FindProc
KillProc
WaitProcEnd
WaitProcStart
Static task
static1
1 signatures
General
-
Target
qbittorrent_4.6.6_x64_setup.exe
-
Size
34.0MB
-
MD5
c91b91e2b4c4fc170667b626c129cd0b
-
SHA1
08c6ab3e097cac25dcad9fa7e30fe1e39b31a00e
-
SHA256
d26a7a6351c08c73ba1ef409e78b660426d93ec7a61f1d543ba2ed607bee4b13
-
SHA512
df8128dcd8a1da7508e19db861ef3f7ca4c2c63181329963ca61dd59f01179b7ab9627940ef773325213bfd2007ca677c9d19e95ea5201f55664775f64030e31
-
SSDEEP
786432:7YKjoNO8z048juEjn+yK260HhPY7CE7JkI17G+qgHjftiwo:7YK0OI0hng260H5YuQJ91p2
Score
3/10
Malware Config
Signatures
-
Unsigned PE 14 IoCs
Checks for missing Authenticode signature.
resource qbittorrent_4.6.6_x64_setup.exe unpack001/$PLUGINSDIR/FindProcDLL.dll unpack001/$PLUGINSDIR/LangDLL.dll unpack001/$PLUGINSDIR/System.dll unpack001/$PLUGINSDIR/UAC.dll unpack001/$PLUGINSDIR/nsDialogs.dll unpack001/$PLUGINSDIR/nsisFirewallW.dll unpack001/qbittorrent.exe unpack001/uninst.exe unpack009/$PLUGINSDIR/FindProcDLL.dll unpack009/$PLUGINSDIR/LangDLL.dll unpack009/$PLUGINSDIR/System.dll unpack009/$PLUGINSDIR/UAC.dll unpack009/$PLUGINSDIR/nsisFirewallW.dll
Files
-
qbittorrent_4.6.6_x64_setup.exe.exe windows:4 windows x86 arch:x86
Password: infecter
9dda1a1d1f8a1d13ae0297b47046b26e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegEnumValueW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExW
RegCreateKeyExW
shell32
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHFileOperationW
ShellExecuteExW
ole32
CoCreateInstance
OleUninitialize
OleInitialize
IIDFromString
CoTaskMemFree
comctl32
ImageList_Destroy
ord17
ImageList_AddMasked
ImageList_Create
user32
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
CreatePopupMenu
AppendMenuW
TrackPopupMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetSysColor
SetWindowPos
GetWindowLongW
IsWindowEnabled
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CharPrevW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
CharNextA
wsprintfA
DispatchMessageW
CreateWindowExW
PeekMessageW
GetSystemMetrics
gdi32
GetDeviceCaps
SetBkColor
SelectObject
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
kernel32
RemoveDirectoryW
lstrcmpiA
GetTempFileNameW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersionExW
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
WriteFile
ExitProcess
GetCurrentProcess
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
Sleep
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
MulDiv
lstrcpyA
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
CopyFileW
Sections
.text Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 126KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 188KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 35KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/FindProcDLL.dll.dll windows:5 windows x86 arch:x86
Password: infecter
0cd94af3a016a5de4ab9a5a9a02d4173
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalFree
lstrcpyW
CloseHandle
Sleep
GetExitCodeProcess
WaitForSingleObject
TerminateProcess
GetLongPathNameW
lstrcmpiW
QueryDosDeviceW
GetLogicalDriveStringsW
lstrlenW
OpenProcess
GetCurrentProcessId
GetProcAddress
LoadLibraryW
GetVersionExW
Exports
Exports
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 28B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 196B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/LangDLL.dll.dll windows:4 windows x86 arch:x86
Password: infecter
fe3375e7e4529b73ba45ab2246b9269b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalFree
lstrlenW
GlobalAlloc
lstrcmpW
GetModuleHandleW
