dc543ffe00d73f7bafc2e91116d75b6c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dc543ffe00d73f7bafc2e91116d75b6c_JaffaCakes118
Size

10.0MB
MD5

dc543ffe00d73f7bafc2e91116d75b6c
SHA1

ec692fd9360c987f8b68e39aefabdfd1b5814560
SHA256

8a9598dee0a5f5d86e7e0677056fdcdbc4834d9ba38a28a9c30336387b1f0a30
SHA512

f336466b83a6b707a12b60e9817807ee0654c639c881e0b493ee9a519af90f8745d5eea310ee4af3e7e20c048141df03976b694216cd0404cab0b9c8f3a97f65
SSDEEP

196608:nBh0Nm+lRHLuAfdyQVsjXfYA2z6/ixIIHMLXf6lt:Bh0NlVLpVymA2z6M+f8

Score

3^/10

Malware Config

Signatures

Unsigned PE 39 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/Download_Energy.exe
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/SimpleFC.dll
unpack001/$PLUGINSDIR/inetc.dll
unpack001/7ZipBuilder.dll
unpack001/7zxa.dll
unpack001/BugTrap.dll
unpack001/DocumentReader.dll
unpack001/GFLImageServices.dll
unpack001/GFLLibraryBuilder.dll
unpack001/GeoIP.dll
unpack001/HashLib.dll
unpack001/ImageViewer.dll
unpack001/MediaImageServices.exe
unpack001/MediaLibraryBuilder.exe
unpack001/MediaPlayer.exe
unpack001/Preview.dll
unpack001/RARBuilder.dll
unpack001/RatDVDReader.dll
unpack001/RazaWebHook32.dll
unpack001/RegExp.dll
unpack001/SWFPlugin.dll
unpack001/SearchExport.dll
unpack001/Skin.exe
unpack001/SkinScanSKS.dll
unpack001/TorrentWizard.exe
unpack001/UpdateApp.exe
unpack001/VirusTotal.dll
unpack002/YellowFillDemo.svp
unpack001/Vis/phase.svp
unpack001/Vis/pulse.svp
unpack001/WindowsThumbnail.exe
unpack001/ZIPBuilder.dll
unpack001/bitShare.exe
unpack001/bzlib.dll
unpack001/libgfl340.dll
unpack001/sqlite3.dll
unpack001/unrar.dll
unpack001/zlibwapi.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

dc543ffe00d73f7bafc2e91116d75b6c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

35:eb:63:3d:d2:ae:f0:f1:05:41:2c:09:d2:c3:b1:4e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

30-03-2011 00:00

Not After

29-03-2012 23:59

Subject

CN=Prospera Software\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Prospera Software\, Inc.,L=Suwanee,ST=Georgia,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

a8:01:9b:99:40:54:3e:fa:e1:f4:1a:2e:a5:e8:bc:c8:71:14:d5:00
Signer

Actual PE Digest

a8:01:9b:99:40:54:3e:fa:e1:f4:1a:2e:a5:e8:bc:c8:71:14:d5:00

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Download_Energy.exe
.exe windows:4 windows x86 arch:x86

81638d02019c0bfcaaf23a9c69f2f12c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
WaitForSingleObject
CreateProcessA
GetCommandLineA
CloseHandle
UnmapViewOfFile
WriteFile
MapViewOfFile
DeleteFileA
GetTempFileNameA
GetTempPathA
CreateFileA
GetShortPathNameA
GetModuleFileNameA

user32

wsprintfA

Sections

.text
Size: 512B - Virtual size: 510B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 533B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ProsperasoftwareAcPro.exe
.exe windows:1 windows x86 arch:x86

Code Sign

63:7c:1c:a8:5b:d9:cf:df:39:1b:ea:85:b2:70:78:dd
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

14-12-2010 00:00

Not After

13-12-2012 23:59

Subject

CN=SimplyGen,O=SimplyGen,POSTALCODE=43662,STREET=Zarhin 10,L=Raanana,ST=Israel,C=IL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

9a:6f:61:8d:e4:74:f1:b1:14:0a:4c:58:e7:c5:6c:0a:4f:b9:4b:2f
Signer

Actual PE Digest

9a:6f:61:8d:e4:74:f1:b1:14:0a:4c:58:e7:c5:6c:0a:4f:b9:4b:2f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/SimpleFC.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

AddApplication
AddPort
AdvAddRule
AdvExistsRule
AdvRemoveRule
AllowDisallowExceptionsNotAllowed
AllowDisallowIcmpInboundEchoRequest
AllowDisallowIcmpInboundMaskRequest
AllowDisallowIcmpInboundRouterRequest
AllowDisallowIcmpInboundTimestampRequest
AllowDisallowIcmpOutboundDestinationUnreachable
AllowDisallowIcmpOutboundPacketTooBig
AllowDisallowIcmpOutboundParameterProblem
AllowDisallowIcmpOutboundSourceQuench
AllowDisallowIcmpOutboundTimeExceeded
AllowDisallowIcmpRedirect
AreExceptionsNotAllowed
AreNotificationsEnabled
EnableDisableApplication
EnableDisableFirewall
EnableDisableNotifications
EnableDisablePort
IsApplicationAdded
IsApplicationEnabled
IsFirewallEnabled
IsFirewallServiceRunning
IsIcmpTypeAllowed
IsPortAdded
IsPortEnabled
RemoveApplication
RemovePort
RestoreDefaults
StartStopFirewallService

Sections

CODE
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/inetc.dll
.dll windows:4 windows x86 arch:x86

5bdcdde5acd7b395f3f3d19ebbb8c6cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_mbschr
_adjust_fdiv
malloc
_initterm
free
strlen
strchr
strrchr
_mbsrchr
strtoul
memset
_mbsstr
strtol

kernel32

GlobalFree
CreateThread
WaitForSingleObject
TerminateThread
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc
LoadLibraryA
GetProcAddress
lstrcmpiA
CreateFileA
GetFileSize
lstrlenA
WriteFile
ReadFile
lstrcmpA
lstrcpynA
lstrcatA
GetLastError
DeleteFileA
CloseHandle
SleepEx
SetFilePointer
GetTickCount

user32

MessageBoxA
GetParent
ShowWindow
SetWindowLongA
IsWindow
SetWindowTextA
SendDlgItemMessageA
GetDlgItem
PostMessageA
GetWindowTextA
SendMessageA
SetDlgItemTextA
SetWindowPos
SystemParametersInfoA
GetClientRect
GetWindowRect
SetTimer
LoadIconA
UpdateWindow
DestroyWindow
KillTimer
RedrawWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
IsWindowVisible
EnableWindow
CreateDialogParamA
FindWindowExA
wsprintfA
GetWindowLongA

wininet

HttpSendRequestA
HttpSendRequestExA
HttpQueryInfoA
FtpCreateDirectoryA
FtpOpenFileA
InternetGetLastResponseInfoA
InternetSetFilePointer
InternetSetOptionA
InternetQueryOptionA
InternetCloseHandle
InternetErrorDlg
HttpOpenRequestA
HttpAddRequestHeadersA
HttpEndRequestA
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetReadFile
InternetWriteFile

comctl32

ord17

Exports

Exports

get
head
post
put

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/p2p-toolbar-screenshot.bmp
$PLUGINSDIR/setup.ini
7ZipBuilder.dll
.dll regsvr32 windows:5 windows x86 arch:x86

7a15a2418eb17136c12e5120c3bf5ff3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
InitializeCriticalSection
DeleteCriticalSection
LoadLibraryW
lstrcpyW
GetThreadLocale
SetThreadLocale
GetLastError
InterlockedDecrement
CreateFileW
CloseHandle
SetFilePointer
ReadFile
GetFileSize
LockResource
FindResourceExW
SetLastError
EnterCriticalSection
LeaveCriticalSection
RaiseException
lstrcmpiW
GetModuleHandleW
GetProcAddress
lstrlenW
InterlockedIncrement
FreeLibrary
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
VirtualAlloc
HeapCreate
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime

user32

wvsprintfW
CharNextW

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2
PropVariantClear

oleaut32

SysAllocStringLen
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen
RegisterTypeLi
VarUI4FromStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
7zxa.dll
.dll windows:4 windows x86 arch:x86

f4b9b424b41e7abf6593ab07c658d67b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

SysAllocString
VariantClear
SysFreeString
SysAllocStringByteLen

user32

CharUpperW
CharUpperA

kernel32

ExitProcess
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
GetLastError
GetSystemInfo
GetProcAddress
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
WaitForMultipleObjects
GetVersionExA
DeleteCriticalSection
VirtualAlloc
VirtualFree
CloseHandle
WaitForSingleObject
CreateEventA
SetEvent
ResetEvent
InitializeCriticalSection
HeapAlloc
RaiseException
HeapFree
RtlUnwind
HeapReAlloc
CreateThread
GetCurrentThreadId
TlsSetValue
TlsGetValue
ExitThread
GetCommandLineA
GetVersion
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
IsBadWritePtr
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
SetLastError
TerminateProcess
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
LCMapStringA

Exports

Exports

CreateObject
GetHandlerProperty
GetHandlerProperty2
GetMethodProperty
GetNumberOfFormats
GetNumberOfMethods
SetLargePageMode

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BugTrap.dll
.dll windows:5 windows x86 arch:x86

eefe124a03660920dde6b567e34e8c8d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\MIHAELA\PROIECTE\MyNetSharing\bitShare\vc9\Win32\Release\BugTrap.pdb

Imports

kernel32

WriteConsoleW
SetEndOfFile
GetLocalTime
ReadProcessMemory
GetCurrentProcess
LocalFree
LocalAlloc
GetCurrentThread
FormatMessageW
GetSystemInfo
GlobalMemoryStatus
GetThreadContext
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCurrentThreadId
SuspendThread
ResumeThread
GetDateFormatW
GetTimeFormatW
SystemTimeToFileTime
GetComputerNameW
GetCommandLineW
GetCurrentDirectoryW
GetFileAttributesW
DeleteFileW
SetUnhandledExceptionFilter
LoadLibraryExW
CreateProcessW
TerminateProcess
CreateEventW
DisableThreadLibraryCalls
GetUserDefaultLangID
VirtualQuery
VirtualProtect
GetModuleHandleA
WaitForMultipleObjects
LocalReAlloc
ResetEvent
GetExitCodeThread
GetTempPathW
RemoveDirectoryW
CreateDirectoryW
GetTickCount
GetStringTypeW
GetWindowsDirectoryW
IsDBCSLeadByte
FlushFileBuffers
CreateFileA
GetConsoleOutputCP
GetStdHandle
SetStdHandle
RtlUnwind
InitializeCriticalSectionAndSpinCount
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
GetLocaleInfoA
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
HeapDestroy
HeapCreate
HeapReAlloc
VirtualAlloc
VirtualFree
ExitProcess
HeapSize
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
IsDebuggerPresent
UnhandledExceptionFilter
GetCommandLineA
HeapFree
HeapAlloc
CreateThread
ExitThread
LoadLibraryA
InterlockedExchange
InitializeCriticalSection
OutputDebugStringW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetLastError
OpenProcess
GetModuleFileNameW
GetCurrentProcessId
GetModuleHandleW
GetVersionExW
WideCharToMultiByte
FreeLibrary
GetProcAddress
LoadLibraryW
GetProfileIntW
MulDiv
ReadFile
GetFileSize
SetFilePointer
GetStringTypeA
MultiByteToWideChar
WaitForSingleObject
SetEvent
FindNextFileW
FindClose
FindFirstFileW
RaiseException
CopyFileW
CloseHandle
WriteFile
WriteConsoleA
CreateFileW

user32

DestroyIcon
DrawIconEx
GetClassLongW
CopyIcon
LoadCursorW
DrawTextW
GetWindow
SendMessageTimeoutW
GetWindowThreadProcessId
GetForegroundWindow
GetActiveWindow
AppendMenuW
GetSystemMenu
EnumDisplayDevicesW
GetTabbedTextExtentW
TabbedTextOutW
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
MapWindowPoints
DrawEdge
IsZoomed
IsWindowVisible
SetScrollPos
GetDialogBaseUnits
IsChild
ReleaseCapture
EndDialog
GetParent
GetDlgItem
SetFocus
GetWindowTextW
SetCursor
SetCapture
GetCapture
GetMessagePos
DrawFocusRect
GetFocus
PtInRect
GetKeyState
ReleaseDC
GetDC
ScrollWindowEx
SetScrollInfo
GetScrollInfo
GetScrollPos
DefWindowProcW
RedrawWindow
EndPaint
BeginPaint
FillRect
GetSysColorBrush
IsRectEmpty
KillTimer
SetTimer
PostMessageW
DispatchMessageW
GetMessageW
PostQuitMessage
SetWindowPos
ScreenToClient
GetWindowRect
CreateDialogParamW
LoadIconW
MessageBoxW
SetForegroundWindow
SetWindowLongW
GetWindowLongW
CheckRadioButton
LoadImageW
ShowWindow
DestroyWindow
IsWindowEnabled
EnableWindow
CreateWindowExW
DialogBoxParamW
UpdateWindow
InvalidateRect
LoadStringW
GetSystemMetrics
GetClientRect
GetSysColor
GetDlgCtrlID
SetWindowTextW
SendMessageW
GetWindowTextLengthW
SystemParametersInfoW

gdi32

TextOutW
MoveToEx
LineTo
GetTextExtentPoint32W
GetObjectW
GetTextMetricsW
CreateDCW
GetDeviceCaps
GetDIBits
CreateFontIndirectW
PatBlt
SetTextColor
DeleteDC
BitBlt
GetClipBox
SelectObject
SetBkColor
DeleteObject
CreateCompatibleBitmap
StretchBlt
SetViewportOrgEx
CreateCompatibleDC

