPA50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOSVK50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOSWE50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOTAI50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOTUR50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOUI50.DLL
.dll windows:5 windows x86 arch:x86

52ede3f2bbd760709d00f77fe01d4d0e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

_chkstk
strncmp
strstr
atol
wcsncmp
_strcmpi
sprintf
strcat
_ftol
swprintf
strcpy
strncpy
abs
wcscat
RtlMultiByteToUnicodeN
wcstombs
memset
strcspn
toupper
strncat
strcmp
strchr
strlen
wcsncpy
memcpy
_wcsicmp
wcscpy
memmove
wcslen
wcscmp
atoi
strrchr
strtol
_ultoa
_ltoa
RtlUnicodeToMultiByteN

user32

DrawTextA
GetCursorPos
PtInRect
MapWindowPoints
DrawTextW
LoadBitmapA
GetDlgItemTextW
CheckRadioButton
CheckDlgButton
IsWindowVisible
MoveWindow
PostMessageW
GetParent
IsWindowEnabled
GetWindowTextA
SetWindowTextA
LoadCursorA
SetCursor
GetWindowRect
ScreenToClient
InvalidateRect
GetScrollRange
GetScrollPos
SetScrollPos
LoadCursorW
IsDlgButtonChecked
LoadStringW
DialogBoxParamW
EnumChildWindows
GetWindowLongW
GetClassNameA
SetWindowLongW
SetRect
BeginPaint
GetWindowTextW
GetClientRect
EndPaint
CallWindowProcW
GetDlgItemTextA
GetSysColor
SendDlgItemMessageA
SendDlgItemMessageW
GetDlgItemInt
MessageBoxW
SendMessageW
EndDialog
GetDlgItem
ShowWindow
wsprintfA
SetDlgItemTextA
GetSystemMetrics
WinHelpA
SetWindowTextW
SetScrollRange
wsprintfW
SendMessageA
SetDlgItemTextW
EnableWindow
SetDlgItemInt

kernel32

CreateFileW
GetFileSize
CreateFileMappingW
MapViewOfFile
DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSection
OutputDebugStringA
GetVersionExW
_lcreat
_lwrite
WriteFile
GetUserDefaultLangID
GetPrivateProfileIntA
UnmapViewOfFile
LocalFree
LocalAlloc
_lopen
_llseek
OpenFile
_lclose
_lread
GetProfileIntA
GetSystemDirectoryW
GetLocalTime
GetTickCount
Sleep
GetProfileStringA
WaitForSingleObject
FindResourceW
CopyFileA
WritePrivateProfileStringA
WritePrivateProfileStringW
DeleteFileW
CreateFileA
GetFileTime
CompareFileTime
FindFirstFileA
FindNextFileA
FindClose
GetPrivateProfileStringA
DeleteFileA
HeapFree
SetLastError
LoadLibraryW
LeaveCriticalSection
GetLastError
HeapCreate
HeapAlloc
HeapDestroy
GlobalAlloc
GlobalFree
GetProcAddress
FreeLibrary
lstrlenW
lstrcpynW
CloseHandle

winspool.drv

SetPrinterDataExA
SetPrinterW
GetPrinterDataA
GetPrinterDataExA
GetPrinterDriverW
EnumFormsW
OpenPrinterW
ClosePrinter
GetPrinterW
DeletePrinterKeyA
AddFormW
StartDocPrinterA
WritePrinter
EndDocPrinter
SetPrinterDataW
GetPrinterDataW
DeleteFormW

gdi32

StretchDIBits
MoveToEx
LineTo
GetObjectA
CreateFontIndirectA
SetTextColor
StretchBlt
CreateCompatibleDC
GetObjectW
DPtoLP
CreateBitmap
CreateCompatibleBitmap
GetMapMode
SetMapMode
BitBlt
DeleteDC
CreatePen
Rectangle
ExtTextOutW
SelectObject
GetTextExtentPointW
SetBkMode
TextOutW
CreateFontIndirectW
CreateSolidBrush
SetBkColor
GetStockObject
DeleteObject

shell32

ShellExecuteExW
ShellExecuteA
SHGetPathFromIDListA
SHGetFolderLocation
ShellExecuteW

comdlg32

GetOpenFileNameA
ChooseColorW
GetOpenFileNameW
GetSaveFileNameA

advapi32

RegOpenCurrentUser
RegQueryValueExW
RegEnumKeyExW
RegCloseKey
RegOpenKeyExW

ole32

CoTaskMemFree

Exports

Exports

DevQueryPrintEx
DllInitialize
DrvConvertDevMode
DrvDeviceCapabilities
DrvDevicePropertySheets
DrvDocumentPropertySheets
DrvPrinterEvent
DrvUpgradePrinter
_GetCDatStructure@8
_InstallDefine@8