MulDiv
lstrcpyW
lstrcpynW
user32
SetWindowTextW
SetDlgItemTextW
SendDlgItemMessageW
EndDialog
DialogBoxParamW
LoadIconW
SendMessageW
ShowWindow
GetDC
gdi32
CreateFontIndirectW
GetDeviceCaps
DeleteObject
Exports
Exports
LangDialog
Sections
.text Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 681B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 352B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 352B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:4 windows x86 arch:x86
Password: infecter
509a34b3a68a773e0afb4259e68f9f82
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalAlloc
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError
user32
wsprintfW
ole32
StringFromGUID2
CLSIDFromString
Exports
Exports
Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 867B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 120B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 662B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/UAC.dll.dll windows:4 windows x86 arch:x86
Password: infecter
0ef725341a4aecf8398c0e2132f38049
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
SetLastError
GetCurrentProcessId
GetCommandLineW
GetProcAddress
CreateThread
GlobalFree
LoadLibraryA
OpenProcess
GlobalAlloc
CreateFileMappingW
Sleep
MapViewOfFile
GetModuleHandleW
UnmapViewOfFile
CreateEventW
SetCurrentDirectoryW
GetVersionExW
GetExitCodeProcess
lstrcatW
LocalFree
GetPrivateProfileStringW
FormatMessageW
GetPrivateProfileIntW
CreateProcessW
CloseHandle
GetLastError
DuplicateHandle
GetCurrentThreadId
lstrlenW
SetEvent
WaitForSingleObject
lstrcmpiW
GetExitCodeThread
GetModuleFileNameW
user32
SetWindowPos
GetClientRect
GetWindowThreadProcessId
SetWindowLongW
DefWindowProcW
GetDlgItem
CallWindowProcW
CallNextHookEx
GetClassNameW
PeekMessageW
DestroyWindow
SendMessageW
SetForegroundWindow
IsWindowVisible
MsgWaitForMultipleObjects
LoadStringW
EndDialog
EnableWindow
DialogBoxParamW
LoadImageW
MessageBoxW
GetWindowLongW
DispatchMessageW
ShowWindow
wsprintfW
CreateDialogParamW
GetWindowRect
IsDialogMessageW
FindWindowExW
CharNextW
CreateWindowExW
LoadIconW
PostMessageW
SetWindowsHookExW
UnhookWindowsHookEx
TranslateMessage
shell32
ShellExecuteExW
advapi32
OpenServiceW
QueryServiceStatus
CloseServiceHandle
OpenProcessToken
OpenSCManagerW
GetUserNameW
AdjustTokenPrivileges
LookupPrivilegeValueW
GetTokenInformation
EqualSid
ole32
CoInitialize
Exports
Exports
_
Sections
.text Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 100B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/modern-header.bmp
-
$PLUGINSDIR/modern-wizard.bmp
-
$PLUGINSDIR/nsDialogs.dll.dll windows:4 windows x86 arch:x86
Password: infecter
3b477381217c97b22146297f93df2a92
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
lstrcpyW
GetFileAttributesW
lstrcmpiW
MulDiv
lstrlenW
HeapFree
GetProcessHeap
GetCurrentDirectoryW
HeapReAlloc
GlobalFree
lstrcpynW
GlobalAlloc
HeapAlloc
SetCurrentDirectoryW
user32
GetPropW
DestroyWindow
CallWindowProcW
SetCursor
LoadCursorW
RemovePropW
CharPrevW
GetWindowLongW
DrawTextW
GetWindowTextW
SetWindowLongW
GetDlgItem
GetSysColor
SetWindowPos
CreateDialogParamW
MapWindowPoints
GetWindowRect
SetPropW
CreateWindowExW
IsWindow
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
MapDialogRect
GetClientRect
CharNextW
SendMessageW
DrawFocusRect
gdi32
SetTextColor
shell32
SHBrowseForFolderW
SHGetPathFromIDListW
comdlg32
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
ole32
CoTaskMemFree
Exports
Exports
Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show
