df9bf86768ee0ae32d7d769b826b828e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

df9bf86768ee0ae32d7d769b826b828e_JaffaCakes118
Size

1.3MB
MD5

df9bf86768ee0ae32d7d769b826b828e
SHA1

722a4a30c316bf2393b128124278d95f8f228fa2
SHA256

0db2dec89b2077c4f25a662e7b0e3dd4c8e618fa261e6add5fbaf2cae382b8e5
SHA512

450743b4dabb7b909edbb714c3405a0e1ca5a2171fe711d71782cfab477247b8fa444fe4c5703dedaa31409a811fe1023aecd32dedcd6e9ee311f58ebc228890
SSDEEP

24576:YGBUIT1JKFdekJccR3FPpdgEF/oLyPDvzjmZBm3JGmf1m67bO7zg5y:YGBBJ3Mx9F/oL8f2Upka2g5y

Score

3^/10

Malware Config

Signatures

Unsigned PE 15 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Notepad++/SciLexer.dll
unpack001/Notepad++/notepad++.exe
unpack001/Notepad++/nppcm.dll
unpack001/Notepad++/plugins/ComparePlugin.dll
unpack001/Notepad++/plugins/Config/tidy/libTidy.dll
unpack001/Notepad++/plugins/FTP_synchronize.dll
unpack001/Notepad++/plugins/NppExec.dll
unpack001/Notepad++/plugins/NppExport.dll
unpack001/Notepad++/plugins/NppNetNote.dll
unpack001/Notepad++/plugins/NppTextFX.dll
unpack001/Notepad++/plugins/SpellChecker.dll
unpack001/Notepad++/plugins/docMonitor.dll
unpack001/Notepad++/plugins/mimeTools.dll
unpack001/Notepad++/updater/GUP.exe
unpack001/Notepad++/updater/libcurl.dll

Files

df9bf86768ee0ae32d7d769b826b828e_JaffaCakes118
.rar
Notepad++/LINEDRAW.TTF
Notepad++/SciLexer.dll
.dll windows:4 windows x86 arch:x86

edfd6c8cfc18d2241b424b66121fcc9c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetModuleFileNameA
GetStdHandle
WriteFile
HeapCreate
GetLastError
HeapSize
HeapReAlloc
GetCurrentProcess
TerminateProcess
LCMapStringW
LCMapStringA
ExitProcess
HeapAlloc
HeapFree
GetVersion
GetCommandLineA
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
VirtualFree
VirtualAlloc
SetFilePointer
GetStringTypeA
GetStringTypeW
RtlUnwind
GetOEMCP
SetStdHandle
FlushFileBuffers
CloseHandle
GlobalFree
GlobalAlloc
GlobalLock
GlobalSize
MultiByteToWideChar
GlobalUnlock
IsValidCodePage
GetCPInfo
GetTickCount
GetLocaleInfoA
DeleteCriticalSection
InitializeCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetACP
IsDBCSLeadByteEx
MulDiv
EnterCriticalSection
LeaveCriticalSection
GetVersionExA
WideCharToMultiByte

user32

HideCaret
DestroyCaret
CreateCaret
ShowCaret
RegisterClassExW
EmptyClipboard
SetClipboardData
SystemParametersInfoA
AppendMenuA
OpenClipboard
GetClipboardData
CloseClipboard
IsClipboardFormatAvailable
GetScrollInfo
CharUpperA
CharUpperW
CharLowerA
FillRect
FrameRect
DestroyWindow
SetScrollInfo
SetCaretPos
ScrollWindow
UpdateWindow
SetTimer
KillTimer
IsChild
GetDlgCtrlID
ScreenToClient
ClientToScreen
IsWindowUnicode
GetMessageTime
SetFocus
MsgWaitForMultipleObjects
PostMessageA
GetKeyboardLayout
GetUpdateRgn
RegisterClipboardFormatA
RegisterClassExA
GetKeyState
GetDoubleClickTime
TrackPopupMenu
DestroyMenu
CreatePopupMenu
UnregisterClassA
SetWindowLongA
ReleaseCapture
CallWindowProcA
GetParent
BeginPaint
EndPaint
DefWindowProcA
SetCapture
GetCursorPos
AdjustWindowRectEx
GetSysColor
InflateRect
DrawTextW
DrawTextA
DrawFocusRect
GetDC
ReleaseDC
GetSystemMetrics
CreateWindowExA
MapWindowPoints
LoadCursorA
SetCursor
SendMessageA
InvalidateRect
ShowWindow
GetClientRect
GetWindowLongA
SetWindowPos
GetWindowRect

gdi32

CreateFontIndirectA
GetTextExtentPoint32W
BitBlt
Ellipse
CreateDIBSection
RoundRect
CreatePatternBrush
SetBkColor
ExtTextOutA
Rectangle
Polygon
LineTo
MoveToEx
GetDeviceCaps
GetNearestColor
CreateSolidBrush
CreatePen
CreateCompatibleBitmap
CreateCompatibleDC
SetTextAlign
SelectObject
SelectPalette
DeleteDC
CreatePalette
DeleteObject
GetTextExtentPoint32A
SetTextColor
SetBkMode
GetTextExtentExPointA
GetTextExtentExPointW
GetTextMetricsA
RealizePalette
IntersectClipRect
GetObjectA
GetStockObject
CreateRectRgn
TranslateCharsetInfo
CombineRgn
CreateBitmap
ExtTextOutW

ole32

DoDragDrop
RevokeDragDrop
OleUninitialize
OleInitialize
RegisterDragDrop

imm32

ImmNotifyIME
ImmSetCompositionWindow
ImmGetCompositionStringW
ImmGetContext
ImmSetCompositionFontA
ImmReleaseContext

Exports

Exports

_Scintilla_DirectFunction@16

Sections

.text
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Notepad++/change.log
Notepad++/config.model.xml
.xml
Notepad++/contextMenu.xml
Notepad++/langs.model.xml
.js .xml polyglot
Notepad++/langs.xml
.js .xml polyglot
Notepad++/license.txt
Notepad++/nativeLang.xml
.xml
Notepad++/notepad++.exe
.exe windows:4 windows x86 arch:x86