Sections

.text
Size: 333KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024KB - Virtual size: 1023KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/GCOUKR50.DLL
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllInitialize

Sections

.text
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Barcode/x86/ldaNLMNT.dll
.dll windows:5 windows x86 arch:x86

9b334936e04e91f7ce1dabf089c56fef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Driver\DrvCurrent\LangMon\LMlda\Release\Win32\ldaNLMNT.pdb

Imports

kernel32

GlobalAlloc
FormatMessageW
MultiByteToWideChar
VerifyVersionInfoW
GlobalFree
GetLastError
GetComputerNameA
CreateFileA
WriteFile
GetFileAttributesA
GetTempFileNameA
CloseHandle
LoadLibraryW
CreateMutexW
FreeLibrary
WaitForSingleObject
GetProcAddress
ReleaseMutex
SetFilePointer
InitializeCriticalSection
WideCharToMultiByte
LeaveCriticalSection
VerSetConditionMask
CreateFileW
EnterCriticalSection
GetLocalTime
DeleteCriticalSection
GetFileSize
lstrlenA
MapViewOfFile
UnmapViewOfFile
OpenFileMappingW
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
SetLastError
Sleep
ReadFile
GetTickCount
LoadLibraryA
InitializeCriticalSectionAndSpinCount
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
HeapAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetCurrentThreadId
GetCommandLineA
RaiseException
RtlUnwind
GetCPInfo
LCMapStringA
LCMapStringW
VirtualFree
VirtualAlloc
HeapCreate
HeapDestroy
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapSize
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetModuleHandleA

user32

wsprintfW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter
GetPrinterDriverW
SetJobW
GetJobW

shell32

ord165
SHGetPathFromIDListW
SHGetSpecialFolderLocation

ole32

CoTaskMemFree

Exports

Exports

DllEntryPoint
InitializePrintMonitor2

Sections

.text
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DriverName.cfg
Ticket/x64/GP2120TF.GPD
Ticket/x64/GP58120.GPD
Ticket/x64/GP58130.GPD
Ticket/x64/GP58130M.GPD
Ticket/x64/GP5830.GPD
Ticket/x64/GP5850.GPD
Ticket/x64/GP5860.GPD
Ticket/x64/GP5870.GPD
Ticket/x64/GP5890.GPD
Ticket/x64/GP5890X.GPD
Ticket/x64/GP58L.GPD
Ticket/x64/GP58MB.GPD
Ticket/x64/GP58N.DLL
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Ticket/x64/GP58N.GPD
Ticket/x64/GP58x64.CAT
Ticket/x64/GP58x64.INF
Ticket/x64/GP7635.GPD
Ticket/x64/GP7635IIIBM.GPD
Ticket/x64/GP7635K.GPD
Ticket/x64/GP7645BM.GPD
Ticket/x64/GP7645D.GPD
Ticket/x64/GP7645IIBM.GPD
Ticket/x64/GP7645IIIBM.GPD
Ticket/x64/GP7645cut.GPD
Ticket/x64/GP7645nocut.GPD
Ticket/x64/GP76BM.dll
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Ticket/x64/GP76BMx64.INF
Ticket/x64/GP76K.DLL
.dll windows:6 windows x64 arch:x64

Code Sign

19:9d:f8:72
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign eCommerce Services Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=Time-Stamping Authority WoSign,O=WoSign eCommerce Services Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

19:9d:f8:8e
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign eCommerce Services Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign eCommerce Services Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0c:4a:16:1e:a4:c5:0c
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign eCommerce Services Limited,C=CN