Sections
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 152B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 638B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/nsisFirewallW.dll.dll windows:4 windows x86 arch:x86
Password: infecter
18ecfc7436b69f8c13ec22664f9f1857
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalFree
lstrcpyW
lstrcpynW
GlobalAlloc
InterlockedDecrement
LocalFree
user32
wsprintfW
ole32
OleRun
CLSIDFromString
CLSIDFromProgID
CoInitialize
CoCreateInstance
CoUninitialize
oleaut32
GetErrorInfo
SysFreeString
SysAllocString
msvcrt
free
_adjust_fdiv
malloc
_initterm
_CxxThrowException
??2@YAPAXI@Z
??3@YAXPAX@Z
??1type_info@@UAE@XZ
__CxxFrameHandler
Exports
Exports
AddAuthorizedApplication
RemoveAuthorizedApplication
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 324B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 546B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
qbittorrent.exe.exe windows:6 windows x64 arch:x64
Password: infecter
3cbb3302b1633416afbdb50259492209
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
qbittorrent.pdb
Imports
uxtheme
GetThemeTransitionDuration
GetThemeInt
GetThemeEnumValue
GetThemePropertyOrigin
GetThemeColor
IsThemeBackgroundPartiallyTransparent
OpenThemeData
IsThemeActive
IsAppThemed
SetWindowTheme
CloseThemeData
ord47
GetThemeBool
GetCurrentThemeName
GetThemeMargins
GetThemeBackgroundRegion
GetThemePartSize
d3d11
D3D11CreateDevice
dxgi
CreateDXGIFactory1
CreateDXGIFactory2
dwrite
DWriteCreateFactory
gdi32
GetStockObject
CreateFontIndirectW
GetFontData
EnumFontFamiliesExW
AddFontMemResourceEx
RemoveFontMemResourceEx
GetTextMetricsW
AddFontResourceExW
RemoveFontResourceExW
CreateBitmap
GetOutlineTextMetricsW
GetCharWidthI
GetTextExtentPoint32W
SetGraphicsMode
SetWorldTransform
GetGlyphOutlineW
GetCharABCWidthsFloatW
GetDIBits
SelectClipRgn
GetRegionData
GetCharABCWidthsI
GetCharABCWidthsW
SetTextColor
SetBkMode
GdiFlush
CreateDIBSection
CreateCompatibleDC
DeleteDC
SelectObject
DeleteObject
CombineRgn
CreateRectRgn
GetObjectW
GetBitmapBits
CreateCompatibleBitmap
CreateDCW
OffsetRgn
CreateSolidBrush
SetLayout
BitBlt
GetDeviceCaps
GetTextFaceW
ExtTextOutW
SetTextAlign
dwmapi
DwmEnableBlurBehindWindow
DwmGetWindowAttribute
DwmSetWindowAttribute
imm32
ImmNotifyIME
ImmReleaseContext
ImmGetOpenStatus
ImmAssociateContextEx
ImmAssociateContext
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetDefaultIMEWnd
ImmGetCompositionStringW
ImmGetVirtualKey
ImmGetContext
oleaut32
VariantInit
SysStringLen
GetErrorInfo
VariantClear
SysFreeString
SafeArrayCreateVector
SafeArrayPutElement
SysAllocString
SetErrorInfo
shlwapi
AssocQueryStringW
wtsapi32
WTSFreeMemory
WTSQuerySessionInformationW
api-ms-win-shcore-scaling-l1-1-1
GetProcessDpiAwareness
GetDpiForMonitor
SetProcessDpiAwareness
comdlg32
GetOpenFileNameW
GetSaveFileNameW
d3d9
Direct3DCreate9
powrprof
SetSuspendState
wsock32
htonl
ntohs
WSASetLastError
WSAGetLastError
htons
setsockopt
inet_ntoa
getsockopt
connect
getsockname
listen
select
closesocket
bind
accept
__WSAFDIsSet
getpeername
ord1141
ord1142
socket
ntohl
WSACleanup
WSAStartup
iphlpapi
CancelMibChangeNotify2
NotifyUnicastIpAddressChange
ConvertInterfaceLuidToIndex
ConvertInterfaceIndexToLuid
ConvertInterfaceLuidToNameW
ConvertInterfaceLuidToGuid
ConvertInterfaceNameToLuidW
GetAdaptersAddresses
winhttp
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetDefaultProxyConfiguration
WinHttpOpen
WinHttpCloseHandle
secur32
ApplyControlToken
EncryptMessage
FreeContextBuffer
InitSecurityInterfaceW