92197451ae2cd7da0326757d4642db57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Don\source\notepad++\PowerEditor\bin\npp.pdb

Imports

comctl32

InitCommonControlsEx
ImageList_AddMasked
ImageList_SetIconSize
ord17
ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_GetImageInfo
ImageList_Draw

shlwapi

PathIsRelativeW
PathCompactPathExW
PathIsDirectoryW
PathAppendW
PathRemoveExtensionW
PathMatchSpecW
PathAddExtensionW
PathFindFileNameW
PathFindExtensionW
PathFileExistsW
PathRemoveFileSpecW

shell32

DragFinish
Shell_NotifyIconW
SHGetSpecialFolderLocation
ShellExecuteW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetMalloc
DragQueryFileW
DragQueryPoint

kernel32

TerminateThread
CreateThread
lstrcpynW
GetSystemInfo
GetProcAddress
GetModuleHandleW
GetVersionExW
ExpandEnvironmentStringsW
LoadLibraryW
GetTimeFormatW
GetDateFormatW
GetLocalTime
MulDiv
WaitForMultipleObjects
WaitForSingleObject
OpenEventW
SetEvent
GetExitCodeProcess
ReadFile
PeekNamedPipe
Sleep
ResumeThread
CloseHandle
CreateEventW
CreateProcessW
CreatePipe
GetOEMCP
GetACP
SizeofResource
LockResource
LoadResource
FindResourceW
LocalLock
LocalAlloc
CreateMutexW
SetLastError
GetCommandLineW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetFilePointer
HeapReAlloc
VirtualAlloc
VirtualFree
FindFirstFileW
HeapDestroy
GetDateFormatA
GetTimeFormatA
GetTimeZoneInformation
ExitProcess
HeapSize
GetFileType
SetHandleCount
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetModuleFileNameA
GetStdHandle
WriteFile
GetCurrentDirectoryA
IsValidCodePage
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetStringTypeW
GetStringTypeA
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoA
GetProcessHeap
HeapAlloc
GetVersionExA
GetCommandLineA
HeapFree
GetSystemTimeAsFileTime
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RaiseException
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
FindNextFileW
FindClose
CopyFileW
GlobalSize
CreateDirectoryW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
LocalUnlock
FreeLibrary
GetCurrentDirectoryW
SetCurrentDirectoryW
GetCurrentThreadId
GetVersion
WideCharToMultiByte
MultiByteToWideChar
GetLastError
FormatMessageW
LocalFree
GetFileAttributesW
SetFileAttributesW
MoveFileW
GetFullPathNameW
GetLongPathNameW
lstrcmpiW
DeleteFileW
lstrcpyW
lstrlenW
GetModuleFileNameW
lstrcatW
lstrcmpW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
SetEnvironmentVariableA
IsValidLocale
SetStdHandle
CreateFileW
LoadLibraryA
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEndOfFile
GetDriveTypeA
CompareStringA
CompareStringW
HeapCreate

user32

RegisterWindowMessageW
IsWindow
CreateCursor
ScrollWindow
SetScrollInfo
SetMenuItemInfoW
InsertMenuItemW
LoadStringW
LoadMenuW
IsDialogMessageA
IsDialogMessageW
TranslateAcceleratorW
GetMessageA
GetMessageW
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetKeyState
PeekMessageW
RealChildWindowFromPoint
IsIconic
IsZoomed
ModifyMenuW
GetSubMenu
DrawMenuBar
IsClipboardFormatAvailable
GetClipboardData
EndDialog
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
MonitorFromWindow
SetMenu
SetForegroundWindow
SetWindowPlacement
DialogBoxIndirectParamW
GetMenuStringW
CheckMenuRadioItem
GetMenuState
DestroyCursor
CheckMenuItem
EnableMenuItem
DestroyAcceleratorTable
DialogBoxParamW
RemoveMenu
DestroyIcon
mouse_event
WindowFromPoint
PtInRect
SetDlgItemInt
MapWindowPoints
LoadImageW
CreatePopupMenu
InsertMenuW
DestroyMenu
TrackPopupMenu
GetWindowTextW
SetCapture
GetActiveWindow
IsChild
GetDlgCtrlID
AppendMenuW
DragDetect
GetCapture
CreateDialogIndirectParamW
RegisterClassExW
SetParent
RedrawWindow
GetCursorPos
SetWindowsHookExW
UnhookWindowsHookEx
SetWindowTextW
LoadBitmapW
CallNextHookEx
ScreenToClient
GetDlgItemTextW
ReleaseCapture
FindWindowW
CreateAcceleratorTableW
SetDlgItemTextW
MessageBoxW
GetDlgItemInt
CreateDialogParamW
DrawFocusRect
FillRect
FrameRect
SendDlgItemMessageW
SetWindowLongW
GetWindowLongW
GetSysColor
InflateRect
ClientToScreen
CallWindowProcW
SetWindowPos
IsWindowVisible
GetWindowRect
ShowWindow
RegisterClassW
BeginPaint
EndPaint
GetFocus
PostMessageW
LoadCursorW
SetCursor
DestroyWindow
CreateCaret
DestroyCaret
GetSystemMetrics
GetWindowPlacement
MoveWindow
CreateWindowExW
SetFocus
GetScrollPos
GetScrollRange
UpdateWindow
DefWindowProcW
DrawFrameControl
GetMenu
ShowCaret
MessageBeep
DrawTextW
SetCaretPos
HideCaret
GetParent
ShowScrollBar
SetScrollRange
InvalidateRect
SetScrollPos
GetKeyboardState
ToAscii
wsprintfW
GetDC
DrawEdge
DrawTextExW
ReleaseDC
GetClientRect
LoadIconW
DrawIcon
GetDlgItem
SendMessageW
EnableWindow
IsWindowUnicode
SetWindowLongA
CallWindowProcA
CharUpperW
CharLowerW
TranslateMessage
DispatchMessageW
CreateMenu
GetMenuItemID
SystemParametersInfoW
DeleteMenu
GetMenuItemCount
PostQuitMessage
GetClassNameW
GetMonitorInfoW

