b8d5e3a2ca9a1e8d3b0ae3784757213161eb0e8dee064bb701d6220aee71df7a

Sharing

Copy URL

Twitter E-mail

General

Target

b8d5e3a2ca9a1e8d3b0ae3784757213161eb0e8dee064bb701d6220aee71df7a
Size

9.9MB
MD5

e2084ed11081ac6fbce0eddf1b58c0d9
SHA1

3ae62b0c368d25a3b4578432a749a447727f9a63
SHA256

b8d5e3a2ca9a1e8d3b0ae3784757213161eb0e8dee064bb701d6220aee71df7a
SHA512

eb55b26ce6c9797547b4c1bf607f77893d36cf3d94133dea14ee5b56a7cb7336e4a77e0ce3771fa3465bed61ba031856684fb1099d7e1242eb6621d2190beac7
SSDEEP

196608:GvkR6ldYN7myL7HpFr891+No+/oBaDmBlDgvEBU:MkmuTpFr89woJaSBlDjBU

Score

3^/10

Malware Config

Signatures

Unsigned PE 15 IoCs

Checks for missing Authenticode signature.

resource
unpack001/IS918MPTool_GA_221228A_L85C_Beta_V0=指定/AP/IS918SecurityPack.exe
unpack001/IS918MPTool_GA_221228A_L85C_Beta_V0=指定/CFormaterDll.dll
unpack001/IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DetectUSBDevice.dll
unpack001/IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DgSort_C205.dll
unpack001/IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DgSort_C205_B.dll
unpack001/IS918MPTool_GA_221228A_L85C_Beta_V0=指定/FormatAgent.exe
unpack001/IS918MPTool_GA_221228A_L85C_Beta_V0=指定/HookH2Test.dll
unpack001/IS918MPTool_GA_221228A_L85C_Beta_V0=指定/IS918MPTool.exe
unpack001/IS918MPTool_GA_221228A_L85C_Beta_V0=指定/IS918MPTrigger.exe
unpack001/IS918MPTool_GA_221228A_L85C_Beta_V0=指定/ISEcc.dll
unpack001/IS918MPTool_GA_221228A_L85C_Beta_V0=指定/MSVCRTD.DLL
unpack001/IS918MPTool_GA_221228A_L85C_Beta_V0=指定/Utility.dll
unpack001/IS918MPTool_GA_221228A_L85C_Beta_V0=指定/encryption.dll
unpack001/IS918MPTool_GA_221228A_L85C_Beta_V0=指定/resetHub.exe
unpack001/IS918MPTool_GA_221228A_L85C_Beta_V0=指定/uRemoteIO.dll

Files

b8d5e3a2ca9a1e8d3b0ae3784757213161eb0e8dee064bb701d6220aee71df7a
.rar
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/13008CF6C_CB10041.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/AP/IS918SecurityPack.exe
.exe windows:4 windows x86 arch:x86

730073214094cd328547bf1f72289752

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
WriteProcessMemory
VirtualProtectEx
GetModuleFileNameW
DuplicateHandle
GetCurrentProcess
SetFileTime
CopyFileW
GetDriveTypeW
GetFileTime
CreateFileW
SetErrorMode
GetTempFileNameW
GetTempPathW
ExitProcess
Sleep
DeleteFileW
CloseHandle
WaitForSingleObject
CreateProcessW
ReadProcessMemory
GetThreadSelectorEntry
GetThreadContext
GetLastError
lstrlenW
GetModuleHandleW
GetStartupInfoW

user32

MessageBoxA

shell32

ShellExecuteW

msvcrt

memset
wcscpy
free
_fileno
_chsize
wcsrchr
wcscat
malloc
fclose
fread
fwrite
fseek
_wfopen
sprintf
fflush
_exit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/CFormaterDll.dll
.dll windows:4 windows x86 arch:x86