DeleteSecurityContext
QueryContextAttributesW
AcquireCredentialsHandleW
FreeCredentialsHandle
DecryptMessage
AcceptSecurityContext
InitializeSecurityContextW
bcrypt
BCryptOpenAlgorithmProvider
BCryptDestroyKey
BCryptGenRandom
BCryptGenerateSymmetricKey
BCryptSetProperty
BCryptCloseAlgorithmProvider
BCryptDecrypt
BCryptEncrypt
crypt32
CertCloseStore
PFXImportCertStore
CertAddStoreToCollection
CertFindChainInStore
CertGetCertificateChain
CertVerifyTimeValidity
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CertFreeCertificateChain
CertFindCertificateInStore
CertOpenStore
CertCreateCertificateContext
CertAddCertificateContextToStore
CertGetCertificateContextProperty
CertFreeCertificateContext
CertOpenSystemStoreW
CertOpenSystemStoreA
api-ms-win-core-synch-l1-2-0
WakeByAddressAll
WakeByAddressSingle
WaitOnAddress
mpr
WNetGetUniversalNameW
userenv
GetUserProfileDirectoryW
advapi32
CryptSetHashParam
AdjustTokenPrivileges
LookupPrivilegeValueW
GetUserNameW
InitiateSystemShutdownW
RegCloseKey
RegEnumKeyExW
RegFlushKey
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumValueW
RegCreateKeyExW
LookupAccountSidW
GetNamedSecurityInfoW
AddAccessAllowedAceEx
AddAccessDeniedAceEx
DuplicateToken
CopySid
SystemFunction036
GetSidSubAuthorityCount
GetSidSubAuthority
CryptDestroyKey
CryptGetUserKey
CryptAcquireContextW
CryptEnumProvidersW
CryptDecrypt
CryptExportKey
CryptCreateHash
OpenProcessToken
CryptDestroyHash
CryptSignHashW
CryptGetProvParam
CryptReleaseContext
DeregisterEventSource
RegisterEventSourceW
ReportEventW
RegNotifyChangeKeyValue
LookupAccountNameW
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
FreeSid
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
GetTokenInformation
InitializeSecurityDescriptor
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
authz
AuthzFreeResourceManager
AuthzInitializeContextFromSid
AuthzInitializeContextFromToken
AuthzFreeContext
AuthzAccessCheck
AuthzInitializeResourceManager
kernel32
FileTimeToSystemTime
MoveFileExW
MoveFileW
GetCurrentDirectoryW
GetLogicalDrives
SetErrorMode
SetFileTime
GetFileInformationByHandleEx
FlsSetValue
FlsGetValue
FlsAlloc
GetExitCodeThread
CloseThreadpoolWork
EncodePointer
DecodePointer
LCMapStringEx
GetStringTypeW
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
FindFirstFileExW
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
FindFirstChangeNotificationW
RtlUnwindEx
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwind
LoadLibraryExW
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
InitOnceComplete
GetVolumePathNamesForVolumeNameW
TzSpecificLocalTimeToSystemTime
VirtualQuery
OpenFileMappingW
FindCloseChangeNotification
FindNextChangeNotification
SetConsoleCtrlHandler
GetConsoleOutputCP
ExitProcess
ExitThread
FreeLibraryAndExitThread
SystemTimeToTzSpecificLocalTime
GetCommandLineA
SetStdHandle
IsValidLocale
GetVolumeNameForVolumeMountPointW
GetDiskFreeSpaceExW
GetUserGeoID
GetGeoInfoW
CreateSemaphoreW
ReleaseSemaphore
K32GetModuleFileNameExW
FlsFree
InitializeCriticalSectionEx
GetTimeZoneInformation
InitializeSListHead
UnhandledExceptionFilter
EnumSystemLocalesW
SetEnvironmentVariableW
IsValidCodePage
GetOEMCP
WriteConsoleW
GetUserDefaultLocaleName
InitOnceBeginInitialize
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
RaiseException
RtlPcToFileHeader
SetFileAttributesW
GetLocaleInfoEx
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
VirtualAlloc
VirtualFree
HeapDestroy
CloseHandle
GetCurrentProcess
GetCurrentThread
SetThreadPriority
GetProcAddress
LoadLibraryW
LocalFree