advapi32

RegEnumValueW
AdjustTokenPrivileges
GetTokenInformation
OpenProcessToken
GetUserNameW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW

zlibwapi

zipOpen
zipCloseFileInZip
zipWriteInFileInZip
zipOpenNewFileInZip
zipClose

Exports

Exports

BT_AppLogEntryF
BT_CallCppFilter
BT_CallNetFilter
BT_CallSehFilter
BT_InsLogEntryF
BT_InterceptSUEF
_BT_AddLogFile@4
_BT_AddRegFile@8
_BT_AppLogEntry@12
_BT_AppLogEntryV@16
_BT_ClearLog@4
_BT_ClearLogFiles@0
_BT_CloseLogFile@4
_BT_CppFilter@4
_BT_DeleteLogFile@4
_BT_ExportRegistryKey@8
_BT_FlushLogFile@4
_BT_GetActivityType@0
_BT_GetAppName@0
_BT_GetAppVersion@0
_BT_GetDialogMessage@4
_BT_GetDumpType@0
_BT_GetExitMode@0
_BT_GetFlags@0
_BT_GetLogEchoMode@4
_BT_GetLogFileEntry@20
_BT_GetLogFileName@4
_BT_GetLogFilesCount@0
_BT_GetLogFlags@4
_BT_GetLogLevel@4
_BT_GetLogSizeInBytes@4
_BT_GetLogSizeInEntries@4
_BT_GetMailProfile@0
_BT_GetNotificationEMail@0
_BT_GetPostErrHandler@0
_BT_GetPreErrHandler@0
_BT_GetReportFilePath@0
_BT_GetReportFormat@0
_BT_GetSupportEMail@0
_BT_GetSupportHost@0
_BT_GetSupportPort@0
_BT_GetSupportURL@0
_BT_GetUserMessage@0
_BT_InsLogEntry@12
_BT_InsLogEntryV@16
_BT_InstallSehFilter@0
_BT_MailSnapshot@0
_BT_MailSnapshotEx@4
_BT_NetFilter@4
_BT_OpenLogFile@8
_BT_ReadVersionInfo@4
_BT_SaveSnapshot@4
_BT_SaveSnapshotEx@8
_BT_SehFilter@4
_BT_SendSnapshot@0
_BT_SendSnapshotEx@4
_BT_SetActivityType@4
_BT_SetAppName@4
_BT_SetAppVersion@4
_BT_SetDialogMessage@8
_BT_SetDumpType@4
_BT_SetExitMode@4
_BT_SetFlags@4
_BT_SetLogEchoMode@8
_BT_SetLogFlags@8
_BT_SetLogLevel@8
_BT_SetLogSizeInBytes@8
_BT_SetLogSizeInEntries@8
_BT_SetMailProfile@8
_BT_SetNotificationEMail@4
_BT_SetPostErrHandler@8
_BT_SetPreErrHandler@8
_BT_SetReportFilePath@4
_BT_SetReportFormat@4
_BT_SetSupportEMail@4
_BT_SetSupportHost@4
_BT_SetSupportPort@4
_BT_SetSupportServer@8
_BT_SetSupportURL@4
_BT_SetUserMessage@4
_BT_SetUserMessageFromCode@4
_BT_UninstallSehFilter@0

Sections

.text
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Data/AdultFilter.dat
Data/DefaultAvatar.png
.png
Data/DefaultSecurity.dat
Data/DefaultServices.dat
Data/Emoticons.bmp
Data/Emoticons.xml
Data/Flags.png
.png
Data/MessageFilter.dat
Data/Splash.png
.png
Data/Thumbs.db
Data/Vendors.xml
Data/WorldGPS.dat
DocumentReader.dll
.dll regsvr32 windows:5 windows x86 arch:x86

d62bd61eaac00da87ab892721be5d98f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
GetShortPathNameW
HeapCreate
GetVersion
DisableThreadLibraryCalls
HeapDestroy
SetThreadLocale
InitializeCriticalSection
GetLocaleInfoA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
EnterCriticalSection
RaiseException
LeaveCriticalSection
IsDBCSLeadByte
lstrcmpiA
FreeLibrary
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetModuleFileNameW
SearchPathA
SearchPathW
GetThreadLocale
lstrlenA
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetLastError
IsValidCodePage
HeapFree
HeapAlloc
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetModuleHandleW
GetACP
GetStringTypeW
GetStringTypeA
LCMapStringA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
GetCPInfo
GetStdHandle
WriteFile
ExitProcess
Sleep
VirtualFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCommandLineA
GetCurrentThreadId
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetProcessHeap
HeapSize
HeapReAlloc

user32

CharNextW
wsprintfA
CharNextA
FillRect
ReleaseDC
GetDC

gdi32

GetEnhMetaFileHeader
RestoreDC
PlayMetaFile
SetBkMode
CreateSolidBrush
SetViewportExtEx
SetWindowExtEx
SetWindowOrgEx
SetMapMode
SaveDC
CreateDIBSection
DeleteObject
DeleteDC
GetDIBits
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
SetEnhMetaFileBits
CreateBitmapIndirect
SetMetaFileBitsEx
PlayEnhMetaFile

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegCloseKey
RegDeleteKeyA
RegDeleteValueA

ole32

PropVariantClear
StringFromGUID2
StgOpenStorage
StgIsStorageFile
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemRealloc
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

oleaut32

VariantTimeToSystemTime
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SysAllocString
SystemTimeToVariantTime
SysFreeString
VariantClear
SysStringLen
VarUI4FromStr
UnRegisterTypeLi
LoadTypeLi
RegisterTypeLi
VariantCopy
VariantChangeType
SafeArrayGetUBound
VariantInit
VarBstrCat
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
SafeArrayCreateVector

zlibwapi

fill_win32_filefunc
unzOpen2
unzClose
unzGoToFirstFile
unzLocateFile
unzOpenCurrentFilePassword
unzGetCurrentFileInfo
unzReadCurrentFile
unzCloseCurrentFile

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GFLImageServices.dll
.dll regsvr32 windows:5 windows x86 arch:x86

86083eb233d67a2b17bb5f0df5ff6508

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libgfl340

gflLoadBitmap
gflLoadBitmapFromMemory
gflSaveBitmapIntoMemory
gflLibraryInit
gflGetFormatInformationByIndex
gflLibraryExit
gflEnableLZW
gflMemoryFree
gflGetDefaultSaveParams
gflAllockBitmapEx
gflGetFileInformationFromMemory
gflFreeBitmap
gflGetDefaultLoadParams
gflGetFileInformation
gflGetFormatIndexByName
gflSaveBitmap
gflGetNumberOfFormat

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
FreeLibrary
lstrlenW
GetProcAddress
GetModuleHandleW
lstrcmpiW
RaiseException
LeaveCriticalSection
EnterCriticalSection
GetLastError
GetLocaleInfoA
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
InitializeCriticalSection
DeleteCriticalSection
GetThreadLocale
SetThreadLocale
WideCharToMultiByte
LockResource
FindResourceExW
InterlockedIncrement
InterlockedDecrement
GetShortPathNameW
InitializeCriticalSectionAndSpinCount
RtlUnwind
MultiByteToWideChar
GetModuleHandleA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
WriteFile
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
VirtualAlloc
HeapCreate
Sleep
ExitProcess
SetHandleCount

user32

CharLowerBuffW
CharNextW

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW

ole32

CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2
CoCreateFreeThreadedMarshaler
CoCreateInstance
CoTaskMemFree

oleaut32

SafeArrayGetUBound
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen
RegisterTypeLi
VarUI4FromStr

shlwapi

SHDeleteValueW
SHSetValueW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GFLLibraryBuilder.dll
.dll regsvr32 windows:5 windows x86 arch:x86

c581a0258a3f870004faad62efbe769c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libgfl340

gflLibraryInit
gflGetFormatInformationByIndex
gflGetNumberOfFormat
gflGetFileInformation
gflLibraryExit
gflEnableLZW

kernel32

lstrlenW
GetProcAddress
GetModuleHandleW
lstrcmpiW
RaiseException
LeaveCriticalSection
EnterCriticalSection
GetLastError
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
FreeLibrary
GetShortPathNameW
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
SetLastError
GetThreadLocale
SetThreadLocale
LockResource
FindResourceExW
GetStringTypeW
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
VirtualAlloc
HeapCreate
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType

user32

wvsprintfW
CharLowerBuffW
CharNextW

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
CoCreateInstance
StringFromGUID2
CoTaskMemFree

oleaut32

SysStringLen
VarUI4FromStr
SysAllocStringLen
UnRegisterTypeLi
LoadTypeLi
SysFreeString
RegisterTypeLi
SysAllocString

shlwapi

SHDeleteValueW
SHSetValueW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GeoIP.dll
.dll windows:5 windows x86 arch:x86

b31bb1c1e6c5571c97e8214c18471549

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTimeAsFileTime
GetModuleFileNameA
GetModuleHandleA
LocalAlloc
GetProcAddress
FreeLibrary
InterlockedExchange
GetLastError
LoadLibraryA
RaiseException
HeapFree
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFileType
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
FindClose
GetDriveTypeA
FindFirstFileA
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
VirtualAlloc
SetStdHandle
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleHandleW
Sleep
ExitProcess
WriteFile
RtlUnwind
MultiByteToWideChar
ReadFile
SetFilePointer
CloseHandle
GetFullPathNameA
CreateFileA
GetCurrentDirectoryA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
FlushFileBuffers
SetEndOfFile
GetProcessHeap
LCMapStringA
LCMapStringW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

GeoIPRegion_delete
GeoIP_assign_region_by_inetaddr
GeoIP_assign_region_by_inetaddr_v6
GeoIP_charset
GeoIP_code3_by_id
GeoIP_code_by_id
GeoIP_continent_by_id
GeoIP_country_code3_by_addr
GeoIP_country_code3_by_ipnum
GeoIP_country_code3_by_ipnum_v6
GeoIP_country_code3_by_name
GeoIP_country_code_by_addr
GeoIP_country_code_by_ipnum
GeoIP_country_code_by_ipnum_v6
GeoIP_country_code_by_name
GeoIP_country_id_by_addr
GeoIP_country_id_by_name
GeoIP_country_name_by_addr
GeoIP_country_name_by_ipnum
GeoIP_country_name_by_ipnum_v6
GeoIP_country_name_by_name
GeoIP_database_edition
GeoIP_database_info
GeoIP_db_avail
GeoIP_delete
GeoIP_id_by_addr
GeoIP_id_by_addr_v6
GeoIP_id_by_code
GeoIP_id_by_ipnum
GeoIP_id_by_ipnum_v6
GeoIP_id_by_name
GeoIP_id_by_name_v6
GeoIP_last_netmask
GeoIP_name_by_addr
GeoIP_name_by_addr_v6
GeoIP_name_by_id
GeoIP_name_by_ipnum
GeoIP_name_by_ipnum_v6
GeoIP_name_by_name
GeoIP_name_by_name_v6
GeoIP_new
GeoIP_num_countries
GeoIP_open
GeoIP_open_type
GeoIP_org_by_addr
GeoIP_org_by_addr_v6
GeoIP_org_by_ipnum
GeoIP_org_by_ipnum_v6
GeoIP_org_by_name
GeoIP_org_by_name_v6
GeoIP_range_by_ip
GeoIP_range_by_ip_delete
GeoIP_region_by_addr
GeoIP_region_by_addr_v6
GeoIP_region_by_ipnum
GeoIP_region_by_ipnum_v6
GeoIP_region_by_name
GeoIP_region_by_name_v6
GeoIP_set_charset
GeoIP_setup_custom_directory

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HashLib.dll
.dll windows:5 windows x86 arch:x86

ce68a956611d680da4eb6ddd51dec748

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapAlloc
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapReAlloc
WriteFile
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
HeapSize
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