5e5c7dd7ce02a2a1ed9efabaf2b2819f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocalTime
GetLastError
FindClose
FindNextFileW
FindFirstFileW
WideCharToMultiByte
LocalFree
FormatMessageW
MultiByteToWideChar
OutputDebugStringW
GetFileAttributesW
HeapFree
InterlockedDecrement
InterlockedIncrement
HeapAlloc
GetCommandLineA
GetVersion
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
RtlUnwind
LCMapStringA
LCMapStringW
CloseHandle
ReadFile
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
GetCPInfo
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
SetFilePointer
CreateFileW
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile

user32

wvsprintfW

Exports

Exports

GLFDLL_FormatToEXFAT
GLFDLL_FormatToFAT

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/Configuration/MPTool.ini
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/Configuration/SetOffset.ini
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/Configuration/UserMarkOBB_1.ini
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/Configuration/UserMarkOBB_10.ini
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/Configuration/UserMarkOBB_11.ini
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/Configuration/UserMarkOBB_12.ini
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/Configuration/UserMarkOBB_13.ini
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/Configuration/UserMarkOBB_14.ini
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/Configuration/UserMarkOBB_15.ini
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/Configuration/UserMarkOBB_16.ini
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/Configuration/UserMarkOBB_2.ini
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/Configuration/UserMarkOBB_3.ini
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/Configuration/UserMarkOBB_4.ini
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/Configuration/UserMarkOBB_5.ini
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/Configuration/UserMarkOBB_6.ini
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/Configuration/UserMarkOBB_7.ini
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/Configuration/UserMarkOBB_8.ini
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/Configuration/UserMarkOBB_9.ini
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/13008D30_1G0000.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/13008D30_1G2020.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/13008D30_1G3028.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/13008D30_1G4014.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/13008D30_1G5015.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/13008D30_1G6007.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/13008D30_1G7007.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/13008D30_1G8005.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/B27_DDR/BWCardMode.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/B27_DDR/BWSortOut.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/B27_DDR/BWSortParameter.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/B27_SDR/BWCardMode.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/B27_SDR/BWSortOut.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/B27_SDR/BWSortParameter.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/BICS3_DDR/BWCardMode.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/BICS3_DDR/BWSortOut.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/BICS3_DDR/BWSortParameter.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/Default/BWCardMode.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/Default/BWSortOut.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/Default/BWSortParameter.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/HYV4_DDR_BLK2540/BWCardMode.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/HYV4_DDR_BLK2540/BWSortOut.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/HYV4_DDR_BLK2540/BWSortParameter.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/HYV4_DDR_BLK2540/FMC.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/HYV4_DDR_BLK5088/BWCardMode.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/HYV4_DDR_BLK5088/BWSortOut.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/HYV4_DDR_BLK5088/BWSortParameter.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/HYV4_DDR_BLK5088/FMC.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/HYV4_SDR_BLK2540/BWCardMode.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/HYV4_SDR_BLK2540/BWSortOut.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/HYV4_SDR_BLK2540/BWSortParameter.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/HYV4_SDR_BLK5088/BWCardMode.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/HYV4_SDR_BLK5088/BWSortOut.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/HYV4_SDR_BLK5088/BWSortParameter.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/N28_DDR/BWCardMode.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/N28_DDR/BWSortOut.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/N28_DDR/BWSortParameter.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/SSV4_DDR/BWCardMode.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/SSV4_DDR/BWSortOut.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DGBin/SSV4_DDR/BWSortParameter.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DetectUSBDevice.dll
.dll windows:5 windows x86 arch:x86

f8679260ffaea98142ae2012c38afabd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

psapi

GetModuleBaseNameW

setupapi

SetupDiDestroyDeviceInfoList
CM_Get_Device_IDW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
CM_Get_Child
CM_Get_Sibling
CM_Get_DevNode_Registry_PropertyW
CM_Locate_DevNodeW
CM_Get_Parent

kernel32

RtlUnwind
CompareStringW
CompareStringA
FlushFileBuffers
CreateFileA
GetTimeZoneInformation
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapSize
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
OutputDebugStringW
MultiByteToWideChar
GetCurrentProcess
GetModuleHandleW
Sleep
CloseHandle
DeviceIoControl
CreateFileW
GetLastError
GetDriveTypeW
FreeLibrary
GetProcAddress
LoadLibraryW
GetLogicalDrives
GlobalFree
WideCharToMultiByte
GlobalAlloc
GetSystemDefaultLangID
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
UnmapViewOfFile
GetVolumeInformationW
GetDiskFreeSpaceW
CreateThread
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringA
LoadLibraryA
InterlockedExchange
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapFree
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
SetEnvironmentVariableA
GetCurrentThreadId
GetCommandLineA
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
VirtualAlloc
HeapReAlloc
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings

user32

GetWindowTextW
CloseWindow
SendMessageW
CallNextHookEx
RegisterDeviceNotificationW
UnregisterDeviceNotification
SetWindowsHookExW
UnhookWindowsHookEx
SendMessageTimeoutW
PostQuitMessage
DefWindowProcW
TranslateMessage
DispatchMessageW
GetMessageW
CreateWindowExW
RegisterWindowMessageW
RegisterClassW
GetDlgItem