FormatMessageA
FormatMessageW
WideCharToMultiByte
GetCurrentProcessId
GetLastError
ReleaseMutex
WaitForSingleObject
CreateMutexW
OpenMutexW
Sleep
WaitForMultipleObjects
RtlCaptureStackBackTrace
MultiByteToWideChar
GetDriveTypeW
GetVolumePathNameW
GetSystemDirectoryW
VerSetConditionMask
VerifyVersionInfoW
SetThreadExecutionState
GetVolumeInformationW
lstrcmpW
GetConsoleWindow
GetLongPathNameW
GetUserDefaultLangID
LocalAlloc
GetModuleHandleW
GetCurrentThreadId
WTSGetActiveConsoleSessionId
OpenProcess
CheckRemoteDebuggerPresent
GlobalAlloc
GlobalLock
GlobalUnlock
GetLocaleInfoW
ExpandEnvironmentStringsW
CreateProcessW
GlobalSize
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CreateFileW
UnmapViewOfFile
GetFileSize
CreateFileMappingW
MapViewOfFile
PostQueuedCompletionStatus
SetWaitableTimer
SetLastError
InitializeCriticalSectionAndSpinCount
GetQueuedCompletionStatus
CreateEventW
SetEvent
TerminateThread
QueueUserAPC
SleepEx
CreateIoCompletionPort
GetFileAttributesExW
CreateDirectoryW
RemoveDirectoryW
CreateHardLinkW
GetFileInformationByHandle
DeleteFileW
CopyFileW
ReadFile
FindFirstFileW
GetFileSizeEx
FindNextFileW
WriteFile
DeviceIoControl
SetEndOfFile
FindClose
LoadLibraryA
GetOverlappedResult
SetFilePointerEx
CreateEventA
CreateWaitableTimerA
GetACP
CancelIoEx
CancelIo
GetModuleHandleA
GetSystemTimeAsFileTime
GlobalMemoryStatusEx
WaitForMultipleObjectsEx
WaitNamedPipeW
DisconnectNamedPipe
CreateNamedPipeW
ConnectNamedPipe
ResetEvent
GlobalFree
SystemTimeToFileTime
GetSystemTime
GetModuleHandleExW
DeleteFiber
SwitchToFiber
CreateFiber
TlsSetValue
TlsAlloc
TlsGetValue
TlsFree
GetStdHandle
GetEnvironmentVariableW
GetFileType
RtlVirtualUnwind
QueryPerformanceCounter
ConvertFiberToThread
ConvertThreadToFiber
FreeLibrary
SetConsoleMode
ReadConsoleA
GetConsoleMode
ReadConsoleW
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
HeapFree
GetFullPathNameW
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
SetFilePointer
GetFullPathNameA
UnlockFileEx
GetTempPathW
GetFileAttributesW
HeapValidate
HeapSize
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
OutputDebugStringW
FlushViewOfFile
CreateFileA
WaitForSingleObjectEx
DeleteFileA
HeapReAlloc
GetSystemInfo
HeapAlloc
HeapCompact
GetModuleFileNameW
UnlockFile
LockFileEx
GetProcessHeap
GetTickCount
FlushFileBuffers
CompareStringEx
GetNativeSystemInfo
IsProcessorFeaturePresent
TerminateProcess
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetExitCodeProcess
GetProcessId
GetLocalTime
DuplicateHandle
CreateThread
SwitchToThread
GetThreadPriority
ResumeThread
QueryPerformanceFrequency
CompareStringW
LCMapStringW
GetUserDefaultLCID
GetCurrencyFormatW
GetDateFormatW
GetTimeFormatW
GetUserPreferredUILanguages
SetThreadpoolWait
WaitForThreadpoolWaitCallbacks
CreateThreadpoolWait
CloseThreadpoolWait
PeekNamedPipe
netapi32
NetApiBufferFree
NetShareEnum
ole32
OleInitialize
CoGetMalloc
OleUninitialize
RegisterDragDrop
CoTaskMemFree
StringFromGUID2
CoCreateGuid
CoInitializeEx
CoUninitialize
DoDragDrop
CoCreateInstance
OleIsCurrentClipboard
OleSetClipboard
RevokeDragDrop
OleFlushClipboard
CoLockObjectExternal
CoGetApartmentType
CoGetObjectContext
OleGetClipboard
ReleaseStgMedium
CoCreateFreeThreadedMarshaler
user32
DestroyIcon
GetSystemMenu
EnableMenuItem
GetSysColor
GetSystemMetrics
SystemParametersInfoW
DestroyWindow
GetDesktopWindow
GetDC
ReleaseDC
MessageBoxW
CreateIconIndirect
GetIconInfo
DrawIconEx
SystemParametersInfoForDpi
IsWindow
GetCaretBlinkTime
GetDoubleClickTime
MessageBeep
UpdateLayeredWindowIndirect
DefWindowProcW
DestroyCursor
GetWindowLongPtrW
GetAncestor
GetCapture
GetClientRect
ClientToScreen
ScreenToClient
SetWindowLongPtrW
GetWindowPlacement
GetWindowRect
GetParent
IsWindowVisible
UpdateLayeredWindow
SetLayeredWindowAttributes
InvalidateRect
GetSystemMetricsForDpi
MonitorFromPoint
GetDpiForWindow
CreateWindowExW
SetWindowPos
AdjustWindowRectEx
AdjustWindowRectExForDpi
IsTouchWindow
SetWindowTextW
SetParent
ShowWindow
UnregisterTouchWindow
SetForegroundWindow
GetForegroundWindow
IsChild
GetWindow
SetWindowPlacement
IsIconic
MoveWindow
FillRect
GetUpdateRect
BeginPaint
EndPaint
AllowSetForegroundWindow
GetMenu
SetWindowRgn
GetWindowThreadProcessId
AttachThreadInput
SetFocus
SetCapture
PostMessageW
SetCursor
FlashWindowEx
SendMessageW
RegisterTouchWindow
GetKeyboardLayoutList
GetAwarenessFromDpiAwarenessContext
GetWindowDpiAwarenessContext
EnableNonClientDpiScaling
UnregisterPowerSettingNotification
RegisterPowerSettingNotification
ShutdownBlockReasonDestroy
GetSysColorBrush
GetClassInfoW
LoadImageW
RegisterClassExW
UnregisterClassW
ChildWindowFromPointEx
WindowFromPoint
GetCursorPos
GetFocus
AddClipboardFormatListener
SetClipboardViewer
RemoveClipboardFormatListener
ChangeClipboardChain
IsHungAppWindow
RegisterClipboardFormatW
GetMessageW
GetPointerInfo
SendInput
GetDisplayConfigBufferSizes
QueryDisplayConfig
DisplayConfigGetDeviceInfo
GetMonitorInfoW
EnumDisplayMonitors
MonitorFromWindow
GetKeyboardLayout
RegisterWindowMessageW
FindWindowA
IsWindowEnabled
CreateCaret
ShowCaret
DestroyCaret
SetCaretPos
GetMenuItemInfoW
SetMenuItemInfoW
ModifyMenuW
RemoveMenu
InsertMenuW
AppendMenuW
CreateMenu
DestroyMenu
CreatePopupMenu
TrackPopupMenu
SetMenu
DrawMenuBar
ToUnicode
GetKeyboardState
ToAscii
IsZoomed
TrackPopupMenuEx
PeekMessageW
GetKeyState
MapVirtualKeyW
LoadIconW
GetClipboardFormatNameW
EnumDisplayDevicesW
CreateCursor
GetCursor
GetCursorInfo
SetCursorPos
LoadCursorW
GetAsyncKeyState
GetMessageExtraInfo
TrackMouseEvent
GetTouchInputInfo
CloseTouchInputHandle
GetPointerType
GetPointerFrameTouchInfo
GetPointerFrameTouchInfoHistory
GetPointerPenInfo
GetPointerPenInfoHistory
SkipPointerFrameMessages
GetPointerDeviceRects
ChangeWindowMessageFilterEx
GetProcessWindowStation
GetUserObjectInformationW
EnumWindows
PostThreadMessageW
CharNextExA
KillTimer
GetQueueStatus
SetTimer
RegisterClassW
SetCoalescableTimer
MsgWaitForMultipleObjectsEx
TranslateMessage
DispatchMessageW
UnregisterDeviceNotification
RegisterDeviceNotificationW
ShutdownBlockReasonCreate
SetProcessDpiAwarenessContext
ReleaseCapture
version
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW
ws2_32
WSAHtonl
WSAAccept
WSAConnect
WSANtohs
getnameinfo
WSAIoctl
WSASendTo
WSARecvFrom
WSASend
WSASocketW
getaddrinfo
WSARecv
freeaddrinfo
WSAStringToAddressW
WSAAddressToStringW
WSAAsyncSelect
gethostname
WSANtohl
winmm
timeKillEvent
timeSetEvent
PlaySoundW
api-ms-win-core-winrt-string-l1-1-0
WindowsCreateStringReference
api-ms-win-core-winrt-l1-1-0
RoGetActivationFactory
shell32
SHGetStockIconInfo
SHCreateItemFromParsingName
SHGetKnownFolderIDList
SHCreateItemFromIDList
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetMalloc
Shell_NotifyIconGetRect
Shell_NotifyIconW
ShellExecuteExW
SHGetKnownFolderPath
CommandLineToArgvW
ord155
SHChangeNotify
ord727
ord190
SHOpenFolderAndSelectItems
ShellExecuteW
SHGetFileInfoW
dbgeng
DebugCreate
Exports
Exports
boost_stacktrace_impl_return_nullptr
qt_startup_hook
Sections