gdi32

CreateFontW
GetTextMetricsW
CreateHatchBrush
LineTo
MoveToEx
RestoreDC
DeleteDC
BitBlt
CreateCompatibleBitmap
GetObjectW
CreateCompatibleDC
SetTextColor
SetWindowOrgEx
OffsetWindowOrgEx
PatBlt
SetBrushOrgEx
CreatePatternBrush
CreateBitmap
GetTextExtentPointW
RemoveFontResourceW
EnumFontFamiliesExW
AddFontResourceW
EndDoc
EndPage
ExtTextOutW
SetTextAlign
SetBkColor
StartPage
StartDocW
DPtoLP
GetDeviceCaps
CreateFontIndirectW
GetPixel
CreateSolidBrush
GetTextExtentPoint32W
GetROP2
SetROP2
GetStockObject
CreatePen
Rectangle
DeleteObject
SetBkMode
SaveDC
SelectObject

comdlg32

ChooseColorW
GetOpenFileNameW
PrintDlgW
GetSaveFileNameW

advapi32

RegCloseKey
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 696KB - Virtual size: 695KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Notepad++/nppcm.dll
.dll regsvr32 windows:4 windows x86 arch:x86

c8151d586cd71999c81732ef6c79fbba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

StringFromIID
CoGetMalloc

msvcrt

malloc
_adjust_fdiv
_initterm
free
strcpy
??2@YAPAXI@Z
strcat
memset
_purecall
??3@YAXPAX@Z
strrchr
memcmp

kernel32

CreateProcessA
lstrcpyA
lstrcatA
WideCharToMultiByte
GetModuleFileNameA
SearchPathA
lstrlenA

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

user32

wsprintfA
MessageBoxA
LoadBitmapA
SetMenuItemBitmaps
InsertMenuA

shell32

DragQueryFileA
SHGetMalloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Notepad++/plugins/APIs/actionscript.xml
.xml
Notepad++/plugins/APIs/c.xml
.xml
Notepad++/plugins/APIs/cpp.xml
.xml
Notepad++/plugins/APIs/cs.xml
.xml
Notepad++/plugins/APIs/css.xml
.xml
Notepad++/plugins/APIs/html.xml
.xml
Notepad++/plugins/APIs/java.xml
.xml
Notepad++/plugins/APIs/javascript.xml
.xml
Notepad++/plugins/APIs/lisp.xml
.xml
Notepad++/plugins/APIs/nsis.xml
.xml
Notepad++/plugins/APIs/perl.xml
.xml
Notepad++/plugins/APIs/php.xml
.xml
Notepad++/plugins/APIs/python.xml
.xml
Notepad++/plugins/APIs/rc.xml
.xml
Notepad++/plugins/APIs/sql.xml
.xml
Notepad++/plugins/APIs/tex.xml
.xml
Notepad++/plugins/APIs/vb.xml
.xml
Notepad++/plugins/APIs/vhdl.xml
.xml
Notepad++/plugins/APIs/xml.xml
.xml
Notepad++/plugins/ComparePlugin.dll
.dll windows:5 windows x86 arch:x86

f650ddbea621a9646abb58158c285f08

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Program Files\Notepad++\plugins\ComparePlugin.pdb

Imports

shlwapi

PathAppendW
PathRemoveFileSpecW
PathFileExistsW

kernel32

MultiByteToWideChar
GetProcessHeap
lstrlenW
lstrcpyW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetModuleFileNameW
GetLastError
SetLastError
SetEndOfFile
CreateFileA
CreateFileW
GetLocaleInfoW
LoadLibraryA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InitializeCriticalSectionAndSpinCount
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
HeapSize
GetStringTypeW
GetStringTypeA
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
HeapFree
RtlUnwind
HeapAlloc
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
LCMapStringA
WideCharToMultiByte
LCMapStringW
GetCPInfo
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
CloseHandle
GetModuleHandleA
GetACP
GetOEMCP
IsValidCodePage
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoA

user32

IsWindowVisible
GetMenuState
MessageBoxW
SendMessageA
GetMenu
ModifyMenuW
SendMessageW

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW

Exports

Exports

allocator_alloc
allocator_free
allocator_realloc
allocator_set_reclaim
beNotified
cmp_str
cmp_wcs
diff
getFuncsArray
getName
global_allocator
hash_str
hash_wcs
hashmap_clean
hashmap_clear
hashmap_deinit
hashmap_del
hashmap_get
hashmap_init
hashmap_is_empty
hashmap_iterate
hashmap_new
hashmap_next
hashmap_put
hashmap_remove
hashmap_size
isUnicode
messageProc
msgno_add_codes
msgno_amnf0
msgno_amno0
msgno_amsg0
msgno_append
msgno_buf
msgno_buf_idx
msgno_builtin_codes
msgno_hdlr
msgno_hdlr_stderr
msgno_loc0
msgno_mmnf0
msgno_mmno0
msgno_mmsg0
msgno_msg
setInfo
stdlib_allocator
suba_addr
suba_alloc
suba_free
suba_init
suba_realloc
suba_ref
varray_deinit
varray_del
varray_get
varray_index
varray_init
varray_iterate
varray_new
varray_next
varray_release

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Notepad++/plugins/Config/tidy/AsciiToEBCDIC.bin
Notepad++/plugins/Config/tidy/W3C-CSSValidator.htm
.html
Notepad++/plugins/Config/tidy/W3C-HTMLValidator.htm
.html
Notepad++/plugins/Config/tidy/libTidy.dll
.dll windows:4 windows x86 arch:x86

e41b02b61c5b983e1cc597a59785a608

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetAtomNameA

msvcrt

__dllonexit
__mb_cur_max
_access
_assert
_errno
_fstat
_iob
_isctype
_pctype
_setmode
_utime
_vsnprintf
abort
atoi
exit
fclose
fflush
fgetc
fopen
fprintf
fputc
free
getenv
malloc
memcpy
memset
realloc
sprintf
sscanf
strchr
strstr