??0CED2K@@QAE@XZ
??0CMD4@@QAE@XZ
??0CMD5@@QAE@XZ
??0CSHA@@QAE@XZ
??0CTigerNode@@QAE@XZ
??0CTigerTree@@QAE@XZ
??1CED2K@@QAE@XZ
??1CMD4@@QAE@XZ
??1CMD5@@QAE@XZ
??1CSHA@@QAE@XZ
??1CTigerTree@@QAE@XZ
??4CED2K@@QAEAAV0@ABV0@@Z
??4CMD4@@QAEAAV0@ABV0@@Z
??4CMD5@@QAEAAV0@ABV0@@Z
??4CSHA@@QAEAAV0@ABV0@@Z
??4CTigerNode@@QAEAAV0@ABV0@@Z
??4CTigerTree@@QAEAAV0@ABV0@@Z
??4Digest@CMD4@@QAEAAU01@ABU01@@Z
??4Digest@CMD5@@QAEAAU01@ABU01@@Z
??4Digest@CSHA@@QAEAAU01@ABU01@@Z
??4TigerTreeDigest@CTigerTree@@QAEAAU01@ABU01@@Z
??ADigest@CMD4@@QAEAAKI@Z
??ADigest@CMD4@@QBEABKI@Z
??ADigest@CMD5@@QAEAAKI@Z
??ADigest@CMD5@@QBEABKI@Z
??ADigest@CSHA@@QAEAAKI@Z
??ADigest@CSHA@@QBEABKI@Z
??ATigerTreeDigest@CTigerTree@@QAEAA_KI@Z
??ATigerTreeDigest@CTigerTree@@QBEAB_KI@Z
?Add@CMD4@@QAEXPBXI@Z
?Add@CMD5@@QAEXPBXI@Z
?Add@CSHA@@QAEXPBXI@Z
?AddToFile@CED2K@@QAEXPBXK@Z
?AddToFile@CTigerTree@@QAEXPBXK@Z
?AddToTest@CED2K@@QAEXPBXK@Z
?AddToTest@CTigerTree@@QAEXPBXK@Z
?Assume@CTigerTree@@QAEXPAV1@@Z
?BeginBlockTest@CED2K@@QAEXXZ
?BeginBlockTest@CTigerTree@@QAEXXZ
?BeginFile@CED2K@@QAEX_K@Z
?BeginFile@CTigerTree@@QAEXK_K@Z
?BlocksToNode@CTigerTree@@AAEXXZ
?CheckIntegrity@CED2K@@QAEHXZ
?CheckIntegrity@CTigerTree@@QAEHXZ
?Clear@CED2K@@QAEXXZ
?Clear@CTigerTree@@QAEXXZ
?Collapse@CTigerTree@@AAEXXZ
?Finish@CMD4@@QAEXXZ
?Finish@CMD5@@QAEXXZ
?Finish@CSHA@@QAEXXZ
?FinishBlockTest@CED2K@@QAEHK@Z
?FinishBlockTest@CTigerTree@@QAEHK@Z
?FinishFile@CED2K@@QAEHXZ
?FinishFile@CTigerTree@@QAEHXZ
?FromBytes@CED2K@@QAEHPAEK_K@Z
?FromBytes@CTigerTree@@QAEHPBEKK_K@Z
?FromBytesLevel1@CTigerTree@@QAEHPBEK_K@Z
?FromRoot@CED2K@@QAEXPBE@Z
?GetBlockCount@CED2K@@QBEKXZ
?GetBlockCount@CTigerTree@@QBEKXZ
?GetBlockLength@CTigerTree@@QBEKXZ
?GetHash@CMD4@@QBEXPAE@Z
?GetHash@CMD5@@QBEXPAE@Z
?GetHash@CSHA@@QBEXPAE@Z
?GetHeight@CTigerTree@@QBEKXZ
?GetRawPtr@CED2K@@QBEPBXXZ
?GetRoot@CED2K@@QBEXPAE@Z
?GetRoot@CTigerTree@@QBEHPAE@Z
?GetSerialSize@CED2K@@QBEKXZ
?GetSerialSize@CTigerTree@@QBEKXZ
?GetSize@CED2K@@QBEKXZ
?IsAvailable@CED2K@@QBEHXZ
?IsAvailable@CTigerTree@@QBEHXZ
?Load@CED2K@@QAEXPBE@Z
?Load@CTigerTree@@QAEXPBE@Z
?Reset@CMD4@@QAEXXZ
?Reset@CMD5@@QAEXXZ
?Reset@CSHA@@QAEXXZ
?Save@CED2K@@QBEXPAE@Z
?Save@CTigerTree@@QBEXPAE@Z
?SetHeight@CTigerTree@@QAEXK@Z
?SetSize@CED2K@@QAEXK@Z
?SetupAndAllocate@CTigerTree@@QAEXK_K@Z
?SetupParameters@CTigerTree@@QAEX_K@Z
?Tiger@CTigerTree@@CAXPBX_KPA_K22@Z
?ToBytes@CED2K@@QAEHPAPAEPAK@Z
?ToBytes@CTigerTree@@QAEHPAPAEPAKK@Z
?ToBytesLevel1@CTigerTree@@QAEHPAPAEPAK@Z

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ImageViewer.dll
.dll regsvr32 windows:5 windows x86 arch:x86

7c243d365f44afcec80532bb549440e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrcpyW
lstrcatW
GetLocaleInfoA
MultiByteToWideChar
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
FreeLibrary
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
GetLastError
lstrlenW
GetModuleHandleW
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
SetThreadLocale
DeleteCriticalSection
GetThreadLocale
lstrcmpiW
UnmapViewOfFile
MapViewOfFile
SetFilePointer
CreateFileMappingW
CloseHandle
GetFileSize
CreateFileW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetModuleHandleA
GetFileType
SetHandleCount
GetModuleFileNameA
GetStdHandle
WriteFile
HeapReAlloc
VirtualAlloc
VirtualFree
HeapDestroy
HeapCreate
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ExitProcess
HeapSize
Sleep
SetLastError
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree

user32

LoadCursorW
DestroyWindow
LoadStringW
CharNextW
ReleaseDC
GetDC
ReleaseCapture
SetCapture
PostMessageW
EndPaint
InflateRect
BeginPaint
MoveWindow
OffsetRect
GetClientRect
GetParent
SetTimer
KillTimer
SetCursor
LoadImageW
DestroyIcon
InvalidateRect
BringWindowToTop
ShowWindow
GetActiveWindow
MessageBoxW

gdi32

Rectangle
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
GetObjectW
SetBkColor
SetBkMode
ExcludeClipRect
DeleteObject
SetDIBits
CreateDIBitmap
ExtTextOutW

advapi32

RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW

shell32

SHGetFileInfoW

ole32

StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CLSIDFromString
CoCreateInstance

oleaut32

SysAllocStringLen
VarUI4FromStr
UnRegisterTypeLi
LoadTypeLi
SysStringLen
RegisterTypeLi
SafeArrayGetUBound
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayDestroy
SysFreeString
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MediaImageServices.exe
.exe windows:5 windows x86 arch:x86

3d364806f3805d2f51903990795ff62d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
InitializeCriticalSection
DeleteCriticalSection
SetErrorMode
GetCurrentThreadId
InterlockedDecrement
SetEvent
GetCommandLineW
GetLastError
WaitForSingleObject
Sleep
CreateEventW
CreateThread
InterlockedIncrement
IsDebuggerPresent
LCMapStringW
LCMapStringA
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
RaiseException
lstrcmpiW
GetModuleHandleW
GetProcAddress
lstrlenW
CloseHandle
FreeLibrary
GetStringTypeA
WideCharToMultiByte
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetSystemTimeAsFileTime
GetModuleHandleA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
HeapAlloc
HeapFree
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
HeapSize
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount

user32

CharNextW
CharUpperW
GetMessageW
TranslateMessage
DispatchMessageW
PostThreadMessageW

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW

ole32

CoInitializeEx
CoTaskMemAlloc
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoResumeClassObjects
CoRegisterClassObject
CoRevokeClassObject
CoSuspendClassObjects
CoTaskMemRealloc
StringFromCLSID
StringFromGUID2

oleaut32

SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen
RegisterTypeLi
VarUI4FromStr
UnRegisterTypeLi

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MediaLibraryBuilder.exe
.exe windows:5 windows x86 arch:x86

c27c044464e971f0f1d50aa7096799fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
SetLastError
SetErrorMode
GetCurrentThreadId
SetEvent
EnterCriticalSection
CloseHandle
WaitForSingleObject
Sleep
CreateEventW
CreateThread
FlushFileBuffers
CreateFileA
LeaveCriticalSection
RaiseException
lstrcmpiW
GetModuleHandleW
GetProcAddress
lstrlenW
FreeLibrary
GetCommandLineW
DeleteCriticalSection
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
SetFilePointer
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
VirtualAlloc
HeapCreate
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetModuleHandleA

user32

CharNextW
PostThreadMessageW
CharUpperW
GetMessageW
TranslateMessage
DispatchMessageW
wvsprintfW

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoInitializeEx
CoResumeClassObjects
StringFromGUID2
CoRegisterClassObject
CoRevokeClassObject
CoCreateInstance
CoSuspendClassObjects
CoUninitialize

oleaut32

UnRegisterTypeLi
LoadTypeLi
SysStringLen
RegisterTypeLi
SysAllocString
SysAllocStringLen
SysFreeString
VarUI4FromStr

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MediaPlayer.exe
.exe windows:5 windows x86 arch:x86

0e3b6419b753915e6f9f9228d2add89d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CreateEventW
CreateThread
CloseHandle
WaitForSingleObject
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
SetLastError
GetCurrentProcess
FlushInstructionCache
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
lstrcmpW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
Sleep
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
SetFilePointer
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
HeapSize
GetModuleFileNameA
GetStdHandle
InitializeCriticalSection
GetCommandLineW
SetEvent
InterlockedDecrement
DeleteCriticalSection
GetCurrentThreadId
SetErrorMode
GetModuleFileNameW
GetModuleHandleW
FindResourceW
LoadLibraryExW
LoadResource
SizeofResource
MultiByteToWideChar
GetLastError
RaiseException
lstrcmpiW
FreeLibrary
lstrlenW
WriteFile
ExitProcess
HeapCreate
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetModuleHandleA

user32

GetClassInfoExW
UnregisterClassA
CharNextW
PostThreadMessageW
CharUpperW
GetMessageW
TranslateMessage
DispatchMessageW
IsWindow
SetWindowPos
RegisterClassExW
LoadCursorW
DefWindowProcW
SetWindowLongW
GetWindowLongW
DestroyAcceleratorTable
IsWindowVisible
ShowWindow
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
BeginPaint
EndPaint
IsChild
GetFocus
GetDesktopWindow
GetWindow
GetDlgItem
SendMessageW
GetClassNameW
GetSysColor
RedrawWindow
SetFocus
CreateWindowExW
DestroyWindow
CreateAcceleratorTableW
ClientToScreen
GetParent
ScreenToClient
MoveWindow
SetCapture
ReleaseCapture
FillRect
GetClientRect
InvalidateRgn
CallWindowProcW
InvalidateRect
GetDC
ReleaseDC

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteObject
BitBlt
DeleteDC
GetStockObject
GetObjectW
GetDeviceCaps
CreateSolidBrush

advapi32

RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
CoUninitialize
StringFromGUID2
CoCreateInstance
CoRegisterClassObject
CoRevokeClassObject
OleUninitialize
OleLockRunning
CreateStreamOnHGlobal
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
OleInitialize

oleaut32

SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
OleCreateFontIndirect
LoadRegTypeLi
VariantClear
VariantInit
SysAllocStringLen
RegisterTypeLi
VarUI4FromStr
SysStringLen

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Preview.dll
.dll regsvr32 windows:5 windows x86 arch:x86

547d2499a8ea189ae5c4d932f977c807

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
GetCurrentProcess
FlushInstructionCache
MulDiv
lstrcmpW
lstrlenA
FindResourceExW
FreeLibrary
GetProcAddress
GetModuleHandleW
LoadLibraryExW
GetThreadLocale
SetThreadLocale
CloseHandle
WaitForSingleObject
TerminateProcess
GetFileAttributesW
GlobalHandle
GlobalFree
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
GetCurrentThreadId
LoadResource
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
Sleep
HeapCreate
InterlockedIncrement
InterlockedDecrement
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
lstrcatW
lstrcpynW
DeleteCriticalSection
GetModuleFileNameW
InitializeCriticalSection
GetStringTypeW
FindResourceW
SizeofResource
MultiByteToWideChar
GetLastError
EnterCriticalSection
LeaveCriticalSection
RaiseException
lstrcmpiW
lstrlenW
GetStringTypeA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCommandLineA
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetModuleHandleA

user32

GetDlgItem
SetDlgItemTextW
EnableWindow
UpdateWindow
SetFocus
LoadStringW
SetWindowTextW
GetClientRect
GetSystemMetrics
MessageBoxW
GetDlgItemTextW
CharNextW
UnregisterClassA
SendMessageW
DialogBoxIndirectParamW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
BeginPaint
EndPaint
IsChild
GetFocus
IsWindow
GetClassNameW
GetSysColor
RedrawWindow
GetClassInfoExW
DestroyWindow
CreateAcceleratorTableW
ClientToScreen
GetParent
ScreenToClient
MoveWindow
SetCapture
ReleaseCapture
FillRect
InvalidateRgn
CallWindowProcW
InvalidateRect
GetDC
ReleaseDC
GetDesktopWindow
DestroyAcceleratorTable
GetWindowLongW
SetWindowLongW
DefWindowProcW
LoadCursorW
RegisterClassExW
CreateWindowExW
SendDlgItemMessageW
MapDialogRect
SetWindowPos
SetWindowContextHelpId
GetWindow
EndDialog
GetActiveWindow

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteObject
BitBlt
DeleteDC
GetStockObject
GetObjectW
GetDeviceCaps
CreateSolidBrush

comdlg32

GetOpenFileNameW

advapi32

RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW

shell32

ShellExecuteExW
ShellExecuteW

ole32

CoTaskMemAlloc
CreateStreamOnHGlobal
OleUninitialize
StringFromGUID2
OleLockRunning
CoCreateInstance
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
OleInitialize
StringFromCLSID
CoTaskMemFree
CoCreateFreeThreadedMarshaler
CoTaskMemRealloc

oleaut32

UnRegisterTypeLi
RegisterTypeLi
SysFreeString
SysStringLen
SysAllocStringLen
SysAllocString
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
VariantClear
VariantInit
VarUI4FromStr

shlwapi

PathRemoveArgsW
PathUnquoteSpacesW
PathQuoteSpacesW
SHRegCloseUSKey
SHRegSetUSValueW
StrTrimW
SHDeleteValueW
SHDeleteKeyW
SHRegEnumUSValueW
SHRegOpenUSKeyW
PathFindExtensionW
StrChrW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RARBuilder.dll
.dll regsvr32 windows:5 windows x86 arch:x86

63f5d82d813920e56b38fc4996823f1b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
EnterCriticalSection
FindResourceExW
SetLastError
LoadLibraryW
lstrcpyW
GetThreadLocale
SetThreadLocale
LeaveCriticalSection
RaiseException
lstrcmpiW
GetModuleHandleW
GetProcAddress
lstrlenW
FreeLibrary
LockResource
DeleteCriticalSection
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
VirtualAlloc
HeapCreate
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind

user32

wvsprintfW
CharNextW

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
StringFromGUID2

oleaut32

UnRegisterTypeLi
LoadTypeLi
SysStringLen
RegisterTypeLi
SysAllocString
SysAllocStringLen
SysFreeString
VarUI4FromStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RatDVDReader.dll
.dll regsvr32 windows:5 windows x86 arch:x86