.text Size: 17.8MB - Virtual size: 17.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 11.4MB - Virtual size: 11.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 385KB - Virtual size: 506KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 661KB - Virtual size: 660KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.qtmimed Size: 331KB - Virtual size: 330KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 149KB - Virtual size: 149KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 132KB - Virtual size: 132KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
qbittorrent.pdb
-
qt.conf
-
translations/qt_gl.qm
-
translations/qt_lt.qm
-
translations/qt_pt_PT.qm
-
translations/qt_sl.qm
-
translations/qt_sv.qm
-
translations/qtbase_ar.qm
-
translations/qtbase_bg.qm
-
translations/qtbase_ca.qm
-
translations/qtbase_cs.qm
-
translations/qtbase_da.qm
-
translations/qtbase_de.qm
-
translations/qtbase_es.qm
-
translations/qtbase_fa.qm
-
translations/qtbase_fi.qm
-
translations/qtbase_fr.qm
-
translations/qtbase_gd.qm
-
translations/qtbase_he.qm
-
translations/qtbase_hr.qm
-
translations/qtbase_hu.qm
-
translations/qtbase_it.qm
-
translations/qtbase_ja.qm
-
translations/qtbase_ko.qm
-
translations/qtbase_lv.qm
-
translations/qtbase_nl.qm
-
translations/qtbase_nn.qm
-
translations/qtbase_pl.qm
-
translations/qtbase_pt_BR.qm
-
translations/qtbase_ru.qm
-
translations/qtbase_sk.qm
-
translations/qtbase_tr.qm
-
translations/qtbase_uk.qm
-
translations/qtbase_zh_CN.qm
-
translations/qtbase_zh_TW.qm
-
uninst.exe.exe windows:4 windows x86 arch:x86
Password: infecter
9dda1a1d1f8a1d13ae0297b47046b26e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegEnumValueW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExW
RegCreateKeyExW
shell32
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHFileOperationW
ShellExecuteExW
ole32
CoCreateInstance
OleUninitialize
OleInitialize
IIDFromString
CoTaskMemFree
comctl32
ImageList_Destroy
ord17
ImageList_AddMasked
ImageList_Create
user32
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
CreatePopupMenu
AppendMenuW
TrackPopupMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetSysColor
SetWindowPos
GetWindowLongW
IsWindowEnabled
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CharPrevW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
CharNextA
wsprintfA
DispatchMessageW
CreateWindowExW
PeekMessageW
GetSystemMetrics
gdi32
GetDeviceCaps
SetBkColor
SelectObject
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
kernel32
RemoveDirectoryW
lstrcmpiA
GetTempFileNameW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersionExW
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
WriteFile
ExitProcess
GetCurrentProcess
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
Sleep
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
MulDiv
lstrcpyA
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
CopyFileW
Sections
.text Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 126KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 188KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 35KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/FindProcDLL.dll.dll windows:5 windows x86 arch:x86
0cd94af3a016a5de4ab9a5a9a02d4173
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalFree
lstrcpyW
CloseHandle
Sleep
GetExitCodeProcess
WaitForSingleObject
TerminateProcess
GetLongPathNameW
lstrcmpiW
QueryDosDeviceW
GetLogicalDriveStringsW
lstrlenW
OpenProcess
GetCurrentProcessId
GetProcAddress
LoadLibraryW
GetVersionExW
Exports
Exports
FindProc
KillProc
WaitProcEnd
WaitProcStart