Exports

Exports

EjectUSBDevice
GetDevInstIDByDrvLetter
GetDriverLetterByDeviceInstanceID
GetUSBDeviceInfoByDeviceInstanceID
GetVolumeInfoByDeviceInstanceID
InstallHook_CloseDeviceChangeNotificationWindowProc
IssueScsiCmdBySpti
RefreshAllUSBDevice
StartUSBDeviceChangeNotification
StopUSBDeviceChangeNotification
UnInstallHook_CloseDeviceChangeNotificationWindowProc

Sections

.text
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DgSort_C205.dll
.dll windows:4 windows x86 arch:x86

f9433f358cee8bdf2cb7af919911c237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
MapViewOfFile
OpenFileMappingA
GetTickCount
GetModuleHandleA
GetModuleFileNameA
Sleep
ReadFile
SetFilePointer
CreateFileA
OutputDebugStringA
WriteFile
GetLocalTime
CreateDirectoryA
SetCurrentDirectoryA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetFileSize
SetEnvironmentVariableA
CompareStringW
CompareStringA
RtlUnwind
RaiseException
GetLastError
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
GetProcAddress
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
DeleteCriticalSection
ExitProcess
SetUnhandledExceptionFilter
GetFullPathNameA
GetCurrentDirectoryA
InterlockedDecrement
InterlockedIncrement
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
HeapSize
SetStdHandle
FlushFileBuffers
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
LoadLibraryA
SetEndOfFile

user32

wsprintfA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Exports

Exports

__DieSortMain
__GetDgSortVersion
__SortMain

Sections

.text
Size: 224KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/DgSort_C205_B.dll
.dll windows:4 windows x86 arch:x86

f9433f358cee8bdf2cb7af919911c237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
MapViewOfFile
OpenFileMappingA
GetTickCount
GetModuleHandleA
GetModuleFileNameA
Sleep
ReadFile
SetFilePointer
CreateFileA
OutputDebugStringA
WriteFile
GetLocalTime
CreateDirectoryA
SetCurrentDirectoryA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetFileSize
SetEnvironmentVariableA
CompareStringW
CompareStringA
RtlUnwind
RaiseException
GetLastError
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
GetProcAddress
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
DeleteCriticalSection
ExitProcess
SetUnhandledExceptionFilter
GetFullPathNameA
GetCurrentDirectoryA
InterlockedDecrement
InterlockedIncrement
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
HeapSize
SetStdHandle
FlushFileBuffers
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
LoadLibraryA
SetEndOfFile

user32

wsprintfA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Exports

Exports

__DieSortMain
__GetDgSortVersion
__SortMain

Sections

.text
Size: 224KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/ErrorCodeList.txt
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/FMT/COMMAND.COM
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/FMT/KERNEL.SYS
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/FMT/fat12.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/FMT/fat1216_dummy.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/FMT/fat16.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/FMT/fat32_dummy.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/FMT/fat32chs.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/FMT/fat32lba.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/FMT/fat32mkdos_dummy.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/FMT/mbr.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/FMT/oemfat12.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/FMT/oemfat16.bin
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/FormatAgent.exe
.exe windows:4 windows x86 arch:x86

76083ea9cfbd53f1681fbb9bb20e7a9c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetDriveTypeA
MultiByteToWideChar
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetLastError
FlushFileBuffers
SetFilePointer
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
CloseHandle

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/GAMP User Manual_ver2.0.pdf
.pdf
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/HUBLocation.ini
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/HookH2Test.dll
.dll windows:5 windows x86 arch:x86

0d7477f9294cac9822600d18e6b634f1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

UnmapViewOfFile
MultiByteToWideChar
CloseHandle
MapViewOfFile
CreateFileMappingW
OutputDebugStringW
OpenFileMappingW
Sleep
CompareStringW
CompareStringA
GetTimeZoneInformation
GetLocaleInfoW
HeapSize
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
GetCurrentThread
HeapFree
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
SetEnvironmentVariableA

user32

UnhookWindowsHookEx
SetWindowsHookExW
IsWindowEnabled
EnableWindow
GetParent
PostMessageW
GetWindowTextW
GetDlgItem
SendMessageW
CallNextHookEx

Exports

Exports

InstallHook_CloseH2TestWProc
InstallHook_InputDiskNameProc
UnInstallHook_CloseH2TestWProc
UnInstallHook_InputDiskNameProc