Exports

Exports

initInputBuffer
initOutputBuffer
tidyAccessWarningCount
tidyAttrFirst
tidyAttrGetABBR
tidyAttrGetALINK
tidyAttrGetALT
tidyAttrGetBGCOLOR
tidyAttrGetById
tidyAttrGetCHECKED
tidyAttrGetCOLSPAN
tidyAttrGetCONTENT
tidyAttrGetDATAFLD
tidyAttrGetFOR
tidyAttrGetHEIGHT
tidyAttrGetHREF
tidyAttrGetHTTP_EQUIV
tidyAttrGetID
tidyAttrGetISMAP
tidyAttrGetId
tidyAttrGetLANG
tidyAttrGetLANGUAGE
tidyAttrGetLINK
tidyAttrGetLONGDESC
tidyAttrGetNAME
tidyAttrGetOnBLUR
tidyAttrGetOnCLICK
tidyAttrGetOnFOCUS
tidyAttrGetOnKEYDOWN
tidyAttrGetOnKEYPRESS
tidyAttrGetOnKEYUP
tidyAttrGetOnMOUSEDOWN
tidyAttrGetOnMOUSEMOVE
tidyAttrGetOnMOUSEOUT
tidyAttrGetOnMOUSEOVER
tidyAttrGetOnMOUSEUP
tidyAttrGetREL
tidyAttrGetROWSPAN
tidyAttrGetSELECTED
tidyAttrGetSRC
tidyAttrGetSTYLE
tidyAttrGetSUMMARY
tidyAttrGetTARGET
tidyAttrGetTEXT
tidyAttrGetTITLE
tidyAttrGetTYPE
tidyAttrGetUSEMAP
tidyAttrGetVALUE
tidyAttrGetVLINK
tidyAttrGetWIDTH
tidyAttrGetXMLNS
tidyAttrIsABBR
tidyAttrIsALINK
tidyAttrIsALT
tidyAttrIsBGCOLOR
tidyAttrIsCHECKED
tidyAttrIsCOLSPAN
tidyAttrIsCONTENT
tidyAttrIsDATAFLD
tidyAttrIsEvent
tidyAttrIsFOR
tidyAttrIsHEIGHT
tidyAttrIsHREF
tidyAttrIsHTTP_EQUIV
tidyAttrIsID
tidyAttrIsISMAP
tidyAttrIsLANG
tidyAttrIsLANGUAGE
tidyAttrIsLINK
tidyAttrIsLONGDESC
tidyAttrIsNAME
tidyAttrIsOnBLUR
tidyAttrIsOnCLICK
tidyAttrIsOnFOCUS
tidyAttrIsOnKEYDOWN
tidyAttrIsOnKEYPRESS
tidyAttrIsOnKEYUP
tidyAttrIsOnMOUSEDOWN
tidyAttrIsOnMOUSEMOVE
tidyAttrIsOnMOUSEOUT
tidyAttrIsOnMOUSEOVER
tidyAttrIsOnMOUSEUP
tidyAttrIsProp
tidyAttrIsREL
tidyAttrIsROWSPAN
tidyAttrIsSELECTED
tidyAttrIsSRC
tidyAttrIsSTYLE
tidyAttrIsSUMMARY
tidyAttrIsTARGET
tidyAttrIsTEXT
tidyAttrIsTITLE
tidyAttrIsTYPE
tidyAttrIsUSEMAP
tidyAttrIsVALUE
tidyAttrIsVLINK
tidyAttrIsWIDTH
tidyAttrIsXMLNS
tidyAttrName
tidyAttrNext
tidyAttrValue
tidyBufAlloc
tidyBufAppend
tidyBufAttach
tidyBufCheckAlloc
tidyBufClear
tidyBufDetach
tidyBufEndOfInput
tidyBufFree
tidyBufGetByte
tidyBufInit
tidyBufPopByte
tidyBufPutByte
tidyBufUngetByte
tidyCleanAndRepair
tidyConfigErrorCount
tidyCreate
tidyDetectedGenericXml
tidyDetectedHtmlVersion
tidyDetectedXhtml
tidyErrorCount
tidyErrorSummary
tidyFileExists
tidyGeneralInfo
tidyGetAppData
tidyGetBody
tidyGetByte
tidyGetChild
tidyGetHead
tidyGetHtml
tidyGetNext
tidyGetNextOption
tidyGetOption
tidyGetOptionByName
tidyGetOptionList
tidyGetParent
tidyGetPrev
tidyGetRoot
tidyInitSink
tidyInitSource
tidyIsEOF
tidyLoadConfig
tidyLoadConfigEnc
tidyNodeColumn
tidyNodeGetId
tidyNodeGetName
tidyNodeGetText
tidyNodeGetType
tidyNodeHasText
tidyNodeIsA
tidyNodeIsADDRESS
tidyNodeIsAPPLET
tidyNodeIsAREA
tidyNodeIsB
tidyNodeIsBASE
tidyNodeIsBASEFONT
tidyNodeIsBIG
tidyNodeIsBLINK
tidyNodeIsBLOCKQUOTE
tidyNodeIsBODY
tidyNodeIsBR
tidyNodeIsCAPTION
tidyNodeIsCENTER
tidyNodeIsCOL
tidyNodeIsCOLGROUP
tidyNodeIsDD
tidyNodeIsDIR
tidyNodeIsDIV
tidyNodeIsDL
tidyNodeIsDT
tidyNodeIsEM
tidyNodeIsEMBED
tidyNodeIsFONT
tidyNodeIsFORM
tidyNodeIsFRAME
tidyNodeIsFRAMESET
tidyNodeIsH1
tidyNodeIsH2
tidyNodeIsH3
tidyNodeIsH4
tidyNodeIsH5
tidyNodeIsH6
tidyNodeIsHEAD
tidyNodeIsHR
tidyNodeIsHTML
tidyNodeIsHeader
tidyNodeIsI
tidyNodeIsIFRAME
tidyNodeIsIMG
tidyNodeIsINPUT
tidyNodeIsISINDEX
tidyNodeIsLABEL
tidyNodeIsLAYER
tidyNodeIsLI
tidyNodeIsLINK
tidyNodeIsLISTING
tidyNodeIsMAP
tidyNodeIsMARQUEE
tidyNodeIsMENU
tidyNodeIsMETA
tidyNodeIsNOBR
tidyNodeIsNOFRAMES
tidyNodeIsNOSCRIPT
tidyNodeIsOBJECT
tidyNodeIsOL
tidyNodeIsOPTGROUP
tidyNodeIsOPTION
tidyNodeIsP
tidyNodeIsPARAM
tidyNodeIsPRE
tidyNodeIsProp
tidyNodeIsQ
tidyNodeIsS
tidyNodeIsSCRIPT
tidyNodeIsSELECT
tidyNodeIsSMALL
tidyNodeIsSPACER
tidyNodeIsSPAN
tidyNodeIsSTRIKE
tidyNodeIsSTRONG
tidyNodeIsSTYLE
tidyNodeIsTABLE
tidyNodeIsTD
tidyNodeIsTEXTAREA
tidyNodeIsTH
tidyNodeIsTITLE
tidyNodeIsTR
tidyNodeIsText
tidyNodeIsU
tidyNodeIsUL
tidyNodeIsWBR
tidyNodeIsXMP
tidyNodeLine
tidyOptCopyConfig
tidyOptDiffThanDefault
tidyOptDiffThanSnapshot
tidyOptGetBool
tidyOptGetCategory
tidyOptGetCurrPick
tidyOptGetDeclTagList
tidyOptGetDefault
tidyOptGetDefaultBool
tidyOptGetDefaultInt
tidyOptGetDoc
tidyOptGetDocLinksList
tidyOptGetEncName
tidyOptGetId
tidyOptGetIdForName
tidyOptGetInt
tidyOptGetName
tidyOptGetNextDeclTag
tidyOptGetNextDocLinks
tidyOptGetNextPick
tidyOptGetPickList
tidyOptGetType
tidyOptGetValue
tidyOptIsReadOnly
tidyOptParseValue
tidyOptResetAllToDefault
tidyOptResetToDefault
tidyOptResetToSnapshot
tidyOptSaveFile
tidyOptSaveSink
tidyOptSetBool
tidyOptSetInt
tidyOptSetValue
tidyOptSnapshot
tidyParseBuffer
tidyParseFile
tidyParseSource
tidyParseStdin
tidyParseString
tidyPutByte
tidyRelease
tidyReleaseDate
tidyRunDiagnostics
tidySaveBuffer
tidySaveFile
tidySaveSink
tidySaveStdout
tidySaveString
tidySetAppData
tidySetCharEncoding
tidySetErrorBuffer
tidySetErrorFile
tidySetErrorSink
tidySetFreeCall
tidySetInCharEncoding
tidySetMallocCall
tidySetOptionCallback
tidySetOutCharEncoding
tidySetPanicCall
tidySetReallocCall
tidySetReportFilter
tidyStatus
tidyUngetByte
tidyWarningCount