Not Before

10/04/2013, 05:20

Not After

12/04/2014, 05:32

Subject

CN=ZHUHAI SUNCSW RECEIPT PRINTER Co.\,LTD,O=ZHUHAI SUNCSW RECEIPT PRINTER Co.\,LTD,L=Zhuhai,ST=Guangdong,C=CN,1.2.840.113549.1.9.1=#0c0e575a594073756e6373772e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

3d
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

01/03/2011, 01:00

Not After

01/03/2016, 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign eCommerce Services Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6f:a8:0e:f0:68:fe:c0:72:d9:14:da:73:9a:07:fa:de:64:be:3e:0d
Signer

Actual PE Digest

6f:a8:0e:f0:68:fe:c0:72:d9:14:da:73:9a:07:fa:de:64:be:3e:0d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Ticket/x64/GP76N.DLL
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Ticket/x64/GP76x64.CAT
Ticket/x64/GP76x64.INF
Ticket/x64/GP80160cut.GPD
Ticket/x64/GP80250.GPD
Ticket/x64/GP80N.DLL
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Ticket/x64/GP80x64.INF
Ticket/x64/GP80x64.cat
Ticket/x64/GPA83I.GPD
Ticket/x64/GPH58130.GPD
Ticket/x64/PT280.GPD
Ticket/x64/STDNAMES.GPD
Ticket/x64/TTFSUB.GPD
Ticket/x64/UNIDRV.DLL
.dll windows:6 windows x64 arch:x64

a7a7c306e1bea7159c50f5b8f331624b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

unidrv.pdb

Imports

msvcrt

atan2
sqrtf
memcmp
iswctype
isspace
memset
memcpy
__C_specific_handler
_amsg_exit
free
_initterm
malloc
_XcptFilter
_strlwr
wcsstr
wcsrchr
_purecall
_strnicmp
_wcsnicmp
wcsncmp
qsort
strstr
_vsnprintf
atoi
strncmp
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
_stricmp
_wcsicmp
sqrt

winspool.drv

GetPrinterDataW
GetPrinterW
GetPrinterDriverW
EnumFormsW
WritePrinter
FlushPrinter

kernel32

MapViewOfFile
UnmapViewOfFile
CloseHandle
GetFileSize
LockResource
SizeofResource
LoadResource
FindResourceW
DeleteFileW
GetFileAttributesExW
WriteFile
GetSystemDefaultLCID
GetProcessHeap
SetLastError
LocalAlloc
GetVersionExW
LocalFree
HeapDestroy
MulDiv
GetProcAddress
HeapCreate
Sleep
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
VerSetConditionMask
GetSystemDirectoryW
LoadLibraryW
VerifyVersionInfoW
GetLastError
CompareFileTime
CreateFileW
GetFileTime
HeapFree
GetModuleHandleW
SetErrorMode
FreeLibrary
LoadLibraryExW
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
HeapReAlloc
CreateFileMappingW

ole32

CoCreateInstance
CoUninitialize
CoInitializeEx

gdi32

BRUSHOBJ_ulGetBrushColor
EngAssociateSurface
EngLockSurface
EngCreateBitmap
XLATEOBJ_piVector
EngDeletePath
CLIPOBJ_ppoGetPath
PATHOBJ_vGetBounds
XLATEOBJ_iXlate
STROBJ_bEnum
EngStretchBltROP
XLATEOBJ_cGetPalette
FONTOBJ_pvTrueTypeFontFile
EngUnicodeToMultiByteN
STROBJ_bGetAdvanceWidths
EngMultiByteToWideChar
FONTOBJ_vGetInfo
EngLoadModule
EngFindResource
FONTOBJ_pxoGetXform
STROBJ_vEnumStart
EngTextOut
CLIPOBJ_bEnum
CLIPOBJ_cEnumStart
STROBJ_bEnumPositionsOnly
FONTOBJ_cGetGlyphs
FONTOBJ_pifi
XFORMOBJ_iGetXform
BRUSHOBJ_pvGetRbrush
EngGetCurrentCodePage
EngTransparentBlt
EngGradientFill
EngAlphaBlend
EngLineTo
EngStrokeAndFillPath
EngFillPath
EngStrokePath
BRUSHOBJ_pvAllocRbrush
EngPaint
EngPlgBlt
EngStretchBlt
EngCopyBits
PATHOBJ_bEnum
PATHOBJ_vEnumStart
EngBitBlt
EngEraseSurface
XFORMOBJ_bApplyXform
HT_Get8BPPFormatPalette
HT_Get8BPPMaskPalette
EngCreatePalette
EngUnlockSurface
EngDeletePalette
EngFreeModule
EngMarkBandingSurface
EngCreateDeviceSurface
EngDeleteSurface