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/HubInfo/[20220906_153738006].HubInfo.log
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/HubInfo/[20220907_170110419].HubInfo.log
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/HubInfo/[20220915_151758482].HubInfo.log
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/HubInfo/[20221011_114423936].HubInfo.log
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/IS918MPTool.exe
.exe windows:4 windows x86 arch:x86

730073214094cd328547bf1f72289752

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
WriteProcessMemory
VirtualProtectEx
GetModuleFileNameW
DuplicateHandle
GetCurrentProcess
SetFileTime
CopyFileW
GetDriveTypeW
GetFileTime
CreateFileW
SetErrorMode
GetTempFileNameW
GetTempPathW
ExitProcess
Sleep
DeleteFileW
CloseHandle
WaitForSingleObject
CreateProcessW
ReadProcessMemory
GetThreadSelectorEntry
GetThreadContext
GetLastError
lstrlenW
GetModuleHandleW
GetStartupInfoW

user32

MessageBoxA

shell32

ShellExecuteW

msvcrt

memset
wcscpy
free
_fileno
_chsize
wcsrchr
wcscat
malloc
fclose
fread
fwrite
fseek
_wfopen
sprintf
fflush
_exit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/IS918MPTrigger.exe
.exe windows:4 windows x86 arch:x86

730073214094cd328547bf1f72289752

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
WriteProcessMemory
VirtualProtectEx
GetModuleFileNameW
DuplicateHandle
GetCurrentProcess
SetFileTime
CopyFileW
GetDriveTypeW
GetFileTime
CreateFileW
SetErrorMode
GetTempFileNameW
GetTempPathW
ExitProcess
Sleep
DeleteFileW
CloseHandle
WaitForSingleObject
CreateProcessW
ReadProcessMemory
GetThreadSelectorEntry
GetThreadContext
GetLastError
lstrlenW
GetModuleHandleW
GetStartupInfoW

user32

MessageBoxA

shell32

ShellExecuteW

msvcrt

memset
wcscpy
free
_fileno
_chsize
wcsrchr
wcscat
malloc
fclose
fread
fwrite
fseek
_wfopen
sprintf
fflush
_exit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 792KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/ISEcc.dll
.dll windows:5 windows x86 arch:x86

b6977148542fd4b4cf0f257eae58541f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetCurrentThreadId
GetCommandLineA
HeapAlloc
GetLastError
HeapFree
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
WriteFile
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

deCalcCodeLen
deCalcDataLen
deCalcDataLen_noHeader
deCheckEccTable
deDecode_ecc
deDecode_ecc_noHeader
enCalcCodeLen
enCalcCodeLen_low
enCalcCodeLen_noHeader
enEncode_ecc
enEncode_ecc_low
enEncode_ecc_noHeader

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/MSVCRTD.DLL
.dll windows:4 windows x86 arch:x86

265cd32afd4d72991a91eb9bf6c51bae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEnvironmentVariableW
RtlUnwind
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetUnhandledExceptionFilter
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
ResumeThread
GetLastError
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapFree
HeapAlloc
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
HeapValidate
GetProcAddress
LoadLibraryA
DebugBreak
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
RaiseException
FlushFileBuffers
SetFilePointer
SetStdHandle
Sleep
CompareStringA
CompareStringW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
GetTimeZoneInformation
SetEnvironmentVariableA
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapCompact
HeapWalk
ReadConsoleA
SetConsoleMode
GetConsoleMode
SetEndOfFile
WriteConsoleA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
GetSystemTimeAsFileTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime
GetSystemTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CrtCheckMemory
_CrtDbgBreak
_CrtDbgReport
_CrtDoForAllClientObjects
_CrtDumpMemoryLeaks
_CrtIsMemoryBlock
_CrtIsValidHeapPointer
_CrtIsValidPointer
_CrtMemCheckpoint
_CrtMemDifference
_CrtMemDumpAllObjectsSince
_CrtMemDumpStatistics
_CrtSetAllocHook
_CrtSetBreakAlloc
_CrtSetDbgBlockType
_CrtSetDbgFlag
_CrtSetDumpClient
_CrtSetReportFile
_CrtSetReportHook
_CrtSetReportMode
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__argc
__argv
__badioinfo
__crtCompareStringA
__crtGetLocaleInfoW
__crtLCMapStringA
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__isascii
__iscsym
__iscsymf
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__crtAssertBusy
__p__crtBreakAlloc
__p__crtDbgFlag
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pioinfo
__pxcptinfoptrs
__set_app_type
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__unguarded_readlc_active
__wargv
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_calloc_dbg
_cexit
_cgets
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_creat
_crtAssertBusy
_crtBreakAlloc
_crtDbgFlag
_cscanf
_ctype
_cwait
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_expand_dbg
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirsti64
_findnext
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_free_dbg
_fsopen
_fstat
_fstati64
_ftime
_ftol
_fullpath
_futime
_gcvt
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getws
_global_unwind2
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_malloc_dbg
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_msize
_msize_dbg
_nextafter
_onexit
_open
_open_osfhandle
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putws
_pwctype
_read
_realloc_dbg
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_searchenv
_seh_longjmp_unwind
_set_error_mode
_set_sbh_threshold
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snwprintf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_splitpath
_stat
_stati64
_statusfp
_strcmpi
_strdate
_strdup
_strerror
_stricmp
_stricoll
_strlwr
_strncoll
_strnicmp
_strnicoll
_strnset
_strrev
_strset
_strtime
_strupr
_swab
_sys_errlist
_sys_nerr
_tell
_telli64
_tempnam
_timezone