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 784B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Notepad++/plugins/FTP_synchronize.dll
.dll windows:4 windows x86 arch:x86

87476d2ad9335d953a1cc83f4cf8d0aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

accept
inet_addr
WSAGetLastError
getsockname
WSACleanup
ioctlsocket
connect
gethostbyname
recv
send
shutdown
getpeername
WSAStartup
closesocket
socket
htons
bind
ntohs
listen

shlwapi

PathRemoveFileSpecW
PathFindFileNameW
PathFileExistsW
PathRemoveExtensionW

comctl32

PropertySheetW
ImageList_Add
ImageList_Create
ord8
CreateStatusWindowW
ImageList_Destroy
ord17

kernel32

GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetSystemInfo
VirtualProtect
SetFilePointer
UnhandledExceptionFilter
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStrings
LCMapStringA
GetLocaleInfoA
SetStdHandle
GlobalUnlock
GlobalLock
GlobalAlloc
ResetEvent
SetEvent
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
GetLocalTime
WriteFile
GetLastError
ReadFile
GetFileSize
FlushFileBuffers
LocalAlloc
FindClose
lstrlenA
CreatePipe
GetExitCodeThread
WaitForMultipleObjects
CreateThread
FreeLibrary
CompareStringA
InterlockedExchange
GetModuleHandleA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
LoadLibraryA
SetLastError
VirtualAlloc
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapSize
GetCurrentProcess
TerminateProcess
HeapReAlloc
ExitProcess
SetUnhandledExceptionFilter
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
HeapAlloc
HeapFree
GetVersionExA
GetCommandLineA
GetCurrentThreadId
RaiseException
RtlUnwind
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
LocalFree
VirtualQuery
GetOEMCP
GetACP

user32

GetClientRect
FillRect
PostQuitMessage
MoveWindow
ReleaseCapture
SetCapture
GetWindowRect
GetSystemMetrics
SetWindowPos
GetParent
GetSysColor
GetNextDlgTabItem
GetCursorPos
TrackPopupMenu
EndDialog
GetDlgItem
SetFocus
ScreenToClient
RedrawWindow
ShowWindow
DestroyMenu
CreatePopupMenu
SetCursor
ClientToScreen
GetMessagePos
GetKeyState
MessageBoxA

gdi32

DeleteObject
CreateSolidBrush
GetStockObject

ole32

CoTaskMemAlloc
CoTaskMemFree
RevokeDragDrop
RegisterDragDrop
ReleaseStgMedium

Exports

Exports

beNotified
getFuncsArray
getName
isUnicode
messageProc
setInfo

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Notepad++/plugins/NppExec.dll
.dll windows:4 windows x86 arch:x86

f97b1d8cd0178a35f08bf2f251512b6c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileIntW
lstrcmpW
GetPrivateProfileStringW
WritePrivateProfileStringW
lstrcmpiW
SetCurrentDirectoryW
LocalFree
FormatMessageW
WriteFile
ResumeThread
CreateThread
GetVersionExW
TerminateProcess
lstrlenA
CreateDirectoryW
FindClose
FindFirstFileW
GetModuleFileNameW
ReadFile
PeekNamedPipe
Sleep
GetLastError
WaitForSingleObject
CreateProcessW
SetHandleInformation
CreatePipe
LoadLibraryW
FreeLibrary
lstrcpynW
GetCurrentDirectoryW
GetEnvironmentVariableW
SearchPathW
FindNextFileW
MultiByteToWideChar
WideCharToMultiByte
CreateFileA
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
CloseHandle
lstrlenW
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
InitializeCriticalSection
HeapReAlloc
VirtualAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetConsoleMode
GetConsoleCP
ExitProcess
HeapSize
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetProcAddress
SetFilePointer
DeleteCriticalSection
GetStartupInfoA
CreateFileW
CompareFileTime
GetFileSize
GetLocaleInfoA
GetFileTime
GetFileType
GetStdHandle
lstrcpyW
lstrcatW
SetHandleCount
LeaveCriticalSection
RtlUnwind
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
EnterCriticalSection