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 28B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 196B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/LangDLL.dll.dll windows:4 windows x86 arch:x86
fe3375e7e4529b73ba45ab2246b9269b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalFree
lstrlenW
GlobalAlloc
lstrcmpW
GetModuleHandleW
MulDiv
lstrcpyW
lstrcpynW
user32
SetWindowTextW
SetDlgItemTextW
SendDlgItemMessageW
EndDialog
DialogBoxParamW
LoadIconW
SendMessageW
ShowWindow
GetDC
gdi32
CreateFontIndirectW
GetDeviceCaps
DeleteObject
Exports
Exports
LangDialog
Sections
.text Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 681B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 352B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 352B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:4 windows x86 arch:x86
509a34b3a68a773e0afb4259e68f9f82
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalAlloc
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError
user32
wsprintfW
ole32
StringFromGUID2
CLSIDFromString
Exports
Exports
Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 867B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 120B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 662B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/UAC.dll.dll windows:4 windows x86 arch:x86
0ef725341a4aecf8398c0e2132f38049
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
SetLastError
GetCurrentProcessId
GetCommandLineW
GetProcAddress
CreateThread
GlobalFree
LoadLibraryA
OpenProcess
GlobalAlloc
CreateFileMappingW
Sleep
MapViewOfFile
GetModuleHandleW
UnmapViewOfFile
CreateEventW
SetCurrentDirectoryW
GetVersionExW
GetExitCodeProcess
lstrcatW
LocalFree
GetPrivateProfileStringW
FormatMessageW
GetPrivateProfileIntW
CreateProcessW
CloseHandle
GetLastError
DuplicateHandle
GetCurrentThreadId
lstrlenW
SetEvent
WaitForSingleObject
lstrcmpiW
GetExitCodeThread
GetModuleFileNameW
user32
SetWindowPos
GetClientRect
GetWindowThreadProcessId
SetWindowLongW
DefWindowProcW
GetDlgItem
CallWindowProcW
CallNextHookEx
GetClassNameW
PeekMessageW
DestroyWindow
SendMessageW
SetForegroundWindow
IsWindowVisible
MsgWaitForMultipleObjects
LoadStringW
EndDialog
EnableWindow
DialogBoxParamW
LoadImageW
MessageBoxW
GetWindowLongW
DispatchMessageW
ShowWindow
wsprintfW
CreateDialogParamW
GetWindowRect
IsDialogMessageW
FindWindowExW
CharNextW
CreateWindowExW
LoadIconW
PostMessageW
SetWindowsHookExW
UnhookWindowsHookEx
TranslateMessage
shell32
ShellExecuteExW
advapi32
OpenServiceW
QueryServiceStatus
CloseServiceHandle
OpenProcessToken
OpenSCManagerW
GetUserNameW
AdjustTokenPrivileges
LookupPrivilegeValueW
GetTokenInformation
EqualSid
ole32
CoInitialize
Exports
Exports
_
Sections
.text Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 100B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/modern-header.bmp
-
$PLUGINSDIR/nsisFirewallW.dll.dll windows:4 windows x86 arch:x86
18ecfc7436b69f8c13ec22664f9f1857
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalFree
lstrcpyW
lstrcpynW
GlobalAlloc
InterlockedDecrement
LocalFree
user32
wsprintfW
ole32
OleRun
CLSIDFromString
CLSIDFromProgID
CoInitialize
CoCreateInstance
CoUninitialize
oleaut32
GetErrorInfo
SysFreeString
SysAllocString
msvcrt
free
_adjust_fdiv
malloc
_initterm
_CxxThrowException
??2@YAPAXI@Z
??3@YAXPAX@Z
??1type_info@@UAE@XZ
__CxxFrameHandler
Exports
Exports
AddAuthorizedApplication
RemoveAuthorizedApplication
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 324B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 546B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