Sections

.text
Size: 340KB - Virtual size: 338KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/Setting.dat
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/Utility.dll
.dll windows:5 windows x86 arch:x86

958a70f5990d19f5d208fdb73d8c776a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\[Code]\[SVN].Utility\Release\Utility.pdb

Imports

iphlpapi

GetAdaptersInfo

psapi

GetModuleBaseNameW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW

shlwapi

PathFileExistsW

kernel32

WriteFile
FlushFileBuffers
CreateFileA
HeapSize
WriteConsoleW
FormatMessageW
LoadLibraryExW
LocalFree
FreeLibrary
HeapAlloc
GetProcessHeap
OutputDebugStringW
HeapFree
CreateDirectoryW
GetModuleFileNameW
GetModuleHandleW
GetCurrentProcess
CreateFileW
ReadFile
CloseHandle
SetFilePointer
MultiByteToWideChar
GetDiskFreeSpaceW
GetVolumeInformationW
GetLocalTime
WideCharToMultiByte
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLastError
GetCurrentThreadId
GetCommandLineA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
HeapDestroy
Sleep
GetProcAddress
ExitProcess
GetStdHandle
GetModuleFileNameA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
RtlUnwind
LoadLibraryA
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

user32

GetClassNameW
IsWindow
EnumChildWindows
GetWindowTextW

Exports

Exports

CreateFolder
DecDbgEncMsg
FindString
GetChildWindowHandle
GetDiskVolumeInfoByDriveLetter
GetFileEncodingType
GetFileEncodingTypeByFilePath
GetFileTotalLine
GetFileTotalLineByFilePath
GetFileVerInfo
GetLastErrorCodeMsg
GetLastTokenString
GetLineCharNumber
GetLineCharNumberByFilePath
GetMACAddress
GetMD5Byte
GetMD5ByteByFileHandle
GetMD5String
GetMD5StringByFileHandle
GetModuleNameInfo
GetTokenCount
GetTokenString
MakeDWORD
OutputDbgEncMsg
ReadLine
ReadLineByFilePath
ReverseDword
ReverseWord
SwapByte
SwapDword
SwapTString
SwapWord

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/encryption.dll
.dll windows:4 windows x86 arch:x86

1a3ae89aa9f1e0695e08b86b733b0716

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OutputDebugStringA
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
FatalAppExitA
IsBadWritePtr
IsBadReadPtr
HeapValidate
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
HeapAlloc
HeapReAlloc
VirtualAlloc
SetConsoleCtrlHandler
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetFilePointer
RtlUnwind
SetStdHandle
Sleep
FlushFileBuffers
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
CloseHandle
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

ENC_Encryption

Sections

.text
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/resetHub.exe
.exe windows:5 windows x86 arch:x86

682f8a0ad384f06ba99ba1042868db11

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\[code]\devcon\objfre_wxp_x86\i386\BR_resetHub.pdb

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
__winitenv
exit
_cexit
_XcptFilter
_exit
_c_exit
wcsrchr
wprintf
_wcsicmp
_wcsnicmp
iswalpha
towupper
towlower
wcschr
??2@YAPAXI@Z
??3@YAXPAX@Z
_iob

advapi32

LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegSetValueExW
CloseServiceHandle
OpenServiceW
OpenSCManagerW
AdjustTokenPrivileges

kernel32

LoadLibraryW
GetProcAddress
FreeLibrary
lstrcpynW
GetFileAttributesW
lstrcpyW
lstrlenW
GetLastError
GetCurrentProcess
CloseHandle
GetFullPathNameW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleFileNameW
Sleep