user32

IsWindowUnicode
PostMessageW
CallWindowProcA
ModifyMenuW
GetMenuItemCount
GetSubMenu
GetMenuState
InsertMenuItemW
RemovePropW
GetPropW
SetPropW
SetWindowLongA
CharLowerBuffW
SetTimer
GetFocus
GetWindowLongW
GetMenuItemInfoW
SetMenuItemInfoW
GetMenu
CheckMenuItem
ScreenToClient
DialogBoxParamW
CreateDialogParamW
SetWindowPos
CheckDlgButton
CheckRadioButton
IsDlgButtonChecked
CharLowerW
LoadImageW
GetKeyState
DestroyIcon
SetWindowLongW
GetSysColor
GetParent
CallWindowProcW
KillTimer
EndDialog
GetDlgItem
MessageBoxW
wsprintfW
wvsprintfW
GetCaretPos
GetClientRect
CharUpperW
DestroyWindow
CreateWindowExW
ShowWindow
SetWindowTextW
SetParent
SetFocus
SendMessageW
InvalidateRect
UpdateWindow
IsWindowVisible
GetWindowTextLengthW
GetWindowTextW
EnableWindow
GetWindowRect
MoveWindow
RemoveMenu

gdi32

GetObjectW
DeleteObject
CreateFontIndirectW
GetStockObject

comdlg32

ChooseFontW

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor

shell32

ShellExecuteW

Exports

Exports

beNotified
getFuncsArray
getName
isUnicode
messageProc
setInfo

Sections

.text
Size: 176KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Notepad++/plugins/NppExport.dll
.dll windows:4 windows x86 arch:x86

4d9150937d7e90359b0e42ca47a31b70

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathFindFileNameW
PathRemoveExtensionW
PathRemoveFileSpecW

kernel32

GlobalLock
GlobalAlloc
MultiByteToWideChar
MulDiv
GlobalFree
WriteFile
lstrcmpiA
CreateFileW
lstrcatW
lstrcpynW
lstrcpyW
GetModuleFileNameW
HeapAlloc
GetProcessHeap
HeapFree
GlobalUnlock
CloseHandle

user32

CloseClipboard
EmptyClipboard
OpenClipboard
wvsprintfA
SetClipboardData
SendMessageW
GetDC
ReleaseDC
RegisterClipboardFormatW
MessageBoxW

gdi32

DeleteObject
GetTextExtentPoint32W
SelectObject
CreateFontW
GetDeviceCaps

comdlg32

GetSaveFileNameW

Exports

Exports

beNotified
getFuncsArray
getName
isUnicode
messageProc
setInfo

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 750B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Notepad++/plugins/NppNetNote.dll
.dll windows:4 windows x86 arch:x86

2223d4ec8f25713399de8eab55e90d49

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Programming\Projects\Npp\Plugin\NppPlugins_CVS\NppPlugins\NppDocShare\build\Release Unicode\NppDocShare.pdb

Imports

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsW

ws2_32

send
shutdown
getpeername
inet_ntoa
accept
socket
htons
bind
getsockname
ntohs
listen
WSAGetLastError
inet_addr
WSAStartup
closesocket
recv
gethostbyname
connect

comctl32

ord8

kernel32

GetSystemInfo
VirtualProtect
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
LCMapStringW
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
LCMapStringA
RtlUnwind
LocalFree
LocalAlloc
lstrlenW
FormatMessageW
GetLastError
CreateDirectoryW
lstrcpyW
GetModuleFileNameW
CloseHandle
CreateFileW
lstrcatW
LeaveCriticalSection
EnterCriticalSection
SetEvent
DeleteCriticalSection
WaitForSingleObject
GetTickCount
CreateEventW
InitializeCriticalSection
CreateThread
ResetEvent
LoadLibraryA
VirtualQuery
InterlockedExchange
GetCPInfo
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
VirtualAlloc
WriteFile
UnhandledExceptionFilter
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
RaiseException
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapAlloc
HeapFree
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
SetUnhandledExceptionFilter
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA

user32

GetDlgItemTextA
GetDlgItemInt
SetWindowLongW
SendDlgItemMessageA
SendDlgItemMessageW
SetDlgItemTextW
EndDialog
InvalidateRect
EnableWindow
wsprintfW
MessageBoxW
GetKeyState
CallWindowProcW
PostMessageW
LoadIconW
SendMessageW
GetDlgItem
CreateDialogParamW
CharNextW

Exports

Exports

beNotified
getFuncsArray
getName
isUnicode
messageProc
setInfo

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Notepad++/plugins/NppTextFX.dll
.dll windows:4 windows x86 arch:x86

4896caad4b870c3f115e2dda8d218ec9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\Don\source\nppRelative\NPPTextFX\VC7\NppTextFXA.pdb

Imports

comctl32

InitCommonControlsEx

kernel32

GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
CloseHandle
CreateFileA
WriteFile
ReadFile
GlobalSize
GetPrivateProfileStringA
GetEnvironmentVariableA
WritePrivateProfileStringA
FindClose
FindFirstFileA
WideCharToMultiByte
GetModuleFileNameA
GetTimeFormatA
GetDateFormatA
GetLocalTime
DeleteFileA
GetPrivateProfileIntA
FreeLibrary
GetProcAddress
LoadLibraryA
GetLastError
CreateFileMappingA
GetVersionExA
IsBadWritePtr
IsBadReadPtr
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
HeapSize
FlushFileBuffers
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
InitializeCriticalSection
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
Sleep
RtlUnwind
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetStdHandle
ExitProcess
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetOEMCP
HeapFree
HeapAlloc
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
GetProcessHeap
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP

user32

IsCharAlphaNumericW
IsCharAlphaNumericA
CreateDialogParamA
IsCharUpperW
IsCharLowerW
IsCharLowerA
CharUpperW
CharLowerW
CharUpperA
CharLowerA
MessageBeep
GetClientRect
DestroyWindow
ShowWindow
EnumChildWindows
SetForegroundWindow
PostMessageA
GetSystemMetrics
SetRect
MoveWindow
GetWindowTextA
GetParent
ClientToScreen
GetWindowRect
GetFocus
IsWindowEnabled
GetKeyState
GetNextDlgTabItem
SetFocus
InvalidateRect
SetWindowTextA
GetDlgItem
EnableWindow
CheckRadioButton
SendDlgItemMessageA
RegisterClipboardFormatA
SetMenuItemInfoA
GetAsyncKeyState
EnableMenuItem
DrawMenuBar
CreateMenu
RemoveMenu
SetWindowLongA
CallWindowProcA
GetMenuItemInfoA
GetMenu
CheckMenuItem
GetMenuItemCount
InsertMenuItemA
DeleteMenu
SendMessageA
EmptyClipboard
SetClipboardData
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
MessageBoxA
IsCharUpperA

shell32

ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

Exports

Exports

beNotified
getFuncsArray
getName
isUnicode
messageProc
setInfo

Sections

.text
Size: 144KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Notepad++/plugins/SpellChecker.dll
.dll windows:4 windows x86 arch:x86

3bb68008cac16f608c58f2e74b36389e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Projects\NppPlugins\SpellChecker\projects\2003\Release\SpellChecker.pdb

Imports

shlwapi

PathFileExistsW
PathAppendW
PathRemoveFileSpecW
PathFindFileNameW

kernel32

MultiByteToWideChar
WideCharToMultiByte
SetEvent
WaitForMultipleObjects
CreateThread
CreateEventW
GlobalLock
GlobalAlloc
SizeofResource
LockResource
LoadResource
FindResourceW
GlobalFree
GetModuleHandleW
GetProcAddress
LoadLibraryW
FreeLibrary
LocalFree
FormatMessageW
GetLastError
GetSystemInfo
VirtualProtect
LCMapStringW
LCMapStringA
WritePrivateProfileStringW
GetStringTypeA
GetLocaleInfoA
SetStdHandle
SetFilePointer
IsBadCodePtr
InitializeCriticalSection
GetCPInfo
GetOEMCP
GetACP
LoadLibraryA
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
CreateDirectoryW
CreateFileW
WriteFile
CloseHandle
GetPrivateProfileStringW
GetModuleFileNameW
VirtualQuery
GetStringTypeW
SetHandleCount
FlushFileBuffers
ExitProcess
RaiseException
RtlUnwind
GetCurrentThreadId
TlsSetValue
GetCommandLineA
GetVersionExA
HeapAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapFree
HeapReAlloc
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapSize
TlsFree
SetLastError
TlsGetValue
TlsAlloc
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetUnhandledExceptionFilter

user32

SetCursor
BeginPaint
GetSysColor
DrawTextW
EndPaint
CreateDialogIndirectParamW
CreateDialogParamW
GetWindowLongW
SetWindowLongW
SystemParametersInfoW
GetSystemMetrics
SetWindowPos
SendMessageA
MessageBoxW
LoadImageW
CreateCursor
GetMenu
DeleteMenu
DestroyCursor
DestroyWindow
IsWindowVisible
GetWindowRect
GetClientRect
InvalidateRect
UpdateWindow
MoveWindow
ShowWindow
GetDlgItemTextW
EndDialog
SetDlgItemTextW
DialogBoxParamW
GetDlgItem
SendMessageW
CallWindowProcW
GetWindowTextW
ClientToScreen

gdi32

SetBkColor
GetStockObject
GetObjectW
CreateFontIndirectW
SelectObject
DeleteObject
SetTextColor

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

ShellExecuteW

Exports

Exports

beNotified
getFuncsArray
getName
isUnicode
messageProc
setInfo

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Notepad++/plugins/doc/FTP_synchonize.ReadMe.txt
Notepad++/plugins/doc/NPPTextFXdemo.TXT
Notepad++/plugins/doc/NppExec.txt
Notepad++/plugins/doc/NppExec_Guide.txt
Notepad++/plugins/doc/NppExec_TechInfo.txt
Notepad++/plugins/docMonitor.dll
.dll windows:4 windows x86 arch:x86

5dcd68f93b5326d846f703ea2fd1e3ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\users\don\source\npprelative\docmonitor\release\docMonitor.pdb

Imports

shlwapi

PathAppendW

kernel32

GetEnvironmentStrings
Sleep
CloseHandle
CreateThread
GetPrivateProfileIntW
WritePrivateProfileStringW
lstrcpyW
LCMapStringW
LCMapStringA
GetStringTypeW
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteFile
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
MultiByteToWideChar
GetLocaleInfoA
GetStringTypeA

user32

ModifyMenuW
SendMessageW
GetMenu
wsprintfW

Exports

Exports

beNotified
getFuncsArray
getName
isUnicode
messageProc
setInfo

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Notepad++/plugins/mimeTools.dll
.dll windows:4 windows x86 arch:x86

6a0f871e6d3e098342742d66036d45bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\Don\source\nppRelative\mimeTools.v1.4.src\Release\mimeTools.pdb

Imports

kernel32

lstrcpyW
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
RtlUnwind
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetLastError
RaiseException
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
HeapSize
WriteFile
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
InitializeCriticalSection
GetLocaleInfoA
GetStringTypeA

user32

CreateDialogParamW
GetClientRect
ClientToScreen
SetWindowPos
EndDialog
MessageBoxW
SendMessageW

Exports

Exports

beNotified
getFuncsArray
getName
isUnicode
messageProc
setInfo

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Notepad++/readme.txt
Notepad++/shortcuts.xml
Notepad++/stylers.model.xml
.xml
Notepad++/updater/GUP.exe
.exe windows:4 windows x86 arch:x86

735f075d5e543a7b51750f6877464ee7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Don\source\GUP\bin\GUP.pdb