Exports

Exports

DllMain
DrvDisableDriver
DrvEnableDriver
DrvQueryDriverInfo

Sections

.text
Size: 389KB - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Ticket/x64/UNIDRV.HLP
Ticket/x64/UNIDRVUI.DLL
.dll windows:6 windows x64 arch:x64

43821a5b012d073248d9d1388148a920

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

unidrvui.pdb

Imports

msvcrt

isspace
_strnicmp
iswctype
memset
memcpy
__C_specific_handler
_amsg_exit
free
_initterm
malloc
_XcptFilter
_errno
_vsnprintf
_wtol
_wcsicmp
wcsstr
_purecall
wcsncmp
strncmp
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
_wtoi
_wcsnicmp
_stricmp
_itow
wcsrchr
atoi
memmove
_vsnwprintf
qsort
fprintf
vfprintf
towupper
wcschr

rpcrt4

UuidToStringW
UuidCreate
RpcStringFreeW

ole32

CoTaskMemFree
CreateStreamOnHGlobal
CoCreateInstance
CoInitializeEx
CoUninitialize
CoTaskMemAlloc

user32

InvalidateRect
SendMessageW
LoadCursorW
SetWindowLongPtrW
SetDlgItemTextW
ShowWindow
GetDlgItem
GetDlgItemTextW
GetWindowLongPtrW
EndDialog
DialogBoxParamW
LoadStringW
MessageBoxW
MessageBeep
LoadIconW
SetDlgItemTextA
WinHelpW
SendDlgItemMessageW
EnableWindow
CheckRadioButton
SetCursor

kernel32

lstrlenW
lstrcmpW
HeapDestroy
SetLastError
LocalAlloc
HeapCreate
GetLastError
LocalFree
GetModuleHandleW
GetLocaleInfoW
VerifyVersionInfoW
GetSystemDirectoryW
VerSetConditionMask
GetFileAttributesExW
GetFileTime
GetSystemDefaultLCID
CompareFileTime
CopyFileW
LockResource
SizeofResource
LoadLibraryW
LoadResource
FindResourceW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
OutputDebugStringA
Sleep
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
GetFileAttributesW
GetFileSize
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
SetErrorMode
LoadLibraryExW
MultiByteToWideChar
HeapFree
CloseHandle
WriteFile
ReadFile
GetTempFileNameW
CreateDirectoryW
CreateFileW
MulDiv
WideCharToMultiByte
FreeLibrary
GetProcAddress
MoveFileExW
DeleteFileW
HeapAlloc

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

winspool.drv

DeletePrinterDataW
SetPrinterDataW
GetPrinterDataW
GetPrinterW
EnumFormsW
AddFormW
DeleteFormW
OpenPrinterW
SetPrinterW
ClosePrinter
GetPrinterDriverW
GetFormW
GetPrinterDriverDirectoryW
DeviceCapabilitiesW

gdi32

CreateICW
EnumFontFamiliesW
CreateDCW
GetDeviceCaps
SetGraphicsMode
DeleteDC

oleaut32

VariantClear
VariantInit
SysFreeString
SysAllocStringLen
VariantChangeType
SysAllocString
SysStringLen

Exports

Exports

DevQueryPrintEx
DllCanUnloadNow
DllGetClassObject
DllMain
DrvConvertDevMode
DrvDeviceCapabilities
DrvDevicePropertySheets
DrvDocumentEvent
DrvDocumentPropertySheets
DrvDriverEvent
DrvPopulateFilterServices
DrvPrinterEvent
DrvQueryColorProfile
DrvQueryJobAttributes
DrvResetConfigCache
DrvSplDeviceCaps
DrvUpgradePrinter
MxdcGetPDEVAdjustment