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
CM_Get_Device_ID_ExW
SetupDiGetDeviceInfoListDetailW
SetupDiOpenDeviceInfoW
SetupDiGetClassDevsExW
SetupDiCreateDeviceInfoListExW
SetupDiClassGuidsFromNameExW
SetupDiGetClassDescriptionExW
SetupDiClassNameFromGuidExW
SetupDiBuildClassInfoListExW
SetupDiGetDeviceInstallParamsW
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiCreateDeviceInfoW
SetupDiCreateDeviceInfoList
SetupDiGetINFClassW
CM_Disconnect_Machine
CM_Reenumerate_DevNode_Ex
CM_Locate_DevNode_ExW
CM_Connect_MachineW
SetupDiOpenClassRegKeyExW
CM_Get_DevNode_Status_Ex
SetupDiGetDeviceRegistryPropertyW

user32

CharNextW
LoadStringW
ExitWindowsEx

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IS918MPTool_GA_221228A_L85C_Beta_V0=指定/uRemoteIO.dll
.dll windows:5 windows x86 arch:x86

05239c06fa1eefd3e41625fbf75c7dd8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FileTimeToLocalFileTime
UnmapViewOfFile
MapViewOfFile
CloseHandle
CreateFileMappingA
OpenFileMappingA
SetEnvironmentVariableA
CompareStringW
GetProcessHeap
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetTimeZoneInformation
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetDateFormatA
GetTimeFormatA
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
HeapReAlloc
HeapSize
HeapAlloc
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
LoadLibraryW
SetConsoleCtrlHandler
FatalAppExitA
IsValidCodePage
GetACP
GetStringTypeW
GetStringTypeA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
OutputDebugStringW
GetFileType
WriteConsoleW
GetStdHandle
DebugBreak
CreateThread
VirtualQuery
GetSystemInfo
VirtualAlloc
RaiseException
ExitProcess
IsBadReadPtr
HeapValidate
GetCommandLineA
RtlUnwind
FindResourceExA
GetOEMCP
GetCPInfo
GetDiskFreeSpaceA
GetTempFileNameA
GetProfileIntA
VirtualProtect
FileTimeToSystemTime
GetModuleHandleW
GetAtomNameA
SetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesA
lstrcmpW
GlobalFindAtomA
GetVersionExA
GetShortPathNameA
lstrcmpiA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
GetHandleInformation
GlobalGetAtomNameA
FreeResource
ResumeThread
GetThreadPriority
SetThreadPriority
GlobalFlags
InterlockedIncrement
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
InterlockedDecrement
GetModuleFileNameW
GlobalAddAtomA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
MultiByteToWideChar
MulDiv
GlobalFree
lstrlenW
CopyFileA
GlobalSize
GlobalUnlock
LocalFree
lstrlenA
GetLastError
SetLastError
GetCurrentProcessId
CompareStringA
InterlockedExchange
GlobalLock
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
GetCurrentThreadId
GetLocaleInfoA
LoadLibraryA
GetModuleHandleA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
FormatMessageA
CreateFileA
GetCommState
SetCommState
GetCommTimeouts
SetCommTimeouts
EscapeCommFunction
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
ReadFile
OutputDebugStringA
ExitThread
WriteFile
Sleep
PurgeComm
OpenEventA