10abf616ff7d95dd029c3c7603d77c29

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
HeapAlloc
HeapFree
IsValidCodePage
WideCharToMultiByte
SearchPathW
EnterCriticalSection
SizeofResource
CreateFileW
CloseHandle
SetFilePointer
ReadFile
LockResource
FindResourceExW
HeapCreate
DisableThreadLibraryCalls
HeapDestroy
GetThreadLocale
SetThreadLocale
MultiByteToWideChar
GetLastError
RaiseException
lstrcmpiW
GetModuleHandleW
GetProcAddress
lstrlenW
LeaveCriticalSection
FreeLibrary
CreateFileA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
LCMapStringA
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapReAlloc
HeapSize
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
RtlUnwind
VirtualFree
VirtualAlloc
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCPInfo
GetACP
GetOEMCP
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime

user32

CharNextW

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW

ole32

CoCreateInstance
CoUninitialize
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc
CoInitialize

oleaut32

LoadTypeLi
RegisterTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
VarBstrCat
SysAllocString
SysFreeString
SysStringLen
VarUI4FromStr
UnRegisterTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RazaWebHook32.dll
.dll regsvr32 windows:5 windows x86 arch:x86

74f331050506a8da2f220d5896420d3c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
SizeofResource
LockResource
FindResourceExW
GetThreadLocale
SetThreadLocale
GetProcAddress
MultiByteToWideChar
GetLastError
EnterCriticalSection
LeaveCriticalSection
RaiseException
lstrcmpiW
lstrlenW
InterlockedDecrement
FreeLibrary
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
VirtualAlloc
HeapCreate
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW

user32

CharLowerBuffW
CharNextW

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW

shell32

ShellExecuteW

ole32

StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
CoCreateInstance

oleaut32

VarUI4FromStr
UnRegisterTypeLi
SysAllocString
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SysFreeString
SysStringLen

shlwapi

SHRegGetUSValueW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RegExp.dll
.dll windows:5 windows x86 arch:x86

66591c94e08d52d3fe115bc02b6e3cb1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
GetModuleHandleW
GetProcAddress
ExitProcess
HeapReAlloc
HeapAlloc
GetCurrentThreadId
GetCommandLineA
RaiseException
RtlUnwind
GetStringTypeW
GetCPInfo
LCMapStringA
LCMapStringW
CompareStringW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
WriteFile
GetStdHandle
GetModuleFileNameA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetLocaleInfoW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
CloseHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA

Exports

Exports

?Match@RegExp@@YAHPB_W0@Z
?Split@RegExp@@YAIPB_W0PAPA_W@Z

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Remote/commonFooter.htm
Remote/commonHeader.htm
Remote/downloadsBottom.htm
Remote/downloadsDownload.htm
Remote/downloadsFooter.htm
Remote/downloadsHeader.htm
Remote/downloadsSource.htm
Remote/downloadsTab.htm
Remote/downloadsTop.htm
Remote/home.htm
Remote/images/shareaza.css
Remote/login.htm
Remote/networkFooter.htm
Remote/networkHeader.htm
Remote/networkNetEnd.htm
Remote/networkNetStart.htm
Remote/networkRow.htm
Remote/searchBottom.htm
Remote/searchColumn.htm
Remote/searchFooter.htm
Remote/searchHeader.htm
Remote/searchMiddle.htm
Remote/searchNew.htm
Remote/searchRowColumn.htm
Remote/searchRowEnd.htm
Remote/searchRowStart.htm
Remote/searchTab.htm
Remote/searchTop.htm
Remote/uploadsFile.htm
Remote/uploadsFooter.htm
Remote/uploadsHeader.htm
Remote/uploadsQueueEnd.htm
Remote/uploadsQueueStart.htm
SWFPlugin.dll
.dll regsvr32 windows:5 windows x86 arch:x86

c6f6d26b6912f2dae6563de5eb1cbd2b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetThreadLocale
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
lstrcmpW
GetTickCount
Sleep
CreateThread
WaitForSingleObject
CloseHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
GetThreadLocale
EnterCriticalSection
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCommandLineA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
SetLastError
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
WideCharToMultiByte
GetLastError
RaiseException
LeaveCriticalSection
DeleteCriticalSection
lstrcmpiW
GetModuleHandleW
GetProcAddress
lstrlenW
FreeLibrary
FreeEnvironmentStringsW
InterlockedCompareExchange
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy

user32

UnregisterClassW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
BeginPaint
EndPaint
IsChild
GetFocus
SetFocus
GetWindow
GetDlgItem
SendMessageW
UnregisterClassA
GetClassNameW
GetSysColor
SetWindowPos
RedrawWindow
LoadCursorW
GetClassInfoExW
RegisterClassExW
DefWindowProcW
GetWindowLongW
SetWindowLongW
CreateWindowExW
DestroyWindow
CreateAcceleratorTableW
ClientToScreen
GetParent
ScreenToClient
MoveWindow
SetCapture
ReleaseCapture
FillRect
GetClientRect
InvalidateRgn
CallWindowProcW
InvalidateRect
GetDC
ReleaseDC
GetDesktopWindow
DestroyAcceleratorTable
wvsprintfW
CharNextW
IsWindow

gdi32

CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteObject
BitBlt
DeleteDC
GetStockObject
GetObjectW
GetDeviceCaps
GetDIBits

advapi32

RegQueryInfoKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW

ole32

CoUninitialize
OleDraw
OleRun
CoInitializeEx
OleInitialize
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
CreateStreamOnHGlobal
OleLockRunning
StringFromGUID2
CoCreateInstance
CoCreateFreeThreadedMarshaler
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc

oleaut32

UnRegisterTypeLi
OleCreateFontIndirect
LoadRegTypeLi
VariantClear
VariantInit
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SysStringLen
RegisterTypeLi
SysAllocString
SysAllocStringLen
VarUI4FromStr
SysFreeString
LoadTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Schemas/Collection.ico
Schemas/CollectionXP.ico
Schemas/allFiles.xml
Schemas/allFiles.xsd
.xml
Schemas/allfilesFolder.ico
Schemas/allfilesFolderXP.ico
Schemas/application.ico
Schemas/application.xml
Schemas/application.xsd
.xml
Schemas/applicationAll.xml
Schemas/applicationAll.xsd
.xml
Schemas/applicationFolder.ico
Schemas/applicationFolderXP.ico
Schemas/applicationRoot.xml
Schemas/applicationRoot.xsd
.xml
Schemas/applicationXP.ico
Schemas/archive.ico
Schemas/archive.xml
Schemas/archive.xsd
.xml
Schemas/archiveXP.ico
Schemas/audio.ico
Schemas/audio.xml
Schemas/audio.xsd
.xml
Schemas/audioXP.ico
Schemas/bittorrent.ico
Schemas/bittorrent.xml
Schemas/bittorrent.xsd
.xml
Schemas/bittorrentXP.ico
Schemas/book.ICO
Schemas/book.xml
Schemas/book.xsd
.xml
Schemas/bookAll.xml
Schemas/bookAll.xsd
.xml
Schemas/bookFolder.ico
Schemas/bookFolderXP.ico
Schemas/bookRoot.xml
Schemas/bookRoot.xsd
.xml
Schemas/bookXP.ico
Schemas/collection.xml
Schemas/collection.xsd
Schemas/collectionsFolder.ico
Schemas/collectionsFolder.xml
Schemas/collectionsFolder.xsd
.xml
Schemas/collectionsFolderXP.ico
Schemas/documentAll.xml
Schemas/documentAll.xsd
.xml
Schemas/documentFolder.ico
Schemas/documentFolderXP.ico
Schemas/documentRoot.xml
Schemas/documentRoot.xsd
.xml
Schemas/favourites.ico
Schemas/favouritesFolder.xml
Schemas/favouritesFolder.xsd
.xml
Schemas/favouritesXP.ico
Schemas/folder.ico
Schemas/folder.xml
Schemas/folder.xsd
.xml
Schemas/folderXP.ico
Schemas/ghostFolder.ico
Schemas/ghostFolder.xml
Schemas/ghostFolder.xsd
.xml
Schemas/ghostFolderXP.ico
Schemas/image.ico
Schemas/image.xml
Schemas/image.xsd
.xml
Schemas/imageAlbum.xml
Schemas/imageAlbum.xsd
.xml
Schemas/imageAll.xml
Schemas/imageAll.xsd
.xml
Schemas/imageFolder.ico
Schemas/imageFolderXP.ico
Schemas/imageRoot.xml
Schemas/imageRoot.xsd
.xml
Schemas/imageXP.ico
Schemas/libraryRoot.ico
Schemas/libraryRoot.xml
Schemas/libraryRoot.xsd
.xml
Schemas/libraryRootXP.ico
Schemas/musicAlbum.xml
Schemas/musicAlbum.xsd
.xml
Schemas/musicAlbumCollection.xml
Schemas/musicAlbumCollection.xsd
.xml
Schemas/musicAll.xml
Schemas/musicAll.xsd
.xml
Schemas/musicArtist.xml
Schemas/musicArtist.xsd
.xml
Schemas/musicArtistCollection.xml
Schemas/musicArtistCollection.xsd
.xml
Schemas/musicDisk.ico
Schemas/musicDiskXP.ico
Schemas/musicFolder.ico
Schemas/musicFolderXP.ico
Schemas/musicGenre.xml
Schemas/musicGenre.xsd
.xml
Schemas/musicGenreCollection.xml
Schemas/musicGenreCollection.xsd
.xml
Schemas/musicRoot.xml
Schemas/musicRoot.xsd
.xml
Schemas/presentation.ico
Schemas/presentation.xml
Schemas/presentation.xsd
.xml
Schemas/presentationXP.ico
Schemas/rom.ico
Schemas/rom.xml
Schemas/rom.xsd
.xml
Schemas/romXP.ico
Schemas/searchFolder.ico
Schemas/searchFolder.xml
Schemas/searchFolder.xsd
.xml
Schemas/searchFolderXP.ico
Schemas/shareazaSkin.ico
Schemas/shareazaSkin.xml
Schemas/shareazaSkin.xsd
.xml
Schemas/shareazaSkinXP.ico
Schemas/sourceCode.ico
Schemas/sourceCode.xml
Schemas/sourceCode.xsd
.xml
Schemas/sourceCodeXP.ico
Schemas/spreadsheet.ICO
Schemas/spreadsheet.xml
Schemas/spreadsheet.xsd
.xml
Schemas/spreadsheetXP.ico
Schemas/subtitle.ico
Schemas/subtitle.xml
Schemas/subtitle.xsd
Schemas/subtitleXP.ico
Schemas/video.ico
Schemas/video.xml
Schemas/video.xsd
.xml
Schemas/videoAll.xml
Schemas/videoAll.xsd
.xml
Schemas/videoFilm.xml
Schemas/videoFilm.xsd
.xml
Schemas/videoFilmCollection.xml
Schemas/videoFilmCollection.xsd
.xml
Schemas/videoFolder.ico
Schemas/videoFolderXP.ico
Schemas/videoMusicCollection.xml
Schemas/videoMusicCollection.xsd
.xml
Schemas/videoRoot.xml
Schemas/videoRoot.xsd
.xml
Schemas/videoSeries.xml
Schemas/videoSeries.xsd
.xml
Schemas/videoSeriesCollection.xml
Schemas/videoSeriesCollection.xsd
.xml
Schemas/videoXP.ico
Schemas/wordProcessing.ICO
Schemas/wordProcessing.xml
Schemas/wordProcessing.xsd
.xml
Schemas/wordProcessingXP.ico
SearchExport.dll
.dll regsvr32 windows:5 windows x86 arch:x86

7a3986bf0e3997dc07c76fbade689632

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GetModuleFileNameW
WideCharToMultiByte
lstrlenA
CloseHandle
CreateFileW
GetFileSize
ReadFile
FindFirstFileW
FindNextFileW
WriteFile
InterlockedIncrement
LoadLibraryExW
InitializeCriticalSection
LockResource
FindResourceExW
GetThreadLocale
SetThreadLocale
EnterCriticalSection
LeaveCriticalSection
GetProcAddress
LoadResource
FindResourceW
SizeofResource
MultiByteToWideChar
GetLastError
RaiseException
lstrcmpiW
lstrlenW
FreeLibrary
InterlockedDecrement
DeleteCriticalSection
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
VirtualAlloc
HeapCreate
Sleep
ExitProcess
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
GetModuleHandleA

user32

LoadIconW
CharNextW

comdlg32

GetSaveFileNameW

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW

shell32

ShellExecuteW

ole32

CoCreateInstance
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

VarUI4FromStr
VariantClear
SysAllocString
UnRegisterTypeLi
LoadTypeLi
RegisterTypeLi
VarBstrCmp
SysStringLen
VariantInit
SysStringByteLen
SysAllocStringByteLen
SysFreeString

shlwapi

PathFindExtensionW
SHGetValueW
PathFindFileNameW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Skin.exe
.exe windows:5 windows x86 arch:x86

553942f2f9a61fbb3ace1064eaff2ab5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetProcessHeap
SetEndOfFile
HeapSize
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetLastError
CreateDirectoryW
GetVersion
GetShortPathNameW
CloseHandle
SetCurrentDirectoryW
MultiByteToWideChar
CreateFileW
GetModuleFileNameW
WriteFile
FlushFileBuffers
GetModuleHandleW
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
GetSystemTimeAsFileTime
GetCurrentProcessId
LocalAlloc
GetProcAddress
FreeLibrary
InterlockedExchange
LoadLibraryA
RaiseException
HeapFree
HeapAlloc
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
Sleep
ExitProcess
GetStdHandle
GetModuleFileNameA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
SetFilePointer
SetHandleCount
GetFileType
GetStartupInfoA
RtlUnwind
ReadFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
QueryPerformanceCounter
GetTickCount

user32

SetWindowTextW
SendDlgItemMessageW
GetDlgItem
DialogBoxParamW
MessageBoxW
EnableWindow
SendMessageW
SetDlgItemTextW
FillRect
LoadImageW
PostMessageW
DrawTextW
IsZoomed
FindWindowW
SetFocus
LoadIconW
SetWindowLongW
EndDialog
CreateWindowExW
GetDlgItemTextW

gdi32

SetTextColor
CreateFontIndirectW
SetBkMode
DeleteObject
GetObjectW
ExtFloodFill

advapi32

RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegEnumValueW

zlibwapi

unzReadCurrentFile
unzOpen
unzCloseCurrentFile
unzGetGlobalInfo
unzClose
unzOpenCurrentFile
unzGetCurrentFileInfo
unzGoToNextFile

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SkinScanSKS.dll
.dll regsvr32 windows:5 windows x86 arch:x86

7e64d514a54cb97dd5206e77586fc109

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
InitializeCriticalSection
GetShortPathNameW
EnterCriticalSection
lstrlenA
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetThreadLocale
SetThreadLocale
LeaveCriticalSection
RaiseException
lstrcmpiW
GetModuleHandleW
GetProcAddress
lstrlenW
FreeLibrary
lstrcmpiA
DeleteCriticalSection
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapAlloc
HeapFree
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
HeapDestroy
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
HeapSize
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings

user32

CharNextW

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
StringFromGUID2

oleaut32

VarUI4FromStr
SysAllocString
SysFreeString
RegisterTypeLi
SysStringLen
LoadTypeLi
UnRegisterTypeLi

zlibwapi

unzCloseCurrentFile
unzOpenCurrentFile
unzGetCurrentFileInfo
unzGoToNextFile
unzGetGlobalInfo
unzClose
unzOpen
unzReadCurrentFile

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Templates/Audio Collection/audio.ico
Templates/Audio Collection/audio.tpl
.html .js polyglot
Templates/Audio Collection/audioCollection.xml
Templates/Audio Collection/audioEven.tpl
Templates/Audio Collection/audioOdd.tpl
Templates/Audio Collection/bar_off.gif
.gif
Templates/Audio Collection/bar_on.gif
.gif
Templates/Basic Collection/basic.tpl
.html
Templates/Basic Collection/basicCollection.xml
.xml
Templates/Basic Collection/basicRow.tpl
Templates/General Purple Collection/GeneralPurpleCollection.tpl
.html .js polyglot
Templates/General Purple Collection/GeneralPurpleCollection.xml
Templates/General Purple Collection/GeneralPurpleCollectionRow.tpl
Templates/General Purple Collection/bar_off.gif
.gif
Templates/General Purple Collection/bar_on.gif
.gif
Templates/General Purple Collection/icon.gif
.gif
Templates/Video Collection/EvenFile.tpl
Templates/Video Collection/OddFile.tpl
Templates/Video Collection/VideoCollection.tpl
.html .js polyglot
Templates/Video Collection/VideoCollection.xml
Templates/Video Collection/images/Screenshot_Part.png
.png
Templates/Video Collection/images/Top.png
.png
Templates/Video Collection/images/bar_off.gif
.gif
Templates/Video Collection/images/bar_on.gif
.gif
Templates/Video Collection/images/bg.png
.png
Templates/Video Collection/images/res.gif
.gif
Templates/Video Collection/images/top-tile.jpg
.jpg
Templates/Video Collection/video.ico
TorrentWizard.exe
.exe windows:5 windows x86 arch:x86

3b5264952705f2f1420c184e16196880

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

hashlib

?GetHash@CMD5@@QBEXPAE@Z
?GetRoot@CED2K@@QBEXPAE@Z
?GetHash@CSHA@@QBEXPAE@Z
?Add@CMD5@@QAEXPBXI@Z
?AddToFile@CED2K@@QAEXPBXK@Z
?Finish@CMD5@@QAEXXZ
?FinishFile@CED2K@@QAEHXZ
?Reset@CMD5@@QAEXXZ
?BeginFile@CED2K@@QAEX_K@Z
?Reset@CSHA@@QAEXXZ
??1CMD5@@QAE@XZ
??0CMD5@@QAE@XZ
??1CED2K@@QAE@XZ
??0CED2K@@QAE@XZ
?Finish@CSHA@@QAEXXZ
?Add@CSHA@@QAEXPBXI@Z
??1CSHA@@QAE@XZ
??0CSHA@@QAE@XZ

kernel32

TlsSetValue
LocalReAlloc
TlsFree
lstrlenA
GlobalFlags
FindResourceExW
SetErrorMode
GetStartupInfoW
HeapFree
HeapReAlloc
HeapAlloc
GetSystemTimeAsFileTime
RtlUnwind
ExitProcess
ExitThread
CreateThread
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
VirtualAlloc
GetCPInfo
GetACP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetLocaleInfoA
GetCurrentDirectoryA
GetDriveTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
SizeofResource
LockResource
LoadResource
FindResourceW
GetOEMCP
WideCharToMultiByte
GetVersionExW
GlobalAlloc
GlobalLock
GlobalUnlock
GetFileAttributesW
CreateDirectoryW
DeleteFileW
CreateFileW
GetFileSize
CloseHandle
FindFirstFileW
FindNextFileW
FindClose
GetStringTypeW
GetLastError
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetExitCodeThread
Sleep
TerminateThread
SetThreadPriority
ReadFile
lstrlenW
WriteFile
GetModuleFileNameW
GetTickCount
LocalAlloc
LocalFree
GetProcAddress
FreeLibrary
InterlockedExchange
LoadLibraryA
TlsAlloc
RaiseException
MulDiv
FormatMessageW
GlobalFree
SetLastError
GetModuleHandleA
GetModuleHandleW
lstrcmpW
CompareStringA
LoadLibraryExW
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
VirtualProtect
LoadLibraryW
GetCurrentProcessId
GetVersionExA
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
FreeResource
InterlockedDecrement
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
FileTimeToSystemTime
FileTimeToLocalFileTime
SetFilePointer
FlushFileBuffers
GetCurrentProcess
GetFullPathNameW
ResumeThread
WaitForSingleObject
SetEvent
SuspendThread
CreateEventW
InterlockedIncrement
TlsGetValue
GlobalReAlloc
GlobalHandle
MultiByteToWideChar

user32

DispatchMessageW
GetForegroundWindow
IsWindow
GetClassLongW
CallNextHookEx
SetWindowsHookExW
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
RegisterWindowMessageW
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
GetDesktopWindow
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
IsDialogMessageW
SetWindowTextW
MoveWindow
ValidateRect
GetCursorPos
TranslateMessage
GetMessageW
SetCursor
GetSysColorBrush
LoadCursorW
DestroyMenu
UnregisterClassW
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxW
SetPropW
GetCapture
GetActiveWindow
SetActiveWindow
MapDialogRect
SetWindowPos
ShowWindow
GetPropW
RemovePropW
GetAsyncKeyState
GetFocus
SetFocus
GetDlgItem
IsWindowEnabled
PostQuitMessage
GetSysColor
EndPaint
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetParent
GetClassNameW
GetWindow
SetWindowLongW
GetWindowLongW
OffsetRect
GetWindowRect
LoadIconW
LoadBitmapW
CharLowerBuffW
UpdateWindow
GetSystemMetrics
GetClientRect
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
KillTimer
PostMessageW
SetTimer
SendMessageW
EnableWindow
BeginPaint

gdi32

SetTextColor
SetMapMode
GetClipBox
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
CreateSolidBrush
BitBlt
CreateCompatibleDC
GetObjectW
EnumFontFamiliesExW
GetStockObject
CreateBitmap
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
DeleteObject
CreateFontW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyW
RegEnumKeyW
RegQueryValueW
RegCloseKey

Sections

.text
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UpdateApp.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Work\UpdateApp\UpdateApp\obj\Release\UpdateApp.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 219KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VirusTotal.dll
.dll regsvr32 windows:5 windows x86 arch:x86

72689afc7a839b4c650817c72431ab75

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindResourceW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
LockResource
LoadResource
GetThreadLocale
SetThreadLocale
EnterCriticalSection
LeaveCriticalSection
GetProcAddress
SizeofResource
MultiByteToWideChar
GetLastError
RaiseException
lstrcmpiW
lstrlenW
FreeLibrary
FindResourceExW
DeleteCriticalSection
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
VirtualAlloc
HeapCreate
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount

user32

LoadIconW
CharNextW

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW

shell32

ShellExecuteW

ole32

CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2
CoTaskMemFree
CoCreateInstance

oleaut32

UnRegisterTypeLi
LoadTypeLi
RegisterTypeLi
SysStringLen
VariantInit
SysFreeString
SysAllocString
VariantClear
VarUI4FromStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Vis/VisPluginSample.zip
.zip
Vis Sample Code/SoniqueVisualPlugin.dsp
Vis Sample Code/SoniqueVisualPlugin.dsw
Vis Sample Code/SoniqueVisualPlugin.opt
Vis Sample Code/SoniqueVisualPlugin.plg
Vis Sample Code/SoniqueVisualPlugin.sln
Vis Sample Code/SoniqueVisualPlugin.suo
Vis Sample Code/SoniqueVisualPlugin.vcproj
.xml
Vis Sample Code/vis.c
Vis Sample Code/vis.h
Vis Sample Code/vis.updated.h
YellowFillDemo.svp
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Exports

Exports

QueryModule

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Vis/license.txt
Vis/phase.svp
.dll windows:4 windows x86 arch:x86

8a4944c5d51a5ac58494fc1da9234c37

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeEnvironmentStringsA
QueryPerformanceFrequency
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
GetLastError
CloseHandle
WriteFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetProcAddress
GetModuleHandleA
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
HeapFree
RaiseException
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetModuleFileNameA
QueryPerformanceCounter
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
SetStdHandle
FlushFileBuffers
InterlockedDecrement
InterlockedIncrement
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

QueryModule

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Vis/pulse.svp
.dll windows:4 windows x86 arch:x86

f180c91d6e38f45e6b462ebd41624946

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapCreate
GetPrivateProfileStringA
VirtualFree
WriteFile
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
GetCommandLineA
GetVersion
GetProcAddress
GetModuleHandleA
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
WritePrivateProfileStringA
GetCPInfo
GetACP
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetOEMCP
LoadLibraryA
LCMapStringA
LCMapStringW
RaiseException
SetEnvironmentVariableA
CompareStringA
CompareStringW

winmm

timeGetTime

Exports

Exports

QueryModule

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WindowsThumbnail.exe
.exe windows:5 windows x86 arch:x86

0865ef9a41e1b7f786775e39ccc3598e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW
LoadLibraryExW
GetModuleFileNameW
InitializeCriticalSection
DeleteCriticalSection
LoadLibraryW
InterlockedIncrement
InterlockedDecrement
SetErrorMode
GetCurrentThreadId
SetEvent
GetCommandLineW
CloseHandle
LoadResource
Sleep
CreateEventW
CreateThread
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
SizeofResource
GetLastError
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
RaiseException
lstrcmpiW
GetModuleHandleW
GetProcAddress
lstrlenW
WaitForSingleObject
FreeLibrary
WideCharToMultiByte
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
HeapAlloc
HeapFree
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
HeapSize
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
FreeEnvironmentStringsW

user32

CharNextW
ReleaseDC
PostThreadMessageW
CharUpperW
GetMessageW
TranslateMessage
DispatchMessageW
GetDC

gdi32

GetObjectW
GetDIBits

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitializeEx
CoUninitialize
StringFromGUID2
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemRealloc
CoSuspendClassObjects
CoResumeClassObjects

oleaut32

UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
RegisterTypeLi
SysFreeString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
VarUI4FromStr
SafeArrayDestroy

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ZIPBuilder.dll
.dll regsvr32 windows:5 windows x86 arch:x86

7d209872283662af34ae1cc99ea0b08c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
InitializeCriticalSection
GetShortPathNameW
WideCharToMultiByte
EnterCriticalSection
InterlockedIncrement
LockResource
FindResourceExW
SetLastError
GetThreadLocale
SetThreadLocale
LeaveCriticalSection
RaiseException
lstrcmpiW
GetModuleHandleW
GetProcAddress
lstrlenW
FreeLibrary
InterlockedDecrement
DeleteCriticalSection
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
VirtualAlloc
HeapCreate
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA

user32

OemToCharA
wvsprintfW
CharNextW

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW

ole32

CoTaskMemFree
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc

oleaut32

VarUI4FromStr
SysFreeString
SysAllocStringLen
SysAllocString
RegisterTypeLi
SysStringLen
UnRegisterTypeLi
LoadTypeLi

zlibwapi

unzGoToNextFile
unzGetGlobalComment
unzGetGlobalInfo
unzClose
unzOpen
unzGetCurrentFileInfo

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bitShare.exe
.exe windows:5 windows x86 arch:x86

da260bf68780ac3152283f53757f1098

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\MIHAELA\PROIECTE\MyNetSharing\bitShare\vc9\Win32\Release\bitShare.pdb