Sections

.text
Size: 585KB - Virtual size: 584KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 248KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Ticket/x64/UNIRES.DLL
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 744KB - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Ticket/x64/gp76bmx64.cat
Ticket/x64/pro5BM.GPD
Ticket/x64/pro5cut.GPD
Ticket/x64/pro5nocut.GPD
Ticket/x86/GP2120TF.GPD
Ticket/x86/GP58120.GPD
Ticket/x86/GP58130.GPD
Ticket/x86/GP58130M.GPD
Ticket/x86/GP5830.GPD
Ticket/x86/GP5850.GPD
Ticket/x86/GP5860.GPD
Ticket/x86/GP5870.GPD
Ticket/x86/GP5890.GPD
Ticket/x86/GP5890X.GPD
Ticket/x86/GP58L.GPD
Ticket/x86/GP58MB.GPD
Ticket/x86/GP58N.DLL
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Ticket/x86/GP58N.GPD
Ticket/x86/GP58x86.CAT
Ticket/x86/GP58x86.INF
Ticket/x86/GP7635.GPD
Ticket/x86/GP7635IIIBM.GPD
Ticket/x86/GP7635K.GPD
Ticket/x86/GP7645BM.GPD
Ticket/x86/GP7645D.GPD
Ticket/x86/GP7645IIBM.GPD
Ticket/x86/GP7645IIIBM.GPD
Ticket/x86/GP7645cut.GPD
Ticket/x86/GP7645nocut.GPD
Ticket/x86/GP76BM.dll
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Ticket/x86/GP76BMx86.INF
Ticket/x86/GP76K.DLL
.dll windows:6 windows x86 arch:x86

Code Sign

19:9d:f8:72
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign eCommerce Services Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=Time-Stamping Authority WoSign,O=WoSign eCommerce Services Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

19:9d:f8:8e
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign eCommerce Services Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign eCommerce Services Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0c:4a:16:1e:a4:c5:0c
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign eCommerce Services Limited,C=CN

Not Before

10/04/2013, 05:20

Not After

12/04/2014, 05:32

Subject

CN=ZHUHAI SUNCSW RECEIPT PRINTER Co.\,LTD,O=ZHUHAI SUNCSW RECEIPT PRINTER Co.\,LTD,L=Zhuhai,ST=Guangdong,C=CN,1.2.840.113549.1.9.1=#0c0e575a594073756e6373772e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

3d
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

01/03/2011, 01:00

Not After

01/03/2016, 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign eCommerce Services Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

15:d7:2e:e7:79:39:98:69:36:40:e5:03:27:a8:fb:3b:2a:00:dc:30
Signer

Actual PE Digest

15:d7:2e:e7:79:39:98:69:36:40:e5:03:27:a8:fb:3b:2a:00:dc:30

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Ticket/x86/GP76N.DLL
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Ticket/x86/GP76x86.CAT
Ticket/x86/GP76x86.INF
Ticket/x86/GP80160cut.GPD
Ticket/x86/GP80250.GPD
Ticket/x86/GP80N.DLL
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Ticket/x86/GP80x86.INF
Ticket/x86/GP80x86.cat
Ticket/x86/GPA83I.GPD
Ticket/x86/GPH58130.GPD
Ticket/x86/PT280.GPD
Ticket/x86/STDNAMES.GPD
Ticket/x86/TTFSUB.GPD
Ticket/x86/UNIDRV.DLL
.dll windows:5 windows x86 arch:x86

3013692352710195717304146c3f5ae0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
CloseHandle
CompareFileTime
GetFileTime
CreateFileW
FreeLibrary
LoadLibraryExW
SetErrorMode
MultiByteToWideChar
GetSystemDefaultLCID
SetLastError
LoadLibraryW
SizeofResource
LockResource
LoadResource
FindResourceW
MapViewOfFile
CreateFileMappingW
GetFileSize
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
InterlockedDecrement
InterlockedIncrement
GetProcAddress
MulDiv
LocalFree
LocalAlloc
Sleep
UnmapViewOfFile

msvcrt

malloc
_adjust_fdiv
_initterm
free
??2@YAPAXI@Z
wcslen
wcscmp
_wcsnicmp
iswctype
_strnicmp
isspace
wcsncpy
wcsncmp
wcsstr
qsort
_vsnprintf
strstr
_strlwr
_purecall
strncmp
??3@YAXPAX@Z
strncpy
atoi
_wcsicmp
wcsrchr

winspool.drv

GetPrinterDataW
GetPrinterDriverW
EnumFormsW
GetPrinterW
WritePrinter
FlushPrinter

gdi32

EngGradientFill
XLATEOBJ_piVector
XLATEOBJ_iXlate
STROBJ_bEnum
EngStretchBltROP
XLATEOBJ_cGetPalette
EngUnicodeToMultiByteN
FONTOBJ_pvTrueTypeFontFile
STROBJ_bGetAdvanceWidths
FONTOBJ_vGetInfo
EngMultiByteToWideChar
EngFindResource
EngLoadModule
FONTOBJ_pifi
FONTOBJ_pxoGetXform
EngTextOut
STROBJ_vEnumStart
STROBJ_bEnumPositionsOnly
FONTOBJ_cGetGlyphs
CLIPOBJ_cEnumStart
EngGetCurrentCodePage
CLIPOBJ_bEnum
XFORMOBJ_iGetXform
BRUSHOBJ_ulGetBrushColor
BRUSHOBJ_pvGetRbrush
EngTransparentBlt
EngAlphaBlend
EngLineTo
EngStrokeAndFillPath
EngFillPath
EngStrokePath
BRUSHOBJ_pvAllocRbrush
EngPaint
EngPlgBlt
EngStretchBlt
EngCopyBits
PATHOBJ_vEnumStart
EngDeletePalette
EngFreeModule
EngCreateDeviceSurface
EngCreateBitmap
EngDeleteSurface
EngUnlockSurface
EngMarkBandingSurface
EngLockSurface
EngAssociateSurface
HT_Get8BPPFormatPalette
HT_Get8BPPMaskPalette
EngCreatePalette
XFORMOBJ_bApplyXform
EngBitBlt
EngEraseSurface
PATHOBJ_bEnum
CLIPOBJ_ppoGetPath

Exports

Exports

DllMain
DrvDisableDriver
DrvEnableDriver
DrvQueryDriverInfo

Sections

.text
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Ticket/x86/UNIDRV.HLP
Ticket/x86/UNIDRVUI.DLL
.dll windows:5 windows x86 arch:x86

1053478c3502420e342022181930c8cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
HeapCreate
MulDiv
CloseHandle
DeleteFileW
CreateFileW
WriteFile
ReadFile
GetTempFileNameW
MoveFileExW
CreateDirectoryW
FreeLibrary
GetProcAddress
LoadLibraryW
WideCharToMultiByte
HeapFree
InterlockedIncrement
InterlockedDecrement
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
SetErrorMode
MultiByteToWideChar
GetFileSize
HeapDestroy
MapViewOfFile
CreateFileMappingW
GetFileAttributesW
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
GetLocaleInfoW
GetFileAttributesExW
GetSystemDefaultLCID
GetFileTime
CompareFileTime
CopyFileW
lstrlenW
FindResourceW
LoadResource
LockResource
SizeofResource
Sleep
SetLastError
LocalAlloc
HeapAlloc
UnmapViewOfFile
LocalFree
LoadLibraryExW

msvcrt

_adjust_fdiv
_initterm
free
strncpy
wcsncpy
??2@YAPAXI@Z
??3@YAXPAX@Z
_wcsnicmp
_stricmp
wcsrchr
memmove
_vsnwprintf
wcscmp
wcslen
qsort
_wcsicmp
malloc
strncmp
_wtol
iswctype
_strnicmp
isspace

rpcrt4

UuidCreate
UuidToStringW
RpcStringFreeW

user32

LoadCursorW
GetDlgItemTextW
WinHelpW
SendDlgItemMessageW
MessageBeep
MessageBoxW
LoadStringW
CheckRadioButton
ShowWindow
GetDlgItem
SetDlgItemTextW
SetWindowLongW
EndDialog
GetWindowLongW
DialogBoxParamW
LoadIconW
SetDlgItemTextA
EnableWindow
SetCursor
InvalidateRect
SendMessageW

winspool.drv

GetFormW
GetPrinterDriverW
EnumFormsW
SetPrinterW
ClosePrinter
DeletePrinterDataW
OpenPrinterW
AddFormW
DeleteFormW
GetPrinterDriverDirectoryW
GetPrinterDataW
GetPrinterW
SetPrinterDataW

gdi32

DeleteDC
EnumFontFamiliesW
SetGraphicsMode
CreateICW

Exports

Exports

DevQueryPrintEx
DllMain
DrvConvertDevMode
DrvDeviceCapabilities
DrvDevicePropertySheets
DrvDocumentEvent
DrvDocumentPropertySheets
DrvDriverEvent
DrvPrinterEvent
DrvQueryColorProfile
DrvQueryJobAttributes
DrvSplDeviceCaps
DrvUpgradePrinter

Sections

.text
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 764B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Ticket/x86/UNIRES.DLL
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 603KB - Virtual size: 602KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Ticket/x86/gp76bmx86.cat
Ticket/x86/pro5BM.GPD
Ticket/x86/pro5cut.GPD
Ticket/x86/pro5nocut.GPD
驱动/Driver_Install_Receipt_Label_GB.exe
.exe windows:4 windows x86 arch:x86

4705ecd50fe88c32baed385c21ebb748

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
HeapFree
ExitThread
RaiseException
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
RtlUnwind
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProfileStringA
GetFileTime
GetFileSize
GetTickCount
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DuplicateHandle
SetErrorMode
FileTimeToLocalFileTime
FileTimeToSystemTime
GetOEMCP
GetCPInfo
GetThreadLocale
SizeofResource
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
MulDiv
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
LocalAlloc
lstrcpynA
lstrlenW
FindNextFileA
FindFirstFileA
SetLastError
FindClose
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
lstrlenA
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
SetThreadPriority
WaitForSingleObject
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetFileAttributesA
LoadLibraryA
FreeLibrary
ReadFile
WriteFile
GetOverlappedResult
FormatMessageA
LocalFree
SuspendThread
ResumeThread
WaitCommEvent
ClearCommError
WaitForMultipleObjects
GetCommMask
ResetEvent
CreateEventA
InitializeCriticalSection
EnterCriticalSection
CreateFileA
SetupComm
SetCommTimeouts
SetCommMask
GetCommState
BuildCommDCBA
SetCommState
PurgeComm
LeaveCriticalSection
SetEvent
CloseHandle
RemoveDirectoryA
GetCurrentDirectoryA
GetVersionExA
GetSystemDirectoryA
GetWindowsDirectoryA
CopyFileA
GetLastError
DeleteFileA
CreateThread
Sleep
GetModuleHandleA
GetProcAddress
GetCurrentProcess
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
FreeEnvironmentStringsA

user32

ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
LoadIconA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
ScreenToClient
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
GetClientRect
GetDC
ReleaseDC
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
IsWindow
GetSystemMetrics
RegisterWindowMessageA
SendMessageA
SetTimer
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
SetDlgItemTextA
IsWindowUnicode
KillTimer
InvalidateRect
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
PostThreadMessageA
RegisterClipboardFormatA
OffsetRect
CharUpperA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SetCursor
PostQuitMessage
PostMessageA
MessageBoxA
EnableWindow
DestroyMenu
InflateRect
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
LoadStringA
GetSysColorBrush
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
PtInRect
GetClassNameA
ClientToScreen
GetDesktopWindow
IntersectRect
LoadCursorA

gdi32

GetDeviceCaps
GetViewportExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetObjectA
SetBkColor
SetTextColor
GetClipBox
PatBlt
GetWindowExtEx
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
EnumPortsA
AddPrinterA
ClosePrinter
DeletePrinter
SetPrinterA
AddPrinterDriverExA
GetPrinterDriverDirectoryA
AddMonitorA
DeleteMonitorA
AddPortA
EnumPrintersA
ConfigurePortA
DeletePortA

advapi32

RegSetValueExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CloseServiceHandle
ControlService
StartServiceA
RegCloseKey
RegEnumValueA
RegQueryValueExA
RegCreateKeyExA
OpenSCManagerA
OpenServiceA
QueryServiceStatus

comctl32

ImageList_Destroy
ord17

oledlg

ord8

ole32

OleUninitialize
OleInitialize
CoDisconnectObject
CoTaskMemAlloc
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoTaskMemFree

olepro32

ord253

oleaut32

SysFreeString
SysAllocStringLen
VariantCopy
VariantClear
VariantChangeType
SysAllocString
VariantTimeToSystemTime
SysStringLen
SysAllocStringByteLen
LoadTypeLi

Sections

.text
Size: 176KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
驱动/Driver_Install_Receipt_Label_GBSrv.exe
.exe windows:10 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 120KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 113KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
驱动/Driver_Install_Receipt_Label_GBSrvSrv.exe
.exe windows:10 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 120KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
驱动/Driver_Install_Receipt_Label_GBSrvSrvSrv.exe
.exe windows:10 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 120KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:10 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.code
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6e9874e349e24e3f020b7e9fe4f8139

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 445KB - Virtual size: 445KB

.rdata Size: 60KB - Virtual size: 60KB

.data Size: 26KB - Virtual size: 54KB

.rsrc Size: 64KB - Virtual size: 63KB

.reloc Size: 26KB - Virtual size: 25KB

Size: 56KB - Virtual size: 60KB

fa7bbfc375651121b7223cafa40dc7b8

Code Sign

61:03:dc:f6:00:00:00:00:00:0cCertificate

Extended Key Usages

Key Usages

61:15:23:0f:00:00:00:00:00:0aCertificate

Extended Key Usages

Key Usages

61:16:68:34:00:00:00:00:00:1cCertificate

Extended Key Usages

Key Usages

61:07:02:dc:00:00:00:00:00:0bCertificate

Extended Key Usages

Key Usages

6b:55:60:61:36:ea:2b:db:06:1f:e0:d9:92:1a:27:14:39:e5:af:dbSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

ntdll

kernel32

user32

setupapi

advapi32

ole32

wintrust

crypt32

Exports

Exports

Sections

.text Size: 452KB - Virtual size: 451KB

.data Size: 2KB - Virtual size: 4KB

.pdata Size: 41KB - Virtual size: 40KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 36B

.rsrc Size: 30KB - Virtual size: 30KB

.reloc Size: 512B - Virtual size: 72B

c528055c3cf134ded0a3cd44c231fb8c

Headers

File Characteristics

PDB Paths

Imports

kernel32

.text
Size: 445KB - Virtual size: 445KB

.rdata
Size: 60KB - Virtual size: 60KB

.data
Size: 26KB - Virtual size: 54KB

.rsrc
Size: 64KB - Virtual size: 63KB

.reloc
Size: 26KB - Virtual size: 25KB

61:03:dc:f6:00:00:00:00:00:0c
Certificate

61:15:23:0f:00:00:00:00:00:0a
Certificate

61:16:68:34:00:00:00:00:00:1c
Certificate

61:07:02:dc:00:00:00:00:00:0b
Certificate

6b:55:60:61:36:ea:2b:db:06:1f:e0:d9:92:1a:27:14:39:e5:af:db
Signer

.text
Size: 452KB - Virtual size: 451KB

.data
Size: 2KB - Virtual size: 4KB

.pdata
Size: 41KB - Virtual size: 40KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 36B

.rsrc
Size: 30KB - Virtual size: 30KB

.reloc
Size: 512B - Virtual size: 72B

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 36B

.rsrc
Size: 45KB - Virtual size: 45KB

.reloc
Size: 512B - Virtual size: 72B

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 36B

.rsrc
Size: 44KB - Virtual size: 44KB

.reloc
Size: 512B - Virtual size: 72B

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 36B

.rsrc
Size: 45KB - Virtual size: 44KB

.reloc
Size: 512B - Virtual size: 72B

.text
Size: 545KB - Virtual size: 545KB

.data
Size: 4.6MB - Virtual size: 4.6MB

.pdata
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 15KB - Virtual size: 15KB

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 36B

.rsrc
Size: 47KB - Virtual size: 46KB