user32

IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageA
CreateWindowExA
GetClassInfoExA
SendDlgItemMessageA
AdjustWindowRectEx
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
TrackPopupMenuEx
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
DestroyWindow
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
CharUpperA
GetClassInfoA
GetMenuBarInfo
EqualRect
GetDlgItem
SetWindowLongA
SetWindowPos
UnpackDDElParam
ReuseDDElParam
WinHelpA
SetMenu
GetMenu
SetFocus
ShowWindow
ReleaseCapture
TranslateAcceleratorA
DestroyMenu
LoadAcceleratorsA
GetSysColor
OpenIcon
CloseWindow
LoadIconA
LoadCursorA
PostThreadMessageA
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageA
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
ScrollWindowEx
SetParent
IsChild
GetTopWindow
FindWindowExA
FindWindowA
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExA
DlgDirSelectExA
DlgDirListComboBoxA
DlgDirListA
SetCapture
GetCapture
SetActiveWindow
GetActiveWindow
DrawCaption
DrawAnimatedRects
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ScreenToClient
MapWindowPoints
GetClientRect
BringWindowToTop
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
IsZoomed
IsIconic
HiliteMenuItem
GetSystemMenu
DrawMenuBar
DragDetect
GetDesktopWindow
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
UnregisterClassA
CheckMenuRadioItem
GetMenuContextHelpId
SetMenuContextHelpId
LoadMenuIndirectA
PostQuitMessage
SendMessageA
GetWindowThreadProcessId
EnableWindow
LoadMenuA
ModifyMenuA
InsertMenuItemA
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
DeleteMenu
CreatePopupMenu
CreateMenu
ScrollDC
GrayStringA
GetTabbedTextExtentA
IsDialogMessageA
MoveWindow
GetClipboardFormatNameA
CreateDialogIndirectParamA
EndDialog
GetAsyncKeyState
SetRectEmpty
DestroyIcon
GetKeyNameTextA
MapVirtualKeyA
GetDialogBaseUnits
WindowFromPoint
IsWindowEnabled
GetLastActivePopup
GetParent
MsgWaitForMultipleObjects
IsWindowUnicode
GetMessageW
DispatchMessageW
SubtractRect
UnionRect
InflateRect
SetRect
PtInRect
IsRectEmpty
GetWindowLongA
MessageBoxA
PostMessageA
DispatchMessageA
PeekMessageA
KillTimer
WaitMessage
SetTimer
GetMenuItemID
InsertMenuA
AppendMenuA
DrawTextExA
DrawTextA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateA
DrawIcon
InvertRect
FrameRect
FillRect
ExcludeUpdateRgn
WindowFromDC
GetSysColorBrush
UnhookWindowsHookEx
SetCursor
GetMenuCheckMarkDimensions
LoadBitmapA
SetMenuItemBitmaps
GetFocus
TabbedTextOutA
IsWindow
MapDialogRect
GetKeyState
CallNextHookEx
GetCursorPos
SetWindowsHookExA
ValidateRect
GetMessageA
TranslateMessage
RemoveMenu
IsMenu
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuStringA
RegisterClassA

gdi32

GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
CreateDCA
GetMapMode
GetGraphicsMode
GetWorldTransform
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
InvertRgn
PaintRgn
PtVisible
RectVisible
GetCurrentPositionEx
Arc
Polyline
Chord
Ellipse
Pie
Polygon
PolyPolygon
Rectangle
RoundRect
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
FloodFill
ExtFloodFill
TextOutA
GetTextExtentPoint32A
GetTextAlign
GetTextFaceA
GetTextMetricsA
GetTextCharacterExtra
GetCharWidthA
GetFontLanguageInfo
GetCharacterPlacementA
GetAspectRatioFilterEx
Escape
SetBoundsRect
GetBoundsRect
ResetDCA
GetOutlineTextMetricsA
GetCharABCWidthsA
GetFontData
GetKerningPairsA
GetGlyphOutlineA
StartDocA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
MaskBlt
PlgBlt
SetPixelV
AngleArc
GetArcDirection
PolyPolyline
GetColorAdjustment
GetBkMode
PolyBezier
DrawEscape
UpdateColors
GetCharABCWidthsFloatA
GetCharWidthFloatA
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetMiterLimit
GetPath
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
GdiComment
PlayEnhMetaFile
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectPalette
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
GetClipRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
EnumMetaFile
PlayMetaFile
GetDCOrgEx
StretchDIBits
EnumFontFamiliesExA
GetCurrentObject
GetBkColor
RealizePalette
GetNearestColor
SelectObject
EnumObjects
SetBrushOrgEx
GetBrushOrgEx
CreateCompatibleDC
CreateICA
RectInRegion
PtInRegion
GetRgnBox
OffsetRgn
EqualRgn
CombineRgn
SetRectRgn
GetDeviceCaps
CreateMetaFileA
PathToRegion
CreateRoundRectRgn
CreatePolyPolygonRgn
CreatePolygonRgn
GetRegionData
ExtEscape
ExtCreateRegion
CloseMetaFile
CreateEnhMetaFileA
CloseEnhMetaFile
ExtTextOutA
CreateBitmap
GetObjectA
CreateEllipticRgnIndirect
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn
ResizePalette
GetNearestPaletteIndex
AnimatePalette
SetPaletteEntries
GetPaletteEntries
CreateHalftonePalette
CreatePalette
CreateDiscardableBitmap
CreateCompatibleBitmap
GetBitmapDimensionEx
SetBitmapDimensionEx
GetBitmapBits
SetBitmapBits
CreateBitmapIndirect
CreateFontA
CreateFontIndirectA
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBrushIndirect
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePenIndirect
CreatePen
GetObjectType
UnrealizeObject
GetStockObject
CopyMetaFileA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