Imports

hashlib

?ToBytes@CTigerTree@@QAEHPAPAEPAKK@Z
?ToBytesLevel1@CTigerTree@@QAEHPAPAEPAK@Z
?FinishFile@CED2K@@QAEHXZ
?FinishFile@CTigerTree@@QAEHXZ
?AddToFile@CED2K@@QAEXPBXK@Z
?AddToFile@CTigerTree@@QAEXPBXK@Z
?BeginFile@CED2K@@QAEX_K@Z
?BeginFile@CTigerTree@@QAEXK_K@Z
?Save@CED2K@@QBEXPAE@Z
?GetSize@CED2K@@QBEKXZ
?Load@CED2K@@QAEXPBE@Z
?GetSerialSize@CED2K@@QBEKXZ
?SetSize@CED2K@@QAEXK@Z
?Save@CTigerTree@@QBEXPAE@Z
?Load@CTigerTree@@QAEXPBE@Z
?GetSerialSize@CTigerTree@@QBEKXZ
?SetHeight@CTigerTree@@QAEXK@Z
?ToBytes@CED2K@@QAEHPAPAEPAK@Z
?GetRawPtr@CED2K@@QBEPBXXZ
?SetupParameters@CTigerTree@@QAEX_K@Z
?FinishBlockTest@CED2K@@QAEHK@Z
?FinishBlockTest@CTigerTree@@QAEHK@Z
?AddToTest@CED2K@@QAEXPBXK@Z
?AddToTest@CTigerTree@@QAEXPBXK@Z
?BeginBlockTest@CED2K@@QAEXXZ
?BeginBlockTest@CTigerTree@@QAEXXZ
?GetBlockCount@CED2K@@QBEKXZ
?Clear@CED2K@@QAEXXZ
?GetRoot@CED2K@@QBEXPAE@Z
?FromBytes@CED2K@@QAEHPAEK_K@Z
?FromRoot@CED2K@@QAEXPBE@Z
?IsAvailable@CED2K@@QBEHXZ
?GetHeight@CTigerTree@@QBEKXZ
?GetBlockCount@CTigerTree@@QBEKXZ
?GetBlockLength@CTigerTree@@QBEKXZ
?Clear@CTigerTree@@QAEXXZ
?GetRoot@CTigerTree@@QBEHPAE@Z
?FromBytes@CTigerTree@@QAEHPBEKK_K@Z
?FromBytesLevel1@CTigerTree@@QAEHPBEK_K@Z
?IsAvailable@CTigerTree@@QBEHXZ
??1CED2K@@QAE@XZ
??0CED2K@@QAE@XZ
??1CTigerTree@@QAE@XZ
??0CTigerTree@@QAE@XZ
?GetHash@CMD5@@QBEXPAE@Z
?Finish@CMD5@@QAEXXZ
?Add@CMD5@@QAEXPBXI@Z
??1CMD5@@QAE@XZ
??0CMD5@@QAE@XZ
?Reset@CSHA@@QAEXXZ
?GetHash@CSHA@@QBEXPAE@Z
?Finish@CSHA@@QAEXXZ
?Add@CSHA@@QAEXPBXI@Z
??1CSHA@@QAE@XZ
??0CSHA@@QAE@XZ

bugtrap

BT_CallCppFilter
_BT_InstallSehFilter@0
_BT_AddRegFile@8
_BT_SetSupportURL@4
_BT_SetSupportEMail@4
_BT_SetDumpType@4
_BT_SetExitMode@4
_BT_SetFlags@4
_BT_SetAppName@4
_BT_SetAppVersion@4

sqlite3

sqlite3_close
sqlite3_prepare16_v2
sqlite3_busy_timeout
sqlite3_step
sqlite3_reset
sqlite3_data_count
sqlite3_column_name16
sqlite3_open16
sqlite3_enable_shared_cache
sqlite3_finalize
sqlite3_bind_blob
sqlite3_bind_text16
sqlite3_bind_int64
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_int64

regexp

?Match@RegExp@@YAHPB_W0@Z
?Split@RegExp@@YAIPB_W0PAPA_W@Z

bzlib

BZ2_bzBuffToBuffDecompress
BZ2_bzBuffToBuffCompress

zlibwapi

inflateInit2_
inflate
inflateEnd
inflateInit_
deflateEnd
deflateInit_
deflate
compressBound
compress2
compress
uncompress

kernel32

lstrcpyW
lstrcmpiW
GlobalSize
lstrcmpiA
ResumeThread
TerminateThread
GetFileTime
FindCloseChangeNotification
FindNextChangeNotification
FindFirstChangeNotificationW
WritePrivateProfileStringW
GetStringTypeExW
GetFileSizeEx
GetComputerNameW
ResetEvent
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
GetDateFormatW
GetTimeFormatW
GetLocalTime
RemoveDirectoryW
GetLongPathNameW
GetCurrentProcessId
LoadLibraryA
RaiseException
lstrcmpA
GetPrivateProfileIntW
GetVersionExA
lstrcmpW
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetModuleHandleA
ReleaseMutex
CreateEventW
WaitForMultipleObjects
GetThreadLocale
LockFile
UnlockFile
DuplicateHandle
GetVolumeInformationW
SuspendThread
FileTimeToLocalFileTime
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
CompareStringA
EnumResourceLanguagesW
ConvertDefaultLocale
GlobalGetAtomNameW
VirtualProtect
GlobalFlags
SetErrorMode
GetCurrentDirectoryW
GetSystemDirectoryW
FindResourceExW
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
RtlUnwind
SetStdHandle
GetFileType
ExitThread
CreateThread
ExitProcess
HeapSize
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
GetCPInfo
GetACP
IsValidCodePage
LCMapStringW
GetTimeFormatA
GetDateFormatA
LCMapStringA
GetStringTypeA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCurrentDirectoryA
GetDriveTypeA
CreateFileA
SetEnvironmentVariableA
CreateDirectoryW
GetWindowsDirectoryW
FileTimeToSystemTime
LoadLibraryExW
GetSystemInfo
GetModuleFileNameW
GetPrivateProfileStringW
CreateMutexW
DeleteFileW
GetFullPathNameW
GetCurrentProcess
HeapAlloc
GetProcessHeap
HeapFree
GlobalUnlock
GlobalLock
GlobalAlloc
FoldStringW
GetStringTypeW
SetThreadExecutionState
GlobalMemoryStatusEx
LocalAlloc
GetLocaleInfoW
IsValidLocale
FreeLibrary
GetSystemDefaultLangID
GetUserDefaultLangID
VirtualFree
GetCurrentThread
VirtualAlloc
QueryPerformanceCounter
QueryPerformanceFrequency
SetThreadPriority
InterlockedCompareExchange
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
FreeResource
MoveFileWithProgressW
SetEndOfFile
SetFilePointerEx
FlushFileBuffers
InterlockedExchange
MulDiv
GetShortPathNameW
CopyFileW
GetExitCodeThread
SetFileAttributesW
WriteFile
ReadFile
SetFilePointer
GetFileSize
CreateFileW
CloseHandle
SystemTimeToFileTime
GetSystemTime
GetSystemTimeAsFileTime
CompareFileTime
FindClose
FindNextFileW
FindFirstFileW
GetDiskFreeSpaceExW
MoveFileW
MoveFileExW
GetFileAttributesW
GetCurrentThreadId
GetVersionExW
GetProcAddress
GetModuleHandleW
LoadLibraryW
SetLastError
LocalFree
FormatMessageW
SwitchToThread
lstrlenA
GetFileAttributesExW
GetLastError
InterlockedDecrement
InterlockedIncrement
Sleep
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
SetEvent
WideCharToMultiByte
GetOEMCP
MultiByteToWideChar
GlobalFree
lstrlenW
FindResourceW
LoadResource
LockResource
SizeofResource
GetTickCount
CopyFileExW

user32

LockWindowUpdate
SetClassLongW
SetActiveWindow
DrawFrameControl
DrawTextW
GetMenuState
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
LoadMenuW
GetWindowPlacement
SystemParametersInfoA
GetMenu
DefWindowProcW
GetDlgCtrlID
SetWindowPlacement
SetScrollInfo
GetScrollInfo
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
MessageBoxW
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
GetDlgItem
GetLastActivePopup
GetWindowTextW
GetWindowTextLengthW
SetFocus
GetClassLongW
GetCapture
IsChild
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
RegisterWindowMessageW
IsDlgButtonChecked
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
ScrollWindowEx
FillRect
TabbedTextOutW
DrawTextExW
GrayStringW
GetWindowDC
BeginPaint
EndPaint
GetActiveWindow
GetMessageW
MapDialogRect
SetWindowContextHelpId
GetDialogBaseUnits
GetNextDlgGroupItem
GetNextDlgTabItem
MessageBeep
EndDialog
CreateDialogIndirectParamW
PostQuitMessage
ShowOwnedPopups
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
InsertMenuItemW
LoadAcceleratorsW
ReuseDDElParam
UnpackDDElParam
CopyAcceleratorTableW
InvalidateRgn
CharNextW
DeleteMenu
GetSysColorBrush
UnregisterClassW
PostThreadMessageW
GetDCEx
TranslateMDISysAccel
TranslateAcceleratorW
ValidateRect
GetAncestor
FlashWindowEx
DestroyWindow
AnimateWindow
CheckMenuItem
GetClipboardData
EnableMenuItem
ChildWindowFromPointEx
GetKeyState
MoveWindow
FindWindowExW
IsRectEmpty
ClientToScreen
SetLayeredWindowAttributes
MonitorFromPoint
WindowFromPoint
IsMenu
GetFocus
TrackPopupMenuEx
RedrawWindow
ClipCursor
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetParent
ChildWindowFromPoint
CharLowerBuffW
UnionRect
GetSystemMenu
SetWindowRgn
SetWindowPos
IsIconic
MonitorFromWindow
IsZoomed
SetRectEmpty
SetRect
SetMenuDefaultItem
DestroyMenu
CreateMenu
AttachThreadInput
RegisterClipboardFormatW
EqualRect
GetMonitorInfoW
MonitorFromRect
GetWindowThreadProcessId
DispatchMessageW
TranslateMessage
PeekMessageW
GetDesktopWindow
CreateIconIndirect
GetIconInfo
LoadIconW
PrivateExtractIconsW
ShowWindow
FindWindowW
GetWindow
ExitWindowsEx
SendMessageTimeoutW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ReleaseCapture
SetTimer
SetCapture
GetParent
KillTimer
SystemParametersInfoW
DrawIconEx
InvertRect
LoadBitmapW
LoadCursorW
SetCursor
ScreenToClient
GetSystemMetrics
InvalidateRect
IntersectRect
CharUpperW
GetAsyncKeyState
UpdateWindow
IsWindow
BringWindowToTop
DdeUnaccessData
DdeAccessData
DdeQueryStringW
DdeUninitialize
DdeFreeStringHandle
DdeNameService
DdeCreateStringHandleW
DdeInitializeW
GetClientRect
IsWindowVisible
AdjustWindowRectEx
CallNextHookEx
RemovePropW
SetWindowLongW
SetPropW
GetWindowLongW
GetForegroundWindow
GetPropW
GetClassNameW
TrackPopupMenu
SetForegroundWindow
UnhookWindowsHookEx
SetWindowsHookExW
OffsetRect
WindowFromDC
ReleaseDC
GetDC
ModifyMenuW
AppendMenuW
GetMenuItemInfoW
GetSysColor
InflateRect
CopyRect
LoadImageW
DestroyIcon
CreatePopupMenu
InsertMenuW
RemoveMenu
GetMenuStringW
SetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetSubMenu
SendMessageW
PtInRect
GetWindowRect
GetCursorPos
PostMessageW
MsgWaitForMultipleObjects
EnableWindow
CallWindowProcW

gdi32

CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetViewportExtEx
PatBlt
SetRectRgn
GetMapMode
DPtoLP
CreateCompatibleDC
CreateCompatibleBitmap
SetLayout
GetObjectW
BitBlt
StretchBlt
CreateFontW
GetTextExtentPoint32W
DeleteDC
SetDIBits
SelectObject
GetDeviceCaps
CreatePen
SetPixel
Polyline
ExtTextOutW
GetDIBits
CreateDIBSection
GetStockObject
TranslateCharsetInfo
CreateEllipticRgn
SetStretchBltMode
CreateFontIndirectW
GetBkColor
CreateSolidBrush
GetCurrentObject
CreateBitmap
RemoveFontResourceExW
AddFontResourceExW
GetTextAlign
CreateRectRgnIndirect
GetTextColor
CreateEllipticRgnIndirect
CreateRoundRectRgn
CombineRgn
GetPixel
EnumFontFamiliesExW
GetRgnBox
ScaleViewportExtEx
RectVisible
SetBkMode
GetTextMetricsW
SetTextColor
SetBkColor
GetClipBox
SaveDC
RestoreDC
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
PtVisible
TextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
DeleteObject

advapi32

RegSetValueW
GetUserNameW
RegEnumKeyExW
RegCreateKeyW
RegCreateKeyExW
StartServiceW
CloseServiceHandle
QueryServiceStatusEx
OpenServiceW
OpenSCManagerW
RegEnumValueW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
CryptAcquireContextW
CryptReleaseContext
RegDeleteValueW
RegSetValueExW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
InitiateSystemShutdownExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
CryptGenRandom
RegEnumKeyW
RegQueryValueW
RegOpenKeyW

shell32

SHFileOperationW
SHGetPathFromIDListW
SHGetFileInfoW
ExtractIconExW
SHGetMalloc
SHChangeNotify
DragQueryFileW
Shell_NotifyIconW
ShellExecuteW
SHGetDesktopFolder
SHBrowseForFolderW
DragFinish
ExtractIconW

shlwapi

PathFindFileNameW
PathIsDirectoryW
PathFindExtensionW
PathCompactPathExW
AssocQueryStringW
SHRegOpenUSKeyW
SHRegEnumUSValueW
SHRegCloseUSKey
SHRegGetUSValueW
SHRegSetUSValueW
PathRemoveExtensionW
PathFileExistsW
SHDeleteValueW
PathIsSameRootW
StrStrIW
StrChrW
PathMakeSystemFolderW
PathUnmakeSystemFolderW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 619KB - Virtual size: 618KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bzlib.dll
.dll windows:5 windows x86 arch:x86

064643785ff11a43d6c3c84e76877593

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
HeapAlloc
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
WriteFile
GetModuleFileNameA
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
RtlUnwind
MultiByteToWideChar
ReadFile
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
CloseHandle
LoadLibraryA
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetFilePointer
SetStdHandle
CreateFileA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
SetEndOfFile
GetProcessHeap
GetModuleHandleA

Exports

Exports

BZ2_bzBuffToBuffCompress
BZ2_bzBuffToBuffDecompress
BZ2_bzCompress
BZ2_bzCompressEnd
BZ2_bzCompressInit
BZ2_bzDecompress
BZ2_bzDecompressEnd
BZ2_bzDecompressInit
BZ2_bzRead
BZ2_bzReadClose
BZ2_bzReadGetUnused
BZ2_bzReadOpen
BZ2_bzWrite
BZ2_bzWriteClose
BZ2_bzWriteClose64
BZ2_bzWriteOpen
BZ2_bzclose
BZ2_bzdopen
BZ2_bzerror
BZ2_bzflush
BZ2_bzlibVersion
BZ2_bzopen
BZ2_bzread
BZ2_bzwrite

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dbghelp.dll
.dll windows:6 windows x86 arch:x86

3f5a00ef2a36f3cd8924690a5a1d6f3c

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22-08-2007 22:31

Not After

25-08-2012 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:27:81:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22-10-2008 21:24

Not After

22-01-2010 21:34

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16-09-2006 01:04

Not After

15-09-2019 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25-07-2008 19:01

Not After

25-07-2013 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

2c:60:39:ea:22:12:68:2c:86:88:cd:43:0f:e3:68:bf:49:78:c7:f3
Signer

Actual PE Digest

2c:60:39:ea:22:12:68:2c:86:88:cd:43:0f:e3:68:bf:49:78:c7:f3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dbghelp.pdb

Imports

msvcrt

_isatty
_write
_lseeki64
??3@YAXPAX@Z
_fileno
_read
__pioinfo
__badioinfo
ferror
wctomb
_snprintf
isleadbyte
mbtowc
_onexit
_lock
__dllonexit
_unlock
_ismbblead
_amsg_exit
_initterm
_XcptFilter
memmove
_iob
__mb_cur_max
strchr
_vsnwprintf
_errno
__CxxFrameHandler
iswspace
calloc
_itoa
_wcsdup
towlower
tolower
_wcslwr
time
_wctime
_ltoa
_wcsnicmp
_purecall
ctime
malloc
strncmp
isspace
_stricmp
_strlwr
free
wcsrchr
strstr
memcpy
_wcsicmp
qsort
wcschr
wcsstr
wcsncmp
iswxdigit
memset
??2@YAPAXI@Z
iswprint
atol
fclose
__unDName
iswdigit
_CxxThrowException
bsearch
_wfsopen
fread
fseek
wcstol
_wfullpath
_wgetenv
_get_osfhandle
_chsize
_close
_open_osfhandle
ftell
_memicmp
_mbscmp
??1type_info@@UAE@XZ
_wsopen

kernel32

HeapReAlloc
MapViewOfFileEx
GetCurrentDirectoryW
InitializeCriticalSectionAndSpinCount
GetFileType
DeviceIoControl
SetFileAttributesW
CreateFileMappingW
InterlockedIncrement
InterlockedDecrement
LocalFree
FormatMessageW
DelayLoadFailureHook
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetTickCount
QueryPerformanceCounter
RtlUnwind
InterlockedExchange
GetThreadSelectorEntry
CreateThread
TerminateThread
VirtualQueryEx
GetPriorityClass
GetThreadPriority
GetThreadTimes
GetThreadContext
ResumeThread
SuspendThread
GetCurrentThreadId
GetSystemTimeAsFileTime
Sleep
GetVersion
GetSystemInfo
LoadLibraryExA
InterlockedCompareExchange
ReadProcessMemory
GetProcessHeap
GetFileAttributesA
SetErrorMode
WriteFile
OutputDebugStringA
VirtualFree
OpenProcess
GetCurrentProcessId
GetModuleHandleA
CreateFileMappingA
MapViewOfFile
DuplicateHandle
VirtualAlloc
VirtualProtect
CreateDirectoryA
UnmapViewOfFile
GetCurrentProcess
SetFilePointer
IsDBCSLeadByte
HeapFree
HeapAlloc
GetVersionExA
InitializeCriticalSection
HeapCreate
HeapDestroy
FindClose
LocalAlloc
SetLastError
LeaveCriticalSection
EnterCriticalSection
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetLastError
TlsSetValue
TlsGetValue
FreeLibrary
LoadLibraryA
TlsAlloc
TlsFree
DeleteCriticalSection
FlushViewOfFile

Exports

Exports

DbgHelpCreateUserDump
DbgHelpCreateUserDumpW
EnumDirTree
EnumDirTreeW
EnumerateLoadedModules
EnumerateLoadedModules64
EnumerateLoadedModulesEx
EnumerateLoadedModulesExW
EnumerateLoadedModulesW64
ExtensionApiVersion
FindDebugInfoFile
FindDebugInfoFileEx
FindDebugInfoFileExW
FindExecutableImage
FindExecutableImageEx
FindExecutableImageExW
FindFileInPath
FindFileInSearchPath
GetTimestampForLoadedLibrary
ImageDirectoryEntryToData
ImageDirectoryEntryToDataEx
ImageNtHeader
ImageRvaToSection
ImageRvaToVa
ImagehlpApiVersion
ImagehlpApiVersionEx
MakeSureDirectoryPathExists
MapDebugInformation
MiniDumpReadDumpStream
MiniDumpWriteDump
SearchTreeForFile
SearchTreeForFileW
StackWalk
StackWalk64
SymAddSourceStream
SymAddSourceStreamA
SymAddSourceStreamW
SymAddSymbol
SymAddSymbolW
SymCleanup
SymDeleteSymbol
SymDeleteSymbolW
SymEnumLines
SymEnumLinesW
SymEnumProcesses
SymEnumSourceFileTokens
SymEnumSourceFiles
SymEnumSourceFilesW
SymEnumSourceLines
SymEnumSourceLinesW
SymEnumSym
SymEnumSymbols
SymEnumSymbolsForAddr
SymEnumSymbolsForAddrW
SymEnumSymbolsW
SymEnumTypes
SymEnumTypesByName
SymEnumTypesByNameW
SymEnumTypesW
SymEnumerateModules
SymEnumerateModules64
SymEnumerateModulesW64
SymEnumerateSymbols
SymEnumerateSymbols64
SymEnumerateSymbolsW
SymEnumerateSymbolsW64
SymFindDebugInfoFile
SymFindDebugInfoFileW
SymFindExecutableImage
SymFindExecutableImageW
SymFindFileInPath
SymFindFileInPathW
SymFromAddr
SymFromAddrW
SymFromIndex
SymFromIndexW
SymFromName
SymFromNameW
SymFromToken
SymFromTokenW
SymFunctionTableAccess
SymFunctionTableAccess64
SymGetFileLineOffsets64
SymGetHomeDirectory
SymGetHomeDirectoryW
SymGetLineFromAddr
SymGetLineFromAddr64
SymGetLineFromAddrW64
SymGetLineFromName
SymGetLineFromName64
SymGetLineFromNameW64
SymGetLineNext
SymGetLineNext64
SymGetLineNextW64
SymGetLinePrev
SymGetLinePrev64
SymGetLinePrevW64
SymGetModuleBase
SymGetModuleBase64
SymGetModuleInfo
SymGetModuleInfo64
SymGetModuleInfoW
SymGetModuleInfoW64
SymGetOmapBlockBase
SymGetOmaps
SymGetOptions
SymGetScope
SymGetScopeW
SymGetSearchPath
SymGetSearchPathW
SymGetSourceFile
SymGetSourceFileFromToken
SymGetSourceFileFromTokenW
SymGetSourceFileToken
SymGetSourceFileTokenW
SymGetSourceFileW
SymGetSourceVarFromToken
SymGetSourceVarFromTokenW
SymGetSymFromAddr
SymGetSymFromAddr64
SymGetSymFromName
SymGetSymFromName64
SymGetSymNext
SymGetSymNext64
SymGetSymPrev
SymGetSymPrev64
SymGetSymbolFile
SymGetSymbolFileW
SymGetTypeFromName
SymGetTypeFromNameW
SymGetTypeInfo
SymGetTypeInfoEx
SymGetUnwindInfo
SymInitialize
SymInitializeW
SymLoadModule
SymLoadModule64
SymLoadModuleEx
SymLoadModuleExW
SymMatchFileName
SymMatchFileNameW
SymMatchString
SymMatchStringA
SymMatchStringW
SymNext
SymNextW
SymPrev
SymPrevW
SymRefreshModuleList
SymRegisterCallback
SymRegisterCallback64
SymRegisterCallbackW64
SymRegisterFunctionEntryCallback
SymRegisterFunctionEntryCallback64
SymSearch
SymSearchW
SymSetContext
SymSetHomeDirectory
SymSetHomeDirectoryW
SymSetOptions
SymSetParentWindow
SymSetScopeFromAddr
SymSetScopeFromIndex
SymSetSearchPath
SymSetSearchPathW
SymSrvDeltaName
SymSrvDeltaNameW
SymSrvGetFileIndexInfo
SymSrvGetFileIndexInfoW
SymSrvGetFileIndexString
SymSrvGetFileIndexStringW
SymSrvGetFileIndexes
SymSrvGetFileIndexesW
SymSrvGetSupplement
SymSrvGetSupplementW
SymSrvIsStore
SymSrvIsStoreW
SymSrvStoreFile
SymSrvStoreFileW
SymSrvStoreSupplement
SymSrvStoreSupplementW
SymUnDName
SymUnDName64
SymUnloadModule
SymUnloadModule64
UnDecorateSymbolName
UnDecorateSymbolNameW
UnmapDebugInformation
WinDbgExtensionDllInit
block
chksym
dbghelp
dh
fptr
homedir
itoldyouso
lmi
lminfo
omap
srcfiles
stack_force_ebp
stackdbg
sym
symsrv
vc7fpo

Sections

.text
Size: 979KB - Virtual size: 979KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libgfl340.dll
.dll windows:4 windows x86 arch:x86

e7c59fb74e7851c4b99a042c5673cb1a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RaiseException
GetProcAddress
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
CloseHandle
ReadFile
WriteFile
SetFilePointer
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
FlushFileBuffers
CreateFileA
SetStdHandle
CreateFileW
GetACP
GetOEMCP
LoadLibraryA
LCMapStringA
RtlUnwind
SetEndOfFile
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
DeleteCriticalSection
InitializeCriticalSection
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
WaitForSingleObject
CreateMutexW
ReleaseMutex
GetFileSize
GetVersionExW
MoveFileW
GetTempFileNameW
GetTempPathW
FindClose
FindNextFileA
FindFirstFileA
LoadLibraryExA
FreeLibrary
LocalFree
LocalUnlock
LocalLock
GetModuleHandleW
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
EnumResourceNamesW
LoadLibraryExW
SizeofResource
LockResource
LoadResource
FindResourceW
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
GetModuleHandleA
GetVersion
GetCommandLineA
GetCurrentProcess
TerminateProcess
ExitProcess
DeleteFileW
GetLastError
LeaveCriticalSection
EnterCriticalSection
GetLocalTime
GetSystemTime
GetTimeZoneInformation
InterlockedIncrement
InterlockedDecrement
HeapReAlloc
HeapAlloc
HeapFree
MultiByteToWideChar
LCMapStringW
WideCharToMultiByte

user32

CreateIconFromResourceEx
CreateIconFromResource
GetIconInfo
DrawIconEx
DestroyIcon
wsprintfW
FillRect
GetDC
ReleaseDC

gdi32

DeleteEnhMetaFile
SelectObject
PlayEnhMetaFile
DeleteDC
GetObjectW
GetStockObject
CreateCompatibleDC
RealizePalette
GetDIBits
CreateSolidBrush
CloseEnhMetaFile
SetDIBitsToDevice
CreateEnhMetaFileW
CreateDCW
CreatePalette
GetSystemPaletteEntries
SelectPalette
GetEnhMetaFileW
DeleteObject
CreateCompatibleBitmap
GetEnhMetaFileHeader
SetWinMetaFileBits
GetDeviceCaps

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyA

shell32

ExtractIconExW

Exports

Exports

EXIFGetDPI
EXIFGetOrientation
EXIFRemoveThumbnail
EXIFSetOrientation
EXIFThumbGet
crc32
deflate
deflateEnd
deflateInit_
deflateReset
gffAllock
gffAllockEx
gffCleanAndSetBitAtBuffer
gffCopy
gffCopyExtendedData
gffFileRename
gffFree
gffGetBitAtBuffer
gffGetClippingRect
gffGetTemporaryFilenameA
gffGetTemporaryFilenameW
gffResize
gflAllockBitmap
gflAllockBitmapEx
gflApplyLutFile
gflAutoCrop
gflAutoCrop2
gflBitblt
gflBitbltEx
gflBitmapCopyICCProfile
gflBitmapGetEXIF
gflBitmapGetEXIF2
gflBitmapGetEXIFValue
gflBitmapGetICCProfile
gflBitmapGetIPTC
gflBitmapGetIPTCValue
gflBitmapGetXMP
gflBitmapHasEXIF
gflBitmapHasICCProfile
gflBitmapHasIPTC
gflBitmapIsSupportedByIndex
gflBitmapIsSupportedByName
gflBitmapRemoveEXIFThumbnail
gflBitmapRemoveICCProfile
gflBitmapRemoveMetaData
gflBitmapSetComment
gflBitmapSetEXIF2
gflBitmapSetEXIFThumbnail
gflBitmapSetEXIFValueInt2
gflBitmapSetEXIFValueRational2
gflBitmapSetEXIFValueRationalArray2
gflBitmapSetEXIFValueString2
gflBitmapSetIPTC
gflBitmapSetName
gflBitmapTypeIsSupportedByIndex
gflBitmapTypeIsSupportedByName
gflChangeColorDepth
gflClearIPTCKeywords
gflCloneBitmap
gflCombineAlpha
gflCompressionIsSupportedByIndex
gflCompressionIsSupportedByName
gflCrop
gflEnableLZW
gflFileAddPicture
gflFileClose
gflFileCreate
gflFileCreateW
gflFlipHorizontal
gflFlipVertical
gflFormatIsReadableByIndex
gflFormatIsReadableByName
gflFormatIsSupported
gflFormatIsWritableByIndex
gflFormatIsWritableByName
gflFreeBitmap
gflFreeBitmapData
gflFreeEXIF
gflFreeEXIF2
gflFreeFileInformation
gflFreeIPTC
gflGetBuildData
gflGetColorArray
gflGetColorAt
gflGetColorAtEx
gflGetDefaultFormatSuffixByIndex
gflGetDefaultFormatSuffixByName
gflGetDefaultLoadParams
gflGetDefaultSaveParams
gflGetDefaultThumbnailParams
gflGetEXIFDPI
gflGetErrorString
gflGetExtraInfos
gflGetExtraInfosCount
gflGetFileInformation
gflGetFileInformationEx
gflGetFileInformationFromHandle
gflGetFileInformationFromMemory
gflGetFileInformationW
gflGetFormatDescriptionByIndex
gflGetFormatDescriptionByName
gflGetFormatIndexByName
gflGetFormatInformationByIndex
gflGetFormatInformationByName
gflGetFormatNameByIndex
gflGetLabelForColorModel
gflGetNumberOfFormat
gflGetVersion
gflGetVersionOfLibformat
gflIsCompatibleLutFile
gflIsLutFile
gflJPEGGetComment
gflJPEGGetCommentW
gflJPEGSetComment
gflJPEGSetCommentW
gflLibraryExit
gflLibraryInit
gflLibraryInitEx
gflLoadBitmap
gflLoadBitmapBegin
gflLoadBitmapEnd
gflLoadBitmapFromHandle
gflLoadBitmapFromMemory
gflLoadBitmapReadLine
gflLoadBitmapW
gflLoadEXIF
gflLoadEXIFW
gflLoadIPTC
gflLoadIPTCW
gflLoadThumbnail
gflLoadThumbnailFromHandle
gflLoadThumbnailFromMemory
gflLoadThumbnailW
gflMemoryAlloc
gflMemoryFree
gflMemoryRealloc
gflMerge
gflNewIPTC
gflPNGGetComment
gflPNGGetCommentW
gflPNGSetComment
gflPNGSetCommentW
gflRemoveIPTCValue
gflReplaceColor
gflResize
gflResizeCanvas
gflRotate
gflRotateFine
gflSaveBitmap
gflSaveBitmapBegin
gflSaveBitmapEnd
gflSaveBitmapIntoHandle
gflSaveBitmapIntoMemory
gflSaveBitmapW
gflSaveBitmapWriteLine
gflSaveIPTC
gflSaveIPTCW
gflSaveParamsIsSupportedByIndex
gflSaveParamsIsSupportedByName
gflScaleToGrey
gflSetColorAt
gflSetColorAtEx
gflSetIPTCValue
gflSetPluginsPathname
gflSetPluginsPathnameW
gflSetTransparentColor
inflate
inflateEnd
inflateInit_
inflateSync

Sections

.text
Size: 856KB - Virtual size: 852KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sqlite3.dll
.dll windows:5 windows x86 arch:x86

4b9f7b87e7e6e5ae4595949eefa09937

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFullPathNameW
GetFullPathNameA
CreateFileA
GetFileSize
SetFilePointer
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
FreeLibrary
QueryPerformanceCounter
InterlockedCompareExchange
UnlockFile
LockFile
GetTickCount
UnlockFileEx
GetSystemTimeAsFileTime
FormatMessageA
WriteFile
InitializeCriticalSection
WideCharToMultiByte
LoadLibraryW
Sleep
FormatMessageW
GetVersionExW
LeaveCriticalSection
GetFileAttributesA
GetFileAttributesW
ReadFile
CreateFileW
MultiByteToWideChar
FlushFileBuffers
GetTempPathW
GetLastError
GetProcAddress
LockFileEx
EnterCriticalSection
GetDiskFreeSpaceW
LoadLibraryA
CreateFileMappingW
GetDiskFreeSpaceA
GetSystemInfo
GetFileAttributesExW
DeleteCriticalSection
CloseHandle
DeleteFileW
GetCurrentProcessId
GetTempPathA
LocalFree
GetSystemTime
AreFileApisANSI
DeleteFileA
HeapFree
HeapAlloc
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameA
GetTimeZoneInformation
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetModuleHandleA

Exports

Exports

sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_auto_extension
sqlite3_backup_finish
sqlite3_backup_init
sqlite3_backup_pagecount
sqlite3_backup_remaining
sqlite3_backup_step
sqlite3_bind_blob
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_value
sqlite3_bind_zeroblob
sqlite3_blob_bytes
sqlite3_blob_close
sqlite3_blob_open
sqlite3_blob_read
sqlite3_blob_reopen
sqlite3_blob_write
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_changes
sqlite3_clear_bindings
sqlite3_close
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_compileoption_get
sqlite3_compileoption_used
sqlite3_complete
sqlite3_complete16
sqlite3_config
sqlite3_context_db_handle
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_collation_v2
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_function_v2
sqlite3_create_module
sqlite3_create_module_v2
sqlite3_data_count
sqlite3_db_config
sqlite3_db_handle
sqlite3_db_mutex
sqlite3_db_status
sqlite3_declare_vtab
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_exec
sqlite3_expired
sqlite3_extended_errcode
sqlite3_extended_result_codes
sqlite3_file_control
sqlite3_finalize
sqlite3_free
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_initialize
sqlite3_interrupt
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_limit
sqlite3_load_extension
sqlite3_log
sqlite3_malloc
sqlite3_memory_alarm
sqlite3_memory_highwater
sqlite3_memory_used
sqlite3_mprintf
sqlite3_mutex_alloc
sqlite3_mutex_enter
sqlite3_mutex_free
sqlite3_mutex_leave
sqlite3_mutex_try
sqlite3_next_stmt
sqlite3_open
sqlite3_open16
sqlite3_open_v2
sqlite3_os_end
sqlite3_os_init
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare_v2
sqlite3_profile
sqlite3_progress_handler
sqlite3_randomness
sqlite3_realloc
sqlite3_release_memory
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_error_code
sqlite3_result_error_nomem
sqlite3_result_error_toobig
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_value
sqlite3_result_zeroblob
sqlite3_rollback_hook
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_shutdown
sqlite3_sleep
sqlite3_snprintf
sqlite3_soft_heap_limit
sqlite3_soft_heap_limit64
sqlite3_sourceid
sqlite3_sql
sqlite3_status
sqlite3_step
sqlite3_stmt_readonly
sqlite3_stmt_status
sqlite3_strnicmp
sqlite3_temp_directory
sqlite3_test_control
sqlite3_thread_cleanup
sqlite3_threadsafe
sqlite3_total_changes
sqlite3_trace
sqlite3_transfer_bindings
sqlite3_update_hook
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_numeric_type
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_version
sqlite3_vfs_find
sqlite3_vfs_register
sqlite3_vfs_unregister
sqlite3_vmprintf
sqlite3_wal_autocheckpoint
sqlite3_wal_checkpoint
sqlite3_wal_hook
sqlite3_win32_mbcs_to_utf8

Sections

.text
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninstall.exe.nsis
unrar.dll
.dll windows:5 windows x86 arch:x86

a75fae54c1e1f631cb497bdbcbb7aa68

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\rar\build\unrardll32\Release\unrar.pdb

Imports

kernel32

GetFileType
CreateFileA
CreateFileW
ReadFile
GetStdHandle
WriteFile
GetProcAddress
GetModuleHandleW
GetFileAttributesA
GetFileAttributesW
SetFileAttributesA
SetFileAttributesW
DeleteFileA
DeleteFileW
DeviceIoControl
CreateDirectoryA
CreateDirectoryW
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
GetVersionExW
GetModuleFileNameA
CompareStringA
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemTime
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetEndOfFile
SetFilePointer
FlushFileBuffers
MoveFileW
SetFileTime
GetCurrentProcess
GetLastError
Sleep
CloseHandle
GetFullPathNameA
GetLocaleInfoA
GetStringTypeW
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
RaiseException
GetModuleHandleA
ExitProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapCreate
HeapDestroy
GetACP
GetOEMCP
IsValidCodePage
HeapSize
LoadLibraryA
GetVersion
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetStringTypeA
WriteConsoleW

user32

CharLowerW
CharLowerA
CharToOemA
CharUpperW
CharToOemBuffW
OemToCharA
OemToCharBuffA
CharUpperA

advapi32

SetFileSecurityW
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges

Exports

Exports

RARCloseArchive
RARGetDllVersion
RAROpenArchive
RAROpenArchiveEx
RARProcessFile
RARProcessFileW
RARReadHeader
RARReadHeaderEx
RARSetCallback
RARSetChangeVolProc
RARSetPassword
RARSetProcessDataProc

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zlibwapi.dll
.dll windows:5 windows x86 arch:x86

367162a21fd13e6a0611c558949d0e72

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
SetFilePointer
WriteFile
ReadFile
GetLastError
CloseHandle
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
RtlUnwind
MultiByteToWideChar
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
LoadLibraryA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
SetEndOfFile
GetProcessHeap

Exports

Exports

adler32
adler32_combine
compress
compress2
compressBound
crc32
crc32_combine
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePrime
deflateReset
deflateSetDictionary
deflateSetHeader
deflateTune
fill_win32_filefunc
get_crc_table
gzbuffer
gzclearerr
gzclose
gzclose_r
gzclose_w
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgets
gzoffset
gzopen
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzsetparams
gztell
gzungetc
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCopy
inflateEnd
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
uncompress
unzClose
unzCloseCurrentFile
unzGetCurrentFileInfo
unzGetFilePos
unzGetGlobalComment
unzGetGlobalInfo
unzGetLocalExtrafield
unzGoToFilePos
unzGoToFirstFile
unzGoToNextFile
unzLocateFile
unzOpen
unzOpen2
unzOpenCurrentFile
unzOpenCurrentFile2
unzOpenCurrentFile3
unzOpenCurrentFilePassword
unzReadCurrentFile
unzStringFileNameCompare
unzeof
unztell
zError
zipClose
zipCloseFileInZip
zipCloseFileInZipRaw
zipOpen
zipOpen2
zipOpenNewFileInZip
zipOpenNewFileInZip2
zipOpenNewFileInZip3
zipWriteInFileInZip
zlibCompileFlags
zlibVersion

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4aCertificate

Key Usages

35:eb:63:3d:d2:ae:f0:f1:05:41:2c:09:d2:c3:b1:4eCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

a8:01:9b:99:40:54:3e:fa:e1:f4:1a:2e:a5:e8:bc:c8:71:14:d5:00Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 40KB

.rsrc Size: 28KB - Virtual size: 28KB

81638d02019c0bfcaaf23a9c69f2f12c

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 512B - Virtual size: 510B

.rdata Size: 1024B - Virtual size: 533B

.data Size: 512B - Virtual size: 20B

.rsrc Size: 5.1MB - Virtual size: 5.1MB

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

Code Sign

63:7c:1c:a8:5b:d9:cf:df:39:1b:ea:85:b2:70:78:ddCertificate

Extended Key Usages

Key Usages

9a:6f:61:8d:e4:74:f1:b1:14:0a:4c:58:e7:c5:6c:0a:4f:b9:4b:2fSigner

Headers

DLL Characteristics

File Characteristics

Sections

CODE Size: 37KB - Virtual size: 36KB

DATA Size: 1024B - Virtual size: 588B

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

35:eb:63:3d:d2:ae:f0:f1:05:41:2c:09:d2:c3:b1:4e
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

a8:01:9b:99:40:54:3e:fa:e1:f4:1a:2e:a5:e8:bc:c8:71:14:d5:00
Signer

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 40KB

.rsrc
Size: 28KB - Virtual size: 28KB

.text
Size: 512B - Virtual size: 510B

.rdata
Size: 1024B - Virtual size: 533B

.data
Size: 512B - Virtual size: 20B

.rsrc
Size: 5.1MB - Virtual size: 5.1MB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

63:7c:1c:a8:5b:d9:cf:df:39:1b:ea:85:b2:70:78:dd
Certificate

9a:6f:61:8d:e4:74:f1:b1:14:0a:4c:58:e7:c5:6c:0a:4f:b9:4b:2f
Signer

CODE
Size: 37KB - Virtual size: 36KB

DATA
Size: 1024B - Virtual size: 588B

BSS
Size: - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 10KB

CODE
Size: 148KB - Virtual size: 148KB

DATA
Size: 3KB - Virtual size: 2KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 4KB - Virtual size: 3KB

.edata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 7KB - Virtual size: 7KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 10KB - Virtual size: 10KB

.reloc
Size: 6KB - Virtual size: 5KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 13KB - Virtual size: 32KB

.sxdata
Size: 512B - Virtual size: 4B

.rsrc
Size: 6KB - Virtual size: 5KB