Imports

libcurl

curl_easy_init
curl_easy_cleanup
curl_easy_perform
curl_easy_setopt

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA

kernel32

CompareStringW
CompareStringA
SetEnvironmentVariableA
SetEndOfFile
SetLastError
Sleep
CreateThread
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
SetStdHandle
GetLocaleInfoA
LoadLibraryA
CreateFileA
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
RaiseException
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
RtlUnwind
WriteFile
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
CloseHandle
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
HeapSize
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
ReadFile

user32

GetWindowRect
FindWindowExA
SendMessageA
SetDlgItemInt
MessageBoxA
GetDlgItemInt
EndDialog
SetWindowPos
SystemParametersInfoA
SetWindowTextA
GetDlgItemTextA
DialogBoxParamA
SetDlgItemTextA
CreateWindowExA

shell32

ShellExecuteA

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Notepad++/updater/License.txt
Notepad++/updater/getDownLoadUrl.php
Notepad++/updater/gpl.txt
Notepad++/updater/gup.xml
Notepad++/updater/libcurl.dll
.dll windows:4 windows x86 arch:x86

8d970c7fb352cc798c570f6027abfe18

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\sources\curl-7.17.1\lib\Release\libcurl.pdb

Imports

ws2_32

sendto
recvfrom
select
__WSAFDIsSet
inet_ntoa
gethostbyname
WSASetLastError
getprotobyname
setsockopt
htons
connect
getsockopt
ioctlsocket
WSAStartup
WSACleanup
accept
inet_addr
getsockname
socket
bind
ntohs
listen
recv
send
WSAGetLastError
closesocket

wldap32

ord22
ord211
ord143
ord60
ord50
ord26
ord30
ord32
ord35
ord79
ord200
ord33
ord301
ord27
ord41
ord46

winmm

timeGetTime

kernel32

FindClose
HeapSize
SetConsoleCtrlHandler
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
CreateFileA
GetCurrentProcessId
QueryPerformanceCounter
GetSystemInfo
VirtualProtect
GetCPInfo
GetOEMCP
GetACP
VirtualQuery
InterlockedExchange
RtlUnwind
InitializeCriticalSection
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetTimeZoneInformation
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
WideCharToMultiByte
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
TerminateProcess
FatalAppExitA
ExpandEnvironmentStringsA
PeekNamedPipe
WaitForMultipleObjects
ReadFile
GetFileType
GetStdHandle
FreeLibrary
GetProcAddress
GetLastError
LoadLibraryA
SleepEx
SetLastError
FormatMessageA
CloseHandle
ReleaseMutex
SetEvent
WaitForSingleObject
GetExitCodeThread
TerminateThread
GetTickCount
CreateEventA
CreateMutexA
DuplicateHandle
GetCurrentProcess
Sleep
SetFilePointer
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
GetLocaleInfoW
GetDriveTypeA
FindFirstFileA
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
HeapFree
HeapAlloc
HeapReAlloc
ExitThread
GetCurrentThreadId
CreateThread
GetCommandLineA
GetVersionExA
SetHandleCount
GetStartupInfoA
DeleteCriticalSection
SetStdHandle
TlsAlloc
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
WriteFile
GetFullPathNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
ExitProcess
FlushFileBuffers

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_perform
curl_easy_reset
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_maprintf
curl_mfprintf
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_version
curl_version_info

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Notepad++/updater/readme.txt
Notepad++/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

edfd6c8cfc18d2241b424b66121fcc9c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

imm32

Exports

Exports

Sections

.text Size: 328KB - Virtual size: 328KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 17KB - Virtual size: 25KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 13KB - Virtual size: 13KB

92197451ae2cd7da0326757d4642db57

Headers

File Characteristics

PDB Paths

Imports

comctl32

shlwapi

shell32

kernel32

user32

gdi32

comdlg32

advapi32

ole32

Sections

.text Size: 696KB - Virtual size: 695KB

.rdata Size: 112KB - Virtual size: 111KB

.data Size: 24KB - Virtual size: 93KB

.rsrc Size: 308KB - Virtual size: 307KB

c8151d586cd71999c81732ef6c79fbba

Headers

File Characteristics

Imports

ole32

msvcrt

kernel32

advapi32

user32

shell32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 652B

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 400B

f650ddbea621a9646abb58158c285f08

Headers

File Characteristics

PDB Paths

Imports

shlwapi

kernel32

user32

shell32

Exports

Exports

Sections

.text Size: 123KB - Virtual size: 122KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 6KB - Virtual size: 17KB

.rsrc Size: 47KB - Virtual size: 47KB

.reloc Size: 10KB - Virtual size: 9KB

e41b02b61c5b983e1cc597a59785a608

Headers

File Characteristics

Imports

.text
Size: 328KB - Virtual size: 328KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 17KB - Virtual size: 25KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 13KB - Virtual size: 13KB

.text
Size: 696KB - Virtual size: 695KB

.rdata
Size: 112KB - Virtual size: 111KB

.data
Size: 24KB - Virtual size: 93KB

.rsrc
Size: 308KB - Virtual size: 307KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 652B

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 400B

.text
Size: 123KB - Virtual size: 122KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 6KB - Virtual size: 17KB

.rsrc
Size: 47KB - Virtual size: 47KB

.reloc
Size: 10KB - Virtual size: 9KB

.text
Size: 148KB - Virtual size: 147KB

.data
Size: 512B - Virtual size: 208B

.rdata
Size: 80KB - Virtual size: 79KB

.bss
Size: - Virtual size: 784B

.edata
Size: 8KB - Virtual size: 7KB

.idata
Size: 1024B - Virtual size: 920B

.reloc
Size: 6KB - Virtual size: 5KB

.text
Size: 105KB - Virtual size: 104KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 32KB - Virtual size: 31KB

.reloc
Size: 11KB - Virtual size: 11KB

.text
Size: 176KB - Virtual size: 172KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 8KB - Virtual size: 39KB

.rsrc
Size: 20KB - Virtual size: 16KB

.reloc
Size: 16KB - Virtual size: 15KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 944B

.rsrc
Size: 1024B - Virtual size: 840B

.reloc
Size: 1024B - Virtual size: 750B