SetThreadToken
OpenThreadToken
GetFileSecurityA
SetFileSecurityA
RegCreateKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegQueryValueA
RegSetValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RevertToSelf

shell32

DragFinish
DragQueryFileA
SHGetFileInfoA
ExtractIconA
DragAcceptFiles

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathRemoveFileSpecW

ole32

CoUninitialize
CoInitializeEx
CLSIDFromString
CoCreateInstance
StringFromGUID2
CoDisconnectObject
ReleaseStgMedium
CoTaskMemAlloc
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
CoTaskMemFree
OleDuplicateData
CoReleaseMarshalData
CoMarshalInterface
CreateStreamOnHGlobal
CoUnmarshalInterface
CLSIDFromProgID
OleRun
CoRegisterClassObject
CoRevokeClassObject

oleaut32

SystemTimeToVariantTime
SysStringLen
SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantChangeType
VariantInit
SysAllocStringLen
SafeArrayGetDim
SafeArrayGetElemsize
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayRedim
SafeArrayCreate
VariantCopy
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VarBstrFromDec
VarDecFromStr
VarDateFromStr
VarBstrFromDate
SysAllocString
DosDateTimeToVariantTime
VariantTimeToSystemTime
VarUdateFromDate
VarDateFromUdate
VariantClear

ws2_32

send
closesocket
connect
htons
inet_addr
socket
WSAStartup
recv
WSACleanup
WSASetLastError
inet_ntoa
ntohs
accept
htonl
gethostbyname
WSAAsyncSelect
WSAGetLastError
select
recvfrom
sendto
getpeername
getsockname
setsockopt
getsockopt
bind
ioctlsocket
listen
shutdown

Exports

Exports

uCloseCom
uCloseConnection
uInitialClient
uInitialCom
uRecvFromCom
uRecvFromServer
uSendViaCom
uSendViaLan

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 1024B - Virtual size: 793B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

730073214094cd328547bf1f72289752

Headers

File Characteristics

Imports

kernel32

user32

shell32

msvcrt

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 2.0MB

.rsrc Size: 23KB - Virtual size: 22KB

5e5c7dd7ce02a2a1ed9efabaf2b2819f

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 28KB - Virtual size: 32KB

.rsrc Size: 4KB - Virtual size: 872B

.reloc Size: 8KB - Virtual size: 4KB

f8679260ffaea98142ae2012c38afabd

Headers

File Characteristics

Imports

psapi

setupapi

kernel32

user32

Exports

Exports

Sections

.text Size: 239KB - Virtual size: 238KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 18KB - Virtual size: 3.4MB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 18KB - Virtual size: 17KB

f9433f358cee8bdf2cb7af919911c237

Headers

File Characteristics

Imports

kernel32

user32

version

Exports

Exports

Sections

.text Size: 224KB - Virtual size: 220KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 60KB - Virtual size: 62KB

.rsrc Size: 4KB - Virtual size: 968B

.reloc Size: 8KB - Virtual size: 7KB

f9433f358cee8bdf2cb7af919911c237

Headers

File Characteristics

Imports

kernel32

user32

version

Exports

Exports

Sections

.text Size: 224KB - Virtual size: 220KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 60KB - Virtual size: 62KB

.rsrc Size: 4KB - Virtual size: 968B

.reloc Size: 8KB - Virtual size: 7KB

76083ea9cfbd53f1681fbb9bb20e7a9c

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 2.0MB

.rsrc
Size: 23KB - Virtual size: 22KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 28KB - Virtual size: 32KB

.rsrc
Size: 4KB - Virtual size: 872B

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 239KB - Virtual size: 238KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 18KB - Virtual size: 3.4MB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 18KB - Virtual size: 17KB

.text
Size: 224KB - Virtual size: 220KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 60KB - Virtual size: 62KB

.rsrc
Size: 4KB - Virtual size: 968B

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 224KB - Virtual size: 220KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 60KB - Virtual size: 62KB

.rsrc
Size: 4KB - Virtual size: 968B

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 15KB

.text
Size: 91KB - Virtual size: 91KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 9KB - Virtual size: 13KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 3.1MB

.rsrc
Size: 156KB - Virtual size: 155KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 792KB

.rsrc
Size: 19KB - Virtual size: 18KB

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB